diff options
author | Joel Sing <jsing@cvs.openbsd.org> | 2014-10-03 13:58:19 +0000 |
---|---|---|
committer | Joel Sing <jsing@cvs.openbsd.org> | 2014-10-03 13:58:19 +0000 |
commit | e04b3252f7c4174da54f7b3c4dc6fa54e643a2eb (patch) | |
tree | 49f3bd89ffa3a0f5884fe65662ed93646b39fb71 /lib/libssl/s3_lib.c | |
parent | 37148b59ffd46586cc987e9a6102bdb5e2eac79d (diff) |
Add support for automatic ephemeral EC keys.
This allows an SSL server to enable ECDHE ciphers with a single setting,
which results in an EC key being generated using the first preference
shared curve.
Based on OpenSSL with inspiration from boringssl.
ok miod@
Diffstat (limited to 'lib/libssl/s3_lib.c')
-rw-r--r-- | lib/libssl/s3_lib.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/lib/libssl/s3_lib.c b/lib/libssl/s3_lib.c index 246aa6f23df..42f8074f8c3 100644 --- a/lib/libssl/s3_lib.c +++ b/lib/libssl/s3_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_lib.c,v 1.81 2014/09/30 15:40:09 jsing Exp $ */ +/* $OpenBSD: s3_lib.c,v 1.82 2014/10/03 13:58:17 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -2128,6 +2128,11 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) ret = 1; break; + case SSL_CTRL_SET_ECDH_AUTO: + s->cert->ecdh_tmp_auto = larg; + ret = 1; + break; + default: break; } @@ -2322,6 +2327,9 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) return 1; break; + case SSL_CTRL_SET_ECDH_AUTO: + ctx->cert->ecdh_tmp_auto = larg; + return 1; /* A Thawte special :-) */ case SSL_CTRL_EXTRA_CHAIN_CERT: |