diff options
author | Matt Caswell <matt@openssl.org> | 2020-11-27 09:55:36 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2020-11-30 10:50:13 +0000 |
commit | cbb85bda0c0849ce962e1cf232689d6351e4a217 (patch) | |
tree | 34a01fc626584b740ffa0e6b98ae73458992a1d3 /ssl/ssl_local.h | |
parent | 9327b5c9c9e3a1b18e5b52491dc438d1e28b5e40 (diff) | |
download | openssl-new-cbb85bda0c0849ce962e1cf232689d6351e4a217.tar.gz |
Fix builds that specify both no-dh and no-ec
Various sections of code assumed that at least one of dh or ec would be
available. We also now also need to handle cases where a provider has
a key exchange algorithm and TLS-GROUP that we don't know about.
Fixes #13536
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13549)
Diffstat (limited to 'ssl/ssl_local.h')
-rw-r--r-- | ssl/ssl_local.h | 8 |
1 files changed, 2 insertions, 6 deletions
diff --git a/ssl/ssl_local.h b/ssl/ssl_local.h index 3bcf6e7551..d0fd8b926b 100644 --- a/ssl/ssl_local.h +++ b/ssl/ssl_local.h @@ -1301,9 +1301,7 @@ struct ssl_st { int message_type; /* used to hold the new cipher we are going to use */ const SSL_CIPHER *new_cipher; -# if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH) - EVP_PKEY *pkey; /* holds short lived DH/ECDH key */ -# endif + EVP_PKEY *pkey; /* holds short lived key exchange key */ /* used for certificate requests */ int cert_req; /* Certificate types in certificate request message. */ @@ -1415,11 +1413,9 @@ struct ssl_st { # endif /* !OPENSSL_NO_EC */ /* For clients: peer temporary key */ -# if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH) - /* The group_id for the DH/ECDH key */ + /* The group_id for the key exchange key */ uint16_t group_id; EVP_PKEY *peer_tmp; -# endif } s3; |