From 489dbb57ee3abd9d28ef0c63007d420b6a34b1f4 Mon Sep 17 00:00:00 2001
From: doug <>
Date: Fri, 17 Jul 2015 07:04:41 +0000
Subject: Remove workaround for TLS padding bug from SSLeay days.

OpenSSL doesn't remember which clients were impacted and the
functionality has been broken in their stable releases for 2 years.

Based on OpenSSL commit a8e4ac6a2fe67c19672ecf0c6aeafa15801ce3a5.

ok jsing@
---
 src/lib/libssl/t1_enc.c | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

(limited to 'src/lib/libssl/t1_enc.c')

diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c
index b48e248b23..5cd1688a37 100644
--- a/src/lib/libssl/t1_enc.c
+++ b/src/lib/libssl/t1_enc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_enc.c,v 1.78 2015/06/17 14:27:56 jsing Exp $ */
+/* $OpenBSD: t1_enc.c,v 1.79 2015/07/17 07:04:41 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -875,10 +875,6 @@ tls1_enc(SSL *s, int send)
 
 			/* we need to add 'i' padding bytes of value j */
 			j = i - 1;
-			if (s->options & SSL_OP_TLS_BLOCK_PADDING_BUG) {
-				if (s->s3->flags & TLS1_FLAGS_TLS_PADDING_BUG)
-					j++;
-			}
 			for (k = (int)l; k < (int)(l + i); k++)
 				rec->input[k] = j;
 			l += i;
-- 
cgit v1.2.3-55-g6feb