diff options
author | Antoine Salon <asalon@vmware.com> | 2018-11-06 22:26:49 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2018-11-15 11:53:47 +0100 |
commit | ac48fba036e1764dfa98ed0f0aa932491aa1c4ef (patch) | |
tree | 69085952dab514f475b23546ef71044609d6da39 | |
parent | Making SRP_user_pwd functions public (diff) | |
download | openssl-ac48fba036e1764dfa98ed0f0aa932491aa1c4ef.tar.xz openssl-ac48fba036e1764dfa98ed0f0aa932491aa1c4ef.zip |
Deprecate SSL_set_tmp_ecdh
Signed-off-by: Antoine Salon <asalon@vmware.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7522)
-rw-r--r-- | doc/man3/SSL_CTX_set_tmp_ecdh.pod | 2 | ||||
-rw-r--r-- | include/openssl/ssl.h | 8 |
2 files changed, 7 insertions, 3 deletions
diff --git a/doc/man3/SSL_CTX_set_tmp_ecdh.pod b/doc/man3/SSL_CTX_set_tmp_ecdh.pod index 08e88da312..398fcbfd64 100644 --- a/doc/man3/SSL_CTX_set_tmp_ecdh.pod +++ b/doc/man3/SSL_CTX_set_tmp_ecdh.pod @@ -19,8 +19,10 @@ long SSL_set_ecdh_auto(SSL *ssl, int state); SSL_CTX_set_tmp_ecdh() sets ECDH parameters to be used to be B<ecdh>. The key is inherited by all B<ssl> objects created from B<ctx>. +This macro is deprecated in favor of L<SSL_CTX_set1_groups(3)>. SSL_set_tmp_ecdh() sets the parameters only for B<ssl>. +This macro is deprecated in favor of L<SSL_set1_groups(3)>. SSL_CTX_set_ecdh_auto() and SSL_set_ecdh_auto() are deprecated and have no effect. diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h index cceb2d495a..1e9e8d5721 100644 --- a/include/openssl/ssl.h +++ b/include/openssl/ssl.h @@ -1307,16 +1307,18 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION) SSL_ctrl((ssl),SSL_CTRL_GET_TOTAL_RENEGOTIATIONS,0,NULL) # define SSL_CTX_set_tmp_dh(ctx,dh) \ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH,0,(char *)(dh)) -# define SSL_CTX_set_tmp_ecdh(ctx,ecdh) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_ECDH,0,(char *)(ecdh)) # define SSL_CTX_set_dh_auto(ctx, onoff) \ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_DH_AUTO,onoff,NULL) # define SSL_set_dh_auto(s, onoff) \ SSL_ctrl(s,SSL_CTRL_SET_DH_AUTO,onoff,NULL) # define SSL_set_tmp_dh(ssl,dh) \ SSL_ctrl(ssl,SSL_CTRL_SET_TMP_DH,0,(char *)(dh)) -# define SSL_set_tmp_ecdh(ssl,ecdh) \ +# if OPENSSL_API_COMPAT < 0x10200000L +# define SSL_CTX_set_tmp_ecdh(ctx,ecdh) \ + SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_ECDH,0,(char *)(ecdh)) +# define SSL_set_tmp_ecdh(ssl,ecdh) \ SSL_ctrl(ssl,SSL_CTRL_SET_TMP_ECDH,0,(char *)(ecdh)) +# endif # define SSL_CTX_add_extra_chain_cert(ctx,x509) \ SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)(x509)) # define SSL_CTX_get_extra_chain_certs(ctx,px509) \ |