diff options
| author | tedu <> | 2014-05-05 15:03:22 +0000 |
|---|---|---|
| committer | tedu <> | 2014-05-05 15:03:22 +0000 |
| commit | 5b4326f23352be2e7084f2020795d8aa042c746f (patch) | |
| tree | c342d9903092a19dfda173837629fd04c429eda9 /src/lib/libssl/t1_lib.c | |
| parent | 77dd1ca11ad22b323b27beea447edd1e35c3b24e (diff) | |
| download | openbsd-5b4326f23352be2e7084f2020795d8aa042c746f.tar.gz openbsd-5b4326f23352be2e7084f2020795d8aa042c746f.tar.bz2 openbsd-5b4326f23352be2e7084f2020795d8aa042c746f.zip | |
Remove SRP and Kerberos support from libssl. These are complex protocols
all on their own and we can't effectively maintain them without using them,
which we don't. If the need arises, the code can be resurrected.
Diffstat (limited to '')
| -rw-r--r-- | src/lib/libssl/t1_lib.c | 50 |
1 files changed, 0 insertions, 50 deletions
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c index bb33331862..2e183bb233 100644 --- a/src/lib/libssl/t1_lib.c +++ b/src/lib/libssl/t1_lib.c | |||
| @@ -415,35 +415,6 @@ ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned char *limit) | |||
| 415 | ret += el; | 415 | ret += el; |
| 416 | } | 416 | } |
| 417 | 417 | ||
| 418 | #ifndef OPENSSL_NO_SRP | ||
| 419 | /* Add SRP username if there is one */ | ||
| 420 | if (s->srp_ctx.login != NULL) { | ||
| 421 | /* Add TLS extension SRP username to the Client Hello message */ | ||
| 422 | |||
| 423 | int login_len = strlen(s->srp_ctx.login); | ||
| 424 | |||
| 425 | if (login_len > 255 || login_len == 0) { | ||
| 426 | SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR); | ||
| 427 | return NULL; | ||
| 428 | } | ||
| 429 | |||
| 430 | /* check for enough space. | ||
| 431 | 4 for the srp type type and entension length | ||
| 432 | 1 for the srp user identity | ||
| 433 | + srp user identity length | ||
| 434 | */ | ||
| 435 | if ((limit - ret - 5 - login_len) < 0) | ||
| 436 | return NULL; | ||
| 437 | |||
| 438 | |||
| 439 | /* fill in the extension */ | ||
| 440 | s2n(TLSEXT_TYPE_srp, ret); | ||
| 441 | s2n(login_len + 1, ret); | ||
| 442 | (*ret++) = (unsigned char) login_len; | ||
| 443 | memcpy(ret, s->srp_ctx.login, login_len); | ||
| 444 | ret += login_len; | ||
| 445 | } | ||
| 446 | #endif | ||
| 447 | 418 | ||
| 448 | #ifndef OPENSSL_NO_EC | 419 | #ifndef OPENSSL_NO_EC |
| 449 | if (s->tlsext_ecpointformatlist != NULL && | 420 | if (s->tlsext_ecpointformatlist != NULL && |
| @@ -1063,27 +1034,6 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, | |||
| 1063 | } | 1034 | } |
| 1064 | 1035 | ||
| 1065 | } | 1036 | } |
| 1066 | #ifndef OPENSSL_NO_SRP | ||
| 1067 | else if (type == TLSEXT_TYPE_srp) { | ||
| 1068 | if (size <= 0 || ((len = data[0])) != (size - 1)) { | ||
| 1069 | *al = SSL_AD_DECODE_ERROR; | ||
| 1070 | return 0; | ||
| 1071 | } | ||
| 1072 | if (s->srp_ctx.login != NULL) { | ||
| 1073 | *al = SSL_AD_DECODE_ERROR; | ||
| 1074 | return 0; | ||
| 1075 | } | ||
| 1076 | if ((s->srp_ctx.login = malloc(len + 1)) == NULL) | ||
| 1077 | return -1; | ||
| 1078 | memcpy(s->srp_ctx.login, &data[1], len); | ||
| 1079 | s->srp_ctx.login[len] = '\0'; | ||
| 1080 | |||
| 1081 | if (strlen(s->srp_ctx.login) != len) { | ||
| 1082 | *al = SSL_AD_DECODE_ERROR; | ||
| 1083 | return 0; | ||
| 1084 | } | ||
| 1085 | } | ||
| 1086 | #endif | ||
| 1087 | 1037 | ||
| 1088 | #ifndef OPENSSL_NO_EC | 1038 | #ifndef OPENSSL_NO_EC |
| 1089 | else if (type == TLSEXT_TYPE_ec_point_formats && | 1039 | else if (type == TLSEXT_TYPE_ec_point_formats && |