Update the various SSL group getting and setting functions

A number of these functions returned a NID or an array of NIDs for the groups. Now that groups can come from the providers we do not necessarily know the NID. Therefore we need to handle this in a clean way. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11914)
author: Matt Caswell <matt@openssl.org> 2020-05-21 16:36:32 +0100
committer: Matt Caswell <matt@openssl.org> 2020-06-19 10:19:31 +0100
commit: 260009d877bfd6fe75aef08ecf4c366127f1f78e (patch)
tree: c054d1dfa8752082864c51a0f497c615897d658b /ssl/s3_lib.c
parent: 90929138d73ae46fe2fa3014028ab010043af23e (diff)
1 files changed, 7 insertions, 10 deletions
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 8004c6483a..a7f1e4d83a 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -3653,13 +3653,10 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
                     const TLS_GROUP_INFO *cinf
                         = tls1_group_id_lookup(s->ctx, clist[i]);
 
-                    if (cinf != NULL)  {
-                        cptr[i] = tls1_group_id2nid(cinf->group_id);
-                        if (cptr[i] == NID_undef)
-                            cptr[i] = TLSEXT_nid_unknown | clist[i];
-                    } else {
+                    if (cinf != NULL)
+                        cptr[i] = tls1_group_id2nid(cinf->group_id, 1);
+                    else
                         cptr[i] = TLSEXT_nid_unknown | clist[i];
-                    }
                 }
             }
             return (int)clistlen;
@@ -3670,7 +3667,7 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
                                &s->ext.supportedgroups_len, parg, larg);
 
     case SSL_CTRL_SET_GROUPS_LIST:
-        return tls1_set_groups_list(&s->ext.supportedgroups,
+        return tls1_set_groups_list(s->ctx, &s->ext.supportedgroups,
                                     &s->ext.supportedgroups_len, parg);
 
     case SSL_CTRL_GET_SHARED_GROUP:
@@ -3678,11 +3675,11 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
             uint16_t id = tls1_shared_group(s, larg);
 
             if (larg != -1)
-                return tls1_group_id2nid(id);
+                return tls1_group_id2nid(id, 1);
             return id;
         }
     case SSL_CTRL_GET_NEGOTIATED_GROUP:
-        ret = tls1_group_id2nid(s->s3.group_id);
+        ret = tls1_group_id2nid(s->s3.group_id, 1);
         break;
 #endif /* !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH) */
 
@@ -3967,7 +3964,7 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
                                parg, larg);
 
     case SSL_CTRL_SET_GROUPS_LIST:
-        return tls1_set_groups_list(&ctx->ext.supportedgroups,
+        return tls1_set_groups_list(ctx, &ctx->ext.supportedgroups,
                                     &ctx->ext.supportedgroups_len,
                                     parg);
 #endif /* !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH) */
author	Matt Caswell <matt@openssl.org>	2020-05-21 16:36:32 +0100
committer	Matt Caswell <matt@openssl.org>	2020-06-19 10:19:31 +0100
commit	260009d877bfd6fe75aef08ecf4c366127f1f78e (patch)
tree	c054d1dfa8752082864c51a0f497c615897d658b /ssl/s3_lib.c
parent	90929138d73ae46fe2fa3014028ab010043af23e (diff)