From: Jouni Malinen <j@w1.fi>
Date: Sat, 16 Apr 2022 07:45:17 +0000 (+0300)
Subject: Remove unused dh_blob parameter
X-Git-Tag: hostap_2_11~2058
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=28c1c91d03ab985d688ca2d7d592202cf9ec8c27;p=thirdparty%2Fhostap.git

Remove unused dh_blob parameter

This was used earlier in the wpa_supplicant configuration, but there was
no real use for that, so remove the now completely unused parameter to
simplify implementation.

Signed-off-by: Jouni Malinen <j@w1.fi>
---

diff --git a/src/crypto/tls.h b/src/crypto/tls.h
index 09fb73b1a..ccaac94c9 100644
--- a/src/crypto/tls.h
+++ b/src/crypto/tls.h
@@ -148,8 +148,6 @@ struct tls_config {
  * @private_key_passwd: Passphrase for decrypted private key, %NULL if no
  * passphrase is used.
  * @dh_file: File name for DH/DSA data in PEM format, or %NULL if not used
- * @dh_blob: dh_file as inlined data or %NULL if not used
- * @dh_blob_len: dh_blob length
  * @engine: 1 = use engine (e.g., a smartcard) for private key operations
  * (this is OpenSSL specific for now)
  * @engine_id: engine id string (this is OpenSSL specific for now)
@@ -198,8 +196,6 @@ struct tls_connection_params {
 	const char *private_key_passwd;
 	const char *private_key_passwd2;
 	const char *dh_file;
-	const u8 *dh_blob;
-	size_t dh_blob_len;
 
 	/* OpenSSL specific variables */
 	int engine;
diff --git a/src/crypto/tls_internal.c b/src/crypto/tls_internal.c
index d7c4743c2..ef33b59f8 100644
--- a/src/crypto/tls_internal.c
+++ b/src/crypto/tls_internal.c
@@ -335,8 +335,7 @@ int tls_global_set_params(void *tls_ctx,
 		return -1;
 	}
 
-	if (tlsv1_set_dhparams(cred, params->dh_file, params->dh_blob,
-			       params->dh_blob_len)) {
+	if (tlsv1_set_dhparams(cred, params->dh_file, NULL, 0)) {
 		wpa_printf(MSG_INFO, "TLS: Failed to load DH parameters");
 		return -1;
 	}
diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
index 553236b63..170fb869f 100644
--- a/src/crypto/tls_openssl.c
+++ b/src/crypto/tls_openssl.c
@@ -3953,7 +3953,6 @@ static int tls_global_dh(struct tls_data *data, const char *dh_file)
 	DH *dh;
 	BIO *bio;
 
-	/* TODO: add support for dh_blob */
 	if (dh_file == NULL)
 		return 0;
 	if (ssl_ctx == NULL)
diff --git a/src/crypto/tls_wolfssl.c b/src/crypto/tls_wolfssl.c
index f5cf85df3..e483b8027 100644
--- a/src/crypto/tls_wolfssl.c
+++ b/src/crypto/tls_wolfssl.c
@@ -1383,25 +1383,10 @@ static int tls_global_private_key(void *ssl_ctx, const char *private_key,
 }
 
 
-static int tls_global_dh(void *ssl_ctx, const char *dh_file,
-			 const u8 *dh_blob, size_t blob_len)
+static int tls_global_dh(void *ssl_ctx, const char *dh_file)
 {
 	WOLFSSL_CTX *ctx = ssl_ctx;
 
-	if (!dh_file && !dh_blob)
-		return 0;
-
-	if (dh_blob) {
-		if (wolfSSL_CTX_SetTmpDH_buffer(ctx, dh_blob, blob_len,
-						SSL_FILETYPE_ASN1) < 0) {
-			wpa_printf(MSG_INFO,
-				   "SSL: global use DH DER blob failed");
-			return -1;
-		}
-		wpa_printf(MSG_DEBUG, "SSL: global use DH blob OK");
-		return 0;
-	}
-
 	if (dh_file) {
 		if (wolfSSL_CTX_SetTmpDH_file(ctx, dh_file, SSL_FILETYPE_PEM) <
 		    0) {
@@ -1488,8 +1473,7 @@ int tls_global_set_params(void *tls_ctx,
 		return -1;
 	}
 
-	if (tls_global_dh(tls_ctx, params->dh_file, params->dh_blob,
-			  params->dh_blob_len) < 0) {
+	if (tls_global_dh(tls_ctx, params->dh_file) < 0) {
 		wpa_printf(MSG_INFO, "SSL: Failed to load DH file '%s'",
 			   params->dh_file);
 		return -1;