Loading include/openssl/ssl.h +2 −2 Original line number Diff line number Diff line Loading @@ -1380,10 +1380,10 @@ __owur int SSL_clear(SSL *s); void SSL_CTX_flush_sessions(SSL_CTX *ctx, long tm); __owur const SSL_CIPHER *SSL_get_current_cipher(const SSL *s); __owur int SSL_CIPHER_get_bits(const SSL_CIPHER *c, int *alg_bits); __owur int32_t SSL_CIPHER_get_bits(const SSL_CIPHER *c, uint32_t *alg_bits); __owur char *SSL_CIPHER_get_version(const SSL_CIPHER *c); __owur const char *SSL_CIPHER_get_name(const SSL_CIPHER *c); __owur unsigned long SSL_CIPHER_get_id(const SSL_CIPHER *c); __owur uint32_t SSL_CIPHER_get_id(const SSL_CIPHER *c); __owur int SSL_get_fd(const SSL *s); __owur int SSL_get_rfd(const SSL *s); Loading ssl/s3_lib.c +3 −3 Original line number Diff line number Diff line Loading @@ -4763,9 +4763,9 @@ const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p) { SSL_CIPHER c; const SSL_CIPHER *cp; unsigned long id; uint32_t id; id = 0x03000000L | ((unsigned long)p[0] << 8L) | (unsigned long)p[1]; id = 0x03000000 | ((uint32_t)p[0] << 8L) | (uint32_t)p[1]; c.id = id; cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS); #ifdef DEBUG_PRINT_UNKNOWN_CIPHERSUITES Loading Loading @@ -4915,7 +4915,7 @@ int ssl3_get_req_cert_type(SSL *s, unsigned char *p) { int ret = 0; int nostrict = 1; unsigned long alg_k, alg_a = 0; uint32_t alg_k, alg_a = 0; /* If we have custom certificate types set, use them */ if (s->cert->ctypes) { Loading ssl/ssl_ciph.c +42 −45 Original line number Diff line number Diff line Loading @@ -173,7 +173,7 @@ /* NB: make sure indices in these tables match values above */ typedef struct { unsigned long mask; uint32_t mask; int nid; } ssl_cipher_table; Loading Loading @@ -239,7 +239,7 @@ static const EVP_MD *ssl_digest_methods[SSL_MD_NUM_IDX] = { /* Utility function for table lookup */ static int ssl_cipher_info_find(const ssl_cipher_table * table, size_t table_cnt, unsigned long mask) size_t table_cnt, uint32_t mask) { size_t i; for (i = 0; i < table_cnt; i++, table++) { Loading Loading @@ -463,10 +463,10 @@ static int get_optional_pkey_id(const char *pkey_name) #endif /* masks of disabled algorithms */ static unsigned long disabled_enc_mask; static unsigned long disabled_mac_mask; static unsigned long disabled_mkey_mask; static unsigned long disabled_auth_mask; static uint32_t disabled_enc_mask; static uint32_t disabled_mac_mask; static uint32_t disabled_mkey_mask; static uint32_t disabled_auth_mask; void ssl_load_ciphers(void) { Loading Loading @@ -745,11 +745,11 @@ static void ll_append_head(CIPHER_ORDER **head, CIPHER_ORDER *curr, static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method, int num_of_ciphers, unsigned long disabled_mkey, unsigned long disabled_auth, unsigned long disabled_enc, unsigned long disabled_mac, unsigned long disabled_ssl, uint32_t disabled_mkey, uint32_t disabled_auth, uint32_t disabled_enc, uint32_t disabled_mac, uint32_t disabled_ssl, CIPHER_ORDER *co_list, CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p) Loading Loading @@ -813,21 +813,21 @@ static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method, static void ssl_cipher_collect_aliases(const SSL_CIPHER **ca_list, int num_of_group_aliases, unsigned long disabled_mkey, unsigned long disabled_auth, unsigned long disabled_enc, unsigned long disabled_mac, unsigned long disabled_ssl, uint32_t disabled_mkey, uint32_t disabled_auth, uint32_t disabled_enc, uint32_t disabled_mac, uint32_t disabled_ssl, CIPHER_ORDER *head) { CIPHER_ORDER *ciph_curr; const SSL_CIPHER **ca_curr; int i; unsigned long mask_mkey = ~disabled_mkey; unsigned long mask_auth = ~disabled_auth; unsigned long mask_enc = ~disabled_enc; unsigned long mask_mac = ~disabled_mac; unsigned long mask_ssl = ~disabled_ssl; uint32_t mask_mkey = ~disabled_mkey; uint32_t mask_auth = ~disabled_auth; uint32_t mask_enc = ~disabled_enc; uint32_t mask_mac = ~disabled_mac; uint32_t mask_ssl = ~disabled_ssl; /* * First, add the real ciphers as already collected Loading @@ -847,11 +847,11 @@ static void ssl_cipher_collect_aliases(const SSL_CIPHER **ca_list, * or represent a cipher strength value (will be added in any case because algorithms=0). */ for (i = 0; i < num_of_group_aliases; i++) { unsigned long algorithm_mkey = cipher_aliases[i].algorithm_mkey; unsigned long algorithm_auth = cipher_aliases[i].algorithm_auth; unsigned long algorithm_enc = cipher_aliases[i].algorithm_enc; unsigned long algorithm_mac = cipher_aliases[i].algorithm_mac; unsigned long algorithm_ssl = cipher_aliases[i].algorithm_ssl; uint32_t algorithm_mkey = cipher_aliases[i].algorithm_mkey; uint32_t algorithm_auth = cipher_aliases[i].algorithm_auth; uint32_t algorithm_enc = cipher_aliases[i].algorithm_enc; uint32_t algorithm_mac = cipher_aliases[i].algorithm_mac; uint32_t algorithm_ssl = cipher_aliases[i].algorithm_ssl; if (algorithm_mkey) if ((algorithm_mkey & mask_mkey) == 0) Loading Loading @@ -880,14 +880,11 @@ static void ssl_cipher_collect_aliases(const SSL_CIPHER **ca_list, *ca_curr = NULL; /* end of list */ } static void ssl_cipher_apply_rule(unsigned long cipher_id, unsigned long alg_mkey, unsigned long alg_auth, unsigned long alg_enc, unsigned long alg_mac, unsigned long alg_ssl, unsigned long algo_strength, int rule, int strength_bits, CIPHER_ORDER **head_p, static void ssl_cipher_apply_rule(uint32_t cipher_id, uint32_t alg_mkey, uint32_t alg_auth, uint32_t alg_enc, uint32_t alg_mac, uint32_t alg_ssl, uint32_t algo_strength, int rule, int32_t strength_bits, CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p) { CIPHER_ORDER *head, *tail, *curr, *next, *last; Loading Loading @@ -1024,7 +1021,8 @@ static void ssl_cipher_apply_rule(unsigned long cipher_id, static int ssl_cipher_strength_sort(CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p) { int max_strength_bits, i, *number_uses; int32_t max_strength_bits; int i, *number_uses; CIPHER_ORDER *curr; /* Loading Loading @@ -1073,11 +1071,10 @@ static int ssl_cipher_process_rulestr(const char *rule_str, CIPHER_ORDER **tail_p, const SSL_CIPHER **ca_list, CERT *c) { unsigned long alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl, algo_strength; uint32_t alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl, algo_strength; const char *l, *buf; int j, multi, found, rule, retval, ok, buflen; unsigned long cipher_id = 0; uint32_t cipher_id = 0; char ch; retval = 1; Loading Loading @@ -1409,7 +1406,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, STACK const char *rule_str, CERT *c) { int ok, num_of_ciphers, num_of_alias_max, num_of_group_aliases; unsigned long disabled_mkey, disabled_auth, disabled_enc, disabled_mac, uint32_t disabled_mkey, disabled_auth, disabled_enc, disabled_mac, disabled_ssl; STACK_OF(SSL_CIPHER) *cipherstack, *tmp_cipher_list; const char *rule_p; Loading Loading @@ -1607,7 +1604,7 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len) int is_export, pkl, kl; const char *ver, *exp_str; const char *kx, *au, *enc, *mac; unsigned long alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl; uint32_t alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl; static const char *format = "%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s\n"; Loading Loading @@ -1829,19 +1826,19 @@ const char *SSL_CIPHER_get_name(const SSL_CIPHER *c) } /* number of bits for symmetric cipher */ int SSL_CIPHER_get_bits(const SSL_CIPHER *c, int *alg_bits) int32_t SSL_CIPHER_get_bits(const SSL_CIPHER *c, uint32_t *alg_bits) { int ret = 0; int32_t ret = 0; if (c != NULL) { if (alg_bits != NULL) *alg_bits = c->alg_bits; ret = c->strength_bits; } return (ret); return ret; } unsigned long SSL_CIPHER_get_id(const SSL_CIPHER *c) uint32_t SSL_CIPHER_get_id(const SSL_CIPHER *c) { return c->id; } Loading Loading @@ -1970,7 +1967,7 @@ const char *SSL_COMP_get_name(const COMP_METHOD *comp) /* For a cipher return the index corresponding to the certificate type */ int ssl_cipher_get_cert_index(const SSL_CIPHER *c) { unsigned long alg_k, alg_a; uint32_t alg_k, alg_a; alg_k = c->algorithm_mkey; alg_a = c->algorithm_auth; Loading ssl/ssl_lib.c +10 −14 Original line number Diff line number Diff line Loading @@ -1224,25 +1224,21 @@ long SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void)) int ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b) { long l; l = a->id - b->id; if (l == 0L) return (0); else return ((l > 0) ? 1 : -1); if (a->id > b->id) return 1; if (a->id < b->id) return -1; return 0; } int ssl_cipher_ptr_id_cmp(const SSL_CIPHER *const *ap, const SSL_CIPHER *const *bp) { long l; l = (*ap)->id - (*bp)->id; if (l == 0L) return (0); else return ((l > 0) ? 1 : -1); if ((*ap)->id > (*bp)->id) return 1; if ((*ap)->id < (*bp)->id) return -1; return 0; } /** return a STACK of the ciphers available for the SSL and in order of Loading ssl/ssl_locl.h +19 −19 Original line number Diff line number Diff line Loading @@ -537,22 +537,22 @@ #define TLS_CIPHER_LEN 2 /* used to hold info on the particular ciphers used */ struct ssl_cipher_st { int valid; uint32_t valid; const char *name; /* text name */ unsigned long id; /* id, 4 bytes, first is version */ uint32_t id; /* id, 4 bytes, first is version */ /* * changed in 0.9.9: these four used to be portions of a single value * changed in 1.0.0: these four used to be portions of a single value * 'algorithms' */ unsigned long algorithm_mkey; /* key exchange algorithm */ unsigned long algorithm_auth; /* server authentication */ unsigned long algorithm_enc; /* symmetric encryption */ unsigned long algorithm_mac; /* symmetric authentication */ unsigned long algorithm_ssl; /* (major) protocol version */ unsigned long algo_strength; /* strength and export flags */ unsigned long algorithm2; /* Extra flags */ int strength_bits; /* Number of bits really used */ int alg_bits; /* Number of bits for algorithm */ uint32_t algorithm_mkey; /* key exchange algorithm */ uint32_t algorithm_auth; /* server authentication */ uint32_t algorithm_enc; /* symmetric encryption */ uint32_t algorithm_mac; /* symmetric authentication */ uint32_t algorithm_ssl; /* (major) protocol version */ uint32_t algo_strength; /* strength and export flags */ uint32_t algorithm2; /* Extra flags */ int32_t strength_bits; /* Number of bits really used */ uint32_t alg_bits; /* Number of bits for algorithm */ }; /* Used to hold SSL/TLS functions */ Loading Loading @@ -1308,12 +1308,12 @@ typedef struct ssl3_state_st { * that are supported by the certs below. For clients they are masks of * *disabled* algorithms based on the current session. */ unsigned long mask_k; unsigned long mask_a; unsigned long export_mask_k; unsigned long export_mask_a; uint32_t mask_k; uint32_t mask_a; uint32_t export_mask_k; uint32_t export_mask_a; /* Client only */ unsigned long mask_ssl; uint32_t mask_ssl; } tmp; /* Connection binding to prevent renegotiation attacks */ Loading Loading @@ -2062,7 +2062,7 @@ __owur int tls12_get_sigandhash(unsigned char *p, const EVP_PKEY *pk, const EVP_MD *md); __owur int tls12_get_sigid(const EVP_PKEY *pk); __owur const EVP_MD *tls12_get_hash(unsigned char hash_alg); void ssl_set_sig_mask(unsigned long *pmask_a, SSL *s, int op); void ssl_set_sig_mask(uint32_t *pmask_a, SSL *s, int op); __owur int tls1_set_sigalgs_list(CERT *c, const char *str, int client); __owur int tls1_set_sigalgs(CERT *c, const int *salg, size_t salglen, int client); Loading Loading
