Provide a ssl3_get_cipher_by_id() function that allows ciphers to be looked

up by their ID. For one, this avoids an ugly mess in ssl_sess.c, where the cipher value is manually written into a buffer, just so the cipher can be located using ssl3_get_cipher_by_char(). ok bcook@ miod@
2025-01-10 06:47:55 -08:00 · 2014-08-11 01:06:22 +00:00 · 2014-08-11 01:06:22 +00:00 · ba83acf62b
commit ba83acf62b
parent a44328353d
6 changed files with 36 additions and 30 deletions
--- a/lib/libssl/s3_lib.c
+++ b/lib/libssl/s3_lib.c
@ -1,4 +1,4 @@
-/* $OpenBSD: s3_lib.c,v 1.75 2014/08/10 15:06:15 jsing Exp $ */
+/* $OpenBSD: s3_lib.c,v 1.76 2014/08/11 01:06:22 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@ -1873,6 +1873,19 @@ ssl3_get_cipher(unsigned int u)
 		return (NULL);
 }

+const SSL_CIPHER *
+ssl3_get_cipher_by_id(unsigned int id)
+{
+	const SSL_CIPHER *cp;
+	SSL_CIPHER c;
+
+	c.id = id;
+	cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS);
+	if (cp != NULL && cp->valid == 1)
+		return (cp);
+	return (NULL);
+}
+
 int
 ssl3_pending(const SSL *s)
 {
--- a/lib/libssl/src/ssl/s3_lib.c
+++ b/lib/libssl/src/ssl/s3_lib.c
@ -1,4 +1,4 @@
-/* $OpenBSD: s3_lib.c,v 1.75 2014/08/10 15:06:15 jsing Exp $ */
+/* $OpenBSD: s3_lib.c,v 1.76 2014/08/11 01:06:22 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@ -1873,6 +1873,19 @@ ssl3_get_cipher(unsigned int u)
 		return (NULL);
 }

+const SSL_CIPHER *
+ssl3_get_cipher_by_id(unsigned int id)
+{
+	const SSL_CIPHER *cp;
+	SSL_CIPHER c;
+
+	c.id = id;
+	cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS);
+	if (cp != NULL && cp->valid == 1)
+		return (cp);
+	return (NULL);
+}
+
 int
 ssl3_pending(const SSL *s)
 {
--- a/lib/libssl/src/ssl/ssl_locl.h
+++ b/lib/libssl/src/ssl/ssl_locl.h
@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.64 2014/08/10 14:42:56 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.65 2014/08/11 01:06:22 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@ -614,6 +614,7 @@ long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok);
 int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen);
 int ssl3_num_ciphers(void);
 const SSL_CIPHER *ssl3_get_cipher(unsigned int u);
+const SSL_CIPHER *ssl3_get_cipher_by_id(unsigned int id);
 int ssl3_renegotiate(SSL *ssl);

 int ssl3_renegotiate_check(SSL *ssl);
--- a/lib/libssl/src/ssl/ssl_sess.c
+++ b/lib/libssl/src/ssl/ssl_sess.c
@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_sess.c,v 1.39 2014/08/10 14:42:56 jsing Exp $ */
+/* $OpenBSD: ssl_sess.c,v 1.40 2014/08/11 01:06:22 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@ -558,18 +558,7 @@ ssl_get_prev_session(SSL *s, unsigned char *session_id, int len,
 	}

 	if (ret->cipher == NULL) {
-		unsigned char buf[5], *p;
-		unsigned long l;
-
-		p = buf;
-		l = ret->cipher_id;
-		l2n(l, p);
-
-		if ((ret->ssl_version >> 8) >= SSL3_VERSION_MAJOR)
-			ret->cipher = ssl3_get_cipher_by_char(&buf[2]);
-		else
-			ret->cipher = ssl3_get_cipher_by_char(&buf[1]);
-
+		ret->cipher = ssl3_get_cipher_by_id(ret->cipher_id);
 		if (ret->cipher == NULL)
 			goto err;
 	}
--- a/lib/libssl/ssl_locl.h
+++ b/lib/libssl/ssl_locl.h
@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.64 2014/08/10 14:42:56 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.65 2014/08/11 01:06:22 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@ -614,6 +614,7 @@ long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok);
 int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen);
 int ssl3_num_ciphers(void);
 const SSL_CIPHER *ssl3_get_cipher(unsigned int u);
+const SSL_CIPHER *ssl3_get_cipher_by_id(unsigned int id);
 int ssl3_renegotiate(SSL *ssl);

 int ssl3_renegotiate_check(SSL *ssl);
--- a/lib/libssl/ssl_sess.c
+++ b/lib/libssl/ssl_sess.c
@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_sess.c,v 1.39 2014/08/10 14:42:56 jsing Exp $ */
+/* $OpenBSD: ssl_sess.c,v 1.40 2014/08/11 01:06:22 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@ -558,18 +558,7 @@ ssl_get_prev_session(SSL *s, unsigned char *session_id, int len,
 	}

 	if (ret->cipher == NULL) {
-		unsigned char buf[5], *p;
-		unsigned long l;
-
-		p = buf;
-		l = ret->cipher_id;
-		l2n(l, p);
-
-		if ((ret->ssl_version >> 8) >= SSL3_VERSION_MAJOR)
-			ret->cipher = ssl3_get_cipher_by_char(&buf[2]);
-		else
-			ret->cipher = ssl3_get_cipher_by_char(&buf[1]);
-
+		ret->cipher = ssl3_get_cipher_by_id(ret->cipher_id);
 		if (ret->cipher == NULL)
 			goto err;
 	}