From a56cd64072f7062672fbc04345ac7bed25aef5f2 Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Fri, 6 Feb 2015 10:04:07 +0000
Subject: Unifdef NETSCAPE_HANG_BUG.
If you're still using a buggy version of Netscape from 2000, for HTTPS with
client certificates, it is probably a good time to find a new browser.
"kill it softly... with napalm and kisses" miod@
---
src/lib/libssl/s3_srvr.c | 23 +----------------------
src/lib/libssl/src/ssl/s3_srvr.c | 23 +----------------------
2 files changed, 2 insertions(+), 44 deletions(-)
(limited to 'src')
diff --git a/src/lib/libssl/s3_srvr.c b/src/lib/libssl/s3_srvr.c
index e16eb6f5d0..4a2fdf1a23 100644
--- a/src/lib/libssl/s3_srvr.c
+++ b/src/lib/libssl/s3_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_srvr.c,v 1.97 2015/02/06 08:30:23 jsing Exp $ */
+/* $OpenBSD: s3_srvr.c,v 1.98 2015/02/06 10:04:07 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -149,7 +149,6 @@
*/
#define REUSE_CIPHER_BUG
-#define NETSCAPE_HANG_BUG
#include <stdio.h>
@@ -461,12 +460,7 @@ ssl3_accept(SSL *s)
ret = ssl3_send_certificate_request(s);
if (ret <= 0)
goto end;
-#ifndef NETSCAPE_HANG_BUG
s->state = SSL3_ST_SW_SRVR_DONE_A;
-#else
- s->state = SSL3_ST_SW_FLUSH;
- s->s3->tmp.next_state = SSL3_ST_SR_CERT_A;
-#endif
s->init_num = 0;
}
break;
@@ -1772,21 +1766,6 @@ ssl3_send_certificate_request(SSL *s)
/* we should now have things packed up, so lets send it off */
s->init_num = n + 4;
s->init_off = 0;
-#ifdef NETSCAPE_HANG_BUG
- if (!BUF_MEM_grow(buf, s->init_num + 4)) {
- SSLerr(SSL_F_SSL3_SEND_CERTIFICATE_REQUEST,
- ERR_R_BUF_LIB);
- goto err;
- }
- p = (unsigned char *)buf->data + s->init_num;
-
- /* do the header */
- *(p++) = SSL3_MT_SERVER_DONE;
- *(p++) = 0;
- *(p++) = 0;
- *(p++) = 0;
- s->init_num += 4;
-#endif
s->state = SSL3_ST_SW_CERT_REQ_B;
}
diff --git a/src/lib/libssl/src/ssl/s3_srvr.c b/src/lib/libssl/src/ssl/s3_srvr.c
index e16eb6f5d0..4a2fdf1a23 100644
--- a/src/lib/libssl/src/ssl/s3_srvr.c
+++ b/src/lib/libssl/src/ssl/s3_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_srvr.c,v 1.97 2015/02/06 08:30:23 jsing Exp $ */
+/* $OpenBSD: s3_srvr.c,v 1.98 2015/02/06 10:04:07 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -149,7 +149,6 @@
*/
#define REUSE_CIPHER_BUG
-#define NETSCAPE_HANG_BUG
#include <stdio.h>
@@ -461,12 +460,7 @@ ssl3_accept(SSL *s)
ret = ssl3_send_certificate_request(s);
if (ret <= 0)
goto end;
-#ifndef NETSCAPE_HANG_BUG
s->state = SSL3_ST_SW_SRVR_DONE_A;
-#else
- s->state = SSL3_ST_SW_FLUSH;
- s->s3->tmp.next_state = SSL3_ST_SR_CERT_A;
-#endif
s->init_num = 0;
}
break;
@@ -1772,21 +1766,6 @@ ssl3_send_certificate_request(SSL *s)
/* we should now have things packed up, so lets send it off */
s->init_num = n + 4;
s->init_off = 0;
-#ifdef NETSCAPE_HANG_BUG
- if (!BUF_MEM_grow(buf, s->init_num + 4)) {
- SSLerr(SSL_F_SSL3_SEND_CERTIFICATE_REQUEST,
- ERR_R_BUF_LIB);
- goto err;
- }
- p = (unsigned char *)buf->data + s->init_num;
-
- /* do the header */
- *(p++) = SSL3_MT_SERVER_DONE;
- *(p++) = 0;
- *(p++) = 0;
- *(p++) = 0;
- s->init_num += 4;
-#endif
s->state = SSL3_ST_SW_CERT_REQ_B;
}
--
cgit v1.2.3-55-g6feb