From 149c6f9c05a2f73c39aed364b51e57279a57cd35 Mon Sep 17 00:00:00 2001
From: tedu <>
Date: Thu, 29 May 2014 18:11:13 +0000
Subject: unidef DH, ECDH, and ECDSA. there's no purpose to a libssl without
 them. ok deraadt jsing

---
 src/lib/libssl/ssl_cert.c | 22 ----------------------
 1 file changed, 22 deletions(-)

(limited to 'src/lib/libssl/ssl_cert.c')

diff --git a/src/lib/libssl/ssl_cert.c b/src/lib/libssl/ssl_cert.c
index d8b94b1285..f506ae685f 100644
--- a/src/lib/libssl/ssl_cert.c
+++ b/src/lib/libssl/ssl_cert.c
@@ -125,9 +125,7 @@
 #include <openssl/bio.h>
 #include <openssl/pem.h>
 #include <openssl/x509v3.h>
-#ifndef OPENSSL_NO_DH
 #include <openssl/dh.h>
-#endif
 #include <openssl/bn.h>
 #include "ssl_locl.h"
 
@@ -165,9 +163,7 @@ ssl_cert_set_default_md(CERT *cert)
 	cert->pkeys[SSL_PKEY_DSA_SIGN].digest = EVP_sha1();
 	cert->pkeys[SSL_PKEY_RSA_SIGN].digest = EVP_sha1();
 	cert->pkeys[SSL_PKEY_RSA_ENC].digest = EVP_sha1();
-#ifndef OPENSSL_NO_ECDSA
 	cert->pkeys[SSL_PKEY_ECC].digest = EVP_sha1();
-#endif
 }
 
 CERT *
@@ -214,7 +210,6 @@ ssl_cert_dup(CERT *cert)
 	}
 	ret->rsa_tmp_cb = cert->rsa_tmp_cb;
 
-#ifndef OPENSSL_NO_DH
 	if (cert->dh_tmp != NULL) {
 		ret->dh_tmp = DHparams_dup(cert->dh_tmp);
 		if (ret->dh_tmp == NULL) {
@@ -239,9 +234,7 @@ ssl_cert_dup(CERT *cert)
 		}
 	}
 	ret->dh_tmp_cb = cert->dh_tmp_cb;
-#endif
 
-#ifndef OPENSSL_NO_ECDH
 	if (cert->ecdh_tmp) {
 		ret->ecdh_tmp = EC_KEY_dup(cert->ecdh_tmp);
 		if (ret->ecdh_tmp == NULL) {
@@ -250,7 +243,6 @@ ssl_cert_dup(CERT *cert)
 		}
 	}
 	ret->ecdh_tmp_cb = cert->ecdh_tmp_cb;
-#endif
 
 	for (i = 0; i < SSL_PKEY_NUM; i++) {
 		if (cert->pkeys[i].x509 != NULL) {
@@ -305,19 +297,13 @@ ssl_cert_dup(CERT *cert)
 
 	return (ret);
 
-#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_ECDH)
 err:
-#endif
 	if (ret->rsa_tmp != NULL)
 		RSA_free(ret->rsa_tmp);
-#ifndef OPENSSL_NO_DH
 	if (ret->dh_tmp != NULL)
 		DH_free(ret->dh_tmp);
-#endif
-#ifndef OPENSSL_NO_ECDH
 	if (ret->ecdh_tmp != NULL)
 		EC_KEY_free(ret->ecdh_tmp);
-#endif
 
 	for (i = 0; i < SSL_PKEY_NUM; i++) {
 		if (ret->pkeys[i].x509 != NULL)
@@ -344,14 +330,10 @@ ssl_cert_free(CERT *c)
 
 	if (c->rsa_tmp)
 		RSA_free(c->rsa_tmp);
-#ifndef OPENSSL_NO_DH
 	if (c->dh_tmp)
 		DH_free(c->dh_tmp);
-#endif
-#ifndef OPENSSL_NO_ECDH
 	if (c->ecdh_tmp)
 		EC_KEY_free(c->ecdh_tmp);
-#endif
 
 	for (i = 0; i < SSL_PKEY_NUM; i++) {
 		if (c->pkeys[i].x509 != NULL)
@@ -437,14 +419,10 @@ ssl_sess_cert_free(SESS_CERT *sc)
 
 	if (sc->peer_rsa_tmp != NULL)
 		RSA_free(sc->peer_rsa_tmp);
-#ifndef OPENSSL_NO_DH
 	if (sc->peer_dh_tmp != NULL)
 		DH_free(sc->peer_dh_tmp);
-#endif
-#ifndef OPENSSL_NO_ECDH
 	if (sc->peer_ecdh_tmp != NULL)
 		EC_KEY_free(sc->peer_ecdh_tmp);
-#endif
 
 	free(sc);
 }
-- 
cgit v1.2.3-55-g6feb