generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Remove ECDH client auth code.

Browse Source 
Remove incomplete non-functional ECDH client authentication code.

Reviewed-by: Richard Levitte <levitte@openssl.org>
This commit is contained in:
Dr. Stephen Henson
2015-12-12 17:41:18 +00:00
parent 57be4444c6
commit c66ce5eb23
3 changed files with 29 additions and 114 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
ssl/s3_lib.c
View File

@@ -4722,14 +4722,8 @@ int ssl3_get_req_cert_type(SSL *s, unsigned char *p)
p[ret++] = SSL3_CT_DSS_SIGN;
#endif
#ifndef OPENSSL_NO_EC
if ((alg_k & (SSL_kECDHr | SSL_kECDHe)) && (s->version >= TLS1_VERSION)) {
if (nostrict || !(alg_a & SSL_aRSA))
p[ret++] = TLS_CT_RSA_FIXED_ECDH;
if (nostrict || !(alg_a & SSL_aECDSA))
p[ret++] = TLS_CT_ECDSA_FIXED_ECDH;
}
/*
* ECDSA certs can be used with RSA cipher suites as well so we don't
* ECDSA certs can be used with RSA cipher suites too so we don't
* need to check for SSL_kECDH or SSL_kECDHE
*/
if (s->version >= TLS1_VERSION) {