From ca62786442635d3f35bff22d22c3dc5521a5c432 Mon Sep 17 00:00:00 2001
From: Jack Lloyd <jack@randombit.net>
Date: Fri, 15 Jun 2018 11:03:26 -0400
Subject: TLS would try to negotiate x25519 even if disabled

Also reorder ECC groups to actually match performance
characteristics. I'm not sure when P-384 was slower than P-521
but it certainly isn't anymore.

Fixes #1607
---
 src/lib/tls/tls_policy.cpp | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

(limited to 'src/lib/tls')

diff --git a/src/lib/tls/tls_policy.cpp b/src/lib/tls/tls_policy.cpp
index 7fd7af235..5e8150e4f 100644
--- a/src/lib/tls/tls_policy.cpp
+++ b/src/lib/tls/tls_policy.cpp
@@ -161,12 +161,16 @@ std::vector<Group_Params> Policy::key_exchange_groups() const
    {
    // Default list is ordered by performance
    return {
+
+#if defined(BOTAN_HAS_CURVE_25519)
       Group_Params::X25519,
+#endif
+
       Group_Params::SECP256R1,
-      Group_Params::SECP521R1,
-      Group_Params::SECP384R1,
       Group_Params::BRAINPOOL256R1,
+      Group_Params::SECP384R1,
       Group_Params::BRAINPOOL384R1,
+      Group_Params::SECP521R1,
       Group_Params::BRAINPOOL512R1,
 
       Group_Params::FFDHE_2048,
-- 
cgit v1.2.3