From ba83acf62b74ac38323cdf014409e05439e107e0 Mon Sep 17 00:00:00 2001 From: jsing Date: Mon, 11 Aug 2014 01:06:22 +0000 Subject: [PATCH] Provide a ssl3_get_cipher_by_id() function that allows ciphers to be looked up by their ID. For one, this avoids an ugly mess in ssl_sess.c, where the cipher value is manually written into a buffer, just so the cipher can be located using ssl3_get_cipher_by_char(). ok bcook@ miod@ --- lib/libssl/s3_lib.c | 15 ++++++++++++++- lib/libssl/src/ssl/s3_lib.c | 15 ++++++++++++++- lib/libssl/src/ssl/ssl_locl.h | 3 ++- lib/libssl/src/ssl/ssl_sess.c | 15 ++------------- lib/libssl/ssl_locl.h | 3 ++- lib/libssl/ssl_sess.c | 15 ++------------- 6 files changed, 36 insertions(+), 30 deletions(-) diff --git a/lib/libssl/s3_lib.c b/lib/libssl/s3_lib.c index acb35a8f25f..1d84effeeab 100644 --- a/lib/libssl/s3_lib.c +++ b/lib/libssl/s3_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_lib.c,v 1.75 2014/08/10 15:06:15 jsing Exp $ */ +/* $OpenBSD: s3_lib.c,v 1.76 2014/08/11 01:06:22 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1873,6 +1873,19 @@ ssl3_get_cipher(unsigned int u) return (NULL); } +const SSL_CIPHER * +ssl3_get_cipher_by_id(unsigned int id) +{ + const SSL_CIPHER *cp; + SSL_CIPHER c; + + c.id = id; + cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS); + if (cp != NULL && cp->valid == 1) + return (cp); + return (NULL); +} + int ssl3_pending(const SSL *s) { diff --git a/lib/libssl/src/ssl/s3_lib.c b/lib/libssl/src/ssl/s3_lib.c index acb35a8f25f..1d84effeeab 100644 --- a/lib/libssl/src/ssl/s3_lib.c +++ b/lib/libssl/src/ssl/s3_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_lib.c,v 1.75 2014/08/10 15:06:15 jsing Exp $ */ +/* $OpenBSD: s3_lib.c,v 1.76 2014/08/11 01:06:22 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1873,6 +1873,19 @@ ssl3_get_cipher(unsigned int u) return (NULL); } +const SSL_CIPHER * +ssl3_get_cipher_by_id(unsigned int id) +{ + const SSL_CIPHER *cp; + SSL_CIPHER c; + + c.id = id; + cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS); + if (cp != NULL && cp->valid == 1) + return (cp); + return (NULL); +} + int ssl3_pending(const SSL *s) { diff --git a/lib/libssl/src/ssl/ssl_locl.h b/lib/libssl/src/ssl/ssl_locl.h index 7961c4c06e6..87b27a1d996 100644 --- a/lib/libssl/src/ssl/ssl_locl.h +++ b/lib/libssl/src/ssl/ssl_locl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_locl.h,v 1.64 2014/08/10 14:42:56 jsing Exp $ */ +/* $OpenBSD: ssl_locl.h,v 1.65 2014/08/11 01:06:22 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -614,6 +614,7 @@ long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok); int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen); int ssl3_num_ciphers(void); const SSL_CIPHER *ssl3_get_cipher(unsigned int u); +const SSL_CIPHER *ssl3_get_cipher_by_id(unsigned int id); int ssl3_renegotiate(SSL *ssl); int ssl3_renegotiate_check(SSL *ssl); diff --git a/lib/libssl/src/ssl/ssl_sess.c b/lib/libssl/src/ssl/ssl_sess.c index d4fa5a618f9..8e285ea9b18 100644 --- a/lib/libssl/src/ssl/ssl_sess.c +++ b/lib/libssl/src/ssl/ssl_sess.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_sess.c,v 1.39 2014/08/10 14:42:56 jsing Exp $ */ +/* $OpenBSD: ssl_sess.c,v 1.40 2014/08/11 01:06:22 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -558,18 +558,7 @@ ssl_get_prev_session(SSL *s, unsigned char *session_id, int len, } if (ret->cipher == NULL) { - unsigned char buf[5], *p; - unsigned long l; - - p = buf; - l = ret->cipher_id; - l2n(l, p); - - if ((ret->ssl_version >> 8) >= SSL3_VERSION_MAJOR) - ret->cipher = ssl3_get_cipher_by_char(&buf[2]); - else - ret->cipher = ssl3_get_cipher_by_char(&buf[1]); - + ret->cipher = ssl3_get_cipher_by_id(ret->cipher_id); if (ret->cipher == NULL) goto err; } diff --git a/lib/libssl/ssl_locl.h b/lib/libssl/ssl_locl.h index 7961c4c06e6..87b27a1d996 100644 --- a/lib/libssl/ssl_locl.h +++ b/lib/libssl/ssl_locl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_locl.h,v 1.64 2014/08/10 14:42:56 jsing Exp $ */ +/* $OpenBSD: ssl_locl.h,v 1.65 2014/08/11 01:06:22 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -614,6 +614,7 @@ long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok); int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen); int ssl3_num_ciphers(void); const SSL_CIPHER *ssl3_get_cipher(unsigned int u); +const SSL_CIPHER *ssl3_get_cipher_by_id(unsigned int id); int ssl3_renegotiate(SSL *ssl); int ssl3_renegotiate_check(SSL *ssl); diff --git a/lib/libssl/ssl_sess.c b/lib/libssl/ssl_sess.c index d4fa5a618f9..8e285ea9b18 100644 --- a/lib/libssl/ssl_sess.c +++ b/lib/libssl/ssl_sess.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_sess.c,v 1.39 2014/08/10 14:42:56 jsing Exp $ */ +/* $OpenBSD: ssl_sess.c,v 1.40 2014/08/11 01:06:22 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -558,18 +558,7 @@ ssl_get_prev_session(SSL *s, unsigned char *session_id, int len, } if (ret->cipher == NULL) { - unsigned char buf[5], *p; - unsigned long l; - - p = buf; - l = ret->cipher_id; - l2n(l, p); - - if ((ret->ssl_version >> 8) >= SSL3_VERSION_MAJOR) - ret->cipher = ssl3_get_cipher_by_char(&buf[2]); - else - ret->cipher = ssl3_get_cipher_by_char(&buf[1]); - + ret->cipher = ssl3_get_cipher_by_id(ret->cipher_id); if (ret->cipher == NULL) goto err; } -- 2.20.1