int al, i;
unsigned long type;
int n;
- CERT *cert;
BIGNUM *r[4];
int nr[4], kn;
BUF_MEM *buf;
}
type = s->s3->tmp.new_cipher->algorithm_mkey;
- cert = s->cert;
buf = s->init_buf;
#endif /* !OPENSSL_NO_PSK */
#ifndef OPENSSL_NO_DH
if (type & (SSL_kDHE | SSL_kDHEPSK)) {
+ CERT *cert = s->cert;
+
if (s->cert->dh_tmp_auto) {
dhp = ssl_get_auto_dh(s);
if (dhp == NULL) {
i = 0;
}
if (PACKET_remaining(pkt) != i) {
- if (!(s->options & SSL_OP_SSLEAY_080_CLIENT_DH_BUG)) {
- SSLerr(SSL_F_TLS_PROCESS_CLIENT_KEY_EXCHANGE,
- SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG);
- goto err;
- } else {
- *pkt = bookmark;
- i = PACKET_remaining(pkt);
- }
+ SSLerr(SSL_F_TLS_PROCESS_CLIENT_KEY_EXCHANGE,
+ SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG);
+ goto err;
}
if (alg_k & SSL_kDHr)
idx = SSL_PKEY_DH_RSA;