From 1747118e379623d86b5f53dcc99d185f9868ce43 Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Mon, 5 Nov 2018 03:49:44 +0000
Subject: Mop up ecdh_tmp, since it is no longer used.

ok bluhm@ tb@
---
 src/lib/libssl/ssl_cert.c | 12 +-----------
 src/lib/libssl/ssl_locl.h |  4 +---
 src/lib/libssl/t1_lib.c   | 13 ++-----------
 3 files changed, 4 insertions(+), 25 deletions(-)

(limited to 'src')

diff --git a/src/lib/libssl/ssl_cert.c b/src/lib/libssl/ssl_cert.c
index a01f484578..567d8ea21f 100644
--- a/src/lib/libssl/ssl_cert.c
+++ b/src/lib/libssl/ssl_cert.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_cert.c,v 1.67 2018/04/25 07:10:39 tb Exp $ */
+/* $OpenBSD: ssl_cert.c,v 1.68 2018/11/05 03:49:44 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -234,14 +234,6 @@ ssl_cert_dup(CERT *cert)
 	ret->dh_tmp_cb = cert->dh_tmp_cb;
 	ret->dh_tmp_auto = cert->dh_tmp_auto;
 
-	if (cert->ecdh_tmp) {
-		ret->ecdh_tmp = EC_KEY_dup(cert->ecdh_tmp);
-		if (ret->ecdh_tmp == NULL) {
-			SSLerrorx(ERR_R_EC_LIB);
-			goto err;
-		}
-	}
-
 	for (i = 0; i < SSL_PKEY_NUM; i++) {
 		if (cert->pkeys[i].x509 != NULL) {
 			ret->pkeys[i].x509 = cert->pkeys[i].x509;
@@ -297,7 +289,6 @@ ssl_cert_dup(CERT *cert)
 
 err:
 	DH_free(ret->dh_tmp);
-	EC_KEY_free(ret->ecdh_tmp);
 
 	for (i = 0; i < SSL_PKEY_NUM; i++) {
 		X509_free(ret->pkeys[i].x509);
@@ -321,7 +312,6 @@ ssl_cert_free(CERT *c)
 		return;
 
 	DH_free(c->dh_tmp);
-	EC_KEY_free(c->ecdh_tmp);
 
 	for (i = 0; i < SSL_PKEY_NUM; i++) {
 		X509_free(c->pkeys[i].x509);
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index 9a018547ab..8cedc29490 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.216 2018/10/24 18:04:50 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.217 2018/11/05 03:49:44 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -947,8 +947,6 @@ typedef struct cert_st {
 	DH *(*dh_tmp_cb)(SSL *ssl, int is_export, int keysize);
 	int dh_tmp_auto;
 
-	EC_KEY *ecdh_tmp;
-
 	CERT_PKEY pkeys[SSL_PKEY_NUM];
 
 	int references; /* >1 only if SSL_copy_session_id is used */
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c
index 0a00e4da7f..30305e6b2f 100644
--- a/src/lib/libssl/t1_lib.c
+++ b/src/lib/libssl/t1_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_lib.c,v 1.144 2018/08/24 18:10:25 jsing Exp $ */
+/* $OpenBSD: t1_lib.c,v 1.145 2018/11/05 03:49:44 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -608,20 +608,11 @@ tls1_check_ec_server_key(SSL *s)
 int
 tls1_check_ec_tmp_key(SSL *s)
 {
-	EC_KEY *ec = s->cert->ecdh_tmp;
-	uint16_t curve_id;
-
 	/* Need a shared curve. */
 	if (tls1_get_shared_curve(s) != NID_undef)
 		return (1);
 
-	if (ec == NULL)
-		return (0);
-
-	if (tls1_set_ec_id(&curve_id, NULL, ec) != 1)
-		return (0);
-
-	return tls1_check_ec_key(s, &curve_id, NULL);
+	return (0);
 }
 
 /*
-- 
cgit v1.2.3-55-g6feb