diff options
| -rw-r--r-- | src/lib/libssl/src/ssl/s3_lib.c | 18 | ||||
| -rw-r--r-- | src/lib/libssl/src/ssl/s3_srvr.c | 25 |
2 files changed, 6 insertions, 37 deletions
diff --git a/src/lib/libssl/src/ssl/s3_lib.c b/src/lib/libssl/src/ssl/s3_lib.c index c6062934dc..c31486d477 100644 --- a/src/lib/libssl/src/ssl/s3_lib.c +++ b/src/lib/libssl/src/ssl/s3_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_lib.c,v 1.95 2015/02/08 22:06:49 miod Exp $ */ | 1 | /* $OpenBSD: s3_lib.c,v 1.95.4.1 2016/01/27 02:11:34 beck Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -2176,14 +2176,6 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) | |||
| 2176 | ERR_R_DH_LIB); | 2176 | ERR_R_DH_LIB); |
| 2177 | return (ret); | 2177 | return (ret); |
| 2178 | } | 2178 | } |
| 2179 | if (!(s->options & SSL_OP_SINGLE_DH_USE)) { | ||
| 2180 | if (!DH_generate_key(dh)) { | ||
| 2181 | DH_free(dh); | ||
| 2182 | SSLerr(SSL_F_SSL3_CTRL, | ||
| 2183 | ERR_R_DH_LIB); | ||
| 2184 | return (ret); | ||
| 2185 | } | ||
| 2186 | } | ||
| 2187 | DH_free(s->cert->dh_tmp); | 2179 | DH_free(s->cert->dh_tmp); |
| 2188 | s->cert->dh_tmp = dh; | 2180 | s->cert->dh_tmp = dh; |
| 2189 | ret = 1; | 2181 | ret = 1; |
| @@ -2367,14 +2359,6 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) | |||
| 2367 | ERR_R_DH_LIB); | 2359 | ERR_R_DH_LIB); |
| 2368 | return 0; | 2360 | return 0; |
| 2369 | } | 2361 | } |
| 2370 | if (!(ctx->options & SSL_OP_SINGLE_DH_USE)) { | ||
| 2371 | if (!DH_generate_key(new)) { | ||
| 2372 | SSLerr(SSL_F_SSL3_CTX_CTRL, | ||
| 2373 | ERR_R_DH_LIB); | ||
| 2374 | DH_free(new); | ||
| 2375 | return 0; | ||
| 2376 | } | ||
| 2377 | } | ||
| 2378 | DH_free(cert->dh_tmp); | 2362 | DH_free(cert->dh_tmp); |
| 2379 | cert->dh_tmp = new; | 2363 | cert->dh_tmp = new; |
| 2380 | return 1; | 2364 | return 1; |
diff --git a/src/lib/libssl/src/ssl/s3_srvr.c b/src/lib/libssl/src/ssl/s3_srvr.c index 0bff0204d9..1b83711143 100644 --- a/src/lib/libssl/src/ssl/s3_srvr.c +++ b/src/lib/libssl/src/ssl/s3_srvr.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_srvr.c,v 1.100 2015/02/25 03:49:21 bcook Exp $ */ | 1 | /* $OpenBSD: s3_srvr.c,v 1.100.4.1 2016/01/27 02:11:34 beck Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -1367,25 +1367,10 @@ ssl3_send_server_key_exchange(SSL *s) | |||
| 1367 | goto err; | 1367 | goto err; |
| 1368 | } | 1368 | } |
| 1369 | s->s3->tmp.dh = dh; | 1369 | s->s3->tmp.dh = dh; |
| 1370 | 1370 | if (!DH_generate_key(dh)) { | |
| 1371 | if ((dhp->pub_key == NULL || dhp->priv_key == NULL || | 1371 | SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, |
| 1372 | (s->options & SSL_OP_SINGLE_DH_USE))) { | 1372 | ERR_R_DH_LIB); |
| 1373 | if (!DH_generate_key(dh)) { | 1373 | goto err; |
| 1374 | SSLerr( | ||
| 1375 | SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, | ||
| 1376 | ERR_R_DH_LIB); | ||
| 1377 | goto err; | ||
| 1378 | } | ||
| 1379 | } else { | ||
| 1380 | dh->pub_key = BN_dup(dhp->pub_key); | ||
| 1381 | dh->priv_key = BN_dup(dhp->priv_key); | ||
| 1382 | if ((dh->pub_key == NULL) || | ||
| 1383 | (dh->priv_key == NULL)) { | ||
| 1384 | SSLerr( | ||
| 1385 | SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, | ||
| 1386 | ERR_R_DH_LIB); | ||
| 1387 | goto err; | ||
| 1388 | } | ||
| 1389 | } | 1374 | } |
| 1390 | r[0] = dh->p; | 1375 | r[0] = dh->p; |
| 1391 | r[1] = dh->g; | 1376 | r[1] = dh->g; |