summaryrefslogtreecommitdiff
path: root/src/lib/libssl/ssl_lib.c
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--src/lib/libssl/ssl_lib.c20
1 files changed, 0 insertions, 20 deletions
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
index 6cc02c8d7a..d134a4f22a 100644
--- a/src/lib/libssl/ssl_lib.c
+++ b/src/lib/libssl/ssl_lib.c
@@ -149,9 +149,7 @@
149#include <openssl/x509v3.h> 149#include <openssl/x509v3.h>
150#include <openssl/rand.h> 150#include <openssl/rand.h>
151#include <openssl/ocsp.h> 151#include <openssl/ocsp.h>
152#ifndef OPENSSL_NO_DH
153#include <openssl/dh.h> 152#include <openssl/dh.h>
154#endif
155#ifndef OPENSSL_NO_ENGINE 153#ifndef OPENSSL_NO_ENGINE
156#include <openssl/engine.h> 154#include <openssl/engine.h>
157#endif 155#endif
@@ -2002,9 +2000,7 @@ ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
2002 int rsa_tmp_export, dh_tmp_export, kl; 2000 int rsa_tmp_export, dh_tmp_export, kl;
2003 unsigned long mask_k, mask_a, emask_k, emask_a; 2001 unsigned long mask_k, mask_a, emask_k, emask_a;
2004 int have_ecc_cert, ecdh_ok, ecdsa_ok, ecc_pkey_size; 2002 int have_ecc_cert, ecdh_ok, ecdsa_ok, ecc_pkey_size;
2005#ifndef OPENSSL_NO_ECDH
2006 int have_ecdh_tmp; 2003 int have_ecdh_tmp;
2007#endif
2008 X509 *x = NULL; 2004 X509 *x = NULL;
2009 EVP_PKEY *ecc_pkey = NULL; 2005 EVP_PKEY *ecc_pkey = NULL;
2010 int signature_nid = 0, pk_nid = 0, md_nid = 0; 2006 int signature_nid = 0, pk_nid = 0, md_nid = 0;
@@ -2017,17 +2013,11 @@ ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
2017 rsa_tmp = (c->rsa_tmp != NULL || c->rsa_tmp_cb != NULL); 2013 rsa_tmp = (c->rsa_tmp != NULL || c->rsa_tmp_cb != NULL);
2018 rsa_tmp_export = (c->rsa_tmp_cb != NULL || 2014 rsa_tmp_export = (c->rsa_tmp_cb != NULL ||
2019 (rsa_tmp && RSA_size(c->rsa_tmp)*8 <= kl)); 2015 (rsa_tmp && RSA_size(c->rsa_tmp)*8 <= kl));
2020#ifndef OPENSSL_NO_DH
2021 dh_tmp = (c->dh_tmp != NULL || c->dh_tmp_cb != NULL); 2016 dh_tmp = (c->dh_tmp != NULL || c->dh_tmp_cb != NULL);
2022 dh_tmp_export = (c->dh_tmp_cb != NULL || 2017 dh_tmp_export = (c->dh_tmp_cb != NULL ||
2023 (dh_tmp && DH_size(c->dh_tmp)*8 <= kl)); 2018 (dh_tmp && DH_size(c->dh_tmp)*8 <= kl));
2024#else
2025 dh_tmp = dh_tmp_export = 0;
2026#endif
2027 2019
2028#ifndef OPENSSL_NO_ECDH
2029 have_ecdh_tmp = (c->ecdh_tmp != NULL || c->ecdh_tmp_cb != NULL); 2020 have_ecdh_tmp = (c->ecdh_tmp != NULL || c->ecdh_tmp_cb != NULL);
2030#endif
2031 cpk = &(c->pkeys[SSL_PKEY_RSA_ENC]); 2021 cpk = &(c->pkeys[SSL_PKEY_RSA_ENC]);
2032 rsa_enc = (cpk->x509 != NULL && cpk->privatekey != NULL); 2022 rsa_enc = (cpk->x509 != NULL && cpk->privatekey != NULL);
2033 rsa_enc_export = (rsa_enc && EVP_PKEY_size(cpk->privatekey)*8 <= kl); 2023 rsa_enc_export = (rsa_enc && EVP_PKEY_size(cpk->privatekey)*8 <= kl);
