Make SSL_{CTX}_set_tmp_ecdh() call SSL_{CTX_}set1_curves()

SSL_{CTX}_set_tmp_ecdh() allows to set 1 EC curve and then tries to use it. On the other hand SSL_{CTX_}set1_curves() allows you to set a list of curves, but only when SSL_{CTX_}set_ecdh_auto() was called to turn it on. Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2015-12-04 22:25:11 +01:00
parent 6f78b9e824
commit 6977e8ee4a
8 changed files with 48 additions and 72 deletions
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -2037,7 +2037,7 @@ void ssl_set_masks(SSL *s, const SSL_CIPHER *cipher)
 #endif

 #ifndef OPENSSL_NO_EC
-    have_ecdh_tmp = (c->ecdh_tmp || c->ecdh_tmp_auto);
+    have_ecdh_tmp = c->ecdh_tmp_auto;
 #endif
    cpk = &(c->pkeys[SSL_PKEY_RSA_ENC]);
    rsa_enc = pvalid[SSL_PKEY_RSA_ENC] & CERT_PKEY_VALID;