CVSROOT: /cvs
Module name: src
Changes by: js...@cvs.openbsd.org 2020/05/19 10:35:21
Modified files:
lib/libssl : ssl_both.c ssl_cert.c ssl_clnt.c ssl_lib.c
ssl_locl.h ssl_srvr.c tls13_client.c
tls13_server.c
Log message:
Replace SSL_PKEY_RSA_ENC/SSL_PKEY_RSA_SIGN with SSL_PKEY_RSA.
Some time prior to SSLeay 0.8.1b, SSL_PKEY_RSA_SIGN got added with the
intention of handling RSA sign only certificates... this incomplete code
had the following comment:
/* check to see if this is a signing only certificate */
/* EAY EAY EAY EAY */
And while the comment was removed in 2005, the incomplete RSA sign-only
handling has remained ever since.
Remove SSL_PKEY_RSA_SIGN and rename SSL_PKEY_RSA_ENC to SSL_PKEY_RSA. While
here also remove the unused SSL_PKEY_DH_RSA.
ok tb@
