File tls13.patch of Package sblim-sfcb.23461

Index: sblim-sfcb-1.4.9/control.c
===================================================================
--- sblim-sfcb-1.4.9.orig/control.c
+++ sblim-sfcb-1.4.9/control.c
@@ -174,7 +174,7 @@ static Control init[] = {
   {"sslCertList", CTL_STRING, SFCB_CONFDIR "/clist.pem", {0}},
   {"sslCiphers", CTL_STRING, "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH", {0}},
   {"sslDhParamsFilePath", CTL_STRING, NULL, {0}},
-  {"sslEcDhCurveName", CTL_STRING, "secp224r1", {0}},
+  {"sslEcDhCurveName", CTL_STRING, NULL, {0}},
   {"sslNoSSLv3", CTL_BOOL, NULL, {.b=0}},
   {"sslNoTLSv1", CTL_BOOL, NULL, {.b=0}},
   {"sslNoTLSv1_1", CTL_BOOL, NULL, {.b=0}},
Index: sblim-sfcb-1.4.9/sfcb.cfg.pre.in
===================================================================
--- sblim-sfcb-1.4.9.orig/sfcb.cfg.pre.in
+++ sblim-sfcb-1.4.9/sfcb.cfg.pre.in
@@ -315,8 +315,8 @@ sslCiphers: ALL:!ADH:!LOW:!EXP:!MD5:@STR
 ## environment. If this value is not set, the indicated default is in effect.
 ## If the value is set but the curve name is not recognized by the underlying
 ## openssl implementation, SFCB will abort.
-## Default is secp224r1
-#sslEcDhCurveName: secp224r1
+## Default is empty allowing OpenSSL to select one
+#sslEcDhCurveName:
 
 ## When set to true, sets the SSL_OP_CIPHER_SERVER_PREFERENCE flag for the ssl
 ## context, to enforce server's preference instead of the client preference for