diff options
author | tenderlove <tenderlove@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2015-07-25 22:51:20 +0000 |
---|---|---|
committer | tenderlove <tenderlove@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2015-07-25 22:51:20 +0000 |
commit | d9fcc9ba5e3a8f3eac6a2e06ba8477b0a648c492 (patch) | |
tree | cf79ceda20e68efa4af18317cdf0a2ec8acebb56 /ext/openssl/ossl_ssl.c | |
parent | ab9cd02f256ac9206299b91062f6decef3f1cc69 (diff) | |
download | ruby-d9fcc9ba5e3a8f3eac6a2e06ba8477b0a648c492.tar.gz |
* ext/openssl/lib/openssl/ssl.rb (module OpenSSL): move the default
tmp_dh_callback Ruby code and set it as a default in `initialize`.
* ext/openssl/ossl_pkey_dh.c (static unsigned char DEFAULT_DH_512_GEN):
move this constant to Ruby.
* ext/openssl/ossl_pkey_dh.c (static unsigned char DEFAULT_DH_1024_GEN):
ditto
* ext/openssl/ossl_pkey_dh.c (Init_ossl_dh): ditto
* ext/openssl/ossl_ssl.c (ossl_tmp_dh_callback): ditto
* ext/openssl/ossl_ssl.c (ossl_sslctx_setup): tmp_dh_callback should
always be set, so we can remove this conditional
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@51380 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'ext/openssl/ossl_ssl.c')
-rw-r--r-- | ext/openssl/ossl_ssl.c | 21 |
1 files changed, 1 insertions, 20 deletions
diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c index 205b196647..3e756eae5f 100644 --- a/ext/openssl/ossl_ssl.c +++ b/ext/openssl/ossl_ssl.c @@ -283,20 +283,6 @@ ossl_tmp_dh_callback(SSL *ssl, int is_export, int keylength) return GetPKeyPtr(ossl_ssl_get_tmp_dh(args[0]))->pkey.dh; } - -static DH* -ossl_default_tmp_dh_callback(SSL *ssl, int is_export, int keylength) -{ - rb_warning("using default DH parameters."); - - switch(keylength){ - case 512: - return OSSL_DEFAULT_DH_512; - case 1024: - return OSSL_DEFAULT_DH_1024; - } - return NULL; -} #endif /* OPENSSL_NO_DH */ #if !defined(OPENSSL_NO_EC) @@ -708,12 +694,7 @@ ossl_sslctx_setup(VALUE self) GetSSLCTX(self, ctx); #if !defined(OPENSSL_NO_DH) - if (RTEST(ossl_sslctx_get_tmp_dh_cb(self))){ - SSL_CTX_set_tmp_dh_callback(ctx, ossl_tmp_dh_callback); - } - else{ - SSL_CTX_set_tmp_dh_callback(ctx, ossl_default_tmp_dh_callback); - } + SSL_CTX_set_tmp_dh_callback(ctx, ossl_tmp_dh_callback); #endif #if !defined(OPENSSL_NO_EC) |