Am 26.02.14 00:27, schrieb Steffan Karger: > This patch is based on Jan Just Keijser's patch from Feb 7, 2012. > > When OpenSSL 1.0.2 or newer is used, lets OpenSSL do the heavy lifting. > > Otherwise, tries the following things (in order of preference): > * When supplied, use the ecdh curve specified by the user. > * Try to extract the curve from the private key, use the same curve. > * Fall back on secp384r1 curve. > > Note that although the curve lookup succeeds, OpenSSL 1.0.0 and older do > *not* support TLSv1.1 or TLSv1.2, which means no that no EC-crypto can be > used. > > This patch also bumps the minimum required OpenSSL version to 0.9.8, > because older version do not have all the functions used and would require > adding (more) #ifdefs. > ACK.
Arne
signature.asc
Description: OpenPGP digital signature
