Diffie-Hellman parameters: remove useless 'fix'

The workaround I had implemented based on alpha version of OpenSSL v3 and what developers (OpenSSL) said about DH back then is not going to work in the end - they do remove all DH (struct and related functions) stuff if you set a proper OPENSSL_API_COMPAT level. A proper re-write is required to support OpenSSL v3, but then there is no reason to keep dead useless code. Pick-to: 6.2 Task-number: QTBUG-94596 Change-Id: Iae092dd08148521649a684879d30e190736e1abe Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
author: Timur Pocheptsov <timur.pocheptsov@qt.io> 2021-07-09 16:14:16 +0200
committer: Timur Pocheptsov <timur.pocheptsov@qt.io> 2021-07-09 19:53:55 +0200
commit: 408656c6f9de326cf91376443597a2f791eb0f8d (patch)
tree: 9000d5aec79ad8b0ba78ebc93fa14c24242dafb6 /src/plugins
parent: 3186ca3e3972cf46eb48a33fe90063eb112e32b3 (diff)
3 files changed, 0 insertions, 58 deletions
diff --git a/src/plugins/tls/openssl/qssldiffiehellmanparameters_openssl.cpp b/src/plugins/tls/openssl/qssldiffiehellmanparameters_openssl.cpp
index a917a20744..8a268eeebe 100644
--- a/src/plugins/tls/openssl/qssldiffiehellmanparameters_openssl.cpp
+++ b/src/plugins/tls/openssl/qssldiffiehellmanparameters_openssl.cpp
@@ -55,57 +55,6 @@ QT_BEGIN_NAMESPACE
 
 namespace {
 
-#ifdef OPENSSL_NO_DEPRECATED_3_0
-
-int q_DH_check(DH *dh, int *status)
-{
-    // DH_check was first deprecated in OpenSSL 3.0.0, as low-level
-    // API; the EVP_PKEY family of functions was advised as an alternative.
-    // As of now EVP_PKEY_params_check ends up calling ... DH_check,
-    // which is good enough.
-
-    Q_ASSERT(dh);
-    Q_ASSERT(status);
-
-    EVP_PKEY *key = q_EVP_PKEY_new();
-    if (!key) {
-        qCWarning(lcSsl, "EVP_PKEY_new failed");
-        QTlsBackendOpenSSL::logAndClearErrorQueue();
-        return 0;
-    }
-    const auto keyDeleter = qScopeGuard([key](){
-        q_EVP_PKEY_free(key);
-    });
-    if (!q_EVP_PKEY_set1_DH(key, dh)) {
-        qCWarning(lcTlsBackend, "EVP_PKEY_set1_DH failed");
-        QTlsBackendOpenSSL::logAndClearErrorQueue();
-        return 0;
-    }
-
-    EVP_PKEY_CTX *keyCtx = q_EVP_PKEY_CTX_new(key, nullptr);
-    if (!keyCtx) {
-        qCWarning(lcTlsBackend, "EVP_PKEY_CTX_new failed");
-        QTlsBackendOpenSSL::logAndClearErrorQueue();
-        return 0;
-    }
-    const auto ctxDeleter = qScopeGuard([keyCtx]{
-        q_EVP_PKEY_CTX_free(keyCtx);
-    });
-
-    const int result = q_EVP_PKEY_param_check(keyCtx);
-    QTlsBackendOpenSSL::logAndClearErrorQueue();
-    // Note: unlike DH_check, we cannot obtain the 'status',
-    // if the 'result' is 0 (actually the result is 1 only
-    // if this 'status' was 0). We could probably check the
-    // errors from the error queue, but it's not needed anyway
-    // - see the 'isSafeDH' below, how it returns immediately
-    // on 0.
-    Q_UNUSED(status);
-
-    return result;
-}
-#endif // OPENSSL_NO_DEPRECATED_3_0
-
 bool isSafeDH(DH *dh)
 {
     int status = 0;
diff --git a/src/plugins/tls/openssl/qsslsocket_openssl_symbols.cpp b/src/plugins/tls/openssl/qsslsocket_openssl_symbols.cpp
index 6b4601163b..3b683bcc3c 100644
--- a/src/plugins/tls/openssl/qsslsocket_openssl_symbols.cpp
+++ b/src/plugins/tls/openssl/qsslsocket_openssl_symbols.cpp
@@ -495,9 +495,7 @@ DEFINEFUNC(DH *, DH_new, DUMMYARG, DUMMYARG, return nullptr, return)
 DEFINEFUNC(void, DH_free, DH *dh, dh, return, DUMMYARG)
 DEFINEFUNC3(DH *, d2i_DHparams, DH**a, a, const unsigned char **pp, pp, long length, length, return nullptr, return)
 DEFINEFUNC2(int, i2d_DHparams, DH *a, a, unsigned char **p, p, return -1, return)
-#ifndef OPENSSL_NO_DEPRECATED_3_0
 DEFINEFUNC2(int, DH_check, DH *dh, dh, int *codes, codes, return 0, return)
-#endif // OPENSSL_NO_DEPRECATED_3_0
 DEFINEFUNC3(BIGNUM *, BN_bin2bn, const unsigned char *s, s, int len, len, BIGNUM *ret, ret, return nullptr, return)
 
 #ifndef OPENSSL_NO_EC
@@ -1186,9 +1184,7 @@ bool q_resolveOpenSslSymbols()
     RESOLVEFUNC(DH_free)
     RESOLVEFUNC(d2i_DHparams)
     RESOLVEFUNC(i2d_DHparams)
-#ifndef OPENSSL_NO_DEPRECATED_3_0
     RESOLVEFUNC(DH_check)
-#endif // OPENSSL_NO_DEPRECATED_3_0
     RESOLVEFUNC(BN_bin2bn)
 
 #ifndef OPENSSL_NO_EC
diff --git a/src/plugins/tls/openssl/qsslsocket_openssl_symbols_p.h b/src/plugins/tls/openssl/qsslsocket_openssl_symbols_p.h
index 1eb6387c23..088cff499e 100644
--- a/src/plugins/tls/openssl/qsslsocket_openssl_symbols_p.h
+++ b/src/plugins/tls/openssl/qsslsocket_openssl_symbols_p.h
@@ -584,10 +584,7 @@ DH *q_DH_new();
 void q_DH_free(DH *dh);
 DH *q_d2i_DHparams(DH **a, const unsigned char **pp, long length);
 int q_i2d_DHparams(DH *a, unsigned char **p);
-
-#ifndef OPENSSL_NO_DEPRECATED_3_0
 int q_DH_check(DH *dh, int *codes);
-#endif // OPENSSL_NO_DEPRECATED_3_0
 
 BIGNUM *q_BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret);
 #define q_SSL_CTX_set_tmp_dh(ctx, dh) q_SSL_CTX_ctrl((ctx), SSL_CTRL_SET_TMP_DH, 0, (char *)dh)
author	Timur Pocheptsov <timur.pocheptsov@qt.io>	2021-07-09 16:14:16 +0200
committer	Timur Pocheptsov <timur.pocheptsov@qt.io>	2021-07-09 19:53:55 +0200
commit	408656c6f9de326cf91376443597a2f791eb0f8d (patch)
tree	9000d5aec79ad8b0ba78ebc93fa14c24242dafb6 /src/plugins
parent	3186ca3e3972cf46eb48a33fe90063eb112e32b3 (diff)