Backport support for fixed DH ciphersuites (from HEAD)

author: Dr. Stephen Henson <steve@openssl.org> 2012-04-06 11:33:12 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2012-04-06 11:33:12 +0000
commit: 0ffa49970b9f8ea66b43ce2eb7f8fd523b65bc2c (patch)
tree: 916ed4cced31cec4dd4e0728155451458c514d73
parent: 8cd2ea552e3c6b0cc34e20959daae01b53f03bd7 (diff)
10 files changed, 119 insertions, 52 deletions
diff --git a/CHANGES b/CHANGES
index 00b07c7ae9..1383cfdead 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,7 +4,9 @@
 
  Changes between 1.0.1 and 1.0.2 [xx XXX xxxx]
 
-  *)
+  *) Support for fixed DH ciphersuites: those requiring DH server
+     certificates.
+     [Steve Henson]
 
  Changes between 1.0.1 and 1.0.1a [xx XXX xxxx]
 
diff --git a/ssl/s3_both.c b/ssl/s3_both.c
index b63460a56d..4ed66da7e5 100644
--- a/ssl/s3_both.c
+++ b/ssl/s3_both.c
@@ -590,6 +590,18 @@ int ssl_cert_type(X509 *x, EVP_PKEY *pkey)
 		{
 		ret = SSL_PKEY_GOST01;
 		}
+	else if (x && i == EVP_PKEY_DH)
+		{
+		/* For DH two cases: DH certificate signed with RSA and
+		 * DH certificate signed with DSA.
+		 */
+		i = X509_certificate_type(x, pk);
+		if (i & EVP_PKS_RSA)
+			ret = SSL_PKEY_DH_RSA;
+		else if (i & EVP_PKS_DSA)
+			ret = SSL_PKEY_DH_DSA;
+		}
+		
 err:
 	if(!pkey) EVP_PKEY_free(pk);
 	return(ret);
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index 4511a914a4..36be0eb64a 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -2430,24 +2430,39 @@ int ssl3_send_client_key_exchange(SSL *s)
 		else if (alg_k & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
 			{
 			DH *dh_srvr,*dh_clnt;
+			SESS_CERT *scert = s->session->sess_cert;
 
-			if (s->session->sess_cert == NULL) 
+			if (scert == NULL) 
 				{
 				ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE);
 				SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNEXPECTED_MESSAGE);
 				goto err;
 				}
 
-			if (s->session->sess_cert->peer_dh_tmp != NULL)
-				dh_srvr=s->session->sess_cert->peer_dh_tmp;
+			if (scert->peer_dh_tmp != NULL)
+				dh_srvr=scert->peer_dh_tmp;
 			else
 				{
 				/* we get them from the cert */
-				ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
-				SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNABLE_TO_FIND_DH_PARAMETERS);
-				goto err;
+				int idx = scert->peer_cert_type;
+				EVP_PKEY *spkey = NULL;
+				dh_srvr = NULL;
+				if (idx >= 0)
+					spkey = X509_get_pubkey(
+						scert->peer_pkeys[idx].x509);
+				if (spkey)
+					{
+					dh_srvr = EVP_PKEY_get1_DH(spkey);
+					EVP_PKEY_free(spkey);
+					}
+				if (dh_srvr == NULL)
+					{
+					SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+					    ERR_R_INTERNAL_ERROR);
+					goto err;
+					}
 				}
-			
+
 			/* generate a new random key */
 			if ((dh_clnt=DHparams_dup(dh_srvr)) == NULL)
 				{
@@ -2465,6 +2480,8 @@ int ssl3_send_client_key_exchange(SSL *s)
 			 * make sure to clear it out afterwards */
 
 			n=DH_compute_key(p,dh_srvr->pub_key,dh_clnt);
+			if (scert->peer_dh_tmp == NULL)
+				DH_free(dh_srvr);
 
 			if (n <= 0)
 				{
@@ -3166,7 +3183,7 @@ int ssl3_check_cert_and_algorithm(SSL *s)
 	alg_a=s->s3->tmp.new_cipher->algorithm_auth;
 
