Unifdef -UPKCS1_CHECK and remove SSL_OP_PKCS1_CHECK_[12], this is leftover

``debug'' code from a 15+ years old bugfix and the SSL_OP_PKCS1_CHECK_* constants have had a value of zero since ages. No production code should use them. ok beck@
author: miod <> 2014-04-23 22:26:26 +0000
committer: miod <> 2014-04-23 22:26:26 +0000
commit: 57f363f2f8ca275d715c73b6a4af0dadbc19d804 (patch)
tree: fdc347c1b6ae5bb862c0b018453022fe0225f681 /src/lib/libssl/d1_clnt.c
parent: 7aa32b6e8c2f36d05bd2d61063dbe667bb62842a (diff)
download: openbsd-57f363f2f8ca275d715c73b6a4af0dadbc19d804.tar.gz
openbsd-57f363f2f8ca275d715c73b6a4af0dadbc19d804.tar.bz2
openbsd-57f363f2f8ca275d715c73b6a4af0dadbc19d804.zip
1 files changed, 0 insertions, 6 deletions
diff --git a/src/lib/libssl/d1_clnt.c b/src/lib/libssl/d1_clnt.c
index cf9bc2d33e..38118b1385 100644
--- a/src/lib/libssl/d1_clnt.c
+++ b/src/lib/libssl/d1_clnt.c
@@ -975,12 +975,6 @@ dtls1_send_client_key_exchange(SSL *s)
                                p += 2;
                        n = RSA_public_encrypt(sizeof tmp_buf,
                        tmp_buf, p, rsa, RSA_PKCS1_PADDING);
-#ifdef PKCS1_CHECK
-                        if (s->options & SSL_OP_PKCS1_CHECK_1)
-                                p[1]++;
-                        if (s->options & SSL_OP_PKCS1_CHECK_2)
-                                tmp_buf[0] = 0x70;
-#endif
                        if (n <= 0) {
                                SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE, SSL_R_BAD_RSA_ENCRYPT);
                                goto err;
author	miod <>	2014-04-23 22:26:26 +0000
committer	miod <>	2014-04-23 22:26:26 +0000
commit	57f363f2f8ca275d715c73b6a4af0dadbc19d804 (patch)
tree	fdc347c1b6ae5bb862c0b018453022fe0225f681 /src/lib/libssl/d1_clnt.c
parent	7aa32b6e8c2f36d05bd2d61063dbe667bb62842a (diff)
download	openbsd-57f363f2f8ca275d715c73b6a4af0dadbc19d804.tar.gz openbsd-57f363f2f8ca275d715c73b6a4af0dadbc19d804.tar.bz2 openbsd-57f363f2f8ca275d715c73b6a4af0dadbc19d804.zip