Fix for server-side reporting of curve in wolfSSL_get_curve_name if client_hello includes ffdhe, but ECC curve is used.

2025-07-29 18:27:29 +02:00 · 2020-10-16 11:02:54 -07:00
parent d7dee5d9e6
commit 62dca90e74
1 changed files with 7 additions and 0 deletions
--- a/src/internal.c
+++ b/src/internal.c
@ -29398,6 +29398,13 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
                        ssl->arrays->preMasterSz = private_key->dp->size;

                        ssl->peerEccKeyPresent = 1;
+                        
+                    #if defined(WOLFSSL_TLS13) || defined(HAVE_FFDHE)
+                        /* client_hello may have sent FFEDH2048, which sets namedGroup, 
+                            but that is not being used, so clear it */
+                        /* resolves issue with server side wolfSSL_get_curve_name */
+                        ssl->namedGroup = 0;
+                    #endif
                #endif /* HAVE_ECC */

                        break;