diff options
-rw-r--r-- | networking/tls.c | 7 |
1 files changed, 3 insertions, 4 deletions
diff --git a/networking/tls.c b/networking/tls.c index 6c87e12ff..750a152e8 100644 --- a/networking/tls.c +++ b/networking/tls.c | |||
@@ -1629,7 +1629,6 @@ static void get_server_hello(tls_state_t *tls) | |||
1629 | struct server_hello *hp; | 1629 | struct server_hello *hp; |
1630 | uint8_t *cipherid; | 1630 | uint8_t *cipherid; |
1631 | uint8_t cipherid1; | 1631 | uint8_t cipherid1; |
1632 | unsigned cipher; | ||
1633 | int len, len24; | 1632 | int len, len24; |
1634 | 1633 | ||
1635 | len = tls_xread_handshake_block(tls, 74 - 32); | 1634 | len = tls_xread_handshake_block(tls, 74 - 32); |
@@ -1696,8 +1695,7 @@ static void get_server_hello(tls_state_t *tls) | |||
1696 | 0x00,0x3B, // TLS_RSA_WITH_NULL_SHA256 | 1695 | 0x00,0x3B, // TLS_RSA_WITH_NULL_SHA256 |
1697 | #endif | 1696 | #endif |
1698 | cipherid1 = cipherid[1]; | 1697 | cipherid1 = cipherid[1]; |
1699 | tls->cipher_id = cipher = 0x100 * cipherid[0] + cipherid1; | 1698 | tls->cipher_id = 0x100 * cipherid[0] + cipherid1; |
1700 | dbg("server chose cipher %04x\n", cipher); | ||
1701 | tls->key_size = AES256_KEYSIZE; | 1699 | tls->key_size = AES256_KEYSIZE; |
1702 | tls->MAC_size = SHA256_OUTSIZE; | 1700 | tls->MAC_size = SHA256_OUTSIZE; |
1703 | /*tls->IV_size = 0; - already is */ | 1701 | /*tls->IV_size = 0; - already is */ |
@@ -1728,13 +1726,14 @@ static void get_server_hello(tls_state_t *tls) | |||
1728 | if (cipherid1 <= 0x35) { | 1726 | if (cipherid1 <= 0x35) { |
1729 | tls->MAC_size = SHA1_OUTSIZE; | 1727 | tls->MAC_size = SHA1_OUTSIZE; |
1730 | } else | 1728 | } else |
1731 | if (cipherid1 == 0x9C || cipherid1 == 0x9D) { | 1729 | if (cipherid1 == 0x9C /*|| cipherid1 == 0x9D*/) { |
1732 | /* 009C,9D are AES-GCM */ | 1730 | /* 009C,9D are AES-GCM */ |
1733 | tls->flags |= ENCRYPTION_AESGCM; | 1731 | tls->flags |= ENCRYPTION_AESGCM; |
1734 | tls->MAC_size = 0; | 1732 | tls->MAC_size = 0; |
1735 | tls->IV_size = 4; | 1733 | tls->IV_size = 4; |
1736 | } | 1734 | } |
1737 | } | 1735 | } |
1736 | dbg("server chose cipher %04x\n", tls->cipher_id); | ||
1738 | dbg("key_size:%u MAC_size:%u IV_size:%u\n", tls->key_size, tls->MAC_size, tls->IV_size); | 1737 | dbg("key_size:%u MAC_size:%u IV_size:%u\n", tls->key_size, tls->MAC_size, tls->IV_size); |
1739 | 1738 | ||
1740 | /* Handshake hash eventually destined to FINISHED record | 1739 | /* Handshake hash eventually destined to FINISHED record |