From 311405c34d5a943f4b302c5ef13727a15e23d93f Mon Sep 17 00:00:00 2001
From: Tobias Brunner <tobias@strongswan.org>
Date: Thu, 11 Feb 2021 17:09:04 +0100
Subject: [PATCH] tls-crypto: Don't filter suites with specific ECDH group if
 any is available

Since DH groups (or with TLS < 1.3 curves) are negotiated separately,
it doesn't matter which one is listed in the cipher suite as any one could
be used.
---
 src/libtls/tls_crypto.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/libtls/tls_crypto.c b/src/libtls/tls_crypto.c
index 07d5ce714..d7faa4e25 100644
--- a/src/libtls/tls_crypto.c
+++ b/src/libtls/tls_crypto.c
@@ -837,8 +837,10 @@ static void filter_suite(suite_algs_t suites[], int *count, int offset,
 			}
 			if (current.dh && current.dh != suites[i].dh)
 			{
-				if (suites[i].dh != MODP_NONE)
-				{	/* skip DH group, does not match nor NONE */
+				if (suites[i].dh != MODP_NONE &&
+					!(diffie_hellman_group_is_ec(current.dh) &&
+					  diffie_hellman_group_is_ec(suites[i].dh)))
+				{	/* skip DH group, does not match nor NONE nor both ECDH */
 					continue;
 				}
 			}