diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2015-12-16 00:57:18 +0100 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2015-12-19 17:14:51 +0100 |
| commit | bc71f91064a3eec10310fa4cc14fe2a3fd9bc7bb (patch) | |
| tree | 7775c994e7acb1ba45132c84edda69305a3b467a /ssl/ssl_rsa.c | |
| parent | delete unused context (diff) | |
| download | openssl-bc71f91064a3eec10310fa4cc14fe2a3fd9bc7bb.tar.xz openssl-bc71f91064a3eec10310fa4cc14fe2a3fd9bc7bb.zip | |
Remove fixed DH ciphersuites.
Remove all fixed DH ciphersuites and associated logic.
Reviewed-by: Matt Caswell <matt@openssl.org>
Diffstat (limited to 'ssl/ssl_rsa.c')
| -rw-r--r-- | ssl/ssl_rsa.c | 17 |
1 files changed, 1 insertions, 16 deletions
diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c index 96353c18bc..a23b28e76c 100644 --- a/ssl/ssl_rsa.c +++ b/ssl/ssl_rsa.c @@ -171,22 +171,7 @@ int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa) static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey) { int i; - /* - * Special case for DH: check two DH certificate types for a match. This - * means for DH certificates we must set the certificate first. - */ - if (pkey->type == EVP_PKEY_DH) { - X509 *x; - i = -1; - x = c->pkeys[SSL_PKEY_DH_RSA].x509; - if (x && X509_check_private_key(x, pkey)) - i = SSL_PKEY_DH_RSA; - x = c->pkeys[SSL_PKEY_DH_DSA].x509; - if (i == -1 && x && X509_check_private_key(x, pkey)) - i = SSL_PKEY_DH_DSA; - ERR_clear_error(); - } else - i = ssl_cert_type(NULL, pkey); + i = ssl_cert_type(NULL, pkey); if (i < 0) { SSLerr(SSL_F_SSL_SET_PKEY, SSL_R_UNKNOWN_CERTIFICATE_TYPE); return (0); |