X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=ssl%2Ftls_depr.c;h=1761ba1d8ef1fd3f9cd8b6b4a38d0b6ce86f5413;hp=7ecb61e79ca5423f9e6d9cda852679d22c7e0856;hb=HEAD;hpb=4333b89f504e7a8de9c42a0d27f68530b5301848

diff --git a/ssl/tls_depr.c b/ssl/tls_depr.c
index 7ecb61e79c..85ed9f25f9 100644
--- a/ssl/tls_depr.c
+++ b/ssl/tls_depr.c
@@ -27,6 +27,7 @@ void tls_engine_finish(ENGINE *e)
 
 const EVP_CIPHER *tls_get_cipher_from_engine(int nid)
 {
+    const EVP_CIPHER *ret = NULL;
 #ifndef OPENSSL_NO_ENGINE
     ENGINE *eng;
 
@@ -36,15 +37,16 @@ const EVP_CIPHER *tls_get_cipher_from_engine(int nid)
      */
     eng = ENGINE_get_cipher_engine(nid);
     if (eng != NULL) {
+        ret = ENGINE_get_cipher(eng, nid);
         ENGINE_finish(eng);
-        return EVP_get_cipherbynid(nid);
     }
 #endif
-    return NULL;
+    return ret;
 }
 
 const EVP_MD *tls_get_digest_from_engine(int nid)
 {
+    const EVP_MD *ret = NULL;
 #ifndef OPENSSL_NO_ENGINE
     ENGINE *eng;
 
@@ -54,18 +56,22 @@ const EVP_MD *tls_get_digest_from_engine(int nid)
      */
     eng = ENGINE_get_digest_engine(nid);
     if (eng != NULL) {
+        ret = ENGINE_get_digest(eng, nid);
         ENGINE_finish(eng);
-        return EVP_get_digestbynid(nid);
     }
 #endif
-    return NULL;
+    return ret;
 }
 
 #ifndef OPENSSL_NO_ENGINE
-int tls_engine_load_ssl_client_cert(SSL *s, X509 **px509, EVP_PKEY **ppkey)
+int tls_engine_load_ssl_client_cert(SSL_CONNECTION *s, X509 **px509,
+                                    EVP_PKEY **ppkey)
 {
-    return ENGINE_load_ssl_client_cert(s->ctx->client_cert_engine, s,
-                                       SSL_get_client_CA_list(s),
+    SSL *ssl = SSL_CONNECTION_GET_SSL(s);
+
+    return ENGINE_load_ssl_client_cert(SSL_CONNECTION_GET_CTX(s)->client_cert_engine,
+                                       ssl,
+                                       SSL_get_client_CA_list(ssl),
                                        px509, ppkey, NULL, NULL, NULL);
 }
 #endif
@@ -144,9 +150,9 @@ HMAC_CTX *ssl_hmac_get0_HMAC_CTX(SSL_HMAC *ctx)
 }
 
 /* Some deprecated public APIs pass DH objects */
-# ifndef OPENSSL_NO_DH
 EVP_PKEY *ssl_dh_to_pkey(DH *dh)
 {
+# ifndef OPENSSL_NO_DH
     EVP_PKEY *ret;
 
     if (dh == NULL)
@@ -157,14 +163,16 @@ EVP_PKEY *ssl_dh_to_pkey(DH *dh)
         return NULL;
     }
     return ret;
-}
+# else
+    return NULL;
 # endif
+}
 
 /* Some deprecated public APIs pass EC_KEY objects */
-# ifndef OPENSSL_NO_EC
 int ssl_set_tmp_ecdh_groups(uint16_t **pext, size_t *pextlen,
                             void *key)
 {
+#  ifndef OPENSSL_NO_EC
     const EC_GROUP *group = EC_KEY_get0_group((const EC_KEY *)key);
     int nid;
 
@@ -176,6 +184,28 @@ int ssl_set_tmp_ecdh_groups(uint16_t **pext, size_t *pextlen,
     if (nid == NID_undef)
         return 0;
     return tls1_set_groups(pext, pextlen, &nid, 1);
+#  else
+    return 0;
+#  endif
+}
+
+/*
+ * Set the callback for generating temporary DH keys.
+ * ctx: the SSL context.
+ * dh: the callback
+ */
+# if !defined(OPENSSL_NO_DH)
+void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
+                                 DH *(*dh) (SSL *ssl, int is_export,
+                                            int keylength))
+{
+    SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_DH_CB, (void (*)(void))dh);
+}
+
+void SSL_set_tmp_dh_callback(SSL *ssl, DH *(*dh) (SSL *ssl, int is_export,
+                                                  int keylength))
+{
+    SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_DH_CB, (void (*)(void))dh);
 }
 # endif
-#endif
+#endif /* OPENSSL_NO_DEPRECATED */