From 1b54c06563a2a52b2b26a116ab243c40bf4d0c9f Mon Sep 17 00:00:00 2001
From: Jung-uk Kim <jkim@FreeBSD.org>
Date: Thu, 8 Jan 2015 22:50:44 +0000
Subject: Import OpenSSL 0.9.8zd.

---
 ssl/d1_srvr.c | 16 ++--------------
 1 file changed, 2 insertions(+), 14 deletions(-)

(limited to 'ssl/d1_srvr.c')

diff --git a/ssl/d1_srvr.c b/ssl/d1_srvr.c
index 0e6bf46c028b7..0e9bb204add7b 100644
--- a/ssl/d1_srvr.c
+++ b/ssl/d1_srvr.c
@@ -371,23 +371,11 @@ int dtls1_accept(SSL *s)
 
 			/* clear this, it may get reset by
 			 * send_server_key_exchange */
-			if ((s->options & SSL_OP_EPHEMERAL_RSA)
-#ifndef OPENSSL_NO_KRB5
-				&& !(l & SSL_KRB5)
-#endif /* OPENSSL_NO_KRB5 */
-				)
-				/* option SSL_OP_EPHEMERAL_RSA sends temporary RSA key
-				 * even when forbidden by protocol specs
-				 * (handshake may fail as clients are not required to
-				 * be able to handle this) */
-				s->s3->tmp.use_rsa_tmp=1;
-			else
-				s->s3->tmp.use_rsa_tmp=0;
+			s->s3->tmp.use_rsa_tmp=0;
 
 			/* only send if a DH key exchange, fortezza or
 			 * RSA but we have a sign only certificate */
-			if (s->s3->tmp.use_rsa_tmp
-			    || (l & (SSL_DH|SSL_kFZA))
+			if ((l & (SSL_DH|SSL_kFZA))
 			    || ((l & SSL_kRSA)
 				&& (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL
 				    || (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher)
-- 
cgit v1.2.3