Commit 5396c119 authored by Dr. Stephen Henson's avatar Dr. Stephen Henson
Browse files

Update SGC flag comment. 



Since SGC has been removed from OpenSSL 1.0.2 the
SSL3_FLAGS_SGC_RESTART_DONE is no longer used. However the #define is
retained for compatibility.
Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
parent cf95b2d6

ssl/ssl3.h

+1 −9
Original line number Diff line number Diff line
@@ -435,15 +435,7 @@ typedef struct ssl3_buffer_st 
 */

#define SSL3_FLAGS_CCS_OK			0x0080



/* SSL3_FLAGS_SGC_RESTART_DONE is set when we

 * restart a handshake because of MS SGC and so prevents us

 * from restarting the handshake in a loop. It's reset on a

 * renegotiation, so effectively limits the client to one restart

 * per negotiation. This limits the possibility of a DDoS

 * attack where the client handshakes in a loop using SGC to

 * restart. Servers which permit renegotiation can still be

 * effected, but we can't prevent that.

 */

/* SSL3_FLAGS_SGC_RESTART_DONE is no longer used */

#define SSL3_FLAGS_SGC_RESTART_DONE		0x0040



#ifndef OPENSSL_NO_SSL_INTERN