Make ssl_set_curves() work client-side too.

2014-02-04 15:14:13 +01:00 · 2014-02-04 15:14:13 +01:00 · cd49f76898
commit cd49f76898
parent ac7194133e
2 changed files with 23 additions and 11 deletions
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@ -233,19 +233,26 @@ static void ssl_write_supported_elliptic_curves_ext( ssl_context *ssl,
    unsigned char *p = buf;
    unsigned char *elliptic_curve_list = p + 6;
    size_t elliptic_curve_len = 0;
-    const ecp_curve_info *curve;
-    ((void) ssl);
+    const ecp_curve_info *info;
+#if defined(POLARSSL_SSL_SET_CURVES)
+    const ecp_group_id *grp_id;
+#endif

    *olen = 0;

    SSL_DEBUG_MSG( 3, ( "client hello, adding supported_elliptic_curves extension" ) );

-    for( curve = ecp_curve_list();
-         curve->grp_id != POLARSSL_ECP_DP_NONE;
-         curve++ )
+#if defined(POLARSSL_SSL_SET_CURVES)
+    for( grp_id = ssl->curve_list; *grp_id != POLARSSL_ECP_DP_NONE; grp_id++ )
    {
-        elliptic_curve_list[elliptic_curve_len++] = curve->tls_id >> 8;
-        elliptic_curve_list[elliptic_curve_len++] = curve->tls_id & 0xFF;
+        info = ecp_curve_info_from_grp_id( *grp_id );
+#else
+    for( info = ecp_curve_list(); info->grp_id != POLARSSL_ECP_DP_NONE; info++ )
+    {
+#endif
+
+        elliptic_curve_list[elliptic_curve_len++] = info->tls_id >> 8;
+        elliptic_curve_list[elliptic_curve_len++] = info->tls_id & 0xFF;
    }

    if( elliptic_curve_len == 0 )