diff options
Diffstat (limited to 'ssl/statem/statem_clnt.c')
-rw-r--r-- | ssl/statem/statem_clnt.c | 18 |
1 files changed, 5 insertions, 13 deletions
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index 2da16fd..3026187 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -2264,19 +2264,14 @@ psk_err: #endif #ifndef OPENSSL_NO_EC - else if (alg_k & (SSL_kECDHE | SSL_kECDHr | SSL_kECDHe | SSL_kECDHEPSK)) { + else if (alg_k & (SSL_kECDHE | SSL_kECDHEPSK)) { - if (s->s3->peer_tmp != NULL) { - skey = s->s3->peer_tmp; - } else { - /* Get the Server Public Key from Cert */ - skey = X509_get0_pubkey(s->session->peer); - if ((skey == NULL) || EVP_PKEY_get0_EC_KEY(skey) == NULL) { - SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE, + skey = s->s3->peer_tmp; + if ((skey == NULL) || EVP_PKEY_get0_EC_KEY(skey) == NULL) { + SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR); - goto err; + goto err; } - } ckey = ssl_generate_pkey(skey, NID_undef); @@ -2777,9 +2772,6 @@ int ssl3_check_cert_and_algorithm(SSL *s) SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, SSL_R_MISSING_ECDSA_SIGNING_CERT); goto f_err; - } else if (alg_k & (SSL_kECDHr | SSL_kECDHe)) { - SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, SSL_R_MISSING_ECDH_CERT); - goto f_err; } #endif pkey = X509_get0_pubkey(s->session->peer); |