Backport support for fixed DH ciphersuites (from HEAD)
authorDr. Stephen Henson <steve@openssl.org>
Fri, 6 Apr 2012 11:33:12 +0000 (11:33 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Fri, 6 Apr 2012 11:33:12 +0000 (11:33 +0000)
CHANGES
ssl/s3_both.c
ssl/s3_clnt.c
ssl/s3_lib.c
ssl/s3_srvr.c
ssl/ssl.h
ssl/ssl_ciph.c
ssl/ssl_lib.c
ssl/ssl_locl.h
ssl/ssl_rsa.c

diff --git a/CHANGES b/CHANGES
index 00b07c7ae90737ecd89019308f1cad35357244b2..1383cfdeaddaaa4540f0d7d64062b94bc3911ec1 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -4,7 +4,9 @@
 
  Changes between 1.0.1 and 1.0.2 [xx XXX xxxx]
 
-  *)
+  *) Support for fixed DH ciphersuites: those requiring DH server
+     certificates.
+     [Steve Henson]
 
  Changes between 1.0.1 and 1.0.1a [xx XXX xxxx]
 
index b63460a56ddd3edd56d55d5d1237baf27768e4a9..4ed66da7e53a82503c1f9892760ceb21fd19b5ea 100644 (file)
@@ -590,6 +590,18 @@ int ssl_cert_type(X509 *x, EVP_PKEY *pkey)
                {
                ret = SSL_PKEY_GOST01;
                }
+       else if (x && i == EVP_PKEY_DH)
+               {
+               /* For DH two cases: DH certificate signed with RSA and
+                * DH certificate signed with DSA.
+                */
+               i = X509_certificate_type(x, pk);
+               if (i & EVP_PKS_RSA)
+                       ret = SSL_PKEY_DH_RSA;
+               else if (i & EVP_PKS_DSA)
+                       ret = SSL_PKEY_DH_DSA;
+               }
+               
 err:
        if(!pkey) EVP_PKEY_free(pk);
        return(ret);
index 4511a914a43201921e55f4ef13ef4c35f6fd63f3..36be0eb64ae987960414c6cddd5363069972faa3 100644 (file)
@@ -2430,24 +2430,39 @@ int ssl3_send_client_key_exchange(SSL *s)
                else if (alg_k & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
                        {
                        DH *dh_srvr,*dh_clnt;
+                       SESS_CERT *scert = s->session->sess_cert;
 
-                       if (s->session->sess_cert == NULL) 
+                       if (scert == NULL) 
                                {
                                ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE);
                                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNEXPECTED_MESSAGE);
                                goto err;
                                }
 
-                       if (s->session->sess_cert->peer_dh_tmp != NULL)
-                               dh_srvr=s->session->sess_cert->peer_dh_tmp;
+                       if (scert->peer_dh_tmp != NULL)
+                               dh_srvr=scert->peer_dh_tmp;
                        else
                                {
                                /* we get them from the cert */
-                               ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
-                               SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNABLE_TO_FIND_DH_PARAMETERS);
-                               goto err;
+                               int idx = scert->peer_cert_type;
+                               EVP_PKEY *spkey = NULL;
+                               dh_srvr = NULL;
+                               if (idx >= 0)
+                                       spkey = X509_get_pubkey(
+                                               scert->peer_pkeys[idx].x509);
+                               if (spkey)
+                                       {
+                                       dh_srvr = EVP_PKEY_get1_DH(spkey);
+                                       EVP_PKEY_free(spkey);
+                                       }
+                               if (dh_srvr == NULL)
+                                       {
+                                       SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+                                           ERR_R_INTERNAL_ERROR);
+                                       goto err;
+                                       }
                                }
-                       
+
                        /* generate a new random key */
                        if ((dh_clnt=DHparams_dup(dh_srvr)) == NULL)
                                {
@@ -2465,6 +2480,8 @@ int ssl3_send_client_key_exchange(SSL *s)
                         * make sure to clear it out afterwards */
 
                        n=DH_compute_key(p,dh_srvr->pub_key,dh_clnt);
+                       if (scert->peer_dh_tmp == NULL)
+                               DH_free(dh_srvr);
 
