From 0c8481527354cd5324e6b474cbd1cbe8e36ef4e2 Mon Sep 17 00:00:00 2001
From: doug <>
Date: Thu, 18 Jun 2015 22:51:05 +0000
Subject: Remove Microsoft Server Gated Crypto.

Another relic due to the old US crypto policy.

From OpenSSL commit 63eab8a620944a990ab3985620966ccd9f48d681 and
95275599399e277e71d064790a1f828a99fc661a.

ok jsing@ miod@
---
 src/lib/libssl/ssl3.h | 13 +------------
 1 file changed, 1 insertion(+), 12 deletions(-)

(limited to 'src/lib/libssl/ssl3.h')

diff --git a/src/lib/libssl/ssl3.h b/src/lib/libssl/ssl3.h
index 61f600c55d..265d18810e 100644
--- a/src/lib/libssl/ssl3.h
+++ b/src/lib/libssl/ssl3.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl3.h,v 1.36 2015/02/22 15:54:27 jsing Exp $ */
+/* $OpenBSD: ssl3.h,v 1.37 2015/06/18 22:51:05 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -356,17 +356,6 @@ typedef struct ssl3_buffer_st {
 #define TLS1_FLAGS_KEEP_HANDSHAKE		0x0020
 #define SSL3_FLAGS_CCS_OK			0x0080
 
-/* SSL3_FLAGS_SGC_RESTART_DONE is set when we
- * restart a handshake because of MS SGC and so prevents us
- * from restarting the handshake in a loop. It's reset on a
- * renegotiation, so effectively limits the client to one restart
- * per negotiation. This limits the possibility of a DDoS
- * attack where the client handshakes in a loop using SGC to
- * restart. Servers which permit renegotiation can still be
- * effected, but we can't prevent that.
- */
-#define SSL3_FLAGS_SGC_RESTART_DONE		0x0040
-
 #ifndef OPENSSL_NO_SSL_INTERN
 
 typedef struct ssl3_state_st {
-- 
cgit v1.2.3-55-g6feb