Remove cipher_list_by_id. - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	jsing <>	2020-09-11 17:36:27 +0000
committer	jsing <>	2020-09-11 17:36:27 +0000
commit	cb4349853bf54ac34c4b6615aa3102e8d10f685f (patch)
tree	62dedc456145da98fc6ed3e6c1be5685fe0e1232 /src/lib/libcrypto/x509/x509_constraints.c
parent	dfc417be745c8cfafd2e0e87e673ba1cf787d44e (diff)
download	openbsd-cb4349853bf54ac34c4b6615aa3102e8d10f685f.tar.gz openbsd-cb4349853bf54ac34c4b6615aa3102e8d10f685f.tar.bz2 openbsd-cb4349853bf54ac34c4b6615aa3102e8d10f685f.zip

Remove cipher_list_by_id.

When parsing a cipher string, a cipher list is created, before being duplicated and sorted - the second copy being stored as cipher_list_by_id. This is done only so that a client can ensure that the cipher selected by a server is in the cipher list. This is pretty pointless given that most clients are short-lived and that we already had to iterate over the cipher list in order to build the client hello. Additionally, any update to the cipher list requires that cipher_list_by_id also be updated and kept in sync. Remove all of this and replace it with a simple linear scan - the overhead of duplicating and sorting the cipher list likely exceeds that of a simple linear scan over the cipher list (64 maximum, more typically ~9 or so). ok beck@ tb@

Diffstat (limited to 'src/lib/libcrypto/x509/x509_constraints.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: