Remove support for opaque-prf

An expired IETF Internet-Draft (seven years old) that nobody implements, and probably just as good as NSA DRBG work. Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-01-28 14:53:04 -05:00
parent 31b446e212
commit 68fd6dce73
13 changed files with 3 additions and 399 deletions
--- a/apps/s_cb.c
+++ b/apps/s_cb.c
@@ -907,11 +907,6 @@ void tlsext_cb(SSL *s, int client_server, int type,
        extname = "renegotiation info";
        break;

-#ifdef TLSEXT_TYPE_opaque_prf_input
-    case TLSEXT_TYPE_opaque_prf_input:
-        extname = "opaque PRF input";
-        break;
-#endif
 #ifdef TLSEXT_TYPE_next_proto_neg
    case TLSEXT_TYPE_next_proto_neg:
        extname = "next protocol";
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -1409,12 +1409,6 @@ int MAIN(int argc, char **argv)
        kssl_ctx_setstring(kctx, KSSL_SERVER, host);
    }
 #endif                          /* OPENSSL_NO_KRB5 */
-/*      SSL_set_cipher_list(con,"RC4-MD5"); */
-#if 0
-# ifdef TLSEXT_TYPE_opaque_prf_input
-    SSL_set_tlsext_opaque_prf_input(con, "Test client", 11);
-# endif
-#endif

 re_start:
 #ifdef NO_SYS_UN_H
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -2183,11 +2183,6 @@ static int sv_body(char *hostname, int s, int stype, unsigned char *context)
            SSL_set_session_id_context(con, context, strlen((char *)context));
    }
    SSL_clear(con);
-#if 0
-# ifdef TLSEXT_TYPE_opaque_prf_input
-    SSL_set_tlsext_opaque_prf_input(con, "Test server", 11);
-# endif
-#endif

    if (stype == SOCK_DGRAM) {