diff options
author | Matt Caswell <matt@openssl.org> | 2018-05-21 12:20:18 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2018-05-22 13:21:24 +0100 |
commit | 1aac20f5095fca8691ef4495c3e7438c935a33dc (patch) | |
tree | 8e6ae5d5a01b9a88c7be6cbe48d0e60afa08817d /ssl | |
parent | d61e6040a02464f1dd41942ee1e17ef59822102d (diff) | |
download | openssl-1aac20f5095fca8691ef4495c3e7438c935a33dc.tar.gz |
Fix no-ec in combination with no-dh
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6321)
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/statem/extensions_srvr.c | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c index 65b9d3b3d4..7c756c03a0 100644 --- a/ssl/statem/extensions_srvr.c +++ b/ssl/statem/extensions_srvr.c @@ -721,6 +721,7 @@ int tls_parse_ctos_key_share(SSL *s, PACKET *pkt, unsigned int context, X509 *x, int tls_parse_ctos_cookie(SSL *s, PACKET *pkt, unsigned int context, X509 *x, size_t chainidx) { +#ifndef OPENSSL_NO_TLS1_3 unsigned int format, version, key_share, group_id; EVP_MD_CTX *hctx; EVP_PKEY *pkey; @@ -936,6 +937,7 @@ int tls_parse_ctos_cookie(SSL *s, PACKET *pkt, unsigned int context, X509 *x, s->hello_retry_request = 1; s->ext.cookieok = 1; +#endif return 1; } @@ -1694,14 +1696,16 @@ EXT_RETURN tls_construct_stoc_key_share(SSL *s, WPACKET *pkt, /* SSLfatal() already called */ return EXT_RETURN_FAIL; } -#endif - return EXT_RETURN_SENT; +#else + return EXT_RETURN_FAIL; +#endif } EXT_RETURN tls_construct_stoc_cookie(SSL *s, WPACKET *pkt, unsigned int context, X509 *x, size_t chainidx) { +#ifndef OPENSSL_NO_TLS1_3 unsigned char *hashval1, *hashval2, *appcookie1, *appcookie2, *cookie; unsigned char *hmac, *hmac2; size_t startlen, ciphlen, totcookielen, hashlen, hmaclen, appcookielen; @@ -1826,6 +1830,9 @@ EXT_RETURN tls_construct_stoc_cookie(SSL *s, WPACKET *pkt, unsigned int context, EVP_MD_CTX_free(hctx); EVP_PKEY_free(pkey); return ret; +#else + return EXT_RETURN_FAIL; +#endif } EXT_RETURN tls_construct_stoc_cryptopro_bug(SSL *s, WPACKET *pkt, |