aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMagnus Kroken <mkroken@gmail.com>2016-12-30 01:31:28 +0100
committerFelix Fietkau <nbd@nbd.name>2016-12-30 13:06:25 +0100
commitca963bbf5fc0446c35ea578ec1476b5282c0cd66 (patch)
treec5183d547a3a789b986785f72bd30387849168d5
parent4731f02fa2c24fad4179fb8f756ecc40f26b6916 (diff)
downloadupstream-ca963bbf5fc0446c35ea578ec1476b5282c0cd66.tar.gz
upstream-ca963bbf5fc0446c35ea578ec1476b5282c0cd66.tar.bz2
upstream-ca963bbf5fc0446c35ea578ec1476b5282c0cd66.zip
mbedtls: enable secp384r1 elliptic curve support
Secp384r1 is the default curve for OpenVPN 2.4+. Enable this to make OpenVPN-mbedtls clients able to perform ECDHE key exchange with remote OpenVPN 2.4-openssl servers that use the default OpenVPN curve. Signed-off-by: Magnus Kroken <mkroken@gmail.com>
-rw-r--r--package/libs/mbedtls/patches/200-config.patch3
1 files changed, 1 insertions, 2 deletions
diff --git a/package/libs/mbedtls/patches/200-config.patch b/package/libs/mbedtls/patches/200-config.patch
index be7127c045..bb74e61adb 100644
--- a/package/libs/mbedtls/patches/200-config.patch
+++ b/package/libs/mbedtls/patches/200-config.patch
@@ -27,11 +27,10 @@
+//#define MBEDTLS_ECP_DP_SECP192R1_ENABLED
+//#define MBEDTLS_ECP_DP_SECP224R1_ENABLED
#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
--#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
+ #define MBEDTLS_ECP_DP_SECP384R1_ENABLED
-#define MBEDTLS_ECP_DP_SECP521R1_ENABLED
-#define MBEDTLS_ECP_DP_SECP192K1_ENABLED
-#define MBEDTLS_ECP_DP_SECP224K1_ENABLED
-+//#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
+//#define MBEDTLS_ECP_DP_SECP521R1_ENABLED
+//#define MBEDTLS_ECP_DP_SECP192K1_ENABLED
+//#define MBEDTLS_ECP_DP_SECP224K1_ENABLED