From 7560cd6b70a56d383514ea4d46091a8dc189fbf1 Mon Sep 17 00:00:00 2001
From: tb <>
Date: Sat, 3 Feb 2024 18:03:49 +0000
Subject: Remove last peeking at TLS1_FLAGS_SKIP_CERT_VERIFY

This was used for some GOST weirdness. The flag is unused in ports and
there is no user in Debian's codesearch.

ok beck
---
 src/lib/libssl/ssl_clnt.c | 8 +-------
 1 file changed, 1 insertion(+), 7 deletions(-)

(limited to 'src/lib')

diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c
index 56fb9ba1c7..feb29ee4a5 100644
--- a/src/lib/libssl/ssl_clnt.c
+++ b/src/lib/libssl/ssl_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_clnt.c,v 1.164 2024/02/03 15:58:33 beck Exp $ */
+/* $OpenBSD: ssl_clnt.c,v 1.165 2024/02/03 18:03:49 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -455,12 +455,6 @@ ssl3_connect(SSL *s)
 				s->s3->hs.state = SSL3_ST_CW_CHANGE_A;
 				s->s3->change_cipher_spec = 0;
 			}
-			if (!SSL_is_dtls(s)) {
-				if (s->s3->flags & TLS1_FLAGS_SKIP_CERT_VERIFY) {
-					s->s3->hs.state = SSL3_ST_CW_CHANGE_A;
-					s->s3->change_cipher_spec = 0;
-				}
-			}
 
 			s->init_num = 0;
 			break;
-- 
cgit v1.2.3-55-g6feb