include/openssl/ssl.h +2 −2 Original line number Diff line number Diff line Loading @@ -1380,10 +1380,10 @@ __owur int SSL_clear(SSL *s); void SSL_CTX_flush_sessions(SSL_CTX *ctx, long tm); __owur const SSL_CIPHER *SSL_get_current_cipher(const SSL *s); __owur int SSL_CIPHER_get_bits(const SSL_CIPHER *c, int *alg_bits); __owur int32_t SSL_CIPHER_get_bits(const SSL_CIPHER *c, uint32_t *alg_bits); __owur char *SSL_CIPHER_get_version(const SSL_CIPHER *c); __owur const char *SSL_CIPHER_get_name(const SSL_CIPHER *c); __owur unsigned long SSL_CIPHER_get_id(const SSL_CIPHER *c); __owur uint32_t SSL_CIPHER_get_id(const SSL_CIPHER *c); __owur int SSL_get_fd(const SSL *s); __owur int SSL_get_rfd(const SSL *s); Loading
ssl/s3_lib.c +3 −3 Original line number Diff line number Diff line Loading @@ -4763,9 +4763,9 @@ const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p) { SSL_CIPHER c; const SSL_CIPHER *cp; unsigned long id; uint32_t id; id = 0x03000000L | ((unsigned long)p[0] << 8L) | (unsigned long)p[1]; id = 0x03000000 | ((uint32_t)p[0] << 8L) | (uint32_t)p[1]; c.id = id; cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS); #ifdef DEBUG_PRINT_UNKNOWN_CIPHERSUITES Loading Loading @@ -4915,7 +4915,7 @@ int ssl3_get_req_cert_type(SSL *s, unsigned char *p) { int ret = 0; int nostrict = 1; unsigned long alg_k, alg_a = 0; uint32_t alg_k, alg_a = 0; /* If we have custom certificate types set, use them */ if (s->cert->ctypes) { Loading
ssl/ssl_ciph.c +42 −45 Original line number Diff line number Diff line Loading @@ -173,7 +173,7 @@ /* NB: make sure indices in these tables match values above */ typedef struct { unsigned long mask; uint32_t mask; int nid; } ssl_cipher_table; Loading Loading @@ -239,7 +239,7 @@ static const EVP_MD *ssl_digest_methods[SSL_MD_NUM_IDX] = { /* Utility function for table lookup */ static int ssl_cipher_info_find(const ssl_cipher_table * table, size_t table_cnt, unsigned long mask) size_t table_cnt, uint32_t mask) { size_t i; for (i = 0; i < table_cnt; i++, table++) { Loading Loading @@ -463,10 +463,10 @@ static int get_optional_pkey_id(const char *pkey_name) #endif /* masks of disabled algorithms */ static unsigned long disabled_enc_mask; static unsigned long disabled_mac_mask; static unsigned long disabled_mkey_mask; static unsigned long disabled_auth_mask; static uint32_t disabled_enc_mask; static uint32_t disabled_mac_mask; static uint32_t disabled_mkey_mask; static uint32_t disabled_auth_mask; void ssl_load_ciphers(void) { Loading Loading @@ -745,11 +745,11 @@ static void ll_append_head(CIPHER_ORDER **head, CIPHER_ORDER *curr, static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method, int num_of_ciphers, unsigned long disabled_mkey, unsigned long disabled_auth, unsigned long disabled_enc, unsigned long disabled_mac, unsigned long disabled_ssl, uint32_t disabled_mkey, uint32_t disabled_auth, uint32_t disabled_enc, uint32_t disabled_mac, uint32_t disabled_ssl, CIPHER_ORDER *co_list, CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p) Loading Loading @@ -813,21 +813,21 @@ static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method, static void ssl_cipher_collect_aliases(const SSL_CIPHER **ca_list, int num_of_group_aliases, unsigned long disabled_mkey, unsigned long disabled_auth, unsigned long disabled_enc, unsigned long disabled_mac, unsigned long disabled_ssl, uint32_t disabled_mkey, uint32_t disabled_auth, uint32_t disabled_enc, uint32_t disabled_mac, uint32_t disabled_ssl, CIPHER_ORDER *head) { CIPHER_ORDER *ciph_curr; const SSL_CIPHER **ca_curr; int i; unsigned long mask_mkey = ~disabled_mkey; unsigned long mask_auth = ~disabled_auth; unsigned long mask_enc = ~disabled_enc; unsigned long mask_mac = ~disabled_mac; unsigned long mask_ssl = ~disabled_ssl; uint32_t mask_mkey = ~disabled_mkey; uint32_t mask_auth = ~disabled_auth; uint32_t mask_enc = ~disabled_enc; uint32_t mask_mac = ~disabled_mac; uint32_t mask_ssl = ~disabled_ssl; /* * First, add the real ciphers as already collected Loading @@ -847,11 +847,11 @@ static void ssl_cipher_collect_aliases(const SSL_CIPHER **ca_list, * or represent a cipher strength value (will be added in any case because algorithms=0). */ for (i = 0; i < num_of_group_aliases; i++) { unsigned long algorithm_mkey = cipher_aliases[i].algorithm_mkey; unsigned long algorithm_auth = cipher_aliases[i].algorithm_auth; unsigned long algorithm_enc = cipher_aliases[i].algorithm_enc; unsigned long algorithm_mac = cipher_aliases[i].algorithm_mac; unsigned long algorithm_ssl = cipher_aliases[i].algorithm_ssl; uint32_t algorithm_mkey = cipher_aliases[i].algorithm_mkey; uint32_t algorithm_auth = cipher_aliases[i].algorithm_auth; uint32_t algorithm_enc = cipher_aliases[i].algorithm_enc; uint32_t algorithm_mac = cipher_aliases[i].algorithm_mac; uint32_t algorithm_ssl = cipher_aliases[i].algorithm_ssl; if (algorithm_mkey) if ((algorithm_mkey & mask_mkey) == 0) Loading Loading @@ -880,14 +880,11 @@ static void ssl_cipher_collect_aliases(const SSL_CIPHER **ca_list, *ca_curr = NULL; /* end of list */ } static void ssl_cipher_apply_rule(unsigned long cipher_id, unsigned long alg_mkey, unsigned long alg_auth, unsigned long alg_enc, unsigned long alg_mac, unsigned long alg_ssl, unsigned long algo_strength, int rule, int strength_bits, CIPHER_ORDER **head_p, static void ssl_cipher_apply_rule(uint32_t cipher_id, uint32_t alg_mkey, uint32_t alg_auth, uint32_t alg_enc, uint32_t alg_mac, uint32_t alg_ssl, uint32_t algo_strength, int rule, int32_t strength_bits, CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p) { CIPHER_ORDER *head, *tail, *curr, *next, *last; Loading Loading @@ -1024,7 +1021,8 @@ static void ssl_cipher_apply_rule(unsigned long cipher_id, static int ssl_cipher_strength_sort(CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p) { int max_strength_bits, i, *number_uses; int32_t max_strength_bits; int i, *number_uses; CIPHER_ORDER *curr; /* Loading Loading @@ -1073,11 +1071,10 @@ static int ssl_cipher_process_rulestr(const char *rule_str, CIPHER_ORDER **tail_p, const SSL_CIPHER **ca_list, CERT *c) { unsigned long alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl, algo_strength; uint32_t alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl, algo_strength; const char *l, *buf; int j, multi, found, rule, retval, ok, buflen; unsigned long cipher_id = 0; uint32_t cipher_id = 0; char ch; retval = 1; Loading Loading @@ -1409,7 +1406,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, STACK const char *rule_str, CERT *c) { int ok, num_of_ciphers, num_of_alias_max, num_of_group_aliases; unsigned long disabled_mkey, disabled_auth, disabled_enc, disabled_mac, uint32_t disabled_mkey, disabled_auth, disabled_enc, disabled_mac, disabled_ssl; STACK_OF(SSL_CIPHER) *cipherstack, *tmp_cipher_list; const char *rule_p; Loading Loading @@ -1607,7 +1604,7 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len) int is_export, pkl, kl; const char *ver, *exp_str; const char *kx, *au, *enc, *mac; unsigned long alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl; uint32_t alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl; static const char *format = "%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s\n"; Loading Loading @@ -1829,19 +1826,19 @@ const char *SSL_CIPHER_get_name(const SSL_CIPHER *c) } /* number of bits for symmetric cipher */ int SSL_CIPHER_get_bits(const SSL_CIPHER *c, int *alg_bits) int32_t SSL_CIPHER_get_bits(const SSL_CIPHER *c, uint32_t *alg_bits) { int ret = 0; int32_t ret = 0; if (c != NULL) { if (alg_bits != NULL) *alg_bits = c->alg_bits; ret = c->strength_bits; } return (ret); return ret; } unsigned long SSL_CIPHER_get_id(const SSL_CIPHER *c) uint32_t SSL_CIPHER_get_id(const SSL_CIPHER *c) { return c->id; } Loading Loading @@ -1970,7 +1967,7 @@ const char *SSL_COMP_get_name(const COMP_METHOD *comp) /* For a cipher return the index corresponding to the certificate type */ int ssl_cipher_get_cert_index(const SSL_CIPHER *c) { unsigned long alg_k, alg_a; uint32_t alg_k, alg_a; alg_k = c->algorithm_mkey; alg_a = c->algorithm_auth; Loading
