Neuter the SSL_set_debug(3) API

The TLSv1.3 stack didn't support this in the first place, and in the legacy
stack it only added some dubious BIO_flush(3) calls. The sleep call between
SSL_read(3) and SSL_write(3) advertised in the comment next to the flag has
been a sleep call in the s_server since time immemorial, nota bene between
calls to BIO_gets(3). Anyway. This can all go and what remains will go with
the next major bump.

ok jsing

1 files changed, 1 insertions, 7 deletions

diff --git a/src/lib/libssl/ssl_srvr.c b/src/lib/libssl/ssl_srvr.c
index a571549b64..f26fde5061 100644
--- a/src/lib/libssl/ssl_srvr.c
+++ b/src/lib/libssl/ssl_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_srvr.c,v 1.157 2023/11/18 10:51:09 tb Exp $ */
+/* $OpenBSD: ssl_srvr.c,v 1.158 2023/12/29 12:24:33 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -740,12 +740,6 @@ ssl3_accept(SSL *s)
                 }
 
                 if (!s->s3->hs.tls12.reuse_message && !skip) {
-                        if (s->debug) {
-                                if ((ret = BIO_flush(s->wbio)) <= 0)
-                                        goto end;
-                        }
-
-
                         if (s->s3->hs.state != state) {
                                 new_state = s->s3->hs.state;
                                 s->s3->hs.state = state;