3571e53040
patches for easier mirroring, to eliminate a special copy, to make www.freebsd.org/security a full copy of security.freebsd.org and be eventually be the same. For now files are just sitting there. The symlinks are missing. Discussed on: www (repository location) Discussed with: simon (so)
28 lines
966 B
Diff
28 lines
966 B
Diff
Index: crypto/openssl/ssl/s23_srvr.c
|
|
===================================================================
|
|
RCS file: /home/ncvs/src/crypto/openssl/ssl/s23_srvr.c,v
|
|
retrieving revision 1.7
|
|
diff -u -p -r1.7 s23_srvr.c
|
|
--- crypto/openssl/ssl/s23_srvr.c 28 Jan 2003 22:34:21 -0000 1.7
|
|
+++ crypto/openssl/ssl/s23_srvr.c 10 Oct 2005 16:39:19 -0000
|
|
@@ -268,9 +268,6 @@ int ssl23_get_client_hello(SSL *s)
|
|
int n=0,j;
|
|
int type=0;
|
|
int v[2];
|
|
-#ifndef OPENSSL_NO_RSA
|
|
- int use_sslv2_strong=0;
|
|
-#endif
|
|
|
|
if (s->state == SSL23_ST_SR_CLNT_HELLO_A)
|
|
{
|
|
@@ -519,9 +516,7 @@ int ssl23_get_client_hello(SSL *s)
|
|
}
|
|
|
|
s->state=SSL2_ST_GET_CLIENT_HELLO_A;
|
|
- if ((s->options & SSL_OP_MSIE_SSLV2_RSA_PADDING) ||
|
|
- use_sslv2_strong ||
|
|
- (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3))
|
|
+ if (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3)
|
|
s->s2->ssl2_rollback=0;
|
|
else
|
|
/* reject SSL 2.0 session if client supports SSL 3.0 or TLS 1.0
|