2 files changed, 12 insertions, 8 deletions

diff --git a/src/proone-htbthost.c b/src/proone-htbthost.c
index 50604f0..e89acab 100644
--- a/src/proone-htbthost.c
+++ b/src/proone-htbthost.c
@@ -203,9 +203,11 @@ static void load_ssl_conf (
 			MBEDTLS_SSL_PRESET_DEFAULT) == 0 &&
 		mbedtls_x509_crt_parse(s_crt, S_CRT, sizeof(S_CRT)) == 0 &&
 		mbedtls_pk_parse_key(s_key, S_KEY, sizeof(S_KEY), NULL, 0) == 0 &&
-		mbedtls_dhm_parse_dhm(dhm, DH, sizeof(DH)) == 0 &&
+		(sizeof(DH) > 0 ?
+			mbedtls_dhm_parse_dhm(dhm, DH, sizeof(DH)) : 0) == 0 &&
 		mbedtls_ssl_conf_own_cert(s_conf, s_crt, s_key) == 0 &&
-		mbedtls_ssl_conf_dh_param_ctx(s_conf, dhm) == 0);
+		(sizeof(DH) > 0 ?
+			mbedtls_ssl_conf_dh_param_ctx(s_conf, dhm) : 0) == 0);
 	mbedtls_ssl_conf_ca_chain(s_conf, ca, NULL);
 	mbedtls_ssl_conf_verify(s_conf, prne_mbedtls_x509_crt_verify_cb, NULL);
 	mbedtls_ssl_conf_rng(s_conf, mbedtls_ctr_drbg_random, rnd);
diff --git a/src/proone.c b/src/proone.c
index 843d75a..6805e0b 100644
--- a/src/proone.c
+++ b/src/proone.c
@@ -876,17 +876,19 @@ static void load_ssl_conf (void) {
 				0);
 			BREAKIF_ERR("mbedtls_pk_parse_key");
 			data = prne_dvault_get_bin(PRNE_DATA_KEY_X509_DH, &dvlen);
-			mret = mbedtls_dhm_parse_dhm(&prne_g.s_ssl.dhm, data, dvlen);
-			BREAKIF_ERR("mbedtls_dhm_parse_dhm");
+			if (dvlen > 0) {
+				mret = mbedtls_dhm_parse_dhm(&prne_g.s_ssl.dhm, data, dvlen);
+				BREAKIF_ERR("mbedtls_dhm_parse_dhm");
+				mret = mbedtls_ssl_conf_dh_param_ctx(
+					&prne_g.s_ssl.conf,
+					&prne_g.s_ssl.dhm);
+				BREAKIF_ERR("mbedtls_ssl_conf_dh_param_ctx");
+			}
 			mret = mbedtls_ssl_conf_own_cert(
 				&prne_g.s_ssl.conf,
 				&prne_g.s_ssl.crt,
 				&prne_g.s_ssl.pk);
 			BREAKIF_ERR("mbedtls_ssl_conf_own_cert");
-			mret = mbedtls_ssl_conf_dh_param_ctx(
-				&prne_g.s_ssl.conf,
-				&prne_g.s_ssl.dhm);
-			BREAKIF_ERR("mbedtls_ssl_conf_dh_param_ctx");
 			mret = mbedtls_ssl_conf_alpn_protocols(
 				&prne_g.s_ssl.conf,
 				ALP_LIST);