diff options
author | Antoine Salon <asalon@vmware.com> | 2018-12-01 01:50:29 +0100 |
---|---|---|
committer | Antoine Salon <asalon@vmware.com> | 2018-12-01 01:50:29 +0100 |
commit | 9b1c0e006b9e7fde14b6719b40853e5c3557ec98 (patch) | |
tree | 8762a72b7bec8a7dd66328052219e0f9c1aca05e | |
parent | rsa/rsa_ssl.c: make RSA_padding_check_SSLv23 constant-time. (diff) | |
download | openssl-9b1c0e006b9e7fde14b6719b40853e5c3557ec98.tar.xz openssl-9b1c0e006b9e7fde14b6719b40853e5c3557ec98.zip |
Fix usage of deprecated SSL_set_tmp_ecdh()
Signed-off-by: Antoine Salon <asalon@vmware.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7738)
-rw-r--r-- | ssl/ssl_conf.c | 10 |
1 files changed, 3 insertions, 7 deletions
diff --git a/ssl/ssl_conf.c b/ssl/ssl_conf.c index 9c202708d7..57f837d9be 100644 --- a/ssl/ssl_conf.c +++ b/ssl/ssl_conf.c @@ -225,7 +225,6 @@ static int cmd_Curves(SSL_CONF_CTX *cctx, const char *value) static int cmd_ECDHParameters(SSL_CONF_CTX *cctx, const char *value) { int rv = 1; - EC_KEY *ecdh; int nid; /* Ignore values supported by 1.0.2 for the automatic selection */ @@ -242,14 +241,11 @@ static int cmd_ECDHParameters(SSL_CONF_CTX *cctx, const char *value) nid = OBJ_sn2nid(value); if (nid == 0) return 0; - ecdh = EC_KEY_new_by_curve_name(nid); - if (!ecdh) - return 0; + if (cctx->ctx) - rv = SSL_CTX_set_tmp_ecdh(cctx->ctx, ecdh); + rv = SSL_CTX_set1_groups(cctx->ctx, &nid, 1); else if (cctx->ssl) - rv = SSL_set_tmp_ecdh(cctx->ssl, ecdh); - EC_KEY_free(ecdh); + rv = SSL_set1_groups(cctx->ssl, &nid, 1); return rv > 0; } |