Commit
Fixes #3490 Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from #3518)
- Loading branch information
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -227,6 +227,14 @@ static int cmd_ECDHParameters(SSL_CONF_CTX *cctx, const char *value) | |
EC_KEY *ecdh; | ||
int nid; | ||
|
||
/* Ignore values supported by 1.0.2 for the automatic selection */ | ||
if ((cctx->flags & SSL_CONF_FLAG_FILE) && | ||
strcasecmp(value, "+automatic") == 0) | ||
This comment has been minimized.
Sorry, something went wrong.
This comment has been minimized.
Sorry, something went wrong.
richsalz
Contributor
|
||
return 1; | ||
if ((cctx->flags & SSL_CONF_FLAG_CMDLINE) && | ||
strcmp(value, "auto") == 0) | ||
return 1; | ||
|
||
nid = EC_curve_nist2nid(value); | ||
if (nid == NID_undef) | ||
nid = OBJ_sn2nid(value); | ||
|
Comparing to "+automatic" is problematic. Documentation states that ECDHParameters accepts a special value "Automatic", and openssl-1.0.2 checked using
strcasecmp(value, "automatic")