summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/lib/libssl/ssl_seclevel.c19
1 files changed, 13 insertions, 6 deletions
diff --git a/src/lib/libssl/ssl_seclevel.c b/src/lib/libssl/ssl_seclevel.c
index 1869c8108d..6a5d16bfaa 100644
--- a/src/lib/libssl/ssl_seclevel.c
+++ b/src/lib/libssl/ssl_seclevel.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_seclevel.c,v 1.27 2022/11/26 16:08:56 tb Exp $ */ 1/* $OpenBSD: ssl_seclevel.c,v 1.28 2024/05/09 07:12:03 tb Exp $ */
2/* 2/*
3 * Copyright (c) 2020-2022 Theo Buehler <tb@openbsd.org> 3 * Copyright (c) 2020-2022 Theo Buehler <tb@openbsd.org>
4 * 4 *
@@ -445,19 +445,26 @@ ssl_security_group(const SSL *ssl, uint16_t group_id, int secop)
445 int bits, nid; 445 int bits, nid;
446 uint8_t group[2]; 446 uint8_t group[2];
447 447
448 memset(&cbb, 0, sizeof(cbb));
449
448 if (!tls1_ec_group_id2bits(group_id, &bits)) 450 if (!tls1_ec_group_id2bits(group_id, &bits))
449 return 0; 451 goto err;
450 if (!tls1_ec_group_id2nid(group_id, &nid)) 452 if (!tls1_ec_group_id2nid(group_id, &nid))
451 return 0; 453 goto err;
452 454
453 if (!CBB_init_fixed(&cbb, group, sizeof(group))) 455 if (!CBB_init_fixed(&cbb, group, sizeof(group)))
454 return 0; 456 goto err;
455 if (!CBB_add_u16(&cbb, group_id)) 457 if (!CBB_add_u16(&cbb, group_id))
456 return 0; 458 goto err;
457 if (!CBB_finish(&cbb, NULL, NULL)) 459 if (!CBB_finish(&cbb, NULL, NULL))
458 return 0; 460 goto err;
459 461
460 return ssl_security(ssl, secop, bits, nid, group); 462 return ssl_security(ssl, secop, bits, nid, group);
463
464 err:
465 CBB_cleanup(&cbb);
466
467 return 0;
461} 468}
462 469
463int 470int
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-11-20 10:24:54 +0000