diff options
author | Matt Caswell <matt@openssl.org> | 2020-10-16 16:35:44 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2020-11-18 14:14:52 +0000 |
commit | 13c453728c076d5c1a65a5fd9424e15a9964d755 (patch) | |
tree | 2adfcc10718f85bab39f1ffcbdb5dff63efe6b69 /ssl/ssl_local.h | |
parent | 163f6dc1f70f30de46a68137c36e70cae4d95cd8 (diff) | |
download | openssl-13c453728c076d5c1a65a5fd9424e15a9964d755.tar.gz |
Only disabled what we need to in a no-dh build
no-dh disables the low level API for DH. However, since we're now using
the high level EVP API in most places we don't need to disable quite so
much.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13368)
Diffstat (limited to 'ssl/ssl_local.h')
-rw-r--r-- | ssl/ssl_local.h | 7 |
1 files changed, 3 insertions, 4 deletions
diff --git a/ssl/ssl_local.h b/ssl/ssl_local.h index 67bb0a8d52..a14d97b8e9 100644 --- a/ssl/ssl_local.h +++ b/ssl/ssl_local.h @@ -2004,11 +2004,12 @@ typedef struct cert_st { * an index, not a pointer. */ CERT_PKEY *key; -# ifndef OPENSSL_NO_DH + EVP_PKEY *dh_tmp; +#ifndef OPENSSL_NO_DH DH *(*dh_tmp_cb) (SSL *ssl, int is_export, int keysize); +#endif int dh_tmp_auto; -# endif /* Flags related to certificates */ uint32_t cert_flags; CERT_PKEY pkeys[SSL_PKEY_NUM]; @@ -2692,9 +2693,7 @@ void tls1_set_cert_validity(SSL *s); __owur int ssl_validate_ct(SSL *s); # endif -# ifndef OPENSSL_NO_DH __owur EVP_PKEY *ssl_get_auto_dh(SSL *s); -# endif __owur int ssl_security_cert(SSL *s, SSL_CTX *ctx, X509 *x, int vfy, int is_ee); __owur int ssl_security_cert_chain(SSL *s, STACK_OF(X509) *sk, X509 *ex, |