Remove an incorrect comment

[openssl.git] / ssl / statem / statem_clnt.c

diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
index 5f17864f9845f1b167453ac125ad0180801e8b0d..8ca47370cf6a0a877468008065a89250b52d3aa3 100644 (file)
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -1773,9 +1773,6 @@ MSG_PROCESS_RETURN tls_process_server_certificate(SSL *s, PACKET *pkt)
      */
     x = sk_X509_value(sk, 0);
     sk = NULL;
-    /*
-     * VRS 19990621: possible memory leak; sk=null ==> !sk_pop_free() @end
-     */
 
     pkey = X509_get0_pubkey(x);
 
@@ -2041,9 +2038,6 @@ static int tls_process_ske_ecdhe(SSL *s, PACKET *pkt, EVP_PKEY **pkey, int *al)
 #ifndef OPENSSL_NO_EC
     PACKET encoded_pt;
     const unsigned char *ecparams;
-    int curve_nid;
-    unsigned int curve_flags;
-    EVP_PKEY_CTX *pctx = NULL;
 
     /*
      * Extract elliptic curve parameters and the server's ephemeral ECDH
@@ -2065,41 +2059,13 @@ static int tls_process_ske_ecdhe(SSL *s, PACKET *pkt, EVP_PKEY **pkey, int *al)
         return 0;
     }
 
-    curve_nid = tls1_ec_curve_id2nid(*(ecparams + 2), &curve_flags);
-
-    if (curve_nid == 0) {
+    if ((s->s3->peer_tmp = ssl_generate_param_group(ecparams[2])) == NULL) {
         *al = SSL_AD_INTERNAL_ERROR;
         SSLerr(SSL_F_TLS_PROCESS_SKE_ECDHE,
                SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS);
         return 0;
     }
 
-    if ((curve_flags & TLS_CURVE_TYPE) == TLS_CURVE_CUSTOM) {
-        EVP_PKEY *key = EVP_PKEY_new();
-
-        if (key == NULL || !EVP_PKEY_set_type(key, curve_nid)) {
-            *al = SSL_AD_INTERNAL_ERROR;
-            SSLerr(SSL_F_TLS_PROCESS_SKE_ECDHE, ERR_R_EVP_LIB);
-            EVP_PKEY_free(key);
-            return 0;
-        }
-        s->s3->peer_tmp = key;
-    } else {
-        /* Set up EVP_PKEY with named curve as parameters */
-        pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL);
-        if (pctx == NULL
-            || EVP_PKEY_paramgen_init(pctx) <= 0
-            || EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, curve_nid) <= 0
-            || EVP_PKEY_paramgen(pctx, &s->s3->peer_tmp) <= 0) {
-            *al = SSL_AD_INTERNAL_ERROR;
-            SSLerr(SSL_F_TLS_PROCESS_SKE_ECDHE, ERR_R_EVP_LIB);
-            EVP_PKEY_CTX_free(pctx);
-            return 0;
-        }
-        EVP_PKEY_CTX_free(pctx);
-        pctx = NULL;
-    }
-
     if (!PACKET_get_length_prefixed_1(pkt, &encoded_pt)) {
         *al = SSL_AD_DECODE_ERROR;
         SSLerr(SSL_F_TLS_PROCESS_SKE_ECDHE, SSL_R_LENGTH_MISMATCH);