Small internal changes in curve checking
- switch from is_acceptable to the more usual check - add NULL check just in case user screwed up config
This commit is contained in:
Manuel Pégourié-Gonnard
parent
a83e4e2bf5
commit
9d412d872c
3 changed files with 10 additions and 7 deletions
library
|
|
@ -1684,7 +1684,7 @@ static int ssl_check_server_ecdh_params( const mbedtls_ssl_context *ssl )
|
|||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "ECDH curve: %s", curve_info->name ) );
|
||||
|
||||
#if defined(MBEDTLS_ECP_C)
|
||||
if( ! mbedtls_ssl_curve_is_acceptable( ssl, ssl->handshake->ecdh_ctx.grp.id ) )
|
||||
if( mbedtls_ssl_check_curve( ssl, ssl->handshake->ecdh_ctx.grp.id ) != 0 )
|
||||
#else
|
||||
if( ssl->handshake->ecdh_ctx.grp.nbits < 163 ||
|
||||
ssl->handshake->ecdh_ctx.grp.nbits > 521 )
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue