remove Kerberos

diff --git a/lib/libssl/src/apps/s_client.c b/lib/libssl/src/apps/s_client.c
index e409589..3dc613e 100644 (file)
--- a/lib/libssl/src/apps/s_client.c
+++ b/lib/libssl/src/apps/s_client.c
@@ -418,9 +418,6 @@ s_client_main(int argc, char **argv)
 {
        unsigned int off = 0, clr = 0;
        SSL *con = NULL;
-#ifndef OPENSSL_NO_KRB5
-       KSSL_CTX *kctx;
-#endif
        int s, k, width, state = 0, af = AF_UNSPEC;
        char *cbuf = NULL, *sbuf = NULL, *mbuf = NULL;
        int cbuf_len, cbuf_off;
@@ -963,12 +960,6 @@ bad:
                }
        }
 #endif
-#ifndef OPENSSL_NO_KRB5
-       if (con && (kctx = kssl_ctx_new()) != NULL) {
-               SSL_set0_kssl_ctx(con, kctx);
-               kssl_ctx_setstring(kctx, KSSL_SERVER, host);
-       }
-#endif                         /* OPENSSL_NO_KRB5  */
 /*     SSL_set_cipher_list(con,"RC4-MD5"); */
 #if 0
 #ifdef TLSEXT_TYPE_opaque_prf_input

diff --git a/lib/libssl/src/apps/s_server.c b/lib/libssl/src/apps/s_server.c
index 22e3c18..c348167 100644 (file)
--- a/lib/libssl/src/apps/s_server.c
+++ b/lib/libssl/src/apps/s_server.c
@@ -1557,9 +1557,6 @@ sv_body(char *hostname, int s, unsigned char *context)
        unsigned long l;
        SSL *con = NULL;
        BIO *sbio;
-#ifndef OPENSSL_NO_KRB5
-       KSSL_CTX *kctx;
-#endif
        struct timeval timeout;
        struct timeval *timeoutp;
 
@@ -1589,13 +1586,6 @@ sv_body(char *hostname, int s, unsigned char *context)
                        SSL_CTX_set_tlsext_status_arg(ctx, &tlscstatp);
                }
 #endif
-#ifndef OPENSSL_NO_KRB5
-               if ((kctx = kssl_ctx_new()) != NULL) {
-                       SSL_set0_kssl_ctx(con, kctx);
-                       kssl_ctx_setstring(kctx, KSSL_SERVICE, KRB5SVC);
-                       kssl_ctx_setstring(kctx, KSSL_KEYTAB, KRB5KEYTAB);
-               }
-#endif                         /* OPENSSL_NO_KRB5 */
                if (context)
                        SSL_set_session_id_context(con, context,
                            strlen((char *) context));
@@ -1885,9 +1875,6 @@ init_ssl_connection(SSL * con)
        X509 *peer;
        long verify_error;
        char buf[BUFSIZ];
-#ifndef OPENSSL_NO_KRB5
-       char *client_princ;
-#endif
 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
        const unsigned char *next_proto_neg;
        unsigned next_proto_neg_len;
@@ -1951,13 +1938,6 @@ init_ssl_connection(SSL * con)
            TLS1_FLAGS_TLS_PADDING_BUG)
                BIO_printf(bio_s_out,
                    "Peer has incorrect TLSv1 block padding\n");
-#ifndef OPENSSL_NO_KRB5
-       client_princ = kssl_ctx_get0_client_princ(SSL_get0_kssl_ctx(con));
-       if (client_princ != NULL) {
-               BIO_printf(bio_s_out, "Kerberos peer principal is %s\n",
-                   client_princ);
-       }
-#endif                         /* OPENSSL_NO_KRB5 */
        BIO_printf(bio_s_out, "Secure Renegotiation IS%s supported\n",
            SSL_get_secure_renegotiation_support(con) ? "" : " NOT");
        if (keymatexportlabel != NULL) {
@@ -2002,9 +1982,6 @@ err:
        return (ret);
 }
 #endif
-#ifndef OPENSSL_NO_KRB5
-char *client_princ;
-#endif
 
 #if 0
 static int 
@@ -2037,9 +2014,6 @@ www_body(char *hostname, int s, unsigned char *context)
        SSL *con;
        const SSL_CIPHER *c;
        BIO *io, *ssl_bio, *sbio;
-#ifndef OPENSSL_NO_KRB5
-       KSSL_CTX *kctx;
-#endif
 
        buf = malloc(bufsize);
        if (buf == NULL)
@@ -2070,12 +2044,6 @@ www_body(char *hostname, int s, unsigned char *context)
                SSL_set_tlsext_debug_arg(con, bio_s_out);
        }
 #endif
-#ifndef OPENSSL_NO_KRB5
-       if ((kctx = kssl_ctx_new()) != NULL) {
-               kssl_ctx_setstring(kctx, KSSL_SERVICE, KRB5SVC);
-               kssl_ctx_setstring(kctx, KSSL_KEYTAB, KRB5KEYTAB);
-       }
-#endif                         /* OPENSSL_NO_KRB5 */
        if (context)
                SSL_set_session_id_context(con, context,
                    strlen((char *) context));