From: Dr. Stephen Henson Date: Sat, 23 Sep 2017 00:03:16 +0000 (+0100) Subject: Remove dhparam from SSL_CONF list. X-Git-Tag: OpenSSL_1_1_1-pre1~634 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=4708afcb0a8bf0bc4135eebbfdb96ab80ba73bc6;p=oweals%2Fopenssl.git Remove dhparam from SSL_CONF list. Avoid duplicate assertion by removing dhparam from SSL_CONF parameter list: dhparam is handled manually by s_server. Reviewed-by: Andy Polyakov (Merged from https://github.com/openssl/openssl/pull/4408) --- diff --git a/apps/apps.h b/apps/apps.h index 6984f166e8..70c9278c6f 100644 --- a/apps/apps.h +++ b/apps/apps.h @@ -206,7 +206,7 @@ int set_cert_times(X509 *x, const char *startdate, const char *enddate, OPT_S_SERVERPREF, OPT_S_LEGACYRENEG, OPT_S_LEGACYCONN, \ OPT_S_ONRESUMP, OPT_S_NOLEGACYCONN, OPT_S_ALLOW_NO_DHE_KEX, \ OPT_S_STRICT, OPT_S_SIGALGS, OPT_S_CLIENTSIGALGS, OPT_S_GROUPS, \ - OPT_S_CURVES, OPT_S_NAMEDCURVE, OPT_S_CIPHER, OPT_S_DHPARAM, \ + OPT_S_CURVES, OPT_S_NAMEDCURVE, OPT_S_CIPHER, \ OPT_S_RECORD_PADDING, OPT_S_DEBUGBROKE, OPT_S_COMP, \ OPT_S_NO_RENEGOTIATION, OPT_S__LAST @@ -248,8 +248,6 @@ int set_cert_times(X509 *x, const char *startdate, const char *enddate, {"named_curve", OPT_S_NAMEDCURVE, 's', \ "Elliptic curve used for ECDHE (server-side only)" }, \ {"cipher", OPT_S_CIPHER, 's', "Specify cipher list to be used"}, \ - {"dhparam", OPT_S_DHPARAM, '<', \ - "DH parameter file to use, in cert file if not specified"}, \ {"record_padding", OPT_S_RECORD_PADDING, 's', \ "Block size to pad TLS 1.3 records to."}, \ {"debug_broken_protocol", OPT_S_DEBUGBROKE, '-', \ @@ -280,7 +278,6 @@ int set_cert_times(X509 *x, const char *startdate, const char *enddate, case OPT_S_CURVES: \ case OPT_S_NAMEDCURVE: \ case OPT_S_CIPHER: \ - case OPT_S_DHPARAM: \ case OPT_S_RECORD_PADDING: \ case OPT_S_NO_RENEGOTIATION: \ case OPT_S_DEBUGBROKE