Google Git
Sign in
flutter/third_party/openssl/c66ce5eb23f7611bd2822650d6ffeacbe0671072^!/./ssl/s3_lib.c
commit
c66ce5eb23f7611bd2822650d6ffeacbe0671072
[log]
author
Dr. Stephen Henson <steve@openssl.org>
Sat Dec 12 17:41:18 2015 +0000
committer
Dr. Stephen Henson <steve@openssl.org>
Wed Dec 16 14:17:53 2015 +0000
tree
6c4036dd162eb9e348e53c2d1c09543995c09b6f
parent
57be4444c645247d15428217e289ae36e5c3e6a8 [diff] [blame]
Remove ECDH client auth code.

Remove incomplete non-functional ECDH client authentication code.

Reviewed-by: Richard Levitte <levitte@openssl.org>

diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index c08065f..fd10128 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c

@@ -4722,14 +4722,8 @@
         p[ret++] = SSL3_CT_DSS_SIGN;
 #endif
 #ifndef OPENSSL_NO_EC
-    if ((alg_k & (SSL_kECDHr | SSL_kECDHe)) && (s->version >= TLS1_VERSION)) {
-        if (nostrict || !(alg_a & SSL_aRSA))
-            p[ret++] = TLS_CT_RSA_FIXED_ECDH;
-        if (nostrict || !(alg_a & SSL_aECDSA))
-            p[ret++] = TLS_CT_ECDSA_FIXED_ECDH;
-    }
     /*
-     * ECDSA certs can be used with RSA cipher suites as well so we don't
+     * ECDSA certs can be used with RSA cipher suites too so we don't
      * need to check for SSL_kECDH or SSL_kECDHE
      */
     if (s->version >= TLS1_VERSION) {