diff options
| author | tedu <> | 2014-04-17 21:37:37 +0000 |
|---|---|---|
| committer | tedu <> | 2014-04-17 21:37:37 +0000 |
| commit | 153e0cd77b7a56682f71acec88a0c318e197fcb3 (patch) | |
| tree | 08e9b3a8cf6f35c7585646ca19c69f2ba87cc08c /src/lib/libssl/s3_lib.c | |
| parent | 5f4d080a0e8eb89385e3020de8bbbd5243abf8dc (diff) | |
| download | openbsd-153e0cd77b7a56682f71acec88a0c318e197fcb3.tar.gz openbsd-153e0cd77b7a56682f71acec88a0c318e197fcb3.tar.bz2 openbsd-153e0cd77b7a56682f71acec88a0c318e197fcb3.zip | |
always build in RSA and DSA. ok deraadt miod
Diffstat (limited to 'src/lib/libssl/s3_lib.c')
| -rw-r--r-- | src/lib/libssl/s3_lib.c | 45 |
1 files changed, 3 insertions, 42 deletions
diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c index 8df07a1e4c..288d885d9e 100644 --- a/src/lib/libssl/s3_lib.c +++ b/src/lib/libssl/s3_lib.c | |||
| @@ -3098,23 +3098,13 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) | |||
| 3098 | { | 3098 | { |
| 3099 | int ret = 0; | 3099 | int ret = 0; |
| 3100 | 3100 | ||
| 3101 | #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA) | 3101 | if (cmd == SSL_CTRL_SET_TMP_RSA || cmd == SSL_CTRL_SET_TMP_RSA_CB || |
| 3102 | if ( | 3102 | cmd == SSL_CTRL_SET_TMP_DH || cmd == SSL_CTRL_SET_TMP_DH_CB) { |
| 3103 | #ifndef OPENSSL_NO_RSA | ||
| 3104 | cmd == SSL_CTRL_SET_TMP_RSA || | ||
| 3105 | cmd == SSL_CTRL_SET_TMP_RSA_CB || | ||
| 3106 | #endif | ||
| 3107 | #ifndef OPENSSL_NO_DSA | ||
| 3108 | cmd == SSL_CTRL_SET_TMP_DH || | ||
| 3109 | cmd == SSL_CTRL_SET_TMP_DH_CB || | ||
| 3110 | #endif | ||
| 3111 | 0) { | ||
| 3112 | if (!ssl_cert_inst(&s->cert)) { | 3103 | if (!ssl_cert_inst(&s->cert)) { |
| 3113 | SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE); | 3104 | SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE); |
| 3114 | return (0); | 3105 | return (0); |
| 3115 | } | 3106 | } |
| 3116 | } | 3107 | } |
| 3117 | #endif | ||
| 3118 | 3108 | ||
| 3119 | switch (cmd) { | 3109 | switch (cmd) { |
| 3120 | case SSL_CTRL_GET_SESSION_REUSED: | 3110 | case SSL_CTRL_GET_SESSION_REUSED: |
| @@ -3135,7 +3125,6 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) | |||
| 3135 | case SSL_CTRL_GET_FLAGS: | 3125 | case SSL_CTRL_GET_FLAGS: |
| 3136 | ret = (int)(s->s3->flags); | 3126 | ret = (int)(s->s3->flags); |
| 3137 | break; | 3127 | break; |
| 3138 | #ifndef OPENSSL_NO_RSA | ||
| 3139 | case SSL_CTRL_NEED_TMP_RSA: | 3128 | case SSL_CTRL_NEED_TMP_RSA: |
| 3140 | if ((s->cert != NULL) && (s->cert->rsa_tmp == NULL) && | 3129 | if ((s->cert != NULL) && (s->cert->rsa_tmp == NULL) && |
| 3141 | ((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) || | 3130 | ((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) || |
