From e0c6c58816e0a0a119561471e172df0723461275 Mon Sep 17 00:00:00 2001 From: tb Date: Wed, 29 Nov 2023 13:39:34 +0000 Subject: [PATCH] Convert ssl3_cipher_by_id() to bsearch() This was previously the only user of OBJ_bsearch_ssl_cipher_id(), which in turn is the one remaining user of OBJ_bsearch_() outside of libcrypto. OBJ_bsearch_() is OpenSSL's idiosyncratic reimplementation of ANSI C89's bsearch(). Since this used to be hidden behind macro insanity, the result was three inscrutable layers of comparison functions. It is much simpler and cleaner to use the standard API. Move all the code to s3_lib.c, since it's ony used there. In a few further diffs, OBJ_bsearch_() will be removed from libcrypto. Unfortunately, we'll need to keep OBJ_bsearch_ex(), because it is exposed via sk_find_ex(), which is exposed by M2Crypto... ok jsing --- lib/libssl/s3_lib.c | 25 +++++++++++++++++-------- lib/libssl/ssl_lib.c | 29 +---------------------------- lib/libssl/ssl_local.h | 4 +--- 3 files changed, 19 insertions(+), 39 deletions(-) diff --git a/lib/libssl/s3_lib.c b/lib/libssl/s3_lib.c index 9ac02f3e1b7..1ae2d047bc7 100644 --- a/lib/libssl/s3_lib.c +++ b/lib/libssl/s3_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_lib.c,v 1.247 2023/11/29 13:29:34 tb Exp $ */ +/* $OpenBSD: s3_lib.c,v 1.248 2023/11/29 13:39:34 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -150,6 +150,7 @@ #include #include +#include #include #include @@ -1413,18 +1414,26 @@ ssl3_get_cipher(unsigned int u) return (NULL); } +static int +ssl3_cipher_id_cmp(const void *id, const void *cipher) +{ + unsigned long a = *(const unsigned long *)id; + unsigned long b = ((const SSL_CIPHER *)cipher)->id; + + return a < b ? -1 : a > b; +} + const SSL_CIPHER * ssl3_get_cipher_by_id(unsigned long id) { - const SSL_CIPHER *cp; - SSL_CIPHER c; + const SSL_CIPHER *cipher; - c.id = id; - cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS); - if (cp != NULL && cp->valid == 1) - return (cp); + cipher = bsearch(&id, ssl3_ciphers, SSL3_NUM_CIPHERS, sizeof(*cipher), + ssl3_cipher_id_cmp); + if (cipher != NULL && cipher->valid == 1) + return cipher; - return (NULL); + return NULL; } const SSL_CIPHER * diff --git a/lib/libssl/ssl_lib.c b/lib/libssl/ssl_lib.c index 5cd0e82f895..ce14ce710a7 100644 --- a/lib/libssl/ssl_lib.c +++ b/lib/libssl/ssl_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_lib.c,v 1.316 2023/11/25 12:05:08 tb Exp $ */ +/* $OpenBSD: ssl_lib.c,v 1.317 2023/11/29 13:39:34 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -3638,30 +3638,3 @@ SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy) /* Not supported. */ } LSSL_ALIAS(SSL_set_quic_use_legacy_codepoint); - -static int -ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b) -{ - long l; - - l = a->id - b->id; - if (l == 0L) - return (0); - else - return ((l > 0) ? 1:-1); -} - -static int -ssl_cipher_id_cmp_BSEARCH_CMP_FN(const void *a_, const void *b_) -{ - SSL_CIPHER const *a = a_; - SSL_CIPHER const *b = b_; - return ssl_cipher_id_cmp(a, b); -} - -SSL_CIPHER * -OBJ_bsearch_ssl_cipher_id(SSL_CIPHER *key, SSL_CIPHER const *base, int num) -{ - return (SSL_CIPHER *)OBJ_bsearch_(key, base, num, sizeof(SSL_CIPHER), - ssl_cipher_id_cmp_BSEARCH_CMP_FN); -} diff --git a/lib/libssl/ssl_local.h b/lib/libssl/ssl_local.h index 3c5fb204b00..a2c2588c38b 100644 --- a/lib/libssl/ssl_local.h +++ b/lib/libssl/ssl_local.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_local.h,v 1.10 2023/11/29 13:29:34 tb Exp $ */ +/* $OpenBSD: ssl_local.h,v 1.11 2023/11/29 13:39:34 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1304,8 +1304,6 @@ SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int include_ticket); int ssl_get_new_session(SSL *s, int session); int ssl_get_prev_session(SSL *s, CBS *session_id, CBS *ext_block, int *alert); -SSL_CIPHER *OBJ_bsearch_ssl_cipher_id(SSL_CIPHER *key, SSL_CIPHER const *base, - int num); int ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *ciphers, CBB *cbb); STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, CBS *cbs); STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *meth, -- 2.20.1