[openssl-commits] [openssl] master update

Dr. Stephen Henson steve at openssl.org
Thu Dec 24 14:12:14 UTC 2015


The branch master has been updated
       via  b22d71131aa01d371029908e3c2bce332fd77e70 (commit)
      from  e2b420fdd708e14a0b43a21cd2377cafb0d54c02 (commit)


- Log -----------------------------------------------------------------
commit b22d71131aa01d371029908e3c2bce332fd77e70
Author: Dr. Stephen Henson <steve at openssl.org>
Date:   Thu Dec 24 00:23:29 2015 +0000

    fix no-ec
    
    Reviewed-by: Matt Caswell <matt at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 ssl/s3_lib.c             | 18 ++++--------------
 ssl/ssl_locl.h           |  7 ++-----
 ssl/statem/statem_srvr.c |  4 ++--
 3 files changed, 8 insertions(+), 21 deletions(-)

diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 848953a..097ccac 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -3375,17 +3375,11 @@ void ssl3_free(SSL *s)
 
     ssl3_cleanup_key_block(s);
 
-#ifndef OPENSSL_NO_DH
-    DH_free(s->s3->tmp.dh);
-#endif
-
-#ifndef OPENSSL_NO_EC
-    EVP_PKEY_free(s->s3->tmp.pkey);
-    s->s3->tmp.pkey = NULL;
-#endif
 #if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH)
     EVP_PKEY_free(s->s3->peer_tmp);
     s->s3->peer_tmp = NULL;
+    EVP_PKEY_free(s->s3->tmp.pkey);
+    s->s3->tmp.pkey = NULL;
 #endif
 
     sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
@@ -3413,16 +3407,12 @@ void ssl3_clear(SSL *s)
     OPENSSL_free(s->s3->tmp.peer_sigalgs);
     s->s3->tmp.peer_sigalgs = NULL;
 
-#ifndef OPENSSL_NO_DH
-    DH_free(s->s3->tmp.dh);
-    s->s3->tmp.dh = NULL;
-#endif
 #ifndef OPENSSL_NO_EC
-    EVP_PKEY_free(s->s3->tmp.pkey);
-    s->s3->tmp.pkey = NULL;
     s->s3->is_probably_safari = 0;
 #endif
 #if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH)
+    EVP_PKEY_free(s->s3->tmp.pkey);
+    s->s3->tmp.pkey = NULL;
     EVP_PKEY_free(s->s3->peer_tmp);
     s->s3->peer_tmp = NULL;
 #endif                         /* !OPENSSL_NO_EC */
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index 4afb0d4..4db32a9 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -1227,11 +1227,8 @@ typedef struct ssl3_state_st {
         int message_type;
         /* used to hold the new cipher we are going to use */
         const SSL_CIPHER *new_cipher;
-#  ifndef OPENSSL_NO_DH
-        DH *dh;
-#  endif
-#  ifndef OPENSSL_NO_EC
-        EVP_PKEY *pkey;            /* holds short lived ECDH key */
+#  if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH)
+        EVP_PKEY *pkey;            /* holds short lived DH/ECDH key */
 #  endif
         /* used for certificate requests */
         int cert_req;
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
index 89f064c..38f01e1 100644
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -2127,7 +2127,7 @@ MSG_PROCESS_RETURN tls_process_client_key_exchange(SSL *s, PACKET *pkt)
     RSA *rsa = NULL;
     EVP_PKEY *pkey = NULL;
 #endif
-#ifndef OPENSSL_NO_EC
+#if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH)
     EVP_PKEY *ckey = NULL;
 #endif
     PACKET enc_premaster;
@@ -2616,7 +2616,7 @@ MSG_PROCESS_RETURN tls_process_client_key_exchange(SSL *s, PACKET *pkt)
 #if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_EC) || defined(OPENSSL_NO_SRP)
  err:
 #endif
-#ifndef OPENSSL_NO_EC
+#if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH)
     EVP_PKEY_free(ckey);
 #endif
     OPENSSL_free(rsa_decrypt);


More information about the openssl-commits mailing list