summaryrefslogtreecommitdiff
path: root/src/lib/libssl/ssl_lib.c
diff options
context:
space:
mode:
authordoug <>2015-08-27 06:21:15 +0000
committerdoug <>2015-08-27 06:21:15 +0000
commit86bf43c0754f7de02e216a110bff784aace5fea7 (patch)
treeedcaf86fcb7a4c7c49e4f2bbefde1665cfd57458 /src/lib/libssl/ssl_lib.c
parent9b2397328086b49e1f5d15b4248c6aa164c42a4d (diff)
downloadopenbsd-86bf43c0754f7de02e216a110bff784aace5fea7.tar.gz
openbsd-86bf43c0754f7de02e216a110bff784aace5fea7.tar.bz2
openbsd-86bf43c0754f7de02e216a110bff784aace5fea7.zip
Remove SSLv3 support from LibreSSL.
This is the first wave of SSLv3 removal which removes the main SSLv3 functions. Future commits will remove the rest of the SSLv3 support. Discussed the plan at c2k15. Input from jsing@, beck@, miod@, bcook@, sthen@, naddy@, and deraadt@. ok jsing@, beck@
Diffstat (limited to 'src/lib/libssl/ssl_lib.c')
-rw-r--r--src/lib/libssl/ssl_lib.c7
1 files changed, 1 insertions, 6 deletions
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
index 629ad03554..a93c16de65 100644
--- a/src/lib/libssl/ssl_lib.c
+++ b/src/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_lib.c,v 1.105 2015/07/19 20:32:18 doug Exp $ */ 1/* $OpenBSD: ssl_lib.c,v 1.106 2015/08/27 06:21:15 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -2549,8 +2549,6 @@ ssl_version_string(int ver)
2549 return (SSL_TXT_DTLS1_BAD); 2549 return (SSL_TXT_DTLS1_BAD);
2550 case DTLS1_VERSION: 2550 case DTLS1_VERSION:
2551 return (SSL_TXT_DTLS1); 2551 return (SSL_TXT_DTLS1);
2552 case SSL3_VERSION:
2553 return (SSL_TXT_SSLV3);
2554 case TLS1_VERSION: 2552 case TLS1_VERSION:
2555 return (SSL_TXT_TLSV1); 2553 return (SSL_TXT_TLSV1);
2556 case TLS1_1_VERSION: 2554 case TLS1_1_VERSION:
@@ -2591,9 +2589,6 @@ ssl_max_server_version(SSL *s)
2591 if ((s->options & SSL_OP_NO_TLSv1) == 0 && 2589 if ((s->options & SSL_OP_NO_TLSv1) == 0 &&
2592 max_version >= TLS1_VERSION) 2590 max_version >= TLS1_VERSION)
2593 return (TLS1_VERSION); 2591 return (TLS1_VERSION);
2594 if ((s->options & SSL_OP_NO_SSLv3) == 0 &&
2595 max_version >= SSL3_VERSION)
2596 return (SSL3_VERSION);
2597 2592
2598 return (0); 2593 return (0);
2599} 2594}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-27 02:38:25 +0000