diff options
author | Matt Caswell <matt@openssl.org> | 2015-03-20 15:10:16 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2015-03-23 14:03:39 +0000 |
commit | b79d24101e3b5904b3770d60e32bdd6edc558337 (patch) | |
tree | 04627a2d316c46ffdd8f883d6f78fc156935d9ba /ssl | |
parent | 4fe67498b0d1c0052fabcc46d6de07d7900aa850 (diff) |
Don't check curves that haven't been sent
Don't check that the curve appears in the list of acceptable curves for the
peer, if they didn't send us such a list (RFC 4492 does not require that the
extension be sent).
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/t1_lib.c | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 8b75dba6ad..511223eb94 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -706,6 +706,16 @@ static int tls1_check_ec_key(SSL *s, for (j = 0; j <= 1; j++) { if (!tls1_get_curvelist(s, j, &pcurves, &num_curves)) return 0; + if (j == 1 && num_curves == 0) { + /* + * If we've not received any curves then skip this check. + * RFC 4492 does not require the supported elliptic curves extension + * so if it is not sent we can just choose any curve. + * It is invalid to send an empty list in the elliptic curves + * extension, so num_curves == 0 always means no extension. + */ + break; + } for (i = 0; i < num_curves; i++, pcurves += 2) { if (pcurves[0] == curve_id[0] && pcurves[1] == curve_id[1]) break; |