| @@ -3165,7 +3154,6 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) | |||
| 3165 | return (ret); | 3154 | return (ret); |
| 3166 | } | 3155 | } |
| 3167 | break; | 3156 | break; |
| 3168 | #endif | ||
| 3169 | #ifndef OPENSSL_NO_DH | 3157 | #ifndef OPENSSL_NO_DH |
| 3170 | case SSL_CTRL_SET_TMP_DH: | 3158 | case SSL_CTRL_SET_TMP_DH: |
| 3171 | { | 3159 | { |
| @@ -3331,30 +3319,19 @@ ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)(void)) | |||
| 3331 | { | 3319 | { |
| 3332 | int ret = 0; | 3320 | int ret = 0; |
| 3333 | 3321 | ||
| 3334 | #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA) | 3322 | if (cmd == SSL_CTRL_SET_TMP_RSA_CB || cmd == SSL_CTRL_SET_TMP_DH_CB) { |
| 3335 | if ( | ||
| 3336 | #ifndef OPENSSL_NO_RSA | ||
| 3337 | cmd == SSL_CTRL_SET_TMP_RSA_CB || | ||
| 3338 | #endif | ||
| 3339 | #ifndef OPENSSL_NO_DSA | ||
| 3340 | cmd == SSL_CTRL_SET_TMP_DH_CB || | ||
| 3341 | #endif | ||
| 3342 | 0) { | ||
| 3343 | if (!ssl_cert_inst(&s->cert)) { | 3323 | if (!ssl_cert_inst(&s->cert)) { |
| 3344 | SSLerr(SSL_F_SSL3_CALLBACK_CTRL, ERR_R_MALLOC_FAILURE); | 3324 | SSLerr(SSL_F_SSL3_CALLBACK_CTRL, ERR_R_MALLOC_FAILURE); |
| 3345 | return (0); | 3325 | return (0); |
| 3346 | } | 3326 | } |
| 3347 | } | 3327 | } |
| 3348 | #endif | ||
| 3349 | 3328 | ||
| 3350 | switch (cmd) { | 3329 | switch (cmd) { |
| 3351 | #ifndef OPENSSL_NO_RSA | ||
| 3352 | case SSL_CTRL_SET_TMP_RSA_CB: | 3330 | case SSL_CTRL_SET_TMP_RSA_CB: |
| 3353 | { | 3331 | { |
| 3354 | s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp; | 3332 | s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp; |
| 3355 | } | 3333 | } |
| 3356 | break; | 3334 | break; |
| 3357 | #endif | ||
| 3358 | #ifndef OPENSSL_NO_DH | 3335 | #ifndef OPENSSL_NO_DH |
| 3359 | case SSL_CTRL_SET_TMP_DH_CB: | 3336 | case SSL_CTRL_SET_TMP_DH_CB: |
| 3360 | { | 3337 | { |
| @@ -3389,7 +3366,6 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) | |||
| 3389 | cert = ctx->cert; | 3366 | cert = ctx->cert; |
| 3390 | 3367 | ||
| 3391 | switch (cmd) { | 3368 | switch (cmd) { |
| 3392 | #ifndef OPENSSL_NO_RSA | ||
| 3393 | case SSL_CTRL_NEED_TMP_RSA: | 3369 | case SSL_CTRL_NEED_TMP_RSA: |
| 3394 | if ((cert->rsa_tmp == NULL) && | 3370 | if ((cert->rsa_tmp == NULL) && |
| 3395 | ((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) || | 3371 | ((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) || |
| @@ -3429,7 +3405,6 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) | |||
| 3429 | return (0); | 3405 | return (0); |
| 3430 | } | 3406 | } |
| 3431 | break; | 3407 | break; |
| 3432 | #endif | ||
