From 5ff68e8f6dac3b0d8997b8bc379f9111c2bab74f Mon Sep 17 00:00:00 2001 From: Piotr Sikora Date: Fri, 1 Nov 2013 21:35:46 +0000 Subject: [PATCH] Fix SSL_OP_SINGLE_ECDH_USE Don't require a public key in tls1_set_ec_id if compression status is not needed. This fixes a bug where SSL_OP_SINGLE_ECDH_USE wouldn't work. --- ssl/t1_lib.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index dbd02e2f3f..65e997f716 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -590,14 +590,12 @@ static int tls1_set_ec_id(unsigned char *curve_id, unsigned char *comp_id, { int is_prime, id; const EC_GROUP *grp; - const EC_POINT *pt; const EC_METHOD *meth; if (!ec) return 0; /* Determine if it is a prime field */ grp = EC_KEY_get0_group(ec); - pt = EC_KEY_get0_public_key(ec); - if (!grp || !pt) + if (!grp) return 0; meth = EC_GROUP_method_of(grp); if (!meth) @@ -625,6 +623,8 @@ static int tls1_set_ec_id(unsigned char *curve_id, unsigned char *comp_id, } if (comp_id) { + if (EC_KEY_get0_public_key(ec) == NULL) + return 0; if (EC_KEY_get_conv_form(ec) == POINT_CONVERSION_COMPRESSED) { if (is_prime)