summaryrefslogtreecommitdiff
path: root/src/lib/libssl/ssl_lib.c
diff options
context:
space:
mode:
authorjsing <>2014-09-07 12:16:23 +0000
committerjsing <>2014-09-07 12:16:23 +0000
commit18d160fc11609bddd53c5efcc2c7dad2ce507e5f (patch)
tree05653f416e3e348af48f738c0cc7f45d8437ec05 /src/lib/libssl/ssl_lib.c
parent18422c6ed17a6afacad5d41c8f6bc9114bb90018 (diff)
downloadopenbsd-18d160fc11609bddd53c5efcc2c7dad2ce507e5f.tar.gz
openbsd-18d160fc11609bddd53c5efcc2c7dad2ce507e5f.tar.bz2
openbsd-18d160fc11609bddd53c5efcc2c7dad2ce507e5f.zip
Remove SSL_kDHr, SSL_kDHd and SSL_aDH. No supported ciphersuites use them,
nor do we plan on supporting them. ok guenther@
Diffstat (limited to 'src/lib/libssl/ssl_lib.c')
-rw-r--r--src/lib/libssl/ssl_lib.c18
1 files changed, 2 insertions, 16 deletions
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
index fad600a07e..bd5f9f6da1 100644
--- a/src/lib/libssl/ssl_lib.c
+++ b/src/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_lib.c,v 1.83 2014/08/24 14:36:45 jsing Exp $ */ 1/* $OpenBSD: ssl_lib.c,v 1.84 2014/09/07 12:16:23 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -1929,7 +1929,7 @@ void
1929ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher) 1929ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
1930{ 1930{
1931 CERT_PKEY *cpk; 1931 CERT_PKEY *cpk;
1932 int rsa_enc, rsa_tmp, rsa_sign, dh_tmp, dh_rsa, dh_dsa, dsa_sign; 1932 int rsa_enc, rsa_tmp, rsa_sign, dh_tmp, dsa_sign;
1933 unsigned long mask_k, mask_a; 1933 unsigned long mask_k, mask_a;
1934 int have_ecc_cert, ecdh_ok, ecdsa_ok; 1934 int have_ecc_cert, ecdh_ok, ecdsa_ok;
1935 int have_ecdh_tmp; 1935 int have_ecdh_tmp;
@@ -1950,11 +1950,7 @@ ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
1950 rsa_sign = (cpk->x509 != NULL && cpk->privatekey != NULL); 1950 rsa_sign = (cpk->x509 != NULL && cpk->privatekey != NULL);
1951 cpk = &(c->pkeys[SSL_PKEY_DSA_SIGN]); 1951 cpk = &(c->pkeys[SSL_PKEY_DSA_SIGN]);
1952 dsa_sign = (cpk->x509 != NULL && cpk->privatekey != NULL); 1952 dsa_sign = (cpk->x509 != NULL && cpk->privatekey != NULL);
1953 cpk = &(c->pkeys[SSL_PKEY_DH_RSA]);
1954 dh_rsa = (cpk->x509 != NULL && cpk->privatekey != NULL);
1955 cpk = &(c->pkeys[SSL_PKEY_DH_DSA]);
1956/* FIX THIS EAY EAY EAY */ 1953/* FIX THIS EAY EAY EAY */
1957 dh_dsa = (cpk->x509 != NULL && cpk->privatekey != NULL);
1958 cpk = &(c->pkeys[SSL_PKEY_ECC]); 1954 cpk = &(c->pkeys[SSL_PKEY_ECC]);
1959 have_ecc_cert = (cpk->x509 != NULL && cpk->privatekey != NULL); 1955 have_ecc_cert = (cpk->x509 != NULL && cpk->privatekey != NULL);
1960 mask_k = 0; 1956 mask_k = 0;
@@ -1977,12 +1973,6 @@ ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
1977 if (dh_tmp) 1973 if (dh_tmp)
1978 mask_k|=SSL_kDHE; 1974 mask_k|=SSL_kDHE;
1979 1975
1980 if (dh_rsa)
1981 mask_k|=SSL_kDHr;
1982
1983 if (dh_dsa)
1984 mask_k|=SSL_kDHd;
1985
1986 if (rsa_enc || rsa_sign) 1976 if (rsa_enc || rsa_sign)
1987 mask_a|=SSL_aRSA; 1977 mask_a|=SSL_aRSA;
1988 1978
@@ -2124,10 +2114,6 @@ ssl_get_server_send_pkey(const SSL *s)
2124 i = SSL_PKEY_ECC; 2114 i = SSL_PKEY_ECC;
2125 } else if (alg_a & SSL_aECDSA) { 2115 } else if (alg_a & SSL_aECDSA) {
2126 i = SSL_PKEY_ECC; 2116 i = SSL_PKEY_ECC;
2127 } else if (alg_k & SSL_kDHr) {
2128 i = SSL_PKEY_DH_RSA;
2129 } else if (alg_k & SSL_kDHd) {
2130 i = SSL_PKEY_DH_DSA;
2131 } else if (alg_a & SSL_aDSS) { 2117 } else if (alg_a & SSL_aDSS) {
2132 i = SSL_PKEY_DSA_SIGN; 2118 i = SSL_PKEY_DSA_SIGN;
2133 } else if (alg_a & SSL_aRSA) { 2119 } else if (alg_a & SSL_aRSA) {
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-10-30 07:38:03 +0000