From f7fed9455632a5807e76bd3a28879f5a87857c53 Mon Sep 17 00:00:00 2001 From: tb <> Date: Sat, 2 Jul 2022 16:00:12 +0000 Subject: Rename uses 'curve' to 'group' and rework tls1 group API. This reworks various tls1_ curve APIs to indicate success via a boolean return value and move the output to an out parameter. This makes the caller code easier and more consistent. Based on a suggestion by jsing ok jsing --- src/lib/libssl/ssl_seclevel.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) (limited to 'src/lib/libssl/ssl_seclevel.c') diff --git a/src/lib/libssl/ssl_seclevel.c b/src/lib/libssl/ssl_seclevel.c index 35f8b8891b..2e0b74141f 100644 --- a/src/lib/libssl/ssl_seclevel.c +++ b/src/lib/libssl/ssl_seclevel.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_seclevel.c,v 1.14 2022/06/30 16:05:07 tb Exp $ */ +/* $OpenBSD: ssl_seclevel.c,v 1.15 2022/07/02 16:00:12 tb Exp $ */ /* * Copyright (c) 2020 Theo Buehler * @@ -401,23 +401,23 @@ ssl_security_cert_chain(const SSL *ssl, STACK_OF(X509) *sk, X509 *x509, } int -ssl_security_supported_group(const SSL *ssl, uint16_t curve_id) +ssl_security_supported_group(const SSL *ssl, uint16_t group_id) { CBB cbb; int bits, nid; - uint8_t curve[2]; + uint8_t group[2]; - if ((bits = tls1_ec_curve_id2bits(curve_id)) == 0) + if (!tls1_ec_group_id2bits(group_id, &bits)) return 0; - if ((nid = tls1_ec_curve_id2nid(curve_id)) == NID_undef) + if (!tls1_ec_group_id2nid(group_id, &nid)) return 0; - if (!CBB_init_fixed(&cbb, curve, sizeof(curve))) + if (!CBB_init_fixed(&cbb, group, sizeof(group))) return 0; - if (!CBB_add_u16(&cbb, curve_id)) + if (!CBB_add_u16(&cbb, group_id)) return 0; if (!CBB_finish(&cbb, NULL, NULL)) return 0; - return ssl_security(ssl, SSL_SECOP_CURVE_SUPPORTED, bits, nid, curve); + return ssl_security(ssl, SSL_SECOP_CURVE_SUPPORTED, bits, nid, group); } -- cgit v1.2.3-55-g6feb