diff options
author | Bodo Möller <bodo@openssl.org> | 2006-06-14 17:40:31 +0000 |
---|---|---|
committer | Bodo Möller <bodo@openssl.org> | 2006-06-14 17:40:31 +0000 |
commit | 89bbe14c506b9bd2fd00e6bae22a99ef1ee7ad19 (patch) | |
tree | 5b2e860f61305a0e06452569743e56d07db61790 /ssl/ssl_lib.c | |
parent | 6635b48cd15942a4ae5b43e638eff1db2b41122b (diff) |
Ciphersuite string bugfixes, and ECC-related (re-)definitions.
Diffstat (limited to 'ssl/ssl_lib.c')
-rw-r--r-- | ssl/ssl_lib.c | 18 |
1 files changed, 9 insertions, 9 deletions
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 091195f790..eae31f9822 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -1784,15 +1784,15 @@ void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher) (signature_nid == NID_md4WithRSAEncryption) || (signature_nid == NID_md2WithRSAEncryption)) { - mask|=SSL_kECDH|SSL_aRSA; + mask|=SSL_kECDHr|SSL_aECDH; if (ecc_pkey_size <= 163) - emask|=SSL_kECDH|SSL_aRSA; + emask|=SSL_kECDHr|SSL_aECDH; } if (signature_nid == NID_ecdsa_with_SHA1) { - mask|=SSL_kECDH|SSL_aECDSA; + mask|=SSL_kECDHe|SSL_aECDH; if (ecc_pkey_size <= 163) - emask|=SSL_kECDH|SSL_aECDSA; + emask|=SSL_kECDHe|SSL_aECDH; } } #endif @@ -1808,8 +1808,8 @@ void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher) #ifndef OPENSSL_NO_ECDH if (have_ecdh_tmp) { - mask|=SSL_kECDHE; - emask|=SSL_kECDHE; + mask|=SSL_kEECDH; + emask|=SSL_kEECDH; } #endif @@ -1902,13 +1902,13 @@ X509 *ssl_get_server_send_cert(SSL *s) if (kalg & SSL_kECDH) { - /* we don't need to look at SSL_kECDHE + /* we don't need to look at SSL_kEECDH * since no certificate is needed for * anon ECDH and for authenticated - * ECDHE, the check for the auth + * EECDH, the check for the auth * algorithm will set i correctly * NOTE: For ECDH-RSA, we need an ECC - * not an RSA cert but for ECDHE-RSA + * not an RSA cert but for EECDH-RSA * we need an RSA cert. Placing the * checks for SSL_kECDH before RSA * checks ensures the correct cert is chosen. |