Deprecate SSL_CTRL_SET_TMP_DH and other related ctrls

These ctrls pass around a DH object which is now deprecated, so we deprecate the ctrls themselves. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13368)
author: Matt Caswell <matt@openssl.org> 2020-10-14 15:06:28 +0100
committer: Matt Caswell <matt@openssl.org> 2020-11-18 14:14:51 +0000
commit: 1b2b475517054d26a555269acacdb0ab7072bc6e (patch)
tree: b665eefa97e4cb1a3f5573d77627af7ad28b27df /ssl/statem
parent: 1ee22dc26873e68b73b693ffb5d99a6e9644b45f (diff)
1 files changed, 3 insertions, 2 deletions
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
index d45afebf07..bc2695e1ba 100644
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -2469,15 +2469,16 @@ int tls_construct_server_key_exchange(SSL *s, WPACKET *pkt)
         } else {
             pkdhp = cert->dh_tmp;
         }
+#ifndef OPENSSL_NO_DEPRECATED_3_0
         if ((pkdhp == NULL) && (s->cert->dh_tmp_cb != NULL)) {
-            DH *dhp = s->cert->dh_tmp_cb(s, 0, 1024);
-            pkdh = ssl_dh_to_pkey(dhp);
+            pkdh = ssl_dh_to_pkey(s->cert->dh_tmp_cb(s, 0, 1024));
             if (pkdh == NULL) {
                 SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
                 goto err;
             }
             pkdhp = pkdh;
         }
+#endif
         if (pkdhp == NULL) {
             SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_R_MISSING_TMP_DH_KEY);
             goto err;
author	Matt Caswell <matt@openssl.org>	2020-10-14 15:06:28 +0100
committer	Matt Caswell <matt@openssl.org>	2020-11-18 14:14:51 +0000
commit	1b2b475517054d26a555269acacdb0ab7072bc6e (patch)
tree	b665eefa97e4cb1a3f5573d77627af7ad28b27df /ssl/statem
parent	1ee22dc26873e68b73b693ffb5d99a6e9644b45f (diff)