From: Andy Green Date: Thu, 18 Feb 2016 12:36:55 +0000 (+0800) Subject: context creation info add ecdh_curve X-Git-Tag: upstream/2.0.3~232 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=d7fddadaeccb453fe3a38e2dea3362c0aa46b314;p=platform%2Fupstream%2Flibwebsockets.git context creation info add ecdh_curve Signed-off-by: Andy Green --- diff --git a/changelog b/changelog index 91e1e4b..db8fce7 100644 --- a/changelog +++ b/changelog @@ -1,6 +1,14 @@ Changelog --------- +User API additions +------------------ + +1) There's a new member in struct lws_context_creation_info, ecdh_curve, +which lets you set the name of the ECDH curve OpenSSL should use. By +default (if you leave ecdh_curve NULL) it will use "prime256v1" + + v1.7.0 ====== diff --git a/lib/libwebsockets.h b/lib/libwebsockets.h index 7db50aa..6175a3d 100644 --- a/lib/libwebsockets.h +++ b/lib/libwebsockets.h @@ -1319,6 +1319,7 @@ extern int lws_extension_callback_pm_deflate( * library are protected from hanging forever by timeouts. If * nonzero, this member lets you set the timeout used in seconds. * Otherwise a default timeout is used. + * @ecdh_curve: if NULL, defaults to initializing server with "prime256v1" */ struct lws_context_creation_info { @@ -1353,6 +1354,7 @@ struct lws_context_creation_info { unsigned int count_threads; unsigned int fd_limit_per_thread; unsigned int timeout_secs; + const char *ecdh_curve; /* Add new things just above here ---^ * This is part of the ABI, don't needlessly break compatibility diff --git a/lib/ssl.c b/lib/ssl.c index ac3ad2e..719f4bf 100644 --- a/lib/ssl.c +++ b/lib/ssl.c @@ -144,6 +144,9 @@ lws_context_ssl_init_ecdh_curve(struct lws_context_creation_info *info, int ecdh_nid; const char *ecdh_curve = "prime256v1"; + if (info->ecdh_curve) + ecdh_curve = info->ecdh_curve; + ecdh_nid = OBJ_sn2nid(ecdh_curve); if (NID_undef == ecdh_nid) { lwsl_err("SSL: Unknown curve name '%s'", ecdh_curve);