 	/* we don't have a certificate */
-	if ((alg_a & (SSL_aDH|SSL_aNULL|SSL_aKRB5)) || (alg_k & SSL_kPSK))
+	if ((alg_a & (SSL_aNULL|SSL_aKRB5)) || (alg_k & SSL_kPSK))
 		return(1);
 
 	sc=s->session->sess_cert;
@@ -3228,19 +3245,21 @@ int ssl3_check_cert_and_algorithm(SSL *s)
 		}
 #endif
 #ifndef OPENSSL_NO_DH
-	if ((alg_k & SSL_kEDH) &&
+	if ((alg_k & SSL_kEDH) && 
 		!(has_bits(i,EVP_PK_DH|EVP_PKT_EXCH) || (dh != NULL)))
 		{
 		SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_KEY);
 		goto f_err;
 		}
-	else if ((alg_k & SSL_kDHr) && !has_bits(i,EVP_PK_DH|EVP_PKS_RSA))
+	else if ((alg_k & SSL_kDHr) && (TLS1_get_version(s) < TLS1_2_VERSION) &&
+		!has_bits(i,EVP_PK_DH|EVP_PKS_RSA))
 		{
 		SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_RSA_CERT);
 		goto f_err;
 		}
 #ifndef OPENSSL_NO_DSA
-	else if ((alg_k & SSL_kDHd) && !has_bits(i,EVP_PK_DH|EVP_PKS_DSA))
+	else if ((alg_k & SSL_kDHd) && (TLS1_get_version(s) < TLS1_2_VERSION) &&
+		!has_bits(i,EVP_PK_DH|EVP_PKS_DSA))
 		{
 		SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_DSA_CERT);
 		goto f_err;
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index db75479c38..d51a31fff8 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -335,7 +335,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 /* The DH ciphers */
 /* Cipher 0B */
 	{
-	0,
+	1,
 	SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
 	SSL3_CK_DH_DSS_DES_40_CBC_SHA,
 	SSL_kDHd,
@@ -351,7 +351,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 
 /* Cipher 0C */
 	{
-	0, /* not implemented (non-ephemeral DH) */
+	1,
 	SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
 	SSL3_CK_DH_DSS_DES_64_CBC_SHA,
 	SSL_kDHd,
@@ -367,7 +367,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 
 /* Cipher 0D */
 	{
-	0, /* not implemented (non-ephemeral DH) */
+	1,
 	SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
 	SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
 	SSL_kDHd,
@@ -383,7 +383,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 
 /* Cipher 0E */
 	{
-	0, /* not implemented (non-ephemeral DH) */
+	1,
 	SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
 	SSL3_CK_DH_RSA_DES_40_CBC_SHA,
 	SSL_kDHr,
@@ -399,7 +399,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 
 /* Cipher 0F */
 	{
-	0, /* not implemented (non-ephemeral DH) */
+	1,
 	SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
 	SSL3_CK_DH_RSA_DES_64_CBC_SHA,
 	SSL_kDHr,
@@ -415,7 +415,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 
 /* Cipher 10 */
 	{
-	0, /* not implemented (non-ephemeral DH) */
+	1,
 	SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
 	SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
 	SSL_kDHr,
@@ -902,7 +902,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 	},
 /* Cipher 30 */
 	{
-	0,
+	1,
 	TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
 	TLS1_CK_DH_DSS_WITH_AES_128_SHA,
 	SSL_kDHd,
@@ -917,7 +917,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 	},
 /* Cipher 31 */
 	{
-	0,
+	1,
 	TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
 	TLS1_CK_DH_RSA_WITH_AES_128_SHA,
 	SSL_kDHr,
@@ -993,7 +993,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 	},
 /* Cipher 36 */
 	{
-	0,
+	1,
 	TLS1_TXT_DH_DSS_WITH_AES_256_SHA,
 	TLS1_CK_DH_DSS_WITH_AES_256_SHA,
 	SSL_kDHd,
@@ -1009,7 +1009,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 
 /* Cipher 37 */
 	{
-	0, /* not implemented (non-ephemeral DH) */
+	1,
 	TLS1_TXT_DH_RSA_WITH_AES_256_SHA,
 	TLS1_CK_DH_RSA_WITH_AES_256_SHA,
 	SSL_kDHr,
@@ -1122,7 +1122,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 
 	/* Cipher 3E */
 	{
-	0, /* not implemented (non-ephemeral DH) */
+	1,
 	TLS1_TXT_DH_DSS_WITH_AES_128_SHA256,
 	TLS1_CK_DH_DSS_WITH_AES_128_SHA256,
 	SSL_kDHr,
@@ -1138,7 +1138,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 
 	/* Cipher 3F */
 	{
-	0, /* not implemented (non-ephemeral DH) */
+	1,
 	TLS1_TXT_DH_RSA_WITH_AES_128_SHA256,
 	TLS1_CK_DH_RSA_WITH_AES_128_SHA256,
 	SSL_kDHr,
@@ -1189,7 +1189,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 
 	/* Cipher 42 */
 	{
-	0, /* not implemented (non-ephemeral DH) */
+	1,
