summaryrefslogtreecommitdiff
path: root/src/lib/libssl/s3_both.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libssl/s3_both.c')
-rw-r--r--src/lib/libssl/s3_both.c41
1 files changed, 27 insertions, 14 deletions
diff --git a/src/lib/libssl/s3_both.c b/src/lib/libssl/s3_both.c
index 2ecfbb77cb..64d317b7ac 100644
--- a/src/lib/libssl/s3_both.c
+++ b/src/lib/libssl/s3_both.c
@@ -108,11 +108,6 @@
108 * Hudson (tjh@cryptsoft.com). 108 * Hudson (tjh@cryptsoft.com).
109 * 109 *
110 */ 110 */
111/* ====================================================================
112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113 * ECC cipher suite support in OpenSSL originally developed by
114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
115 */
116 111
117#include <limits.h> 112#include <limits.h>
118#include <string.h> 113#include <string.h>
@@ -197,7 +192,7 @@ int ssl3_get_finished(SSL *s, int a, int b)
197 * change cipher spec message and is in s->s3->tmp.peer_finish_md 192 * change cipher spec message and is in s->s3->tmp.peer_finish_md
198 */ 193 */
199 194
200 n=s->method->ssl_get_message(s, 195 n=ssl3_get_message(s,
201 a, 196 a,
202 b, 197 b,
203 SSL3_MT_FINISHED, 198 SSL3_MT_FINISHED,
@@ -391,8 +386,8 @@ long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
391 { 386 {
392 while (s->init_num < 4) 387 while (s->init_num < 4)
393 { 388 {
394 i=s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE, 389 i=ssl3_read_bytes(s,SSL3_RT_HANDSHAKE,&p[s->init_num],
395 &p[s->init_num],4 - s->init_num, 0); 390 4 - s->init_num, 0);
396 if (i <= 0) 391 if (i <= 0)
397 { 392 {
398 s->rwstate=SSL_READING; 393 s->rwstate=SSL_READING;
@@ -472,7 +467,7 @@ long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
472 n = s->s3->tmp.message_size - s->init_num; 467 n = s->s3->tmp.message_size - s->init_num;
473 while (n > 0) 468 while (n > 0)
474 { 469 {
475 i=s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE,&p[s->init_num],n,0); 470 i=ssl3_read_bytes(s,SSL3_RT_HANDSHAKE,&p[s->init_num],n,0);
476 if (i <= 0) 471 if (i <= 0)
477 { 472 {
478 s->rwstate=SSL_READING; 473 s->rwstate=SSL_READING;
@@ -497,7 +492,7 @@ err:
497int ssl_cert_type(X509 *x, EVP_PKEY *pkey) 492int ssl_cert_type(X509 *x, EVP_PKEY *pkey)
498 { 493 {
499 EVP_PKEY *pk; 494 EVP_PKEY *pk;
500 int ret= -1,i; 495 int ret= -1,i,j;
501 496
502 if (pkey == NULL) 497 if (pkey == NULL)
503 pk=X509_get_pubkey(x); 498 pk=X509_get_pubkey(x);
@@ -509,17 +504,35 @@ int ssl_cert_type(X509 *x, EVP_PKEY *pkey)
509 if (i == EVP_PKEY_RSA) 504 if (i == EVP_PKEY_RSA)
510 { 505 {
511 ret=SSL_PKEY_RSA_ENC; 506 ret=SSL_PKEY_RSA_ENC;
507 if (x != NULL)
508 {
509 j=X509_get_ext_count(x);
510 /* check to see if this is a signing only certificate */
511 /* EAY EAY EAY EAY */
512 }
512 } 513 }
513 else if (i == EVP_PKEY_DSA) 514 else if (i == EVP_PKEY_DSA)
514 { 515 {
515 ret=SSL_PKEY_DSA_SIGN; 516 ret=SSL_PKEY_DSA_SIGN;
516 } 517 }
517#ifndef OPENSSL_NO_EC 518 else if (i == EVP_PKEY_DH)
518 else if (i == EVP_PKEY_EC)
519 { 519 {
520 ret = SSL_PKEY_ECC; 520 /* if we just have a key, we needs to be guess */
521
522 if (x == NULL)
523 ret=SSL_PKEY_DH_DSA;
524 else
525 {
526 j=X509_get_signature_type(x);
527 if (j == EVP_PKEY_RSA)
528 ret=SSL_PKEY_DH_RSA;
529 else if (j== EVP_PKEY_DSA)
530 ret=SSL_PKEY_DH_DSA;
531 else ret= -1;
532 }
521 } 533 }
522#endif 534 else
535 ret= -1;
523 536
524err: 537err:
525 if(!pkey) EVP_PKEY_free(pk); 538 if(!pkey) EVP_PKEY_free(pk);
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-18 20:52:09 +0000