*/
#ifndef NOPROTO
+static SSL_METHOD *ssl3_get_server_method(int ver);
static int ssl3_get_client_hello(SSL *s);
static int ssl3_send_server_hello(SSL *s);
static int ssl3_send_server_key_exchange(SSL *s);
#else
+static SSL_METHOD *ssl3_get_server_method();
static int ssl3_get_client_hello();
static int ssl3_send_server_hello();
static int ssl3_send_server_key_exchange();
if ((rsa == NULL) && (s->ctx->default_cert->rsa_tmp_cb != NULL))
{
rsa=s->ctx->default_cert->rsa_tmp_cb(s,
- (s->s3->tmp.new_cipher->algorithms|
- SSL_NOT_EXP)?0:1);
+ !(s->s3->tmp.new_cipher->algorithms
+ &SSL_NOT_EXP));
CRYPTO_add(&rsa->references,1,CRYPTO_LOCK_RSA);
cert->rsa_tmp=rsa;
}
dhp=cert->dh_tmp;
if ((dhp == NULL) && (cert->dh_tmp_cb != NULL))
dhp=cert->dh_tmp_cb(s,
- (s->s3->tmp.new_cipher->algorithms|
- SSL_NOT_EXP)?0:1);
+ !(s->s3->tmp.new_cipher->algorithms
+ &SSL_NOT_EXP));
if (dhp == NULL)
{
al=SSL_AD_HANDSHAKE_FAILURE;
}
s->s3->tmp.dh=dh;
- if (((dhp->pub_key == NULL) ||
- (dhp->priv_key == NULL) ||
- (s->options & SSL_OP_SINGLE_DH_USE)) &&
- (!DH_generate_key(dh)))
+ if ((dhp->pub_key == NULL ||
+ dhp->priv_key == NULL ||
+ (s->options & SSL_OP_SINGLE_DH_USE)))
{
- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_DH_LIB);
- goto err;
+ if(!DH_generate_key(dh))
+ {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
+ ERR_R_DH_LIB);
+ goto err;
+ }
}
else
{
i=RSA_private_decrypt((int)n,p,p,rsa,RSA_PKCS1_PADDING);
#if 1
- /* If a bad decrypt, use a dud master key */
+ /* If a bad decrypt, use a random master key */
if ((i != SSL_MAX_MASTER_KEY_LENGTH) ||
((p[0] != (s->version>>8)) ||
(p[1] != (s->version & 0xff))))