Google Git
Sign in
boringssl/boringssl/28c24092e39bfd70852afa2923a3d12d2e9be2f5^!/.
commit
28c24092e39bfd70852afa2923a3d12d2e9be2f5
[log]
author
David Benjamin <davidben@google.com>
Thu Jun 01 18:59:34 2023 -0400
committer
Boringssl LUCI CQ <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com>
Thu Jun 01 23:16:27 2023 +0000
tree
7397561320b1a23d9d86d38c422a4f34c14a5352
parent
be0fdf7fde7c96c54b463fa3e5033298201fde94 [diff]
Define TLSEXT_nid_unknown

NGINX requires this constant if SSL_get_negotiated_group is defined.
OpenSSL returns this to indicate a named group constant it doesn't
understand, which doesn't make sense out of SSL_get_negotiated_group
because the library wouldn't negotiate a group it doesn't know about.
Nonetheless, define it for compatibility.

Fixed: 615
Change-Id: I05a6d607912bb8507be9ac6ff5fe1699b4715f6b
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/60326
Commit-Queue: Adam Langley <agl@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <agl@google.com>
Auto-Submit: David Benjamin <davidben@google.com>

diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 7974b27..1de31e8 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h

@@ -5268,6 +5268,11 @@
 #define SSL_CURVE_X25519 SSL_GROUP_X25519
 #define SSL_CURVE_X25519_KYBER768_DRAFT00 SSL_GROUP_X25519_KYBER768_DRAFT00
 
+// TLSEXT_nid_unknown is a constant used in OpenSSL for
+// |SSL_get_negotiated_group| to return an unrecognized group. BoringSSL never
+// returns this value, but we define this constant for compatibility.
+#define TLSEXT_nid_unknown 0x1000000
+
 
 // Compliance policy configurations
 //