Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Already on GitHub? Sign in to your account

TLSv1.{1,2} #4317

wants to merge 4 commits into


None yet
4 participants

ksdlck commented Nov 26, 2012

No description provided.

The commit log should not only explain what changed but also why. If you think it's a bug (which I assume you do), then please add a regression test.


ksdlck replied Nov 27, 2012

As you can see, the only change here is the addition of the EVP_PKEY_RSA == EVP_PKEY_type(pkey->type) clause to the if conditional. This is to work around what I believe to be a bug in OpenSSL, or at least a divergence from their docs. Quoting from http://www.openssl.org/docs/crypto/EVP_PKEY_set1_RSA.html:

EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key in pkey or NULL if the key is not of the correct type.

But the behavior presented was, for non-RSA keys, that the library would simply throw an error for EVP_PKEY_get1_RSA when passed an EC key. I don't really have time to push this upstream right now or write a test for it, but it is effectively a one-line patch if you'd like to try it out.

@ksdlck ksdlck referenced this pull request Nov 28, 2012


Add ECDHE support to TLS #4315

Can one of the admins verify this patch?

I think this pull request can probably be closed after the merger of #5854.


bnoordhuis commented Nov 21, 2013


@bnoordhuis bnoordhuis closed this Nov 21, 2013

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment