mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-22 19:35:34 +00:00
Fix bug with ssl_set_curves() check on client
This commit is contained in:
parent
a5cc2aa769
commit
07ec1ddd10
|
@ -99,6 +99,8 @@ Bugfix
|
|||
* Add missing extern "C" guard in aesni.h (reported by amir zamani).
|
||||
* Add missing dependency on SHA-256 in some x509 programs (reported by
|
||||
Gergely Budai).
|
||||
* Fix bug related to ssl_set_curves(): the client didn't check that the
|
||||
curve picked by the server was actually allowed.
|
||||
|
||||
Changes
|
||||
* Adjusting/overriding CFLAGS and LDFLAGS with the make build syste is now
|
||||
|
|
|
@ -1673,7 +1673,7 @@ static int ssl_check_server_ecdh_params( const ssl_context *ssl )
|
|||
|
||||
SSL_DEBUG_MSG( 2, ( "ECDH curve: %s", curve_info->name ) );
|
||||
|
||||
#if defined(POLARSSL_SSL_ECP_SET_CURVES)
|
||||
#if defined(POLARSSL_SSL_SET_CURVES)
|
||||
if( ! ssl_curve_is_acceptable( ssl, ssl->handshake->ecdh_ctx.grp.id ) )
|
||||
#else
|
||||
if( ssl->handshake->ecdh_ctx.grp.nbits < 163 ||
|
||||
|
|
Loading…
Reference in a new issue