bearssl: Fix static ECDH with client certificate

author: Michael Forney <mforney@mforney.org> 2020-02-01 14:11:40 -0800
committer: Michael Forney <mforney@mforney.org> 2020-02-01 14:11:40 -0800
commit: faaeeee2bcaaba4c3354300684870771e8595ee0 (patch)
tree: ec4c186caa711a690b36f4ad6325d6b5b47d5044 /pkg/bearssl
parent: 7069167d4a82761ab7486cb5783322f104f64579 (diff)
2 files changed, 26 insertions, 1 deletions
diff --git a/pkg/bearssl/patch/0001-Add-missing-return-in-client-single-EC-choose-functi.patch b/pkg/bearssl/patch/0001-Add-missing-return-in-client-single-EC-choose-functi.patch
new file mode 100644
index 00000000..421bbc7f
--- /dev/null
+++ b/pkg/bearssl/patch/0001-Add-missing-return-in-client-single-EC-choose-functi.patch
@@ -0,0 +1,25 @@
+From a5c3ea02385205858128e414873a0150cd8bceda Mon Sep 17 00:00:00 2001
+From: Michael Forney <mforney@mforney.org>
+Date: Fri, 31 Jan 2020 15:11:32 -0800
+Subject: [PATCH] Add missing return in client single EC choose function
+
+Otherwise, static ECDH is never selected.
+---
+ src/ssl/ssl_ccert_single_ec.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/ssl/ssl_ccert_single_ec.c b/src/ssl/ssl_ccert_single_ec.c
+index 93ebcde..2e1e54f 100644
+--- a/src/ssl/ssl_ccert_single_ec.c
++++ b/src/ssl/ssl_ccert_single_ec.c
+@@ -69,6 +69,7 @@ cc_choose(const br_ssl_client_certificate_class **pctx,
+ 			choices->hash_id = -1;
+ 			choices->chain = zc->chain;
+ 			choices->chain_len = zc->chain_len;
++			return;
+ 		}
+ 	}
+ 
+-- 
+2.25.0
+
diff --git a/pkg/bearssl/ver b/pkg/bearssl/ver
index 48af2ad9..73fbbedf 100644
--- a/pkg/bearssl/ver
+++ b/pkg/bearssl/ver
@@ -1 +1 @@
-0.6-27-gacc70b1 r0
+0.6-27-gacc70b1 r1
author	Michael Forney <mforney@mforney.org>	2020-02-01 14:11:40 -0800
committer	Michael Forney <mforney@mforney.org>	2020-02-01 14:11:40 -0800
commit	faaeeee2bcaaba4c3354300684870771e8595ee0 (patch)
tree	ec4c186caa711a690b36f4ad6325d6b5b47d5044 /pkg/bearssl
parent	7069167d4a82761ab7486cb5783322f104f64579 (diff)