diff options
| author | Joel Sing <jsing@cvs.openbsd.org> | 2017-02-05 15:06:06 +0000 |
|---|---|---|
| committer | Joel Sing <jsing@cvs.openbsd.org> | 2017-02-05 15:06:06 +0000 |
| commit | c16af4c92202b85bd431bbd2863b03f9dd6bdf77 (patch) | |
| tree | 50bedca20ff28cdfed8f2eb0266a7d1a632de0b3 | |
| parent | 4230328d080c3845c0ef05b1c0906281f5167913 (diff) | |
Define values for SSL_CTRL_SET_GROUPS{,_LIST} and wire them up to the
SSL_{,CTX_}ctrl() functions. As crazy as it is, some software appears to
call the control functions directly rather than using the macros (or
functions) provided by the library.
Discussed with beck@ and sthen@
| -rw-r--r-- | lib/libssl/s3_lib.c | 14 | ||||
| -rw-r--r-- | lib/libssl/ssl.h | 20 |
2 files changed, 19 insertions, 15 deletions
diff --git a/lib/libssl/s3_lib.c b/lib/libssl/s3_lib.c index 108cc9f71e5..fbc2d511d3a 100644 --- a/lib/libssl/s3_lib.c +++ b/lib/libssl/s3_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_lib.c,v 1.133 2017/01/26 12:16:13 beck Exp $ */ +/* $OpenBSD: s3_lib.c,v 1.134 2017/02/05 15:06:05 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -2135,6 +2135,12 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) ret = 1; break; + case SSL_CTRL_SET_GROUPS: + return SSL_set1_groups(s, parg, larg); + + case SSL_CTRL_SET_GROUPS_LIST: + return SSL_set1_groups_list(s, parg); + case SSL_CTRL_GET_SERVER_TMP_KEY: ret = ssl_ctrl_get_server_tmp_key(s, parg); break; @@ -2315,6 +2321,12 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) ctx->extra_certs = NULL; break; + case SSL_CTRL_SET_GROUPS: + return SSL_CTX_set1_groups(ctx, parg, larg); + + case SSL_CTRL_SET_GROUPS_LIST: + return SSL_CTX_set1_groups_list(ctx, parg); + default: return (0); } diff --git a/lib/libssl/ssl.h b/lib/libssl/ssl.h index 72de5c15a98..0789b914b7a 100644 --- a/lib/libssl/ssl.h +++ b/lib/libssl/ssl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl.h,v 1.126 2017/01/31 15:35:46 jsing Exp $ */ +/* $OpenBSD: ssl.h,v 1.127 2017/02/05 15:06:05 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1120,6 +1120,9 @@ int PEM_write_SSL_SESSION(FILE *fp, SSL_SESSION *x); #define SSL_CTRL_GET_EXTRA_CHAIN_CERTS 82 #define SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS 83 +#define SSL_CTRL_SET_GROUPS 91 +#define SSL_CTRL_SET_GROUPS_LIST 92 + #define SSL_CTRL_SET_ECDH_AUTO 94 #define SSL_CTRL_GET_SERVER_TMP_KEY 109 @@ -1175,19 +1178,8 @@ int SSL_set1_groups(SSL *ssl, const int *groups, size_t groups_len); int SSL_set1_groups_list(SSL *ssl, const char *groups); #ifndef LIBRESSL_INTERNAL -/* - * Preprocessor compatibility section. - * - * Historically, a number of APIs were implemented in OpenSSL as macros and - * constants to 'ctrl' functions. To avoid breaking #ifdefs in consumers, this - * section defines a number of legacy macros. - * - * Although using either the CTRL values or their wrapper macros in #ifdefs is - * still supported, the CTRL values may not be passed to SSL_ctrl and - * SSL_CTX_ctrl. Call the functions (previously wrapper macros) instead. - */ -#define SSL_CTRL_SET_CURVES doesnt_exist -#define SSL_CTRL_SET_CURVES_LIST doesnt_exist +#define SSL_CTRL_SET_CURVES SSL_CTRL_SET_GROUPS +#define SSL_CTRL_SET_CURVES_LIST SSL_CTRL_SET_GROUPS_LIST #define SSL_CTX_set1_curves SSL_CTX_set1_groups #define SSL_CTX_set1_curves_list SSL_CTX_set1_groups_list |