summaryrefslogtreecommitdiff
path: root/src/lib/libssl/ssl_sigalgs.c
diff options
context:
space:
mode:
authortb <>2022-07-02 16:31:04 +0000
committertb <>2022-07-02 16:31:04 +0000
commit5d994915db5d0a0615b6618184d705dbf25a7473 (patch)
treebc3bde853323758696c370e558e602d43422a86d /src/lib/libssl/ssl_sigalgs.c
parentb6005b83ccc59320a316c38108b7b45ca4682fbd (diff)
downloadopenbsd-5d994915db5d0a0615b6618184d705dbf25a7473.tar.gz
openbsd-5d994915db5d0a0615b6618184d705dbf25a7473.tar.bz2
openbsd-5d994915db5d0a0615b6618184d705dbf25a7473.zip
Stop using ssl{_ctx,}_security() outside of ssl_seclevel.c
The API is ugly and we can easily abstract it away. The SSL_SECOP_* stuff is now confined into ssl_seclevel.c and the rest of the library can make use of the more straightforward wrappers, which makes it a lot easier on the eyes. ok beck jsing
Diffstat (limited to 'src/lib/libssl/ssl_sigalgs.c')
-rw-r--r--src/lib/libssl/ssl_sigalgs.c7
1 files changed, 2 insertions, 5 deletions
diff --git a/src/lib/libssl/ssl_sigalgs.c b/src/lib/libssl/ssl_sigalgs.c
index 754d76e72a..c3e07e5c65 100644
--- a/src/lib/libssl/ssl_sigalgs.c
+++ b/src/lib/libssl/ssl_sigalgs.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_sigalgs.c,v 1.46 2022/07/02 16:00:12 tb Exp $ */ 1/* $OpenBSD: ssl_sigalgs.c,v 1.47 2022/07/02 16:31:04 tb Exp $ */
2/* 2/*
3 * Copyright (c) 2018-2020 Bob Beck <beck@openbsd.org> 3 * Copyright (c) 2018-2020 Bob Beck <beck@openbsd.org>
4 * Copyright (c) 2021 Joel Sing <jsing@openbsd.org> 4 * Copyright (c) 2021 Joel Sing <jsing@openbsd.org>
@@ -307,11 +307,8 @@ ssl_sigalg_pkey_ok(SSL *s, const struct ssl_sigalg *sigalg, EVP_PKEY *pkey)
307 return 0; 307 return 0;
308 } 308 }
309 309
310#if defined(LIBRESSL_HAS_SECURITY_LEVEL) 310 if (!ssl_security_sigalg_check(s, pkey))
311 if (!ssl_security(s, SSL_SECOP_SIGALG_CHECK,
312 EVP_PKEY_security_bits(pkey), 0, NULL))
313 return 0; 311 return 0;
314#endif
315 312
316 if (s->s3->hs.negotiated_tls_version < TLS1_3_VERSION) 313 if (s->s3->hs.negotiated_tls_version < TLS1_3_VERSION)
317 return 1; 314 return 1;