Stop pandering to the loadbalancer industrial complex.
So we initially kept this hack around for f5 boxes that
should have been patched in 2014, and were not as of 2017.
The f5 article for the bug archived on their web site,
and any of these devices on the public internet will have
since been upgraded to deal with a host of record layer, TLS,
and other bugs, or they likely won't be talking to modern
stacks, since as of this point the software with the bug
would not have been updated in 10 years.
So just make this spec compliant and reject a supported groups
extension that should not have been sent by a server.
ok tb@ jsing@
projects / openbsd / commit