Remove SSL_get1_curves and promote SSL_(CTX_)?set1_curves. I'm not sure why one would ever want to externally know the curve list supported by the server. The API is new as of 1.0.2 and has no callers. Configuring curves will be much more useful when Curve25519 exists and the API isn't terribly crazy, so keep that API around and promote it to a real function. BUG=404754 Change-Id: Ibd5858791d3dfb30d53dd680cb75b0caddcbb7df Reviewed-on: https://boringssl-review.googlesource.com/5674 Reviewed-by: Adam Langley <agl@google.com>

commit: fdb4cdd755c78037be3e38cb6891c8f821cb2a34 [log] [tgz]
author: David Benjamin <davidben@chromium.org> Sun Aug 09 11:13:23 2015 -0400
committer: Adam Langley <agl@google.com> Tue Aug 18 22:13:01 2015 +0000
tree: 488bd462d9bcc9ec5fa13d278599f6b634592e5b
parent: 2b23d24c385f5132db82782c851765aa14e396fa [diff] [blame]
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 7c22127..f8fbf6d 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c

@@ -378,33 +378,22 @@
   return ssl->s3->tmp.num_certificate_types;
 }
 
+int SSL_CTX_set1_curves(SSL_CTX *ctx, const int *curves, size_t curves_len) {
+  return tls1_set_curves(&ctx->tlsext_ellipticcurvelist,
+                         &ctx->tlsext_ellipticcurvelist_length, curves,
+                         curves_len);
+}
+
+int SSL_set1_curves(SSL *ssl, const int *curves, size_t curves_len) {
+  return tls1_set_curves(&ssl->tlsext_ellipticcurvelist,
+                         &ssl->tlsext_ellipticcurvelist_length, curves,
+                         curves_len);
+}
+
 long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) {
   int ret = 0;
 
   switch (cmd) {
-    case SSL_CTRL_GET_CURVES: {
-      const uint16_t *clist = s->s3->tmp.peer_ellipticcurvelist;
-      size_t clistlen = s->s3->tmp.peer_ellipticcurvelist_length;
-      if (parg) {
-        size_t i;
-        int *cptr = parg;
-        int nid;
-        for (i = 0; i < clistlen; i++) {
-          nid = tls1_ec_curve_id2nid(clist[i]);
-          if (nid != NID_undef) {
-            cptr[i] = nid;
-          } else {
-            cptr[i] = TLSEXT_nid_unknown | clist[i];
-          }
-        }
-      }
-      return (int)clistlen;
-    }
-
-    case SSL_CTRL_SET_CURVES:
-      return tls1_set_curves(&s->tlsext_ellipticcurvelist,
-                             &s->tlsext_ellipticcurvelist_length, parg, larg);
-
     case SSL_CTRL_SET_SIGALGS:
       return tls1_set_sigalgs(s->cert, parg, larg, 0);
 
@@ -420,10 +409,6 @@
 
 long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) {
   switch (cmd) {
-    case SSL_CTRL_SET_CURVES:
-      return tls1_set_curves(&ctx->tlsext_ellipticcurvelist,
-                             &ctx->tlsext_ellipticcurvelist_length, parg, larg);
-
     case SSL_CTRL_SET_SIGALGS:
       return tls1_set_sigalgs(ctx->cert, parg, larg, 0);
commit	fdb4cdd755c78037be3e38cb6891c8f821cb2a34	[log] [tgz]
author	David Benjamin <davidben@chromium.org>	Sun Aug 09 11:13:23 2015 -0400
committer	Adam Langley <agl@google.com>	Tue Aug 18 22:13:01 2015 +0000
tree	488bd462d9bcc9ec5fa13d278599f6b634592e5b
parent	2b23d24c385f5132db82782c851765aa14e396fa [diff] [blame]