From 7f2d6dc6af99690299b2a423c25d0d7240957c6f Mon Sep 17 00:00:00 2001
From: doug <>
Date: Sat, 18 Jul 2015 19:41:54 +0000
Subject: Remove SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER workaround.

This was a hack to work around problems on IE 6 with SSLv3.

ok miod@ bcook@
---
 src/lib/libssl/s3_pkt.c | 21 ++++-----------------
 1 file changed, 4 insertions(+), 17 deletions(-)

(limited to 'src/lib/libssl/s3_pkt.c')

diff --git a/src/lib/libssl/s3_pkt.c b/src/lib/libssl/s3_pkt.c
index 117e6ec2da..1e94bf437e 100644
--- a/src/lib/libssl/s3_pkt.c
+++ b/src/lib/libssl/s3_pkt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_pkt.c,v 1.54 2014/12/14 21:49:29 bcook Exp $ */
+/* $OpenBSD: s3_pkt.c,v 1.55 2015/07/18 19:41:54 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -284,23 +284,10 @@ ssl3_get_record(SSL *s)
 	unsigned char md[EVP_MAX_MD_SIZE];
 	short version;
 	unsigned mac_size, orig_len;
-	size_t extra;
 
 	rr = &(s->s3->rrec);
 	sess = s->session;
 
-	if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER)
-		extra = SSL3_RT_MAX_EXTRA;
-	else
-		extra = 0;
-
-	if (extra && !s->s3->init_extra) {
-		/* An application error: SLS_OP_MICROSOFT_BIG_SSLV3_BUFFER
-		 * set after ssl3_setup_buffers() was done */
-		SSLerr(SSL_F_SSL3_GET_RECORD, ERR_R_INTERNAL_ERROR);
-		return -1;
-	}
-
 again:
 	/* check if we have the header */
 	if ((s->rstate != SSL_ST_READ_BODY) ||
@@ -379,7 +366,7 @@ again:
 	 * rr->length bytes of encrypted compressed stuff. */
 
 	/* check is not needed I believe */
-	if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH + extra) {
+	if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH) {
 		al = SSL_AD_RECORD_OVERFLOW;
 		SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_ENCRYPTED_LENGTH_TOO_LONG);
 		goto f_err;
@@ -449,7 +436,7 @@ again:
 		    timingsafe_memcmp(md, mac, (size_t)mac_size) != 0)
 			enc_err = -1;
 		if (rr->length >
-		    SSL3_RT_MAX_COMPRESSED_LENGTH + extra + mac_size)
+		    SSL3_RT_MAX_COMPRESSED_LENGTH + mac_size)
 			enc_err = -1;
 	}
 
@@ -468,7 +455,7 @@ again:
 		goto f_err;
 	}
 
-	if (rr->length > SSL3_RT_MAX_PLAIN_LENGTH + extra) {
+	if (rr->length > SSL3_RT_MAX_PLAIN_LENGTH) {
 		al = SSL_AD_RECORD_OVERFLOW;
 		SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_DATA_LENGTH_TOO_LONG);
 		goto f_err;
-- 
cgit v1.2.3-55-g6feb