@@ -2128,7 +2118,6 @@ ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
2128 signature_nid = OBJ_obj2nid(x->sig_alg->algorithm); 2118 signature_nid = OBJ_obj2nid(x->sig_alg->algorithm);
2129 OBJ_find_sigid_algs(signature_nid, &md_nid, &pk_nid); 2119 OBJ_find_sigid_algs(signature_nid, &md_nid, &pk_nid);
2130 } 2120 }
2131#ifndef OPENSSL_NO_ECDH
2132 if (ecdh_ok) { 2121 if (ecdh_ok) {
2133 2122
2134 if (pk_nid == NID_rsaEncryption || pk_nid == NID_rsa) { 2123 if (pk_nid == NID_rsaEncryption || pk_nid == NID_rsa) {
@@ -2149,21 +2138,16 @@ ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
2149 } 2138 }
2150 } 2139 }
2151 } 2140 }
2152#endif
2153#ifndef OPENSSL_NO_ECDSA
2154 if (ecdsa_ok) { 2141 if (ecdsa_ok) {
2155 mask_a|=SSL_aECDSA; 2142 mask_a|=SSL_aECDSA;
2156 emask_a|=SSL_aECDSA; 2143 emask_a|=SSL_aECDSA;
2157 } 2144 }
2158#endif
2159 } 2145 }
2160 2146
2161#ifndef OPENSSL_NO_ECDH
2162 if (have_ecdh_tmp) { 2147 if (have_ecdh_tmp) {
2163 mask_k|=SSL_kEECDH; 2148 mask_k|=SSL_kEECDH;
2164 emask_k|=SSL_kEECDH; 2149 emask_k|=SSL_kEECDH;
2165 } 2150 }
2166#endif
2167 2151
2168#ifndef OPENSSL_NO_PSK 2152#ifndef OPENSSL_NO_PSK
2169 mask_k |= SSL_kPSK; 2153 mask_k |= SSL_kPSK;
@@ -3072,7 +3056,6 @@ cb(SSL *ssl, int is_export, int keylength)
3072 * \param dh the callback 3056 * \param dh the callback
3073 */ 3057 */
3074 3058
3075#ifndef OPENSSL_NO_DH
3076void 3059void
3077SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx, DH *(*dh)(SSL *ssl, int is_export, 3060SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx, DH *(*dh)(SSL *ssl, int is_export,
3078 int keylength)) 3061 int keylength))
@@ -3086,9 +3069,7 @@ SSL_set_tmp_dh_callback(SSL *ssl, DH *(*dh)(SSL *ssl, int is_export,
3086{ 3069{
3087 SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_DH_CB,(void (*)(void))dh); 3070 SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_DH_CB,(void (*)(void))dh);
3088} 3071}
3089#endif
3090 3072
3091#ifndef OPENSSL_NO_ECDH
3092void 3073void
3093SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx, EC_KEY *(*ecdh)(SSL *ssl, 3074SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx, EC_KEY *(*ecdh)(SSL *ssl,
3094 int is_export, int keylength)) 3075 int is_export, int keylength))
@@ -3103,7 +3084,6 @@ SSL_set_tmp_ecdh_callback(SSL *ssl, EC_KEY *(*ecdh)(SSL *ssl, int is_export,
3103{ 3084{
3104 SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_ECDH_CB,(void (*)(void))ecdh); 3085 SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_ECDH_CB,(void (*)(void))ecdh);
3105} 3086}
3106#endif
3107 3087
3108#ifndef OPENSSL_NO_PSK 3088#ifndef OPENSSL_NO_PSK
3109int 3089int
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-25 06:17:17 +0000