Stop attempting to duplicate the public and private key of dh_tmp.

Support for non-ephemeral DH was removed a very long time ago - the only
way that dh_tmp is set is via DHparams_dup(), hence the public and private
keys are always going to be NULL.

ok inoguchi@ tb@

diff --git a/lib/libssl/ssl_cert.c b/lib/libssl/ssl_cert.c
index 6eece6d..faa9886 100644 (file)
--- a/lib/libssl/ssl_cert.c
+++ b/lib/libssl/ssl_cert.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_cert.c,v 1.89 2022/01/06 18:23:56 jsing Exp $ */
+/* $OpenBSD: ssl_cert.c,v 1.90 2022/01/07 15:56:33 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -201,22 +201,6 @@ ssl_cert_dup(CERT *cert)
                        SSLerrorx(ERR_R_DH_LIB);
                        goto err;
                }
-               if (cert->dh_tmp->priv_key) {
-                       BIGNUM *b = BN_dup(cert->dh_tmp->priv_key);
-                       if (!b) {
-                               SSLerrorx(ERR_R_BN_LIB);
-                               goto err;
-                       }
-                       ret->dh_tmp->priv_key = b;
-               }
-               if (cert->dh_tmp->pub_key) {
-                       BIGNUM *b = BN_dup(cert->dh_tmp->pub_key);
-                       if (!b) {
-                               SSLerrorx(ERR_R_BN_LIB);
-                               goto err;
-                       }
-                       ret->dh_tmp->pub_key = b;
-               }
        }
        ret->dh_tmp_cb = cert->dh_tmp_cb;
        ret->dh_tmp_auto = cert->dh_tmp_auto;