summaryrefslogtreecommitdiffstats
path: root/ssl
diff options
context:
space:
mode:
authorAntoine Salon <asalon@vmware.com>2018-12-01 01:50:29 +0100
committerAntoine Salon <asalon@vmware.com>2018-12-01 01:50:29 +0100
commit9b1c0e006b9e7fde14b6719b40853e5c3557ec98 (patch)
tree8762a72b7bec8a7dd66328052219e0f9c1aca05e /ssl
parentrsa/rsa_ssl.c: make RSA_padding_check_SSLv23 constant-time. (diff)
downloadopenssl-9b1c0e006b9e7fde14b6719b40853e5c3557ec98.tar.xz
openssl-9b1c0e006b9e7fde14b6719b40853e5c3557ec98.zip
Fix usage of deprecated SSL_set_tmp_ecdh()
Signed-off-by: Antoine Salon <asalon@vmware.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7738)
Diffstat (limited to 'ssl')
-rw-r--r--ssl/ssl_conf.c10
1 files changed, 3 insertions, 7 deletions
diff --git a/ssl/ssl_conf.c b/ssl/ssl_conf.c
index 9c202708d7..57f837d9be 100644
--- a/ssl/ssl_conf.c
+++ b/ssl/ssl_conf.c
@@ -225,7 +225,6 @@ static int cmd_Curves(SSL_CONF_CTX *cctx, const char *value)
static int cmd_ECDHParameters(SSL_CONF_CTX *cctx, const char *value)
{
int rv = 1;
- EC_KEY *ecdh;
int nid;
/* Ignore values supported by 1.0.2 for the automatic selection */
@@ -242,14 +241,11 @@ static int cmd_ECDHParameters(SSL_CONF_CTX *cctx, const char *value)
nid = OBJ_sn2nid(value);
if (nid == 0)
return 0;
- ecdh = EC_KEY_new_by_curve_name(nid);
- if (!ecdh)
- return 0;
+
if (cctx->ctx)
- rv = SSL_CTX_set_tmp_ecdh(cctx->ctx, ecdh);
+ rv = SSL_CTX_set1_groups(cctx->ctx, &nid, 1);
else if (cctx->ssl)
- rv = SSL_set_tmp_ecdh(cctx->ssl, ecdh);
- EC_KEY_free(ecdh);
+ rv = SSL_set1_groups(cctx->ssl, &nid, 1);
return rv > 0;
}