From a033c9a2e8b1c9e5719a27ad3cadc66a866ef2c1 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Mon, 20 Apr 2020 14:05:23 +0100 Subject: [PATCH] Fix some build failures with no-dh Add some missing OPENSSL_NO_DH guards. Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/11582) --- crypto/ffc/ffc_backend.c | 6 ++++++ crypto/ffc/ffc_params.c | 5 +++++ .../implementations/serializers/serializer_ffc_params.c | 5 +++++ 3 files changed, 16 insertions(+) diff --git a/crypto/ffc/ffc_backend.c b/crypto/ffc/ffc_backend.c index d3661b1706..d9b3e2e8af 100644 --- a/crypto/ffc/ffc_backend.c +++ b/crypto/ffc/ffc_backend.c @@ -31,7 +31,13 @@ int ffc_params_fromdata(FFC_PARAMS *ffc, const OSSL_PARAM params[]) if (prm != NULL) { if (prm->data_type != OSSL_PARAM_UTF8_STRING) goto err; +#ifndef OPENSSL_NO_DH + /* + * In a no-dh build we just go straight to err because we have no + * support for this. + */ if (!ffc_set_group_pqg(ffc, prm->data)) +#endif goto err; } diff --git a/crypto/ffc/ffc_params.c b/crypto/ffc/ffc_params.c index 89550bedec..63a8bb73b4 100644 --- a/crypto/ffc/ffc_params.c +++ b/crypto/ffc/ffc_params.c @@ -215,6 +215,7 @@ int ffc_params_todata(const FFC_PARAMS *ffc, OSSL_PARAM_BLD *bld, ffc->seed, ffc->seedlen)) return 0; if (ffc->nid != NID_undef) { +#ifndef OPENSSL_NO_DH const char *name = ffc_named_group_from_uid(ffc->nid); if (name == NULL @@ -222,6 +223,10 @@ int ffc_params_todata(const FFC_PARAMS *ffc, OSSL_PARAM_BLD *bld, OSSL_PKEY_PARAM_FFC_GROUP, name)) return 0; +#else + /* How could this be? We should not have a nid in a no-dh build. */ + return 0; +#endif } return 1; } diff --git a/providers/implementations/serializers/serializer_ffc_params.c b/providers/implementations/serializers/serializer_ffc_params.c index 20cf4b3d24..98c9886ce9 100644 --- a/providers/implementations/serializers/serializer_ffc_params.c +++ b/providers/implementations/serializers/serializer_ffc_params.c @@ -15,6 +15,7 @@ int ffc_params_prov_print(BIO *out, const FFC_PARAMS *ffc) { if (ffc->nid != NID_undef) { +#ifndef OPENSSL_NO_DH const char *name = ffc_named_group_from_uid(ffc->nid); if (name == NULL) @@ -22,6 +23,10 @@ int ffc_params_prov_print(BIO *out, const FFC_PARAMS *ffc) if (ossl_prov_bio_printf(out, "GROUP: %s\n", name) <= 0) goto err; return 1; +#else + /* How could this be? We should not have a nid in a no-dh build. */ + goto err; +#endif } if (!ossl_prov_print_labeled_bignum(out, "P: ", ffc->p)) -- 2.25.1