git.librecmc.org Git - oweals/openssl.git/commit

author	David Woodhouse <David.Woodhouse@intel.com>
	Mon, 25 Jul 2016 17:03:27 +0000 (18:03 +0100)
committer	Matt Caswell <matt@openssl.org>
	Thu, 4 Aug 2016 19:56:24 +0000 (20:56 +0100)
commit	032924c4b4104654ff8659b4701e4ab25872a12e
tree	a7b5757cae6a997fe0fbbbfce6117c4bcd41b0a7	tree \| snapshot
parent	387cf21345f981d3897f88a6479d8e60721c2c6b	commit \| diff

Make DTLS1_BAD_VER work with DTLS_client_method()

DTLSv1_client_method() is deprecated, but it was the only way to obtain
DTLS1_BAD_VER support. The SSL_OP_CISCO_ANYCONNECT hack doesn't work with
DTLS_client_method(), and it's relatively non-trivial to make it work without
expanding the hack into lots of places.

So deprecate SSL_OP_CISCO_ANYCONNECT with DTLSv1_client_method(), and make
it work with SSL_CTX_set_{min,max}_proto_version(DTLS1_BAD_VER) instead.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

include/openssl/ssl.h		diff \| blob \| history
ssl/d1_lib.c		diff \| blob \| history
ssl/methods.c		diff \| blob \| history
ssl/record/rec_layer_d1.c		diff \| blob \| history
ssl/ssl_locl.h		diff \| blob \| history
ssl/statem/statem_lib.c		diff \| blob \| history