-/* $OpenBSD: d1_srvr.c,v 1.33 2014/07/12 22:33:39 jsing Exp $ */
+/* $OpenBSD: d1_srvr.c,v 1.34 2014/07/28 04:23:12 guenther Exp $ */
/*
* DTLS implementation written by Nagendra Modadugu
* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
if (type & SSL_kRSA) {
rsa = cert->rsa_tmp;
if ((rsa == NULL) && (s->cert->rsa_tmp_cb != NULL)) {
- rsa = s->cert->rsa_tmp_cb(s, 0, 0);
+ rsa = s->cert->rsa_tmp_cb(s, 0,
+ SSL_C_PKEYLENGTH(s->s3->tmp.new_cipher));
if (rsa == NULL) {
al = SSL_AD_HANDSHAKE_FAILURE;
SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, SSL_R_ERROR_GENERATING_TMP_RSA_KEY);
if (type & SSL_kDHE) {
dhp = cert->dh_tmp;
if ((dhp == NULL) && (s->cert->dh_tmp_cb != NULL))
- dhp = s->cert->dh_tmp_cb(s, 0, 0);
+ dhp = s->cert->dh_tmp_cb(s, 0,
+ SSL_C_PKEYLENGTH(s->s3->tmp.new_cipher));
if (dhp == NULL) {
al = SSL_AD_HANDSHAKE_FAILURE;
SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, SSL_R_MISSING_TMP_DH_KEY);
ecdhp = cert->ecdh_tmp;
if (ecdhp == NULL && s->cert->ecdh_tmp_cb != NULL)
- ecdhp = s->cert->ecdh_tmp_cb(s, 0, 0);
+ ecdhp = s->cert->ecdh_tmp_cb(s, 0,
+ SSL_C_PKEYLENGTH(s->s3->tmp.new_cipher));
if (ecdhp == NULL) {
al = SSL_AD_HANDSHAKE_FAILURE;
SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, SSL_R_MISSING_TMP_ECDH_KEY);
-/* $OpenBSD: s3_srvr.c,v 1.78 2014/07/12 22:33:39 jsing Exp $ */
+/* $OpenBSD: s3_srvr.c,v 1.79 2014/07/28 04:23:12 guenther Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
if (type & SSL_kRSA) {
rsa = cert->rsa_tmp;
if ((rsa == NULL) && (s->cert->rsa_tmp_cb != NULL)) {
- rsa = s->cert->rsa_tmp_cb(s, 0, 0);
+ rsa = s->cert->rsa_tmp_cb(s, 0,
+ SSL_C_PKEYLENGTH(s->s3->tmp.new_cipher));
if (rsa == NULL) {
al = SSL_AD_HANDSHAKE_FAILURE;
SSLerr(
if (type & SSL_kDHE) {
dhp = cert->dh_tmp;
if ((dhp == NULL) && (s->cert->dh_tmp_cb != NULL))
- dhp = s->cert->dh_tmp_cb(s, 0, 0);
+ dhp = s->cert->dh_tmp_cb(s, 0,
+ SSL_C_PKEYLENGTH(s->s3->tmp.new_cipher));
if (dhp == NULL) {
al = SSL_AD_HANDSHAKE_FAILURE;
SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
ecdhp = cert->ecdh_tmp;
if (ecdhp == NULL && s->cert->ecdh_tmp_cb != NULL)
- ecdhp = s->cert->ecdh_tmp_cb(s, 0, 0);
+ ecdhp = s->cert->ecdh_tmp_cb(s, 0,
+ SSL_C_PKEYLENGTH(s->s3->tmp.new_cipher));
if (ecdhp == NULL) {
al = SSL_AD_HANDSHAKE_FAILURE;
SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
-/* $OpenBSD: d1_srvr.c,v 1.33 2014/07/12 22:33:39 jsing Exp $ */
+/* $OpenBSD: d1_srvr.c,v 1.34 2014/07/28 04:23:12 guenther Exp $ */
/*
* DTLS implementation written by Nagendra Modadugu
* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
if (type & SSL_kRSA) {
rsa = cert->rsa_tmp;
if ((rsa == NULL) && (s->cert->rsa_tmp_cb != NULL)) {
- rsa = s->cert->rsa_tmp_cb(s, 0, 0);
+ rsa = s->cert->rsa_tmp_cb(s, 0,
+ SSL_C_PKEYLENGTH(s->s3->tmp.new_cipher));
if (rsa == NULL) {
al = SSL_AD_HANDSHAKE_FAILURE;
SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, SSL_R_ERROR_GENERATING_TMP_RSA_KEY);
