Add set_curves_list() to C/Rust APIs

cjpatton · cjpatton · commit 66ae999c33cd · 2026-05-06T10:19:28.000-07:00
diff --git a/quiche/include/quiche.h b/quiche/include/quiche.h
@@ -168,6 +168,9 @@ int quiche_config_load_verify_locations_from_file(quiche_config *config,
 int quiche_config_load_verify_locations_from_directory(quiche_config *config,
                                                        const char *path);
 
+// Configures the TLS curve preference list (colon-separated, e.g. "X25519MLKEM768:X25519:P-256:P-384").
+int quiche_config_set_curves_list(quiche_config *config, const char *curves);
+
 // Configures whether to verify the peer's certificate.
 void quiche_config_verify_peer(quiche_config *config, bool v);
 
diff --git a/quiche/src/ffi.rs b/quiche/src/ffi.rs
@@ -200,6 +200,19 @@ pub extern "C" fn quiche_config_load_verify_locations_from_directory(
     }
 }
 
+#[no_mangle]
+pub extern "C" fn quiche_config_set_curves_list(
+    config: &mut Config, curves: *const c_char,
+) -> c_int {
+    let curves = unsafe { ffi::CStr::from_ptr(curves).to_str().unwrap() };
+
+    match config.set_curves_list(curves) {
+        Ok(_) => 0,
+
+        Err(e) => e.to_c() as c_int,
+    }
+}
+
 #[no_mangle]
 pub extern "C" fn quiche_config_verify_peer(config: &mut Config, v: bool) {
     config.verify_peer(v);
diff --git a/quiche/src/lib.rs b/quiche/src/lib.rs
@@ -760,13 +760,13 @@ impl Config {
         self.tls_ctx.load_verify_locations_from_directory(dir)
     }
 
-    /// Configures the TLS curve preference list (colon-separated, e.g.
-    /// `"X25519:P-256:P-384"`). Corresponds to `SSL_CTX_set1_curves_list`.
+    /// Configures the TLS curve preference list.
     ///
-    /// Only used from [`test_utils`] helpers; gated on the same cfg so the
-    /// underlying FFI shim isn't pulled into production builds.
-    #[cfg(any(test, feature = "internal"))]
-    pub(crate) fn set_curves_list(&mut self, curves: &str) -> Result<()> {
+    /// `curves` is a colon-separated list of curve (a.k.a. group) names, in
+    /// order of preference, e.g. `"X25519MLKEM768:X25519:P-256:P-384"`.
+    /// Corresponds to `SSL_CTX_set1_curves_list` (a.k.a.
+    /// `SSL_CTX_set1_groups_list`).
+    pub fn set_curves_list(&mut self, curves: &str) -> Result<()> {
         self.tls_ctx.set_curves_list(curves)
     }
 
diff --git a/quiche/src/tls/boringssl.rs b/quiche/src/tls/boringssl.rs
@@ -312,8 +312,7 @@ extern "C" {
 
     // BoringSSL exports `SSL_CTX_set1_groups_list` as a real symbol; on
     // OpenSSL it is a header macro. See `openssl_quictls.rs` for the
-    // OpenSSL shim. Only used from test-utils helpers.
-    #[cfg(any(test, feature = "internal"))]
+    // OpenSSL shim.
     pub(super) fn SSL_CTX_set1_groups_list(
         ctx: *mut SSL_CTX, groups: *const c_char,
     ) -> c_int;
diff --git a/quiche/src/tls/mod.rs b/quiche/src/tls/mod.rs
@@ -328,9 +328,6 @@ impl Context {
         })
     }
 
-    // Only used from the test-utils `config_no_pq` helpers; see the
-    // matching cfg gate on `Config::set_curves_list` in `lib.rs`.
-    #[cfg(any(test, feature = "internal"))]
     pub fn set_curves_list(&mut self, curves: &str) -> Result<()> {
         // Note: BoringSSL exports `SSL_CTX_set1_groups_list` as a real
         // function; OpenSSL (and openssl-quictls) defines it as a macro

Original file line number	Diff line number	Diff line change
`@@ -328,9 +328,6 @@ impl Context {`
`328`	`328`	`})`
`329`	`329`	`}`
`330`	`330`
`331`		- // Only used from the test-utils `config_no_pq` helpers; see the
`332`		- // matching cfg gate on `Config::set_curves_list` in `lib.rs`.
`333`		`- #[cfg(any(test, feature = "internal"))]`
`334`	`331`	`pub fn set_curves_list(&mut self, curves: &str) -> Result<()> {`
`335`	`332`	// Note: BoringSSL exports `SSL_CTX_set1_groups_list` as a real
`336`	`333`	`// function; OpenSSL (and openssl-quictls) defines it as a macro`