summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAntoine Salon <asalon@vmware.com>2018-11-06 22:26:49 +0100
committerMatt Caswell <matt@openssl.org>2018-11-15 11:53:47 +0100
commitac48fba036e1764dfa98ed0f0aa932491aa1c4ef (patch)
tree69085952dab514f475b23546ef71044609d6da39
parentMaking SRP_user_pwd functions public (diff)
downloadopenssl-ac48fba036e1764dfa98ed0f0aa932491aa1c4ef.tar.xz
openssl-ac48fba036e1764dfa98ed0f0aa932491aa1c4ef.zip
Deprecate SSL_set_tmp_ecdh
Signed-off-by: Antoine Salon <asalon@vmware.com> Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7522)
-rw-r--r--doc/man3/SSL_CTX_set_tmp_ecdh.pod2
-rw-r--r--include/openssl/ssl.h8
2 files changed, 7 insertions, 3 deletions
diff --git a/doc/man3/SSL_CTX_set_tmp_ecdh.pod b/doc/man3/SSL_CTX_set_tmp_ecdh.pod
index 08e88da312..398fcbfd64 100644
--- a/doc/man3/SSL_CTX_set_tmp_ecdh.pod
+++ b/doc/man3/SSL_CTX_set_tmp_ecdh.pod
@@ -19,8 +19,10 @@ long SSL_set_ecdh_auto(SSL *ssl, int state);
SSL_CTX_set_tmp_ecdh() sets ECDH parameters to be used to be B<ecdh>.
The key is inherited by all B<ssl> objects created from B<ctx>.
+This macro is deprecated in favor of L<SSL_CTX_set1_groups(3)>.
SSL_set_tmp_ecdh() sets the parameters only for B<ssl>.
+This macro is deprecated in favor of L<SSL_set1_groups(3)>.
SSL_CTX_set_ecdh_auto() and SSL_set_ecdh_auto() are deprecated and
have no effect.
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index cceb2d495a..1e9e8d5721 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -1307,16 +1307,18 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
SSL_ctrl((ssl),SSL_CTRL_GET_TOTAL_RENEGOTIATIONS,0,NULL)
# define SSL_CTX_set_tmp_dh(ctx,dh) \
SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH,0,(char *)(dh))
-# define SSL_CTX_set_tmp_ecdh(ctx,ecdh) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_ECDH,0,(char *)(ecdh))
# define SSL_CTX_set_dh_auto(ctx, onoff) \
SSL_CTX_ctrl(ctx,SSL_CTRL_SET_DH_AUTO,onoff,NULL)
# define SSL_set_dh_auto(s, onoff) \
SSL_ctrl(s,SSL_CTRL_SET_DH_AUTO,onoff,NULL)
# define SSL_set_tmp_dh(ssl,dh) \
SSL_ctrl(ssl,SSL_CTRL_SET_TMP_DH,0,(char *)(dh))
-# define SSL_set_tmp_ecdh(ssl,ecdh) \
+# if OPENSSL_API_COMPAT < 0x10200000L
+# define SSL_CTX_set_tmp_ecdh(ctx,ecdh) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_ECDH,0,(char *)(ecdh))
+# define SSL_set_tmp_ecdh(ssl,ecdh) \
SSL_ctrl(ssl,SSL_CTRL_SET_TMP_ECDH,0,(char *)(ecdh))
+# endif
# define SSL_CTX_add_extra_chain_cert(ctx,x509) \
SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)(x509))
# define SSL_CTX_get_extra_chain_certs(ctx,px509) \