From d075706ea5fe39d37dad45ba53216a3bb33256aa Mon Sep 17 00:00:00 2001
From: Piotr Sikora <piotrsikora@google.com>
Date: Fri, 14 Apr 2017 02:59:34 -0700
Subject: [PATCH] Allow selecting ECDH curves in bssl tool.

Change-Id: Ie515386b7f3555a5acf42e37b49e9a831571cb4a
Signed-off-by: Piotr Sikora <piotrsikora@google.com>
Reviewed-on: https://boringssl-review.googlesource.com/15065
Reviewed-by: Adam Langley <agl@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
---
 tool/client.cc | 10 ++++++++++
 tool/server.cc | 10 ++++++++++
 2 files changed, 20 insertions(+)

diff --git a/tool/client.cc b/tool/client.cc
index 2c8b5147..005afa85 100644
--- a/tool/client.cc
+++ b/tool/client.cc
@@ -43,6 +43,10 @@ static const struct argument kArguments[] = {
         "An OpenSSL-style cipher suite string that configures the offered "
         "ciphers",
     },
+    {
+        "-curves", kOptionalArgument,
+        "An OpenSSL-style ECDH curves list that configures the offered curves",
+    },
     {
         "-max-version", kOptionalArgument,
         "The maximum acceptable protocol version",
@@ -296,6 +300,12 @@ bool Client(const std::vector<std::string> &args) {
     return false;
   }
 
+  if (args_map.count("-curves") != 0 &&
+      !SSL_CTX_set1_curves_list(ctx.get(), args_map["-curves"].c_str())) {
+    fprintf(stderr, "Failed setting curves list\n");
+    return false;
+  }
+
   uint16_t max_version = TLS1_3_VERSION;
   if (args_map.count("-max-version") != 0 &&
       !VersionFromString(&max_version, args_map["-max-version"])) {
diff --git a/tool/server.cc b/tool/server.cc
index ae039059..70a85e5d 100644
--- a/tool/server.cc
+++ b/tool/server.cc
@@ -34,6 +34,10 @@ static const struct argument kArguments[] = {
         "An OpenSSL-style cipher suite string that configures the offered "
         "ciphers",
     },
+    {
+        "-curves", kOptionalArgument,
+        "An OpenSSL-style ECDH curves list that configures the offered curves",
+    },
     {
         "-max-version", kOptionalArgument,
         "The maximum acceptable protocol version",
@@ -190,6 +194,12 @@ bool Server(const std::vector<std::string> &args) {
     return false;
   }
 
+  if (args_map.count("-curves") != 0 &&
+      !SSL_CTX_set1_curves_list(ctx.get(), args_map["-curves"].c_str())) {
+    fprintf(stderr, "Failed setting curves list\n");
+    return false;
+  }
+
   uint16_t max_version = TLS1_3_VERSION;
   if (args_map.count("-max-version") != 0 &&
       !VersionFromString(&max_version, args_map["-max-version"])) {