提交 ededc88d 编写于 作者: M Matt Caswell

Improve backwards compat with 1.0.2 for ECDHParameters

In 1.0.2 you could configure automatic ecdh params by using the
ECDHParameters config directive and setting it to the value
"+Automatic" or just "Automatic". This is no longer required in 1.1.0+
but we still recognise the "+Automatic" keyword for backwards compatibility.
However we did not recognise just "Automatic" without the leading "+" which
is equally valid. This commit fixes that omission.

Fixes #4113
Reviewed-by: NRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6035)
上级 7fcdbd83
...@@ -597,10 +597,6 @@ Set supported curves to P-256, P-384: ...@@ -597,10 +597,6 @@ Set supported curves to P-256, P-384:
SSL_CONF_cmd(ctx, "Curves", "P-256:P-384"); SSL_CONF_cmd(ctx, "Curves", "P-256:P-384");
Set automatic support for any elliptic curve for key exchange:
SSL_CONF_cmd(ctx, "ECDHParameters", "Automatic");
=head1 RETURN VALUES =head1 RETURN VALUES
SSL_CONF_cmd() returns 1 if the value of B<cmd> is recognised and B<value> is SSL_CONF_cmd() returns 1 if the value of B<cmd> is recognised and B<value> is
......
...@@ -229,8 +229,9 @@ static int cmd_ECDHParameters(SSL_CONF_CTX *cctx, const char *value) ...@@ -229,8 +229,9 @@ static int cmd_ECDHParameters(SSL_CONF_CTX *cctx, const char *value)
int nid; int nid;
/* Ignore values supported by 1.0.2 for the automatic selection */ /* Ignore values supported by 1.0.2 for the automatic selection */
if ((cctx->flags & SSL_CONF_FLAG_FILE) && if ((cctx->flags & SSL_CONF_FLAG_FILE)
strcasecmp(value, "+automatic") == 0) && (strcasecmp(value, "+automatic") == 0
|| strcasecmp(value, "automatic") == 0))
return 1; return 1;
if ((cctx->flags & SSL_CONF_FLAG_CMDLINE) && if ((cctx->flags & SSL_CONF_FLAG_CMDLINE) &&
strcmp(value, "auto") == 0) strcmp(value, "auto") == 0)
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册