summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authortedu <>2014-04-18 22:39:08 +0000
committertedu <>2014-04-18 22:39:08 +0000
commit8b311d691c1644d610b65caacf0e7589a47eee84 (patch)
tree1cdb4470b678078d62eb1518cde846934200d4c4 /src
parent3e5241766622d5c10f810ea0b999805f06c70c7f (diff)
downloadopenbsd-8b311d691c1644d610b65caacf0e7589a47eee84.tar.gz
openbsd-8b311d691c1644d610b65caacf0e7589a47eee84.tar.bz2
openbsd-8b311d691c1644d610b65caacf0e7589a47eee84.zip
spacing
Diffstat (limited to 'src')
-rw-r--r--src/lib/libssl/s3_lib.c21
-rw-r--r--src/lib/libssl/src/ssl/s3_lib.c21
2 files changed, 22 insertions, 20 deletions
diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c
index 7833779f6b..fe638e84a9 100644
--- a/src/lib/libssl/s3_lib.c
+++ b/src/lib/libssl/s3_lib.c
@@ -2777,8 +2777,9 @@ ssl3_new(SSL *s)
2777{ 2777{
2778 SSL3_STATE *s3; 2778 SSL3_STATE *s3;
2779 2779
2780 if ((s3 = malloc(sizeof *s3)) == NULL) goto err; 2780 if ((s3 = malloc(sizeof *s3)) == NULL)
2781 memset(s3, 0, sizeof *s3); 2781 goto err;
2782 memset(s3, 0, sizeof *s3);
2782 memset(s3->rrec.seq_num, 0, sizeof(s3->rrec.seq_num)); 2783 memset(s3->rrec.seq_num, 0, sizeof(s3->rrec.seq_num));
2783 memset(s3->wrec.seq_num, 0, sizeof(s3->wrec.seq_num)); 2784 memset(s3->wrec.seq_num, 0, sizeof(s3->wrec.seq_num));
2784 2785
@@ -3081,9 +3082,9 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
3081 3082
3082#ifdef TLSEXT_TYPE_opaque_prf_input 3083#ifdef TLSEXT_TYPE_opaque_prf_input
3083 case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT: 3084 case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT:
3084 if (larg > 12288) /* actual internal limit is 2^16 for the complete hello message 3085 if (larg > 12288) {
3085 * (including the cert chain and everything) */ 3086 /* actual internal limit is 2^16 for the complete hello message
3086 { 3087 * (including the cert chain and everything) */
3087 SSLerr(SSL_F_SSL3_CTRL, SSL_R_OPAQUE_PRF_INPUT_TOO_LONG); 3088 SSLerr(SSL_F_SSL3_CTRL, SSL_R_OPAQUE_PRF_INPUT_TOO_LONG);
3088 break; 3089 break;
3089 } 3090 }
@@ -3200,9 +3201,8 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
3200 case SSL_CTRL_NEED_TMP_RSA: 3201 case SSL_CTRL_NEED_TMP_RSA:
3201 if ((cert->rsa_tmp == NULL) && 3202 if ((cert->rsa_tmp == NULL) &&
3202 ((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) || 3203 ((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
3203 (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512 / 8))) 3204 (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512 / 8))))
3204 ) 3205 return (1);
3205 return (1);
3206 else 3206 else
3207 return (0); 3207 return (0);
3208 /* break; */ 3208 /* break; */
@@ -3975,8 +3975,9 @@ long
3975ssl_get_algorithm2(SSL *s) 3975ssl_get_algorithm2(SSL *s)
3976{ 3976{
3977 long alg2 = s->s3->tmp.new_cipher->algorithm2; 3977 long alg2 = s->s3->tmp.new_cipher->algorithm2;
3978
3978 if (s->method->version == TLS1_2_VERSION && 3979 if (s->method->version == TLS1_2_VERSION &&
3979 alg2 == (SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF)) 3980 alg2 == (SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF))
3980 return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256; 3981 return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256;
3981 return alg2; 3982 return alg2;
3982} 3983}
diff --git a/src/lib/libssl/src/ssl/s3_lib.c b/src/lib/libssl/src/ssl/s3_lib.c
index 7833779f6b..fe638e84a9 100644
--- a/src/lib/libssl/src/ssl/s3_lib.c
+++ b/src/lib/libssl/src/ssl/s3_lib.c
@@ -2777,8 +2777,9 @@ ssl3_new(SSL *s)
2777{ 2777{
2778 SSL3_STATE *s3; 2778 SSL3_STATE *s3;
2779 2779
2780 if ((s3 = malloc(sizeof *s3)) == NULL) goto err; 2780 if ((s3 = malloc(sizeof *s3)) == NULL)
2781 memset(s3, 0, sizeof *s3); 2781 goto err;
2782 memset(s3, 0, sizeof *s3);
2782 memset(s3->rrec.seq_num, 0, sizeof(s3->rrec.seq_num)); 2783 memset(s3->rrec.seq_num, 0, sizeof(s3->rrec.seq_num));
2783 memset(s3->wrec.seq_num, 0, sizeof(s3->wrec.seq_num)); 2784 memset(s3->wrec.seq_num, 0, sizeof(s3->wrec.seq_num));
2784 2785
@@ -3081,9 +3082,9 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
3081 3082
3082#ifdef TLSEXT_TYPE_opaque_prf_input 3083#ifdef TLSEXT_TYPE_opaque_prf_input
3083 case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT: 3084 case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT:
3084 if (larg > 12288) /* actual internal limit is 2^16 for the complete hello message 3085 if (larg > 12288) {
3085 * (including the cert chain and everything) */ 3086 /* actual internal limit is 2^16 for the complete hello message
3086 { 3087 * (including the cert chain and everything) */
3087 SSLerr(SSL_F_SSL3_CTRL, SSL_R_OPAQUE_PRF_INPUT_TOO_LONG); 3088 SSLerr(SSL_F_SSL3_CTRL, SSL_R_OPAQUE_PRF_INPUT_TOO_LONG);
3088 break; 3089 break;
3089 } 3090 }
@@ -3200,9 +3201,8 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
3200 case SSL_CTRL_NEED_TMP_RSA: 3201 case SSL_CTRL_NEED_TMP_RSA:
3201 if ((cert->rsa_tmp == NULL) && 3202 if ((cert->rsa_tmp == NULL) &&
3202 ((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) || 3203 ((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
3203 (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512 / 8))) 3204 (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512 / 8))))
3204 ) 3205 return (1);
3205 return (1);
3206 else 3206 else
3207 return (0); 3207 return (0);
3208 /* break; */ 3208 /* break; */
@@ -3975,8 +3975,9 @@ long
3975ssl_get_algorithm2(SSL *s) 3975ssl_get_algorithm2(SSL *s)
3976{ 3976{
3977 long alg2 = s->s3->tmp.new_cipher->algorithm2; 3977 long alg2 = s->s3->tmp.new_cipher->algorithm2;
3978
3978 if (s->method->version == TLS1_2_VERSION && 3979 if (s->method->version == TLS1_2_VERSION &&
3979 alg2 == (SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF)) 3980 alg2 == (SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF))
3980 return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256; 3981 return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256;
3981 return alg2; 3982 return alg2;
3982} 3983}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-23 18:15:30 +0000