From be1d02917370f48d43c5e741fbb7b49e6aaa7484 Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Sat, 7 Feb 2015 04:17:11 +0000
Subject: Provide a SSL_CIPHER_get_by_value() function that allows a cipher to
 be retrieved via its cipher suite value. A corresponding
 SSL_CIPHER_by_value() function returns the cipher suite value for a given
 SSL_CIPHER. These functions should mean that software does not need to resort
 to put_cipher_by_char()/get_cipher_by_char() in order to locate a cipher.

Begrudgingly also provide a SSL_CIPHER_get_by_id() function that locates a
cipher via the internal cipher identifier. Unfortunately these have already
been leaked outside the library via SSL_CIPHER_by_id() and the various
SSL3_CK_* and TLS1_CK_* defines in the ssl3.h/tls1.h headers.

ok beck@ miod@
---
 src/lib/libssl/s3_lib.c | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

(limited to 'src/lib/libssl/s3_lib.c')

diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c
index c7731b3cf4..a1428907ac 100644
--- a/src/lib/libssl/s3_lib.c
+++ b/src/lib/libssl/s3_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_lib.c,v 1.92 2015/02/06 08:30:23 jsing Exp $ */
+/* $OpenBSD: s3_lib.c,v 1.93 2015/02/07 04:17:11 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1950,9 +1950,16 @@ ssl3_get_cipher_by_id(unsigned int id)
 	cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS);
 	if (cp != NULL && cp->valid == 1)
 		return (cp);
+
 	return (NULL);
 }
 
+const SSL_CIPHER *
+ssl3_get_cipher_by_value(uint16_t value)
+{
+	return ssl3_get_cipher_by_id(SSL3_CK_ID | value);
+}
+
 uint16_t
 ssl3_cipher_get_value(const SSL_CIPHER *c)
 {
-- 
cgit v1.2.3-55-g6feb