From 383f471bf4ecca93108b289a12c2727be17c4d81 Mon Sep 17 00:00:00 2001
From: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
Date: Mon, 12 Dec 2022 14:48:57 +0100
Subject: [PATCH] Add the DHE groups to the default list of supported groups

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
---
 library/ssl_tls.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index c928ccda81..1d44ccf489 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -4948,6 +4948,13 @@ static uint16_t ssl_preset_default_groups[] = {
 #endif
 #if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
     MBEDTLS_SSL_IANA_TLS_GROUP_BP512R1,
+#endif
+#if defined(MBEDTLS_DHM_C)
+    MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE2048,
+    MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE3072,
+    MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE4096,
+    MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE6144,
+    MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE8192,
 #endif
     MBEDTLS_SSL_IANA_TLS_GROUP_NONE
 };