Never call load_dh_param(NULL) because this leads to an illegal
authorBodo Möller <bodo@openssl.org>
Thu, 2 Nov 2000 10:35:10 +0000 (10:35 +0000)
committerBodo Möller <bodo@openssl.org>
Thu, 2 Nov 2000 10:35:10 +0000 (10:35 +0000)
fopen(NULL).

CHANGES
apps/s_server.c

diff --git a/CHANGES b/CHANGES
index 744eaaf..2e3e2ab 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,9 @@
 
  Changes between 0.9.6 and 0.9.7  [xx XXX 2000]
 
+  *) Never call load_dh_param(NULL) in s_server.
+     [Bodo Moeller]
+
   *) Add engine application.  It can currently list engines by name and
      identity, and test if they are actually available.
      [Richard Levitte]
index 61a77df..7b6a2b0 100644 (file)
@@ -416,9 +416,6 @@ int MAIN(int argc, char *argv[])
        int state=0;
        SSL_METHOD *meth=NULL;
        ENGINE *e=NULL;
-#ifndef NO_DH
-       DH *dh=NULL;
-#endif
 
 #if !defined(NO_SSL2) && !defined(NO_SSL3)
        meth=SSLv23_server_method();
@@ -682,7 +679,13 @@ bad:
 #ifndef NO_DH
        if (!no_dhe)
                {
-               dh=load_dh_param(dhfile ? dhfile : s_cert_file);
+               DH *dh=NULL;
+
+               if (dhfile)
+                       dh = load_dh_param(dhfile);
+               else if (s_cert_file)
+                       dh = load_dh_param(s_cert_file);
+
                if (dh != NULL)
                        {
                        BIO_printf(bio_s_out,"Setting temp DH parameters\n");