CECPQ1: change from named curve to ciphersuite. This is easier to deploy, and more obvious. This commit reverts a few pieces of e25775bc, but keeps most of it. Change-Id: If8d657a4221c665349c06041bb12fffca1527a2c Reviewed-on: https://boringssl-review.googlesource.com/8061 Reviewed-by: Adam Langley <agl@google.com>

commit: 053931e74e42bebd129d9b35d9aceb986e873a8f [log] [tgz]
author: Matt Braithwaite <mab@google.com> Wed May 25 12:06:05 2016 -0700
committer: Adam Langley <agl@google.com> Thu May 26 19:42:35 2016 +0000
tree: a4249c2156ca3f9da61b49c2dc9f99c0cf026173
parent: d09175ffe335d9be6846b4ac5e9e622d96213a00 [diff] [blame]
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index a27d430..3b8cff7 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c

@@ -1725,6 +1725,9 @@
     mask_k |= SSL_kECDHE;
   }
 
+  /* CECPQ1 ciphers are always acceptable if supported by both sides. */
+  mask_k |= SSL_kCECPQ1;
+
   /* PSK requires a server callback. */
   if (ssl->psk_server_callback != NULL) {
     mask_k |= SSL_kPSK;
commit	053931e74e42bebd129d9b35d9aceb986e873a8f	[log] [tgz]
author	Matt Braithwaite <mab@google.com>	Wed May 25 12:06:05 2016 -0700
committer	Adam Langley <agl@google.com>	Thu May 26 19:42:35 2016 +0000
tree	a4249c2156ca3f9da61b49c2dc9f99c0cf026173
parent	d09175ffe335d9be6846b4ac5e9e622d96213a00 [diff] [blame]