From d41c785d695de4b5f2d947aa507a6a0ae41a8936 Mon Sep 17 00:00:00 2001 From: Ben Laurie Date: Tue, 30 Dec 2008 13:02:02 +0000 Subject: [PATCH] Document dead code. --- ssl/s23_clnt.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/ssl/s23_clnt.c b/ssl/s23_clnt.c index cc6c527f19..0912528f89 100644 --- a/ssl/s23_clnt.c +++ b/ssl/s23_clnt.c @@ -368,6 +368,10 @@ static int ssl23_client_hello(SSL *s) ch_len=SSL2_MAX_CHALLENGE_LENGTH; /* write out sslv2 challenge */ + /* Note that ch_len must be <= SSL3_RANDOM_SIZE (32), + because it is one of SSL2_MAX_CHALLENGE_LENGTH (32) + or SSL2_MAX_CHALLENGE_LENGTH (16), but leave the + check in for futurproofing */ if (SSL3_RANDOM_SIZE < ch_len) i=SSL3_RANDOM_SIZE; else @@ -544,6 +548,10 @@ static int ssl23_get_server_hello(SSL *s) ch_len=SSL2_MAX_CHALLENGE_LENGTH; /* write out sslv2 challenge */ + /* Note that ch_len must be <= SSL3_RANDOM_SIZE (32), because + it is one of SSL2_MAX_CHALLENGE_LENGTH (32) or + SSL2_MAX_CHALLENGE_LENGTH (16), but leave the check in for + futurproofing */ i=(SSL3_RANDOM_SIZE < ch_len) ?SSL3_RANDOM_SIZE:ch_len; s->s2->challenge_length=i; -- 2.25.1