From: miod <miod@openbsd.org>
Date: Thu, 24 Apr 2014 19:54:04 +0000 (+0000)
Subject: Bring back the SSL_OP_PKCS1_CHECK_* defines (defined to zero, as they already
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=f35047af5de278fab9c5151dc74aa4e0cd5e5468;p=openbsd

Bring back the SSL_OP_PKCS1_CHECK_* defines (defined to zero, as they already
were), after stumbling upon code (mis)using them in the wild.
---

diff --git a/lib/libssl/src/ssl/ssl.h b/lib/libssl/src/ssl/ssl.h
index d3c7908a26c..cc77a8f2bd1 100644
--- a/lib/libssl/src/ssl/ssl.h
+++ b/lib/libssl/src/ssl/ssl.h
@@ -599,6 +599,10 @@ struct ssl_session_st {
 #define SSL_OP_NO_TLSv1_2				0x08000000L
 #define SSL_OP_NO_TLSv1_1				0x10000000L
 
+/* Obsolete flags kept for compatibility. No sane code should use them. */
+#define SSL_OP_PKCS1_CHECK_1				0x0
+#define SSL_OP_PKCS1_CHECK_2				0x0
+
 #define SSL_OP_NETSCAPE_CA_DN_BUG			0x20000000L
 #define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG		0x40000000L
 /* Make server add server-hello extension from early version of
diff --git a/lib/libssl/ssl.h b/lib/libssl/ssl.h
index d3c7908a26c..cc77a8f2bd1 100644
--- a/lib/libssl/ssl.h
+++ b/lib/libssl/ssl.h
@@ -599,6 +599,10 @@ struct ssl_session_st {
 #define SSL_OP_NO_TLSv1_2				0x08000000L
 #define SSL_OP_NO_TLSv1_1				0x10000000L
 
+/* Obsolete flags kept for compatibility. No sane code should use them. */
+#define SSL_OP_PKCS1_CHECK_1				0x0
+#define SSL_OP_PKCS1_CHECK_2				0x0
+
 #define SSL_OP_NETSCAPE_CA_DN_BUG			0x20000000L
 #define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG		0x40000000L
 /* Make server add server-hello extension from early version of