Remove experimental DANE code.

Remove experimental DANE/dnssec code: not ready for use in an
official release yet.

ssl/ssl_lib.c

@@ -1100,9 +1100,6 @@ int SSL_renegotiate_pending(SSL *s)
 long SSL_ctrl(SSL *s,int cmd,long larg,void *parg)
 	{
 	long l;
-#ifndef OPENSSL_NO_DANE
-	const char *hostname = NULL;
-#endif
 
 	switch (cmd)
 		{
@@ -1167,41 +1164,6 @@ long SSL_ctrl(SSL *s,int cmd,long larg,void *parg)
 			}
 		else
 			return ssl_put_cipher_by_char(s,NULL,NULL);
-#ifndef OPENSSL_NO_DANE
-	case SSL_CTRL_PULL_TLSA_RECORD:
-		hostname = parg;
-		parg = SSL_get_tlsa_record_byname (parg,larg,s->version<0xF000?1:0);
-		/* yes, fall through */
-	case SSL_CTRL_SET_TLSA_RECORD:
-		if (parg!=NULL)
-			{
-			TLSA_EX_DATA *ex = SSL_get_TLSA_ex_data(s);
-			unsigned char *tlsa_rec = parg;
-			int tlsa_len = 0;
-
-			if (hostname==NULL)
-				{
-			    	while (1)
-					{
-					int dlen;
-
-					memcpy(&dlen,tlsa_rec,sizeof(dlen));
-					tlsa_rec += sizeof(dlen)+dlen;
-
-					if (dlen==0) break;
-					}
-				if ((tlsa_rec = OPENSSL_malloc(tlsa_len)))
-					memcpy(tlsa_rec,parg,tlsa_len);
-				else
-					{
-					SSLerr(SSL_F_SSL_CTRL,SSL_R_UNINITIALIZED);
-					return 0;
-					}
-				}
-			ex->tlsa_record = tlsa_rec;
-			}
-		return 1;
-#endif
 	default:
 		return(s->method->ssl_ctrl(s,cmd,larg,parg));
 		}