diff options
| author | jsing <> | 2014-09-07 12:16:23 +0000 |
|---|---|---|
| committer | jsing <> | 2014-09-07 12:16:23 +0000 |
| commit | 0fed0b531b893a421795b86e91da5c89afa84e40 (patch) | |
| tree | 05653f416e3e348af48f738c0cc7f45d8437ec05 /src/lib/libssl/s3_srvr.c | |
| parent | 620b0c428295995017c04f2dfbb4d70cb01a3701 (diff) | |
| download | openbsd-0fed0b531b893a421795b86e91da5c89afa84e40.tar.gz openbsd-0fed0b531b893a421795b86e91da5c89afa84e40.tar.bz2 openbsd-0fed0b531b893a421795b86e91da5c89afa84e40.zip | |
Remove SSL_kDHr, SSL_kDHd and SSL_aDH. No supported ciphersuites use them,
nor do we plan on supporting them.
ok guenther@
Diffstat (limited to 'src/lib/libssl/s3_srvr.c')
| -rw-r--r-- | src/lib/libssl/s3_srvr.c | 8 |
1 files changed, 3 insertions, 5 deletions
diff --git a/src/lib/libssl/s3_srvr.c b/src/lib/libssl/s3_srvr.c index 597ddd4310..7ff3de77f3 100644 --- a/src/lib/libssl/s3_srvr.c +++ b/src/lib/libssl/s3_srvr.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_srvr.c,v 1.82 2014/08/24 14:36:45 jsing Exp $ */ | 1 | /* $OpenBSD: s3_srvr.c,v 1.83 2014/09/07 12:16:23 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -420,8 +420,7 @@ ssl3_accept(SSL *s) | |||
| 420 | * public key for key exchange. | 420 | * public key for key exchange. |
| 421 | */ | 421 | */ |
| 422 | if (s->s3->tmp.use_rsa_tmp || | 422 | if (s->s3->tmp.use_rsa_tmp || |
| 423 | (alg_k & (SSL_kDHr|SSL_kDHd|SSL_kDHE)) || | 423 | (alg_k & (SSL_kDHE|SSL_kECDHE)) || |
| 424 | (alg_k & SSL_kECDHE) || | ||
| 425 | ((alg_k & SSL_kRSA) && | 424 | ((alg_k & SSL_kRSA) && |
| 426 | (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == | 425 | (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == |
| 427 | NULL))) { | 426 | NULL))) { |
| @@ -1967,8 +1966,7 @@ ssl3_get_client_key_exchange(SSL *s) | |||
| 1967 | s->session->master_key, | 1966 | s->session->master_key, |
| 1968 | p, i); | 1967 | p, i); |
| 1969 | OPENSSL_cleanse(p, i); | 1968 | OPENSSL_cleanse(p, i); |
| 1970 | } else | 1969 | } else if (alg_k & SSL_kDHE) { |
| 1971 | if (alg_k & (SSL_kDHE|SSL_kDHr|SSL_kDHd)) { | ||
| 1972 | if (2 > n) | 1970 | if (2 > n) |
| 1973 | goto truncated; | 1971 | goto truncated; |
| 1974 | n2s(p, i); | 1972 | n2s(p, i); |