diff options
| author | tb <> | 2022-06-29 08:30:04 +0000 |
|---|---|---|
| committer | tb <> | 2022-06-29 08:30:04 +0000 |
| commit | c69fd884bf77af2e502677fb1c8119b3a650678b (patch) | |
| tree | 9bc7960741c35d37a08c36dd66b06fc316e04c94 /src/lib/libssl/ssl_seclevel.c | |
| parent | 1aa9f0fe78279eb8ca28f1560639591dc29a28b3 (diff) | |
| download | openbsd-c69fd884bf77af2e502677fb1c8119b3a650678b.tar.gz openbsd-c69fd884bf77af2e502677fb1c8119b3a650678b.tar.bz2 openbsd-c69fd884bf77af2e502677fb1c8119b3a650678b.zip | |
Also check the security level of the 'tmp dh'
ok beck jsing
Diffstat (limited to 'src/lib/libssl/ssl_seclevel.c')
| -rw-r--r-- | src/lib/libssl/ssl_seclevel.c | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/src/lib/libssl/ssl_seclevel.c b/src/lib/libssl/ssl_seclevel.c index 34cea637e0..e0d7a631cb 100644 --- a/src/lib/libssl/ssl_seclevel.c +++ b/src/lib/libssl/ssl_seclevel.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_seclevel.c,v 1.6 2022/06/29 08:27:51 tb Exp $ */ | 1 | /* $OpenBSD: ssl_seclevel.c,v 1.7 2022/06/29 08:30:04 tb Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2020 Theo Buehler <tb@openbsd.org> | 3 | * Copyright (c) 2020 Theo Buehler <tb@openbsd.org> |
| 4 | * | 4 | * |
| @@ -228,6 +228,16 @@ ssl_security(const SSL *ssl, int op, int bits, int nid, void *other) | |||
| 228 | } | 228 | } |
| 229 | 229 | ||
| 230 | int | 230 | int |
| 231 | ssl_ctx_security_dh(const SSL_CTX *ctx, DH *dh) | ||
| 232 | { | ||
| 233 | #if defined(LIBRESSL_HAS_SECURITY_LEVEL) | ||
| 234 | return ssl_ctx_security(ctx, SSL_SECOP_TMP_DH, DH_security_bits(dh), 0, | ||
| 235 | dh); | ||
| 236 | #else | ||
| 237 | return 1; | ||
| 238 | #endif | ||
| 239 | } | ||
| 240 | int | ||
| 231 | ssl_security_dh(const SSL *ssl, DH *dh) | 241 | ssl_security_dh(const SSL *ssl, DH *dh) |
| 232 | { | 242 | { |
| 233 | #if defined(LIBRESSL_HAS_SECURITY_LEVEL) | 243 | #if defined(LIBRESSL_HAS_SECURITY_LEVEL) |