                        if (n <= 0)
                                {
@@ -3166,7 +3183,7 @@ int ssl3_check_cert_and_algorithm(SSL *s)
        alg_a=s->s3->tmp.new_cipher->algorithm_auth;
 
        /* we don't have a certificate */
-       if ((alg_a & (SSL_aDH|SSL_aNULL|SSL_aKRB5)) || (alg_k & SSL_kPSK))
+       if ((alg_a & (SSL_aNULL|SSL_aKRB5)) || (alg_k & SSL_kPSK))
                return(1);
 
        sc=s->session->sess_cert;
@@ -3228,19 +3245,21 @@ int ssl3_check_cert_and_algorithm(SSL *s)
                }
 #endif
 #ifndef OPENSSL_NO_DH
-       if ((alg_k & SSL_kEDH) &&
+       if ((alg_k & SSL_kEDH) && 
                !(has_bits(i,EVP_PK_DH|EVP_PKT_EXCH) || (dh != NULL)))
                {
                SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_KEY);
                goto f_err;
                }
-       else if ((alg_k & SSL_kDHr) && !has_bits(i,EVP_PK_DH|EVP_PKS_RSA))
+       else if ((alg_k & SSL_kDHr) && (TLS1_get_version(s) < TLS1_2_VERSION) &&
+               !has_bits(i,EVP_PK_DH|EVP_PKS_RSA))
                {
                SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_RSA_CERT);
                goto f_err;
                }
 #ifndef OPENSSL_NO_DSA
-       else if ((alg_k & SSL_kDHd) && !has_bits(i,EVP_PK_DH|EVP_PKS_DSA))
+       else if ((alg_k & SSL_kDHd) && (TLS1_get_version(s) < TLS1_2_VERSION) &&
+               !has_bits(i,EVP_PK_DH|EVP_PKS_DSA))
                {
                SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_DSA_CERT);
                goto f_err;
index db75479c388c8327122f57457c5f2e73bd46837c..d51a31fff8738073138b43cfdb6ea6fc200a0a1d 100644 (file)
@@ -335,7 +335,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 /* The DH ciphers */
 /* Cipher 0B */
        {
-       0,
+       1,
        SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
        SSL3_CK_DH_DSS_DES_40_CBC_SHA,
        SSL_kDHd,
@@ -351,7 +351,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 
 /* Cipher 0C */
        {
-       0, /* not implemented (non-ephemeral DH) */
+       1,
        SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
        SSL3_CK_DH_DSS_DES_64_CBC_SHA,
        SSL_kDHd,
@@ -367,7 +367,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 
 /* Cipher 0D */
        {
-       0, /* not implemented (non-ephemeral DH) */
+       1,
        SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
        SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
        SSL_kDHd,
@@ -383,7 +383,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 
 /* Cipher 0E */
        {
-       0, /* not implemented (non-ephemeral DH) */
+       1,
        SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
        SSL3_CK_DH_RSA_DES_40_CBC_SHA,
        SSL_kDHr,
@@ -399,7 +399,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 
 /* Cipher 0F */
        {
-       0, /* not implemented (non-ephemeral DH) */
+       1,
        SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
        SSL3_CK_DH_RSA_DES_64_CBC_SHA,
        SSL_kDHr,
@@ -415,7 +415,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 
 /* Cipher 10 */
        {
-       0, /* not implemented (non-ephemeral DH) */
+       1,
        SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
        SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
        SSL_kDHr,
@@ -902,7 +902,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
        },
 /* Cipher 30 */
        {
-       0,
+       1,
        TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
        TLS1_CK_DH_DSS_WITH_AES_128_SHA,
        SSL_kDHd,
@@ -917,7 +917,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
        },
 /* Cipher 31 */
        {
-       0,
+       1,
        TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
        TLS1_CK_DH_RSA_WITH_AES_128_SHA,
        SSL_kDHr,
@@ -993,7 +993,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
        },
 /* Cipher 36 */
        {
-       0,
+       1,
        TLS1_TXT_DH_DSS_WITH_AES_256_SHA,
        TLS1_CK_DH_DSS_WITH_AES_256_SHA,
        SSL_kDHd,
@@ -1009,7 +1009,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 
 /* Cipher 37 */
        {
-       0, /* not implemented (non-ephemeral DH) */
+       1,
        TLS1_TXT_DH_RSA_WITH_AES_256_SHA,
        TLS1_CK_DH_RSA_WITH_AES_256_SHA,
        SSL_kDHr,
@@ -1122,7 +1122,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 
        /* Cipher 3E */
        {
-       0, /* not implemented (non-ephemeral DH) */
+       1,
        TLS1_TXT_DH_DSS_WITH_AES_128_SHA256,
        TLS1_CK_DH_DSS_WITH_AES_128_SHA256,
        SSL_kDHr,
@@ -1138,7 +1138,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 
        /* Cipher 3F */
        {
-       0, /* not implemented (non-ephemeral DH) */
+       1,
        TLS1_TXT_DH_RSA_WITH_AES_128_SHA256,
        TLS1_CK_DH_RSA_WITH_AES_128_SHA256,
        SSL_kDHr,
@@ -1189,7 +1189,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 
        /* Cipher 42 */
        {
-       0, /* not implemented (non-ephemeral DH) */
+       1,
        TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
        TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
        SSL_kDHd,
@@ -1205,7 +1205,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 
        /* Cipher 43 */
