diff options
| author | tb <> | 2022-06-29 08:38:01 +0000 |
|---|---|---|
| committer | tb <> | 2022-06-29 08:38:01 +0000 |
| commit | 8061d307c6ae52d10a70236d0f745ce9734e2620 (patch) | |
| tree | 72e352d78af28fb51c099f81737c6dfa40eea715 /src/lib | |
| parent | 804710bfbb52ebb3883f885be210fc3093198cc8 (diff) | |
| download | openbsd-8061d307c6ae52d10a70236d0f745ce9734e2620.tar.gz openbsd-8061d307c6ae52d10a70236d0f745ce9734e2620.tar.bz2 openbsd-8061d307c6ae52d10a70236d0f745ce9734e2620.zip | |
Check security level when convertin a cipher list to bytes
ok beck jsing
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/libssl/ssl_ciphers.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/src/lib/libssl/ssl_ciphers.c b/src/lib/libssl/ssl_ciphers.c index 3174ae9c26..99f23dff4b 100644 --- a/src/lib/libssl/ssl_ciphers.c +++ b/src/lib/libssl/ssl_ciphers.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_ciphers.c,v 1.13 2022/02/05 18:18:18 tb Exp $ */ | 1 | /* $OpenBSD: ssl_ciphers.c,v 1.14 2022/06/29 08:38:01 tb Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2015-2017 Doug Hogan <doug@openbsd.org> | 3 | * Copyright (c) 2015-2017 Doug Hogan <doug@openbsd.org> |
| 4 | * Copyright (c) 2015-2018, 2020 Joel Sing <jsing@openbsd.org> | 4 | * Copyright (c) 2015-2018, 2020 Joel Sing <jsing@openbsd.org> |
| @@ -70,6 +70,9 @@ ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *ciphers, CBB *cbb) | |||
| 70 | if (!ssl_cipher_allowed_in_tls_version_range(cipher, min_vers, | 70 | if (!ssl_cipher_allowed_in_tls_version_range(cipher, min_vers, |
| 71 | max_vers)) | 71 | max_vers)) |
| 72 | continue; | 72 | continue; |
| 73 | if (!ssl_security(s, SSL_SECOP_CIPHER_CHECK, | ||
| 74 | cipher->strength_bits, 0, cipher)) | ||
| 75 | continue; | ||
| 73 | if (!CBB_add_u16(cbb, ssl3_cipher_get_value(cipher))) | 76 | if (!CBB_add_u16(cbb, ssl3_cipher_get_value(cipher))) |
| 74 | return 0; | 77 | return 0; |
| 75 | 78 | ||