remove DH parameter stuff that isn't needed and doesn't work with newer openssl

author Art Cancro <ajc@citadel.org>

Thu, 26 Oct 2017 03:18:51 +0000 (23:18 -0400)

committer Art Cancro <ajc@citadel.org>

Thu, 26 Oct 2017 03:18:51 +0000 (23:18 -0400)
author Art Cancro <ajc@citadel.org>
Thu, 26 Oct 2017 03:18:51 +0000 (23:18 -0400)
committer Art Cancro <ajc@citadel.org>
Thu, 26 Oct 2017 03:18:51 +0000 (23:18 -0400)
diff --git a/citadel/modules/crypto/serv_crypto.c b/citadel/modules/crypto/serv_crypto.c

index eea501d39207fe030b52815f32e2d5c083102099..6296e5dc30d907a6a5731ced30e0882cc071ff7b 100644 (file)
--- a/citadel/modules/crypto/serv_crypto.c
+++ b/citadel/modules/crypto/serv_crypto.c
@@ -74,7 +74,6 @@ void destruct_ssl(void)
  void init_ssl(void)
  {
         const SSL_METHOD *ssl_method;
-       DH *dh;
         RSA *rsa=NULL;
         X509_REQ *req = NULL;
         X509 *cer = NULL;
@@ -136,8 +135,9 @@ void init_ssl(void)
         CRYPTO_set_locking_callback(ssl_lock);
         CRYPTO_set_id_callback(id_callback);
  
+#if 0 // this doesn't work in newer openssl
         /* Load DH parameters into the context */
-       dh = DH_new();
+       DH *dh = DH_new();
         if (!dh) {
                 syslog(LOG_CRIT, "init_ssl() can't allocate a DH object: %s", ERR_reason_error_string(ERR_get_error()));
                 SSL_CTX_free(ssl_ctx);
@@ -159,6 +159,7 @@ void init_ssl(void)
         dh->length = DH_L;
         SSL_CTX_set_tmp_dh(ssl_ctx, dh);
         DH_free(dh);
+#endif // this doesn't work in newer openssl
  
         /* Get our certificates in order.
          * First, create the key/cert directory if it's not there already...
author	Art Cancro <ajc@citadel.org>
	Thu, 26 Oct 2017 03:18:51 +0000 (23:18 -0400)
committer	Art Cancro <ajc@citadel.org>
	Thu, 26 Oct 2017 03:18:51 +0000 (23:18 -0400)