Remove cipher_list_by_id. - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	jsing <>	2020-09-11 17:36:27 +0000
committer	jsing <>	2020-09-11 17:36:27 +0000
commit	188f2a73ec9cc4314b9998227079cccb89e8677a (patch)
tree	62dedc456145da98fc6ed3e6c1be5685fe0e1232 /src/lib/libcrypto/x509/x509_constraints.c
parent	044cfc226bee4d04817ab4f4d3a6b1d0ab4db4ed (diff)
download	openbsd-188f2a73ec9cc4314b9998227079cccb89e8677a.tar.gz openbsd-188f2a73ec9cc4314b9998227079cccb89e8677a.tar.bz2 openbsd-188f2a73ec9cc4314b9998227079cccb89e8677a.zip

Remove cipher_list_by_id.

When parsing a cipher string, a cipher list is created, before being duplicated and sorted - the second copy being stored as cipher_list_by_id. This is done only so that a client can ensure that the cipher selected by a server is in the cipher list. This is pretty pointless given that most clients are short-lived and that we already had to iterate over the cipher list in order to build the client hello. Additionally, any update to the cipher list requires that cipher_list_by_id also be updated and kept in sync. Remove all of this and replace it with a simple linear scan - the overhead of duplicating and sorting the cipher list likely exceeds that of a simple linear scan over the cipher list (64 maximum, more typically ~9 or so). ok beck@ tb@

Diffstat (limited to 'src/lib/libcrypto/x509/x509_constraints.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: