generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix no-ec warning

Browse Source 
This is a partial back port of commit 5b430cfc to remove a warning when
compiling with no-ec.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
This commit is contained in:
Matt Caswell 2015-02-26 23:52:19 +00:00
parent f3cc3da447
commit ea65e92b22
1 changed files with 11 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
ssl/ssl_lib.c
View File

@ -2044,14 +2044,17 @@ void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
int rsa_enc_export, dh_rsa_export, dh_dsa_export; int rsa_enc_export, dh_rsa_export, dh_dsa_export;
int rsa_tmp_export, dh_tmp_export, kl; int rsa_tmp_export, dh_tmp_export, kl;
unsigned long mask_k, mask_a, emask_k, emask_a; unsigned long mask_k, mask_a, emask_k, emask_a;
int have_ecc_cert, ecdh_ok, ecdsa_ok, ecc_pkey_size; #ifndef OPENSSL_NO_ECDSA
#ifndef OPENSSL_NO_ECDH int have_ecc_cert, ecdsa_ok, ecc_pkey_size;
int have_ecdh_tmp;
#endif #endif
#ifndef OPENSSL_NO_ECDH
int have_ecdh_tmp, ecdh_ok;
#endif
#ifndef OPENSSL_NO_EC
X509 *x = NULL; X509 *x = NULL;
EVP_PKEY *ecc_pkey = NULL; EVP_PKEY *ecc_pkey = NULL;
int signature_nid = 0, pk_nid = 0, md_nid = 0; int signature_nid = 0, pk_nid = 0, md_nid = 0;
#endif
if (c == NULL) if (c == NULL)
return; return;
@ -2090,7 +2093,9 @@ void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
dh_dsa = (cpk->x509 != NULL && cpk->privatekey != NULL); dh_dsa = (cpk->x509 != NULL && cpk->privatekey != NULL);
dh_dsa_export = (dh_dsa && EVP_PKEY_size(cpk->privatekey) * 8 <= kl); dh_dsa_export = (dh_dsa && EVP_PKEY_size(cpk->privatekey) * 8 <= kl);
cpk = &(c->pkeys[SSL_PKEY_ECC]); cpk = &(c->pkeys[SSL_PKEY_ECC]);
#ifndef OPENSSL_NO_EC
have_ecc_cert = (cpk->x509 != NULL && cpk->privatekey != NULL); have_ecc_cert = (cpk->x509 != NULL && cpk->privatekey != NULL);
#endif
mask_k = 0; mask_k = 0;
mask_a = 0; mask_a = 0;
emask_k = 0; emask_k = 0;
@ -2168,6 +2173,7 @@ void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
* An ECC certificate may be usable for ECDH and/or ECDSA cipher suites * An ECC certificate may be usable for ECDH and/or ECDSA cipher suites
* depending on the key usage extension. * depending on the key usage extension.
*/ */
#ifndef OPENSSL_NO_EC
if (have_ecc_cert) { if (have_ecc_cert) {
/* This call populates extension flags (ex_flags) */ /* This call populates extension flags (ex_flags) */
x = (c->pkeys[SSL_PKEY_ECC]).x509; x = (c->pkeys[SSL_PKEY_ECC]).x509;
@ -2212,6 +2218,7 @@ void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
} }
#endif #endif
} }
#endif
#ifndef OPENSSL_NO_ECDH #ifndef OPENSSL_NO_ECDH
if (have_ecdh_tmp) { if (have_ecdh_tmp) {
mask_k |= SSL_kEECDH; mask_k |= SSL_kEECDH;