From 224cc55e7b0aa21110d14dd564e88e13893a294e Mon Sep 17 00:00:00 2001
From: guenther <>
Date: Mon, 28 Jul 2014 04:23:12 +0000
Subject: The RSA, DH, and ECDH temporary key callbacks expect the number of
 keybits for the key (expressed in RSA key bits, which makes *no sense* for
 ECDH) as their second argument, not zero.

(jsing@ notes that the RSA callback is only invoked for 'export' ciphers,
which have been removed from LibreSSL, and for the SSL_OP_EPHEMERAL_RSA
option, which is makes the application non-compliant.  More fuel for the
tedu fire...)

jasper@ noted the breakage and bisected it down to the diff that broke this
ok jsing@ miod@
---
 src/lib/libssl/d1_srvr.c | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

(limited to 'src/lib/libssl/d1_srvr.c')

diff --git a/src/lib/libssl/d1_srvr.c b/src/lib/libssl/d1_srvr.c
index ecf4a198b1..6f1d436d18 100644
--- a/src/lib/libssl/d1_srvr.c
+++ b/src/lib/libssl/d1_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_srvr.c,v 1.33 2014/07/12 22:33:39 jsing Exp $ */
+/* $OpenBSD: d1_srvr.c,v 1.34 2014/07/28 04:23:12 guenther Exp $ */
 /* 
  * DTLS implementation written by Nagendra Modadugu
  * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.  
@@ -1034,7 +1034,8 @@ dtls1_send_server_key_exchange(SSL *s)
 		if (type & SSL_kRSA) {
 			rsa = cert->rsa_tmp;
 			if ((rsa == NULL) && (s->cert->rsa_tmp_cb != NULL)) {
-				rsa = s->cert->rsa_tmp_cb(s, 0, 0);
+				rsa = s->cert->rsa_tmp_cb(s, 0,
+				    SSL_C_PKEYLENGTH(s->s3->tmp.new_cipher));
 				if (rsa == NULL) {
 					al = SSL_AD_HANDSHAKE_FAILURE;
 					SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, SSL_R_ERROR_GENERATING_TMP_RSA_KEY);
@@ -1055,7 +1056,8 @@ dtls1_send_server_key_exchange(SSL *s)
 		if (type & SSL_kDHE) {
 			dhp = cert->dh_tmp;
 			if ((dhp == NULL) && (s->cert->dh_tmp_cb != NULL))
-				dhp = s->cert->dh_tmp_cb(s, 0, 0);
+				dhp = s->cert->dh_tmp_cb(s, 0,
+				    SSL_C_PKEYLENGTH(s->s3->tmp.new_cipher));
 			if (dhp == NULL) {
 				al = SSL_AD_HANDSHAKE_FAILURE;
 				SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, SSL_R_MISSING_TMP_DH_KEY);
@@ -1099,7 +1101,8 @@ dtls1_send_server_key_exchange(SSL *s)
 
 			ecdhp = cert->ecdh_tmp;
 			if (ecdhp == NULL && s->cert->ecdh_tmp_cb != NULL)
-				ecdhp = s->cert->ecdh_tmp_cb(s, 0, 0);
+				ecdhp = s->cert->ecdh_tmp_cb(s, 0,
+				    SSL_C_PKEYLENGTH(s->s3->tmp.new_cipher));
 			if (ecdhp == NULL) {
 				al = SSL_AD_HANDSHAKE_FAILURE;
 				SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, SSL_R_MISSING_TMP_ECDH_KEY);
-- 
cgit v1.2.3-55-g6feb