diff options
Diffstat (limited to 'ssl/s3_srvr.c')
-rw-r--r-- | ssl/s3_srvr.c | 21 |
1 files changed, 6 insertions, 15 deletions
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index 6c0bdcf437..e5a32ee90f 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -453,20 +453,11 @@ int ssl3_accept(SSL *s) case SSL3_ST_SW_KEY_EXCH_B: alg_k = s->s3->tmp.new_cipher->algorithm_mkey; - /* clear this, it may get reset by - * send_server_key_exchange */ - if ((s->options & SSL_OP_EPHEMERAL_RSA) -#ifndef OPENSSL_NO_KRB5 - && !(alg_k & SSL_kKRB5) -#endif /* OPENSSL_NO_KRB5 */ - ) - /* option SSL_OP_EPHEMERAL_RSA sends temporary RSA key - * even when forbidden by protocol specs - * (handshake may fail as clients are not required to - * be able to handle this) */ - s->s3->tmp.use_rsa_tmp=1; - else - s->s3->tmp.use_rsa_tmp=0; + /* + * clear this, it may get reset by + * send_server_key_exchange + */ + s->s3->tmp.use_rsa_tmp=0; /* only send if a DH key exchange, fortezza or @@ -480,7 +471,7 @@ int ssl3_accept(SSL *s) * server certificate contains the server's * public key for key exchange. */ - if (s->s3->tmp.use_rsa_tmp + if ( /* PSK: send ServerKeyExchange if PSK identity * hint if provided */ #ifndef OPENSSL_NO_PSK |