OpenSSL: Fix tls_eccurve on earlier versions than 3.0.0. Bug 2954

Broken-by: ca4014de81e6
author: Jeremy Harris <jgh146exb@wizmail.org> 2023-01-02 15:04:14 +0000
committer: Jeremy Harris <jgh146exb@wizmail.org> 2023-01-02 15:15:36 +0000
commit: 7fa5764c203f2f4a900898a79ed02d674075313f (patch)
tree: 5bf24d059781ac5c04a506a08fe9da0e2d4309b9 /src
parent: b77f1b5c34fd54dd2f05d698410523e0427992b3 (diff)
download: exim4-7fa5764c203f2f4a900898a79ed02d674075313f.tar.gz
1 files changed, 4 insertions, 3 deletions
diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c
index 4d0f99ea9..e063d29bd 100644
--- a/src/src/tls-openssl.c
+++ b/src/src/tls-openssl.c
@@ -786,8 +786,9 @@ if (  (nid = OBJ_sn2nid       (CCS exp_curve)) == NID_undef
 #   endif
    )
   {
-  tls_error(string_sprintf("Unknown curve name tls_eccurve '%s'", exp_curve),
-    NULL, NULL, errstr);
+  uschar * s = string_sprintf("Unknown curve name tls_eccurve '%s'", exp_curve);
+  DEBUG(D_tls) debug_printf("TLS error '%s'\n", s);
+  if (errstr) *errstr = s;
   return FALSE;
   }
 
@@ -803,7 +804,7 @@ if (  (nid = OBJ_sn2nid       (CCS exp_curve)) == NID_undef
   /* The "tmp" in the name here refers to setting a temporary key
   not to the stability of the interface. */
 
-  if ((rc = SSL_CTX_set_tmp_ecdh(sctx, ecdh) == 0))
+  if ((rc = SSL_CTX_set_tmp_ecdh(sctx, ecdh)) == 0)
     tls_error(string_sprintf("Error enabling '%s' curve", exp_curve), NULL, NULL, errstr);
   else
     DEBUG(D_tls) debug_printf(" ECDH: enabled '%s' curve\n", exp_curve);
author	Jeremy Harris <jgh146exb@wizmail.org>	2023-01-02 15:04:14 +0000
committer	Jeremy Harris <jgh146exb@wizmail.org>	2023-01-02 15:15:36 +0000
commit	7fa5764c203f2f4a900898a79ed02d674075313f (patch)
tree	5bf24d059781ac5c04a506a08fe9da0e2d4309b9 /src
parent	b77f1b5c34fd54dd2f05d698410523e0427992b3 (diff)
download	exim4-7fa5764c203f2f4a900898a79ed02d674075313f.tar.gz