Loading ssl/ssl_lib.c +2 −6 Original line number Diff line number Diff line Loading @@ -2001,7 +2001,9 @@ void SSL_set_cert_cb(SSL *s, int (*cb) (SSL *ssl, void *arg), void *arg) void ssl_set_masks(SSL *s, const SSL_CIPHER *cipher) { #if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_GOST) CERT_PKEY *cpk; #endif CERT *c = s->cert; uint32_t *pvalid = s->s3->tmp.valid_flags; int rsa_enc, rsa_sign, dh_tmp, dh_rsa, dh_dsa, dsa_sign; Loading @@ -2021,17 +2023,11 @@ void ssl_set_masks(SSL *s, const SSL_CIPHER *cipher) dh_tmp = 0; #endif cpk = &(c->pkeys[SSL_PKEY_RSA_ENC]); rsa_enc = pvalid[SSL_PKEY_RSA_ENC] & CERT_PKEY_VALID; cpk = &(c->pkeys[SSL_PKEY_RSA_SIGN]); rsa_sign = pvalid[SSL_PKEY_RSA_SIGN] & CERT_PKEY_SIGN; cpk = &(c->pkeys[SSL_PKEY_DSA_SIGN]); dsa_sign = pvalid[SSL_PKEY_DSA_SIGN] & CERT_PKEY_SIGN; cpk = &(c->pkeys[SSL_PKEY_DH_RSA]); dh_rsa = pvalid[SSL_PKEY_DH_RSA] & CERT_PKEY_VALID; cpk = &(c->pkeys[SSL_PKEY_DH_DSA]); dh_dsa = pvalid[SSL_PKEY_DH_DSA] & CERT_PKEY_VALID; cpk = &(c->pkeys[SSL_PKEY_ECC]); #ifndef OPENSSL_NO_EC have_ecc_cert = pvalid[SSL_PKEY_ECC] & CERT_PKEY_VALID; #endif Loading ssl/statem/statem_clnt.c +5 −2 Original line number Diff line number Diff line Loading @@ -3101,7 +3101,10 @@ int tls_construct_client_certificate(SSL *s) int ssl3_check_cert_and_algorithm(SSL *s) { int i, idx; int i; #ifndef OPENSSL_NO_EC int idx; #endif long alg_k, alg_a; EVP_PKEY *pkey = NULL; #ifndef OPENSSL_NO_DH Loading @@ -3121,8 +3124,8 @@ int ssl3_check_cert_and_algorithm(SSL *s) /* This is the passed certificate */ idx = s->session->peer_type; #ifndef OPENSSL_NO_EC idx = s->session->peer_type; if (idx == SSL_PKEY_ECC) { if (ssl_check_srvr_ecc_cert_and_alg(s->session->peer, s) == 0) { /* check failed */ Loading Loading
ssl/ssl_lib.c +2 −6 Original line number Diff line number Diff line Loading @@ -2001,7 +2001,9 @@ void SSL_set_cert_cb(SSL *s, int (*cb) (SSL *ssl, void *arg), void *arg) void ssl_set_masks(SSL *s, const SSL_CIPHER *cipher) { #if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_GOST) CERT_PKEY *cpk; #endif CERT *c = s->cert; uint32_t *pvalid = s->s3->tmp.valid_flags; int rsa_enc, rsa_sign, dh_tmp, dh_rsa, dh_dsa, dsa_sign; Loading @@ -2021,17 +2023,11 @@ void ssl_set_masks(SSL *s, const SSL_CIPHER *cipher) dh_tmp = 0; #endif cpk = &(c->pkeys[SSL_PKEY_RSA_ENC]); rsa_enc = pvalid[SSL_PKEY_RSA_ENC] & CERT_PKEY_VALID; cpk = &(c->pkeys[SSL_PKEY_RSA_SIGN]); rsa_sign = pvalid[SSL_PKEY_RSA_SIGN] & CERT_PKEY_SIGN; cpk = &(c->pkeys[SSL_PKEY_DSA_SIGN]); dsa_sign = pvalid[SSL_PKEY_DSA_SIGN] & CERT_PKEY_SIGN; cpk = &(c->pkeys[SSL_PKEY_DH_RSA]); dh_rsa = pvalid[SSL_PKEY_DH_RSA] & CERT_PKEY_VALID; cpk = &(c->pkeys[SSL_PKEY_DH_DSA]); dh_dsa = pvalid[SSL_PKEY_DH_DSA] & CERT_PKEY_VALID; cpk = &(c->pkeys[SSL_PKEY_ECC]); #ifndef OPENSSL_NO_EC have_ecc_cert = pvalid[SSL_PKEY_ECC] & CERT_PKEY_VALID; #endif Loading
ssl/statem/statem_clnt.c +5 −2 Original line number Diff line number Diff line Loading @@ -3101,7 +3101,10 @@ int tls_construct_client_certificate(SSL *s) int ssl3_check_cert_and_algorithm(SSL *s) { int i, idx; int i; #ifndef OPENSSL_NO_EC int idx; #endif long alg_k, alg_a; EVP_PKEY *pkey = NULL; #ifndef OPENSSL_NO_DH Loading @@ -3121,8 +3124,8 @@ int ssl3_check_cert_and_algorithm(SSL *s) /* This is the passed certificate */ idx = s->session->peer_type; #ifndef OPENSSL_NO_EC idx = s->session->peer_type; if (idx == SSL_PKEY_ECC) { if (ssl_check_srvr_ecc_cert_and_alg(s->session->peer, s) == 0) { /* check failed */ Loading
Stephen Henson <steve@openssl.org>Stephen Henson <steve@openssl.org>