diff options
| author | Matt Caswell <matt@openssl.org> | 2018-04-18 12:03:41 +0100 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2018-04-19 08:49:40 +0100 |
| commit | c6c7bb010770cbf7d818d0ef8f5628decaa7e037 (patch) | |
| tree | 1c308fb250b712b818452ff6f7323fa62958b0ee /crypto/dh | |
| parent | 4571b3c8e06dc8d9fba003a3c9b9fb680f1bf223 (diff) | |
Return 0 on a non-matching kdf_type
If we have a non-matching kdf_type then pkey_dh_derive silently succeeds.
It should fail. This is a "should not happen" condition anyway so the
impact is negligible.
Fixes #2440
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6000)
Diffstat (limited to 'crypto/dh')
| -rw-r--r-- | crypto/dh/dh_pmeth.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/crypto/dh/dh_pmeth.c b/crypto/dh/dh_pmeth.c index 6452482c87..926be98e7f 100644 --- a/crypto/dh/dh_pmeth.c +++ b/crypto/dh/dh_pmeth.c @@ -486,7 +486,7 @@ static int pkey_dh_derive(EVP_PKEY_CTX *ctx, unsigned char *key, return ret; } #endif - return 1; + return 0; } const EVP_PKEY_METHOD dh_pkey_meth = { |