From 3acca83fee3a8f95b7dd5cdc6f869197c5065ca0 Mon Sep 17 00:00:00 2001 From: doug Date: Sun, 25 Oct 2015 15:58:57 +0000 Subject: [PATCH] Mark SSL_OP_NO_{COMPRESSION,SSLv2,SSLv3} as obsolete. For backward compatibility, the flags are redefined as 0. ok jsing@ --- lib/libssl/src/ssl/ssl.h | 9 ++++----- lib/libssl/ssl.h | 9 ++++----- 2 files changed, 8 insertions(+), 10 deletions(-) diff --git a/lib/libssl/src/ssl/ssl.h b/lib/libssl/src/ssl/ssl.h index 7c815df8e16..6a03da5c0b7 100644 --- a/lib/libssl/src/ssl/ssl.h +++ b/lib/libssl/src/ssl/ssl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl.h,v 1.94 2015/09/10 17:57:50 jsing Exp $ */ +/* $OpenBSD: ssl.h,v 1.95 2015/10/25 15:58:57 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -537,8 +537,6 @@ struct ssl_session_st { /* As server, disallow session resumption on renegotiation */ #define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0x00010000L -/* Don't use compression even if supported */ -#define SSL_OP_NO_COMPRESSION 0x00020000L /* If set, always create a new key when using tmp_ecdh parameters */ #define SSL_OP_SINGLE_ECDH_USE 0x00080000L /* If set, always create a new key when using tmp_dh parameters */ @@ -552,8 +550,6 @@ struct ssl_session_st { * forbidden to prevent version rollback attacks. */ #define SSL_OP_TLS_ROLLBACK_BUG 0x00800000L -#define SSL_OP_NO_SSLv2 0x01000000L -#define SSL_OP_NO_SSLv3 0x02000000L #define SSL_OP_NO_TLSv1 0x04000000L #define SSL_OP_NO_TLSv1_2 0x08000000L #define SSL_OP_NO_TLSv1_1 0x10000000L @@ -588,6 +584,9 @@ struct ssl_session_st { #define SSL_OP_TLS_D5_BUG 0x0 #define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x0 #define SSL_OP_CISCO_ANYCONNECT 0x0 +#define SSL_OP_NO_COMPRESSION 0x0 +#define SSL_OP_NO_SSLv2 0x0 +#define SSL_OP_NO_SSLv3 0x0 /* Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success * when just a single record has been written): */ diff --git a/lib/libssl/ssl.h b/lib/libssl/ssl.h index 7c815df8e16..6a03da5c0b7 100644 --- a/lib/libssl/ssl.h +++ b/lib/libssl/ssl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl.h,v 1.94 2015/09/10 17:57:50 jsing Exp $ */ +/* $OpenBSD: ssl.h,v 1.95 2015/10/25 15:58:57 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -537,8 +537,6 @@ struct ssl_session_st { /* As server, disallow session resumption on renegotiation */ #define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0x00010000L -/* Don't use compression even if supported */ -#define SSL_OP_NO_COMPRESSION 0x00020000L /* If set, always create a new key when using tmp_ecdh parameters */ #define SSL_OP_SINGLE_ECDH_USE 0x00080000L /* If set, always create a new key when using tmp_dh parameters */ @@ -552,8 +550,6 @@ struct ssl_session_st { * forbidden to prevent version rollback attacks. */ #define SSL_OP_TLS_ROLLBACK_BUG 0x00800000L -#define SSL_OP_NO_SSLv2 0x01000000L -#define SSL_OP_NO_SSLv3 0x02000000L #define SSL_OP_NO_TLSv1 0x04000000L #define SSL_OP_NO_TLSv1_2 0x08000000L #define SSL_OP_NO_TLSv1_1 0x10000000L @@ -588,6 +584,9 @@ struct ssl_session_st { #define SSL_OP_TLS_D5_BUG 0x0 #define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x0 #define SSL_OP_CISCO_ANYCONNECT 0x0 +#define SSL_OP_NO_COMPRESSION 0x0 +#define SSL_OP_NO_SSLv2 0x0 +#define SSL_OP_NO_SSLv3 0x0 /* Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success * when just a single record has been written): */ -- 2.20.1