Do not load empty DH param data ...

- Let the library set up forward secrecy if not used
author: David Timber <dxdt@dev.snart.me> 2022-11-05 19:34:07 +0800
committer: David Timber <dxdt@dev.snart.me> 2022-11-05 19:34:07 +0800
commit: 5fd13be001b654fda70a8f6d919a84fcd8f31d4d (patch)
tree: 8a6d5eded194f2b8e5fa4a7929e2f81a46b0d7e9 /src/proone-htbthost.c
parent: 1fb630b7df7d65c436f7486266671f9eb942067c (diff)
1 files changed, 4 insertions, 2 deletions
diff --git a/src/proone-htbthost.c b/src/proone-htbthost.c
index 50604f0..e89acab 100644
--- a/src/proone-htbthost.c
+++ b/src/proone-htbthost.c
@@ -203,9 +203,11 @@ static void load_ssl_conf (
 			MBEDTLS_SSL_PRESET_DEFAULT) == 0 &&
 		mbedtls_x509_crt_parse(s_crt, S_CRT, sizeof(S_CRT)) == 0 &&
 		mbedtls_pk_parse_key(s_key, S_KEY, sizeof(S_KEY), NULL, 0) == 0 &&
-		mbedtls_dhm_parse_dhm(dhm, DH, sizeof(DH)) == 0 &&
+		(sizeof(DH) > 0 ?
+			mbedtls_dhm_parse_dhm(dhm, DH, sizeof(DH)) : 0) == 0 &&
 		mbedtls_ssl_conf_own_cert(s_conf, s_crt, s_key) == 0 &&
-		mbedtls_ssl_conf_dh_param_ctx(s_conf, dhm) == 0);
+		(sizeof(DH) > 0 ?
+			mbedtls_ssl_conf_dh_param_ctx(s_conf, dhm) : 0) == 0);
 	mbedtls_ssl_conf_ca_chain(s_conf, ca, NULL);
 	mbedtls_ssl_conf_verify(s_conf, prne_mbedtls_x509_crt_verify_cb, NULL);
 	mbedtls_ssl_conf_rng(s_conf, mbedtls_ctr_drbg_random, rnd);
author	David Timber <dxdt@dev.snart.me>	2022-11-05 19:34:07 +0800
committer	David Timber <dxdt@dev.snart.me>	2022-11-05 19:34:07 +0800
commit	5fd13be001b654fda70a8f6d919a84fcd8f31d4d (patch)
tree	8a6d5eded194f2b8e5fa4a7929e2f81a46b0d7e9 /src/proone-htbthost.c
parent	1fb630b7df7d65c436f7486266671f9eb942067c (diff)