summaryrefslogtreecommitdiff
path: root/ext/openssl/ossl_ssl.c
diff options
context:
space:
mode:
authortenderlove <tenderlove@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2015-07-25 22:51:20 +0000
committertenderlove <tenderlove@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2015-07-25 22:51:20 +0000
commitd9fcc9ba5e3a8f3eac6a2e06ba8477b0a648c492 (patch)
treecf79ceda20e68efa4af18317cdf0a2ec8acebb56 /ext/openssl/ossl_ssl.c
parentab9cd02f256ac9206299b91062f6decef3f1cc69 (diff)
* ext/openssl/lib/openssl/ssl.rb (module OpenSSL): move the default
tmp_dh_callback Ruby code and set it as a default in `initialize`. * ext/openssl/ossl_pkey_dh.c (static unsigned char DEFAULT_DH_512_GEN): move this constant to Ruby. * ext/openssl/ossl_pkey_dh.c (static unsigned char DEFAULT_DH_1024_GEN): ditto * ext/openssl/ossl_pkey_dh.c (Init_ossl_dh): ditto * ext/openssl/ossl_ssl.c (ossl_tmp_dh_callback): ditto * ext/openssl/ossl_ssl.c (ossl_sslctx_setup): tmp_dh_callback should always be set, so we can remove this conditional git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@51380 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'ext/openssl/ossl_ssl.c')
-rw-r--r--ext/openssl/ossl_ssl.c21
1 files changed, 1 insertions, 20 deletions
diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c
index 205b196647..3e756eae5f 100644
--- a/ext/openssl/ossl_ssl.c
+++ b/ext/openssl/ossl_ssl.c
@@ -283,20 +283,6 @@ ossl_tmp_dh_callback(SSL *ssl, int is_export, int keylength)
return GetPKeyPtr(ossl_ssl_get_tmp_dh(args[0]))->pkey.dh;
}
-
-static DH*
-ossl_default_tmp_dh_callback(SSL *ssl, int is_export, int keylength)
-{
- rb_warning("using default DH parameters.");
-
- switch(keylength){
- case 512:
- return OSSL_DEFAULT_DH_512;
- case 1024:
- return OSSL_DEFAULT_DH_1024;
- }
- return NULL;
-}
#endif /* OPENSSL_NO_DH */
#if !defined(OPENSSL_NO_EC)
@@ -708,12 +694,7 @@ ossl_sslctx_setup(VALUE self)
GetSSLCTX(self, ctx);
#if !defined(OPENSSL_NO_DH)
- if (RTEST(ossl_sslctx_get_tmp_dh_cb(self))){
- SSL_CTX_set_tmp_dh_callback(ctx, ossl_tmp_dh_callback);
- }
- else{
- SSL_CTX_set_tmp_dh_callback(ctx, ossl_default_tmp_dh_callback);
- }
+ SSL_CTX_set_tmp_dh_callback(ctx, ossl_tmp_dh_callback);
#endif
#if !defined(OPENSSL_NO_EC)