Remove ECDH client auth code. Remove incomplete non-functional ECDH client authentication code. Reviewed-by: Richard Levitte <levitte@openssl.org>

commit: c66ce5eb23f7611bd2822650d6ffeacbe0671072 [log] [tgz]
author: Dr. Stephen Henson <steve@openssl.org> Sat Dec 12 17:41:18 2015 +0000
committer: Dr. Stephen Henson <steve@openssl.org> Wed Dec 16 14:17:53 2015 +0000
tree: 6c4036dd162eb9e348e53c2d1c09543995c09b6f
parent: 57be4444c645247d15428217e289ae36e5c3e6a8 [diff] [blame]
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index c08065f..fd10128 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c

@@ -4722,14 +4722,8 @@
         p[ret++] = SSL3_CT_DSS_SIGN;
 #endif
 #ifndef OPENSSL_NO_EC
-    if ((alg_k & (SSL_kECDHr | SSL_kECDHe)) && (s->version >= TLS1_VERSION)) {
-        if (nostrict || !(alg_a & SSL_aRSA))
-            p[ret++] = TLS_CT_RSA_FIXED_ECDH;
-        if (nostrict || !(alg_a & SSL_aECDSA))
-            p[ret++] = TLS_CT_ECDSA_FIXED_ECDH;
-    }
     /*
-     * ECDSA certs can be used with RSA cipher suites as well so we don't
+     * ECDSA certs can be used with RSA cipher suites too so we don't
      * need to check for SSL_kECDH or SSL_kECDHE
      */
     if (s->version >= TLS1_VERSION) {
commit	c66ce5eb23f7611bd2822650d6ffeacbe0671072	[log] [tgz]
author	Dr. Stephen Henson <steve@openssl.org>	Sat Dec 12 17:41:18 2015 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	Wed Dec 16 14:17:53 2015 +0000
tree	6c4036dd162eb9e348e53c2d1c09543995c09b6f
parent	57be4444c645247d15428217e289ae36e5c3e6a8 [diff] [blame]