diff options
author | Nick Mathewson <nickm@torproject.org> | 2005-11-14 21:17:38 +0000 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2005-11-14 21:17:38 +0000 |
commit | e022aa73e648f344005f4d62f91dca7f3781ad1f (patch) | |
tree | fb581680f08aed1f10670a0f1965a950ec6570d8 /src/common/tortls.c | |
parent | 027d0ef18ca8456cdfc9e202a5db43b352b2aef2 (diff) | |
download | tor-e022aa73e648f344005f4d62f91dca7f3781ad1f.tar tor-e022aa73e648f344005f4d62f91dca7f3781ad1f.tar.gz |
Hm; looks like the callback business was unnecessary, since DHparams_dup() copies dh->length.
svn:r5372
Diffstat (limited to 'src/common/tortls.c')
-rw-r--r-- | src/common/tortls.c | 20 |
1 files changed, 3 insertions, 17 deletions
diff --git a/src/common/tortls.c b/src/common/tortls.c index e0afa9410..27a54e14d 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -290,21 +290,6 @@ tor_tls_create_certificate(crypto_pk_env_t *rsa, #define CIPHER_LIST SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA #endif -static DH * -dh_callback(SSL *ssl, int is_export, int keylength) -{ - DH *dh; - crypto_dh_env_t *env = crypto_dh_new(); - crypto_dh_generate_public(env); - dh = _crypto_dh_env_get_dh(env); - notice(LD_CRYPTO, "%d references to the DH key?", dh->references); - ++dh->references; - crypto_dh_free(env); - --dh->references; - notice(LD_CRYPTO, "%d references to the DH key!", dh->references); - return dh; -} - /** Create a new TLS context. If we are going to be using it as a * server, it must have isServer set to true, <b>identity</b> set to the * identity key used to sign that certificate, and <b>nickname</b> set to @@ -391,7 +376,9 @@ tor_tls_context_new(crypto_pk_env_t *identity, if (!SSL_CTX_check_private_key(*ctx)) goto error; } - SSL_CTX_set_tmp_dh_callback(*ctx, dh_callback); + dh = crypto_dh_new(); + SSL_CTX_set_tmp_dh(*ctx, _crypto_dh_env_get_dh(dh)); + crypto_dh_free(dh); SSL_CTX_set_verify(*ctx, SSL_VERIFY_PEER, always_accept_verify_cb); /* let us realloc bufs that we're writing from */ @@ -452,7 +439,6 @@ tor_tls_new(int sock, int isServer, int use_no_cert) result->state = TOR_TLS_ST_HANDSHAKE; result->isServer = isServer; result->wantwrite_n = 0; - SSL_set_tmp_dh_callback(result->ssl,dh_callback); /* Not expected to get called. */ tls_log_errors(LOG_WARN, "generating TLS context"); return result; |