Loading apps/s_cb.c +9 −3 Original line number Diff line number Diff line Loading @@ -423,7 +423,7 @@ int ssl_print_sigalgs(BIO *out, SSL *s) BIO_printf(out, "Peer signing digest: %s\n", OBJ_nid2sn(mdnid)); return 1; } #ifndef OPENSSL_NO_EC int ssl_print_point_formats(BIO *out, SSL *s) { int i, nformats; Loading Loading @@ -515,7 +515,7 @@ int ssl_print_curves(BIO *out, SSL *s, int noshared) BIO_puts(out, "\n"); return 1; } #endif int ssl_print_tmp_key(BIO *out, SSL *s) { EVP_PKEY *key; Loading @@ -531,7 +531,7 @@ int ssl_print_tmp_key(BIO *out, SSL *s) case EVP_PKEY_DH: BIO_printf(out, "DH, %d bits\n", EVP_PKEY_bits(key)); break; #ifndef OPENSSL_NO_ECDH case EVP_PKEY_EC: { EC_KEY *ec = EVP_PKEY_get1_EC_KEY(key); Loading @@ -545,6 +545,7 @@ int ssl_print_tmp_key(BIO *out, SSL *s) BIO_printf(out, "ECDH, %s, %d bits\n", cname, EVP_PKEY_bits(key)); } #endif } EVP_PKEY_free(key); return 1; Loading Loading @@ -1565,11 +1566,16 @@ void print_ssl_summary(BIO *bio, SSL *s) BIO_puts(bio, "No peer certificate\n"); if (peer) X509_free(peer); #ifndef OPENSSL_NO_EC ssl_print_point_formats(bio, s); if (SSL_is_server(s)) ssl_print_curves(bio, s, 1); else ssl_print_tmp_key(bio, s); #else if (!SSL_is_server(s)) ssl_print_tmp_key(bio, s); #endif } int args_ssl(char ***pargs, int *pargc, SSL_CONF_CTX *cctx, Loading apps/s_server.c +4 −0 Original line number Diff line number Diff line Loading @@ -2669,8 +2669,10 @@ static int init_ssl_connection(SSL *con) BIO_printf(bio_s_out,"Shared ciphers:%s\n",buf); str=SSL_CIPHER_get_name(SSL_get_current_cipher(con)); ssl_print_sigalgs(bio_s_out, con); #ifndef OPENSSL_NO_EC ssl_print_point_formats(bio_s_out, con); ssl_print_curves(bio_s_out, con, 0); #endif BIO_printf(bio_s_out,"CIPHER is %s\n",(str != NULL)?str:"(NONE)"); #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) Loading Loading @@ -3013,7 +3015,9 @@ static int www_body(char *hostname, int s, int stype, unsigned char *context) BIO_puts(io,"\n"); } ssl_print_sigalgs(io, con); #ifndef OPENSSL_NO_EC ssl_print_curves(io, con, 0); #endif BIO_printf(io,(SSL_cache_hit(con) ?"---\nReused, " :"---\nNew, ")); Loading crypto/x509/x509_cmp.c +16 −0 Original line number Diff line number Diff line Loading @@ -349,6 +349,8 @@ int X509_check_private_key(X509 *x, EVP_PKEY *k) * flags. */ #ifndef OPENSSL_NO_EC static int check_suite_b(EVP_PKEY *pkey, int sign_nid, unsigned long *pflags) { const EC_GROUP *grp = NULL; Loading Loading @@ -465,6 +467,20 @@ int X509_CRL_check_suiteb(X509_CRL *crl, EVP_PKEY *pk, unsigned long flags) sign_nid = OBJ_obj2nid(crl->crl->sig_alg->algorithm); return check_suite_b(pk, sign_nid, &flags); } #else int X509_chain_check_suiteb(int *perror_depth, X509 *x, STACK_OF(X509) *chain, unsigned long flags) { return 0; } int X509_CRL_check_suiteb(X509_CRL *crl, EVP_PKEY *pk, unsigned long flags) { return 0; } #endif /* Not strictly speaking an "up_ref" as a STACK doesn't have a reference * count but it has the same effect by duping the STACK and upping the ref * of each X509 structure. Loading fips/rand/fips_randtest.c +1 −1 Original line number Diff line number Diff line Loading @@ -110,7 +110,6 @@ #include <string.h> #include <ctype.h> #include <openssl/rand.h> #include <openssl/fips_rand.h> #include <openssl/err.h> #include <openssl/bn.h> Loading @@ -129,6 +128,7 @@ int main(int argc, char *argv[]) #include "fips_utl.h" #include <openssl/fips.h> #include <openssl/fips_rand.h> typedef struct { Loading ssl/s3_lib.c +14 −6 Original line number Diff line number Diff line Loading @@ -3428,6 +3428,7 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) else return ssl_cert_add0_chain_cert(s->cert, (X509 *)parg); #ifndef OPENSSL_NO_EC case SSL_CTRL_GET_CURVES: { unsigned char *clist; Loading Loading @@ -3470,7 +3471,7 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) case SSL_CTRL_SET_ECDH_AUTO: s->cert->ecdh_tmp_auto = larg; return 1; #endif case SSL_CTRL_SET_SIGALGS: return tls1_set_sigalgs(s->cert, parg, larg, 0); Loading Loading @@ -3541,9 +3542,11 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) EVP_PKEY *ptmp; int rv = 0; sc = s->session->sess_cert; #if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DH) && !defined(OPENSSL_NO_EC) if (!sc->peer_rsa_tmp && !sc->peer_dh_tmp && !sc->peer_ecdh_tmp) return 0; #endif ptmp = EVP_PKEY_new(); if (!ptmp) return 0; Loading @@ -3568,7 +3571,7 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) EVP_PKEY_free(ptmp); return 0; } #ifndef OPENSSL_NO_EC case SSL_CTRL_GET_EC_POINT_FORMATS: { SSL_SESSION *sess = s->session; Loading @@ -3578,7 +3581,7 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) *pformat = sess->tlsext_ecpointformatlist; return (int)sess->tlsext_ecpointformatlist_length; } #endif default: break; } Loading Loading @@ -3848,6 +3851,7 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) break; #endif #ifndef OPENSSL_NO_EC case SSL_CTRL_SET_CURVES: return tls1_set_curves(&ctx->tlsext_ellipticcurvelist, &ctx->tlsext_ellipticcurvelist_length, Loading @@ -3860,7 +3864,7 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) case SSL_CTRL_SET_ECDH_AUTO: ctx->cert->ecdh_tmp_auto = larg; return 1; #endif case SSL_CTRL_SET_SIGALGS: return tls1_set_sigalgs(ctx->cert, parg, larg, 0); Loading Loading @@ -4178,7 +4182,10 @@ int ssl3_get_req_cert_type(SSL *s, unsigned char *p) int ret=0; const unsigned char *sig; size_t i, siglen; int have_rsa_sign = 0, have_dsa_sign = 0, have_ecdsa_sign = 0; int have_rsa_sign = 0, have_dsa_sign = 0; #ifndef OPENSSL_NO_ECDSA int have_ecdsa_sign = 0; #endif int nostrict = 1; unsigned long alg_k; Loading @@ -4203,10 +4210,11 @@ int ssl3_get_req_cert_type(SSL *s, unsigned char *p) case TLSEXT_signature_dsa: have_dsa_sign = 1; break; #ifndef OPENSSL_NO_ECDSA case TLSEXT_signature_ecdsa: have_ecdsa_sign = 1; break; #endif } } Loading Loading
apps/s_cb.c +9 −3 Original line number Diff line number Diff line Loading @@ -423,7 +423,7 @@ int ssl_print_sigalgs(BIO *out, SSL *s) BIO_printf(out, "Peer signing digest: %s\n", OBJ_nid2sn(mdnid)); return 1; } #ifndef OPENSSL_NO_EC int ssl_print_point_formats(BIO *out, SSL *s) { int i, nformats; Loading Loading @@ -515,7 +515,7 @@ int ssl_print_curves(BIO *out, SSL *s, int noshared) BIO_puts(out, "\n"); return 1; } #endif int ssl_print_tmp_key(BIO *out, SSL *s) { EVP_PKEY *key; Loading @@ -531,7 +531,7 @@ int ssl_print_tmp_key(BIO *out, SSL *s) case EVP_PKEY_DH: BIO_printf(out, "DH, %d bits\n", EVP_PKEY_bits(key)); break; #ifndef OPENSSL_NO_ECDH case EVP_PKEY_EC: { EC_KEY *ec = EVP_PKEY_get1_EC_KEY(key); Loading @@ -545,6 +545,7 @@ int ssl_print_tmp_key(BIO *out, SSL *s) BIO_printf(out, "ECDH, %s, %d bits\n", cname, EVP_PKEY_bits(key)); } #endif } EVP_PKEY_free(key); return 1; Loading Loading @@ -1565,11 +1566,16 @@ void print_ssl_summary(BIO *bio, SSL *s) BIO_puts(bio, "No peer certificate\n"); if (peer) X509_free(peer); #ifndef OPENSSL_NO_EC ssl_print_point_formats(bio, s); if (SSL_is_server(s)) ssl_print_curves(bio, s, 1); else ssl_print_tmp_key(bio, s); #else if (!SSL_is_server(s)) ssl_print_tmp_key(bio, s); #endif } int args_ssl(char ***pargs, int *pargc, SSL_CONF_CTX *cctx, Loading
apps/s_server.c +4 −0 Original line number Diff line number Diff line Loading @@ -2669,8 +2669,10 @@ static int init_ssl_connection(SSL *con) BIO_printf(bio_s_out,"Shared ciphers:%s\n",buf); str=SSL_CIPHER_get_name(SSL_get_current_cipher(con)); ssl_print_sigalgs(bio_s_out, con); #ifndef OPENSSL_NO_EC ssl_print_point_formats(bio_s_out, con); ssl_print_curves(bio_s_out, con, 0); #endif BIO_printf(bio_s_out,"CIPHER is %s\n",(str != NULL)?str:"(NONE)"); #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) Loading Loading @@ -3013,7 +3015,9 @@ static int www_body(char *hostname, int s, int stype, unsigned char *context) BIO_puts(io,"\n"); } ssl_print_sigalgs(io, con); #ifndef OPENSSL_NO_EC ssl_print_curves(io, con, 0); #endif BIO_printf(io,(SSL_cache_hit(con) ?"---\nReused, " :"---\nNew, ")); Loading
