From 8920cd89e4dfc8e0cf3289397cd13cf8678c12e1 Mon Sep 17 00:00:00 2001
From: Sean Parkinson <sean@wolfssl.com>
Date: Mon, 22 May 2017 09:09:31 +1000
Subject: [PATCH] Fixes from review

---
 examples/client/client.c | 24 +++++++++++++-----------
 src/ssl.c                |  1 +
 2 files changed, 14 insertions(+), 11 deletions(-)

diff --git a/examples/client/client.c b/examples/client/client.c
index f0750f7c4..8d5039236 100644
--- a/examples/client/client.c
+++ b/examples/client/client.c
@@ -628,10 +628,10 @@ static void Usage(void)
 #ifdef HAVE_ECC
     printf("-Y          Key Share with ECC named groups only\n");
 #endif
+#endif /* WOLFSSL_TLS13 */
 #ifdef HAVE_CURVE25519
     printf("-t          Use X25519 for key exchange\n");
 #endif
-#endif /* WOLFSSL_TLS13 */
 }
 
 THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
@@ -1458,6 +1458,18 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
             err_sys("DisableExtendedMasterSecret failed");
         }
 #endif
+#ifdef HAVE_CURVE25519
+    if (useX25519) {
+        if (wolfSSL_CTX_UseSupportedCurve(ctx, WOLFSSL_ECC_X25519)
+                                                               != SSL_SUCCESS) {
+            err_sys("unable to support X25519");
+        }
+        if (wolfSSL_CTX_UseSupportedCurve(ctx, WOLFSSL_ECC_SECP256R1)
+                                                               != SSL_SUCCESS) {
+            err_sys("unable to support secp256r1");
+        }
+    }
+#endif
 
     if (benchmark) {
         ((func_args*)args)->return_code =
@@ -1505,11 +1517,6 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
     wolfSSL_KeepArrays(ssl);
     #endif
 
-    #ifdef HAVE_CURVE25519
-    if (useX25519)
-        wolfSSL_UseSupportedCurve(ssl, WOLFSSL_ECC_X25519);
-    #endif
-
     #ifdef WOLFSSL_TLS13
     if (!helloRetry) {
         if (onlyKeyShare == 0 || onlyKeyShare == 2) {
@@ -1943,11 +1950,6 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
                                     (void*)"resumed session");
 #endif
 
-#ifdef HAVE_CURVE25519
-    if (useX25519)
-        wolfSSL_UseSupportedCurve(sslResume, WOLFSSL_ECC_X25519);
-#endif
-
     #ifdef WOLFSSL_TLS13
         if (useX25519) {
             if (wolfSSL_UseKeyShare(ssl, WOLFSSL_ECC_X25519) != SSL_SUCCESS) {
diff --git a/src/ssl.c b/src/ssl.c
index 97cf0a77b..1ad509f99 100755
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -1642,6 +1642,7 @@ int wolfSSL_CTX_UseSupportedCurve(WOLFSSL_CTX* ctx, word16 name)
         case WOLFSSL_ECC_BRAINPOOLP256R1:
         case WOLFSSL_ECC_BRAINPOOLP384R1:
         case WOLFSSL_ECC_BRAINPOOLP512R1:
+        case WOLFSSL_ECC_X25519:
             break;
 
 #ifdef WOLFSSL_TLS13