commit a34a9df0712ac27256ec48e6f88c61064613ac08
author Dr. Stephen Henson <steve@openssl.org> Tue Feb 14 14:27:15 2017 +0000
committer Dr. Stephen Henson <steve@openssl.org> Wed Feb 15 02:23:55 2017 +0000
tree cbae441368d290692379f8da2c1b741f0cb1ab89
parent a497cf25162e100ad46bd08222b6e7584b2d5bee

Skip curve check if sigalg doesn't specify a curve.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2623)

ssl/t1_lib.c

diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 31c3b04..3e00cdb 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -917,7 +917,7 @@
         if (SSL_IS_TLS13(s)) {
             /* For TLS 1.3 check curve matches signature algorithm */
 
-            if (curve != lu->curve) {
+            if (lu->curve != NID_undef && curve != lu->curve) {
                 SSLerr(SSL_F_TLS12_CHECK_PEER_SIGALG, SSL_R_WRONG_CURVE);
                 return 0;
             }
@@ -2348,7 +2348,7 @@
 
                     curve = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec));
                 }
-                if (curve != lu->curve)
+                if (lu->curve != NID_undef && curve != lu->curve)
                     continue;
 #else
                 continue;