ssl: support params arguments to init functions

author Pauli <ppzgs1@gmail.com>

Tue, 2 Mar 2021 12:41:10 +0000 (22:41 +1000)

committer Pauli <ppzgs1@gmail.com>

Thu, 11 Mar 2021 22:27:11 +0000 (08:27 +1000)
author Pauli <ppzgs1@gmail.com>
Tue, 2 Mar 2021 12:41:10 +0000 (22:41 +1000)
committer Pauli <ppzgs1@gmail.com>
Thu, 11 Mar 2021 22:27:11 +0000 (08:27 +1000)
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c

index 8eb0f7c8647b431c261acf87be83cd1d387fb206..19ae6d9a2818761893e622dc8f904cdf6cf2627b 100644 (file)
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -4827,7 +4827,7 @@ int ssl_decapsulate(SSL *s, EVP_PKEY *privkey,
  
      pctx = EVP_PKEY_CTX_new_from_pkey(s->ctx->libctx, privkey, s->ctx->propq);
  
-    if (EVP_PKEY_decapsulate_init(pctx) <= 0
+    if (EVP_PKEY_decapsulate_init(pctx, NULL) <= 0
              || EVP_PKEY_decapsulate(pctx, NULL, &pmslen, ct, ctlen) <= 0) {
          SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
          goto err;
@@ -4877,7 +4877,7 @@ int ssl_encapsulate(SSL *s, EVP_PKEY *pubkey,
  
      pctx = EVP_PKEY_CTX_new_from_pkey(s->ctx->libctx, pubkey, s->ctx->propq);
  
-    if (EVP_PKEY_encapsulate_init(pctx) <= 0
+    if (EVP_PKEY_encapsulate_init(pctx, NULL) <= 0
              || EVP_PKEY_encapsulate(pctx, NULL, &ctlen, NULL, &pmslen) <= 0
              || pmslen == 0 || ctlen == 0) {
          SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c

index 13e5f5a8e5d2ce7dd3b0037190df5583dbcbac64..5e21ff8593a4cbf7bb47e1efe95eaa795ae96954 100644 (file)
--- a/ssl/statem/extensions.c
+++ b/ssl/statem/extensions.c
@@ -1570,7 +1570,7 @@ int tls_psk_do_binder(SSL *s, const EVP_MD *md, const unsigned char *msgstart,
  
      bindersize = hashsize;
      if (EVP_DigestSignInit_ex(mctx, NULL, EVP_MD_name(md), s->ctx->libctx,
-                              s->ctx->propq, mackey) <= 0
+                              s->ctx->propq, mackey, NULL) <= 0
              || EVP_DigestSignUpdate(mctx, hash, hashsize) <= 0
              || EVP_DigestSignFinal(mctx, binderout, &bindersize) <= 0
              || bindersize != hashsize) {
diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c

index 28fb039424d223e99661f67479ffc12a595094be..8462a67c1a8513d0e9f4a511f5961d740915bbe0 100644 (file)
--- a/ssl/statem/extensions_srvr.c
+++ b/ssl/statem/extensions_srvr.c
@@ -734,7 +734,7 @@ int tls_parse_ctos_cookie(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
  
      hmaclen = SHA256_DIGEST_LENGTH;
      if (EVP_DigestSignInit_ex(hctx, NULL, "SHA2-256", s->ctx->libctx,
-                              s->ctx->propq, pkey) <= 0
+                              s->ctx->propq, pkey, NULL) <= 0
              || EVP_DigestSign(hctx, hmac, &hmaclen, data,
                                rawlen - SHA256_DIGEST_LENGTH) <= 0
              || hmaclen != SHA256_DIGEST_LENGTH) {
@@ -1796,7 +1796,7 @@ EXT_RETURN tls_construct_stoc_cookie(SSL *s, WPACKET *pkt, unsigned int context,
      }
  
