From 84fcac6975f449ac5ac93c8e1f9dd1b486038c0a Mon Sep 17 00:00:00 2001 From: tedu Date: Tue, 6 May 2014 01:54:42 +0000 Subject: [PATCH] remove Kerberos --- lib/libssl/src/apps/s_client.c | 9 --------- lib/libssl/src/apps/s_server.c | 32 -------------------------------- 2 files changed, 41 deletions(-) diff --git a/lib/libssl/src/apps/s_client.c b/lib/libssl/src/apps/s_client.c index e409589eb45..3dc613ebc2f 100644 --- a/lib/libssl/src/apps/s_client.c +++ b/lib/libssl/src/apps/s_client.c @@ -418,9 +418,6 @@ s_client_main(int argc, char **argv) { unsigned int off = 0, clr = 0; SSL *con = NULL; -#ifndef OPENSSL_NO_KRB5 - KSSL_CTX *kctx; -#endif int s, k, width, state = 0, af = AF_UNSPEC; char *cbuf = NULL, *sbuf = NULL, *mbuf = NULL; int cbuf_len, cbuf_off; @@ -963,12 +960,6 @@ bad: } } #endif -#ifndef OPENSSL_NO_KRB5 - if (con && (kctx = kssl_ctx_new()) != NULL) { - SSL_set0_kssl_ctx(con, kctx); - kssl_ctx_setstring(kctx, KSSL_SERVER, host); - } -#endif /* OPENSSL_NO_KRB5 */ /* SSL_set_cipher_list(con,"RC4-MD5"); */ #if 0 #ifdef TLSEXT_TYPE_opaque_prf_input diff --git a/lib/libssl/src/apps/s_server.c b/lib/libssl/src/apps/s_server.c index 22e3c18ada7..c34816749a2 100644 --- a/lib/libssl/src/apps/s_server.c +++ b/lib/libssl/src/apps/s_server.c @@ -1557,9 +1557,6 @@ sv_body(char *hostname, int s, unsigned char *context) unsigned long l; SSL *con = NULL; BIO *sbio; -#ifndef OPENSSL_NO_KRB5 - KSSL_CTX *kctx; -#endif struct timeval timeout; struct timeval *timeoutp; @@ -1589,13 +1586,6 @@ sv_body(char *hostname, int s, unsigned char *context) SSL_CTX_set_tlsext_status_arg(ctx, &tlscstatp); } #endif -#ifndef OPENSSL_NO_KRB5 - if ((kctx = kssl_ctx_new()) != NULL) { - SSL_set0_kssl_ctx(con, kctx); - kssl_ctx_setstring(kctx, KSSL_SERVICE, KRB5SVC); - kssl_ctx_setstring(kctx, KSSL_KEYTAB, KRB5KEYTAB); - } -#endif /* OPENSSL_NO_KRB5 */ if (context) SSL_set_session_id_context(con, context, strlen((char *) context)); @@ -1885,9 +1875,6 @@ init_ssl_connection(SSL * con) X509 *peer; long verify_error; char buf[BUFSIZ]; -#ifndef OPENSSL_NO_KRB5 - char *client_princ; -#endif #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) const unsigned char *next_proto_neg; unsigned next_proto_neg_len; @@ -1951,13 +1938,6 @@ init_ssl_connection(SSL * con) TLS1_FLAGS_TLS_PADDING_BUG) BIO_printf(bio_s_out, "Peer has incorrect TLSv1 block padding\n"); -#ifndef OPENSSL_NO_KRB5 - client_princ = kssl_ctx_get0_client_princ(SSL_get0_kssl_ctx(con)); - if (client_princ != NULL) { - BIO_printf(bio_s_out, "Kerberos peer principal is %s\n", - client_princ); - } -#endif /* OPENSSL_NO_KRB5 */ BIO_printf(bio_s_out, "Secure Renegotiation IS%s supported\n", SSL_get_secure_renegotiation_support(con) ? "" : " NOT"); if (keymatexportlabel != NULL) { @@ -2002,9 +1982,6 @@ err: return (ret); } #endif -#ifndef OPENSSL_NO_KRB5 -char *client_princ; -#endif #if 0 static int @@ -2037,9 +2014,6 @@ www_body(char *hostname, int s, unsigned char *context) SSL *con; const SSL_CIPHER *c; BIO *io, *ssl_bio, *sbio; -#ifndef OPENSSL_NO_KRB5 - KSSL_CTX *kctx; -#endif buf = malloc(bufsize); if (buf == NULL) @@ -2070,12 +2044,6 @@ www_body(char *hostname, int s, unsigned char *context) SSL_set_tlsext_debug_arg(con, bio_s_out); } #endif -#ifndef OPENSSL_NO_KRB5 - if ((kctx = kssl_ctx_new()) != NULL) { - kssl_ctx_setstring(kctx, KSSL_SERVICE, KRB5SVC); - kssl_ctx_setstring(kctx, KSSL_KEYTAB, KRB5KEYTAB); - } -#endif /* OPENSSL_NO_KRB5 */ if (context) SSL_set_session_id_context(con, context, strlen((char *) context)); -- 2.20.1