[openssl] master update
Matt Caswell
matt at openssl.org
Fri Jul 19 16:37:41 UTC 2019
The branch master has been updated
via 76ca35e7246b0071040cd242de06154c0195bcff (commit)
from a1c5cefaf47ad9992c77960e8899d8979901507a (commit)
- Log -----------------------------------------------------------------
commit 76ca35e7246b0071040cd242de06154c0195bcff
Author: Matt Caswell <matt at openssl.org>
Date: Wed Jul 17 11:40:41 2019 +0100
Fix no-dh
The recent move of the DH code into the default provider broke no-dh. This
adds back in various missing guards.
Reviewed-by: Tim Hudson <tjh at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9399)
-----------------------------------------------------------------------
Summary of changes:
crypto/evp/evp_lib.c | 6 +++++-
crypto/evp/pmeth_lib.c | 6 ++++++
providers/common/exchange/build.info | 6 ++++--
providers/default/defltprov.c | 2 ++
4 files changed, 17 insertions(+), 3 deletions(-)
diff --git a/crypto/evp/evp_lib.c b/crypto/evp/evp_lib.c
index 3e64a1f..47bbb2b 100644
--- a/crypto/evp/evp_lib.c
+++ b/crypto/evp/evp_lib.c
@@ -729,12 +729,13 @@ int EVP_hex2ctrl(int (*cb)(void *ctx, int cmd, void *buf, size_t buflen),
}
#ifndef FIPS_MODE
+# ifndef OPENSSL_NO_DH
/*
* TODO(3.0): Temporarily unavailable in FIPS mode. This will need to be added
* in later.
*/
-#define MAX_PARAMS 10
+# define MAX_PARAMS 10
typedef struct {
/* Number of the current param */
size_t curr;
@@ -845,12 +846,15 @@ static OSSL_PARAM *evp_pkey_dh_to_param(EVP_PKEY *pkey, size_t *sz)
return param_template_to_param(&tmpl, sz);
}
+# endif /* OPENSSL_NO_DH */
OSSL_PARAM *evp_pkey_to_param(EVP_PKEY *pkey, size_t *sz)
{
switch (pkey->type) {
+# ifndef OPENSSL_NO_DH
case EVP_PKEY_DH:
return evp_pkey_dh_to_param(pkey, sz);
+# endif
default:
return NULL;
}
diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
index d444e71..169b056 100644
--- a/crypto/evp/pmeth_lib.c
+++ b/crypto/evp/pmeth_lib.c
@@ -393,6 +393,7 @@ int EVP_PKEY_CTX_set_params(EVP_PKEY_CTX *ctx, OSSL_PARAM *params)
return 0;
}
+#ifndef OPENSSL_NO_DH
int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad)
{
OSSL_PARAM dh_pad_params[2];
@@ -407,13 +408,16 @@ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad)
return EVP_PKEY_CTX_set_params(ctx, dh_pad_params);
}
+#endif
static int legacy_ctrl_to_param(EVP_PKEY_CTX *ctx, int keytype, int optype,
int cmd, int p1, void *p2)
{
switch (cmd) {
+#ifndef OPENSSL_NO_DH
case EVP_PKEY_CTRL_DH_PAD:
return EVP_PKEY_CTX_set_dh_pad(ctx, p1);
+#endif
}
return 0;
}
@@ -470,12 +474,14 @@ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
static int legacy_ctrl_str_to_param(EVP_PKEY_CTX *ctx, const char *name,
const char *value)
{
+#ifndef OPENSSL_NO_DH
if (strcmp(name, "dh_pad") == 0) {
int pad;
pad = atoi(value);
return EVP_PKEY_CTX_set_dh_pad(ctx, pad);
}
+#endif
return 0;
}
diff --git a/providers/common/exchange/build.info b/providers/common/exchange/build.info
index 1039075..7957f51 100644
--- a/providers/common/exchange/build.info
+++ b/providers/common/exchange/build.info
@@ -1,5 +1,7 @@
LIBS=../../../libcrypto
-SOURCE[../../../libcrypto]=\
- dh.c
+IF[{- !$disabled{dh} -}]
+ SOURCE[../../../libcrypto]=\
+ dh.c
+ENDIF
diff --git a/providers/default/defltprov.c b/providers/default/defltprov.c
index 6ac2bdb..18e3a5c 100644
--- a/providers/default/defltprov.c
+++ b/providers/default/defltprov.c
@@ -115,7 +115,9 @@ static const OSSL_ALGORITHM deflt_ciphers[] = {
};
static const OSSL_ALGORITHM deflt_keyexch[] = {
+#ifndef OPENSSL_NO_DH
{ "dhKeyAgreement", "default=yes", dh_functions },
+#endif
{ NULL, NULL, NULL }
};
More information about the openssl-commits
mailing list