summaryrefslogtreecommitdiffstats
path: root/lib/libssl/src/apps
diff options
context:
space:
mode:
authormiod <miod@openbsd.org>2014-06-13 04:29:13 +0000
committermiod <miod@openbsd.org>2014-06-13 04:29:13 +0000
commitd0eebffa6276f45fb0db91c36d104704cd8ac54b (patch)
tree712b65430df2667b20028ce7e1c0243a7a7e6d5d /lib/libssl/src/apps
parentsync (diff)
downloadwireguard-openbsd-d0eebffa6276f45fb0db91c36d104704cd8ac54b.tar.xz
wireguard-openbsd-d0eebffa6276f45fb0db91c36d104704cd8ac54b.zip
Remove support for the `opaque PRF input' extension, which draft has expired
7 years ago and never made it into an RFC. That code wasn't compiled in anyway unless one would define the actual on-the-wire extension id bytes; crank libssl major. With help and enlightenment from Brendan MacDonell.
Diffstat (limited to 'lib/libssl/src/apps')
-rw-r--r--lib/libssl/src/apps/s_cb.c7
-rw-r--r--lib/libssl/src/apps/s_client.c7
-rw-r--r--lib/libssl/src/apps/s_server.c7
3 files changed, 3 insertions, 18 deletions
diff --git a/lib/libssl/src/apps/s_cb.c b/lib/libssl/src/apps/s_cb.c
index 51df99b2e8f..29dd80e87de 100644
--- a/lib/libssl/src/apps/s_cb.c
+++ b/lib/libssl/src/apps/s_cb.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s_cb.c,v 1.21 2014/06/12 15:49:27 deraadt Exp $ */
+/* $OpenBSD: s_cb.c,v 1.22 2014/06/13 04:29:13 miod Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -696,11 +696,6 @@ tlsext_cb(SSL * s, int client_server, int type, unsigned char *data, int len,
extname = "renegotiation info";
break;
-#ifdef TLSEXT_TYPE_opaque_prf_input
- case TLSEXT_TYPE_opaque_prf_input:
- extname = "opaque PRF input";
- break;
-#endif
#ifdef TLSEXT_TYPE_next_proto_neg
case TLSEXT_TYPE_next_proto_neg:
extname = "next protocol";
diff --git a/lib/libssl/src/apps/s_client.c b/lib/libssl/src/apps/s_client.c
index 1e12eca8954..c453875c077 100644
--- a/lib/libssl/src/apps/s_client.c
+++ b/lib/libssl/src/apps/s_client.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s_client.c,v 1.60 2014/06/12 15:49:27 deraadt Exp $ */
+/* $OpenBSD: s_client.c,v 1.61 2014/06/13 04:29:13 miod Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -910,11 +910,6 @@ bad:
}
#endif
/* SSL_set_cipher_list(con,"RC4-MD5"); */
-#if 0
-#ifdef TLSEXT_TYPE_opaque_prf_input
- SSL_set_tlsext_opaque_prf_input(con, "Test client", 11);
-#endif
-#endif
re_start:
diff --git a/lib/libssl/src/apps/s_server.c b/lib/libssl/src/apps/s_server.c
index 25be6121b55..e73b249ca31 100644
--- a/lib/libssl/src/apps/s_server.c
+++ b/lib/libssl/src/apps/s_server.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s_server.c,v 1.52 2014/06/12 15:49:27 deraadt Exp $ */
+/* $OpenBSD: s_server.c,v 1.53 2014/06/13 04:29:13 miod Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -1541,11 +1541,6 @@ sv_body(char *hostname, int s, unsigned char *context)
strlen((char *) context));
}
SSL_clear(con);
-#if 0
-#ifdef TLSEXT_TYPE_opaque_prf_input
- SSL_set_tlsext_opaque_prf_input(con, "Test server", 11);
-#endif
-#endif
if (SSL_version(con) == DTLS1_VERSION) {