Commit 23a9b24a authored by Kurt Roeckx's avatar Kurt Roeckx
Browse files

Don't send a for ServerKeyExchange for kDHr and kDHd 



The certificate already contains the DH parameters in that case.
ssl3_send_server_key_exchange() would fail in that case anyway.

Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
(cherry picked from commit 93f1c136)
parent 5d74b4b4

ssl/d1_srvr.c

+1 −1
Original line number Diff line number Diff line
@@ -470,7 +470,7 @@ int dtls1_accept(SSL *s) 
#ifndef OPENSSL_NO_PSK

                || ((alg_k & SSL_kPSK) && s->ctx->psk_identity_hint)

#endif

                || (alg_k & (SSL_kEDH | SSL_kDHr | SSL_kDHd))

                || (alg_k & SSL_kEDH)

                || (alg_k & SSL_kEECDH)

                || ((alg_k & SSL_kRSA)

                    && (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL