Remove MS SGC support on the the server.

It doesn't appear to have ever been implemented on the client. The server code stopped working anyway because it now skips the ssl_get_message call, so we never cash in on the reuse_message, attempt to reprocess the repeated ClientHello, and reject it thinking it's a second MS SGC restart. Change-Id: Id536846e08460143f6fc0a550bdcc1b26b506b04 Reviewed-on: https://boringssl-review.googlesource.com/1580 Reviewed-by: Adam Langley <agl@google.com>
author: David Benjamin <davidben@chromium.org> 2014-08-20 19:40:03 +0400
committer: Adam Langley <agl@google.com> 2014-08-20 23:06:01 +0400
commit: 92909a6206037f8266d93979028215a8b7f20614 (patch)
tree: 4c5b5424b7f804f9815048ca73e914d0ccb64306 /ssl/d1_srvr.c
parent: b52e3dded27318addcc49ff2d39cf1891be6ca35 (diff)
1 files changed, 5 insertions, 16 deletions
diff --git a/ssl/d1_srvr.c b/ssl/d1_srvr.c
index e499f8bb..fe8001da 100644
--- a/ssl/d1_srvr.c
+++ b/ssl/d1_srvr.c
@@ -469,24 +469,13 @@ int dtls1_accept(SSL *s)
 
 		case SSL3_ST_SR_CERT_A:
 		case SSL3_ST_SR_CERT_B:
-			/* Check for second client hello (MS SGC) */
-			ret = ssl3_check_client_hello(s);
-			if (ret <= 0)
-				goto end;
-			if (ret == 2)
+			if (s->s3->tmp.cert_request)
 				{
-				dtls1_stop_timer(s);
-				s->state = SSL3_ST_SR_CLNT_HELLO_C;
+				ret=ssl3_get_client_certificate(s);
+				if (ret <= 0) goto end;
 				}
-			else {
-				if (s->s3->tmp.cert_request)
-					{
-					ret=ssl3_get_client_certificate(s);
-					if (ret <= 0) goto end;
-					}
-				s->init_num=0;
-				s->state=SSL3_ST_SR_KEY_EXCH_A;
-			}
+			s->init_num=0;
+			s->state=SSL3_ST_SR_KEY_EXCH_A;
 			break;
 
 		case SSL3_ST_SR_KEY_EXCH_A:
author	David Benjamin <davidben@chromium.org>	2014-08-20 19:40:03 +0400
committer	Adam Langley <agl@google.com>	2014-08-20 23:06:01 +0400
commit	92909a6206037f8266d93979028215a8b7f20614 (patch)
tree	4c5b5424b7f804f9815048ca73e914d0ccb64306 /ssl/d1_srvr.c
parent	b52e3dded27318addcc49ff2d39cf1891be6ca35 (diff)