From bc7b6437879a12ca18bd55a18a7d959d9a167a2f Mon Sep 17 00:00:00 2001
From: daurnimator <quae@daurnimator.com>
Date: Fri, 13 Jul 2018 15:52:19 +1000
Subject: [PATCH] http/tls.lua: the default 'param' behaviour is already
 correct

Reading through OpenSSL's ssl/ssl_cert.c and crypto/x509/x509_vpm.c
the correct purpose is selected by default
---
 http/tls.lua | 8 --------
 1 file changed, 8 deletions(-)

diff --git a/http/tls.lua b/http/tls.lua
index d948c0b3..6e67adca 100644
--- a/http/tls.lua
+++ b/http/tls.lua
@@ -698,14 +698,10 @@ local default_tls_options = openssl_ctx.OP_NO_COMPRESSION
 	+ openssl_ctx.OP_NO_SSLv2
 	+ openssl_ctx.OP_NO_SSLv3
 
-local client_params = openssl_verify_param.new()
-client_params:setPurpose("sslserver") -- the purpose the peer has to present
-
 local function new_client_context()
 	local ctx = openssl_ctx.new("TLS", false)
 	ctx:setCipherList(intermediate_cipher_list)
 	ctx:setOptions(default_tls_options)
-	ctx:setParam(client_params)
 	ctx:setEphemeralKey(openssl_pkey.new{ type = "EC", curve = "prime256v1" })
 	local store = ctx:getStore()
 	store:addDefaults()
@@ -713,14 +709,10 @@ local function new_client_context()
 	return ctx
 end
 
-local server_params = openssl_verify_param.new()
-server_params:setPurpose("sslclient") -- the purpose the peer has to present
-
 local function new_server_context()
 	local ctx = openssl_ctx.new("TLS", true)
 	ctx:setCipherList(intermediate_cipher_list)
 	ctx:setOptions(default_tls_options)
-	ctx:setParam(server_params)
 	ctx:setEphemeralKey(openssl_pkey.new{ type = "EC", curve = "prime256v1" })
 	return ctx
 end