if (ncurves <= 0)
return 1;
curves = OPENSSL_malloc(ncurves * sizeof(int));
+ if (!curves) {
+ BIO_puts(out, "Malloc error getting supported curves\n");
+ return 0;
+ }
SSL_get1_curves(s, curves);
+
BIO_puts(out, "Supported Elliptic Curves: ");
for (i = 0; i < ncurves; i++) {
if (i)
case EVP_PKEY_DH:
BIO_printf(out, "DH, %d bits\n", EVP_PKEY_bits(key));
break;
-#ifndef OPENSSL_NO_ECDH
+#ifndef OPENSSL_NO_EC
case EVP_PKEY_EC:
{
EC_KEY *ec = EVP_PKEY_get1_EC_KEY(key);
BIO_printf(bio, " ");
num = len;
-#if 0
- if (num > 16)
- num = 16;
-#endif
for (i = 0; i < num; i++) {
if (i % 16 == 0 && i > 0)
BIO_printf(bio, "\n ");
extname = "renegotiation info";
break;
-#ifdef TLSEXT_TYPE_opaque_prf_input
- case TLSEXT_TYPE_opaque_prf_input:
- extname = "opaque PRF input";
- break;
-#endif
#ifdef TLSEXT_TYPE_next_proto_neg
case TLSEXT_TYPE_next_proto_neg:
extname = "next protocol";
/* Initialize a random secret */
if (!cookie_initialized) {
- if (!RAND_bytes(cookie_secret, COOKIE_SECRET_LENGTH)) {
+ if (RAND_bytes(cookie_secret, COOKIE_SECRET_LENGTH) <= 0) {
BIO_printf(bio_err, "error setting random cookie secret\n");
return 0;
}
print_chain_flags(bio_err, ssl, rv);
if (rv & CERT_PKEY_VALID) {
- SSL_use_certificate(ssl, exc->cert);
- SSL_use_PrivateKey(ssl, exc->key);
+ if (!SSL_use_certificate(ssl, exc->cert)
+ || !SSL_use_PrivateKey(ssl, exc->key)) {
+ return 0;
+ }
/*
* NB: we wouldn't normally do this as it is not efficient
* building chains on each connection better to cache the chain
while (exc) {
if (exc->cert)
X509_free(exc->cert);
- if (exc->key)
- EVP_PKEY_free(exc->key);
+ EVP_PKEY_free(exc->key);
if (exc->chain)
sk_X509_pop_free(exc->chain, X509_free);
curr = exc;