From: Ben Laurie Date: Thu, 7 Jan 1999 00:37:01 +0000 (+0000) Subject: Fix DH key generation. X-Git-Tag: OpenSSL_0_9_2b~269 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=6fa89f94c4452be54577eb071891d77c9e2abe16;p=oweals%2Fopenssl.git Fix DH key generation. Contributed by: Anonymous --- diff --git a/CHANGES b/CHANGES index 2a8877ac3e..882b247ba6 100644 --- a/CHANGES +++ b/CHANGES @@ -5,6 +5,10 @@ Changes between 0.9.1c and 0.9.2 + *) If a DH key is generated in s3_srvr.c, don't blow it by trying to use + NULL pointers. + [Anonymous ] + *) s_server should send the CAfile as acceptable CAs, not its own cert. [Bodo Moeller <3moeller@informatik.uni-hamburg.de>] diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index 4e856b3ce8..09041b2fd9 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -953,13 +953,16 @@ SSL *s; } s->s3->tmp.dh=dh; - if (((dhp->pub_key == NULL) || - (dhp->priv_key == NULL) || - (s->options & SSL_OP_SINGLE_DH_USE)) && - (!DH_generate_key(dh))) + if ((dhp->pub_key == NULL || + dhp->priv_key == NULL || + (s->options & SSL_OP_SINGLE_DH_USE))) { - SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_DH_LIB); - goto err; + if(!DH_generate_key(dh)) + { + SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, + ERR_R_DH_LIB); + goto err; + } } else {