From fc3ae41e6c3f587c173aca34af47208c06c01668 Mon Sep 17 00:00:00 2001 From: jsing <> Date: Sun, 25 May 2014 13:27:38 +0000 Subject: The ssl_ciper_get_evp() function is currently overloaded to also return the compression associated with the SSL session. Based on one of Adam Langley's chromium diffs, factor out the compression handling code into a separate ssl_cipher_get_comp() function. Rewrite the compression handling code to avoid pointless duplication and so that failures are actually returned to and detectable by the caller. ok miod@ --- src/lib/libssl/t1_enc.c | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) (limited to 'src/lib/libssl/t1_enc.c') diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c index 2599122078..5f17a4a94a 100644 --- a/src/lib/libssl/t1_enc.c +++ b/src/lib/libssl/t1_enc.c @@ -532,12 +532,19 @@ tls1_setup_key_block(SSL *s) int mac_type = NID_undef, mac_secret_size = 0; int ret = 0; - if (s->s3->tmp.key_block_length != 0) return (1); - if (!ssl_cipher_get_evp(s->session, &c, &hash, &mac_type, &mac_secret_size, &comp)) { - SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK, SSL_R_CIPHER_OR_HASH_UNAVAILABLE); + if (!ssl_cipher_get_comp(s->session, &comp)) { + SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK, + SSL_R_CIPHER_COMPRESSION_UNAVAILABLE); + return (0); + } + + if (!ssl_cipher_get_evp(s->session, &c, &hash, &mac_type, + &mac_secret_size)) { + SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK, + SSL_R_CIPHER_OR_HASH_UNAVAILABLE); return (0); } -- cgit v1.2.3-55-g6feb