| 3433 | #ifndef OPENSSL_NO_DH | 3408 | #ifndef OPENSSL_NO_DH |
| 3434 | case SSL_CTRL_SET_TMP_DH: | 3409 | case SSL_CTRL_SET_TMP_DH: |
| 3435 | { | 3410 | { |
| @@ -3599,13 +3574,11 @@ ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void)) | |||
| 3599 | cert = ctx->cert; | 3574 | cert = ctx->cert; |
| 3600 | 3575 | ||
| 3601 | switch (cmd) { | 3576 | switch (cmd) { |
| 3602 | #ifndef OPENSSL_NO_RSA | ||
| 3603 | case SSL_CTRL_SET_TMP_RSA_CB: | 3577 | case SSL_CTRL_SET_TMP_RSA_CB: |
| 3604 | { | 3578 | { |
| 3605 | cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp; | 3579 | cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp; |
| 3606 | } | 3580 | } |
| 3607 | break; | 3581 | break; |
| 3608 | #endif | ||
| 3609 | #ifndef OPENSSL_NO_DH | 3582 | #ifndef OPENSSL_NO_DH |
| 3610 | case SSL_CTRL_SET_TMP_DH_CB: | 3583 | case SSL_CTRL_SET_TMP_DH_CB: |
| 3611 | { | 3584 | { |
| @@ -3962,29 +3935,17 @@ ssl3_get_req_cert_type(SSL *s, unsigned char *p) | |||
| 3962 | 3935 | ||
| 3963 | #ifndef OPENSSL_NO_DH | 3936 | #ifndef OPENSSL_NO_DH |
| 3964 | if (alg_k & (SSL_kDHr|SSL_kEDH)) { | 3937 | if (alg_k & (SSL_kDHr|SSL_kEDH)) { |
| 3965 | # ifndef OPENSSL_NO_RSA | ||
| 3966 | p[ret++] = SSL3_CT_RSA_FIXED_DH; | 3938 | p[ret++] = SSL3_CT_RSA_FIXED_DH; |
| 3967 | # endif | ||
| 3968 | # ifndef OPENSSL_NO_DSA | ||
| 3969 | p[ret++] = SSL3_CT_DSS_FIXED_DH; | 3939 | p[ret++] = SSL3_CT_DSS_FIXED_DH; |
| 3970 | # endif | ||
| 3971 | } | 3940 | } |
| 3972 | if ((s->version == SSL3_VERSION) && | 3941 | if ((s->version == SSL3_VERSION) && |
| 3973 | (alg_k & (SSL_kEDH|SSL_kDHd|SSL_kDHr))) { | 3942 | (alg_k & (SSL_kEDH|SSL_kDHd|SSL_kDHr))) { |
| 3974 | # ifndef OPENSSL_NO_RSA | ||
| 3975 | p[ret++] = SSL3_CT_RSA_EPHEMERAL_DH; | 3943 | p[ret++] = SSL3_CT_RSA_EPHEMERAL_DH; |
| 3976 | # endif | ||
| 3977 | # ifndef OPENSSL_NO_DSA | ||
| 3978 | p[ret++] = SSL3_CT_DSS_EPHEMERAL_DH; | 3944 | p[ret++] = SSL3_CT_DSS_EPHEMERAL_DH; |
| 3979 | # endif | ||
| 3980 | } | 3945 | } |
| 3981 | #endif /* !OPENSSL_NO_DH */ | 3946 | #endif /* !OPENSSL_NO_DH */ |
| 3982 | #ifndef OPENSSL_NO_RSA | ||
| 3983 | p[ret++] = SSL3_CT_RSA_SIGN; | 3947 | p[ret++] = SSL3_CT_RSA_SIGN; |
| 3984 | #endif | ||
| 3985 | #ifndef OPENSSL_NO_DSA | ||
| 3986 | p[ret++] = SSL3_CT_DSS_SIGN; | 3948 | p[ret++] = SSL3_CT_DSS_SIGN; |
| 3987 | #endif | ||
| 3988 | #ifndef OPENSSL_NO_ECDH | 3949 | #ifndef OPENSSL_NO_ECDH |
| 3989 | if ((alg_k & (SSL_kECDHr|SSL_kECDHe)) && (s->version >= TLS1_VERSION)) { | 3950 | if ((alg_k & (SSL_kECDHr|SSL_kECDHe)) && (s->version >= TLS1_VERSION)) { |
| 3990 | p[ret++] = TLS_CT_RSA_FIXED_ECDH; | 3951 | p[ret++] = TLS_CT_RSA_FIXED_ECDH; |