Fix SSL_OP_SINGLE_ECDH_USE

Don't require a public key in tls1_set_ec_id if compression status is not needed. This fixes a bug where SSL_OP_SINGLE_ECDH_USE wouldn't work. (cherry picked from commit 5ff68e8f6dac3b0d8997b8bc379f9111c2bab74f)

Fix SSL_OP_SINGLE_ECDH_USE
Don't require a public key in tls1_set_ec_id if compression status is not needed. This fixes a bug where SSL_OP_SINGLE_ECDH_USE wouldn't work. (cherry picked from commit 5ff68e8f6dac3b0d8997b8bc379f9111c2bab74f)
29b490a4 · Piotr Sikora · Dr. Stephen Henson · a9bc1af9 · 29b490a4
隐藏空白更改
内联并排

Showing with 3 addition and 3 deletion

ssl/t1_lib.c ssl/t1_lib.c +3 -3

未找到文件。
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -590,14 +590,12 @@ static int tls1_set_ec_id(unsigned char *curve_id, unsigned char *comp_id,
 	{
 	int is_prime, id;
 	const EC_GROUP *grp;
-	const EC_POINT *pt;
 	const EC_METHOD *meth;
 	if (!ec)
 		return 0;
 	/* Determine if it is a prime field */
 	grp = EC_KEY_get0_group(ec);
-        pt = EC_KEY_get0_public_key(ec);
+	if (!grp)
-	if (!grp || !pt)
 		return 0;
        meth = EC_GROUP_method_of(grp);
 	if (!meth)
@@ -625,6 +623,8 @@ static int tls1_set_ec_id(unsigned char *curve_id, unsigned char *comp_id,
 		}
 	if (comp_id)
 		{
+        	if (EC_KEY_get0_public_key(ec) == NULL)
+			return 0;
 		if (EC_KEY_get_conv_form(ec) == POINT_CONVERSION_COMPRESSED)
 			{
 			if (is_prime)