diff options
| author | jsing <> | 2022-01-07 15:46:30 +0000 |
|---|---|---|
| committer | jsing <> | 2022-01-07 15:46:30 +0000 |
| commit | 3f7702534a377e0a3b33a6681df0af8a57adbc57 (patch) | |
| tree | 270b59705c9d4efa145c0649cce3fa41750939d9 /src/lib/libssl/s3_lib.c | |
| parent | a42b07afac78ec75467b5a5ca9fcbbdaf9d093a4 (diff) | |
| download | openbsd-3f7702534a377e0a3b33a6681df0af8a57adbc57.tar.gz openbsd-3f7702534a377e0a3b33a6681df0af8a57adbc57.tar.bz2 openbsd-3f7702534a377e0a3b33a6681df0af8a57adbc57.zip | |
Convert legacy server to tls_key_share.
This requires a few more additions to the DHE key share code - we need to
be able to either set the DHE parameters or specify the number of key bits
for use with auto DHE parameters. Additionally, we need to be able to
serialise the DHE parameters to send to the client.
This removes the infamous 'tmp' struct from ssl3_state_internal_st.
ok inoguchi@ tb@
Diffstat (limited to 'src/lib/libssl/s3_lib.c')
| -rw-r--r-- | src/lib/libssl/s3_lib.c | 14 |
1 files changed, 1 insertions, 13 deletions
diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c index 54261c575a..899432e947 100644 --- a/src/lib/libssl/s3_lib.c +++ b/src/lib/libssl/s3_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_lib.c,v 1.221 2022/01/06 18:23:56 jsing Exp $ */ | 1 | /* $OpenBSD: s3_lib.c,v 1.222 2022/01/07 15:46:30 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -1565,10 +1565,6 @@ ssl3_free(SSL *s) | |||
| 1565 | ssl3_release_write_buffer(s); | 1565 | ssl3_release_write_buffer(s); |
| 1566 | freezero(S3I(s)->hs.sigalgs, S3I(s)->hs.sigalgs_len); | 1566 | freezero(S3I(s)->hs.sigalgs, S3I(s)->hs.sigalgs_len); |
| 1567 | 1567 | ||
| 1568 | DH_free(S3I(s)->tmp.dh); | ||
| 1569 | EC_KEY_free(S3I(s)->tmp.ecdh); | ||
| 1570 | freezero(S3I(s)->tmp.x25519, X25519_KEY_LENGTH); | ||
| 1571 | |||
| 1572 | tls_key_share_free(S3I(s)->hs.key_share); | 1568 | tls_key_share_free(S3I(s)->hs.key_share); |
| 1573 | 1569 | ||
| 1574 | tls13_secrets_destroy(S3I(s)->hs.tls13.secrets); | 1570 | tls13_secrets_destroy(S3I(s)->hs.tls13.secrets); |
| @@ -1601,14 +1597,6 @@ ssl3_clear(SSL *s) | |||
| 1601 | sk_X509_pop_free(s->internal->verified_chain, X509_free); | 1597 | sk_X509_pop_free(s->internal->verified_chain, X509_free); |
| 1602 | s->internal->verified_chain = NULL; | 1598 | s->internal->verified_chain = NULL; |
| 1603 | 1599 | ||
| 1604 | DH_free(S3I(s)->tmp.dh); | ||
| 1605 | S3I(s)->tmp.dh = NULL; | ||
| 1606 | EC_KEY_free(S3I(s)->tmp.ecdh); | ||
| 1607 | S3I(s)->tmp.ecdh = NULL; | ||
| 1608 | S3I(s)->tmp.ecdh_nid = NID_undef; | ||
| 1609 | freezero(S3I(s)->tmp.x25519, X25519_KEY_LENGTH); | ||
| 1610 | S3I(s)->tmp.x25519 = NULL; | ||
| 1611 | |||
| 1612 | freezero(S3I(s)->hs.sigalgs, S3I(s)->hs.sigalgs_len); | 1600 | freezero(S3I(s)->hs.sigalgs, S3I(s)->hs.sigalgs_len); |
| 1613 | S3I(s)->hs.sigalgs = NULL; | 1601 | S3I(s)->hs.sigalgs = NULL; |
| 1614 | S3I(s)->hs.sigalgs_len = 0; | 1602 | S3I(s)->hs.sigalgs_len = 0; |