From 478738b6c1a32e580360e52244a9f70a6d84b967 Mon Sep 17 00:00:00 2001
From: tb <>
Date: Fri, 29 Dec 2023 12:24:33 +0000
Subject: Neuter the SSL_set_debug(3) API

The TLSv1.3 stack didn't support this in the first place, and in the legacy
stack it only added some dubious BIO_flush(3) calls. The sleep call between
SSL_read(3) and SSL_write(3) advertised in the comment next to the flag has
been a sleep call in the s_server since time immemorial, nota bene between
calls to BIO_gets(3). Anyway. This can all go and what remains will go with
the next major bump.

ok jsing
---
 src/lib/libssl/ssl_srvr.c | 8 +-------
 1 file changed, 1 insertion(+), 7 deletions(-)

(limited to 'src/lib/libssl/ssl_srvr.c')

diff --git a/src/lib/libssl/ssl_srvr.c b/src/lib/libssl/ssl_srvr.c
index a571549b64..f26fde5061 100644
--- a/src/lib/libssl/ssl_srvr.c
+++ b/src/lib/libssl/ssl_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_srvr.c,v 1.157 2023/11/18 10:51:09 tb Exp $ */
+/* $OpenBSD: ssl_srvr.c,v 1.158 2023/12/29 12:24:33 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -740,12 +740,6 @@ ssl3_accept(SSL *s)
 		}
 
 		if (!s->s3->hs.tls12.reuse_message && !skip) {
-			if (s->debug) {
-				if ((ret = BIO_flush(s->wbio)) <= 0)
-					goto end;
-			}
-
-
 			if (s->s3->hs.state != state) {
 				new_state = s->s3->hs.state;
 				s->s3->hs.state = state;
-- 
cgit v1.2.3-55-g6feb