Rename tls1_get_curvelist.

#  endif                        /* OPENSSL_NO_EC */

__owur int tls_curve_allowed(SSL *s, uint16_t curve, int op);

__owur  int tls1_get_curvelist(SSL *s, int sess, const uint16_t **pcurves,

void tls1_get_grouplist(SSL *s, int sess, const uint16_t **pcurves,

                        size_t *num_curves);

__owur int tls1_set_server_sigalgs(SSL *s);

            /* Check if a shared group exists */

            /* Get the clients list of supported groups. */

            if (!tls1_get_curvelist(s, 1, &clntcurves, &clnt_num_curves)) {

                *al = SSL_AD_INTERNAL_ERROR;

                SSLerr(SSL_F_FINAL_KEY_SHARE, ERR_R_INTERNAL_ERROR);

                return 0;

            }

            /* Get our list of available groups */

            if (!tls1_get_curvelist(s, 0, &pcurves, &num_curves)) {

                *al = SSL_AD_INTERNAL_ERROR;

                SSLerr(SSL_F_FINAL_KEY_SHARE, ERR_R_INTERNAL_ERROR);

                return 0;

            }

            tls1_get_grouplist(s, 1, &clntcurves, &clnt_num_curves);

            tls1_get_grouplist(s, 0, &pcurves, &num_curves);

            /* Find the first group we allow that is also in client's list */

            for (i = 0; i < num_curves; i++) {

     * Add TLS extension supported_groups to the ClientHello message

     */

    /* TODO(TLS1.3): Add support for DHE groups */

    if (!tls1_get_curvelist(s, 0, &pcurves, &num_curves)) {

        SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_SUPPORTED_GROUPS,

               ERR_R_INTERNAL_ERROR);

        return EXT_RETURN_FAIL;

    }

    tls1_get_grouplist(s, 0, &pcurves, &num_curves);

    if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_supported_groups)

               /* Sub-packet for supported_groups extension */

        return EXT_RETURN_FAIL;

    }

    if (!tls1_get_curvelist(s, 0, &pcurves, &num_curves)) {

        SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_KEY_SHARE, ERR_R_INTERNAL_ERROR);

        return EXT_RETURN_FAIL;

    }

    tls1_get_grouplist(s, 0, &pcurves, &num_curves);

    /*

     * TODO(TLS1.3): Make the number of key_shares sent configurable. For

        }

        /* Validate the selected group is one we support */

        if (!tls1_get_curvelist(s, 0, &pcurves, &num_curves)) {

            SSLerr(SSL_F_TLS_PARSE_STOC_KEY_SHARE, ERR_R_INTERNAL_ERROR);

            return 0;

        }

        tls1_get_grouplist(s, 0, &pcurves, &num_curves);

        for (i = 0; i < num_curves; i++) {

            if (group_id == pcurves[i])

                break;

    }

    /* Get our list of supported curves */

    if (!tls1_get_curvelist(s, 0, &srvrcurves, &srvr_num_curves)) {

        *al = SSL_AD_INTERNAL_ERROR;

        SSLerr(SSL_F_TLS_PARSE_CTOS_KEY_SHARE, ERR_R_INTERNAL_ERROR);

        return 0;

    }

    tls1_get_grouplist(s, 0, &srvrcurves, &srvr_num_curves);

    /* Get the clients list of supported curves. */

    if (!tls1_get_curvelist(s, 1, &clntcurves, &clnt_num_curves)) {

        *al = SSL_AD_INTERNAL_ERROR;

        SSLerr(SSL_F_TLS_PARSE_CTOS_KEY_SHARE, ERR_R_INTERNAL_ERROR);

        return 0;

    }

    tls1_get_grouplist(s, 1, &clntcurves, &clnt_num_curves);

    if (clnt_num_curves == 0) {

        /*

         * This can only happen if the supported_groups extension was not sent,

        return EXT_RETURN_NOT_SENT;

    /* Get our list of supported groups */

    if (!tls1_get_curvelist(s, 0, &groups, &numgroups) || numgroups == 0) {

    tls1_get_grouplist(s, 0, &groups, &numgroups);

    if (numgroups == 0) {

        SSLerr(SSL_F_TLS_CONSTRUCT_STOC_SUPPORTED_GROUPS, ERR_R_INTERNAL_ERROR);

        return EXT_RETURN_FAIL;

    }

 * The latter indicates an internal error: we should not be accepting such

 * lists in the first place.

