Remove support for opaque-prf

An expired IETF Internet-Draft (seven years old) that nobody implements, and probably just as good as NSA DRBG work. Reviewed-by: Richard Levitte <levitte@openssl.org>
author: Rich Salz <rsalz@openssl.org> 2015-01-28 14:53:04 -0500
committer: Rich Salz <rsalz@openssl.org> 2015-01-28 15:37:16 -0500
commit: 68fd6dce73e07cb9a5944e8667455f2f9a80d52e (patch)
tree: 7abb0e387c58611dc379ae8976292fec86d05db8 /ssl/t1_enc.c
parent: 31b446e212e2209d62e66a608e540716716430e4 (diff)
1 files changed, 0 insertions, 16 deletions
diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index 693a1b0fef..3f4973e9ac 100644
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -1099,22 +1099,6 @@ int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
             len);
 #endif                          /* KSSL_DEBUG */
 
-#ifdef TLSEXT_TYPE_opaque_prf_input
-    if (s->s3->client_opaque_prf_input != NULL
-        && s->s3->server_opaque_prf_input != NULL
-        && s->s3->client_opaque_prf_input_len > 0
-        && s->s3->client_opaque_prf_input_len ==
-        s->s3->server_opaque_prf_input_len) {
-        co = s->s3->client_opaque_prf_input;
-        col = s->s3->server_opaque_prf_input_len;
-        so = s->s3->server_opaque_prf_input;
-        /*
-         * must be same as col (see
-         * draft-resc-00.txts-opaque-prf-input-00.txt, section 3.1)
-         */
-        sol = s->s3->client_opaque_prf_input_len;
-    }
-#endif
 
     tls1_PRF(ssl_get_algorithm2(s),
              TLS_MD_MASTER_SECRET_CONST, TLS_MD_MASTER_SECRET_CONST_SIZE,
author	Rich Salz <rsalz@openssl.org>	2015-01-28 14:53:04 -0500
committer	Rich Salz <rsalz@openssl.org>	2015-01-28 15:37:16 -0500
commit	68fd6dce73e07cb9a5944e8667455f2f9a80d52e (patch)
tree	7abb0e387c58611dc379ae8976292fec86d05db8 /ssl/t1_enc.c
parent	31b446e212e2209d62e66a608e540716716430e4 (diff)