提交 6fa89f94 编写于 作者: B Ben Laurie

Fix DH key generation.

Contributed by: Anonymous <nobody@replay.com>
上级 c13d4799
......@@ -5,6 +5,10 @@
Changes between 0.9.1c and 0.9.2
*) If a DH key is generated in s3_srvr.c, don't blow it by trying to use
NULL pointers.
[Anonymous <nobody@replay.com>]
*) s_server should send the CAfile as acceptable CAs, not its own cert.
[Bodo Moeller <3moeller@informatik.uni-hamburg.de>]
......
......@@ -953,13 +953,16 @@ SSL *s;
}
s->s3->tmp.dh=dh;
if (((dhp->pub_key == NULL) ||
(dhp->priv_key == NULL) ||
(s->options & SSL_OP_SINGLE_DH_USE)) &&
(!DH_generate_key(dh)))
if ((dhp->pub_key == NULL ||
dhp->priv_key == NULL ||
(s->options & SSL_OP_SINGLE_DH_USE)))
{
SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_DH_LIB);
goto err;
if(!DH_generate_key(dh))
{
SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
ERR_R_DH_LIB);
goto err;
}
}
else
{
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册