Error messages for client ECC cert verification.

Also, change the default ciphersuite to give some prefererence to ciphersuites with forwared secrecy (rather than using a random order).
2006-06-15 19:58:22 +00:00
parent b166f13eb5
commit ed3ecd801e
6 changed files with 24 additions and 9 deletions
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -968,7 +968,9 @@ int tls1_alert_code(int code);
 int ssl3_alert_code(int code);
 int ssl_ok(SSL *s);

-int check_srvr_ecc_cert_and_alg(X509 *x, SSL_CIPHER *cs);
+#ifndef OPENSSL_NO_ECDH
+int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL_CIPHER *cs);
+#endif

 SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n);