Commit 9b1c0e00 authored by Antoine Salon's avatar Antoine Salon
Browse files

Fix usage of deprecated SSL_set_tmp_ecdh() 



Signed-off-by: default avatarAntoine Salon <asalon@vmware.com>

Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
Reviewed-by: default avatarRichard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7738)
parent 60322140

ssl/ssl_conf.c

+3 −7
Original line number Diff line number Diff line
@@ -225,7 +225,6 @@ static int cmd_Curves(SSL_CONF_CTX *cctx, const char *value) 
static int cmd_ECDHParameters(SSL_CONF_CTX *cctx, const char *value)

{

    int rv = 1;

    EC_KEY *ecdh;

    int nid;



    /* Ignore values supported by 1.0.2 for the automatic selection */
@@ -242,14 +241,11 @@ static int cmd_ECDHParameters(SSL_CONF_CTX *cctx, const char *value) 
        nid = OBJ_sn2nid(value);

    if (nid == 0)

        return 0;

    ecdh = EC_KEY_new_by_curve_name(nid);

    if (!ecdh)

        return 0;



    if (cctx->ctx)

        rv = SSL_CTX_set_tmp_ecdh(cctx->ctx, ecdh);

        rv = SSL_CTX_set1_groups(cctx->ctx, &nid, 1);

    else if (cctx->ssl)

        rv = SSL_set_tmp_ecdh(cctx->ssl, ecdh);

    EC_KEY_free(ecdh);

        rv = SSL_set1_groups(cctx->ssl, &nid, 1);



    return rv > 0;

}