From 8d807197744f8948507d052b469ce93533665f25 Mon Sep 17 00:00:00 2001 From: tb Date: Sat, 3 Feb 2024 18:03:49 +0000 Subject: [PATCH] Remove last peeking at TLS1_FLAGS_SKIP_CERT_VERIFY This was used for some GOST weirdness. The flag is unused in ports and there is no user in Debian's codesearch. ok beck --- lib/libssl/ssl_clnt.c | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/lib/libssl/ssl_clnt.c b/lib/libssl/ssl_clnt.c index 56fb9ba1c7e..feb29ee4a58 100644 --- a/lib/libssl/ssl_clnt.c +++ b/lib/libssl/ssl_clnt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_clnt.c,v 1.164 2024/02/03 15:58:33 beck Exp $ */ +/* $OpenBSD: ssl_clnt.c,v 1.165 2024/02/03 18:03:49 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -455,12 +455,6 @@ ssl3_connect(SSL *s) s->s3->hs.state = SSL3_ST_CW_CHANGE_A; s->s3->change_cipher_spec = 0; } - if (!SSL_is_dtls(s)) { - if (s->s3->flags & TLS1_FLAGS_SKIP_CERT_VERIFY) { - s->s3->hs.state = SSL3_ST_CW_CHANGE_A; - s->s3->change_cipher_spec = 0; - } - } s->init_num = 0; break; -- 2.20.1