diff options
| author | Lutz Jänicke <jaenicke@openssl.org> | 2001-08-01 10:06:32 +0000 |
|---|---|---|
| committer | Lutz Jänicke <jaenicke@openssl.org> | 2001-08-01 10:06:32 +0000 |
| commit | d92f0bb6e9ed94ac0c3aa0c939f2565f2ed95935 (patch) | |
| tree | 84b4e52587111d63d5440565672bbf8a6038cdb0 /ssl/s23_srvr.c | |
| parent | 710e5d5639c8f943d73f49733382c1b787d1abb6 (diff) | |
| download | openssl-d92f0bb6e9ed94ac0c3aa0c939f2565f2ed95935.zip openssl-d92f0bb6e9ed94ac0c3aa0c939f2565f2ed95935.tar.gz openssl-d92f0bb6e9ed94ac0c3aa0c939f2565f2ed95935.tar.bz2 | |
Remove SSL_OP_NON_EXPORT_FIRST:
It did not work, it was deactivated by #if 0/#endif anyway _and_ we now have
the working SSL_OP_CIPHER_SERVER_PREFERENCE.
Diffstat (limited to 'ssl/s23_srvr.c')
| -rw-r--r-- | ssl/s23_srvr.c | 66 |
1 files changed, 0 insertions, 66 deletions
diff --git a/ssl/s23_srvr.c b/ssl/s23_srvr.c index 131054b..e0abbaf 100644 --- a/ssl/s23_srvr.c +++ b/ssl/s23_srvr.c @@ -270,72 +270,6 @@ int ssl23_get_client_hello(SSL *s) else if (!(s->options & SSL_OP_NO_SSLv2)) type=1; - if (s->options & SSL_OP_NON_EXPORT_FIRST) - /* Not only utterly confusing, but broken - * ('fractured programming'?) -- the details - * of this block nearly make it work - * as intended in this environment, but on one - * of the fine points (w.r.t. restarts) it fails. - * The obvious fix would be even more devastating - * to program structure; if you want the functionality, - * throw this away and implement it in a way - * that makes sense */ - { -#if 0 - STACK_OF(SSL_CIPHER) *sk; - SSL_CIPHER *c; - int ne2,ne3; - - j=((p[0]&0x7f)<<8)|p[1]; - if (j > (1024*4)) - { - SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_LARGE); - goto err; - } - - n=ssl23_read_bytes(s,j+2); - if (n <= 0) return(n); - p=s->packet; - - if ((buf=OPENSSL_malloc(n)) == NULL) - { - SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,ERR_R_MALLOC_FAILURE); - goto err; - } - memcpy(buf,p,n); - - p+=5; - n2s(p,csl); - p+=4; - - sk=ssl_bytes_to_cipher_list( - s,p,csl,NULL); - if (sk != NULL) - { - ne2=ne3=0; - for (j=0; j<sk_SSL_CIPHER_num(sk); j++) - { - c=sk_SSL_CIPHER_value(sk,j); - if (!SSL_C_IS_EXPORT(c)) - { - if ((c->id>>24L) == 2L) - ne2=1; - else - ne3=1; - } - } - if (ne2 && !ne3) - { - type=1; - use_sslv2_strong=1; - goto next_bit; - } - } -#else - SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNSUPPORTED_OPTION); - goto err; -#endif - } } } else if ((p[0] == SSL3_RT_HANDSHAKE) && |