remove ancient SSLeay bug workaround

Reviewed-by: N Matt Caswell <matt@openssl.org>

remove ancient SSLeay bug workaround
Reviewed-by: N Matt Caswell <matt@openssl.org>
7538cb82 · Dr. Stephen Henson · 3e166c13 · 7538cb82 · 7538cb82
隐藏空白更改
内联并排

Showing with 5 addition and 9 deletion

include/openssl/ssl.h include/openssl/ssl.h +2 -1

ssl/statem/statem_srvr.c ssl/statem/statem_srvr.c +3 -8

未找到文件。
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -364,7 +364,8 @@ typedef int (*custom_ext_parse_cb) (SSL *s, unsigned int ext_type,
 # define SSL_OP_TLSEXT_PADDING                           0x00000010U
 # define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER               0x00000020U
 # define SSL_OP_SAFARI_ECDHE_ECDSA_BUG                   0x00000040U
-# define SSL_OP_SSLEAY_080_CLIENT_DH_BUG                 0x00000080U
+/* Ancient SSLeay version, retained for compatibility */
+# define SSL_OP_SSLEAY_080_CLIENT_DH_BUG                 0x0
 # define SSL_OP_TLS_D5_BUG                               0x00000100U
 /* Removed from OpenSSL 1.1.0 */
 # define SSL_OP_TLS_BLOCK_PADDING_BUG                    0x0U

--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -2421,14 +2421,9 @@ MSG_PROCESS_RETURN tls_process_client_key_exchange(SSL *s, PACKET *pkt)
            i = 0;
        }
        if (PACKET_remaining(pkt) != i) {
-            if (!(s->options & SSL_OP_SSLEAY_080_CLIENT_DH_BUG)) {
-                SSLerr(SSL_F_TLS_PROCESS_CLIENT_KEY_EXCHANGE,
-                       SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG);
-                goto err;
-            } else {
-                *pkt = bookmark;
-                i = PACKET_remaining(pkt);
-            }
+            SSLerr(SSL_F_TLS_PROCESS_CLIENT_KEY_EXCHANGE,
+                   SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG);
+            goto err;
        }
        if (alg_k & SSL_kDHr)
            idx = SSL_PKEY_DH_RSA;