a ssl object needs it's own instance of a ecdh key; remove obsolete comment (eba63ef5) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

ssl/s3_lib.c

+3 −3

Original line number	Diff line number	Diff line
		@@ -1797,12 +1797,12 @@ long ssl3_ctx_ctrl(SSL_CTX ctx, int cmd, long larg, void parg)
		SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_ECDH_LIB);
		return 0;
		}
		if (!EC_KEY_up_ref((EC_KEY *)parg))
		ecdh = EC_KEY_dup((EC_KEY *)parg);
		if (ecdh == NULL)
		{
		SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_ECDH_LIB);
		SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_EC_LIB);
		return 0;
		}
		ecdh = (EC_KEY *)parg;
		if (!(ctx->options & SSL_OP_SINGLE_ECDH_USE))
		{
		if (!EC_KEY_generate_key(ecdh))

+6 −3

Original line number	Diff line number	Diff line
		@@ -200,7 +200,6 @@ CERT ssl_cert_dup(CERT cert)
		#ifndef OPENSSL_NO_DH
		if (cert->dh_tmp != NULL)
		{
		/* DH parameters don't have a reference count */
		ret->dh_tmp = DHparams_dup(cert->dh_tmp);
		if (ret->dh_tmp == NULL)
		{
		@@ -234,8 +233,12 @@ CERT ssl_cert_dup(CERT cert)
		#ifndef OPENSSL_NO_ECDH
		if (cert->ecdh_tmp)
		{
		EC_KEY_up_ref(cert->ecdh_tmp);
		ret->ecdh_tmp = cert->ecdh_tmp;
		ret->ecdh_tmp = EC_KEY_dup(cert->ecdh_tmp);
		if (ret->ecdh_tmp == NULL)
		{
		SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_EC_LIB);
		goto err;
		}
		}
		ret->ecdh_tmp_cb = cert->ecdh_tmp_cb;
		#endif