diff options
| author | tedu <> | 2014-05-29 18:11:13 +0000 |
|---|---|---|
| committer | tedu <> | 2014-05-29 18:11:13 +0000 |
| commit | 149c6f9c05a2f73c39aed364b51e57279a57cd35 (patch) | |
| tree | e214d026b5b66638630daa4617eb61197c96abb9 /src/lib/libssl/ssl_cert.c | |
| parent | e164bff3660a81a13f661bc0f7cf0cb0cbd94e51 (diff) | |
| download | openbsd-149c6f9c05a2f73c39aed364b51e57279a57cd35.tar.gz openbsd-149c6f9c05a2f73c39aed364b51e57279a57cd35.tar.bz2 openbsd-149c6f9c05a2f73c39aed364b51e57279a57cd35.zip | |
unidef DH, ECDH, and ECDSA. there's no purpose to a libssl without them.
ok deraadt jsing
Diffstat (limited to '')
| -rw-r--r-- | src/lib/libssl/ssl_cert.c | 22 |
1 files changed, 0 insertions, 22 deletions
diff --git a/src/lib/libssl/ssl_cert.c b/src/lib/libssl/ssl_cert.c index d8b94b1285..f506ae685f 100644 --- a/src/lib/libssl/ssl_cert.c +++ b/src/lib/libssl/ssl_cert.c | |||
| @@ -125,9 +125,7 @@ | |||
| 125 | #include <openssl/bio.h> | 125 | #include <openssl/bio.h> |
| 126 | #include <openssl/pem.h> | 126 | #include <openssl/pem.h> |
| 127 | #include <openssl/x509v3.h> | 127 | #include <openssl/x509v3.h> |
| 128 | #ifndef OPENSSL_NO_DH | ||
| 129 | #include <openssl/dh.h> | 128 | #include <openssl/dh.h> |
| 130 | #endif | ||
| 131 | #include <openssl/bn.h> | 129 | #include <openssl/bn.h> |
| 132 | #include "ssl_locl.h" | 130 | #include "ssl_locl.h" |
| 133 | 131 | ||
| @@ -165,9 +163,7 @@ ssl_cert_set_default_md(CERT *cert) | |||
| 165 | cert->pkeys[SSL_PKEY_DSA_SIGN].digest = EVP_sha1(); | 163 | cert->pkeys[SSL_PKEY_DSA_SIGN].digest = EVP_sha1(); |
| 166 | cert->pkeys[SSL_PKEY_RSA_SIGN].digest = EVP_sha1(); | 164 | cert->pkeys[SSL_PKEY_RSA_SIGN].digest = EVP_sha1(); |
| 167 | cert->pkeys[SSL_PKEY_RSA_ENC].digest = EVP_sha1(); | 165 | cert->pkeys[SSL_PKEY_RSA_ENC].digest = EVP_sha1(); |
| 168 | #ifndef OPENSSL_NO_ECDSA | ||
| 169 | cert->pkeys[SSL_PKEY_ECC].digest = EVP_sha1(); | 166 | cert->pkeys[SSL_PKEY_ECC].digest = EVP_sha1(); |
| 170 | #endif | ||
| 171 | } | 167 | } |
| 172 | 168 | ||
| 173 | CERT * | 169 | CERT * |
| @@ -214,7 +210,6 @@ ssl_cert_dup(CERT *cert) | |||
| 214 | } | 210 | } |
| 215 | ret->rsa_tmp_cb = cert->rsa_tmp_cb; | 211 | ret->rsa_tmp_cb = cert->rsa_tmp_cb; |
| 216 | 212 | ||
| 217 | #ifndef OPENSSL_NO_DH | ||
| 218 | if (cert->dh_tmp != NULL) { | 213 | if (cert->dh_tmp != NULL) { |
| 219 | ret->dh_tmp = DHparams_dup(cert->dh_tmp); | 214 | ret->dh_tmp = DHparams_dup(cert->dh_tmp); |
| 220 | if (ret->dh_tmp == NULL) { | 215 | if (ret->dh_tmp == NULL) { |
| @@ -239,9 +234,7 @@ ssl_cert_dup(CERT *cert) | |||
| 239 | } | 234 | } |
| 240 | } | 235 | } |
| 241 | ret->dh_tmp_cb = cert->dh_tmp_cb; | 236 | ret->dh_tmp_cb = cert->dh_tmp_cb; |
| 242 | #endif | ||
| 243 | 237 | ||
| 244 | #ifndef OPENSSL_NO_ECDH | ||
| 245 | if (cert->ecdh_tmp) { | 238 | if (cert->ecdh_tmp) { |
| 246 | ret->ecdh_tmp = EC_KEY_dup(cert->ecdh_tmp); | 239 | ret->ecdh_tmp = EC_KEY_dup(cert->ecdh_tmp); |
