Remove SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER workaround.

This was a hack to work around problems on IE 6 with SSLv3.

ok miod@ bcook@

1 files changed, 2 insertions, 3 deletions

diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h
index 7d3e3c8171..0a0a711a20 100644
--- a/src/lib/libssl/ssl.h
+++ b/src/lib/libssl/ssl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl.h,v 1.90 2015/07/18 01:42:26 doug Exp $ */
+/* $OpenBSD: ssl.h,v 1.91 2015/07/18 19:41:54 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -519,7 +519,6 @@ struct ssl_session_st {
 /* Allow initial connection to servers that don't support RI */
 #define SSL_OP_LEGACY_SERVER_CONNECT                    0x00000004L
 #define SSL_OP_TLSEXT_PADDING                           0x00000010L
-#define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER               0x00000020L
 
 /* Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added
  * in OpenSSL 0.9.6d.  Usually (depending on the application protocol)
@@ -572,7 +571,6 @@ struct ssl_session_st {
 #define SSL_OP_ALL \
     (SSL_OP_LEGACY_SERVER_CONNECT | \
      SSL_OP_TLSEXT_PADDING | \
-     SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER | \
      SSL_OP_CRYPTOPRO_TLSEXT_BUG)
 
 /* Obsolete flags kept for compatibility. No sane code should use them. */
@@ -591,6 +589,7 @@ struct ssl_session_st {
 #define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG              0x0
 #define SSL_OP_TLS_BLOCK_PADDING_BUG                    0x0
 #define SSL_OP_TLS_D5_BUG                               0x0
+#define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER               0x0
 
 /* Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success
  * when just a single record has been written): */