diff options
Diffstat (limited to '')
| -rw-r--r-- | src/lib/libssl/d1_srvr.c | 26 |
1 files changed, 1 insertions, 25 deletions
diff --git a/src/lib/libssl/d1_srvr.c b/src/lib/libssl/d1_srvr.c index 9fdb6c290b..d94c08a313 100644 --- a/src/lib/libssl/d1_srvr.c +++ b/src/lib/libssl/d1_srvr.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: d1_srvr.c,v 1.29 2014/07/10 08:51:14 tedu Exp $ */ | 1 | /* $OpenBSD: d1_srvr.c,v 1.30 2014/07/11 09:24:44 beck Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * DTLS implementation written by Nagendra Modadugu | 3 | * DTLS implementation written by Nagendra Modadugu |
| 4 | * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. | 4 | * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. |
| @@ -464,11 +464,6 @@ dtls1_accept(SSL *s) | |||
| 464 | /* only send if a DH key exchange or | 464 | /* only send if a DH key exchange or |
| 465 | * RSA but we have a sign only certificate */ | 465 | * RSA but we have a sign only certificate */ |
| 466 | if (s->s3->tmp.use_rsa_tmp | 466 | if (s->s3->tmp.use_rsa_tmp |
| 467 | /* PSK: send ServerKeyExchange if PSK identity | ||
| 468 | * hint if provided */ | ||
| 469 | #ifndef OPENSSL_NO_PSK | ||
| 470 | || ((alg_k & SSL_kPSK) && s->ctx->psk_identity_hint) | ||
| 471 | #endif | ||
| 472 | || (alg_k & (SSL_kEDH|SSL_kDHr|SSL_kDHd)) | 467 | || (alg_k & (SSL_kEDH|SSL_kDHr|SSL_kDHd)) |
| 473 | || (alg_k & SSL_kEECDH) | 468 | || (alg_k & SSL_kEECDH) |
| 474 | || ((alg_k & SSL_kRSA) | 469 | || ((alg_k & SSL_kRSA) |
| @@ -1011,9 +1006,6 @@ dtls1_send_server_key_exchange(SSL *s) | |||
| 1011 | int curve_id = 0; | 1006 | int curve_id = 0; |
| 1012 | BN_CTX *bn_ctx = NULL; | 1007 | BN_CTX *bn_ctx = NULL; |
| 1013 | 1008 | ||
| 1014 | #ifndef OPENSSL_NO_PSK | ||
| 1015 | size_t pskhintlen = 0; | ||
| 1016 | #endif | ||
| 1017 | EVP_PKEY *pkey; | 1009 | EVP_PKEY *pkey; |
| 1018 | unsigned char *p, *d; | 1010 | unsigned char *p, *d; |
| 1019 | int al, i; | 1011 | int al, i; |
| @@ -1200,13 +1192,6 @@ dtls1_send_server_key_exchange(SSL *s) | |||
| 1200 | r[2] = NULL; | 1192 | r[2] = NULL; |
| 1201 | r[3] = NULL; | 1193 | r[3] = NULL; |
| 1202 | } else | 1194 | } else |
| 1203 | #ifndef OPENSSL_NO_PSK | ||
| 1204 | if (type & SSL_kPSK) { | ||
| 1205 | pskhintlen = strlen(s->ctx->psk_identity_hint); | ||
| 1206 | /* reserve size for record length and PSK identity hint*/ | ||
| 1207 | n += 2 + pskhintlen; | ||
| 1208 | } else | ||
| 1209 | #endif /* !OPENSSL_NO_PSK */ | ||
| 1210 | { | 1195 | { |
| 1211 | al = SSL_AD_HANDSHAKE_FAILURE; | 1196 | al = SSL_AD_HANDSHAKE_FAILURE; |
| 1212 | SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE); | 1197 | SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE); |
| @@ -1265,15 +1250,6 @@ dtls1_send_server_key_exchange(SSL *s) | |||
| 1265 | p += encodedlen; | 1250 | p += encodedlen; |
| 1266 | } | 1251 | } |
| 1267 | 1252 | ||
| 1268 | #ifndef OPENSSL_NO_PSK | ||
| 1269 | if (type & SSL_kPSK) { | ||
| 1270 | /* copy PSK identity hint */ | ||
| 1271 | s2n(pskhintlen, p); | ||
| 1272 | |||
| 1273 | memcpy(p, s->ctx->psk_identity_hint, pskhintlen); | ||
| 1274 | p += pskhintlen; | ||
| 1275 | } | ||
| 1276 | #endif | ||
| 1277 | 1253 | ||
| 1278 | /* not anonymous */ | 1254 | /* not anonymous */ |
| 1279 | if (pkey != NULL) { | 1255 | if (pkey != NULL) { |