Disable the DHParameters config option in a no-deprecated build

This option calls SSL_set_tmp_dh() which does not exist in a no-deprecated build. We need to implement an alternative. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13368)
author: Matt Caswell <matt@openssl.org> 2020-10-14 17:13:45 +0100
committer: Matt Caswell <matt@openssl.org> 2020-11-18 14:14:52 +0000
commit: 8b7df247b7538e97133c50aaf27813d30677f729 (patch)
tree: 554b20783f9fccbd0c24db9ebac71954e5f0c913 /ssl/ssl_conf.c
parent: 936d5657680bba3315aec6d7cdc04ea8cab9050e (diff)
1 files changed, 3 insertions, 2 deletions
diff --git a/ssl/ssl_conf.c b/ssl/ssl_conf.c
index 96fddfd4cc..2311df5d84 100644
--- a/ssl/ssl_conf.c
+++ b/ssl/ssl_conf.c
@@ -574,7 +574,8 @@ static int cmd_ClientCAStore(SSL_CONF_CTX *cctx, const char *value)
     return cmd_RequestCAStore(cctx, value);
 }
 
-#ifndef OPENSSL_NO_DH
+#if !defined(OPENSSL_NO_DH) && !defined(OPENSSL_NO_DEPRECATED_3_0)
+/* TODO(3.0): We need a 3.0 friendly way of doing this */
 static int cmd_DHParameters(SSL_CONF_CTX *cctx, const char *value)
 {
     int rv = 0;
@@ -726,7 +727,7 @@ static const ssl_conf_cmd_tbl ssl_conf_cmds[] = {
     SSL_CONF_CMD(ClientCAStore, NULL,
                  SSL_CONF_FLAG_SERVER | SSL_CONF_FLAG_CERTIFICATE,
                  SSL_CONF_TYPE_STORE),
-#ifndef OPENSSL_NO_DH
+#if !defined(OPENSSL_NO_DH) && !defined(OPENSSL_NO_DEPRECATED_3_0)
     SSL_CONF_CMD(DHParameters, "dhparam",
                  SSL_CONF_FLAG_SERVER | SSL_CONF_FLAG_CERTIFICATE,
                  SSL_CONF_TYPE_FILE),
author	Matt Caswell <matt@openssl.org>	2020-10-14 17:13:45 +0100
committer	Matt Caswell <matt@openssl.org>	2020-11-18 14:14:52 +0000
commit	8b7df247b7538e97133c50aaf27813d30677f729 (patch)
tree	554b20783f9fccbd0c24db9ebac71954e5f0c913 /ssl/ssl_conf.c
parent	936d5657680bba3315aec6d7cdc04ea8cab9050e (diff)