diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2015-12-17 02:57:20 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2015-12-23 22:26:31 +0000 |
commit | ffaef3f1526ed87a46f82fa4924d5b08f2a2e631 (patch) | |
tree | d06a2a17643a20f35169253104528b6c2b377d0b /ssl/statem | |
parent | d938e8dfee16e6bb5427eac7bda32337634ce130 (diff) |
Always generate DH keys for ephemeral DH cipher suites.
Reviewed-by: Matt Caswell <matt@openssl.org>
Diffstat (limited to 'ssl/statem')
-rw-r--r-- | ssl/statem/statem_srvr.c | 17 |
1 files changed, 3 insertions, 14 deletions
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index b8b18b74e9..abdff176f7 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -1800,20 +1800,9 @@ int tls_construct_server_key_exchange(SSL *s) } s->s3->tmp.dh = dh; - if ((dhp->pub_key == NULL || - dhp->priv_key == NULL || - (s->options & SSL_OP_SINGLE_DH_USE))) { - if (!DH_generate_key(dh)) { - SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE, ERR_R_DH_LIB); - goto err; - } - } else { - dh->pub_key = BN_dup(dhp->pub_key); - dh->priv_key = BN_dup(dhp->priv_key); - if ((dh->pub_key == NULL) || (dh->priv_key == NULL)) { - SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE, ERR_R_DH_LIB); - goto err; - } + if (!DH_generate_key(dh)) { + SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE, ERR_R_DH_LIB); + goto err; } r[0] = dh->p; r[1] = dh->g; |