Provide a SSL_CIPHER_get_by_value() function that allows a cipher to be

retrieved via its cipher suite value. A corresponding SSL_CIPHER_by_value()
function returns the cipher suite value for a given SSL_CIPHER. These
functions should mean that software does not need to resort to
put_cipher_by_char()/get_cipher_by_char() in order to locate a cipher.

Begrudgingly also provide a SSL_CIPHER_get_by_id() function that locates a
cipher via the internal cipher identifier. Unfortunately these have already
been leaked outside the library via SSL_CIPHER_by_id() and the various
SSL3_CK_* and TLS1_CK_* defines in the ssl3.h/tls1.h headers.

ok beck@ miod@

1 files changed, 2 insertions, 1 deletions

diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index 94c0d4a83d..20656682bd 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.85 2015/02/06 08:30:23 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.86 2015/02/07 04:17:11 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -616,6 +616,7 @@ int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen);
 int ssl3_num_ciphers(void);
 const SSL_CIPHER *ssl3_get_cipher(unsigned int u);
 const SSL_CIPHER *ssl3_get_cipher_by_id(unsigned int id);
+const SSL_CIPHER *ssl3_get_cipher_by_value(uint16_t value);
 uint16_t ssl3_cipher_get_value(const SSL_CIPHER *c);
 int ssl3_renegotiate(SSL *ssl);