]> git.ipfire.org Git - thirdparty/openvpn.git/commit
projects / thirdparty / openvpn.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b3e0d95) | patch
Enable usage of TLS groups not identified by a NID in OpenSSL 3
authorMichael Baentsch <info@baentsch.ch>
Tue, 29 Mar 2022 05:37:09 +0000 (07:37 +0200)
committerGert Doering <gert@greenie.muc.de>
Tue, 29 Mar 2022 18:07:50 +0000 (20:07 +0200)
commit711a4044a095e83bb70f4620310d385d6f5c7282
treec0fadb1b41de28c16aae4347501211cb92d084c9tree
parentb3e0d95dcfd0de2a5fe6545fed8f46e0dd35784dcommit | diff
Enable usage of TLS groups not identified by a NID in OpenSSL 3

OpenSSL3 prefers to specify groups (including EC groups) with names
instead of NID to allow also groups provided by providers.
This commit also removes the mapping of secp256r1 to prime256v1 for
the OpenSSL3 code path as OpenSSL 3.0 recognises secp256r1.1

Signed-off-by: Michael Baentsch <info@baentsch.ch>
Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <20220329053709.19462-1-info@baentsch.ch>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg24012.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
src/openvpn/ssl_openssl.c diff | blob | blame | history
Mirror of https://github.com/OpenVPN/openvpn.git