From: Kaspar Brand <kbrand@apache.org>
Date: Sat, 30 Nov 2013 07:17:53 +0000 (+0000)
Subject: Axe dead code: It wouldn't have been needed ever since httpd 2.0.35
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4ef7be87a27e5cf6a8478fcd6115dabd17d3468b;p=thirdparty%2Fapache%2Fhttpd.git

Axe dead code: It wouldn't have been needed ever since httpd 2.0.35
was released in April 2002... it was fixed in the [unreleased]
SSLeay 0.9.1b, which was the basis for the initial OpenSSL 0.9.1c
release in December 1998 (specifically, it's this change to ssl_set_pkey():
https://cvs.openssl.org/filediff?f=openssl/ssl/ssl_rsa.c&v1=1.1.1.2&v2=1.1.1.3)


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1546692 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c
index 6cdf4de5002..563e533d932 100644
--- a/modules/ssl/ssl_engine_init.c
+++ b/modules/ssl/ssl_engine_init.c
@@ -963,22 +963,6 @@ static apr_status_t ssl_server_import_key(server_rec *s,
         return ssl_die(s);
     }
 
-    /*
-     * XXX: wonder if this is still needed, this is old todo doc.
-     * (see http://www.psy.uq.edu.au/~ftp/Crypto/ssleay/TODO.html)
-     */
-    if ((pkey_type == EVP_PKEY_DSA) && mctx->pks->certs[idx]) {
-        EVP_PKEY *pubkey = X509_get_pubkey(mctx->pks->certs[idx]);
-
-        if (pubkey && EVP_PKEY_missing_parameters(pubkey)) {
-            EVP_PKEY_copy_parameters(pubkey, pkey);
-            ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, APLOGNO(02239)
-                    "Copying DSA parameters from private key to certificate");
-            ssl_log_ssl_error(SSLLOG_MARK, APLOG_ERR, s);
-            EVP_PKEY_free(pubkey);
-        }
-    }
-
     mctx->pks->keys[idx] = pkey;
 
     return APR_SUCCESS;