From: Olivier W <[email protected]>
Signed-off-by: O2 Graphics <[email protected]>
---
src/openvpn/ssl_openssl.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c
index a889332..abf69c9 100644
--- a/src/openvpn/ssl_openssl.c
+++ b/src/openvpn/ssl_openssl.c
@@ -508,6 +508,10 @@ tls_ctx_load_ecdh_params(struct tls_root_ctx *ctx, const
char *curve_name
const EC_GROUP *ecgrp = NULL;
EVP_PKEY *pkey = NULL;
+#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
+ pkey = SSL_CTX_get0_privatekey(ctx->ctx);
+#else
+ /* Little hack to get private key ref from SSL_CTX, yay OpenSSL... */
SSL *ssl = SSL_new(ctx->ctx);
if (!ssl)
{
@@ -515,6 +519,7 @@ tls_ctx_load_ecdh_params(struct tls_root_ctx *ctx, const
char *curve_name
}
pkey = SSL_get_privatekey(ssl);
SSL_free(ssl);
+#endif
msg(D_TLS_DEBUG, "Extracting ECDH curve from private key");
--
2.11.1
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Openvpn-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
