From b7c56b65c12f51fe0dbae798d19c8f58224a5d95 Mon Sep 17 00:00:00 2001
From: Darren Tucker <dtucker@dtucker.net>
Date: Mon, 25 Jul 2022 21:43:00 +1000
Subject: Remove workarounds for OpenSSL missing AES-GCM.

We have some compatibility hacks that were added to support OpenSSL
versions that do not support AES GCM mode.  Since that time, however,
the minimum OpenSSL version that we support has moved to 1.0.1 which
*does* have GCM, so this is no longer needed.  ok djm@
---
 configure.ac | 30 ------------------------------
 1 file changed, 30 deletions(-)

(limited to 'configure.ac')

diff --git a/configure.ac b/configure.ac
index 3e9fd700..f618300f 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2892,7 +2892,6 @@ if test "x$openssl" = "xyes" ; then
 		BN_is_prime_ex \
 		DES_crypt \
 		DSA_generate_parameters_ex \
-		EVP_CIPHER_CTX_ctrl \
 		EVP_DigestFinal_ex \
 		EVP_DigestInit_ex \
 		EVP_MD_CTX_cleanup \
@@ -3009,35 +3008,6 @@ if test "x$openssl" = "xyes" ; then
 		]
 	)
 
-	# Check for OpenSSL with EVP_aes_*gcm
-	AC_MSG_CHECKING([whether OpenSSL has AES GCM via EVP])
-	AC_LINK_IFELSE(
-		[AC_LANG_PROGRAM([[
-	#include <stdlib.h>
-	#include <string.h>
-	#include <openssl/evp.h>
-		]], [[
-		exit(EVP_aes_128_gcm() == NULL ||
-		    EVP_aes_256_gcm() == NULL ||
-		    EVP_CTRL_GCM_SET_IV_FIXED == 0 ||
-		    EVP_CTRL_GCM_IV_GEN == 0 ||
-		    EVP_CTRL_GCM_SET_TAG == 0 ||
-		    EVP_CTRL_GCM_GET_TAG == 0 ||
-		    EVP_CIPHER_CTX_ctrl(NULL, 0, 0, NULL) == 0);
-		]])],
-		[
-			AC_MSG_RESULT([yes])
-			AC_DEFINE([OPENSSL_HAVE_EVPGCM], [1],
-			    [libcrypto has EVP AES GCM])
-		],
-		[
-			AC_MSG_RESULT([no])
-			unsupported_algorithms="$unsupported_cipers \
-			   aes128-gcm@openssh.com \
-			   aes256-gcm@openssh.com"
-		]
-	)
-
 	AC_MSG_CHECKING([if EVP_DigestUpdate returns an int])
 	AC_LINK_IFELSE(
 		[AC_LANG_PROGRAM([[
-- 
cgit v1.2.1