projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Server side EVP_PKEY DH support
[openssl.git] / ssl / ssl_cert.c
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index 802b1141c1dd6d39577ea989f1758feab945f3df..f01d3a783505d6a71e728d8253f797caed795e20 100644 (file)
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -195,46 +195,15 @@ CERT *ssl_cert_dup(CERT *cert)
     ret->references = 1;
     ret->key = &ret->pkeys[cert->key - cert->pkeys];
 
-#ifndef OPENSSL_NO_RSA
-    if (cert->rsa_tmp != NULL) {
-        RSA_up_ref(cert->rsa_tmp);
-        ret->rsa_tmp = cert->rsa_tmp;
-    }
-    ret->rsa_tmp_cb = cert->rsa_tmp_cb;
-#endif
-
 #ifndef OPENSSL_NO_DH
     if (cert->dh_tmp != NULL) {
-        ret->dh_tmp = DHparams_dup(cert->dh_tmp);
-        if (ret->dh_tmp == NULL) {
-            SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_DH_LIB);
-            goto err;
-        }
-        if (cert->dh_tmp->priv_key) {
-            BIGNUM *b = BN_dup(cert->dh_tmp->priv_key);
-            if (!b) {
-                SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_BN_LIB);
-                goto err;
-            }
-            ret->dh_tmp->priv_key = b;
-        }
-        if (cert->dh_tmp->pub_key) {
-            BIGNUM *b = BN_dup(cert->dh_tmp->pub_key);
-            if (!b) {
-                SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_BN_LIB);
-                goto err;
-            }
-            ret->dh_tmp->pub_key = b;
-        }
+        ret->dh_tmp = cert->dh_tmp;
+        EVP_PKEY_up_ref(ret->dh_tmp);
     }
     ret->dh_tmp_cb = cert->dh_tmp_cb;
     ret->dh_tmp_auto = cert->dh_tmp_auto;
 #endif
 
-#ifndef OPENSSL_NO_EC
-    ret->ecdh_tmp_auto = cert->ecdh_tmp_auto;
-#endif
-
     for (i = 0; i < SSL_PKEY_NUM; i++) {
         CERT_PKEY *cpk = cert->pkeys + i;
         CERT_PKEY *rpk = ret->pkeys + i;
@@ -327,7 +296,7 @@ CERT *ssl_cert_dup(CERT *cert)
         goto err;
 #ifndef OPENSSL_NO_PSK
     if (cert->psk_identity_hint) {
-        ret->psk_identity_hint = BUF_strdup(cert->psk_identity_hint);
+        ret->psk_identity_hint = OPENSSL_strdup(cert->psk_identity_hint);
         if (ret->psk_identity_hint == NULL)
             goto err;
     }
@@ -381,11 +350,8 @@ void ssl_cert_free(CERT *c)
     }
 #endif
 
-#ifndef OPENSSL_NO_RSA
-    RSA_free(c->rsa_tmp);
-#endif
 #ifndef OPENSSL_NO_DH
-    DH_free(c->dh_tmp);
+    EVP_PKEY_free(c->dh_tmp);
 #endif
 
     ssl_cert_clear_certs(c);
Unnamed repository; edit this file 'description' to name the repository.