Ran curl with curl --curves X25519:P-256:P-384:P-521 ...
I expected the following
Expected the correct curves to be set in the TLS client hello message. However, the curves are not set. This is from Wireshark:
Extension: supported_groups (len=8)
Type: supported_groups (10)
Supported Groups List Length: 6
Supported Groups (3 groups)
Supported Group: x25519 (0x001d)
Supported Group: secp256r1 (0x0017)
Supported Group: secp384r1 (0x0018)
(Notice that secp521r1 is missing).
The reason is this code in lib/vtls/openssl.c:
#if ((OPENSSL_VERSION_NUMBER >= 0x10101000L) && \
!defined(LIBRESSL_VERSION_NUMBER) && \
#defineHAVE_SSL_CTX_SET_POST_HANDSHAKE_AUTH/* SET_EC_CURVES is available under the same preconditions: see * https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set1_groups.html*/
However, BoringSSL does supply the SSL_CTX_set1_curves_list() function, here's the documentation. It was added in this commit.
The fix is simple and I have a patch already. I was wondering whether there is a specific reason it was disabled with BoringSSL.
The CURLOPT_SSL_EC_CURVES option (used by the '--curves' flag)
in libcurl was ignored when compiling with BoringSSL because
HAVE_SSL_CTX_SET_EC_CURVES was explicitly disabled if BoringSSL was
detected. However, this feature is supported in BoringSSL since
5fd1807d. This commit enables it, and also reduces the required minimal
OpenSSL version to 1.0.2 as per OpenSSL's official documentation.