From aaafcc65a8b1deda1feab495b687eeec194f78bb Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Fri, 11 Sep 2020 15:28:08 +0000
Subject: Rename ssl_cipher_is_permitted()

The name ssl_cipher_is_permitted() is not entirely specific - what it
really means is "can this cipher be used with a given version range".
Use ssl_cipher_allowed_in_version_range() to more clearly indicate this.

Bikeshedded with tb@

ok tb@
---
 src/lib/libssl/ssl_ciphers.c | 9 ++++-----
 src/lib/libssl/ssl_lib.c     | 5 +++--
 src/lib/libssl/ssl_locl.h    | 6 +++---
 3 files changed, 10 insertions(+), 10 deletions(-)

(limited to 'src/lib')

diff --git a/src/lib/libssl/ssl_ciphers.c b/src/lib/libssl/ssl_ciphers.c
index 3a1fb14d5c..d13ce7a9c5 100644
--- a/src/lib/libssl/ssl_ciphers.c
+++ b/src/lib/libssl/ssl_ciphers.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ssl_ciphers.c,v 1.4 2020/05/31 18:03:32 jsing Exp $ */
+/*	$OpenBSD: ssl_ciphers.c,v 1.5 2020/09/11 15:28:07 jsing Exp $ */
 /*
  * Copyright (c) 2015-2017 Doug Hogan <doug@openbsd.org>
  * Copyright (c) 2015-2018 Joel Sing <jsing@openbsd.org>
@@ -23,7 +23,7 @@
 #include "ssl_locl.h"
 
 int
-ssl_cipher_is_permitted(const SSL_CIPHER *cipher, uint16_t min_ver,
+ssl_cipher_allowed_in_version_range(const SSL_CIPHER *cipher, uint16_t min_ver,
     uint16_t max_ver)
 {
 	/* XXX: We only support DTLSv1 which is effectively TLSv1.1 */
@@ -65,10 +65,9 @@ ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *ciphers, CBB *cbb)
 	for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
 		if ((cipher = sk_SSL_CIPHER_value(ciphers, i)) == NULL)
 			return 0;
-
-		if (!ssl_cipher_is_permitted(cipher, min_vers, max_vers))
+		if (!ssl_cipher_allowed_in_version_range(cipher, min_vers,
+		    max_vers))
 			continue;
-
 		if (!CBB_add_u16(cbb, ssl3_cipher_get_value(cipher)))
 			return 0;
 
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
index 6f8a14bca4..2879b198d5 100644
--- a/src/lib/libssl/ssl_lib.c
+++ b/src/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_lib.c,v 1.222 2020/09/11 13:20:32 jsing Exp $ */
+/* $OpenBSD: ssl_lib.c,v 1.223 2020/09/11 15:28:08 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1298,7 +1298,8 @@ SSL_get1_supported_ciphers(SSL *s)
 	for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
 		if ((cipher = sk_SSL_CIPHER_value(ciphers, i)) == NULL)
 			goto err;
-		if (!ssl_cipher_is_permitted(cipher, min_vers, max_vers))
+		if (!ssl_cipher_allowed_in_version_range(cipher, min_vers,
+		    max_vers))
 			continue;
 		if (!sk_SSL_CIPHER_push(supported_ciphers, cipher))
 			goto err;
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index bd210cdce5..bfd0ea6733 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.288 2020/09/01 12:40:53 tb Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.289 2020/09/11 15:28:08 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1127,8 +1127,8 @@ int ssl_version_set_min(const SSL_METHOD *meth, uint16_t ver, uint16_t max_ver,
 int ssl_version_set_max(const SSL_METHOD *meth, uint16_t ver, uint16_t min_ver,
     uint16_t *out_ver);
 int ssl_downgrade_max_version(SSL *s, uint16_t *max_ver);
-int ssl_cipher_is_permitted(const SSL_CIPHER *cipher, uint16_t min_ver,
-    uint16_t max_ver);
+int ssl_cipher_allowed_in_version_range(const SSL_CIPHER *cipher,
+    uint16_t min_ver, uint16_t max_ver);
 
 const SSL_METHOD *tls_legacy_method(void);
 const SSL_METHOD *tls_legacy_client_method(void);
-- 
cgit v1.2.3-55-g6feb