        {
-       0, /* not implemented (non-ephemeral DH) */
+       1,
        TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
        TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
        SSL_kDHr,
@@ -1404,7 +1404,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 
        /* Cipher 68 */
        {
-       0, /* not implemented (non-ephemeral DH) */
+       1,
        TLS1_TXT_DH_DSS_WITH_AES_256_SHA256,
        TLS1_CK_DH_DSS_WITH_AES_256_SHA256,
        SSL_kDHr,
@@ -1420,7 +1420,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 
        /* Cipher 69 */
        {
-       0, /* not implemented (non-ephemeral DH) */
+       1,
        TLS1_TXT_DH_RSA_WITH_AES_256_SHA256,
        TLS1_CK_DH_RSA_WITH_AES_256_SHA256,
        SSL_kDHr,
@@ -1577,7 +1577,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
        },
        /* Cipher 85 */
        {
-       0, /* not implemented (non-ephemeral DH) */
+       1,
        TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
        TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
        SSL_kDHd,
@@ -1593,7 +1593,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 
        /* Cipher 86 */
        {
-       0, /* not implemented (non-ephemeral DH) */
+       1,
        TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
        TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
        SSL_kDHr,
@@ -1743,7 +1743,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 
        /* Cipher 97 */
        {
-       0, /* not implemented (non-ephemeral DH) */
+       1,
        TLS1_TXT_DH_DSS_WITH_SEED_SHA,
        TLS1_CK_DH_DSS_WITH_SEED_SHA,
        SSL_kDHd,
@@ -1759,7 +1759,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 
        /* Cipher 98 */
        {
-       0, /* not implemented (non-ephemeral DH) */
+       1,
        TLS1_TXT_DH_RSA_WITH_SEED_SHA,
        TLS1_CK_DH_RSA_WITH_SEED_SHA,
        SSL_kDHr,
@@ -1891,7 +1891,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 
        /* Cipher A0 */
        {
-       0,
+       1,
        TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256,
        TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256,
        SSL_kDHr,
@@ -1907,7 +1907,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 
        /* Cipher A1 */
        {
-       0,
+       1,
        TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384,
        TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384,
        SSL_kDHr,
@@ -1955,7 +1955,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 
        /* Cipher A4 */
        {
-       0,
+       1,
        TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256,
        TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256,
        SSL_kDHr,
@@ -1971,7 +1971,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 
        /* Cipher A5 */
        {
-       0,
+       1,
        TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384,
        TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384,
        SSL_kDHr,
index 5944d8c484824a9147f6c6f7ede2d872f966e3dd..bcde8f245a26d4f4b1571a34c721862c7064f2c2 100644 (file)
@@ -476,7 +476,7 @@ int ssl3_accept(SSL *s)
                            /* SRP: send ServerKeyExchange */
                            || (alg_k & SSL_kSRP)
 #endif
-                           || (alg_k & (SSL_kDHr|SSL_kDHd|SSL_kEDH))
+                           || (alg_k & SSL_kEDH)
                            || (alg_k & SSL_kEECDH)
                            || ((alg_k & SSL_kRSA)
                                && (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL
@@ -2278,7 +2278,25 @@ int ssl3_get_client_key_exchange(SSL *s)
                        }
                else
                        {
-                       if (s->s3->tmp.dh == NULL)
+                       int idx = -1;
+                       if (alg_k & SSL_kDHr)
+                               idx = SSL_PKEY_DH_RSA;
+                       else if (alg_k & SSL_kDHd)
+                               idx = SSL_PKEY_DH_DSA;
+                       if (idx >= 0)
+                               {
+                               EVP_PKEY *skey = s->cert->pkeys[idx].privatekey;
+                               if ((skey == NULL) ||
+                                       (skey->type != EVP_PKEY_DH) ||
+                                       (skey->pkey.dh == NULL))
+                                       {
+                                       al=SSL_AD_HANDSHAKE_FAILURE;
+                                       SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_RSA_CERTIFICATE);
+                                       goto f_err;
+                                       }
+                               dh_srvr = skey->pkey.dh;
+                               }
+                       else if (s->s3->tmp.dh == NULL)
                                {
                                al=SSL_AD_HANDSHAKE_FAILURE;
                                SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_TMP_DH_KEY);
index 525602e4c2670c1aa16afc4e0e6bec5f0c43dea3..f0b6a56c2f4a7722e0800623ce8198006bb6ec14 100644 (file)
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -241,9 +241,9 @@ extern "C" {
 #define        SSL_TXT_NULL            "NULL"
 
