Actually comment out the cpuid asm!

[oweals/openssl.git] / ssl / s3_both.c

diff --git a/ssl/s3_both.c b/ssl/s3_both.c
index 153b2bfc78c0b5c9f92bd454a250ad02bf46bb50..a537738f4298971a61304ab130921f81ab6b652a 100644 (file)
--- a/ssl/s3_both.c
+++ b/ssl/s3_both.c
@@ -265,7 +265,7 @@ int ssl3_get_finished(SSL *s, int a, int b)
                goto f_err;
                }
 
-       if (memcmp(p, s->s3->tmp.peer_finish_md, i) != 0)
+       if (CRYPTO_memcmp(p, s->s3->tmp.peer_finish_md, i) != 0)
                {
                al=SSL_AD_DECRYPT_ERROR;
                SSLerr(SSL_F_SSL3_GET_FINISHED,SSL_R_DIGEST_CHECK_FAILED);
@@ -321,13 +321,13 @@ int ssl3_send_change_cipher_spec(SSL *s, int a, int b)
        return(ssl3_do_write(s,SSL3_RT_CHANGE_CIPHER_SPEC));
        }
 
-unsigned long ssl3_output_cert_chain(SSL *s, X509 *x)
+unsigned long ssl3_output_cert_chain(SSL *s, CERT_PKEY *cpk)
        {
        unsigned char *p;
        unsigned long l=7;
        BUF_MEM *buf = s->init_buf;
 
-       if (!ssl_add_cert_chain(s, x, &l))
+       if (!ssl_add_cert_chain(s, cpk, &l))
                return 0;
 
        l-=7;
@@ -524,7 +524,7 @@ int ssl_cert_type(X509 *x, EVP_PKEY *pkey)
                {
                ret = SSL_PKEY_GOST01;
                }
-       else if (x && i == EVP_PKEY_DH)
+       else if (x && (i == EVP_PKEY_DH || i == EVP_PKEY_DHX))
                {
                /* For DH two cases: DH certificate signed with RSA and
                 * DH certificate signed with DSA.