diff options
author | Matt Caswell <matt@openssl.org> | 2014-11-18 16:54:07 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2014-12-16 14:17:12 +0000 |
commit | a38ae11c48761ab468296e8960210f041b93dfde (patch) | |
tree | 3e1f68b65be6ec5c19343335a25a7c466fd4a1e9 /ssl/s3_lib.c | |
parent | 4ca0e95b92811f7dac9fff213350c248619a135c (diff) |
Add OPENSSL_NO_ECDH guards
Reviewed-by: Emilia Käsper <emilia@openssl.org>
(cherry picked from commit af6e2d51bfeabbae827030d4c9d58a8f7477c4a0)
Diffstat (limited to 'ssl/s3_lib.c')
-rw-r--r-- | ssl/s3_lib.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 361f295521..713de7295e 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -3484,10 +3484,12 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) case SSL_CTRL_GET_SHARED_CURVE: return tls1_shared_curve(s, larg); +#ifndef OPENSSL_NO_ECDH case SSL_CTRL_SET_ECDH_AUTO: s->cert->ecdh_tmp_auto = larg; return 1; #endif +#endif case SSL_CTRL_SET_SIGALGS: return tls1_set_sigalgs(s->cert, parg, larg, 0); @@ -3558,7 +3560,7 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) EVP_PKEY *ptmp; int rv = 0; sc = s->session->sess_cert; -#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DH) && !defined(OPENSSL_NO_EC) +#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DH) && !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_ECDH) if (!sc->peer_rsa_tmp && !sc->peer_dh_tmp && !sc->peer_ecdh_tmp) return 0; @@ -3899,10 +3901,12 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) return tls1_set_curves_list(&ctx->tlsext_ellipticcurvelist, &ctx->tlsext_ellipticcurvelist_length, parg); +#ifndef OPENSSL_NO_ECDH case SSL_CTRL_SET_ECDH_AUTO: ctx->cert->ecdh_tmp_auto = larg; return 1; #endif +#endif case SSL_CTRL_SET_SIGALGS: return tls1_set_sigalgs(ctx->cert, parg, larg, 0); @@ -4200,10 +4204,12 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt, #ifndef OPENSSL_NO_TLSEXT #ifndef OPENSSL_NO_EC +#ifndef OPENSSL_NO_ECDH /* if we are considering an ECC cipher suite that uses * an ephemeral EC key check it */ if (alg_k & SSL_kEECDH) ok = ok && tls1_check_ec_tmp_key(s, c->id); +#endif /* OPENSSL_NO_ECDH */ #endif /* OPENSSL_NO_EC */ #endif /* OPENSSL_NO_TLSEXT */ |