From 8645e9754e190ccd4032a2596fdd43ca3376548e Mon Sep 17 00:00:00 2001 From: David Garske Date: Fri, 6 Nov 2020 15:35:33 -0800 Subject: [PATCH] Only set `ssl->ecdhCurveOID` if not already populated. --- src/internal.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/src/internal.c b/src/internal.c index d1b42bb62..414477d06 100644 --- a/src/internal.c +++ b/src/internal.c @@ -11515,8 +11515,8 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx, WOLFSSL_MSG("Peer ECC key is too small"); } - /* populate curve oid */ - if (ssl->options.side == WOLFSSL_CLIENT_END) + /* populate curve oid - if missing */ + if (ssl->options.side == WOLFSSL_CLIENT_END && ssl->ecdhCurveOID == 0) ssl->ecdhCurveOID = args->dCert->pkCurveOID; break; } @@ -11569,8 +11569,8 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx, WOLFSSL_MSG("Peer ECC key is too small"); } - /* populate curve oid */ - if (ssl->options.side == WOLFSSL_CLIENT_END) + /* populate curve oid - if missing */ + if (ssl->options.side == WOLFSSL_CLIENT_END && ssl->ecdhCurveOID == 0) ssl->ecdhCurveOID = ECC_X25519_OID; break; } @@ -11622,8 +11622,8 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx, WOLFSSL_MSG("Peer ECC key is too small"); } - /* populate curve oid */ - if (ssl->options.side == WOLFSSL_CLIENT_END) + /* populate curve oid - if missing */ + if (ssl->options.side == WOLFSSL_CLIENT_END && ssl->ecdhCurveOID == 0) ssl->ecdhCurveOID = ECC_X448_OID; break; }