Sort cipher-list at runtime. (748f2546) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

ssl/s3_lib.c

+1470 −1774

File changed.

Preview size limit exceeded, changes collapsed.

+2 −0

Original line number	Diff line number	Diff line
		@@ -488,7 +488,9 @@ void ssl_load_ciphers(void)
		{
		size_t i;
		const ssl_cipher_table *t;

		disabled_enc_mask = 0;
		ssl_sort_cipher_list();
		for (i = 0, t = ssl_cipher_table_cipher; i < SSL_ENC_NUM_IDX; i++, t++) {
		if (t->nid == NID_undef) {
		ssl_cipher_methods[i] = NULL;

+1 −0

Original line number	Diff line number	Diff line
		@@ -1949,6 +1949,7 @@ __owur int ssl_cert_type(X509 x, EVP_PKEY pkey);
		void ssl_set_masks(SSL *s);
		__owur STACK_OF(SSL_CIPHER) ssl_get_ciphers_by_id(SSL s);
		__owur int ssl_verify_alarm_type(long type);
		void ssl_sort_cipher_list(void);
		void ssl_load_ciphers(void);
		__owur int ssl_fill_hello_random(SSL s, int server, unsigned char field, int len);
		__owur int ssl_generate_master_secret(SSL s, unsigned char pms, size_t pmslen,

+1 −2

Original line number	Diff line number	Diff line
		@@ -1057,7 +1057,6 @@ int main(int argc, char *argv[])
		#endif
		int no_protocol;
		int min_version = 0, max_version = 0;

		#ifndef OPENSSL_NO_CT
		/*
		* Disable CT validation by default, because it will interfere with
		@@ -1065,7 +1064,6 @@ int main(int argc, char *argv[])
		*/
		ct_validation_cb ct_validation = NULL;
		#endif

		SSL_CONF_CTX s_cctx = NULL, c_cctx = NULL, *s_cctx2 = NULL;
		STACK_OF(OPENSSL_STRING) *conf_args = NULL;
		char arg = NULL, argn = NULL;
		@@ -3569,6 +3567,7 @@ static int do_test_cipherlist(void)
		* call functions, thus avoiding auto-init
		*/
		OPENSSL_init_crypto(0, NULL);
		OPENSSL_init_ssl(0, NULL);

		meth = TLS_method();
		tci = NULL;