}
int config_ctx(SSL_CONF_CTX *cctx, STACK_OF(OPENSSL_STRING) *str,
- SSL_CTX *ctx, int no_ecdhe, int no_jpake)
+ SSL_CTX *ctx, int no_jpake)
{
int i;
for (i = 0; i < sk_OPENSSL_STRING_num(str); i += 2) {
const char *flag = sk_OPENSSL_STRING_value(str, i);
const char *arg = sk_OPENSSL_STRING_value(str, i + 1);
- /* If no_ecdhe or named curve already specified don't need a default. */
- if (!no_ecdhe && strcmp(flag, "-named_curve") == 0)
- no_ecdhe = 1;
#ifndef OPENSSL_NO_JPAKE
if (!no_jpake && (strcmp(flag, "-cipher") == 0)) {
BIO_puts(bio_err, "JPAKE sets cipher to PSK\n");
return 0;
}
}
- /*
- * This is a special case to keep existing s_server functionality: if we
- * don't have any curve specified *and* we haven't disabled ECDHE then
- * use P-256.
- */
- if (!no_ecdhe) {
- if (SSL_CONF_cmd(cctx, "-named_curve", "P-256") <= 0) {
- BIO_puts(bio_err, "Error setting EC curve\n");
- ERR_print_errors(bio_err);
- return 0;
- }
- }
#ifndef OPENSSL_NO_JPAKE
if (!no_jpake) {
if (SSL_CONF_cmd(cctx, "-cipher", "PSK") <= 0) {