[src/netbsd-2-0]: src/crypto/dist/openssl/ssl Pull up following revision(s) (...

[tron <tron%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/3265b134a306
branches:  netbsd-2-0
changeset: 564865:3265b134a306
user:      tron <tron%NetBSD.org@localhost>
date:      Tue Oct 11 21:08:11 2005 +0000

description:
Pull up following revision(s) (requested by gendalia in ticket #5926):
        crypto/dist/openssl/ssl/s23_srvr.c: revision 1.2
fix openssl 2.0 rollback, CAN-2005-2969
approved by: agc

diffstat:

 crypto/dist/openssl/ssl/s23_srvr.c |  4 +---
 1 files changed, 1 insertions(+), 3 deletions(-)

diffs (14 lines):

diff -r e6e567b79849 -r 3265b134a306 crypto/dist/openssl/ssl/s23_srvr.c
--- a/crypto/dist/openssl/ssl/s23_srvr.c        Tue Oct 11 17:21:33 2005 +0000
+++ b/crypto/dist/openssl/ssl/s23_srvr.c        Tue Oct 11 21:08:11 2005 +0000
@@ -519,9 +519,7 @@
                        }
 
                s->state=SSL2_ST_GET_CLIENT_HELLO_A;
-               if ((s->options & SSL_OP_MSIE_SSLV2_RSA_PADDING) ||
-                       use_sslv2_strong ||
-                       (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3))
+               if (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3)
                        s->s2->ssl2_rollback=0;
                else
                        /* reject SSL 2.0 session if client supports SSL 3.0 or TLS 1.0