diff options
| author | jsing <> | 2017-02-28 14:08:50 +0000 |
|---|---|---|
| committer | jsing <> | 2017-02-28 14:08:50 +0000 |
| commit | abdc360910496483afa44b9ca075e21b248a491d (patch) | |
| tree | c43008fd64414dbc69067d59ebd7d29731f5def4 | |
| parent | c2b74811611cc1f5ffe9e6543476548a8a9bba0a (diff) | |
| download | openbsd-abdc360910496483afa44b9ca075e21b248a491d.tar.gz openbsd-abdc360910496483afa44b9ca075e21b248a491d.tar.bz2 openbsd-abdc360910496483afa44b9ca075e21b248a491d.zip | |
Stop pretending that MD5 and SHA1 might not exist - rather than locating
"ssl3-md5" and "ssl-sha1", call the EVP_md5() and EVP_sha1() functions
directly.
ok beck@ inoguchi@
| -rw-r--r-- | src/lib/libssl/ssl_clnt.c | 6 | ||||
| -rw-r--r-- | src/lib/libssl/ssl_lib.c | 11 | ||||
| -rw-r--r-- | src/lib/libssl/ssl_locl.h | 5 | ||||
| -rw-r--r-- | src/lib/libssl/ssl_srvr.c | 6 |
4 files changed, 8 insertions, 20 deletions
diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c index 7f4d6582da..da4b966bc6 100644 --- a/src/lib/libssl/ssl_clnt.c +++ b/src/lib/libssl/ssl_clnt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_clnt.c,v 1.5 2017/02/07 02:08:38 beck Exp $ */ | 1 | /* $OpenBSD: ssl_clnt.c,v 1.6 2017/02/28 14:08:49 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -1478,8 +1478,8 @@ ssl3_get_server_key_exchange(SSL *s) | |||
| 1478 | q = md_buf; | 1478 | q = md_buf; |
| 1479 | for (num = 2; num > 0; num--) { | 1479 | for (num = 2; num > 0; num--) { |
| 1480 | if (!EVP_DigestInit_ex(&md_ctx, | 1480 | if (!EVP_DigestInit_ex(&md_ctx, |
| 1481 | (num == 2) ? s->ctx->internal->md5 : | 1481 | (num == 2) ? EVP_md5() : EVP_sha1(), |
| 1482 | s->ctx->internal->sha1, NULL)) { | 1482 | NULL)) { |
| 1483 | al = SSL_AD_INTERNAL_ERROR; | 1483 | al = SSL_AD_INTERNAL_ERROR; |
| 1484 | goto f_err; | 1484 | goto f_err; |
| 1485 | } | 1485 | } |
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c index 65b26209b8..3f458d8b10 100644 --- a/src/lib/libssl/ssl_lib.c +++ b/src/lib/libssl/ssl_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_lib.c,v 1.157 2017/02/15 14:56:42 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_lib.c,v 1.158 2017/02/28 14:08:49 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -1865,15 +1865,6 @@ SSL_CTX_new(const SSL_METHOD *meth) | |||
| 1865 | if (!ret->param) | 1865 | if (!ret->param) |
| 1866 | goto err; | 1866 | goto err; |
| 1867 | 1867 | ||
| 1868 | if ((ret->internal->md5 = EVP_get_digestbyname("ssl3-md5")) == NULL) { | ||
| 1869 | SSLerrorx(SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES); | ||
| 1870 | goto err2; | ||
| 1871 | } | ||
| 1872 | if ((ret->internal->sha1 = EVP_get_digestbyname("ssl3-sha1")) == NULL) { | ||
| 1873 | SSLerrorx(SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES); | ||
| 1874 | goto err2; | ||
| 1875 | } | ||
| 1876 | |||
| 1877 | if ((ret->internal->client_CA = sk_X509_NAME_new_null()) == NULL) | 1868 | if ((ret->internal->client_CA = sk_X509_NAME_new_null()) == NULL) |
| 1878 | goto err; | 1869 | goto err; |
| 1879 | 1870 | ||
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h index 62d9d0314e..59f6104391 100644 --- a/src/lib/libssl/ssl_locl.h +++ b/src/lib/libssl/ssl_locl.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_locl.h,v 1.174 2017/02/21 15:28:27 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_locl.h,v 1.175 2017/02/28 14:08:49 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -531,9 +531,6 @@ typedef struct ssl_ctx_internal_st { | |||
| 531 | 531 | ||
| 532 | struct cert_st /* CERT */ *cert; | 532 | struct cert_st /* CERT */ *cert; |
| 533 | 533 | ||
| 534 | const EVP_MD *md5; /* For SSLv3/TLSv1 'ssl3-md5' */ | ||
| 535 | const EVP_MD *sha1; /* For SSLv3/TLSv1 'ssl3-sha1' */ | ||
| 536 | |||
| 537 | /* Default values used when no per-SSL value is defined follow */ | 534 | /* Default values used when no per-SSL value is defined follow */ |
| 538 | 535 | ||
| 539 | /* what we put in client cert requests */ | 536 | /* what we put in client cert requests */ |
diff --git a/src/lib/libssl/ssl_srvr.c b/src/lib/libssl/ssl_srvr.c index bb43ec74e2..8e7c1f4418 100644 --- a/src/lib/libssl/ssl_srvr.c +++ b/src/lib/libssl/ssl_srvr.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_srvr.c,v 1.6 2017/02/07 02:08:38 beck Exp $ */ | 1 | /* $OpenBSD: ssl_srvr.c,v 1.7 2017/02/28 14:08:50 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -1524,8 +1524,8 @@ ssl3_send_server_key_exchange(SSL *s) | |||
| 1524 | j = 0; | 1524 | j = 0; |
| 1525 | for (num = 2; num > 0; num--) { | 1525 | for (num = 2; num > 0; num--) { |
| 1526 | if (!EVP_DigestInit_ex(&md_ctx, | 1526 | if (!EVP_DigestInit_ex(&md_ctx, |
| 1527 | (num == 2) ? s->ctx->internal->md5 : | 1527 | (num == 2) ? EVP_md5() : EVP_sha1(), |
| 1528 | s->ctx->internal->sha1, NULL)) | 1528 | NULL)) |
| 1529 | goto err; | 1529 | goto err; |
| 1530 | EVP_DigestUpdate(&md_ctx, | 1530 | EVP_DigestUpdate(&md_ctx, |
| 1531 | s->s3->client_random, | 1531 | s->s3->client_random, |