a ssl object needs it's own instance of a ecdh key; remove obsolete comment
authorNils Larsch <nils@openssl.org>
Mon, 8 Aug 2005 19:39:29 +0000 (19:39 +0000)
committerNils Larsch <nils@openssl.org>
Mon, 8 Aug 2005 19:39:29 +0000 (19:39 +0000)
ssl/s3_lib.c
ssl/ssl_cert.c

index a1a32dbdd58515e2d48698895a4ab4fa1c4ef559..b531986f059d885bdf44ed7a807b7fbacaa69fdc 100644 (file)
@@ -1805,12 +1805,12 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
                        SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_ECDH_LIB);
                        return 0;
                        }
-               if (!EC_KEY_up_ref((EC_KEY *)parg))
+               ecdh = EC_KEY_dup((EC_KEY *)parg);
+               if (ecdh == NULL)
                        {
-                       SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_ECDH_LIB);
+                       SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_EC_LIB);
                        return 0;
                        }
-               ecdh = (EC_KEY *)parg;
                if (!(ctx->options & SSL_OP_SINGLE_ECDH_USE))
                        {
                        if (!EC_KEY_generate_key(ecdh))
index 997528e97dfa80e5a1d399a39ad4f60d17a43b36..7908dcccdb8a8d0552059f4f802537a30cc1ecff 100644 (file)
@@ -200,7 +200,6 @@ CERT *ssl_cert_dup(CERT *cert)
 #ifndef OPENSSL_NO_DH
        if (cert->dh_tmp != NULL)
                {
-               /* DH parameters don't have a reference count */
                ret->dh_tmp = DHparams_dup(cert->dh_tmp);
                if (ret->dh_tmp == NULL)
                        {
@@ -234,8 +233,12 @@ CERT *ssl_cert_dup(CERT *cert)
 #ifndef OPENSSL_NO_ECDH
        if (cert->ecdh_tmp)
                {
-               EC_KEY_up_ref(cert->ecdh_tmp);
-               ret->ecdh_tmp = cert->ecdh_tmp;
+               ret->ecdh_tmp = EC_KEY_dup(cert->ecdh_tmp);
+               if (ret->ecdh_tmp == NULL)
+                       {
+                       SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_EC_LIB);
+                       goto err;
+                       }
                }
        ret->ecdh_tmp_cb = cert->ecdh_tmp_cb;
 #endif