WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Revert change from PR #1845 commit 24f9f12844. This ensure the ephemeral key is P-256 or the overridden value determined by `wolfSSL_CTX_SetTmpEC_DHE_Sz` and `wolfSSL_SetTmpEC_DHE_Sz`. This restores previous behavior from last release.

pull/1892/head
David Garske 2018-10-24 09:48:03 -07:00
parent 0eb115e7a1
commit c4d6f886b7
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/tls.c
View File

@ -4021,7 +4021,8 @@ int TLSX_ValidateSupportedCurves(WOLFSSL* ssl, byte first, byte second) {
defSz = octets;
}
if (currOid == 0 && ssl->eccTempKeySz <= octets)
/* The eccTempKeySz is the preferred ephemeral key size */
if (currOid == 0 && ssl->eccTempKeySz == octets)
currOid = oid;
if ((nextOid == 0 || nextSz > octets) && ssl->eccTempKeySz <= octets) {
nextOid = oid;