[or-cvs] Hm; looks like the callback business was unnecessary, since...
Nick Mathewson
nickm at seul.org
Mon Nov 14 21:17:40 UTC 2005
Update of /home/or/cvsroot/tor/src/common
In directory moria:/tmp/cvs-serv21306/common
Modified Files:
tortls.c
Log Message:
Hm; looks like the callback business was unnecessary, since DHparams_dup() copies dh->length.
Index: tortls.c
===================================================================
RCS file: /home/or/cvsroot/tor/src/common/tortls.c,v
retrieving revision 1.111
retrieving revision 1.112
diff -u -d -r1.111 -r1.112
--- tortls.c 14 Nov 2005 19:20:47 -0000 1.111
+++ tortls.c 14 Nov 2005 21:17:38 -0000 1.112
@@ -290,21 +290,6 @@
#define CIPHER_LIST SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA
#endif
-static DH *
-dh_callback(SSL *ssl, int is_export, int keylength)
-{
- DH *dh;
- crypto_dh_env_t *env = crypto_dh_new();
- crypto_dh_generate_public(env);
- dh = _crypto_dh_env_get_dh(env);
- notice(LD_CRYPTO, "%d references to the DH key?", dh->references);
- ++dh->references;
- crypto_dh_free(env);
- --dh->references;
- notice(LD_CRYPTO, "%d references to the DH key!", dh->references);
- return dh;
-}
-
/** Create a new TLS context. If we are going to be using it as a
* server, it must have isServer set to true, <b>identity</b> set to the
* identity key used to sign that certificate, and <b>nickname</b> set to
@@ -391,7 +376,9 @@
if (!SSL_CTX_check_private_key(*ctx))
goto error;
}
- SSL_CTX_set_tmp_dh_callback(*ctx, dh_callback);
+ dh = crypto_dh_new();
+ SSL_CTX_set_tmp_dh(*ctx, _crypto_dh_env_get_dh(dh));
+ crypto_dh_free(dh);
SSL_CTX_set_verify(*ctx, SSL_VERIFY_PEER,
always_accept_verify_cb);
/* let us realloc bufs that we're writing from */
@@ -452,7 +439,6 @@
result->state = TOR_TLS_ST_HANDSHAKE;
result->isServer = isServer;
result->wantwrite_n = 0;
- SSL_set_tmp_dh_callback(result->ssl,dh_callback);
/* Not expected to get called. */
tls_log_errors(LOG_WARN, "generating TLS context");
return result;
More information about the tor-commits
mailing list