Remove last vestige of SSL_OP_NO_SSLv3 support.

No part of LibreSSL checks for this flag any longer.

ok jsing@

diff --git a/lib/libssl/src/ssl/ssl_lib.c b/lib/libssl/src/ssl/ssl_lib.c
index d37f305..5b9b952 100644 (file)
--- a/lib/libssl/src/ssl/ssl_lib.c
+++ b/lib/libssl/src/ssl/ssl_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_lib.c,v 1.115 2015/10/19 17:59:39 beck Exp $ */
+/* $OpenBSD: ssl_lib.c,v 1.116 2015/10/25 15:52:49 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1900,9 +1900,6 @@ SSL_CTX_new(const SSL_METHOD *meth)
         */
        ret->options |= SSL_OP_LEGACY_SERVER_CONNECT;
 
-       /* Disable SSLv3 by default. */
-       ret->options |= SSL_OP_NO_SSLv3;
-
        return (ret);
 err:
        SSLerr(SSL_F_SSL_CTX_NEW, ERR_R_MALLOC_FAILURE);

diff --git a/lib/libssl/ssl_lib.c b/lib/libssl/ssl_lib.c
index d37f305..5b9b952 100644 (file)
--- a/lib/libssl/ssl_lib.c
+++ b/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_lib.c,v 1.115 2015/10/19 17:59:39 beck Exp $ */
+/* $OpenBSD: ssl_lib.c,v 1.116 2015/10/25 15:52:49 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1900,9 +1900,6 @@ SSL_CTX_new(const SSL_METHOD *meth)
         */
        ret->options |= SSL_OP_LEGACY_SERVER_CONNECT;
 
-       /* Disable SSLv3 by default. */
-       ret->options |= SSL_OP_NO_SSLv3;
-
        return (ret);
 err:
        SSLerr(SSL_F_SSL_CTX_NEW, ERR_R_MALLOC_FAILURE);