AuroraMiddleware/mbedtls
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

ssl_set_curves is no longer ECDHE only

Browse Source
This commit is contained in:
Manuel Pégourié-Gonnard 2014-02-04 15:52:33 +01:00
parent cd49f76898
commit 7f38ed0bfa
2 changed files with 13 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
include/polarssl/ssl.h
View File

@ -727,8 +727,7 @@ struct _ssl_context
int disable_renegotiation; /*!< enable/disable renegotiation */
int allow_legacy_renegotiation; /*!< allow legacy renegotiation */
const int *ciphersuite_list[4]; /*!< allowed ciphersuites / version */
#if defined(POLARSSL_KEY_EXCHANGE__SOME__ECDHE_ENABLED) && \
defined(POLARSSL_SSL_SET_CURVES)
#if defined(POLARSSL_SSL_SET_CURVES)
const ecp_group_id *curve_list; /*!< allowed curves */
#endif
#if defined(POLARSSL_SSL_TRUNCATED_HMAC)
@ -1159,8 +1158,7 @@ int ssl_set_dh_param( ssl_context *ssl, const char *dhm_P, const char *dhm_G );
int ssl_set_dh_param_ctx( ssl_context *ssl, dhm_context *dhm_ctx );
#endif
#if defined(POLARSSL_KEY_EXCHANGE__SOME__ECDHE_ENABLED) && \
defined(POLARSSL_SSL_SET_CURVES)
#if defined(POLARSSL_SSL_SET_CURVES)
/**
* \brief Set the allowed curves in order of preference.
* (Default: all defined curves.)

23
library/ssl_tls.c
View File

@ -3384,8 +3384,7 @@ int ssl_init( ssl_context *ssl )
ssl->ticket_lifetime = SSL_DEFAULT_TICKET_LIFETIME;
#endif
#if defined(POLARSSL_KEY_EXCHANGE__SOME__ECDHE_ENABLED) && \
defined(POLARSSL_SSL_SET_CURVES)
#if defined(POLARSSL_SSL_SET_CURVES)
ssl->curve_list = ecp_grp_id_list( );
#endif
@ -3801,6 +3800,16 @@ int ssl_set_dh_param_ctx( ssl_context *ssl, dhm_context *dhm_ctx )
}
#endif /* POLARSSL_DHM_C */
#if defined(POLARSSL_SSL_SET_CURVES)
/*
* Set the allowed elliptic curves
*/
void ssl_set_curves( ssl_context *ssl, const ecp_group_id *curve_list )
{
ssl->curve_list = curve_list;
}
#endif
#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION)
int ssl_set_hostname( ssl_context *ssl, const char *hostname )
{
@ -4616,13 +4625,3 @@ md_type_t ssl_md_alg_from_hash( unsigned char hash )
#endif
#if defined(POLARSSL_KEY_EXCHANGE__SOME__ECDHE_ENABLED) && \
defined(POLARSSL_SSL_SET_CURVES)
/*
* Set the allowed ECDH curves.
*/
void ssl_set_curves( ssl_context *ssl, const ecp_group_id *curve_list )
{
ssl->curve_list = curve_list;
}
#endif