From: Art Cancro <ajc@citadel.org>
Date: Thu, 26 Oct 2017 03:18:51 +0000 (-0400)
Subject: remove DH parameter stuff that isn't needed and doesn't work with newer openssl
X-Git-Tag: v939~516
X-Git-Url: https://code.citadel.org/?p=citadel.git;a=commitdiff_plain;h=d1edb424b7f46e5db4f127a12a19c0dc3f864c65

remove DH parameter stuff that isn't needed and doesn't work with newer openssl
---

diff --git a/citadel/modules/crypto/serv_crypto.c b/citadel/modules/crypto/serv_crypto.c
index eea501d39..6296e5dc3 100644
--- a/citadel/modules/crypto/serv_crypto.c
+++ b/citadel/modules/crypto/serv_crypto.c
@@ -74,7 +74,6 @@ void destruct_ssl(void)
 void init_ssl(void)
 {
 	const SSL_METHOD *ssl_method;
-	DH *dh;
 	RSA *rsa=NULL;
 	X509_REQ *req = NULL;
 	X509 *cer = NULL;
@@ -136,8 +135,9 @@ void init_ssl(void)
 	CRYPTO_set_locking_callback(ssl_lock);
 	CRYPTO_set_id_callback(id_callback);
 
+#if 0 // this doesn't work in newer openssl
 	/* Load DH parameters into the context */
-	dh = DH_new();
+	DH *dh = DH_new();
 	if (!dh) {
 		syslog(LOG_CRIT, "init_ssl() can't allocate a DH object: %s", ERR_reason_error_string(ERR_get_error()));
 		SSL_CTX_free(ssl_ctx);
@@ -159,6 +159,7 @@ void init_ssl(void)
 	dh->length = DH_L;
 	SSL_CTX_set_tmp_dh(ssl_ctx, dh);
 	DH_free(dh);
+#endif // this doesn't work in newer openssl
 
 	/* Get our certificates in order.
 	 * First, create the key/cert directory if it's not there already...