Add support for automatic ECDH temporary key parameter selection. When

enabled instead of requiring an application to hard code a (possibly inappropriate) parameter set and delve into EC internals we just automatically use the preferred curve. (backport from HEAD)
author: Dr. Stephen Henson <steve@openssl.org> 2012-04-06 20:15:50 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2012-04-06 20:15:50 +0000
commit: e46c807e4f4eedb36dec70576d1562f252ff69a1 (patch)
tree: f55f310338ce96d1011f4b574102161fabbc0817 /ssl/s3_lib.c
parent: c132ca95c05cfcd8029a2670267d3e67b2b9f461 (diff)
1 files changed, 7 insertions, 1 deletions
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index ab94ec8f1a..c8cb8def0b 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -3398,7 +3398,10 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
 
 	case SSL_CTRL_GET_SHARED_CURVE:
 		return tls1_shared_curve(s, larg);
- 
+
+	case SSL_CTRL_SET_ECDH_AUTO:
+		s->cert->ecdh_tmp_auto = larg;
+		break;
 
 	default:
 		break;
@@ -3673,6 +3676,9 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
 		return tls1_set_curves_list(&ctx->tlsext_ellipticcurvelist,
 					&ctx->tlsext_ellipticcurvelist_length,
 								parg);
+	case SSL_CTRL_SET_ECDH_AUTO:
+		ctx->cert->ecdh_tmp_auto = larg;
+		break;
 #endif /* !OPENSSL_NO_TLSEXT */
 
 	/* A Thawte special :-) */
author	Dr. Stephen Henson <steve@openssl.org>	2012-04-06 20:15:50 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2012-04-06 20:15:50 +0000
commit	e46c807e4f4eedb36dec70576d1562f252ff69a1 (patch)
tree	f55f310338ce96d1011f4b574102161fabbc0817 /ssl/s3_lib.c
parent	c132ca95c05cfcd8029a2670267d3e67b2b9f461 (diff)