
<p></p>

<p>I have done the following test:</p>

<p>In <code>tls_domain.c</code>, comment out the usage of a P-256 curve</p>

<div class="highlight highlight-source-c"><pre><span class="pl-c"><span class="pl-c">/*</span></span>

<span class="pl-c"> * ECDHE is enabled only on OpenSSL 1.0.0e and later.</span>

<span class="pl-c"> * See http://www.openssl.org/news/secadv_20110906.txt</span>

<span class="pl-c"> * for details.</span>

<span class="pl-c"> <span class="pl-c">*/</span></span>

#<span class="pl-k">ifndef</span> OPENSSL_NO_ECDH

<span class="pl-k">static</span> <span class="pl-k">void</span> <span class="pl-en">setup_ecdh</span>(SSL_CTX *ctx)

{

   EC_KEY *ecdh;


   <span class="pl-k">if</span> (<span class="pl-c1">SSLeay</span>() < <span class="pl-c1">0x1000005fL</span>) {

      <span class="pl-k">return</span>;

   }


   <span class="pl-c"><span class="pl-c">//</span> ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);</span>

   <span class="pl-c1">SSL_CTX_set_options</span>(ctx, SSL_OP_SINGLE_ECDH_USE);

   <span class="pl-c"><span class="pl-c">//</span> SSL_CTX_set_tmp_ecdh(ctx, ecdh);</span>


   <span class="pl-c"><span class="pl-c">//</span> EC_KEY_free(ecdh);</span>

}

#<span class="pl-k">endif</span></pre></div>

<p>In this case everything works as expected; I can set <code>cipher_list</code> in both <code>[server:default]</code> and <code>[client:default]</code> and the TLS handshake will succeed in both directions.</p>


<p style="font-size:small;-webkit-text-size-adjust:none;color:#666;">—<br />You are receiving this because you are subscribed to this thread.<br />Reply to this email directly, <a href="https://github.com/kamailio/kamailio/issues/2716#issuecomment-827746031">view it on GitHub</a>, or <a href="https://github.com/notifications/unsubscribe-auth/ABO7UZICCJYCNAPRGOARBYTTK3RNNANCNFSM43VHZBEA">unsubscribe</a>.<img src="https://github.com/notifications/beacon/ABO7UZI2AUVVBM2YGB6F77LTK3RNNA5CNFSM43VHZBEKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOGFLGN3Y.gif" height="1" width="1" alt="" /></p>

<script type="application/ld+json">[

{

"@context": "http://schema.org",

"@type": "EmailMessage",

"potentialAction": {

"@type": "ViewAction",

"target": "https://github.com/kamailio/kamailio/issues/2716#issuecomment-827746031",

"url": "https://github.com/kamailio/kamailio/issues/2716#issuecomment-827746031",

"name": "View Issue"

},

"description": "View this Issue on GitHub",

"publisher": {

"@type": "Organization",

"name": "GitHub",

"url": "https://github.com"

}

}

]</script>