1 files changed, 3 insertions, 18 deletions

diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h
index 7219a0e64b..8b0c2a2dac 100644
--- a/src/lib/libssl/ssl.h
+++ b/src/lib/libssl/ssl.h
@@ -493,9 +493,6 @@ struct ssl_session_st
         char *psk_identity_hint;
         char *psk_identity;
 #endif
-        /* Used to indicate that session resumption is not allowed.
-         * Applications can also set this bit for a new session via
-         * not_resumable_session_cb to disable session caching and tickets. */
         int not_resumable;
 
         /* The cert is the certificate used to establish this connection */
@@ -538,7 +535,7 @@ struct ssl_session_st
 #endif /* OPENSSL_NO_EC */
         /* RFC4507 info */
         unsigned char *tlsext_tick;     /* Session ticket */
-        size_t tlsext_ticklen;          /* Session ticket length */
+        size_t  tlsext_ticklen;         /* Session ticket length */     
         long tlsext_tick_lifetime_hint; /* Session lifetime hint in seconds */
 #endif
 #ifndef OPENSSL_NO_SRP
@@ -555,14 +552,11 @@ struct ssl_session_st
 #define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG         0x00000008L
 #define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG              0x00000010L
 #define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER               0x00000020L
-#define SSL_OP_SAFARI_ECDHE_ECDSA_BUG                   0x00000040L
+#define SSL_OP_MSIE_SSLV2_RSA_PADDING                   0x00000040L /* no effect since 0.9.7h and 0.9.8b */
 #define SSL_OP_SSLEAY_080_CLIENT_DH_BUG                 0x00000080L
 #define SSL_OP_TLS_D5_BUG                               0x00000100L
 #define SSL_OP_TLS_BLOCK_PADDING_BUG                    0x00000200L
 
-/* Hasn't done anything since OpenSSL 0.9.7h, retained for compatibility */
-#define SSL_OP_MSIE_SSLV2_RSA_PADDING                   0x0
-
 /* Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added
  * in OpenSSL 0.9.6d.  Usually (depending on the application protocol)
  * the workaround is not needed.  Unfortunately some broken SSL/TLS
@@ -644,12 +638,6 @@ struct ssl_session_st
  * TLS only.)  "Released" buffers are put onto a free-list in the context
  * or just freed (depending on the context's setting for freelist_max_len). */
 #define SSL_MODE_RELEASE_BUFFERS 0x00000010L
-/* Send the current time in the Random fields of the ClientHello and
- * ServerHello records for compatibility with hypothetical implementations
- * that require it.
- */
-#define SSL_MODE_SEND_CLIENTHELLO_TIME 0x00000020L
-#define SSL_MODE_SEND_SERVERHELLO_TIME 0x00000040L
 
 /* Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value,
  * they cannot be used to clear bits. */
@@ -915,7 +903,7 @@ struct ssl_ctx_st
          */
         unsigned int max_send_fragment;
 
-#ifndef OPENSSL_NO_ENGINE
+#ifndef OPENSSL_ENGINE
         /* Engine to pass requests for client certs to
          */
         ENGINE *client_cert_engine;
@@ -939,7 +927,6 @@ struct ssl_ctx_st
         /* Callback for status request */
         int (*tlsext_status_cb)(SSL *ssl, void *arg);
         void *tlsext_status_arg;
-
         /* draft-rescorla-tls-opaque-prf-input-00.txt information */
         int (*tlsext_opaque_prf_input_callback)(SSL *, void *peerinput, size_t len, void *arg);
         void *tlsext_opaque_prf_input_callback_arg;
@@ -965,7 +952,6 @@ struct ssl_ctx_st
 #endif
 
 #ifndef OPENSSL_NO_TLSEXT
-
 # ifndef OPENSSL_NO_NEXTPROTONEG
         /* Next protocol negotiation information */
         /* (for experimental NPN extension). */
@@ -2220,7 +2206,6 @@ void ERR_load_SSL_strings(void);
 #define SSL_F_SSL_GET_NEW_SESSION                        181
 #define SSL_F_SSL_GET_PREV_SESSION                       217
 #define SSL_F_SSL_GET_SERVER_SEND_CERT                   182
-#define SSL_F_SSL_GET_SERVER_SEND_PKEY                   317
 #define SSL_F_SSL_GET_SIGN_PKEY                          183
 #define SSL_F_SSL_INIT_WBIO_BUFFER                       184
 #define SSL_F_SSL_LOAD_CLIENT_CA_FILE                    185