diff options
author | Joel Sing <jsing@cvs.openbsd.org> | 2015-02-07 05:46:02 +0000 |
---|---|---|
committer | Joel Sing <jsing@cvs.openbsd.org> | 2015-02-07 05:46:02 +0000 |
commit | 5663fb9e3b3fcdc44911bd7ad371e4dbe67ca3e5 (patch) | |
tree | 0b263c667ca7af2b54d9f5328a3fa87d441bb3fd /lib/libssl | |
parent | 1da958521263b5795f8977fe05ae3ac628d75090 (diff) |
Clean up the {get,put}_cipher_by_char() implementations. Also use
ssl3_get_cipher_by_value() in other parts of the code where it simplifies
things.
ok doug@
Diffstat (limited to 'lib/libssl')
-rw-r--r-- | lib/libssl/s3_clnt.c | 12 | ||||
-rw-r--r-- | lib/libssl/s3_lib.c | 23 | ||||
-rw-r--r-- | lib/libssl/ssl_lib.c | 9 |
3 files changed, 14 insertions, 30 deletions
diff --git a/lib/libssl/s3_clnt.c b/lib/libssl/s3_clnt.c index b2c75175980..9b52691015e 100644 --- a/lib/libssl/s3_clnt.c +++ b/lib/libssl/s3_clnt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_clnt.c,v 1.106 2015/02/06 09:58:52 jsing Exp $ */ +/* $OpenBSD: s3_clnt.c,v 1.107 2015/02/07 05:46:01 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -773,7 +773,7 @@ ssl3_get_server_hello(SSL *s) const SSL_CIPHER *c; unsigned char *p, *q, *d; int i, al, ok; - unsigned int j, cipher_id; + unsigned int j; uint16_t cipher_value; long n; unsigned long alg_k; @@ -844,7 +844,6 @@ ssl3_get_server_hello(SSL *s) /* Get the cipher value. */ q = p + j; n2s(q, cipher_value); - cipher_id = SSL3_CK_ID | cipher_value; /* * Check if we want to resume the session based on external @@ -856,8 +855,8 @@ ssl3_get_server_hello(SSL *s) if (s->tls_session_secret_cb(s, s->session->master_key, &s->session->master_key_length, NULL, &pref_cipher, s->tls_session_secret_cb_arg)) { - s->session->cipher = pref_cipher ? - pref_cipher : ssl3_get_cipher_by_id(cipher_id); + s->session->cipher = pref_cipher ? pref_cipher : + ssl3_get_cipher_by_value(cipher_value); s->s3->flags |= SSL3_FLAGS_CCS_OK; } } @@ -892,8 +891,7 @@ ssl3_get_server_hello(SSL *s) } p += j; - c = ssl3_get_cipher_by_id(cipher_id); - if (c == NULL) { + if ((c = ssl3_get_cipher_by_value(cipher_value)) == NULL) { /* unknown cipher */ al = SSL_AD_ILLEGAL_PARAMETER; SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, diff --git a/lib/libssl/s3_lib.c b/lib/libssl/s3_lib.c index a1428907ac9..aae497abede 100644 --- a/lib/libssl/s3_lib.c +++ b/lib/libssl/s3_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_lib.c,v 1.93 2015/02/07 04:17:11 jsing Exp $ */ +/* $OpenBSD: s3_lib.c,v 1.94 2015/02/07 05:46:01 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -2532,30 +2532,19 @@ ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void)) const SSL_CIPHER * ssl3_get_cipher_by_char(const unsigned char *p) { - const SSL_CIPHER *cp; - unsigned long id; - SSL_CIPHER c; + uint16_t cipher_value; - id = 0x03000000L | ((unsigned long)p[0] << 8L) | (unsigned long)p[1]; - c.id = id; - cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS); - if (cp == NULL || cp->valid == 0) - return NULL; - else - return cp; + n2s(p, cipher_value); + return ssl3_get_cipher_by_value(cipher_value); } int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p) { - long l; - if (p != NULL) { - l = c->id; - if ((l & 0xff000000) != 0x03000000) + if ((c->id & ~SSL3_CK_VALUE_MASK) != SSL3_CK_ID) return (0); - p[0] = ((unsigned char)(l >> 8L)) & 0xFF; - p[1] = ((unsigned char)(l)) & 0xFF; + s2n(ssl3_cipher_get_value(c), p); } return (2); } diff --git a/lib/libssl/ssl_lib.c b/lib/libssl/ssl_lib.c index 5bf43623fc8..8ecb37d1be6 100644 --- a/lib/libssl/ssl_lib.c +++ b/lib/libssl/ssl_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_lib.c,v 1.95 2015/01/22 09:12:57 reyk Exp $ */ +/* $OpenBSD: ssl_lib.c,v 1.96 2015/02/07 05:46:01 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1420,7 +1420,6 @@ ssl_bytes_to_cipher_list(SSL *s, unsigned char *p, int num, const SSL_CIPHER *c; STACK_OF(SSL_CIPHER) *sk; int i; - unsigned int cipher_id; uint16_t cipher_value; if (s->s3) @@ -1442,10 +1441,9 @@ ssl_bytes_to_cipher_list(SSL *s, unsigned char *p, int num, for (i = 0; i < num; i += SSL3_CIPHER_VALUE_SIZE) { n2s(p, cipher_value); - cipher_id = SSL3_CK_ID | cipher_value; /* Check for SCSV */ - if (s->s3 && cipher_id == SSL3_CK_SCSV) { + if (s->s3 && (SSL3_CK_ID | cipher_value) == SSL3_CK_SCSV) { /* SCSV is fatal if renegotiating. */ if (s->renegotiate) { SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, @@ -1459,8 +1457,7 @@ ssl_bytes_to_cipher_list(SSL *s, unsigned char *p, int num, continue; } - c = ssl3_get_cipher_by_id(cipher_id); - if (c != NULL) { + if ((c = ssl3_get_cipher_by_value(cipher_value)) != NULL) { if (!sk_SSL_CIPHER_push(sk, c)) { SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, ERR_R_MALLOC_FAILURE); |