commit b7927946fdd73aecb86fb7c76ee4adb7a80e71e1
parent cc9a9b1bdd100e074e4df07f12269f3191ebb3d2
Author: Nick Mathewson <nickm@torproject.org>
Date: Wed, 23 Apr 2025 08:46:17 -0400
Correctly detect error from SSL_CTX_set1_groups_list.
Previously our code was checking for '< 0', but the error return value for
this function _is_ zero.
Diffstat:
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/lib/tls/tortls_openssl.c b/src/lib/tls/tortls_openssl.c
@@ -673,7 +673,7 @@ tor_tls_context_new(crypto_pk_t *identity, unsigned int key_lifetime,
const char *list;
list = "P-256:P-224";
int r = (int) SSL_CTX_set1_groups_list(result->ctx, list);
- if (r < 0)
+ if (r == 0)
goto error;
}
#else /* !(defined(SSL_CTX_set1_groups_list) || defined(HAVE_SSL_CTX_SE...)) */
