Remove Kerberos support from libssl

Remove RFC2712 Kerberos support from libssl. This code and the associated standard is no longer considered fit-for-purpose. Reviewed-by: Rich Salz <rsalz@openssl.org>
author: Matt Caswell <matt@openssl.org> 2015-05-12 10:27:53 +0100
committer: Matt Caswell <matt@openssl.org> 2015-05-13 15:07:57 +0100
commit: 55a9a16f1c02837058173c41fa26f36ec3acd22e (patch)
tree: f024c722a4f3b06861b7976a4266afe24646a43d /ssl/d1_srvr.c
parent: 5561419a6033f8ccad9399d5386d6941c0aa44ae (diff)
1 files changed, 4 insertions, 8 deletions
diff --git a/ssl/d1_srvr.c b/ssl/d1_srvr.c
index 94bd435e7a..ac2a0067cf 100644
--- a/ssl/d1_srvr.c
+++ b/ssl/d1_srvr.c
@@ -526,16 +526,12 @@ int dtls1_accept(SSL *s)
                     * RFC 2246):
                     */
                    ((s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) &&
-                    /*
-                     * ... except when the application insists on
-                     * verification (against the specs, but s3_clnt.c accepts
-                     * this for SSL 3)
-                     */
-                    !(s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) ||
                    /*
-                    * never request cert in Kerberos ciphersuites
+                    * ... except when the application insists on
+                    * verification (against the specs, but s3_clnt.c accepts
+                    * this for SSL 3)
                     */
-                   (s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5)
+                   !(s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT))
                    /*
                     * With normal PSK Certificates and Certificate Requests
                     * are omitted
author	Matt Caswell <matt@openssl.org>	2015-05-12 10:27:53 +0100
committer	Matt Caswell <matt@openssl.org>	2015-05-13 15:07:57 +0100
commit	55a9a16f1c02837058173c41fa26f36ec3acd22e (patch)
tree	f024c722a4f3b06861b7976a4266afe24646a43d /ssl/d1_srvr.c
parent	5561419a6033f8ccad9399d5386d6941c0aa44ae (diff)