Remove SRP and Kerberos support from libssl. These are complex protocols

all on their own and we can't effectively maintain them without using them, which we don't. If the need arises, the code can be resurrected.
author: tedu <tedu@openbsd.org> 2014-05-05 15:03:22 +0000
committer: tedu <tedu@openbsd.org> 2014-05-05 15:03:22 +0000
commit: 8a8f3f13dd1fd3d25edeb39c5f7566180cd105f8 (patch)
tree: bcf94eb93f2a60e72350cf5ac63be771a19d7b94 /lib/libssl/src/ssl/d1_srvr.c
parent: A couple of malloc()+memset(0) -> calloc. (diff)
download: wireguard-openbsd-8a8f3f13dd1fd3d25edeb39c5f7566180cd105f8.tar.xz
wireguard-openbsd-8a8f3f13dd1fd3d25edeb39c5f7566180cd105f8.zip
1 files changed, 0 insertions, 3 deletions
diff --git a/lib/libssl/src/ssl/d1_srvr.c b/lib/libssl/src/ssl/d1_srvr.c
index 9995278a264..6183815a6d1 100644
--- a/lib/libssl/src/ssl/d1_srvr.c
+++ b/lib/libssl/src/ssl/d1_srvr.c
@@ -429,9 +429,6 @@ dtls1_accept(SSL *s)
 			/* clear this, it may get reset by
 			 * send_server_key_exchange */
 			if ((s->options & SSL_OP_EPHEMERAL_RSA)
-#ifndef OPENSSL_NO_KRB5
-			&& !(alg_k & SSL_kKRB5)
-#endif /* OPENSSL_NO_KRB5 */
 			)
 				/* option SSL_OP_EPHEMERAL_RSA sends temporary RSA key
 				 * even when forbidden by protocol specs
author	tedu <tedu@openbsd.org>	2014-05-05 15:03:22 +0000
committer	tedu <tedu@openbsd.org>	2014-05-05 15:03:22 +0000
commit	8a8f3f13dd1fd3d25edeb39c5f7566180cd105f8 (patch)
tree	bcf94eb93f2a60e72350cf5ac63be771a19d7b94 /lib/libssl/src/ssl/d1_srvr.c
parent	A couple of malloc()+memset(0) -> calloc. (diff)
download	wireguard-openbsd-8a8f3f13dd1fd3d25edeb39c5f7566180cd105f8.tar.xz wireguard-openbsd-8a8f3f13dd1fd3d25edeb39c5f7566180cd105f8.zip