Commit 8df53b7a authored by Dr. Stephen Henson's avatar Dr. Stephen Henson
Browse files

Remove unnuecessary ifdefs. 



If RSA or DSA is disabled we will never use a ciphersuite with
RSA/DSA authentication as it is already filtered out by the cipher
list logic.

Reviewed-by: default avatarRichard Levitte <levitte@openssl.org>
parent a273c6ee

ssl/s3_clnt.c

+2 −18
Original line number Diff line number Diff line
@@ -1617,16 +1617,8 @@ int ssl3_get_key_exchange(SSL *s) 
        }



/* We must check if there is a certificate */

# ifndef OPENSSL_NO_RSA

        if (alg_a & SSL_aRSA)

            pkey = X509_get_pubkey(s->session->peer);

# else

        if (0) ;

# endif

# ifndef OPENSSL_NO_DSA

        else if (alg_a & SSL_aDSS)

        if (alg_a & (SSL_aRSA|SSL_aDSS))

            pkey = X509_get_pubkey(s->session->peer);

# endif

    } else

#endif                          /* !OPENSSL_NO_SRP */

#ifndef OPENSSL_NO_RSA
@@ -1774,16 +1766,8 @@ int ssl3_get_key_exchange(SSL *s) 
            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_DH_KEY_TOO_SMALL);

            goto f_err;

        }

# ifndef OPENSSL_NO_RSA

        if (alg_a & SSL_aRSA)

            pkey = X509_get_pubkey(s->session->peer);

# else

        if (0) ;

# endif

# ifndef OPENSSL_NO_DSA

        else if (alg_a & SSL_aDSS)

        if (alg_a & (SSL_aRSA|SSL_aDSS))

            pkey = X509_get_pubkey(s->session->peer);

# endif

        /* else anonymous DH, so no certificate or pkey. */



        s->s3->peer_dh_tmp = dh;