tls-peer: Refactor writing of extensions and use less hard-coded DH group
authorTobias Brunner <tobias@strongswan.org>
Tue, 25 Aug 2020 14:18:27 +0000 (16:18 +0200)
committerTobias Brunner <tobias@strongswan.org>
Fri, 12 Feb 2021 10:45:44 +0000 (11:45 +0100)
commit851b605e214efa06a40de74bb1ee1d9dc9962964
treebf95334d1be559d771c28ebc771682484d0ec45b
parentde31646a09a82d1feb0d8a6ea119d5f9020c022c
tls-peer: Refactor writing of extensions and use less hard-coded DH group

Note that this breaks connecting to many TLS 1.3 servers until we support
HelloRetryRequest as we now send a key_share for ECP_256 while still
proposing other groups, so many servers request to use CURVE_25519.
src/libtls/tls_peer.c