CVSROOT: /cvs Module name: src Changes by: t...@cvs.openbsd.org 2018/12/07 00:22:09
Modified files: lib/libssl : ssl_srvr.c Log message: Remove an ugly hack in the client certificate verification code that works around broken GOST implementations. It looks like client certificates with GOST have been completely broken since reimport of the GOST code, so no-one is using LibreSSL this way. The client side was fixed only last week for TLSv1.0 and TLSv1.1. This workaround is now in the way of much needed simplifcation and cleanup, so it is time for it to go. suggested by and ok jsing