Remove unreachable code to duplicate DH keys.
dh_tmp can only contain parameters, now that DHE always generates keys fresh
for each connection.
Change-Id: I56dad4cbec7e21326360d79df211031fd9734004
Reviewed-on: https://boringssl-review.googlesource.com/6702
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index bb83f88..4952cfd 100644
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -166,22 +166,6 @@
OPENSSL_PUT_ERROR(SSL, ERR_R_DH_LIB);
goto err;
}
- if (cert->dh_tmp->priv_key) {
- BIGNUM *b = BN_dup(cert->dh_tmp->priv_key);
- if (!b) {
- OPENSSL_PUT_ERROR(SSL, ERR_R_BN_LIB);
- goto err;
- }
- ret->dh_tmp->priv_key = b;
- }
- if (cert->dh_tmp->pub_key) {
- BIGNUM *b = BN_dup(cert->dh_tmp->pub_key);
- if (!b) {
- OPENSSL_PUT_ERROR(SSL, ERR_R_BN_LIB);
- goto err;
- }
- ret->dh_tmp->pub_key = b;
- }
}
ret->dh_tmp_cb = cert->dh_tmp_cb;