Move options and mode from SSL_CTX and SSL to internal, since these can be

set and cleared via existing functions.
author: jsing <> 2017-01-23 14:35:42 +0000
committer: jsing <> 2017-01-23 14:35:42 +0000
commit: d43892e9652017c33ea2cf69639dc9a01090be5f (patch)
tree: 27eab6f3272b4b46f77e786896eae8e697800969 /src/lib/libssl/s3_srvr.c
parent: 0eff443f2ac1ae9043870f2d40d9dc0d57f236d6 (diff)
download: openbsd-d43892e9652017c33ea2cf69639dc9a01090be5f.tar.gz
openbsd-d43892e9652017c33ea2cf69639dc9a01090be5f.tar.bz2
openbsd-d43892e9652017c33ea2cf69639dc9a01090be5f.zip
1 files changed, 4 insertions, 4 deletions
diff --git a/src/lib/libssl/s3_srvr.c b/src/lib/libssl/s3_srvr.c
index 59320ea0f6..4c6caf0eed 100644
--- a/src/lib/libssl/s3_srvr.c
+++ b/src/lib/libssl/s3_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_srvr.c,v 1.149 2017/01/23 13:36:13 jsing Exp $ */
+/* $OpenBSD: s3_srvr.c,v 1.150 2017/01/23 14:35:42 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -824,7 +824,7 @@ ssl3_get_client_hello(SSL *s)
         * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION setting will be
         * ignored.
         */
-        if ((s->internal->new_session && (s->options &
+        if ((s->internal->new_session && (s->internal->options &
            SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION))) {
                if (!ssl_get_new_session(s, 1))
                        goto err;
@@ -1315,7 +1315,7 @@ ssl3_send_server_kex_ecdhe_ecp(SSL *s, int nid, CBB *cbb)
        if ((EC_KEY_get0_public_key(ecdh) == NULL) ||
            (EC_KEY_get0_private_key(ecdh) == NULL) ||
-            (s->options & SSL_OP_SINGLE_ECDH_USE)) {
+            (s->internal->options & SSL_OP_SINGLE_ECDH_USE)) {
                if (!EC_KEY_generate_key(ecdh)) {
                        SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
                            ERR_R_ECDH_LIB);
@@ -1769,7 +1769,7 @@ ssl3_get_client_kex_rsa(SSL *s, unsigned char *p, long n)
                 * If SSL_OP_TLS_ROLLBACK_BUG is set, tolerate such
                 * clients.
                 */
-                if (!((s->options & SSL_OP_TLS_ROLLBACK_BUG) &&
+                if (!((s->internal->options & SSL_OP_TLS_ROLLBACK_BUG) &&
                    (p[0] == (s->version >> 8)) &&
                    (p[1] == (s->version & 0xff)))) {
                        al = SSL_AD_DECODE_ERROR;
author	jsing <>	2017-01-23 14:35:42 +0000
committer	jsing <>	2017-01-23 14:35:42 +0000
commit	d43892e9652017c33ea2cf69639dc9a01090be5f (patch)
tree	27eab6f3272b4b46f77e786896eae8e697800969 /src/lib/libssl/s3_srvr.c
parent	0eff443f2ac1ae9043870f2d40d9dc0d57f236d6 (diff)
download	openbsd-d43892e9652017c33ea2cf69639dc9a01090be5f.tar.gz openbsd-d43892e9652017c33ea2cf69639dc9a01090be5f.tar.bz2 openbsd-d43892e9652017c33ea2cf69639dc9a01090be5f.zip

diff --git a/src/lib/libssl/s3_srvr.c b/src/lib/libssl/s3_srvr.c index 59320ea0f6..4c6caf0eed 100644 --- a/src/lib/libssl/s3_srvr.c +++ b/src/lib/libssl/s3_srvr.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: s3_srvr.c,v 1.149 2017/01/23 13:36:13 jsing Exp $ */	1	/* $OpenBSD: s3_srvr.c,v 1.150 2017/01/23 14:35:42 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -824,7 +824,7 @@ ssl3_get_client_hello(SSL *s)
824	* SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION setting will be	824	* SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION setting will be
825	* ignored.	825	* ignored.
826	*/	826	*/
827	if ((s->internal->new_session && (s->options &	827	if ((s->internal->new_session && (s->internal->options &
828	SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION))) {	828	SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION))) {
829	if (!ssl_get_new_session(s, 1))	829	if (!ssl_get_new_session(s, 1))
830	goto err;	830	goto err;
@@ -1315,7 +1315,7 @@ ssl3_send_server_kex_ecdhe_ecp(SSL s, int nid, CBB cbb)
1315		1315
1316	if ((EC_KEY_get0_public_key(ecdh) == NULL) \|\|	1316	if ((EC_KEY_get0_public_key(ecdh) == NULL) \|\|
1317	(EC_KEY_get0_private_key(ecdh) == NULL) \|\|	1317	(EC_KEY_get0_private_key(ecdh) == NULL) \|\|
1318	(s->options & SSL_OP_SINGLE_ECDH_USE)) {	1318	(s->internal->options & SSL_OP_SINGLE_ECDH_USE)) {
1319	if (!EC_KEY_generate_key(ecdh)) {	1319	if (!EC_KEY_generate_key(ecdh)) {
1320	SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,	1320	SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
1321	ERR_R_ECDH_LIB);	1321	ERR_R_ECDH_LIB);
@@ -1769,7 +1769,7 @@ ssl3_get_client_kex_rsa(SSL s, unsigned char p, long n)
1769	* If SSL_OP_TLS_ROLLBACK_BUG is set, tolerate such	1769	* If SSL_OP_TLS_ROLLBACK_BUG is set, tolerate such
1770	* clients.	1770	* clients.
1771	*/	1771	*/
1772	if (!((s->options & SSL_OP_TLS_ROLLBACK_BUG) &&	1772	if (!((s->internal->options & SSL_OP_TLS_ROLLBACK_BUG) &&
1773	(p[0] == (s->version >> 8)) &&	1773	(p[0] == (s->version >> 8)) &&
1774	(p[1] == (s->version & 0xff)))) {	1774	(p[1] == (s->version & 0xff)))) {
1775	al = SSL_AD_DECODE_ERROR;	1775	al = SSL_AD_DECODE_ERROR;