From e4cf866322a4549c55153f9f135f9dadf4d3fc31 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Wed, 16 Dec 2015 14:45:40 +0000 Subject: [PATCH] fix for no-ec Reviewed-by: Matt Caswell --- ssl/s3_lib.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 465ed1ef65..a61ca625f7 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -4997,15 +4997,21 @@ EVP_PKEY *ssl_generate_pkey(EVP_PKEY *pm, int nid) if (pm != NULL) { pctx = EVP_PKEY_CTX_new(pm, NULL); } else { - /* Generate a new key for this curve */ + /* + * Generate a new key for this curve. + * Should not be called if EC is disabled: if it is it will + * fail with an unknown algorithm error. + */ pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL); } if (pctx == NULL) goto err; if (EVP_PKEY_keygen_init(pctx) <= 0) goto err; +#ifndef OPENSSL_NO_EC if (pm == NULL && EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, nid) <= 0) goto err; +#endif if (EVP_PKEY_keygen(pctx, &pkey) <= 0) { EVP_PKEY_free(pkey); -- 2.25.1