From 8534b1260f72d603c4ba279939b6aca94ce0402c Mon Sep 17 00:00:00 2001 From: jsing Date: Fri, 7 Jan 2022 15:56:33 +0000 Subject: [PATCH] Stop attempting to duplicate the public and private key of dh_tmp. Support for non-ephemeral DH was removed a very long time ago - the only way that dh_tmp is set is via DHparams_dup(), hence the public and private keys are always going to be NULL. ok inoguchi@ tb@ --- lib/libssl/ssl_cert.c | 18 +----------------- 1 file changed, 1 insertion(+), 17 deletions(-) diff --git a/lib/libssl/ssl_cert.c b/lib/libssl/ssl_cert.c index 6eece6d9442..faa9886b90e 100644 --- a/lib/libssl/ssl_cert.c +++ b/lib/libssl/ssl_cert.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_cert.c,v 1.89 2022/01/06 18:23:56 jsing Exp $ */ +/* $OpenBSD: ssl_cert.c,v 1.90 2022/01/07 15:56:33 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -201,22 +201,6 @@ ssl_cert_dup(CERT *cert) SSLerrorx(ERR_R_DH_LIB); goto err; } - if (cert->dh_tmp->priv_key) { - BIGNUM *b = BN_dup(cert->dh_tmp->priv_key); - if (!b) { - SSLerrorx(ERR_R_BN_LIB); - goto err; - } - ret->dh_tmp->priv_key = b; - } - if (cert->dh_tmp->pub_key) { - BIGNUM *b = BN_dup(cert->dh_tmp->pub_key); - if (!b) { - SSLerrorx(ERR_R_BN_LIB); - goto err; - } - ret->dh_tmp->pub_key = b; - } } ret->dh_tmp_cb = cert->dh_tmp_cb; ret->dh_tmp_auto = cert->dh_tmp_auto; -- 2.20.1