CVSROOT: /cvs Module name: src Changes by: js...@cvs.openbsd.org 2014/10/15 08:02:16
Modified files:
lib/libssl/src/ssl: t1_lib.c
Log message:
Only require an EC public key in tls1_set_ec_id(), if we need to provide
a compression identifier. In the case of a server using ephemeral EC keys,
the supplied key is unlikely to have a public key where
SSL_CTX_set_tmp_ecdh() is called after SSL_OP_SINGLE_ECDH_USE has been
set. This makes ECDHE ciphers work again for this use case.
