Provide a SSL_CIPHER_get_by_value() function that allows a cipher to be

retrieved via its cipher suite value. A corresponding SSL_CIPHER_by_value()
function returns the cipher suite value for a given SSL_CIPHER. These
functions should mean that software does not need to resort to
put_cipher_by_char()/get_cipher_by_char() in order to locate a cipher.

Begrudgingly also provide a SSL_CIPHER_get_by_id() function that locates a
cipher via the internal cipher identifier. Unfortunately these have already
been leaked outside the library via SSL_CIPHER_by_id() and the various
SSL3_CK_* and TLS1_CK_* defines in the ssl3.h/tls1.h headers.

ok beck@ miod@

1 files changed, 19 insertions, 1 deletions

diff --git a/src/lib/libssl/ssl_ciph.c b/src/lib/libssl/ssl_ciph.c
index ce82c2705c..96b4099d19 100644
--- a/src/lib/libssl/ssl_ciph.c
+++ b/src/lib/libssl/ssl_ciph.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_ciph.c,v 1.80 2015/01/26 13:06:39 jsing Exp $ */
+/* $OpenBSD: ssl_ciph.c,v 1.81 2015/02/07 04:17:11 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1525,6 +1525,18 @@ ssl_create_cipher_list(const SSL_METHOD *ssl_method,
         return (cipherstack);
 }
 
+const SSL_CIPHER *
+SSL_CIPHER_get_by_id(unsigned int id)
+{
+        return ssl3_get_cipher_by_id(id);
+}
+
+const SSL_CIPHER *
+SSL_CIPHER_get_by_value(uint16_t value)
+{
+        return ssl3_get_cipher_by_value(value);
+}
+
 char *
 SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
 {
@@ -1728,6 +1740,12 @@ SSL_CIPHER_get_id(const SSL_CIPHER *c)
         return c->id;
 }
 
+uint16_t
+SSL_CIPHER_get_value(const SSL_CIPHER *c)
+{
+        return ssl3_cipher_get_value(c);
+}
+
 void *
 SSL_COMP_get_compression_methods(void)
 {