diff options
| author | tb <> | 2022-07-02 16:31:04 +0000 |
|---|---|---|
| committer | tb <> | 2022-07-02 16:31:04 +0000 |
| commit | 274f622e186b69a67b9ccd2ebb48918c3a67ad64 (patch) | |
| tree | bc3bde853323758696c370e558e602d43422a86d /src/lib/libssl/s3_lib.c | |
| parent | ef99055644809bf9803db0f1022b2a923a0e3236 (diff) | |
| download | openbsd-274f622e186b69a67b9ccd2ebb48918c3a67ad64.tar.gz openbsd-274f622e186b69a67b9ccd2ebb48918c3a67ad64.tar.bz2 openbsd-274f622e186b69a67b9ccd2ebb48918c3a67ad64.zip | |
Stop using ssl{_ctx,}_security() outside of ssl_seclevel.c
The API is ugly and we can easily abstract it away. The SSL_SECOP_* stuff
is now confined into ssl_seclevel.c and the rest of the library can make
use of the more straightforward wrappers, which makes it a lot easier on
the eyes.
ok beck jsing
Diffstat (limited to 'src/lib/libssl/s3_lib.c')
| -rw-r--r-- | src/lib/libssl/s3_lib.c | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c index cfd50e66be..b6a2c26938 100644 --- a/src/lib/libssl/s3_lib.c +++ b/src/lib/libssl/s3_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_lib.c,v 1.234 2022/07/02 16:00:12 tb Exp $ */ | 1 | /* $OpenBSD: s3_lib.c,v 1.235 2022/07/02 16:31:04 tb Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -2535,8 +2535,7 @@ ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt, | |||
| 2535 | !(c->algorithm_ssl & SSL_TLSV1_3)) | 2535 | !(c->algorithm_ssl & SSL_TLSV1_3)) |
| 2536 | continue; | 2536 | continue; |
| 2537 | 2537 | ||
| 2538 | if (!ssl_security(s, SSL_SECOP_CIPHER_SHARED, c->strength_bits, | 2538 | if (!ssl_security_shared_cipher(s, c)) |
| 2539 | 0, c)) | ||
| 2540 | continue; | 2539 | continue; |
| 2541 | 2540 | ||
| 2542 | ssl_set_cert_masks(cert, c); | 2541 | ssl_set_cert_masks(cert, c); |