From: Antoine Salon <asalon@vmware.com>
Date: Sat, 1 Dec 2018 00:50:29 +0000 (-0800)
Subject: Fix usage of deprecated SSL_set_tmp_ecdh()
X-Git-Tag: openssl-3.0.0-alpha1~2856
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=9b1c0e006b9e7fde14b6719b40853e5c3557ec98;p=oweals%2Fopenssl.git

Fix usage of deprecated SSL_set_tmp_ecdh()

Signed-off-by: Antoine Salon <asalon@vmware.com>

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7738)
---

diff --git a/ssl/ssl_conf.c b/ssl/ssl_conf.c
index 9c202708d7..57f837d9be 100644
--- a/ssl/ssl_conf.c
+++ b/ssl/ssl_conf.c
@@ -225,7 +225,6 @@ static int cmd_Curves(SSL_CONF_CTX *cctx, const char *value)
 static int cmd_ECDHParameters(SSL_CONF_CTX *cctx, const char *value)
 {
     int rv = 1;
-    EC_KEY *ecdh;
     int nid;
 
     /* Ignore values supported by 1.0.2 for the automatic selection */
@@ -242,14 +241,11 @@ static int cmd_ECDHParameters(SSL_CONF_CTX *cctx, const char *value)
         nid = OBJ_sn2nid(value);
     if (nid == 0)
         return 0;
-    ecdh = EC_KEY_new_by_curve_name(nid);
-    if (!ecdh)
-        return 0;
+
     if (cctx->ctx)
-        rv = SSL_CTX_set_tmp_ecdh(cctx->ctx, ecdh);
+        rv = SSL_CTX_set1_groups(cctx->ctx, &nid, 1);
     else if (cctx->ssl)
-        rv = SSL_set_tmp_ecdh(cctx->ssl, ecdh);
-    EC_KEY_free(ecdh);
+        rv = SSL_set1_groups(cctx->ssl, &nid, 1);
 
     return rv > 0;
 }