      if (EVP_DigestSignInit_ex(hctx, NULL, "SHA2-256", s->ctx->libctx,
-                              s->ctx->propq, pkey) <= 0
+                              s->ctx->propq, pkey, NULL) <= 0
              || EVP_DigestSign(hctx, hmac, &hmaclen, cookie,
                                totcookielen) <= 0) {
          SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c

index e5a255d75d911200084f53cd6259be17e6755e8b..c60b259e1fd2949b361edc63aaad4370bb53b721 100644 (file)
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -2272,7 +2272,8 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt)
  
          if (EVP_DigestVerifyInit_ex(md_ctx, &pctx,
                                      md == NULL ? NULL : EVP_MD_name(md),
-                                    s->ctx->libctx, s->ctx->propq, pkey) <= 0) {
+                                    s->ctx->libctx, s->ctx->propq, pkey,
+                                    NULL) <= 0) {
              SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB);
              goto err;
          }
diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c

index a7ed843aa4ef68092a65758317ecea32ed1a8082..800a957ab2f0a9f561b513b62589fa8f03418142 100644 (file)
--- a/ssl/statem/statem_lib.c
+++ b/ssl/statem/statem_lib.c
@@ -310,7 +310,8 @@ int tls_construct_cert_verify(SSL *s, WPACKET *pkt)
      }
  
      if (EVP_DigestSignInit_ex(mctx, &pctx, md == NULL ? NULL : EVP_MD_name(md),
-                              s->ctx->libctx, s->ctx->propq, pkey) <= 0) {
+                              s->ctx->libctx, s->ctx->propq, pkey,
+                              NULL) <= 0) {
          SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB);
          goto err;
      }
@@ -487,7 +488,8 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt)
  
      if (EVP_DigestVerifyInit_ex(mctx, &pctx,
                                  md == NULL ? NULL : EVP_MD_name(md),
-                                s->ctx->libctx, s->ctx->propq, pkey) <= 0) {
+                                s->ctx->libctx, s->ctx->propq, pkey,
+                                NULL) <= 0) {
          SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB);
          goto err;
      }
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c

index d1138e45d55d74bc8b2f2b7b857944b8aa1b5db8..4c2ca4e6e5c520795bc03e95ceecb0d7db65591b 100644 (file)
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -2672,7 +2672,8 @@ int tls_construct_server_key_exchange(SSL *s, WPACKET *pkt)
  
          if (EVP_DigestSignInit_ex(md_ctx, &pctx,
                                    md == NULL ? NULL : EVP_MD_name(md),
-                                  s->ctx->libctx, s->ctx->propq, pkey) <= 0) {
+                                  s->ctx->libctx, s->ctx->propq, pkey,
+                                  NULL) <= 0) {
              SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
              goto err;
          }
diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c

index bb0ee0c5d446f6b48154d96b48d390301c436e90..e45fdea0cb1ca14dbd7c945cf6e4b09005133dba 100644 (file)
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -378,7 +378,8 @@ int tls1_change_cipher_state(SSL *s, int which)
          }
          if (mac_key == NULL
              || EVP_DigestSignInit_ex(mac_ctx, NULL, EVP_MD_name(m),
-                                     s->ctx->libctx, s->ctx->propq, mac_key) <= 0) {
+                                     s->ctx->libctx, s->ctx->propq, mac_key,
+                                     NULL) <= 0) {
              EVP_PKEY_free(mac_key);
              SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
              goto err;
author	Pauli <ppzgs1@gmail.com>
	Tue, 2 Mar 2021 12:41:10 +0000 (22:41 +1000)
committer	Pauli <ppzgs1@gmail.com>
	Thu, 11 Mar 2021 22:27:11 +0000 (08:27 +1000)
ssl/s3_lib.c		patch \| blob \| history
ssl/statem/extensions.c		patch \| blob \| history
ssl/statem/extensions_srvr.c		patch \| blob \| history
ssl/statem/statem_clnt.c		patch \| blob \| history
ssl/statem/statem_lib.c		patch \| blob \| history
ssl/statem/statem_srvr.c		patch \| blob \| history
ssl/t1_enc.c		patch \| blob \| history