Update SGC flag comment.

author Dr. Stephen Henson <steve@openssl.org>

Fri, 2 Jan 2015 23:09:39 +0000 (23:09 +0000)

committer Dr. Stephen Henson <steve@openssl.org>

Fri, 2 Jan 2015 23:12:37 +0000 (23:12 +0000)
author Dr. Stephen Henson <steve@openssl.org>
Fri, 2 Jan 2015 23:09:39 +0000 (23:09 +0000)
committer Dr. Stephen Henson <steve@openssl.org>
Fri, 2 Jan 2015 23:12:37 +0000 (23:12 +0000)
diff --git a/ssl/ssl3.h b/ssl/ssl3.h

index 36320ffed0b53b853b09a632d3c624b825422497..6525efeeb3c8222273e1774f47ba3006af52085a 100644 (file)
--- a/ssl/ssl3.h
+++ b/ssl/ssl3.h
@@ -435,15 +435,7 @@ typedef struct ssl3_buffer_st
   */
  #define SSL3_FLAGS_CCS_OK                      0x0080
  
-/* SSL3_FLAGS_SGC_RESTART_DONE is set when we
- * restart a handshake because of MS SGC and so prevents us
- * from restarting the handshake in a loop. It's reset on a
- * renegotiation, so effectively limits the client to one restart
- * per negotiation. This limits the possibility of a DDoS
- * attack where the client handshakes in a loop using SGC to
- * restart. Servers which permit renegotiation can still be
- * effected, but we can't prevent that.
- */
+/* SSL3_FLAGS_SGC_RESTART_DONE is no longer used */
  #define SSL3_FLAGS_SGC_RESTART_DONE            0x0040
  
  #ifndef OPENSSL_NO_SSL_INTERN
author	Dr. Stephen Henson <steve@openssl.org>
	Fri, 2 Jan 2015 23:09:39 +0000 (23:09 +0000)
committer	Dr. Stephen Henson <steve@openssl.org>
	Fri, 2 Jan 2015 23:12:37 +0000 (23:12 +0000)