artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 8c18f9d) | patch
The RSA, DH, and ECDH temporary key callbacks expect the number of keybits
authorguenther <guenther@openbsd.org>
Mon, 28 Jul 2014 04:23:12 +0000 (04:23 +0000)
committerguenther <guenther@openbsd.org>
Mon, 28 Jul 2014 04:23:12 +0000 (04:23 +0000)
commit50b85d1c40033a9c6fc8d887425e242e4d66e710
tree7b9719aed985656c6356567bbfbad225c430192atree | snapshot
parent8c18f9d1cadf24075dd09758c1bc2ec0d6c660f5commit | diff
The RSA, DH, and ECDH temporary key callbacks expect the number of keybits
for the key (expressed in RSA key bits, which makes *no sense* for ECDH) as
their second argument, not zero.

(jsing@ notes that the RSA callback is only invoked for 'export' ciphers,
which have been removed from LibreSSL, and for the SSL_OP_EPHEMERAL_RSA
option, which is makes the application non-compliant.  More fuel for the
tedu fire...)

jasper@ noted the breakage and bisected it down to the diff that broke this
ok jsing@ miod@
lib/libssl/d1_srvr.c diff | blob | history
lib/libssl/s3_srvr.c diff | blob | history
lib/libssl/src/ssl/d1_srvr.c diff | blob | history
lib/libssl/src/ssl/s3_srvr.c diff | blob | history
lib/libssl/src/ssl/ssl_locl.h diff | blob | history
lib/libssl/ssl_locl.h diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim