diff options
| author | jsing <> | 2024-07-20 04:04:23 +0000 |
|---|---|---|
| committer | jsing <> | 2024-07-20 04:04:23 +0000 |
| commit | 026ea65c83ed46dcfd89ada1f6250daa4fcc01b3 (patch) | |
| tree | b04719de2f91b0f8d7c9c7acb93cef76a89b9948 /src/lib/libssl/ssl_ciphers.c | |
| parent | bea193397b98da148fada221ab7ddef17f6749cf (diff) | |
| download | openbsd-026ea65c83ed46dcfd89ada1f6250daa4fcc01b3.tar.gz openbsd-026ea65c83ed46dcfd89ada1f6250daa4fcc01b3.tar.bz2 openbsd-026ea65c83ed46dcfd89ada1f6250daa4fcc01b3.zip | |
Remove cipher from SSL_SESSION.
For a long time SSL_SESSION has had both a cipher ID and a pointer to
an SSL_CIPHER (and not both are guaranteed to be populated). There is also
a pointer to an SSL_CIPHER in the SSL_HANDSHAKE that denotes the cipher
being used for this connection. Some code has been using the cipher from
SSL_SESSION and some code has been using the cipher from SSL_HANDSHAKE.
Remove cipher from SSL_SESSION and use the version in SSL_HANDSHAKE
everywhere. If resuming from a session then we need to use the SSL_SESSION
cipher ID to set the SSL_HANDSHAKE cipher. And we still need to ensure that
we update the cipher ID in the SSL_SESSION whenever the SSL_HANDSHAKE
cipher changes (this only occurs in a few places).
ok tb@
Diffstat (limited to 'src/lib/libssl/ssl_ciphers.c')
0 files changed, 0 insertions, 0 deletions