Remove OPENSSL_NO_DH guards from libssl

This removes man unnecessary OPENSSL_NO_DH guards from libssl. Now that
libssl is entirely using the EVP APIs and implementations can be plugged
in via providers it is no longer needed to disable DH at compile time in
libssl. Instead it should detect at runtime whether DH is available from
the loaded providers.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13916)

1 files changed, 0 insertions, 23 deletions

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 5adc6f71a9..a87da32c62 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -3505,9 +3505,7 @@ void ssl_set_masks(SSL *s)
         return;
 
     dh_tmp = (c->dh_tmp != NULL
-#ifndef OPENSSL_NO_DH
               || c->dh_tmp_cb != NULL
-#endif
               || c->dh_tmp_auto);
 
     rsa_enc = pvalid[SSL_PKEY_RSA] & CERT_PKEY_VALID;
@@ -4483,27 +4481,6 @@ int SSL_want(const SSL *s)
     return s->rwstate;
 }
 
-/**
- * \brief Set the callback for generating temporary DH keys.
- * \param ctx the SSL context.
- * \param dh the callback
- */
-
-#if !defined(OPENSSL_NO_DH) && !defined(OPENSSL_NO_DEPRECATED_3_0)
-void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
-                                 DH *(*dh) (SSL *ssl, int is_export,
-                                            int keylength))
-{
-    SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_DH_CB, (void (*)(void))dh);
-}
-
-void SSL_set_tmp_dh_callback(SSL *ssl, DH *(*dh) (SSL *ssl, int is_export,
-                                                  int keylength))
-{
-    SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_DH_CB, (void (*)(void))dh);
-}
-#endif
-
 #ifndef OPENSSL_NO_PSK
 int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *identity_hint)
 {