Convert ssl3_get_server_kex_ecdhe() to CBS, simplifying tls1_check_curve()

in the process. This also fixes a long standing bug where tls1_ec_curve_id2nid() is called with only one byte of the curve ID. ok beck@ miod@
author: jsing <> 2016-11-05 08:26:37 +0000
committer: jsing <> 2016-11-05 08:26:37 +0000
commit: 9fa2112db3b5977fa473ce68fa02199114a3b870 (patch)
tree: f18e5a0a899b59b54269ba0efb72acd8d5566f6f /src/lib/libssl/ssl_locl.h
parent: 8e601af590fe4daecd1a7d96cddb851fc0118296 (diff)
download: openbsd-9fa2112db3b5977fa473ce68fa02199114a3b870.tar.gz
openbsd-9fa2112db3b5977fa473ce68fa02199114a3b870.tar.bz2
openbsd-9fa2112db3b5977fa473ce68fa02199114a3b870.zip
1 files changed, 4 insertions, 4 deletions
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index 1b3838a33f..4386f0f7e5 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.134 2016/11/04 19:11:43 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.135 2016/11/05 08:26:36 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -772,9 +772,9 @@ int ssl_ok(SSL *s);
 int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s);
-int tls1_ec_curve_id2nid(uint16_t curve_id);
+int tls1_ec_curve_id2nid(const uint16_t curve_id);
-uint16_t tls1_ec_nid2curve_id(int nid);
+uint16_t tls1_ec_nid2curve_id(const int nid);
-int tls1_check_curve(SSL *s, const unsigned char *p, size_t len);
+int tls1_check_curve(SSL *s, const uint16_t curve_id);
 int tls1_get_shared_curve(SSL *s);
 unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p,
author	jsing <>	2016-11-05 08:26:37 +0000
committer	jsing <>	2016-11-05 08:26:37 +0000
commit	9fa2112db3b5977fa473ce68fa02199114a3b870 (patch)
tree	f18e5a0a899b59b54269ba0efb72acd8d5566f6f /src/lib/libssl/ssl_locl.h
parent	8e601af590fe4daecd1a7d96cddb851fc0118296 (diff)
download	openbsd-9fa2112db3b5977fa473ce68fa02199114a3b870.tar.gz openbsd-9fa2112db3b5977fa473ce68fa02199114a3b870.tar.bz2 openbsd-9fa2112db3b5977fa473ce68fa02199114a3b870.zip

diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h index 1b3838a33f..4386f0f7e5 100644 --- a/src/lib/libssl/ssl_locl.h +++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_locl.h,v 1.134 2016/11/04 19:11:43 jsing Exp $ */	1	/* $OpenBSD: ssl_locl.h,v 1.135 2016/11/05 08:26:36 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -772,9 +772,9 @@ int ssl_ok(SSL *s);
772		772
773	int ssl_check_srvr_ecc_cert_and_alg(X509 x, SSL s);	773	int ssl_check_srvr_ecc_cert_and_alg(X509 x, SSL s);
774		774
775	int tls1_ec_curve_id2nid(uint16_t curve_id);	775	int tls1_ec_curve_id2nid(const uint16_t curve_id);
776	uint16_t tls1_ec_nid2curve_id(int nid);	776	uint16_t tls1_ec_nid2curve_id(const int nid);
777	int tls1_check_curve(SSL s, const unsigned char p, size_t len);	777	int tls1_check_curve(SSL *s, const uint16_t curve_id);
778	int tls1_get_shared_curve(SSL *s);	778	int tls1_get_shared_curve(SSL *s);
779		779
780	unsigned char ssl_add_clienthello_tlsext(SSL s, unsigned char *p,	780	unsigned char ssl_add_clienthello_tlsext(SSL s, unsigned char *p,