commit 92b297bb589e51e2f2653dd9c1a8dc1a86b6b7ad Author: Nick Mathewson nickm@torproject.org Date: Wed May 13 11:21:38 2015 -0400

SSL_clear_mode exists; we can use it. --- src/common/tortls.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/src/common/tortls.c b/src/common/tortls.c index a90ae70..4a15670 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -2239,8 +2239,7 @@ tor_tls_finish_handshake(tor_tls_t *tls) if (tls->isServer) { SSL_set_info_callback(tls->ssl, NULL); SSL_set_verify(tls->ssl, SSL_VERIFY_PEER, always_accept_verify_cb); - /* There doesn't seem to be a clear OpenSSL API to clear mode flags. */ - tls->ssl->mode &= ~SSL_MODE_NO_AUTO_CHAIN; + SSL_clear_mode(tls->ssl, SSL_MODE_NO_AUTO_CHAIN); #ifdef V2_HANDSHAKE_SERVER if (tor_tls_client_is_using_v2_ciphers(tls->ssl)) { /* This check is redundant, but back when we did it in the callback,