mirror of
https://github.com/matrix-construct/construct
synced 2024-12-29 08:54:02 +01:00
libratbox openssl: Don't leak EC_KEY structures.
This commit is contained in:
parent
023c36ae22
commit
9e26f0008b
1 changed files with 5 additions and 1 deletions
|
@ -325,7 +325,11 @@ rb_init_ssl(void)
|
|||
/* Set ECDHE on OpenSSL 1.00+, but make sure it's actually available because redhat are dicks
|
||||
and bastardise their OpenSSL for stupid reasons... */
|
||||
#if (OPENSSL_VERSION_NUMBER >= 0x10000000) && defined(NID_secp384r1)
|
||||
SSL_CTX_set_tmp_ecdh(ssl_server_ctx, EC_KEY_new_by_curve_name(NID_secp384r1));
|
||||
EC_KEY *key = EC_KEY_new_by_curve_name(NID_secp384r1);
|
||||
if (key) {
|
||||
SSL_CTX_set_tmp_ecdh(ssl_server_ctx, key);
|
||||
EC_KEY_free(key);
|
||||
}
|
||||
#ifdef SSL_OP_SINGLE_ECDH_USE
|
||||
SSL_CTX_set_options(ssl_server_ctx, SSL_OP_SINGLE_ECDH_USE);
|
||||
#endif
|
||||
|
|
Loading…
Reference in a new issue