artulab
projects / openbsd / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 4750df1)
Bring back the SSL_OP_PKCS1_CHECK_* defines (defined to zero, as they already
authormiod <miod@openbsd.org>
Thu, 24 Apr 2014 19:54:04 +0000 (19:54 +0000)
committermiod <miod@openbsd.org>
Thu, 24 Apr 2014 19:54:04 +0000 (19:54 +0000)
were), after stumbling upon code (mis)using them in the wild.

lib/libssl/src/ssl/ssl.h patch | blob | history
lib/libssl/ssl.h patch | blob | history

diff --git a/lib/libssl/src/ssl/ssl.h b/lib/libssl/src/ssl/ssl.h
index d3c7908..cc77a8f 100644 (file)
--- a/lib/libssl/src/ssl/ssl.h
+++ b/lib/libssl/src/ssl/ssl.h
@@ -599,6 +599,10 @@ struct ssl_session_st {
 #define SSL_OP_NO_TLSv1_2                              0x08000000L
 #define SSL_OP_NO_TLSv1_1                              0x10000000L
 
+/* Obsolete flags kept for compatibility. No sane code should use them. */
+#define SSL_OP_PKCS1_CHECK_1                           0x0
+#define SSL_OP_PKCS1_CHECK_2                           0x0
+
 #define SSL_OP_NETSCAPE_CA_DN_BUG                      0x20000000L
 #define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG         0x40000000L
 /* Make server add server-hello extension from early version of
diff --git a/lib/libssl/ssl.h b/lib/libssl/ssl.h
index d3c7908..cc77a8f 100644 (file)
--- a/lib/libssl/ssl.h
+++ b/lib/libssl/ssl.h
@@ -599,6 +599,10 @@ struct ssl_session_st {
 #define SSL_OP_NO_TLSv1_2                              0x08000000L
 #define SSL_OP_NO_TLSv1_1                              0x10000000L
 
+/* Obsolete flags kept for compatibility. No sane code should use them. */
+#define SSL_OP_PKCS1_CHECK_1                           0x0
+#define SSL_OP_PKCS1_CHECK_2                           0x0
+
 #define SSL_OP_NETSCAPE_CA_DN_BUG                      0x20000000L
 #define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG         0x40000000L
 /* Make server add server-hello extension from early version of
OpenBSD src
by Ahmet Artu Yildirim