Add support for automatic ECDH temporary key parameter selection. When
enabled instead of requiring an application to hard code a (possibly
inappropriate) parameter set and delve into EC internals we just
automatically use the preferred curve.
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 1ff5e9d..bd373e3 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -3398,7 +3398,10 @@
case SSL_CTRL_GET_SHARED_CURVE:
return tls1_shared_curve(s, larg);
-
+
+ case SSL_CTRL_SET_ECDH_AUTO:
+ s->cert->ecdh_tmp_auto = larg;
+ break;
default:
break;
@@ -3678,6 +3681,9 @@
return tls1_set_curves_list(&ctx->tlsext_ellipticcurvelist,
&ctx->tlsext_ellipticcurvelist_length,
parg);
+ case SSL_CTRL_SET_ECDH_AUTO:
+ ctx->cert->ecdh_tmp_auto = larg;
+ break;
#endif /* !OPENSSL_NO_TLSEXT */
/* A Thawte special :-) */
