summaryrefslogtreecommitdiff
path: root/src/lib/libssl/ssl_srvr.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libssl/ssl_srvr.c')
-rw-r--r--src/lib/libssl/ssl_srvr.c15
1 files changed, 6 insertions, 9 deletions
diff --git a/src/lib/libssl/ssl_srvr.c b/src/lib/libssl/ssl_srvr.c
index be6bd7402c..302b6bdf0f 100644
--- a/src/lib/libssl/ssl_srvr.c
+++ b/src/lib/libssl/ssl_srvr.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_srvr.c,v 1.164 2024/07/20 04:04:23 jsing Exp $ */ 1/* $OpenBSD: ssl_srvr.c,v 1.165 2024/07/22 14:47:15 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -651,7 +651,7 @@ ssl3_accept(SSL *s)
651 goto end; 651 goto end;
652 s->s3->hs.state = SSL3_ST_SW_FINISHED_A; 652 s->s3->hs.state = SSL3_ST_SW_FINISHED_A;
653 s->init_num = 0; 653 s->init_num = 0;
654 s->session->cipher_id = s->s3->hs.cipher->id; 654 s->session->cipher_value = s->s3->hs.cipher->value;
655 655
656 if (!tls1_setup_key_block(s)) { 656 if (!tls1_setup_key_block(s)) {
657 ret = -1; 657 ret = -1;
@@ -781,7 +781,6 @@ ssl3_get_client_hello(SSL *s)
781 uint8_t comp_method; 781 uint8_t comp_method;
782 int comp_null; 782 int comp_null;
783 int i, j, al, ret, cookie_valid = 0; 783 int i, j, al, ret, cookie_valid = 0;
784 unsigned long id;
785 SSL_CIPHER *c; 784 SSL_CIPHER *c;
786 STACK_OF(SSL_CIPHER) *ciphers = NULL; 785 STACK_OF(SSL_CIPHER) *ciphers = NULL;
787 const SSL_METHOD *method; 786 const SSL_METHOD *method;
@@ -978,11 +977,10 @@ ssl3_get_client_hello(SSL *s)
978 /* XXX - CBS_len(&cipher_suites) will always be zero here... */ 977 /* XXX - CBS_len(&cipher_suites) will always be zero here... */
979 if (s->hit && CBS_len(&cipher_suites) > 0) { 978 if (s->hit && CBS_len(&cipher_suites) > 0) {
980 j = 0; 979 j = 0;
981 id = s->session->cipher_id;
982 980
983 for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) { 981 for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
984 c = sk_SSL_CIPHER_value(ciphers, i); 982 c = sk_SSL_CIPHER_value(ciphers, i);
985 if (c->id == id) { 983 if (c->value == s->session->cipher_value) {
986 j = 1; 984 j = 1;
987 break; 985 break;
988 } 986 }
@@ -1127,9 +1125,9 @@ ssl3_get_client_hello(SSL *s)
1127 goto fatal_err; 1125 goto fatal_err;
1128 } 1126 }
1129 s->s3->hs.cipher = c; 1127 s->s3->hs.cipher = c;
1130 s->session->cipher_id = s->s3->hs.cipher->id; 1128 s->session->cipher_value = s->s3->hs.cipher->value;
1131 } else { 1129 } else {
1132 s->s3->hs.cipher = ssl3_get_cipher_by_id(s->session->cipher_id); 1130 s->s3->hs.cipher = ssl3_get_cipher_by_value(s->session->cipher_value);
1133 if (s->s3->hs.cipher == NULL) 1131 if (s->s3->hs.cipher == NULL)
1134 goto fatal_err; 1132 goto fatal_err;
1135 } 1133 }
@@ -1269,8 +1267,7 @@ ssl3_send_server_hello(SSL *s)
1269 goto err; 1267 goto err;
1270 1268
1271 /* Cipher suite. */ 1269 /* Cipher suite. */
1272 if (!CBB_add_u16(&server_hello, 1270 if (!CBB_add_u16(&server_hello, s->s3->hs.cipher->value))
1273 ssl3_cipher_get_value(s->s3->hs.cipher)))
1274 goto err; 1271 goto err;
1275 1272
1276 /* Compression method (null). */ 1273 /* Compression method (null). */
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-11-26 06:36:26 +0000