crypto/x509/x509_cmp.c +16 −0 Original line number Diff line number Diff line Loading @@ -349,6 +349,8 @@ int X509_check_private_key(X509 *x, EVP_PKEY *k) * flags. */ #ifndef OPENSSL_NO_EC static int check_suite_b(EVP_PKEY *pkey, int sign_nid, unsigned long *pflags) { const EC_GROUP *grp = NULL; Loading Loading @@ -465,6 +467,20 @@ int X509_CRL_check_suiteb(X509_CRL *crl, EVP_PKEY *pk, unsigned long flags) sign_nid = OBJ_obj2nid(crl->crl->sig_alg->algorithm); return check_suite_b(pk, sign_nid, &flags); } #else int X509_chain_check_suiteb(int *perror_depth, X509 *x, STACK_OF(X509) *chain, unsigned long flags) { return 0; } int X509_CRL_check_suiteb(X509_CRL *crl, EVP_PKEY *pk, unsigned long flags) { return 0; } #endif /* Not strictly speaking an "up_ref" as a STACK doesn't have a reference * count but it has the same effect by duping the STACK and upping the ref * of each X509 structure. Loading
fips/rand/fips_randtest.c +1 −1 Original line number Diff line number Diff line Loading @@ -110,7 +110,6 @@ #include <string.h> #include <ctype.h> #include <openssl/rand.h> #include <openssl/fips_rand.h> #include <openssl/err.h> #include <openssl/bn.h> Loading @@ -129,6 +128,7 @@ int main(int argc, char *argv[]) #include "fips_utl.h" #include <openssl/fips.h> #include <openssl/fips_rand.h> typedef struct { Loading
ssl/s3_lib.c +14 −6 Original line number Diff line number Diff line Loading @@ -3428,6 +3428,7 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) else return ssl_cert_add0_chain_cert(s->cert, (X509 *)parg); #ifndef OPENSSL_NO_EC case SSL_CTRL_GET_CURVES: { unsigned char *clist; Loading Loading @@ -3470,7 +3471,7 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) case SSL_CTRL_SET_ECDH_AUTO: s->cert->ecdh_tmp_auto = larg; return 1; #endif case SSL_CTRL_SET_SIGALGS: return tls1_set_sigalgs(s->cert, parg, larg, 0); Loading Loading @@ -3541,9 +3542,11 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) EVP_PKEY *ptmp; int rv = 0; sc = s->session->sess_cert; #if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DH) && !defined(OPENSSL_NO_EC) if (!sc->peer_rsa_tmp && !sc->peer_dh_tmp && !sc->peer_ecdh_tmp) return 0; #endif ptmp = EVP_PKEY_new(); if (!ptmp) return 0; Loading @@ -3568,7 +3571,7 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) EVP_PKEY_free(ptmp); return 0; } #ifndef OPENSSL_NO_EC case SSL_CTRL_GET_EC_POINT_FORMATS: { SSL_SESSION *sess = s->session; Loading @@ -3578,7 +3581,7 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) *pformat = sess->tlsext_ecpointformatlist; return (int)sess->tlsext_ecpointformatlist_length; } #endif default: break; } Loading Loading @@ -3848,6 +3851,7 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) break; #endif #ifndef OPENSSL_NO_EC case SSL_CTRL_SET_CURVES: return tls1_set_curves(&ctx->tlsext_ellipticcurvelist, &ctx->tlsext_ellipticcurvelist_length, Loading @@ -3860,7 +3864,7 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) case SSL_CTRL_SET_ECDH_AUTO: ctx->cert->ecdh_tmp_auto = larg; return 1; #endif case SSL_CTRL_SET_SIGALGS: return tls1_set_sigalgs(ctx->cert, parg, larg, 0); Loading Loading @@ -4178,7 +4182,10 @@ int ssl3_get_req_cert_type(SSL *s, unsigned char *p) int ret=0; const unsigned char *sig; size_t i, siglen; int have_rsa_sign = 0, have_dsa_sign = 0, have_ecdsa_sign = 0; int have_rsa_sign = 0, have_dsa_sign = 0; #ifndef OPENSSL_NO_ECDSA int have_ecdsa_sign = 0; #endif int nostrict = 1; unsigned long alg_k; Loading @@ -4203,10 +4210,11 @@ int ssl3_get_req_cert_type(SSL *s, unsigned char *p) case TLSEXT_signature_dsa: have_dsa_sign = 1; break; #ifndef OPENSSL_NO_ECDSA case TLSEXT_signature_ecdsa: have_ecdsa_sign = 1; break; #endif } } Loading
