Fixed SupportedGroupsExtension missing in FFDHE group scan (#251)

Author: mmaehren

TLS-Server-Scanner/src/main/java/de/rub/nds/tlsscanner/serverscanner/probe/NamedGroupsProbe.java

@@ -215,6 +215,11 @@ private Map<NamedGroup, NamedGroupWitness> getSupportedNamedCurvesEcdsa(List<Cip
     private TlsContext testGroups(List<NamedGroup> groupList, Config tlsConfig) {
         tlsConfig.setDefaultClientNamedGroups(groupList);
         configSelector.repairConfig(tlsConfig);
+        if (groupList.stream().anyMatch(NamedGroup::isDhGroup)) {
+            // usually, we do not want this extension if no ecc cipher suites
+            // are listed but it is required to test for listed FFDHE groups
+            tlsConfig.setAddEllipticCurveExtension(true);
+        }
         State state = new State(tlsConfig);
         executeState(state);
         if (WorkflowTraceUtil.didReceiveMessage(HandshakeMessageType.SERVER_HELLO, state.getWorkflowTrace())) {