Fix ssl3_send_server_key_exchange error path.
This codepath should not actually be reachable, unless maybe the caller is
doing something really dumb. (Unconfiguring the key partway through the
connection.)
Change-Id: Ic8e0cfc3c426439016370f9a85be9c05509358f1
Reviewed-on: https://boringssl-review.googlesource.com/6483
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 1616b22..cd5d2a1 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -1229,6 +1229,8 @@
return ssl_do_write(s);
}
+ EVP_MD_CTX_init(&md_ctx);
+
if (ssl_cipher_has_server_public_key(s->s3->tmp.new_cipher)) {
if (!ssl_has_private_key(s)) {
al = SSL_AD_INTERNAL_ERROR;
@@ -1239,7 +1241,6 @@
max_sig_len = 0;
}
- EVP_MD_CTX_init(&md_ctx);
enum ssl_private_key_result_t sign_result;
if (s->state == SSL3_ST_SW_KEY_EXCH_A) {
alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
