From: Jim Jagielski Date: Thu, 23 Jan 2014 14:31:36 +0000 (+0000) Subject: Merge r1546692 from trunk: X-Git-Tag: 2.4.8~214 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=7cf971441966ff8e54d4fa3ace3008cea1de74b8;p=apache Merge r1546692 from trunk: Axe dead code: It wouldn't have been needed ever since httpd 2.0.35 was released in April 2002... it was fixed in the [unreleased] SSLeay 0.9.1b, which was the basis for the initial OpenSSL 0.9.1c release in December 1998 (specifically, it's this change to ssl_set_pkey(): https://cvs.openssl.org/filediff?f=openssl/ssl/ssl_rsa.c&v1=1.1.1.2&v2=1.1.1.3) Submitted by: kbrand Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1560696 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/STATUS b/STATUS index 2ebe44d11d..6045fdc20e 100644 --- a/STATUS +++ b/STATUS @@ -98,11 +98,6 @@ RELEASE SHOWSTOPPERS: PATCHES ACCEPTED TO BACKPORT FROM TRUNK: [ start all new proposals below, under PATCHES PROPOSED. ] - * mod_ssl: drop unnecessary EVP_PKEY_copy_parameters cruft - trunk patch: https://svn.apache.org/r1546692 - 2.4.x patch: trunk patch works - +1: kbrand, trawick, jim - * mod_dir: stop trying to index or redirect requests that are halfway through being rewritten by per-dir mod_rewrite. Old releases would skip any unknown r->handler. PR53929 diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c index b77a6b7e36..e4f461d037 100644 --- a/modules/ssl/ssl_engine_init.c +++ b/modules/ssl/ssl_engine_init.c @@ -931,22 +931,6 @@ static apr_status_t ssl_server_import_key(server_rec *s, return ssl_die(s); } - /* - * XXX: wonder if this is still needed, this is old todo doc. - * (see http://www.psy.uq.edu.au/~ftp/Crypto/ssleay/TODO.html) - */ - if ((pkey_type == EVP_PKEY_DSA) && mctx->pks->certs[idx]) { - EVP_PKEY *pubkey = X509_get_pubkey(mctx->pks->certs[idx]); - - if (pubkey && EVP_PKEY_missing_parameters(pubkey)) { - EVP_PKEY_copy_parameters(pubkey, pkey); - ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, APLOGNO(02239) - "Copying DSA parameters from private key to certificate"); - ssl_log_ssl_error(SSLLOG_MARK, APLOG_ERR, s); - EVP_PKEY_free(pubkey); - } - } - mctx->pks->keys[idx] = pkey; return APR_SUCCESS;