fix for no-ec

Reviewed-by: Matt Caswell <matt@openssl.org>
author: Dr. Stephen Henson <steve@openssl.org> 2015-12-16 15:45:40 +0100
committer: Dr. Stephen Henson <steve@openssl.org> 2015-12-16 16:22:33 +0100
commit: e4cf866322a4549c55153f9f135f9dadf4d3fc31 (patch)
tree: 06dcf081dc2d80f0c1511f8115e064d7133a67e9 /ssl/s3_lib.c
parent: make update (diff)
download: openssl-e4cf866322a4549c55153f9f135f9dadf4d3fc31.tar.xz
openssl-e4cf866322a4549c55153f9f135f9dadf4d3fc31.zip
1 files changed, 7 insertions, 1 deletions
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 465ed1ef65..a61ca625f7 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -4997,15 +4997,21 @@ EVP_PKEY *ssl_generate_pkey(EVP_PKEY *pm, int nid)
     if (pm != NULL) {
         pctx = EVP_PKEY_CTX_new(pm, NULL);
     } else {
-        /* Generate a new key for this curve */
+        /*
+         * Generate a new key for this curve.
+         * Should not be called if EC is disabled: if it is it will
+         * fail with an unknown algorithm error.
+         */
         pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL);
     }
     if (pctx == NULL)
         goto err;
     if (EVP_PKEY_keygen_init(pctx) <= 0)
         goto err;
+#ifndef OPENSSL_NO_EC
     if (pm == NULL && EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, nid) <= 0)
         goto err;
+#endif
 
     if (EVP_PKEY_keygen(pctx, &pkey) <= 0) {
         EVP_PKEY_free(pkey);
author	Dr. Stephen Henson <steve@openssl.org>	2015-12-16 15:45:40 +0100
committer	Dr. Stephen Henson <steve@openssl.org>	2015-12-16 16:22:33 +0100
commit	e4cf866322a4549c55153f9f135f9dadf4d3fc31 (patch)
tree	06dcf081dc2d80f0c1511f8115e064d7133a67e9 /ssl/s3_lib.c
parent	make update (diff)
download	openssl-e4cf866322a4549c55153f9f135f9dadf4d3fc31.tar.xz openssl-e4cf866322a4549c55153f9f135f9dadf4d3fc31.zip