New ctrls to retrieve supported signature algorithms and curves and
extensions to s_client and s_server to print out retrieved valued.
Extend CERT structure to cache supported signature algorithm data.
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index db79a99..248bb94 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -3365,6 +3365,32 @@
else
return ssl_cert_add0_chain_cert(s->cert, (X509 *)parg);
+ case SSL_CTRL_GET_CURVELIST:
+ {
+ unsigned char *clist;
+ size_t clistlen;
+ if (!s->session)
+ return 0;
+ clist = s->session->tlsext_ellipticcurvelist;
+ clistlen = s->session->tlsext_ellipticcurvelist_length / 2;
+ if (parg)
+ {
+ size_t i;
+ int *cptr = parg;
+ unsigned int cid, nid;
+ for (i = 0; i < clistlen; i++)
+ {
+ n2s(clist, cid);
+ nid = tls1_ec_curve_id2nid(cid);
+ if (nid != 0)
+ cptr[i] = nid;
+ else
+ cptr[i] = TLSEXT_nid_unknown | cid;
+ }
+ }
+ return (int)clistlen;
+ }
+
default:
break;
}
