summaryrefslogtreecommitdiffstats
path: root/ssl/statem/statem_clnt.c
diff options
context:
space:
mode:
Diffstat (limited to 'ssl/statem/statem_clnt.c')
-rw-r--r--ssl/statem/statem_clnt.c18
1 files changed, 5 insertions, 13 deletions
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
index 2da16fd664..302618784c 100644
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -2264,19 +2264,14 @@ psk_err:
#endif
#ifndef OPENSSL_NO_EC
- else if (alg_k & (SSL_kECDHE | SSL_kECDHr | SSL_kECDHe | SSL_kECDHEPSK)) {
+ else if (alg_k & (SSL_kECDHE | SSL_kECDHEPSK)) {
- if (s->s3->peer_tmp != NULL) {
- skey = s->s3->peer_tmp;
- } else {
- /* Get the Server Public Key from Cert */
- skey = X509_get0_pubkey(s->session->peer);
- if ((skey == NULL) || EVP_PKEY_get0_EC_KEY(skey) == NULL) {
- SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE,
+ skey = s->s3->peer_tmp;
+ if ((skey == NULL) || EVP_PKEY_get0_EC_KEY(skey) == NULL) {
+ SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE,
ERR_R_INTERNAL_ERROR);
- goto err;
+ goto err;
}
- }
ckey = ssl_generate_pkey(skey, NID_undef);
@@ -2777,9 +2772,6 @@ int ssl3_check_cert_and_algorithm(SSL *s)
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
SSL_R_MISSING_ECDSA_SIGNING_CERT);
goto f_err;
- } else if (alg_k & (SSL_kECDHr | SSL_kECDHe)) {
- SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, SSL_R_MISSING_ECDH_CERT);
- goto f_err;
}
#endif
pkey = X509_get0_pubkey(s->session->peer);
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-20 12:51:32 +0000