diff options
| author | jsing <> | 2014-10-03 13:58:18 +0000 |
|---|---|---|
| committer | jsing <> | 2014-10-03 13:58:18 +0000 |
| commit | 00aab6e9fe0cafba69f2b8ba7716f378e303cf92 (patch) | |
| tree | cffe0badf760bb2604b226bec541734923e423b7 /src/lib/libssl/ssl_cert.c | |
| parent | 3e3e62d53cc575a61b99b211f05e78229c836866 (diff) | |
| download | openbsd-00aab6e9fe0cafba69f2b8ba7716f378e303cf92.tar.gz openbsd-00aab6e9fe0cafba69f2b8ba7716f378e303cf92.tar.bz2 openbsd-00aab6e9fe0cafba69f2b8ba7716f378e303cf92.zip | |
Add support for automatic ephemeral EC keys.
This allows an SSL server to enable ECDHE ciphers with a single setting,
which results in an EC key being generated using the first preference
shared curve.
Based on OpenSSL with inspiration from boringssl.
ok miod@
Diffstat (limited to '')
| -rw-r--r-- | src/lib/libssl/ssl_cert.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/lib/libssl/ssl_cert.c b/src/lib/libssl/ssl_cert.c index 6aae59e310..6f1815067b 100644 --- a/src/lib/libssl/ssl_cert.c +++ b/src/lib/libssl/ssl_cert.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_cert.c,v 1.41 2014/07/10 08:25:00 guenther Exp $ */ | 1 | /* $OpenBSD: ssl_cert.c,v 1.42 2014/10/03 13:58:18 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -244,6 +244,7 @@ ssl_cert_dup(CERT *cert) | |||
| 244 | } | 244 | } |
| 245 | } | 245 | } |
| 246 | ret->ecdh_tmp_cb = cert->ecdh_tmp_cb; | 246 | ret->ecdh_tmp_cb = cert->ecdh_tmp_cb; |
| 247 | ret->ecdh_tmp_auto = cert->ecdh_tmp_auto; | ||
| 247 | 248 | ||
| 248 | for (i = 0; i < SSL_PKEY_NUM; i++) { | 249 | for (i = 0; i < SSL_PKEY_NUM; i++) { |
| 249 | if (cert->pkeys[i].x509 != NULL) { | 250 | if (cert->pkeys[i].x509 != NULL) { |