projects / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 2ececf5)
Add OPENSSL_NO_ECDH guards
authorMatt Caswell <matt@openssl.org>
Tue, 18 Nov 2014 15:56:50 +0000 (15:56 +0000)
committerMatt Caswell <matt@openssl.org>
Tue, 16 Dec 2014 10:22:20 +0000 (10:22 +0000)
Reviewed-by: Emilia Käsper <emilia@openssl.org>
(cherry picked from commit 7f9edfd23a9b9cd0827cc381e8fbd8cd0c9e5035)

crypto/ec/ec_pmeth.c patch | blob | history
ssl/s3_lib.c patch | blob | history

diff --git a/crypto/ec/ec_pmeth.c b/crypto/ec/ec_pmeth.c
index ba4b51957027401b4ba5302e97b3423739407e4b..03ac81e5cc53553a39fdcc468ca8cefb7ac47d01 100644 (file)
--- a/crypto/ec/ec_pmeth.c
+++ b/crypto/ec/ec_pmeth.c
@@ -167,6 +167,7 @@ static int pkey_ec_verify(EVP_PKEY_CTX *ctx,
        return ret;
        }
 
+#ifndef OPENSSL_NO_ECDH
 static int pkey_ec_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen)
        {
        int ret;
@@ -200,6 +201,7 @@ static int pkey_ec_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen)
        *keylen = ret;
        return 1;
        }
+#endif
 
 static int pkey_ec_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
        {
@@ -332,7 +334,11 @@ const EVP_PKEY_METHOD ec_pkey_meth =
        0,0,
 
        0,
+#ifndef OPENSSL_NO_ECDH
        pkey_ec_derive,
+#else
+       0,
+#endif
 
        pkey_ec_ctrl,
        pkey_ec_ctrl_str
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index b874dd473f46fa4cc1b6cbb93e6cd9af25a90fb4..c561e7bd1f6a4956a2b16e7124b04520c80809da 100644 (file)
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -3058,6 +3058,7 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
                                }
                        ok = ok && ec_ok;
                        }
+#ifndef OPENSSL_NO_ECDH
                if (
                        /* if we are considering an ECC cipher suite that uses an ephemeral EC key */
                        (alg_k & SSL_kEECDH)
@@ -3105,6 +3106,7 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
                                }
                        ok = ok && ec_ok;
                        }
+#endif /* OPENSSL_NO_ECDH */
 #endif /* OPENSSL_NO_EC */
 #endif /* OPENSSL_NO_TLSEXT */
 
Unnamed repository; edit this file 'description' to name the repository.