3 files changed, 9 insertions, 9 deletions
diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c
index ca54515a32..c031b70c0a 100644
--- a/src/lib/libssl/ssl_clnt.c
+++ b/src/lib/libssl/ssl_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_clnt.c,v 1.132 2022/01/09 15:40:13 jsing Exp $ */
+/* $OpenBSD: ssl_clnt.c,v 1.133 2022/01/09 15:53:52 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -2456,8 +2456,8 @@ ssl3_check_cert_and_algorithm(SSL *s)
        idx = s->session->peer_cert_type;
        if (idx == SSL_PKEY_ECC) {
-                if (ssl_check_srvr_ecc_cert_and_alg(
+                if (ssl_check_srvr_ecc_cert_and_alg(s,
-                    s->session->peer_pkeys[idx].x509, s) == 0) {
+                    s->session->peer_pkeys[idx].x509) == 0) {
                        /* check failed */
                        SSLerror(s, SSL_R_BAD_ECC_CERT);
                        goto fatal_err;
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
index fb0920cdf2..bfa312207d 100644
--- a/src/lib/libssl/ssl_lib.c
+++ b/src/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_lib.c,v 1.283 2022/01/08 12:59:58 jsing Exp $ */
+/* $OpenBSD: ssl_lib.c,v 1.284 2022/01/09 15:53:52 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -2235,10 +2235,10 @@ ssl_using_ecc_cipher(SSL *s)
 }
 int
-ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
+ssl_check_srvr_ecc_cert_and_alg(SSL *s, X509 *x)
 {
-        const SSL_CIPHER        *cs = S3I(s)->hs.cipher;
+        const SSL_CIPHER *cs = S3I(s)->hs.cipher;
-        unsigned long            alg_a;
+        unsigned long alg_a;
        alg_a = cs->algorithm_auth;
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index d559e7148a..fcb369405c 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.379 2022/01/08 12:59:59 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.380 2022/01/09 15:53:52 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -1479,7 +1479,7 @@ int tls12_derive_master_secret(SSL *s, uint8_t *premaster_secret,
    size_t premaster_secret_len);
 int ssl_using_ecc_cipher(SSL *s);
-int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s);
+int ssl_check_srvr_ecc_cert_and_alg(SSL *s, X509 *x);
 void tls1_get_formatlist(SSL *s, int client_formats, const uint8_t **pformats,
    size_t *pformatslen);

diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c index ca54515a32..c031b70c0a 100644 --- a/src/lib/libssl/ssl_clnt.c +++ b/src/lib/libssl/ssl_clnt.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_clnt.c,v 1.132 2022/01/09 15:40:13 jsing Exp $ */	1	/* $OpenBSD: ssl_clnt.c,v 1.133 2022/01/09 15:53:52 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -2456,8 +2456,8 @@ ssl3_check_cert_and_algorithm(SSL *s)
2456		2456
2457	idx = s->session->peer_cert_type;	2457	idx = s->session->peer_cert_type;
2458	if (idx == SSL_PKEY_ECC) {	2458	if (idx == SSL_PKEY_ECC) {
2459	if (ssl_check_srvr_ecc_cert_and_alg(	2459	if (ssl_check_srvr_ecc_cert_and_alg(s,
2460	s->session->peer_pkeys[idx].x509, s) == 0) {	2460	s->session->peer_pkeys[idx].x509) == 0) {
2461	/* check failed */	2461	/* check failed */
2462	SSLerror(s, SSL_R_BAD_ECC_CERT);	2462	SSLerror(s, SSL_R_BAD_ECC_CERT);
2463	goto fatal_err;	2463	goto fatal_err;


diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c index fb0920cdf2..bfa312207d 100644 --- a/src/lib/libssl/ssl_lib.c +++ b/src/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_lib.c,v 1.283 2022/01/08 12:59:58 jsing Exp $ */	1	/* $OpenBSD: ssl_lib.c,v 1.284 2022/01/09 15:53:52 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -2235,10 +2235,10 @@ ssl_using_ecc_cipher(SSL *s)
2235	}	2235	}
2236		2236
2237	int	2237	int
2238	ssl_check_srvr_ecc_cert_and_alg(X509 x, SSL s)	2238	ssl_check_srvr_ecc_cert_and_alg(SSL s, X509 x)
2239	{	2239	{
2240	const SSL_CIPHER *cs = S3I(s)->hs.cipher;	2240	const SSL_CIPHER *cs = S3I(s)->hs.cipher;
2241	unsigned long alg_a;	2241	unsigned long alg_a;
2242		2242
2243	alg_a = cs->algorithm_auth;	2243	alg_a = cs->algorithm_auth;
2244		2244


diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h index d559e7148a..fcb369405c 100644 --- a/src/lib/libssl/ssl_locl.h +++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_locl.h,v 1.379 2022/01/08 12:59:59 jsing Exp $ */	1	/* $OpenBSD: ssl_locl.h,v 1.380 2022/01/09 15:53:52 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -1479,7 +1479,7 @@ int tls12_derive_master_secret(SSL s, uint8_t premaster_secret,
1479	size_t premaster_secret_len);	1479	size_t premaster_secret_len);
1480		1480
1481	int ssl_using_ecc_cipher(SSL *s);	1481	int ssl_using_ecc_cipher(SSL *s);
1482	int ssl_check_srvr_ecc_cert_and_alg(X509 x, SSL s);	1482	int ssl_check_srvr_ecc_cert_and_alg(SSL s, X509 x);
1483		1483
1484	void tls1_get_formatlist(SSL s, int client_formats, const uint8_t *pformats,	1484	void tls1_get_formatlist(SSL s, int client_formats, const uint8_t *pformats,
1485	size_t *pformatslen);	1485	size_t *pformatslen);