Displaying 2 results from an estimated 2 matches for "curve_nam".
Did you mean:
curve_name
2013 Jul 06
1
[PATCH] login-common: Add support for ECDH/ECDHE cipher suites
...rvice_ssl_settings *ssl_set);
static void ssl_server_context_deinit(struct ssl_server_context **_ctx);
+static void ssl_proxy_ctx_set_crypto_params(SSL_CTX *ssl_ctx,
+ const struct master_service_ssl_settings *set);
+static int ssl_proxy_ctx_get_pkey_ec_curve_name(const struct master_service_ssl_settings *set);
+
static unsigned int ssl_server_context_hash(const struct ssl_server_context *ctx)
{
unsigned int i, g, h = 0;
@@ -993,11 +997,58 @@
store = SSL_CTX_get_cert_store(ssl_ctx);
load_ca(store, set->ssl_ca, load_xnames ? &xnames : NULL);...
2017 Feb 14
0
openssl 1.1.0d breaks Android7 TLS connects
...t non-compliant with RFC 6460 which requires
curve NIST P-256 (prime256v1) be used when AES-128 TLS cipher
suites are in use. At least the non-compliance is in the form of
providing too much security rather than too little. */
nid = ssl_proxy_ctx_get_pkey_ec_curve_name(set);
ecdh = EC_KEY_new_by_curve_name(nid);
if (ecdh == NULL) {
/* Fall back option */
nid = NID_secp384r1;
ecdh = EC_KEY_new_by_curve_name(nid);
}
if ((curve_name = OBJ_nid2sn(nid)) != NULL && set->verbose_...