[src/netbsd-3]: src/crypto/dist/openssl/ssl Pull up following revision(s) (re...

[tron <tron%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/e6a2eb55b86d
branches:  netbsd-3
changeset: 577339:e6a2eb55b86d
user:      tron <tron%NetBSD.org@localhost>
date:      Tue Oct 11 21:01:31 2005 +0000

description:
Pull up following revision(s) (requested by gendalia in ticket #882):
        crypto/dist/openssl/ssl/s23_srvr.c: revision 1.2
fix openssl 2.0 rollback, CAN-2005-2969
approved by: agc

diffstat:

 crypto/dist/openssl/ssl/s23_srvr.c |  4 +---
 1 files changed, 1 insertions(+), 3 deletions(-)

diffs (14 lines):

diff -r f2009a501f09 -r e6a2eb55b86d crypto/dist/openssl/ssl/s23_srvr.c
--- a/crypto/dist/openssl/ssl/s23_srvr.c        Mon Oct 10 11:34:16 2005 +0000
+++ b/crypto/dist/openssl/ssl/s23_srvr.c        Tue Oct 11 21:01:31 2005 +0000
@@ -519,9 +519,7 @@
                        }
 
                s->state=SSL2_ST_GET_CLIENT_HELLO_A;
-               if ((s->options & SSL_OP_MSIE_SSLV2_RSA_PADDING) ||
-                       use_sslv2_strong ||
-                       (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3))
+               if (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3)
                        s->s2->ssl2_rollback=0;
                else
                        /* reject SSL 2.0 session if client supports SSL 3.0 or TLS 1.0