[openssl-dev] Intermittent s_server issues with ECDHE cipher suites
John Foley
foleyj at cisco.com
Tue Mar 10 17:02:25 UTC 2015
There appears to be a problem when using s_server with ECDHE cipher
suites in OpenSSL_1_0_1-stable. Due to an uninitialized variable,
SSL_CTX_set_tmp_ecdh() is not always invoked within s_server. The
following patch resolves the issue. This bug appears to have been
introduced by 059907771b89549cbd07a81df1a5bdf51e062066.
diff --git a/apps/s_server.c b/apps/s_server.c
index caba5b3..2a44223 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -998,7 +998,7 @@ int MAIN(int argc, char *argv[])
int off = 0;
int no_tmp_rsa = 0, no_dhe = 0, nocert = 0;
#ifndef OPENSSL_NO_ECDH
- int no_ecdhe;
+ int no_ecdhe = 0;
#endif
int state = 0;
const SSL_METHOD *meth = NULL;
More information about the openssl-dev
mailing list