wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Improve backwards compat with 1.0.2 for ECDHParameters

Browse source 
In 1.0.2 you could configure automatic ecdh params by using the
ECDHParameters config directive and setting it to the value
"+Automatic" or just "Automatic". This is no longer required in 1.1.0+
but we still recognise the "+Automatic" keyword for backwards compatibility.
However we did not recognise just "Automatic" without the leading "+" which
is equally valid. This commit fixes that omission.

Fixes #4113

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6035)
This commit is contained in:
Matt Caswell 2018-04-20 14:12:11 +01:00
parent 7fcdbd839c
commit ededc88dd5
2 changed files with 3 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
doc/man3/SSL_CONF_cmd.pod
View file

@ -597,10 +597,6 @@ Set supported curves to P-256, P-384:
SSL_CONF_cmd(ctx, "Curves", "P-256:P-384");
Set automatic support for any elliptic curve for key exchange:
SSL_CONF_cmd(ctx, "ECDHParameters", "Automatic");
=head1 RETURN VALUES
SSL_CONF_cmd() returns 1 if the value of B<cmd> is recognised and B<value> is

5
ssl/ssl_conf.c
View file

@ -229,8 +229,9 @@ static int cmd_ECDHParameters(SSL_CONF_CTX *cctx, const char *value)
int nid;
/* Ignore values supported by 1.0.2 for the automatic selection */
if ((cctx->flags & SSL_CONF_FLAG_FILE) &&
strcasecmp(value, "+automatic") == 0)
if ((cctx->flags & SSL_CONF_FLAG_FILE)
&& (strcasecmp(value, "+automatic") == 0
|| strcasecmp(value, "automatic") == 0))
return 1;
if ((cctx->flags & SSL_CONF_FLAG_CMDLINE) &&
strcmp(value, "auto") == 0)