diff options
| author | Matt Caswell <matt@openssl.org> | 2019-06-13 11:06:12 +0100 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2019-06-17 10:57:19 +0100 |
| commit | dbc6268f68e50b2e49d7c5b1157b4f6bcea5d6f9 (patch) | |
| tree | 67a9fa2beac320e8d437c04225cbc377a0145f2d /ssl/s3_lib.c | |
| parent | 8013a933dacc80096e2bfca06c00f9ec29adb35b (diff) | |
Allow TLSv1.3 in a no-ec build
Now that we have TLSv1.3 FFDHE support there is no reason why we should
not allow TLSv1.3 to be used in a no-ec build. This commit enables that
to happen.
It also fixes no-ec which was previously broken.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9156)
Diffstat (limited to 'ssl/s3_lib.c')
| -rw-r--r-- | ssl/s3_lib.c | 6 |
1 files changed, 2 insertions, 4 deletions
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 358142e935..2e041d5887 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -3578,7 +3578,6 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) } return ssl_cert_set_current(s->cert, larg); -#ifndef OPENSSL_NO_EC case SSL_CTRL_GET_GROUPS: { uint16_t *clist; @@ -3623,7 +3622,7 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) } return id; } -#endif + case SSL_CTRL_SET_SIGALGS: return tls1_set_sigalgs(s->cert, parg, larg, 0); @@ -3899,7 +3898,6 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) break; #endif -#ifndef OPENSSL_NO_EC case SSL_CTRL_SET_GROUPS: return tls1_set_groups(&ctx->ext.supportedgroups, &ctx->ext.supportedgroups_len, @@ -3909,7 +3907,7 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) return tls1_set_groups_list(&ctx->ext.supportedgroups, &ctx->ext.supportedgroups_len, parg); -#endif + case SSL_CTRL_SET_SIGALGS: return tls1_set_sigalgs(ctx->cert, parg, larg, 0); |