From fcc1ad78f90181a234a03a340596d80d25e2da6c Mon Sep 17 00:00:00 2001
From: Adam Langley <alangley@gmail.com>
Date: Tue, 29 Jan 2019 07:32:23 -0800
Subject: [PATCH] Enable all curves (inc CECPQ2) during fuzzing.

Change-Id: I8083e841de135e9ec244609b1c20f0280ce20072
Reviewed-on: https://boringssl-review.googlesource.com/c/34664
Reviewed-by: David Benjamin <davidben@google.com>
---
 ssl/t1_lib.cc     | 2 +-
 ssl/test/fuzzer.h | 7 +++++++
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/ssl/t1_lib.cc b/ssl/t1_lib.cc
index 140ab456..36ba1141 100644
--- a/ssl/t1_lib.cc
+++ b/ssl/t1_lib.cc
@@ -300,7 +300,7 @@ static const uint16_t kDefaultGroupsServer[] = {
     SSL_CURVE_X25519,
     SSL_CURVE_SECP256R1,
     SSL_CURVE_SECP384R1,
-};;
+};
 
 Span<const uint16_t> tls1_get_grouplist(const SSL_HANDSHAKE *hs) {
   if (!hs->config->supported_group_list.empty()) {
diff --git a/ssl/test/fuzzer.h b/ssl/test/fuzzer.h
index de058e52..f714d5d7 100644
--- a/ssl/test/fuzzer.h
+++ b/ssl/test/fuzzer.h
@@ -414,6 +414,13 @@ class TLSFuzzer {
       return false;
     }
 
+    static const int kCurves[] = {NID_CECPQ2, NID_X25519, NID_X9_62_prime256v1,
+                                  NID_secp384r1, NID_secp521r1};
+    if (!SSL_CTX_set1_curves(ctx_.get(), kCurves,
+                             OPENSSL_ARRAY_SIZE(kCurves))) {
+      return false;
+    }
+
     SSL_CTX_set_early_data_enabled(ctx_.get(), 1);
 
     SSL_CTX_set_next_proto_select_cb(ctx_.get(), NPNSelectCallback, nullptr);