From 8c1298a1d87ad97f60f50c044c12abbba7cd9ebe Mon Sep 17 00:00:00 2001
From: Anthony Hu <anthony@wolfssl.com>
Date: Tue, 24 Jun 2025 09:59:12 -0400
Subject: [PATCH] Check if DH's P and G are set

---
 src/internal.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/src/internal.c b/src/internal.c
index 25cbc6d96..3826cb35c 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -6930,9 +6930,10 @@ int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
     ssl->options.haveRSA          = ctx->haveRSA;
     ssl->options.haveDH           = ctx->haveDH;
 #ifndef NO_CERTS
-    /* Its possible that algorithm parameters were set in the ctx (ie: DH),
-     * recalculate cipher suites. */
-    if (ssl->options.haveDH) {
+    /* Its possible that DH algorithm parameters were set in the ctx, recalc
+     * cipher suites. */
+    if (ssl->options.haveDH && ctx->serverDH_P.buffer != NULL &&
+        ctx->serverDH_G.buffer != NULL) {
         if (ssl->suites == NULL) {
             if (AllocateSuites(ssl) != 0) {
                 return MEMORY_E;