CVSROOT: /cvs
Module name: src
Changes by: guent...@cvs.openbsd.org 2014/07/27 22:23:12
Modified files:
lib/libssl/src/ssl: d1_srvr.c s3_srvr.c ssl_locl.h
Log message:
The RSA, DH, and ECDH temporary key callbacks expect the number of keybits
for the key (expressed in RSA key bits, which makes *no sense* for ECDH) as
their second argument, not zero.
(jsing@ notes that the RSA callback is only invoked for 'export' ciphers,
which have been removed from LibreSSL, and for the SSL_OP_EPHEMERAL_RSA
option, which is makes the application non-compliant. More fuel for the
tedu fire...)
jasper@ noted the breakage and bisected it down to the diff that broke this
ok jsing@ miod@
