summaryrefslogtreecommitdiff
path: root/src/lib/libssl/ssl_ciphers.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libssl/ssl_ciphers.c')
-rw-r--r--src/lib/libssl/ssl_ciphers.c20
1 files changed, 10 insertions, 10 deletions
diff --git a/src/lib/libssl/ssl_ciphers.c b/src/lib/libssl/ssl_ciphers.c
index 4ec1b099bc..503ef9d03c 100644
--- a/src/lib/libssl/ssl_ciphers.c
+++ b/src/lib/libssl/ssl_ciphers.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_ciphers.c,v 1.17 2022/11/26 16:08:55 tb Exp $ */ 1/* $OpenBSD: ssl_ciphers.c,v 1.18 2024/07/22 14:47:15 jsing Exp $ */
2/* 2/*
3 * Copyright (c) 2015-2017 Doug Hogan <doug@openbsd.org> 3 * Copyright (c) 2015-2017 Doug Hogan <doug@openbsd.org>
4 * Copyright (c) 2015-2018, 2020 Joel Sing <jsing@openbsd.org> 4 * Copyright (c) 2015-2018, 2020 Joel Sing <jsing@openbsd.org>
@@ -28,7 +28,7 @@ ssl_cipher_in_list(STACK_OF(SSL_CIPHER) *ciphers, const SSL_CIPHER *cipher)
28 int i; 28 int i;
29 29
30 for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) { 30 for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
31 if (sk_SSL_CIPHER_value(ciphers, i)->id == cipher->id) 31 if (sk_SSL_CIPHER_value(ciphers, i)->value == cipher->value)
32 return 1; 32 return 1;
33 } 33 }
34 34
@@ -72,7 +72,7 @@ ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *ciphers, CBB *cbb)
72 continue; 72 continue;
73 if (!ssl_security_cipher_check(s, cipher)) 73 if (!ssl_security_cipher_check(s, cipher))
74 continue; 74 continue;
75 if (!CBB_add_u16(cbb, ssl3_cipher_get_value(cipher))) 75 if (!CBB_add_u16(cbb, cipher->value))
76 return 0; 76 return 0;
77 77
78 num_ciphers++; 78 num_ciphers++;
@@ -165,34 +165,34 @@ ssl_bytes_to_cipher_list(SSL *s, CBS *cbs)
165struct ssl_tls13_ciphersuite { 165struct ssl_tls13_ciphersuite {
166 const char *name; 166 const char *name;
167 const char *alias; 167 const char *alias;
168 unsigned long cid; 168 uint16_t value;
169}; 169};
170 170
171static const struct ssl_tls13_ciphersuite ssl_tls13_ciphersuites[] = { 171static const struct ssl_tls13_ciphersuite ssl_tls13_ciphersuites[] = {
172 { 172 {
173 .name = TLS1_3_RFC_AES_128_GCM_SHA256, 173 .name = TLS1_3_RFC_AES_128_GCM_SHA256,
174 .alias = TLS1_3_TXT_AES_128_GCM_SHA256, 174 .alias = TLS1_3_TXT_AES_128_GCM_SHA256,
175 .cid = TLS1_3_CK_AES_128_GCM_SHA256, 175 .value = 0x1301,
176 }, 176 },
177 { 177 {
178 .name = TLS1_3_RFC_AES_256_GCM_SHA384, 178 .name = TLS1_3_RFC_AES_256_GCM_SHA384,
179 .alias = TLS1_3_TXT_AES_256_GCM_SHA384, 179 .alias = TLS1_3_TXT_AES_256_GCM_SHA384,
180 .cid = TLS1_3_CK_AES_256_GCM_SHA384, 180 .value = 0x1302,
181 }, 181 },
182 { 182 {
183 .name = TLS1_3_RFC_CHACHA20_POLY1305_SHA256, 183 .name = TLS1_3_RFC_CHACHA20_POLY1305_SHA256,
184 .alias = TLS1_3_TXT_CHACHA20_POLY1305_SHA256, 184 .alias = TLS1_3_TXT_CHACHA20_POLY1305_SHA256,
185 .cid = TLS1_3_CK_CHACHA20_POLY1305_SHA256, 185 .value = 0x1303,
186 }, 186 },
187 { 187 {
188 .name = TLS1_3_RFC_AES_128_CCM_SHA256, 188 .name = TLS1_3_RFC_AES_128_CCM_SHA256,
189 .alias = TLS1_3_TXT_AES_128_CCM_SHA256, 189 .alias = TLS1_3_TXT_AES_128_CCM_SHA256,
190 .cid = TLS1_3_CK_AES_128_CCM_SHA256, 190 .value = 0x1304,
191 }, 191 },
192 { 192 {
193 .name = TLS1_3_RFC_AES_128_CCM_8_SHA256, 193 .name = TLS1_3_RFC_AES_128_CCM_8_SHA256,
194 .alias = TLS1_3_TXT_AES_128_CCM_8_SHA256, 194 .alias = TLS1_3_TXT_AES_128_CCM_8_SHA256,
195 .cid = TLS1_3_CK_AES_128_CCM_8_SHA256, 195 .value = 0x1305,
196 }, 196 },
197 { 197 {
198 .name = NULL, 198 .name = NULL,
@@ -234,7 +234,7 @@ ssl_parse_ciphersuites(STACK_OF(SSL_CIPHER) **out_ciphers, const char *str)
234 goto err; 234 goto err;
235 235
236 /* We know about the cipher suite, but it is not supported. */ 236 /* We know about the cipher suite, but it is not supported. */
237 if ((cipher = ssl3_get_cipher_by_id(ciphersuite->cid)) == NULL) 237 if ((cipher = ssl3_get_cipher_by_value(ciphersuite->value)) == NULL)
238 continue; 238 continue;
239 239
240 if (!sk_SSL_CIPHER_push(ciphers, cipher)) 240 if (!sk_SSL_CIPHER_push(ciphers, cipher))
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-11-26 05:40:07 +0000