Remove SSL_OP_TLS_BLOCK_PADDING_BUG

This is a workaround so old that nobody remembers what buggy clients it was for. It's also been broken in stable branches for two years and nobody noticed (see https://boringssl-review.googlesource.com/#/c/1694/). Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-06-09 14:17:50 +02:00
parent 91d13f1a76
commit a8e4ac6a2f
6 changed files with 9 additions and 31 deletions
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -2462,9 +2462,6 @@ static int init_ssl_connection(SSL *con)
 #endif
    if (SSL_cache_hit(con))
        BIO_printf(bio_s_out, "Reused session-id\n");
-    if (SSL_ctrl(con, SSL_CTRL_GET_FLAGS, 0, NULL) &
-        TLS1_FLAGS_TLS_PADDING_BUG)
-        BIO_printf(bio_s_out, "Peer has incorrect TLSv1 block padding\n");
    BIO_printf(bio_s_out, "Secure Renegotiation IS%s supported\n",
               SSL_get_secure_renegotiation_support(con) ? "" : " NOT");
    if (keymatexportlabel != NULL) {