a ssl object needs it's own instance of a ecdh key; remove obsolete comment

author: Nils Larsch <nils@openssl.org> 2005-08-08 19:39:29 +0000
committer: Nils Larsch <nils@openssl.org> 2005-08-08 19:39:29 +0000
commit: cf1546a60e1de07a2d184f1ab9d29202c138b484 (patch)
tree: 75668aca7b57b847e21590ca7ec832f9e3ee1ba1 /ssl/ssl_cert.c
parent: e7eec05af02c2516c4dbedaf48b72c69a92a6d15 (diff)
1 files changed, 6 insertions, 3 deletions
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index 997528e97d..7908dcccdb 100644
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -200,7 +200,6 @@ CERT *ssl_cert_dup(CERT *cert)
 #ifndef OPENSSL_NO_DH
 	if (cert->dh_tmp != NULL)
 		{
-		/* DH parameters don't have a reference count */
 		ret->dh_tmp = DHparams_dup(cert->dh_tmp);
 		if (ret->dh_tmp == NULL)
 			{
@@ -234,8 +233,12 @@ CERT *ssl_cert_dup(CERT *cert)
 #ifndef OPENSSL_NO_ECDH
 	if (cert->ecdh_tmp)
 		{
-		EC_KEY_up_ref(cert->ecdh_tmp);
-		ret->ecdh_tmp = cert->ecdh_tmp;
+		ret->ecdh_tmp = EC_KEY_dup(cert->ecdh_tmp);
+		if (ret->ecdh_tmp == NULL)
+			{
+			SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_EC_LIB);
+			goto err;
+			}
 		}
 	ret->ecdh_tmp_cb = cert->ecdh_tmp_cb;
 #endif
author	Nils Larsch <nils@openssl.org>	2005-08-08 19:39:29 +0000
committer	Nils Larsch <nils@openssl.org>	2005-08-08 19:39:29 +0000
commit	cf1546a60e1de07a2d184f1ab9d29202c138b484 (patch)
tree	75668aca7b57b847e21590ca7ec832f9e3ee1ba1 /ssl/ssl_cert.c
parent	e7eec05af02c2516c4dbedaf48b72c69a92a6d15 (diff)