diff options
| author |   beck <beck@openbsd.org> | 2000-04-15 06:18:28 +0000 |
|---|---|---|
| committer | beck <beck@openbsd.org> | 2000-04-15 06:18:28 +0000 |
| commit | f6e3f26248a24c86023ecf5715f4f93988bb2af0 (patch) | |
| tree | ac021db17e92c0faf3fd3cde4f68d156321aa307 /lib/libssl/src/ssl/s3_lib.c | |
| parent | Modify to build with ncurses, not ocurses. A proper port to terminfo (diff) | |
| download | wireguard-openbsd-f6e3f26248a24c86023ecf5715f4f93988bb2af0.tar.xz wireguard-openbsd-f6e3f26248a24c86023ecf5715f4f93988bb2af0.zip | |
OpenSSL 0.9.5a merge
Diffstat (limited to 'lib/libssl/src/ssl/s3_lib.c')
| -rw-r--r-- | lib/libssl/src/ssl/s3_lib.c | 61 |
1 files changed, 36 insertions, 25 deletions
diff --git a/lib/libssl/src/ssl/s3_lib.c b/lib/libssl/src/ssl/s3_lib.c index c4b49aaedf4..7ada26cbb69 100644 --- a/lib/libssl/src/ssl/s3_lib.c +++ b/lib/libssl/src/ssl/s3_lib.c @@ -771,14 +771,16 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, char *parg) case SSL_CTRL_SET_TMP_RSA: { RSA *rsa = (RSA *)parg; - if (rsa == NULL) { + if (rsa == NULL) + { SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER); return(ret); - } - if ((rsa = RSAPrivateKey_dup(rsa)) == NULL) { + } + if ((rsa = RSAPrivateKey_dup(rsa)) == NULL) + { SSLerr(SSL_F_SSL3_CTRL, ERR_R_RSA_LIB); return(ret); - } + } if (s->cert->rsa_tmp != NULL) RSA_free(s->cert->rsa_tmp); s->cert->rsa_tmp = rsa; @@ -796,19 +798,25 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, char *parg) case SSL_CTRL_SET_TMP_DH: { DH *dh = (DH *)parg; - if (dh == NULL) { + if (dh == NULL) + { SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER); return(ret); - } - if ((dh = DHparams_dup(dh)) == NULL) { - SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB); - return(ret); - } - if (!DH_generate_key(dh)) { - DH_free(dh); + } + if ((dh = DHparams_dup(dh)) == NULL) + { SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB); return(ret); - } + } + if (!(s->options & SSL_OP_SINGLE_DH_USE)) + { + if (!DH_generate_key(dh)) + { + DH_free(dh); + SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB); + return(ret); + } + } if (s->cert->dh_tmp != NULL) DH_free(s->cert->dh_tmp); s->cert->dh_tmp = dh; @@ -843,8 +851,8 @@ long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)()) 0) { if (!ssl_cert_inst(&s->cert)) - { - SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE); + { + SSLerr(SSL_F_SSL3_CALLBACK_CTRL, ERR_R_MALLOC_FAILURE); return(0); } } @@ -929,23 +937,26 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, char *parg) case SSL_CTRL_SET_TMP_DH: { DH *new=NULL,*dh; - int rret=0; dh=(DH *)parg; - if ( ((new=DHparams_dup(dh)) == NULL) || - (!DH_generate_key(new))) + if ((new=DHparams_dup(dh)) == NULL) { SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB); - if (new != NULL) DH_free(new); + return 0; } - else + if (!(ctx->options & SSL_OP_SINGLE_DH_USE)) { - if (cert->dh_tmp != NULL) - DH_free(cert->dh_tmp); - cert->dh_tmp=new; - rret=1; + if (!DH_generate_key(new)) + { + SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB); + DH_free(new); + return 0; + } } - return(rret); + if (cert->dh_tmp != NULL) + DH_free(cert->dh_tmp); + cert->dh_tmp=new; + return 1; } /*break; */ case SSL_CTRL_SET_TMP_DH_CB: |