diff options
| author | beck <> | 2023-07-08 16:40:14 +0000 |
|---|---|---|
| committer | beck <> | 2023-07-08 16:40:14 +0000 |
| commit | fce75ad52c1586db1ba9f44c6be85668e7d4a110 (patch) | |
| tree | d94ae887e23f22265426a27314feb2539fbd467b /src/lib/libssl/ssl_srvr.c | |
| parent | c15c3edb5607f3e03c47fdea19a5828ad6d9c477 (diff) | |
| download | openbsd-fce75ad52c1586db1ba9f44c6be85668e7d4a110.tar.gz openbsd-fce75ad52c1586db1ba9f44c6be85668e7d4a110.tar.bz2 openbsd-fce75ad52c1586db1ba9f44c6be85668e7d4a110.zip | |
Hide all public symbols in libssl
With the guentherizer 9000
ok tb@
Diffstat (limited to '')
| -rw-r--r-- | src/lib/libssl/ssl_srvr.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/src/lib/libssl/ssl_srvr.c b/src/lib/libssl/ssl_srvr.c index 8edbf77156..a518e1ac91 100644 --- a/src/lib/libssl/ssl_srvr.c +++ b/src/lib/libssl/ssl_srvr.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_srvr.c,v 1.155 2023/06/11 19:01:01 tb Exp $ */ | 1 | /* $OpenBSD: ssl_srvr.c,v 1.156 2023/07/08 16:40:13 beck Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -1832,8 +1832,10 @@ ssl3_get_client_kex_gost(SSL *s, CBS *cbs) | |||
| 1832 | CBS gostblob; | 1832 | CBS gostblob; |
| 1833 | 1833 | ||
| 1834 | /* Get our certificate private key*/ | 1834 | /* Get our certificate private key*/ |
| 1835 | #ifndef OPENSSL_NO_GOST | ||
| 1835 | if ((s->s3->hs.cipher->algorithm_auth & SSL_aGOST01) != 0) | 1836 | if ((s->s3->hs.cipher->algorithm_auth & SSL_aGOST01) != 0) |
| 1836 | pkey = s->cert->pkeys[SSL_PKEY_GOST01].privatekey; | 1837 | pkey = s->cert->pkeys[SSL_PKEY_GOST01].privatekey; |
| 1838 | #endif | ||
| 1837 | 1839 | ||
| 1838 | if ((pkey_ctx = EVP_PKEY_CTX_new(pkey, NULL)) == NULL) | 1840 | if ((pkey_ctx = EVP_PKEY_CTX_new(pkey, NULL)) == NULL) |
| 1839 | goto err; | 1841 | goto err; |
| @@ -2047,6 +2049,7 @@ ssl3_get_cert_verify(SSL *s) | |||
| 2047 | al = SSL_AD_INTERNAL_ERROR; | 2049 | al = SSL_AD_INTERNAL_ERROR; |
| 2048 | goto fatal_err; | 2050 | goto fatal_err; |
| 2049 | } | 2051 | } |
| 2052 | #ifndef OPENSSL_NO_GOST | ||
| 2050 | if (sigalg->key_type == EVP_PKEY_GOSTR01 && | 2053 | if (sigalg->key_type == EVP_PKEY_GOSTR01 && |
| 2051 | EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_VERIFY, | 2054 | EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_VERIFY, |
| 2052 | EVP_PKEY_CTRL_GOST_SIG_FORMAT, GOST_SIG_FORMAT_RS_LE, | 2055 | EVP_PKEY_CTRL_GOST_SIG_FORMAT, GOST_SIG_FORMAT_RS_LE, |
| @@ -2054,6 +2057,7 @@ ssl3_get_cert_verify(SSL *s) | |||
| 2054 | al = SSL_AD_INTERNAL_ERROR; | 2057 | al = SSL_AD_INTERNAL_ERROR; |
| 2055 | goto fatal_err; | 2058 | goto fatal_err; |
| 2056 | } | 2059 | } |
| 2060 | #endif | ||
| 2057 | if (EVP_DigestVerify(mctx, CBS_data(&signature), | 2061 | if (EVP_DigestVerify(mctx, CBS_data(&signature), |
| 2058 | CBS_len(&signature), hdata, hdatalen) <= 0) { | 2062 | CBS_len(&signature), hdata, hdatalen) <= 0) { |
| 2059 | SSLerror(s, ERR_R_EVP_LIB); | 2063 | SSLerror(s, ERR_R_EVP_LIB); |