On 2023-12-20 06:21, Mariam John wrote:
Update ssl_fc_curve/ssl_fc_curve to use `SSL_get0_group_name` function
(available from the
OpenSSL v3.2 release onwards) to get the curve name. For OpenSSL versions >=3.0
and <3.2, we
will continue to use `SSL_get_negotiated_group` to get the curve name.
Mariam John (1):
BUG/MINOR: ssl: Update ssl_fc_curve/ssl_bc_curve to use
SSL_get0_group_name
reg-tests/ssl/ssl_curve_name.vtc | 4 ++--
src/ssl_sample.c | 33 +++++++++++++++++++++++++++-----
2 files changed, 30 insertions(+), 7 deletions(-)
Hello Mariam,
I'm fine with the SSL_get0_group_name() change, however if it introduces a
change of behavior
I can't get this backported in stable branches.
It's probably better if you do it the other way, keeping the format from
SSL_get_negotiated_group()
while using SSL_get0_group_name() so people don't have surprises when upgrading
their OpenSSL.
Regards,
--
William Lallemand