vendor/openssl/1.0.2q

author: Jung-uk Kim <jkim@FreeBSD.org> 2018-11-20 19:01:17 +0000
committer: Jung-uk Kim <jkim@FreeBSD.org> 2018-11-20 19:01:17 +0000
commit: f12dd99bc33eefb702280bdaed6156a57d867be1 (patch)
tree: 3ced903ff59efa46be0b01f4cae665cd9c974b15 /ssl/ssl_lib.c
parent: 43a67e02da9068b94df1c07fc6f0d70bafd9263b (diff)
1 files changed, 5 insertions, 3 deletions
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index aa0cbdb987201..cfcfe76b9ce18 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -2259,10 +2259,10 @@ void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
     int rsa_tmp_export, dh_tmp_export, kl;
     unsigned long mask_k, mask_a, emask_k, emask_a;
 #ifndef OPENSSL_NO_ECDSA
-    int have_ecc_cert, ecdsa_ok, ecc_pkey_size;
+    int have_ecc_cert, ecdsa_ok;
 #endif
 #ifndef OPENSSL_NO_ECDH
-    int have_ecdh_tmp, ecdh_ok;
+    int have_ecdh_tmp, ecdh_ok, ecc_pkey_size;
 #endif
 #ifndef OPENSSL_NO_EC
     X509 *x = NULL;
@@ -2405,7 +2405,9 @@ void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
         if (!(cpk->valid_flags & CERT_PKEY_SIGN))
             ecdsa_ok = 0;
         ecc_pkey = X509_get_pubkey(x);
+# ifndef OPENSSL_NO_ECDH
         ecc_pkey_size = (ecc_pkey != NULL) ? EVP_PKEY_bits(ecc_pkey) : 0;
+# endif
         EVP_PKEY_free(ecc_pkey);
         if ((x->sig_alg) && (x->sig_alg->algorithm)) {
             signature_nid = OBJ_obj2nid(x->sig_alg->algorithm);
@@ -2467,7 +2469,7 @@ void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
 #define ku_reject(x, usage) \
         (((x)->ex_flags & EXFLAG_KUSAGE) && !((x)->ex_kusage & (usage)))
 
-#ifndef OPENSSL_NO_EC
+#ifndef OPENSSL_NO_ECDH
 
 int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
 {
author	Jung-uk Kim <jkim@FreeBSD.org>	2018-11-20 19:01:17 +0000
committer	Jung-uk Kim <jkim@FreeBSD.org>	2018-11-20 19:01:17 +0000
commit	f12dd99bc33eefb702280bdaed6156a57d867be1 (patch)
tree	3ced903ff59efa46be0b01f4cae665cd9c974b15 /ssl/ssl_lib.c
parent	43a67e02da9068b94df1c07fc6f0d70bafd9263b (diff)