yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-22 17:15:38 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix bug with ssl_set_curves() check on client

Browse Source
This commit is contained in:
Manuel Pégourié-Gonnard 2015-04-03 17:26:50 +02:00
parent 32a7fe3fec
commit 29f777ef54
2 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ChangeLog
View File

@ -39,6 +39,8 @@ Bugfix
* Add missing extern "C" guard in aesni.h (reported by amir zamani). * Add missing extern "C" guard in aesni.h (reported by amir zamani).
* Add missing dependency on SHA-256 in some x509 programs (reported by * Add missing dependency on SHA-256 in some x509 programs (reported by
Gergely Budai). Gergely Budai).
* Fix bug related to ssl_set_curves(): the client didn't check that the
curve picked by the server was actually allowed.
Changes Changes
* Adjusting/overriding CFLAGS and LDFLAGS with the make build syste is now * Adjusting/overriding CFLAGS and LDFLAGS with the make build syste is now

2
library/ssl_cli.c
View File

@ -1479,7 +1479,7 @@ static int ssl_check_server_ecdh_params( const ssl_context *ssl )
SSL_DEBUG_MSG( 2, ( "ECDH curve: %s", curve_info->name ) ); SSL_DEBUG_MSG( 2, ( "ECDH curve: %s", curve_info->name ) );
#if defined(POLARSSL_SSL_ECP_SET_CURVES) #if defined(POLARSSL_SSL_SET_CURVES)
if( ! ssl_curve_is_acceptable( ssl, ssl->handshake->ecdh_ctx.grp.id ) ) if( ! ssl_curve_is_acceptable( ssl, ssl->handshake->ecdh_ctx.grp.id ) )
#else #else
if( ssl->handshake->ecdh_ctx.grp.nbits < 163 || if( ssl->handshake->ecdh_ctx.grp.nbits < 163 ||