 	TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
 	TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
 	SSL_kDHd,
@@ -1205,7 +1205,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 
 	/* Cipher 43 */
 	{
-	0, /* not implemented (non-ephemeral DH) */
+	1,
 	TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
 	TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
 	SSL_kDHr,
@@ -1404,7 +1404,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 
 	/* Cipher 68 */
 	{
-	0, /* not implemented (non-ephemeral DH) */
+	1,
 	TLS1_TXT_DH_DSS_WITH_AES_256_SHA256,
 	TLS1_CK_DH_DSS_WITH_AES_256_SHA256,
 	SSL_kDHr,
@@ -1420,7 +1420,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 
 	/* Cipher 69 */
 	{
-	0, /* not implemented (non-ephemeral DH) */
+	1,
 	TLS1_TXT_DH_RSA_WITH_AES_256_SHA256,
 	TLS1_CK_DH_RSA_WITH_AES_256_SHA256,
 	SSL_kDHr,
@@ -1577,7 +1577,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 	},
 	/* Cipher 85 */
 	{
-	0, /* not implemented (non-ephemeral DH) */
+	1,
 	TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
 	TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
 	SSL_kDHd,
@@ -1593,7 +1593,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 
 	/* Cipher 86 */
 	{
-	0, /* not implemented (non-ephemeral DH) */
+	1,
 	TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
 	TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
 	SSL_kDHr,
@@ -1743,7 +1743,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 
 	/* Cipher 97 */
 	{
-	0, /* not implemented (non-ephemeral DH) */
+	1,
 	TLS1_TXT_DH_DSS_WITH_SEED_SHA,
 	TLS1_CK_DH_DSS_WITH_SEED_SHA,
 	SSL_kDHd,
@@ -1759,7 +1759,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 
 	/* Cipher 98 */
 	{
-	0, /* not implemented (non-ephemeral DH) */
+	1,
 	TLS1_TXT_DH_RSA_WITH_SEED_SHA,
 	TLS1_CK_DH_RSA_WITH_SEED_SHA,
 	SSL_kDHr,
@@ -1891,7 +1891,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 
 	/* Cipher A0 */
 	{
-	0,
+	1,
 	TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256,
 	TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256,
 	SSL_kDHr,
@@ -1907,7 +1907,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 
 	/* Cipher A1 */
 	{
-	0,
+	1,
 	TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384,
 	TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384,
 	SSL_kDHr,
@@ -1955,7 +1955,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 
 	/* Cipher A4 */
 	{
-	0,
+	1,
 	TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256,
 	TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256,
 	SSL_kDHr,
@@ -1971,7 +1971,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 
 	/* Cipher A5 */
 	{
-	0,
+	1,
 	TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384,
 	TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384,
 	SSL_kDHr,
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 5944d8c484..bcde8f245a 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -476,7 +476,7 @@ int ssl3_accept(SSL *s)
 			    /* SRP: send ServerKeyExchange */
 			    || (alg_k & SSL_kSRP)
 #endif
-			    || (alg_k & (SSL_kDHr|SSL_kDHd|SSL_kEDH))
+			    || (alg_k & SSL_kEDH)
 			    || (alg_k & SSL_kEECDH)
 			    || ((alg_k & SSL_kRSA)
 				&& (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL
@@ -2278,7 +2278,25 @@ int ssl3_get_client_key_exchange(SSL *s)
 			}
 		else
 			{
-			if (s->s3->tmp.dh == NULL)
+			int idx = -1;
+			if (alg_k & SSL_kDHr)
+				idx = SSL_PKEY_DH_RSA;
+			else if (alg_k & SSL_kDHd)
+				idx = SSL_PKEY_DH_DSA;
+			if (idx >= 0)
+				{
+				EVP_PKEY *skey = s->cert->pkeys[idx].privatekey;
+				if ((skey == NULL) ||
+					(skey->type != EVP_PKEY_DH) ||
+					(skey->pkey.dh == NULL))
+					{
+					al=SSL_AD_HANDSHAKE_FAILURE;
+					SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_RSA_CERTIFICATE);
+					goto f_err;
+					}
+				dh_srvr = skey->pkey.dh;
+				}
+			else if (s->s3->tmp.dh == NULL)
 				{
 				al=SSL_AD_HANDSHAKE_FAILURE;
 				SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_TMP_DH_KEY);
diff --git a/ssl/ssl.h b/ssl/ssl.h
index 525602e4c2..f0b6a56c2f 100644
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -241,9 +241,9 @@ extern "C" {
 #define	SSL_TXT_NULL		"NULL"
 
 #define SSL_TXT_kRSA		"kRSA"
-#define SSL_TXT_kDHr		"kDHr" /* no such ciphersuites supported! */
-#define SSL_TXT_kDHd		"kDHd" /* no such ciphersuites supported! */
-#define SSL_TXT_kDH 		"kDH"  /* no such ciphersuites supported! */
+#define SSL_TXT_kDHr		"kDHr" 
+#define SSL_TXT_kDHd		"kDHd"
+#define SSL_TXT_kDH 		"kDH"
 #define SSL_TXT_kEDH		"kEDH"
 #define SSL_TXT_kKRB5     	"kKRB5"
 #define SSL_TXT_kECDHr		"kECDHr"
@@ -256,7 +256,7 @@ extern "C" {
 
 #define	SSL_TXT_aRSA		"aRSA"
 #define	SSL_TXT_aDSS		"aDSS"
-#define	SSL_TXT_aDH		"aDH" /* no such ciphersuites supported! */
+#define	SSL_TXT_aDH		"aDH"
 #define	SSL_TXT_aECDH		"aECDH"
 #define SSL_TXT_aKRB5     	"aKRB5"
 #define SSL_TXT_aECDSA		"aECDSA"
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
index b96d26faba..a96a5daaf5 100644
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -238,9 +238,9 @@ static const SSL_CIPHER cipher_aliases[]={
 	 * e.g. kEDH combines DHE_DSS and DHE_RSA) */
 	{0,SSL_TXT_kRSA,0,    SSL_kRSA,  0,0,0,0,0,0,0,0},
 
-	{0,SSL_TXT_kDHr,0,    SSL_kDHr,  0,0,0,0,0,0,0,0}, /* no such ciphersuites supported! */
-	{0,SSL_TXT_kDHd,0,    SSL_kDHd,  0,0,0,0,0,0,0,0}, /* no such ciphersuites supported! */
-	{0,SSL_TXT_kDH,0,     SSL_kDHr|SSL_kDHd,0,0,0,0,0,0,0,0}, /* no such ciphersuites supported! */
+	{0,SSL_TXT_kDHr,0,    SSL_kDHr,  0,0,0,0,0,0,0,0},
+	{0,SSL_TXT_kDHd,0,    SSL_kDHd,  0,0,0,0,0,0,0,0},
+	{0,SSL_TXT_kDH,0,     SSL_kDHr|SSL_kDHd,0,0,0,0,0,0,0,0},
 	{0,SSL_TXT_kEDH,0,    SSL_kEDH,  0,0,0,0,0,0,0,0},
 	{0,SSL_TXT_DH,0,      SSL_kDHr|SSL_kDHd|SSL_kEDH,0,0,0,0,0,0,0,0},
 
