[openssl-commits] [openssl] OpenSSL_1_0_1-stable update
Matt Caswell
matt at openssl.org
Fri Feb 27 09:01:16 UTC 2015
The branch OpenSSL_1_0_1-stable has been updated
via 059907771b89549cbd07a81df1a5bdf51e062066 (commit)
via ea65e92b22d34380c8caa49ac6bb10a55d8d7b0d (commit)
from f3cc3da4478d00a45371ee3f10f39b4956a11270 (commit)
- Log -----------------------------------------------------------------
commit 059907771b89549cbd07a81df1a5bdf51e062066
Author: Matt Caswell <matt at openssl.org>
Date: Fri Feb 27 00:02:06 2015 +0000
Fix warning with no-ec
This fixes another warning when config'd with no-ec
Reviewed-by: Dr. Stephen Henson <steve at openssl.org>
commit ea65e92b22d34380c8caa49ac6bb10a55d8d7b0d
Author: Matt Caswell <matt at openssl.org>
Date: Thu Feb 26 23:52:19 2015 +0000
Fix no-ec warning
This is a partial back port of commit 5b430cfc to remove a warning when
compiling with no-ec.
Reviewed-by: Dr. Stephen Henson <steve at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
apps/s_server.c | 10 ++++++++--
ssl/ssl_lib.c | 13 ++++++++++---
2 files changed, 18 insertions(+), 5 deletions(-)
diff --git a/apps/s_server.c b/apps/s_server.c
index 70ee5c3..f472126 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -992,7 +992,10 @@ int MAIN(int argc, char *argv[])
int badop = 0, bugs = 0;
int ret = 1;
int off = 0;
- int no_tmp_rsa = 0, no_dhe = 0, no_ecdhe = 0, nocert = 0;
+ int no_tmp_rsa = 0, no_dhe = 0, nocert = 0;
+#ifndef OPENSSL_NO_ECDH
+ int no_ecdhe;
+#endif
int state = 0;
const SSL_METHOD *meth = NULL;
int socket_type = SOCK_STREAM;
@@ -1207,9 +1210,12 @@ int MAIN(int argc, char *argv[])
no_tmp_rsa = 1;
} else if (strcmp(*argv, "-no_dhe") == 0) {
no_dhe = 1;
- } else if (strcmp(*argv, "-no_ecdhe") == 0) {
+ }
+#ifndef OPENSSL_NO_ECDH
+ else if (strcmp(*argv, "-no_ecdhe") == 0) {
no_ecdhe = 1;
}
+#endif
#ifndef OPENSSL_NO_PSK
else if (strcmp(*argv, "-psk_hint") == 0) {
if (--argc < 1)
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 18ec248..dead126 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -2044,14 +2044,17 @@ void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
int rsa_enc_export, dh_rsa_export, dh_dsa_export;
int rsa_tmp_export, dh_tmp_export, kl;
unsigned long mask_k, mask_a, emask_k, emask_a;
- int have_ecc_cert, ecdh_ok, ecdsa_ok, ecc_pkey_size;
+#ifndef OPENSSL_NO_ECDSA
+ int have_ecc_cert, ecdsa_ok, ecc_pkey_size;
+#endif
#ifndef OPENSSL_NO_ECDH
- int have_ecdh_tmp;
+ int have_ecdh_tmp, ecdh_ok;
#endif
+#ifndef OPENSSL_NO_EC
X509 *x = NULL;
EVP_PKEY *ecc_pkey = NULL;
int signature_nid = 0, pk_nid = 0, md_nid = 0;
-
+#endif
if (c == NULL)
return;
@@ -2090,7 +2093,9 @@ void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
dh_dsa = (cpk->x509 != NULL && cpk->privatekey != NULL);
dh_dsa_export = (dh_dsa && EVP_PKEY_size(cpk->privatekey) * 8 <= kl);
cpk = &(c->pkeys[SSL_PKEY_ECC]);
+#ifndef OPENSSL_NO_EC
have_ecc_cert = (cpk->x509 != NULL && cpk->privatekey != NULL);
+#endif
mask_k = 0;
mask_a = 0;
emask_k = 0;
@@ -2168,6 +2173,7 @@ void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
* An ECC certificate may be usable for ECDH and/or ECDSA cipher suites
* depending on the key usage extension.
*/
+#ifndef OPENSSL_NO_EC
if (have_ecc_cert) {
/* This call populates extension flags (ex_flags) */
x = (c->pkeys[SSL_PKEY_ECC]).x509;
@@ -2212,6 +2218,7 @@ void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
}
#endif
}
+#endif
#ifndef OPENSSL_NO_ECDH
if (have_ecdh_tmp) {
mask_k |= SSL_kEECDH;
More information about the openssl-commits
mailing list