| 247 | if (ret->ecdh_tmp == NULL) { | 240 | if (ret->ecdh_tmp == NULL) { |
| @@ -250,7 +243,6 @@ ssl_cert_dup(CERT *cert) | |||
| 250 | } | 243 | } |
| 251 | } | 244 | } |
| 252 | ret->ecdh_tmp_cb = cert->ecdh_tmp_cb; | 245 | ret->ecdh_tmp_cb = cert->ecdh_tmp_cb; |
| 253 | #endif | ||
| 254 | 246 | ||
| 255 | for (i = 0; i < SSL_PKEY_NUM; i++) { | 247 | for (i = 0; i < SSL_PKEY_NUM; i++) { |
| 256 | if (cert->pkeys[i].x509 != NULL) { | 248 | if (cert->pkeys[i].x509 != NULL) { |
| @@ -305,19 +297,13 @@ ssl_cert_dup(CERT *cert) | |||
| 305 | 297 | ||
| 306 | return (ret); | 298 | return (ret); |
| 307 | 299 | ||
| 308 | #if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_ECDH) | ||
| 309 | err: | 300 | err: |
| 310 | #endif | ||
| 311 | if (ret->rsa_tmp != NULL) | 301 | if (ret->rsa_tmp != NULL) |
| 312 | RSA_free(ret->rsa_tmp); | 302 | RSA_free(ret->rsa_tmp); |
| 313 | #ifndef OPENSSL_NO_DH | ||
| 314 | if (ret->dh_tmp != NULL) | 303 | if (ret->dh_tmp != NULL) |
| 315 | DH_free(ret->dh_tmp); | 304 | DH_free(ret->dh_tmp); |
| 316 | #endif | ||
| 317 | #ifndef OPENSSL_NO_ECDH | ||
| 318 | if (ret->ecdh_tmp != NULL) | 305 | if (ret->ecdh_tmp != NULL) |
| 319 | EC_KEY_free(ret->ecdh_tmp); | 306 | EC_KEY_free(ret->ecdh_tmp); |
| 320 | #endif | ||
| 321 | 307 | ||
| 322 | for (i = 0; i < SSL_PKEY_NUM; i++) { | 308 | for (i = 0; i < SSL_PKEY_NUM; i++) { |
| 323 | if (ret->pkeys[i].x509 != NULL) | 309 | if (ret->pkeys[i].x509 != NULL) |
| @@ -344,14 +330,10 @@ ssl_cert_free(CERT *c) | |||
| 344 | 330 | ||
| 345 | if (c->rsa_tmp) | 331 | if (c->rsa_tmp) |
| 346 | RSA_free(c->rsa_tmp); | 332 | RSA_free(c->rsa_tmp); |
| 347 | #ifndef OPENSSL_NO_DH | ||
| 348 | if (c->dh_tmp) | 333 | if (c->dh_tmp) |
| 349 | DH_free(c->dh_tmp); | 334 | DH_free(c->dh_tmp); |
| 350 | #endif | ||
| 351 | #ifndef OPENSSL_NO_ECDH | ||
| 352 | if (c->ecdh_tmp) | 335 | if (c->ecdh_tmp) |
| 353 | EC_KEY_free(c->ecdh_tmp); | 336 | EC_KEY_free(c->ecdh_tmp); |
| 354 | #endif | ||
| 355 | 337 | ||
| 356 | for (i = 0; i < SSL_PKEY_NUM; i++) { | 338 | for (i = 0; i < SSL_PKEY_NUM; i++) { |
| 357 | if (c->pkeys[i].x509 != NULL) | 339 | if (c->pkeys[i].x509 != NULL) |
| @@ -437,14 +419,10 @@ ssl_sess_cert_free(SESS_CERT *sc) | |||
| 437 | 419 | ||
| 438 | if (sc->peer_rsa_tmp != NULL) | 420 | if (sc->peer_rsa_tmp != NULL) |
| 439 | RSA_free(sc->peer_rsa_tmp); | 421 | RSA_free(sc->peer_rsa_tmp); |
| 440 | #ifndef OPENSSL_NO_DH | ||
| 441 | if (sc->peer_dh_tmp != NULL) | 422 | if (sc->peer_dh_tmp != NULL) |
| 442 | DH_free(sc->peer_dh_tmp); | 423 | DH_free(sc->peer_dh_tmp); |
| 443 | #endif | ||
| 444 | #ifndef OPENSSL_NO_ECDH | ||
| 445 | if (sc->peer_ecdh_tmp != NULL) | 424 | if (sc->peer_ecdh_tmp != NULL) |
| 446 | EC_KEY_free(sc->peer_ecdh_tmp); | 425 | EC_KEY_free(sc->peer_ecdh_tmp); |
| 447 | #endif | ||
| 448 | 426 | ||
| 449 | free(sc); | 427 | free(sc); |
| 450 | } | 428 | } |