From 295bf02f8211b77feb0bc6963c1b7ec49122ce18 Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Fri, 17 Apr 2020 17:16:53 +0000
Subject: Generate client key share using our preferred group.

Generate a client key share using our preferred group, rather than always
using X25519. This means that the key share group can be controlled via
SSL{_CTX,}_set1_groups() and SSL{_CTX,}_set1_groups_list().

ok beck@
---
 src/lib/libssl/tls13_internal.h | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'src/lib/libssl/tls13_internal.h')

diff --git a/src/lib/libssl/tls13_internal.h b/src/lib/libssl/tls13_internal.h
index 053a7972a0..8d5d9c4efe 100644
--- a/src/lib/libssl/tls13_internal.h
+++ b/src/lib/libssl/tls13_internal.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_internal.h,v 1.61 2020/03/10 17:15:02 jsing Exp $ */
+/* $OpenBSD: tls13_internal.h,v 1.62 2020/04/17 17:16:53 jsing Exp $ */
 /*
  * Copyright (c) 2018 Bob Beck <beck@openbsd.org>
  * Copyright (c) 2018 Theo Buehler <tb@openbsd.org>
@@ -123,7 +123,8 @@ int tls13_update_server_traffic_secret(struct tls13_secrets *secrets);
  */
 struct tls13_key_share;
 
-struct tls13_key_share *tls13_key_share_new(int nid);
+struct tls13_key_share *tls13_key_share_new(uint16_t group_id);
+struct tls13_key_share *tls13_key_share_new_nid(int nid);
 void tls13_key_share_free(struct tls13_key_share *ks);
 
 uint16_t tls13_key_share_group(struct tls13_key_share *ks);
-- 
cgit v1.2.3-55-g6feb