Provide a SSL_CIPHER_get_by_value() function that allows a cipher to be

retrieved via its cipher suite value. A corresponding SSL_CIPHER_by_value()
function returns the cipher suite value for a given SSL_CIPHER. These
functions should mean that software does not need to resort to
put_cipher_by_char()/get_cipher_by_char() in order to locate a cipher.

Begrudgingly also provide a SSL_CIPHER_get_by_id() function that locates a
cipher via the internal cipher identifier. Unfortunately these have already
been leaked outside the library via SSL_CIPHER_by_id() and the various
SSL3_CK_* and TLS1_CK_* defines in the ssl3.h/tls1.h headers.

ok beck@ miod@

1 files changed, 8 insertions, 1 deletions

diff --git a/lib/libssl/s3_lib.c b/lib/libssl/s3_lib.c
index c7731b3cf46..a1428907ac9 100644
--- a/lib/libssl/s3_lib.c
+++ b/lib/libssl/s3_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_lib.c,v 1.92 2015/02/06 08:30:23 jsing Exp $ */
+/* $OpenBSD: s3_lib.c,v 1.93 2015/02/07 04:17:11 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1950,9 +1950,16 @@ ssl3_get_cipher_by_id(unsigned int id)
 	cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS);
 	if (cp != NULL && cp->valid == 1)
 		return (cp);
+
 	return (NULL);
 }
 
+const SSL_CIPHER *
+ssl3_get_cipher_by_value(uint16_t value)
+{
+	return ssl3_get_cipher_by_id(SSL3_CK_ID | value);
+}
+
 uint16_t
 ssl3_cipher_get_value(const SSL_CIPHER *c)
 {