Get the list of supported ECC curves out of the client hello, and

avoid negotiating an ECDH key exchange if the client didn't send any
curves that we know about.

1 files changed, 3 insertions, 0 deletions

diff --git a/src/tls/tls_messages.h b/src/tls/tls_messages.h
index c3dbaaf42..ec2229c21 100644
--- a/src/tls/tls_messages.h
+++ b/src/tls/tls_messages.h
@@ -63,6 +63,8 @@ class Client_Hello : public Handshake_Message
       std::vector<std::pair<std::string, std::string> > supported_algos() const
          { return m_supported_algos; }
 
+      const std::vector<std::string> supported_ecc_curves() const { return m_supported_curves; }
+
       std::vector<u16bit> ciphersuites() const { return m_suites; }
       std::vector<byte> compression_methods() const { return m_comp_methods; }
 
@@ -119,6 +121,7 @@ class Client_Hello : public Handshake_Message
       MemoryVector<byte> m_renegotiation_info;
 
       std::vector<std::pair<std::string, std::string> > m_supported_algos;
+      std::vector<std::string> m_supported_curves;
    };
 
 /**