diff options
| author | doug <> | 2015-07-18 01:42:26 +0000 |
|---|---|---|
| committer | doug <> | 2015-07-18 01:42:26 +0000 |
| commit | 669db20d789c5e90bdf7957c8b9049cfb5a246f6 (patch) | |
| tree | 1a2eafb2edfce20682d1b9504fb22e3bee4c0ab0 /src/lib/libssl/s3_srvr.c | |
| parent | 2003252535d121432ab5d48bef32671b480554cd (diff) | |
| download | openbsd-669db20d789c5e90bdf7957c8b9049cfb5a246f6.tar.gz openbsd-669db20d789c5e90bdf7957c8b9049cfb5a246f6.tar.bz2 openbsd-669db20d789c5e90bdf7957c8b9049cfb5a246f6.zip | |
Remove support for the SSL_OP_TLS_D5_BUG compat hack from SSLeay.
This is a 17 year old workaround from SSLeay 0.9.0b. It was for
clients that send RSA client key exchange in TLS using SSLv3 format
(no length prefix).
ok jsing@
Diffstat (limited to '')
| -rw-r--r-- | src/lib/libssl/s3_srvr.c | 12 |
1 files changed, 4 insertions, 8 deletions
diff --git a/src/lib/libssl/s3_srvr.c b/src/lib/libssl/s3_srvr.c index e70f8af440..cd5bc2a6cb 100644 --- a/src/lib/libssl/s3_srvr.c +++ b/src/lib/libssl/s3_srvr.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_srvr.c,v 1.110 2015/07/14 05:16:47 doug Exp $ */ | 1 | /* $OpenBSD: s3_srvr.c,v 1.111 2015/07/18 01:42:26 doug Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -1708,13 +1708,9 @@ ssl3_get_client_key_exchange(SSL *s) | |||
| 1708 | goto truncated; | 1708 | goto truncated; |
| 1709 | n2s(p, i); | 1709 | n2s(p, i); |
| 1710 | if (n != i + 2) { | 1710 | if (n != i + 2) { |
| 1711 | if (!(s->options & SSL_OP_TLS_D5_BUG)) { | 1711 | SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, |
| 1712 | SSLerr( | 1712 | SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG); |
| 1713 | SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, | 1713 | goto err; |
| 1714 | SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG); | ||
| 1715 | goto err; | ||
| 1716 | } else | ||
| 1717 | p -= 2; | ||
| 1718 | } else | 1714 | } else |
| 1719 | n = i; | 1715 | n = i; |
| 1720 | } | 1716 | } |