Commit 2df619b0 authored by Dr. Stephen Henson's avatar Dr. Stephen Henson
Browse files

Match SUITEB strings at start of cipher list. 



PR#4009.

Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
(cherry picked from commit 13e228d6)

Conflicts:
	ssl/ssl_ciph.c
parent cef9dcbb

ssl/ssl_ciph.c

+6 −5
Original line number Diff line number Diff line
@@ -1404,15 +1404,16 @@ static int check_suiteb_cipher_list(const SSL_METHOD *meth, CERT *c, 
                                    const char **prule_str)

{

    unsigned int suiteb_flags = 0, suiteb_comb2 = 0;

    if (!strcmp(*prule_str, "SUITEB128"))

        suiteb_flags = SSL_CERT_FLAG_SUITEB_128_LOS;

    else if (!strcmp(*prule_str, "SUITEB128ONLY"))

    if (strncmp(*prule_str, "SUITEB128ONLY", 13) == 0) {

        suiteb_flags = SSL_CERT_FLAG_SUITEB_128_LOS_ONLY;

    else if (!strcmp(*prule_str, "SUITEB128C2")) {

    } else if (strncmp(*prule_str, "SUITEB128C2", 11) == 0) {

        suiteb_comb2 = 1;

        suiteb_flags = SSL_CERT_FLAG_SUITEB_128_LOS;

    } else if (!strcmp(*prule_str, "SUITEB192"))

    } else if (strncmp(*prule_str, "SUITEB128", 9) == 0) {

        suiteb_flags = SSL_CERT_FLAG_SUITEB_128_LOS;

    } else if (strncmp(*prule_str, "SUITEB192", 9) == 0) {

        suiteb_flags = SSL_CERT_FLAG_SUITEB_192_LOS;

    }



    if (suiteb_flags) {

        c->cert_flags &= ~SSL_CERT_FLAG_SUITEB_128_LOS;