moparisthebest/curl
1
0
Fork 0
mirror of https://github.com/moparisthebest/curl synced 2025-02-28 17:31:46 -05:00
Code Issues Releases Wiki Activity

wolfssl: stop custom-adding curves

Browse Source 
since wolfSSL PR https://github.com/wolfSSL/wolfssl/pull/717 (shipped in
wolfSSL 3.10.2 and later) it sends these curves by default already.

Pointed-out-by: David Garske

Closes #3599
This commit is contained in:
Daniel Stenberg 2019-02-22 08:04:09 +01:00
parent 11974ac859
commit 300def7d40
No known key found for this signature in database
GPG Key ID: 5CC908FDB71E12C2
2 changed files with 1 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
configure.ac
View File

@ -2384,7 +2384,6 @@ if test -z "$ssl_backends" -o "x$OPT_CYASSL" != xno; then
dnl Recent WolfSSL versions build without SSLv3 by default dnl Recent WolfSSL versions build without SSLv3 by default
dnl WolfSSL needs configure --enable-opensslextra to have *get_peer* dnl WolfSSL needs configure --enable-opensslextra to have *get_peer*
AC_CHECK_FUNCS(wolfSSLv3_client_method \ AC_CHECK_FUNCS(wolfSSLv3_client_method \
wolfSSL_CTX_UseSupportedCurve \
wolfSSL_get_peer_certificate \ wolfSSL_get_peer_certificate \
wolfSSL_UseALPN) wolfSSL_UseALPN)
else else

21
lib/vtls/cyassl.c
View File

@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___ * | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____| * \___|\___/|_| \_\_____|
* *
* Copyright (C) 1998 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al. * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
* *
* This software is licensed as described in the file COPYING, which * This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms * you should have received as part of this distribution. The terms
@ -67,15 +67,6 @@ and that's a problem since options.h hasn't been included yet. */
#endif #endif
#endif #endif
/* HAVE_SUPPORTED_CURVES is wolfSSL's build time symbol for enabling the ECC
supported curve extension in options.h. Note ECC is enabled separately. */
#ifndef HAVE_SUPPORTED_CURVES
#if defined(HAVE_CYASSL_CTX_USESUPPORTEDCURVE) || \
defined(HAVE_WOLFSSL_CTX_USESUPPORTEDCURVE)
#define HAVE_SUPPORTED_CURVES
#endif
#endif
#include <limits.h> #include <limits.h>
#include "urldata.h" #include "urldata.h"
@ -364,16 +355,6 @@ cyassl_connect_step1(struct connectdata *conn,
} }
#endif #endif
#ifdef HAVE_SUPPORTED_CURVES
/* CyaSSL/wolfSSL does not send the supported ECC curves ext automatically:
https://github.com/wolfSSL/wolfssl/issues/366
The supported curves below are those also supported by OpenSSL 1.0.2 and
in the same order. */
CyaSSL_CTX_UseSupportedCurve(BACKEND->ctx, 0x17); /* secp256r1 */
CyaSSL_CTX_UseSupportedCurve(BACKEND->ctx, 0x19); /* secp521r1 */
CyaSSL_CTX_UseSupportedCurve(BACKEND->ctx, 0x18); /* secp384r1 */
#endif
/* give application a chance to interfere with SSL set up. */ /* give application a chance to interfere with SSL set up. */
if(data->set.ssl.fsslctx) { if(data->set.ssl.fsslctx) {
CURLcode result = CURLE_OK; CURLcode result = CURLE_OK;