Remove support for SSL_{CTX_}set_tmp_ecdh_callback().

This only gets used to set a specific curve without actually checking that the peer supports it or not and can therefor result in handshake failures that can be avoided by selecting a different cipher. Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
author: Kurt Roeckx <kurt@roeckx.be> 2015-12-04 22:22:31 +0100
committer: Kurt Roeckx <kurt@roeckx.be> 2015-12-04 22:22:31 +0100
commit: 6f78b9e824c053d062188578635c575017b587c5 (patch)
tree: 384ac167954740453837f37e9ad0cbadcb5888b7 /ssl/statem/statem_srvr.c
parent: ad3819c29ed91ee31ebc806939e6104970694811 (diff)
1 files changed, 0 insertions, 6 deletions
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
index bdeaf7e0e0..fb64106350 100644
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -1874,12 +1874,6 @@ int tls_construct_server_key_exchange(SSL *s)
             int nid = tls1_shared_curve(s, -2);
             if (nid != NID_undef)
                 ecdhp = EC_KEY_new_by_curve_name(nid);
-        } else if ((ecdhp == NULL) && s->cert->ecdh_tmp_cb) {
-            ecdhp = s->cert->ecdh_tmp_cb(s,
-                                         SSL_C_IS_EXPORT(s->s3->
-                                                         tmp.new_cipher),
-                                         SSL_C_EXPORT_PKEYLENGTH(s->
-                                                                 s3->tmp.new_cipher));
         }
         if (ecdhp == NULL) {
             al = SSL_AD_HANDSHAKE_FAILURE;
author	Kurt Roeckx <kurt@roeckx.be>	2015-12-04 22:22:31 +0100
committer	Kurt Roeckx <kurt@roeckx.be>	2015-12-04 22:22:31 +0100
commit	6f78b9e824c053d062188578635c575017b587c5 (patch)
tree	384ac167954740453837f37e9ad0cbadcb5888b7 /ssl/statem/statem_srvr.c
parent	ad3819c29ed91ee31ebc806939e6104970694811 (diff)