diff options
| author | Reyk Floeter <reyk@cvs.openbsd.org> | 2014-08-27 10:46:54 +0000 |
|---|---|---|
| committer | Reyk Floeter <reyk@cvs.openbsd.org> | 2014-08-27 10:46:54 +0000 |
| commit | 33c4005928e36cb57ee5103ab1c5cf426b8c8bac (patch) | |
| tree | 630d0e307d0a4e51cbbacbf3fe1eb279e3d57dcd /lib/libressl/ressl_config.c | |
| parent | 57b91ee142c2531f84d103e004fe80adb6fe6cce (diff) | |
Add the API function ressl_config_set_ecdhcurve(config, name) to set a
non-standard ECDH curve by name or to disable it by passing NULL.
OK jsing@
Diffstat (limited to 'lib/libressl/ressl_config.c')
| -rw-r--r-- | lib/libressl/ressl_config.c | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/lib/libressl/ressl_config.c b/lib/libressl/ressl_config.c index 133ef81b02a..aa353be01fd 100644 --- a/lib/libressl/ressl_config.c +++ b/lib/libressl/ressl_config.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ressl_config.c,v 1.7 2014/08/06 01:54:01 jsing Exp $ */ +/* $OpenBSD: ressl_config.c,v 1.8 2014/08/27 10:46:53 reyk Exp $ */ /* * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> * @@ -28,6 +28,7 @@ struct ressl_config ressl_config_default = { .ca_file = _PATH_SSL_CA_FILE, .ca_path = NULL, .ciphers = NULL, + .ecdhcurve = NID_X9_62_prime256v1, .verify = 1, .verify_depth = 6, }; @@ -82,6 +83,18 @@ ressl_config_set_ciphers(struct ressl_config *config, char *ciphers) config->ciphers = ciphers; } +int +ressl_config_set_ecdhcurve(struct ressl_config *config, const char *name) +{ + int nid = NID_undef; + + if (name != NULL && (nid = OBJ_txt2nid(name)) == NID_undef) + return (-1); + + config->ecdhcurve = nid; + return (0); +} + void ressl_config_set_key_file(struct ressl_config *config, char *key_file) { |