Fix SSL_OP_SINGLE_ECDH_USE

Don't require a public key in tls1_set_ec_id if compression status is not needed. This fixes a bug where SSL_OP_SINGLE_ECDH_USE wouldn't work.
author: Piotr Sikora <piotr@cloudflare.com> 2013-11-01 21:35:46 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2013-11-01 21:37:46 +0000
commit: 5ff68e8f6dac3b0d8997b8bc379f9111c2bab74f (patch)
tree: d0962806de9f96fc9108758e3a8065dee27d9373 /ssl
parent: f14a4a861d2d221ed565a75441a218f85b8db530 (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index dbd02e2f3f..65e997f716 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -590,14 +590,12 @@ static int tls1_set_ec_id(unsigned char *curve_id, unsigned char *comp_id,
 	{
 	int is_prime, id;
 	const EC_GROUP *grp;
-	const EC_POINT *pt;
 	const EC_METHOD *meth;
 	if (!ec)
 		return 0;
 	/* Determine if it is a prime field */
 	grp = EC_KEY_get0_group(ec);
-        pt = EC_KEY_get0_public_key(ec);
-	if (!grp || !pt)
+	if (!grp)
 		return 0;
         meth = EC_GROUP_method_of(grp);
 	if (!meth)
@@ -625,6 +623,8 @@ static int tls1_set_ec_id(unsigned char *curve_id, unsigned char *comp_id,
 		}
 	if (comp_id)
 		{
+        	if (EC_KEY_get0_public_key(ec) == NULL)
+			return 0;
 		if (EC_KEY_get_conv_form(ec) == POINT_CONVERSION_COMPRESSED)
 			{
 			if (is_prime)
author	Piotr Sikora <piotr@cloudflare.com>	2013-11-01 21:35:46 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2013-11-01 21:37:46 +0000
commit	5ff68e8f6dac3b0d8997b8bc379f9111c2bab74f (patch)
tree	d0962806de9f96fc9108758e3a8065dee27d9373 /ssl
parent	f14a4a861d2d221ed565a75441a218f85b8db530 (diff)