 #define SSL_TXT_kRSA           "kRSA"
-#define SSL_TXT_kDHr           "kDHr" /* no such ciphersuites supported! */
-#define SSL_TXT_kDHd           "kDHd" /* no such ciphersuites supported! */
-#define SSL_TXT_kDH            "kDH"  /* no such ciphersuites supported! */
+#define SSL_TXT_kDHr           "kDHr" 
+#define SSL_TXT_kDHd           "kDHd"
+#define SSL_TXT_kDH            "kDH"
 #define SSL_TXT_kEDH           "kEDH"
 #define SSL_TXT_kKRB5          "kKRB5"
 #define SSL_TXT_kECDHr         "kECDHr"
@@ -256,7 +256,7 @@ extern "C" {
 
 #define        SSL_TXT_aRSA            "aRSA"
 #define        SSL_TXT_aDSS            "aDSS"
-#define        SSL_TXT_aDH             "aDH" /* no such ciphersuites supported! */
+#define        SSL_TXT_aDH             "aDH"
 #define        SSL_TXT_aECDH           "aECDH"
 #define SSL_TXT_aKRB5          "aKRB5"
 #define SSL_TXT_aECDSA         "aECDSA"
index b96d26faba2eb9c4e48b7ddcc60008a0bef15ab9..a96a5daaf5d2b9c3404b78eea04f9f3bb96b8679 100644 (file)
@@ -238,9 +238,9 @@ static const SSL_CIPHER cipher_aliases[]={
         * e.g. kEDH combines DHE_DSS and DHE_RSA) */
        {0,SSL_TXT_kRSA,0,    SSL_kRSA,  0,0,0,0,0,0,0,0},
 
-       {0,SSL_TXT_kDHr,0,    SSL_kDHr,  0,0,0,0,0,0,0,0}, /* no such ciphersuites supported! */
-       {0,SSL_TXT_kDHd,0,    SSL_kDHd,  0,0,0,0,0,0,0,0}, /* no such ciphersuites supported! */
-       {0,SSL_TXT_kDH,0,     SSL_kDHr|SSL_kDHd,0,0,0,0,0,0,0,0}, /* no such ciphersuites supported! */
+       {0,SSL_TXT_kDHr,0,    SSL_kDHr,  0,0,0,0,0,0,0,0},
+       {0,SSL_TXT_kDHd,0,    SSL_kDHd,  0,0,0,0,0,0,0,0},
+       {0,SSL_TXT_kDH,0,     SSL_kDHr|SSL_kDHd,0,0,0,0,0,0,0,0},
        {0,SSL_TXT_kEDH,0,    SSL_kEDH,  0,0,0,0,0,0,0,0},
        {0,SSL_TXT_DH,0,      SSL_kDHr|SSL_kDHd|SSL_kEDH,0,0,0,0,0,0,0,0},
 
