diff options
author | Matt Caswell <matt@openssl.org> | 2015-05-12 10:27:53 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2015-05-13 15:07:57 +0100 |
commit | 55a9a16f1c02837058173c41fa26f36ec3acd22e (patch) | |
tree | f024c722a4f3b06861b7976a4266afe24646a43d /ssl/d1_srvr.c | |
parent | 5561419a6033f8ccad9399d5386d6941c0aa44ae (diff) |
Remove Kerberos support from libssl
Remove RFC2712 Kerberos support from libssl. This code and the associated
standard is no longer considered fit-for-purpose.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Diffstat (limited to 'ssl/d1_srvr.c')
-rw-r--r-- | ssl/d1_srvr.c | 12 |
1 files changed, 4 insertions, 8 deletions
diff --git a/ssl/d1_srvr.c b/ssl/d1_srvr.c index 94bd435e7a..ac2a0067cf 100644 --- a/ssl/d1_srvr.c +++ b/ssl/d1_srvr.c @@ -526,16 +526,12 @@ int dtls1_accept(SSL *s) * RFC 2246): */ ((s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) && - /* - * ... except when the application insists on - * verification (against the specs, but s3_clnt.c accepts - * this for SSL 3) - */ - !(s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) || /* - * never request cert in Kerberos ciphersuites + * ... except when the application insists on + * verification (against the specs, but s3_clnt.c accepts + * this for SSL 3) */ - (s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5) + !(s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) /* * With normal PSK Certificates and Certificate Requests * are omitted |