@@ -702,8 +702,6 @@ static void ssl_cipher_get_disabled(unsigned long *mkey, unsigned long *auth, un
 #ifdef OPENSSL_NO_DSA
 	*auth |= SSL_aDSS;
 #endif
-	*mkey |= SSL_kDHr|SSL_kDHd; /* no such ciphersuites supported! */
-	*auth |= SSL_aDH;
 #ifdef OPENSSL_NO_DH
 	*mkey |= SSL_kDHr|SSL_kDHd|SSL_kEDH;
 	*auth |= SSL_aDH;
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index f82d071d6e..ac7c9f6e0f 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -2108,6 +2108,9 @@ void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
 	if (dh_dsa) mask_k|=SSL_kDHd;
 	if (dh_dsa_export) emask_k|=SSL_kDHd;
 
+	if (emask_k & (SSL_kDHr|SSL_kDHd))
+		mask_a |= SSL_aDH;
+
 	if (rsa_enc || rsa_sign)
 		{
 		mask_a|=SSL_aRSA;
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index d87fd51cfa..13ab8d3946 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -280,8 +280,8 @@
 
 /* Bits for algorithm_mkey (key exchange algorithm) */
 #define SSL_kRSA		0x00000001L /* RSA key exchange */
-#define SSL_kDHr		0x00000002L /* DH cert, RSA CA cert */ /* no such ciphersuites supported! */
-#define SSL_kDHd		0x00000004L /* DH cert, DSA CA cert */ /* no such ciphersuite supported! */
+#define SSL_kDHr		0x00000002L /* DH cert, RSA CA cert */
+#define SSL_kDHd		0x00000004L /* DH cert, DSA CA cert */
 #define SSL_kEDH		0x00000008L /* tmp DH key no DH cert */
 #define SSL_kKRB5		0x00000010L /* Kerberos5 key exchange */
 #define SSL_kECDHr		0x00000020L /* ECDH cert, RSA CA cert */
@@ -295,7 +295,7 @@
 #define SSL_aRSA		0x00000001L /* RSA auth */
 #define SSL_aDSS 		0x00000002L /* DSS auth */
 #define SSL_aNULL 		0x00000004L /* no auth (i.e. use ADH or AECDH) */
-#define SSL_aDH 		0x00000008L /* Fixed DH auth (kDHd or kDHr) */ /* no such ciphersuites supported! */
+#define SSL_aDH 		0x00000008L /* Fixed DH auth (kDHd or kDHr) */
 #define SSL_aECDH 		0x00000010L /* Fixed ECDH auth (kECDHe or kECDHr) */
 #define SSL_aKRB5               0x00000020L /* KRB5 auth */
 #define SSL_aECDSA              0x00000040L /* ECDSA auth*/
diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c
index c0960b5712..b7c19051e9 100644
--- a/ssl/ssl_rsa.c
+++ b/ssl/ssl_rsa.c
@@ -182,8 +182,23 @@ int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa)
 static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey)
 	{
 	int i;
-
-	i=ssl_cert_type(NULL,pkey);
+	/* Special case for DH: check two DH certificate types for a match.
+	 * This means for DH certificates we must set the certificate first.
+	 */
+	if (pkey->type == EVP_PKEY_DH)
+		{
+		X509 *x;
+		i = -1;
+		x = c->pkeys[SSL_PKEY_DH_RSA].x509;
+		if (x && X509_check_private_key(x, pkey))
+				i = SSL_PKEY_DH_RSA;
+		x = c->pkeys[SSL_PKEY_DH_DSA].x509;
+		if (i == -1 && x && X509_check_private_key(x, pkey))
+				i = SSL_PKEY_DH_DSA;
+		ERR_clear_error();
+		}
+	else 
+		i=ssl_cert_type(NULL,pkey);
 	if (i < 0)
 		{
 		SSLerr(SSL_F_SSL_SET_PKEY,SSL_R_UNKNOWN_CERTIFICATE_TYPE);
author	Dr. Stephen Henson <steve@openssl.org>	2012-04-06 11:33:12 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2012-04-06 11:33:12 +0000
commit	0ffa49970b9f8ea66b43ce2eb7f8fd523b65bc2c (patch)
tree	916ed4cced31cec4dd4e0728155451458c514d73
parent	8cd2ea552e3c6b0cc34e20959daae01b53f03bd7 (diff)