| @@ -1479,26 +1479,27 @@ int ssl3_get_key_exchange(SSL *s) | | | @@ -1479,26 +1479,27 @@ int ssl3_get_key_exchange(SSL *s) |
1479 | #ifndef OPENSSL_NO_RSA | | 1479 | #ifndef OPENSSL_NO_RSA |
1480 | else if (alg_a & SSL_aRSA) | | 1480 | else if (alg_a & SSL_aRSA) |
1481 | pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509); | | 1481 | pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509); |
1482 | #endif | | 1482 | #endif |
1483 | #ifndef OPENSSL_NO_ECDSA | | 1483 | #ifndef OPENSSL_NO_ECDSA |
1484 | else if (alg_a & SSL_aECDSA) | | 1484 | else if (alg_a & SSL_aECDSA) |
1485 | pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_ECC].x509); | | 1485 | pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_ECC].x509); |
1486 | #endif | | 1486 | #endif |
1487 | /* else anonymous ECDH, so no certificate or pkey. */ | | 1487 | /* else anonymous ECDH, so no certificate or pkey. */ |
1488 | EC_KEY_set_public_key(ecdh, srvr_ecpoint); | | 1488 | EC_KEY_set_public_key(ecdh, srvr_ecpoint); |
1489 | s->session->sess_cert->peer_ecdh_tmp=ecdh; | | 1489 | s->session->sess_cert->peer_ecdh_tmp=ecdh; |
1490 | ecdh=NULL; | | 1490 | ecdh=NULL; |
1491 | BN_CTX_free(bn_ctx); | | 1491 | BN_CTX_free(bn_ctx); |
| | | 1492 | bn_ctx = NULL; |
1492 | EC_POINT_free(srvr_ecpoint); | | 1493 | EC_POINT_free(srvr_ecpoint); |
1493 | srvr_ecpoint = NULL; | | 1494 | srvr_ecpoint = NULL; |
1494 | } | | 1495 | } |
1495 | else if (alg_k) | | 1496 | else if (alg_k) |
1496 | { | | 1497 | { |
1497 | al=SSL_AD_UNEXPECTED_MESSAGE; | | 1498 | al=SSL_AD_UNEXPECTED_MESSAGE; |
1498 | SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_UNEXPECTED_MESSAGE); | | 1499 | SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_UNEXPECTED_MESSAGE); |
1499 | goto f_err; | | 1500 | goto f_err; |
1500 | } | | 1501 | } |
1501 | #endif /* !OPENSSL_NO_ECDH */ | | 1502 | #endif /* !OPENSSL_NO_ECDH */ |
1502 | | | 1503 | |
1503 | | | 1504 | |
1504 | /* p points to the next byte, there are 'n' bytes left */ | | 1505 | /* p points to the next byte, there are 'n' bytes left */ |