From 8af0cfc10d33186adaa114f215e8fa69af91a84a Mon Sep 17 00:00:00 2001
From: Nick Mathewson <nickm@torproject.org>
Date: Mon, 10 Oct 2011 23:12:29 -0400
Subject: Add some points to make it easy to turn off v3 support

---
 src/common/tortls.c | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'src/common/tortls.c')

diff --git a/src/common/tortls.c b/src/common/tortls.c
index b393bfd4a3..9a3c02b5b3 100644
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -1095,7 +1095,11 @@ tor_tls_context_new(crypto_pk_env_t *identity, unsigned int key_lifetime)
 
   tor_tls_init();
   nickname = crypto_random_hostname(8, 20, "www.", ".net");
+#ifdef DISABLE_V3_LINKPROTO_SERVERSIDE
+  nn2 = crypto_random_hostname(8, 20, "www.", ".net");
+#else
   nn2 = crypto_random_hostname(8, 20, "www.", ".com");
+#endif
 
   /* Generate short-term RSA key for use with TLS. */
   if (!(rsa = crypto_new_pk_env()))
@@ -2183,6 +2187,10 @@ tor_tls_used_v1_handshake(tor_tls_t *tls)
 static int
 dn_indicates_v3_cert(X509_NAME *name)
 {
+#ifdef DISABLE_V3_LINKPROTO_CLIENTSIDE
+  (void)name;
+  return 0;
+#else
   X509_NAME_ENTRY *entry;
   int n_entries;
   ASN1_OBJECT *obj;
@@ -2206,6 +2214,7 @@ dn_indicates_v3_cert(X509_NAME *name)
   r = fast_memneq(s + len - 4, ".net", 4);
   OPENSSL_free(s);
   return r;
+#endif
 }
 
 /** Return true iff the peer certificate we're received on <b>tls</b>
-- 
cgit v1.2.3-54-g00ecf