Support ECDH X25519 for TLSv1.3 (OpenSSL 1.1.1)

author Aaron Jones <redacted>

Sun, 8 Sep 2019 13:57:20 +0000 (13:57 +0000)

committer Aaron Jones <redacted>

Sun, 8 Sep 2019 13:57:53 +0000 (13:57 +0000)
author Aaron Jones <redacted>
Sun, 8 Sep 2019 13:57:20 +0000 (13:57 +0000)
committer Aaron Jones <redacted>
Sun, 8 Sep 2019 13:57:53 +0000 (13:57 +0000)
diff --git a/libratbox/src/openssl_ratbox.h b/libratbox/src/openssl_ratbox.h

index 83d18d6ea404b80ed804b9eed8a81274842ad186..130d8096797cd2b4ab7dc2a5347e23039e0aa2f3 100644 (file)
--- a/libratbox/src/openssl_ratbox.h
+++ b/libratbox/src/openssl_ratbox.h
@@ -87,6 +87,14 @@
  #  endif
  #endif
  
+#if !defined(LIBRESSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER > 0x10101000L)
+#  define LRB_HAVE_TLS_ECDH_X25519      1
+#else
+#  if defined(LIBRESSL_VERSION_NUMBER) && (LIBRESSL_VERSION_NUMBER > 0x2050100fL)
+#    define LRB_HAVE_TLS_ECDH_X25519    1
+#  endif
+#endif
+
  
  
  /*
@@ -123,7 +131,11 @@ static const char rb_default_ciphers[] = ""
         "!aNULL";
  
  #ifdef LRB_HAVE_TLS_SET_CURVES
+#  ifdef LRB_HAVE_TLS_ECDH_X25519
+static char rb_default_curves[] = "X25519:P-521:P-384:P-256";
+#  else
  static char rb_default_curves[] = "P-521:P-384:P-256";
+#  endif
  #endif
  
  #endif /* LRB_OPENSSL_H_INC */
author	Aaron Jones <redacted>
	Sun, 8 Sep 2019 13:57:20 +0000 (13:57 +0000)
committer	Aaron Jones <redacted>
	Sun, 8 Sep 2019 13:57:53 +0000 (13:57 +0000)