@@ -702,8 +702,6 @@ static void ssl_cipher_get_disabled(unsigned long *mkey, unsigned long *auth, un
 #ifdef OPENSSL_NO_DSA
        *auth |= SSL_aDSS;
 #endif
-       *mkey |= SSL_kDHr|SSL_kDHd; /* no such ciphersuites supported! */
-       *auth |= SSL_aDH;
 #ifdef OPENSSL_NO_DH
        *mkey |= SSL_kDHr|SSL_kDHd|SSL_kEDH;
        *auth |= SSL_aDH;
index f82d071d6e75689f22146bbf0cf3554ae99078dc..ac7c9f6e0f409ccb6f7306552310c07451d5b253 100644 (file)
@@ -2108,6 +2108,9 @@ void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
        if (dh_dsa) mask_k|=SSL_kDHd;
        if (dh_dsa_export) emask_k|=SSL_kDHd;
 
+       if (emask_k & (SSL_kDHr|SSL_kDHd))
+               mask_a |= SSL_aDH;
+
        if (rsa_enc || rsa_sign)
                {
                mask_a|=SSL_aRSA;
index d87fd51cfa824e3ef0ad06a64496affb783aa88e..13ab8d39468b61e7178498261f1e7e207d903dc7 100644 (file)
 
 /* Bits for algorithm_mkey (key exchange algorithm) */
 #define SSL_kRSA               0x00000001L /* RSA key exchange */
-#define SSL_kDHr               0x00000002L /* DH cert, RSA CA cert */ /* no such ciphersuites supported! */
-#define SSL_kDHd               0x00000004L /* DH cert, DSA CA cert */ /* no such ciphersuite supported! */
+#define SSL_kDHr               0x00000002L /* DH cert, RSA CA cert */
+#define SSL_kDHd               0x00000004L /* DH cert, DSA CA cert */
 #define SSL_kEDH               0x00000008L /* tmp DH key no DH cert */
 #define SSL_kKRB5              0x00000010L /* Kerberos5 key exchange */
 #define SSL_kECDHr             0x00000020L /* ECDH cert, RSA CA cert */
 #define SSL_aRSA               0x00000001L /* RSA auth */
 #define SSL_aDSS               0x00000002L /* DSS auth */
 #define SSL_aNULL              0x00000004L /* no auth (i.e. use ADH or AECDH) */
-#define SSL_aDH                0x00000008L /* Fixed DH auth (kDHd or kDHr) */ /* no such ciphersuites supported! */
+#define SSL_aDH                0x00000008L /* Fixed DH auth (kDHd or kDHr) */
 #define SSL_aECDH              0x00000010L /* Fixed ECDH auth (kECDHe or kECDHr) */
 #define SSL_aKRB5               0x00000020L /* KRB5 auth */
 #define SSL_aECDSA              0x00000040L /* ECDSA auth*/
index c0960b5712b8e596ec4ed057e915da804ec68bde..b7c19051e97cc3781acb20b0a2a68cd1a8b86db5 100644 (file)
@@ -182,8 +182,23 @@ int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa)
 static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey)
        {
        int i;
-
-       i=ssl_cert_type(NULL,pkey);
+       /* Special case for DH: check two DH certificate types for a match.
+        * This means for DH certificates we must set the certificate first.
+        */
+       if (pkey->type == EVP_PKEY_DH)
+               {
+               X509 *x;
+               i = -1;
+               x = c->pkeys[SSL_PKEY_DH_RSA].x509;
+               if (x && X509_check_private_key(x, pkey))
+                               i = SSL_PKEY_DH_RSA;
+               x = c->pkeys[SSL_PKEY_DH_DSA].x509;
+               if (i == -1 && x && X509_check_private_key(x, pkey))
+                               i = SSL_PKEY_DH_DSA;
+               ERR_clear_error();
+               }
+       else 
+               i=ssl_cert_type(NULL,pkey);
        if (i < 0)
                {
                SSLerr(SSL_F_SSL_SET_PKEY,SSL_R_UNKNOWN_CERTIFICATE_TYPE);