[openssl-commits] [openssl] master update

Dr. Stephen Henson steve at openssl.org
Thu Mar 3 14:04:25 UTC 2016 

The branch master has been updated
       via  bb8d14d5c9fbf386b8ad890499a79c9f1b804edc (commit)
       via  760f317df6ef36d3c164aa41e6667ce6dbdd0f96 (commit)
      from  062178678f5374b09f00d70796f6e692e8775aca (commit)


- Log -----------------------------------------------------------------
commit bb8d14d5c9fbf386b8ad890499a79c9f1b804edc
Author: Dr. Stephen Henson <steve at openssl.org>
Date:   Thu Mar 3 13:35:02 2016 +0000

    update NEWS
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>

commit 760f317df6ef36d3c164aa41e6667ce6dbdd0f96
Author: Dr. Stephen Henson <steve at openssl.org>
Date:   Thu Mar 3 13:27:34 2016 +0000

    fix no-ec build
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 NEWS          | 5 +++++
 ssl/ssl_rsa.c | 4 ++--
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/NEWS b/NEWS
index 0ad5e99..cfcca0e 100644
--- a/NEWS
+++ b/NEWS
@@ -34,6 +34,11 @@
         the directory for certs, private key and openssl.cnf exclusively.
       o Reworked BIO networking library, with full support for IPv6.
       o New "unified" build system
+      o New security levels
+      o Support for scrypt algorithm
+      o Support for X25519
+      o Extended SSL_CONF support using configuration files
+      o KDF algorithm support. Implement TLS PRF as a KDF.
 
   Major changes between OpenSSL 1.0.2f and OpenSSL 1.0.2g [1 Mar 2016]
 
diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c
index abced26..00bf887 100644
--- a/ssl/ssl_rsa.c
+++ b/ssl/ssl_rsa.c
@@ -377,12 +377,12 @@ static int ssl_set_cert(CERT *c, X509 *x)
         SSLerr(SSL_F_SSL_SET_CERT, SSL_R_UNKNOWN_CERTIFICATE_TYPE);
         return 0;
     }
-
+#ifndef OPENSSL_NO_EC
     if (i == SSL_PKEY_ECC && !EC_KEY_can_sign(EVP_PKEY_get0_EC_KEY(pkey))) {
         SSLerr(SSL_F_SSL_SET_CERT, SSL_R_ECC_CERT_NOT_FOR_SIGNING);
         return 0;
     }
-
+#endif
     if (c->pkeys[i].privatekey != NULL) {
         /*
          * The return code from EVP_PKEY_copy_parameters is deliberately

More information about the openssl-commits mailing list