 */

int tls1_get_curvelist(SSL *s, int sess, const uint16_t **pcurves,

                       size_t *num_curves)

void tls1_get_grouplist(SSL *s, int sess, const uint16_t **pcurves,

                        size_t *pcurveslen)

{

    size_t pcurveslen = 0;

    if (sess) {

        *pcurves = s->session->ext.supportedgroups;

        pcurveslen = s->session->ext.supportedgroups_len;

    } else {

        *pcurveslen = s->session->ext.supportedgroups_len;

        return;

    }

    /* For Suite B mode only include P-256, P-384 */

    switch (tls1_suiteb(s)) {

    case SSL_CERT_FLAG_SUITEB_128_LOS:

        *pcurves = suiteb_curves;

            pcurveslen = OSSL_NELEM(suiteb_curves);

        *pcurveslen = OSSL_NELEM(suiteb_curves);

        break;

    case SSL_CERT_FLAG_SUITEB_128_LOS_ONLY:

        *pcurves = suiteb_curves;

            pcurveslen = 1;

        *pcurveslen = 1;

        break;

    case SSL_CERT_FLAG_SUITEB_192_LOS:

        *pcurves = suiteb_curves + 1;

            pcurveslen = 1;

        *pcurveslen = 1;

        break;

    default:

        if (s->ext.supportedgroups == NULL) {

            *pcurves = eccurves_default;

            *pcurveslen = OSSL_NELEM(eccurves_default);

        } else {

            *pcurves = s->ext.supportedgroups;

            pcurveslen = s->ext.supportedgroups_len;

            *pcurveslen = s->ext.supportedgroups_len;

        }

        if (!*pcurves) {

            *pcurves = eccurves_default;

            pcurveslen = OSSL_NELEM(eccurves_default);

        break;

    }

}

    *num_curves = pcurveslen;

    return 1;

}

/* See if curve is allowed by security callback */

int tls_curve_allowed(SSL *s, uint16_t curve, int op)

{

        } else                  /* Should never happen */

            return 0;

    }

    if (!tls1_get_curvelist(s, 0, &curves, &num_curves))

        return 0;

    tls1_get_grouplist(s, 0, &curves, &num_curves);

    for (i = 0; i < num_curves; i++) {

        if (curve_id == curves[i])

            return tls_curve_allowed(s, curve_id, SSL_SECOP_CURVE_CHECK);

        nmatch = 0;

    }

    /*

     * Avoid truncation. tls1_get_curvelist takes an int

     * Avoid truncation. tls1_get_grouplist takes an int

     * but s->options is a long...

     */

    if (!tls1_get_curvelist(s,

    tls1_get_grouplist(s,

            (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) != 0,

            &supp, &num_supp))

        return 0;

    if (!tls1_get_curvelist(s,

            &supp, &num_supp);

    tls1_get_grouplist(s,

            (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) == 0,

            &pref, &num_pref))

        return 0;

            &pref, &num_pref);

    for (k = 0, i = 0; i < num_pref; i++) {

        uint16_t id = pref[i];

        return 0;

    /* Check group is one of our preferences */

    if (!tls1_get_curvelist(s, 0, &groups, &groups_len))

        return 0;

    tls1_get_grouplist(s, 0, &groups, &groups_len);

    for (i = 0; i < groups_len; i++) {

        if (groups[i] == group_id)

            break;

        return 1;

    /* Check group is one of peers preferences */

    if (!tls1_get_curvelist(s, 1, &groups, &groups_len))

        return 0;

    tls1_get_grouplist(s, 1, &groups, &groups_len);

    /*

     * RFC 4492 does not require the supported elliptic curves extension