summaryrefslogtreecommitdiff
path: root/src/lib/libssl/ssl_lib.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libssl/ssl_lib.c')
-rw-r--r--src/lib/libssl/ssl_lib.c20
1 files changed, 9 insertions, 11 deletions
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
index 6b62713bca..bf94321eea 100644
--- a/src/lib/libssl/ssl_lib.c
+++ b/src/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_lib.c,v 1.78 2014/07/12 22:33:39 jsing Exp $ */ 1/* $OpenBSD: ssl_lib.c,v 1.79 2014/08/10 14:42:56 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -1367,10 +1367,9 @@ SSL_get_shared_ciphers(const SSL *s, char *buf, int len)
1367} 1367}
1368 1368
1369int 1369int
1370ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, unsigned char *p, 1370ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, unsigned char *p)
1371 int (*put_cb)(const SSL_CIPHER *, unsigned char *))
1372{ 1371{
1373 int i, j = 0; 1372 int i;
1374 SSL_CIPHER *c; 1373 SSL_CIPHER *c;
1375 unsigned char *q; 1374 unsigned char *q;
1376 1375
@@ -1380,13 +1379,14 @@ ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, unsigned char *p,
1380 1379
1381 for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) { 1380 for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
1382 c = sk_SSL_CIPHER_value(sk, i); 1381 c = sk_SSL_CIPHER_value(sk, i);
1382
1383 /* Skip TLS v1.2 only ciphersuites if lower than v1.2 */ 1383 /* Skip TLS v1.2 only ciphersuites if lower than v1.2 */
1384 if ((c->algorithm_ssl & SSL_TLSV1_2) && 1384 if ((c->algorithm_ssl & SSL_TLSV1_2) &&
1385 (TLS1_get_client_version(s) < TLS1_2_VERSION)) 1385 (TLS1_get_client_version(s) < TLS1_2_VERSION))
1386 continue; 1386 continue;
1387 j = put_cb ? put_cb(c, p) : ssl_put_cipher_by_char(s, c, p); 1387 p += ssl3_put_cipher_by_char(c, p);
1388 p += j;
1389 } 1388 }
1389
1390 /* 1390 /*
1391 * If p == q, no ciphers and caller indicates an error. Otherwise 1391 * If p == q, no ciphers and caller indicates an error. Otherwise
1392 * add SCSV if not renegotiating. 1392 * add SCSV if not renegotiating.
@@ -1395,9 +1395,7 @@ ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, unsigned char *p,
1395 static SSL_CIPHER scsv = { 1395 static SSL_CIPHER scsv = {
1396 0, NULL, SSL3_CK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0 1396 0, NULL, SSL3_CK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0
1397 }; 1397 };
1398 j = put_cb ? put_cb(&scsv, p) : 1398 p += ssl3_put_cipher_by_char(&scsv, p);
1399 ssl_put_cipher_by_char(s, &scsv, p);
1400 p += j;
1401 } 1399 }
1402 1400
1403 return (p - q); 1401 return (p - q);
@@ -1414,7 +1412,7 @@ ssl_bytes_to_cipher_list(SSL *s, unsigned char *p, int num,
1414 if (s->s3) 1412 if (s->s3)
1415 s->s3->send_connection_binding = 0; 1413 s->s3->send_connection_binding = 0;
1416 1414
1417 n = ssl_put_cipher_by_char(s, NULL, NULL); 1415 n = ssl3_put_cipher_by_char(NULL, NULL);
1418 if ((num % n) != 0) { 1416 if ((num % n) != 0) {
1419 SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, 1417 SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
1420 SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST); 1418 SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
@@ -1446,7 +1444,7 @@ ssl_bytes_to_cipher_list(SSL *s, unsigned char *p, int num,
1446 continue; 1444 continue;
1447 } 1445 }
1448 1446
1449 c = ssl_get_cipher_by_char(s, p); 1447 c = ssl3_get_cipher_by_char(p);
1450 p += n; 1448 p += n;
1451 if (c != NULL) { 1449 if (c != NULL) {
1452 if (!sk_SSL_CIPHER_push(sk, c)) { 1450 if (!sk_SSL_CIPHER_push(sk, c)) {
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 14:07:49 +0000