ssl/ssl_lib.c +10 −14 Original line number Diff line number Diff line Loading @@ -1224,25 +1224,21 @@ long SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void)) int ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b) { long l; l = a->id - b->id; if (l == 0L) return (0); else return ((l > 0) ? 1 : -1); if (a->id > b->id) return 1; if (a->id < b->id) return -1; return 0; } int ssl_cipher_ptr_id_cmp(const SSL_CIPHER *const *ap, const SSL_CIPHER *const *bp) { long l; l = (*ap)->id - (*bp)->id; if (l == 0L) return (0); else return ((l > 0) ? 1 : -1); if ((*ap)->id > (*bp)->id) return 1; if ((*ap)->id < (*bp)->id) return -1; return 0; } /** return a STACK of the ciphers available for the SSL and in order of Loading
ssl/ssl_locl.h +19 −19 Original line number Diff line number Diff line Loading @@ -537,22 +537,22 @@ #define TLS_CIPHER_LEN 2 /* used to hold info on the particular ciphers used */ struct ssl_cipher_st { int valid; uint32_t valid; const char *name; /* text name */ unsigned long id; /* id, 4 bytes, first is version */ uint32_t id; /* id, 4 bytes, first is version */ /* * changed in 0.9.9: these four used to be portions of a single value * changed in 1.0.0: these four used to be portions of a single value * 'algorithms' */ unsigned long algorithm_mkey; /* key exchange algorithm */ unsigned long algorithm_auth; /* server authentication */ unsigned long algorithm_enc; /* symmetric encryption */ unsigned long algorithm_mac; /* symmetric authentication */ unsigned long algorithm_ssl; /* (major) protocol version */ unsigned long algo_strength; /* strength and export flags */ unsigned long algorithm2; /* Extra flags */ int strength_bits; /* Number of bits really used */ int alg_bits; /* Number of bits for algorithm */ uint32_t algorithm_mkey; /* key exchange algorithm */ uint32_t algorithm_auth; /* server authentication */ uint32_t algorithm_enc; /* symmetric encryption */ uint32_t algorithm_mac; /* symmetric authentication */ uint32_t algorithm_ssl; /* (major) protocol version */ uint32_t algo_strength; /* strength and export flags */ uint32_t algorithm2; /* Extra flags */ int32_t strength_bits; /* Number of bits really used */ uint32_t alg_bits; /* Number of bits for algorithm */ }; /* Used to hold SSL/TLS functions */ Loading Loading @@ -1308,12 +1308,12 @@ typedef struct ssl3_state_st { * that are supported by the certs below. For clients they are masks of * *disabled* algorithms based on the current session. */ unsigned long mask_k; unsigned long mask_a; unsigned long export_mask_k; unsigned long export_mask_a; uint32_t mask_k; uint32_t mask_a; uint32_t export_mask_k; uint32_t export_mask_a; /* Client only */ unsigned long mask_ssl; uint32_t mask_ssl; } tmp; /* Connection binding to prevent renegotiation attacks */ Loading Loading @@ -2062,7 +2062,7 @@ __owur int tls12_get_sigandhash(unsigned char *p, const EVP_PKEY *pk, const EVP_MD *md); __owur int tls12_get_sigid(const EVP_PKEY *pk); __owur const EVP_MD *tls12_get_hash(unsigned char hash_alg); void ssl_set_sig_mask(unsigned long *pmask_a, SSL *s, int op); void ssl_set_sig_mask(uint32_t *pmask_a, SSL *s, int op); __owur int tls1_set_sigalgs_list(CERT *c, const char *str, int client); __owur int tls1_set_sigalgs(CERT *c, const int *salg, size_t salglen, int client); Loading
Andy Polyakov <appro@openssl.org>Andy Polyakov <appro@openssl.org>