a ssl object needs it's own instance of a ecdh key; remove obsolete comment
[openssl.git] / ssl / s3_lib.c
index e98f62900f2b51d29a40707bc08bfc2d69608893..f9d536e229fddabb3ad981b957df680e967ade9e 100644 (file)
@@ -1797,12 +1797,12 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
                        SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_ECDH_LIB);
                        return 0;
                        }
-               if (!EC_KEY_up_ref((EC_KEY *)parg))
+               ecdh = EC_KEY_dup((EC_KEY *)parg);
+               if (ecdh == NULL)
                        {
-                       SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_ECDH_LIB);
+                       SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_EC_LIB);
                        return 0;
                        }
-               ecdh = (EC_KEY *)parg;
                if (!(ctx->options & SSL_OP_SINGLE_ECDH_USE))
                        {
                        if (!EC_KEY_generate_key(ecdh))