forked from wolfSSL/wolfssl
TLS supported curve extension - validate support fix
Check curve name is in range before checking for disabled
This commit is contained in:
Sean Parkinson
@@ -4268,6 +4268,10 @@ int TLSX_ValidateSupportedCurves(WOLFSSL* ssl, byte first, byte second) {
|
|||||||
curve = curve->next) {
|
curve = curve->next) {
|
||||||
|
|
||||||
#ifdef OPENSSL_EXTRA
|
#ifdef OPENSSL_EXTRA
|
||||||
|
/* skip if name is not in supported ECC range */
|
||||||
|
if (curve->name > WOLFSSL_ECC_X25519)
|
||||||
|
continue;
|
||||||
|
/* skip if curve is disabled by user */
|
||||||
if (ssl->ctx->disabledCurves & (1 << curve->name))
|
if (ssl->ctx->disabledCurves & (1 << curve->name))
|
||||||
continue;
|
continue;
|
||||||
#endif
|
#endif
|
||||||
|
|||||||
Reference in New Issue
Block a user