From e436c963f0976b885a7db04681344779e26dd3b5 Mon Sep 17 00:00:00 2001
From: Arne Schwabe <arne@rfc2549.org>
Date: Wed, 23 Apr 2014 09:56:37 +0200
Subject: Update OpenSSL to 1.0.1g and statically link OpenVPN with it

---
 main/openssl/crypto/ec/ec_pmeth.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'main/openssl/crypto/ec/ec_pmeth.c')

diff --git a/main/openssl/crypto/ec/ec_pmeth.c b/main/openssl/crypto/ec/ec_pmeth.c
index f433076c..66ee397d 100644
--- a/main/openssl/crypto/ec/ec_pmeth.c
+++ b/main/openssl/crypto/ec/ec_pmeth.c
@@ -188,7 +188,7 @@ static int pkey_ec_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen)
 
 	pubkey = EC_KEY_get0_public_key(ctx->peerkey->pkey.ec);
 
-	/* NB: unlike PKS#3 DH, if *outlen is less than maximum size this is
+	/* NB: unlike PKCS#3 DH, if *outlen is less than maximum size this is
 	 * not an error, the result is truncated.
 	 */
 
@@ -221,6 +221,7 @@ static int pkey_ec_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
 
 		case EVP_PKEY_CTRL_MD:
 		if (EVP_MD_type((const EVP_MD *)p2) != NID_sha1 &&
+		    EVP_MD_type((const EVP_MD *)p2) != NID_ecdsa_with_SHA1 &&
 		    EVP_MD_type((const EVP_MD *)p2) != NID_sha224 &&
 		    EVP_MD_type((const EVP_MD *)p2) != NID_sha256 &&
 		    EVP_MD_type((const EVP_MD *)p2) != NID_sha384 &&
-- 
cgit v1.2.3