summaryrefslogtreecommitdiff
path: root/lib/libssl
diff options
context:
space:
mode:
authorJoel Sing <jsing@cvs.openbsd.org>2015-02-07 05:46:02 +0000
committerJoel Sing <jsing@cvs.openbsd.org>2015-02-07 05:46:02 +0000
commit5663fb9e3b3fcdc44911bd7ad371e4dbe67ca3e5 (patch)
tree0b263c667ca7af2b54d9f5328a3fa87d441bb3fd /lib/libssl
parent1da958521263b5795f8977fe05ae3ac628d75090 (diff)
Clean up the {get,put}_cipher_by_char() implementations. Also use
ssl3_get_cipher_by_value() in other parts of the code where it simplifies things. ok doug@
Diffstat (limited to 'lib/libssl')
-rw-r--r--lib/libssl/s3_clnt.c12
-rw-r--r--lib/libssl/s3_lib.c23
-rw-r--r--lib/libssl/ssl_lib.c9
3 files changed, 14 insertions, 30 deletions
diff --git a/lib/libssl/s3_clnt.c b/lib/libssl/s3_clnt.c
index b2c75175980..9b52691015e 100644
--- a/lib/libssl/s3_clnt.c
+++ b/lib/libssl/s3_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_clnt.c,v 1.106 2015/02/06 09:58:52 jsing Exp $ */
+/* $OpenBSD: s3_clnt.c,v 1.107 2015/02/07 05:46:01 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -773,7 +773,7 @@ ssl3_get_server_hello(SSL *s)
const SSL_CIPHER *c;
unsigned char *p, *q, *d;
int i, al, ok;
- unsigned int j, cipher_id;
+ unsigned int j;
uint16_t cipher_value;
long n;
unsigned long alg_k;
@@ -844,7 +844,6 @@ ssl3_get_server_hello(SSL *s)
/* Get the cipher value. */
q = p + j;
n2s(q, cipher_value);
- cipher_id = SSL3_CK_ID | cipher_value;
/*
* Check if we want to resume the session based on external
@@ -856,8 +855,8 @@ ssl3_get_server_hello(SSL *s)
if (s->tls_session_secret_cb(s, s->session->master_key,
&s->session->master_key_length, NULL, &pref_cipher,
s->tls_session_secret_cb_arg)) {
- s->session->cipher = pref_cipher ?
- pref_cipher : ssl3_get_cipher_by_id(cipher_id);
+ s->session->cipher = pref_cipher ? pref_cipher :
+ ssl3_get_cipher_by_value(cipher_value);
s->s3->flags |= SSL3_FLAGS_CCS_OK;
}
}
@@ -892,8 +891,7 @@ ssl3_get_server_hello(SSL *s)
}
p += j;
- c = ssl3_get_cipher_by_id(cipher_id);
- if (c == NULL) {
+ if ((c = ssl3_get_cipher_by_value(cipher_value)) == NULL) {
/* unknown cipher */
al = SSL_AD_ILLEGAL_PARAMETER;
SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
diff --git a/lib/libssl/s3_lib.c b/lib/libssl/s3_lib.c
index a1428907ac9..aae497abede 100644
--- a/lib/libssl/s3_lib.c
+++ b/lib/libssl/s3_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_lib.c,v 1.93 2015/02/07 04:17:11 jsing Exp $ */
+/* $OpenBSD: s3_lib.c,v 1.94 2015/02/07 05:46:01 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -2532,30 +2532,19 @@ ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
const SSL_CIPHER *
ssl3_get_cipher_by_char(const unsigned char *p)
{
- const SSL_CIPHER *cp;
- unsigned long id;
- SSL_CIPHER c;
+ uint16_t cipher_value;
- id = 0x03000000L | ((unsigned long)p[0] << 8L) | (unsigned long)p[1];
- c.id = id;
- cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS);
- if (cp == NULL || cp->valid == 0)
- return NULL;
- else
- return cp;
+ n2s(p, cipher_value);
+ return ssl3_get_cipher_by_value(cipher_value);
}
int
ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
{
- long l;
-
if (p != NULL) {
- l = c->id;
- if ((l & 0xff000000) != 0x03000000)
+ if ((c->id & ~SSL3_CK_VALUE_MASK) != SSL3_CK_ID)
return (0);
- p[0] = ((unsigned char)(l >> 8L)) & 0xFF;
- p[1] = ((unsigned char)(l)) & 0xFF;
+ s2n(ssl3_cipher_get_value(c), p);
}
return (2);
}
diff --git a/lib/libssl/ssl_lib.c b/lib/libssl/ssl_lib.c
index 5bf43623fc8..8ecb37d1be6 100644
--- a/lib/libssl/ssl_lib.c
+++ b/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_lib.c,v 1.95 2015/01/22 09:12:57 reyk Exp $ */
+/* $OpenBSD: ssl_lib.c,v 1.96 2015/02/07 05:46:01 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -1420,7 +1420,6 @@ ssl_bytes_to_cipher_list(SSL *s, unsigned char *p, int num,
const SSL_CIPHER *c;
STACK_OF(SSL_CIPHER) *sk;
int i;
- unsigned int cipher_id;
uint16_t cipher_value;
if (s->s3)
@@ -1442,10 +1441,9 @@ ssl_bytes_to_cipher_list(SSL *s, unsigned char *p, int num,
for (i = 0; i < num; i += SSL3_CIPHER_VALUE_SIZE) {
n2s(p, cipher_value);
- cipher_id = SSL3_CK_ID | cipher_value;
/* Check for SCSV */
- if (s->s3 && cipher_id == SSL3_CK_SCSV) {
+ if (s->s3 && (SSL3_CK_ID | cipher_value) == SSL3_CK_SCSV) {
/* SCSV is fatal if renegotiating. */
if (s->renegotiate) {
SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
@@ -1459,8 +1457,7 @@ ssl_bytes_to_cipher_list(SSL *s, unsigned char *p, int num,
continue;
}
- c = ssl3_get_cipher_by_id(cipher_id);
- if (c != NULL) {
+ if ((c = ssl3_get_cipher_by_value(cipher_value)) != NULL) {
if (!sk_SSL_CIPHER_push(sk, c)) {
SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
ERR_R_MALLOC_FAILURE);