diff options
author | Tomas Mraz <tmraz@fedoraproject.org> | 2017-05-22 16:20:21 +0200 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2017-06-08 21:30:17 +0100 |
commit | 59d37902343656c1317d80f1ef5c7bdc550a1294 (patch) | |
tree | 19d265b2c3c0d8a1fa196dc42958c54f81671b30 /ssl | |
parent | 2984afdad9696e4de4762ebc0039f9353773f66c (diff) |
Ignore -named_curve auto value to improve backwards compatibility
Fixes #3490
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3518)
(cherry picked from commit 1c7aa0dbf16c3389bbedd13391bb653e7a189603)
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/ssl_conf.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/ssl/ssl_conf.c b/ssl/ssl_conf.c index 3957946092..88e4103820 100644 --- a/ssl/ssl_conf.c +++ b/ssl/ssl_conf.c @@ -221,6 +221,14 @@ static int cmd_ECDHParameters(SSL_CONF_CTX *cctx, const char *value) EC_KEY *ecdh; int nid; + /* Ignore values supported by 1.0.2 for the automatic selection */ + if ((cctx->flags & SSL_CONF_FLAG_FILE) && + strcasecmp(value, "+automatic") == 0) + return 1; + if ((cctx->flags & SSL_CONF_FLAG_CMDLINE) && + strcmp(value, "auto") == 0) + return 1; + nid = EC_curve_nist2nid(value); if (nid == NID_undef) nid = OBJ_sn2nid(value); |