Stop attempting to duplicate the public and private key of dh_tmp.

Support for non-ephemeral DH was removed a very long time ago - the only way that dh_tmp is set is via DHparams_dup(), hence the public and private keys are always going to be NULL. ok inoguchi@ tb@
author: jsing <> 2022-01-07 15:56:33 +0000
committer: jsing <> 2022-01-07 15:56:33 +0000
commit: 6761092b7f6fc6bef41736c394e9905b14a606f0 (patch)
tree: fccb3ed5be76c88d64d418b1c13fcccc2cb5e593 /src/lib/libssl/ssl_cert.c
parent: b02f56a4209f162a9d9b202f5efc74dd0b6fc7d3 (diff)
download: openbsd-6761092b7f6fc6bef41736c394e9905b14a606f0.tar.gz
openbsd-6761092b7f6fc6bef41736c394e9905b14a606f0.tar.bz2
openbsd-6761092b7f6fc6bef41736c394e9905b14a606f0.zip
1 files changed, 1 insertions, 17 deletions
diff --git a/src/lib/libssl/ssl_cert.c b/src/lib/libssl/ssl_cert.c
index 6eece6d944..faa9886b90 100644
--- a/src/lib/libssl/ssl_cert.c
+++ b/src/lib/libssl/ssl_cert.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_cert.c,v 1.89 2022/01/06 18:23:56 jsing Exp $ */
+/* $OpenBSD: ssl_cert.c,v 1.90 2022/01/07 15:56:33 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -201,22 +201,6 @@ ssl_cert_dup(CERT *cert)
                        SSLerrorx(ERR_R_DH_LIB);
                        goto err;
                }
-                if (cert->dh_tmp->priv_key) {
-                        BIGNUM *b = BN_dup(cert->dh_tmp->priv_key);
-                        if (!b) {
-                                SSLerrorx(ERR_R_BN_LIB);
-                                goto err;
-                        }
-                        ret->dh_tmp->priv_key = b;
-                }
-                if (cert->dh_tmp->pub_key) {
-                        BIGNUM *b = BN_dup(cert->dh_tmp->pub_key);
-                        if (!b) {
-                                SSLerrorx(ERR_R_BN_LIB);
-                                goto err;
-                        }
-                        ret->dh_tmp->pub_key = b;
-                }
        }
        ret->dh_tmp_cb = cert->dh_tmp_cb;
        ret->dh_tmp_auto = cert->dh_tmp_auto;
author	jsing <>	2022-01-07 15:56:33 +0000
committer	jsing <>	2022-01-07 15:56:33 +0000
commit	6761092b7f6fc6bef41736c394e9905b14a606f0 (patch)
tree	fccb3ed5be76c88d64d418b1c13fcccc2cb5e593 /src/lib/libssl/ssl_cert.c
parent	b02f56a4209f162a9d9b202f5efc74dd0b6fc7d3 (diff)
download	openbsd-6761092b7f6fc6bef41736c394e9905b14a606f0.tar.gz openbsd-6761092b7f6fc6bef41736c394e9905b14a606f0.tar.bz2 openbsd-6761092b7f6fc6bef41736c394e9905b14a606f0.zip

diff --git a/src/lib/libssl/ssl_cert.c b/src/lib/libssl/ssl_cert.c index 6eece6d944..faa9886b90 100644 --- a/src/lib/libssl/ssl_cert.c +++ b/src/lib/libssl/ssl_cert.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_cert.c,v 1.89 2022/01/06 18:23:56 jsing Exp $ */	1	/* $OpenBSD: ssl_cert.c,v 1.90 2022/01/07 15:56:33 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -201,22 +201,6 @@ ssl_cert_dup(CERT *cert)
201	SSLerrorx(ERR_R_DH_LIB);	201	SSLerrorx(ERR_R_DH_LIB);
202	goto err;	202	goto err;
203	}	203	}
204	if (cert->dh_tmp->priv_key) {
205	BIGNUM *b = BN_dup(cert->dh_tmp->priv_key);
206	if (!b) {
207	SSLerrorx(ERR_R_BN_LIB);
208	goto err;
209	}
210	ret->dh_tmp->priv_key = b;
211	}
212	if (cert->dh_tmp->pub_key) {
213	BIGNUM *b = BN_dup(cert->dh_tmp->pub_key);
214	if (!b) {
215	SSLerrorx(ERR_R_BN_LIB);
216	goto err;
217	}
218	ret->dh_tmp->pub_key = b;
219	}
220	}	204	}
221	ret->dh_tmp_cb = cert->dh_tmp_cb;	205	ret->dh_tmp_cb = cert->dh_tmp_cb;
222	ret->dh_tmp_auto = cert->dh_tmp_auto;	206	ret->dh_tmp_auto = cert->dh_tmp_auto;