diff options
| author | jsing <> | 2016-12-21 16:44:31 +0000 |
|---|---|---|
| committer | jsing <> | 2016-12-21 16:44:31 +0000 |
| commit | 6e8ed6997ed910925a8bd07c763df51e7d9fad26 (patch) | |
| tree | f6cf578a76dfa7785435b0a23d672ccd20cb86f2 /src/lib/libssl/s3_lib.c | |
| parent | 8815d5c3f9c607a6753e58d4c790a789abf0d2e2 (diff) | |
| download | openbsd-6e8ed6997ed910925a8bd07c763df51e7d9fad26.tar.gz openbsd-6e8ed6997ed910925a8bd07c763df51e7d9fad26.tar.bz2 openbsd-6e8ed6997ed910925a8bd07c763df51e7d9fad26.zip | |
Add support for ECDHE with X25519.
Testing of an earlier revision by naddy@.
ok beck@
Diffstat (limited to 'src/lib/libssl/s3_lib.c')
| -rw-r--r-- | src/lib/libssl/s3_lib.c | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c index db9292172d..212de5f7a4 100644 --- a/src/lib/libssl/s3_lib.c +++ b/src/lib/libssl/s3_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_lib.c,v 1.113 2016/12/06 13:17:52 jsing Exp $ */ | 1 | /* $OpenBSD: s3_lib.c,v 1.114 2016/12/21 16:44:31 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -151,6 +151,7 @@ | |||
| 151 | #include <limits.h> | 151 | #include <limits.h> |
| 152 | #include <stdio.h> | 152 | #include <stdio.h> |
| 153 | 153 | ||
| 154 | #include <openssl/curve25519.h> | ||
| 154 | #include <openssl/dh.h> | 155 | #include <openssl/dh.h> |
| 155 | #include <openssl/md5.h> | 156 | #include <openssl/md5.h> |
| 156 | #include <openssl/objects.h> | 157 | #include <openssl/objects.h> |
| @@ -1835,6 +1836,10 @@ ssl3_free(SSL *s) | |||
| 1835 | DH_free(s->s3->tmp.dh); | 1836 | DH_free(s->s3->tmp.dh); |
| 1836 | EC_KEY_free(s->s3->tmp.ecdh); | 1837 | EC_KEY_free(s->s3->tmp.ecdh); |
| 1837 | 1838 | ||
| 1839 | if (s->s3->tmp.x25519 != NULL) | ||
| 1840 | explicit_bzero(s->s3->tmp.x25519, X25519_KEY_LENGTH); | ||
| 1841 | free(s->s3->tmp.x25519); | ||
| 1842 | |||
| 1838 | if (s->s3->tmp.ca_names != NULL) | 1843 | if (s->s3->tmp.ca_names != NULL) |
| 1839 | sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free); | 1844 | sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free); |
| 1840 | BIO_free(s->s3->handshake_buffer); | 1845 | BIO_free(s->s3->handshake_buffer); |
| @@ -1861,6 +1866,11 @@ ssl3_clear(SSL *s) | |||
| 1861 | EC_KEY_free(s->s3->tmp.ecdh); | 1866 | EC_KEY_free(s->s3->tmp.ecdh); |
| 1862 | s->s3->tmp.ecdh = NULL; | 1867 | s->s3->tmp.ecdh = NULL; |
| 1863 | 1868 | ||
| 1869 | if (s->s3->tmp.x25519 != NULL) | ||
| 1870 | explicit_bzero(s->s3->tmp.x25519, X25519_KEY_LENGTH); | ||
| 1871 | free(s->s3->tmp.x25519); | ||
| 1872 | s->s3->tmp.x25519 = NULL; | ||
| 1873 | |||
| 1864 | rp = s->s3->rbuf.buf; | 1874 | rp = s->s3->rbuf.buf; |
| 1865 | wp = s->s3->wbuf.buf; | 1875 | wp = s->s3->wbuf.buf; |
| 1866 | rlen = s->s3->rbuf.len; | 1876 | rlen = s->s3->rbuf.len; |