mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-22 17:05:36 +01:00
Fix bug with ssl_set_curves() check on client
This commit is contained in:
parent
a5cc2aa769
commit
07ec1ddd10
@ -99,6 +99,8 @@ Bugfix
|
|||||||
* Add missing extern "C" guard in aesni.h (reported by amir zamani).
|
* Add missing extern "C" guard in aesni.h (reported by amir zamani).
|
||||||
* Add missing dependency on SHA-256 in some x509 programs (reported by
|
* Add missing dependency on SHA-256 in some x509 programs (reported by
|
||||||
Gergely Budai).
|
Gergely Budai).
|
||||||
|
* Fix bug related to ssl_set_curves(): the client didn't check that the
|
||||||
|
curve picked by the server was actually allowed.
|
||||||
|
|
||||||
Changes
|
Changes
|
||||||
* Adjusting/overriding CFLAGS and LDFLAGS with the make build syste is now
|
* Adjusting/overriding CFLAGS and LDFLAGS with the make build syste is now
|
||||||
|
@ -1673,7 +1673,7 @@ static int ssl_check_server_ecdh_params( const ssl_context *ssl )
|
|||||||
|
|
||||||
SSL_DEBUG_MSG( 2, ( "ECDH curve: %s", curve_info->name ) );
|
SSL_DEBUG_MSG( 2, ( "ECDH curve: %s", curve_info->name ) );
|
||||||
|
|
||||||
#if defined(POLARSSL_SSL_ECP_SET_CURVES)
|
#if defined(POLARSSL_SSL_SET_CURVES)
|
||||||
if( ! ssl_curve_is_acceptable( ssl, ssl->handshake->ecdh_ctx.grp.id ) )
|
if( ! ssl_curve_is_acceptable( ssl, ssl->handshake->ecdh_ctx.grp.id ) )
|
||||||
#else
|
#else
|
||||||
if( ssl->handshake->ecdh_ctx.grp.nbits < 163 ||
|
if( ssl->handshake->ecdh_ctx.grp.nbits < 163 ||
|
||||||
|
Loading…
Reference in New Issue
Block a user