if (type & SSL_kDHE) {
dhp = cert->dh_tmp;
if ((dhp == NULL) && (s->cert->dh_tmp_cb != NULL))
- dhp = s->cert->dh_tmp_cb(s, 0, 0);
+ dhp = s->cert->dh_tmp_cb(s, 0,
+ SSL_C_PKEYLENGTH(s->s3->tmp.new_cipher));
if (dhp == NULL) {
al = SSL_AD_HANDSHAKE_FAILURE;
SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, SSL_R_MISSING_TMP_DH_KEY);
ecdhp = cert->ecdh_tmp;
if (ecdhp == NULL && s->cert->ecdh_tmp_cb != NULL)
- ecdhp = s->cert->ecdh_tmp_cb(s, 0, 0);
+ ecdhp = s->cert->ecdh_tmp_cb(s, 0,
+ SSL_C_PKEYLENGTH(s->s3->tmp.new_cipher));
if (ecdhp == NULL) {
al = SSL_AD_HANDSHAKE_FAILURE;
SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, SSL_R_MISSING_TMP_ECDH_KEY);
-/* $OpenBSD: s3_srvr.c,v 1.78 2014/07/12 22:33:39 jsing Exp $ */
+/* $OpenBSD: s3_srvr.c,v 1.79 2014/07/28 04:23:12 guenther Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
if (type & SSL_kRSA) {
rsa = cert->rsa_tmp;
if ((rsa == NULL) && (s->cert->rsa_tmp_cb != NULL)) {
- rsa = s->cert->rsa_tmp_cb(s, 0, 0);
+ rsa = s->cert->rsa_tmp_cb(s, 0,
+ SSL_C_PKEYLENGTH(s->s3->tmp.new_cipher));
if (rsa == NULL) {
al = SSL_AD_HANDSHAKE_FAILURE;
SSLerr(
if (type & SSL_kDHE) {
dhp = cert->dh_tmp;
if ((dhp == NULL) && (s->cert->dh_tmp_cb != NULL))
- dhp = s->cert->dh_tmp_cb(s, 0, 0);
+ dhp = s->cert->dh_tmp_cb(s, 0,
+ SSL_C_PKEYLENGTH(s->s3->tmp.new_cipher));
if (dhp == NULL) {
al = SSL_AD_HANDSHAKE_FAILURE;
SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
ecdhp = cert->ecdh_tmp;
if (ecdhp == NULL && s->cert->ecdh_tmp_cb != NULL)
- ecdhp = s->cert->ecdh_tmp_cb(s, 0, 0);
+ ecdhp = s->cert->ecdh_tmp_cb(s, 0,
+ SSL_C_PKEYLENGTH(s->s3->tmp.new_cipher));
if (ecdhp == NULL) {
al = SSL_AD_HANDSHAKE_FAILURE;
SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
-/* $OpenBSD: ssl_locl.h,v 1.62 2014/07/12 22:33:39 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.63 2014/07/28 04:23:12 guenther Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#define SSL_MEDIUM 0x00000040L
#define SSL_HIGH 0x00000080L
+/*
+ * The keylength (measured in RSA key bits, I guess) for temporary keys.
+ * Cipher argument is so that this can be variable in the future.
+ */
+#define SSL_C_PKEYLENGTH(c) 1024
+
/* Check if an SSL structure is using DTLS. */
#define SSL_IS_DTLS(s) (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_DTLS)
-/* $OpenBSD: ssl_locl.h,v 1.62 2014/07/12 22:33:39 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.63 2014/07/28 04:23:12 guenther Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#define SSL_MEDIUM 0x00000040L
#define SSL_HIGH 0x00000080L
+/*
+ * The keylength (measured in RSA key bits, I guess) for temporary keys.
+ * Cipher argument is so that this can be variable in the future.
+ */
+#define SSL_C_PKEYLENGTH(c) 1024
+
/* Check if an SSL structure is using DTLS. */
#define SSL_IS_DTLS(s) (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_DTLS)
projects / openbsd / commitdiff