MINOR: quic: Prefer x25519 as ECDH preferred parametes.

This make at least our listeners answer to ngtcp2 clients without
HelloRetryRequest message. It seems the server choses the first
group in the group list ordered by preference and set by
SSL_CTX_set1_curves_list() which match the client ones.

diff --git a/src/xprt_quic.c b/src/xprt_quic.c
index a3013fd..783772a 100644 (file)
--- a/src/xprt_quic.c
+++ b/src/xprt_quic.c
@@ -942,7 +942,7 @@ int ssl_quic_initial_ctx(struct bind_conf *bind_conf)
                "TLS_CHACHA20_POLY1305_SHA256:"
                "TLS_AES_128_CCM_SHA256";
 #endif
-       const char *groups = "P-256:X25519:P-384:P-521";
+       const char *groups = "X25519:P-256:P-384:P-521";
        long options =
                (SSL_OP_ALL & ~SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS) |
                SSL_OP_SINGLE_ECDH_USE |