BUG/MINOR: acme: P-256 doesn't work with openssl >= 3.0

When trying to use the P-256 curve in the acme configuration with
OpenSSL 3.x, the generation of the account was failing because OpenSSL
doesn't return a NIST or SECG curve name, but a ANSI X9.62 one.

Since the ANSI X9.62 curve names were not in the list, it couldn't match
anything supported.

This patch fixes the issue by adding both prime192v1 and prime256v1 name
in the struct curve array which is used during curve parsing.

Must be backported to 3.2.

diff --git a/src/ssl_utils.c b/src/ssl_utils.c
index 01cac2771b1e456d34d994283b60b17f3e87f233..eadcec24b6a41616712fc897b75b647792337d14 100644 (file)
--- a/src/ssl_utils.c
+++ b/src/ssl_utils.c
@@ -953,10 +953,12 @@ static struct curve {
        V( 17,     NID_secp160r2,                            "secp160r2",             NULL       ),
        V( 18,     NID_secp192k1,                            "secp192k1",             NULL       ),
        V( 19,     NID_X9_62_prime192v1,                     "secp192r1",             "P-192"    ),
+       V( 19,     NID_X9_62_prime192v1,                     "prime192v1",            "P-192"    ),
        V( 20,     NID_secp224k1,                            "secp224k1",             NULL       ),
        V( 21,     NID_secp224r1,                            "secp224r1",             "P-224"    ),
        V( 22,     NID_secp256k1,                            "secp256k1",             NULL       ),
        V( 23,     NID_X9_62_prime256v1,                     "secp256r1",             "P-256"    ),
+       V( 23,     NID_X9_62_prime256v1,                     "prime256v1",            "P-256"    ),
        V( 24,     NID_secp384r1,                            "secp384r1",             "P-384"    ),
        V( 25,     NID_secp521r1,                            "secp521r1",             "P-521"    ),
        V( 26,     NID_brainpoolP256r1,                      "brainpoolP256r1",       NULL       ),