CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2020/04/19 11:05:55
Modified files:
usr.bin/openssl: s_client.c s_server.c
Log message:
Add -groups option to openssl(1) s_server.
This allows supported EC groups to be configured, which will also control
which TLSv1.3 key shares we'll accept. While here, deprecate the rather
useless -named_curve option, which is effectively the same as -groups with
a single group. Also stop setting a single default group of P-256 via
SSL_CTX_set_tmp_ecdh() - use the library defaults instead.
ok beck@ inoguchi@
