kris
/
boringssl
1
0
Vork 0
Code Kwesties 0 Pull-aanvragen 0 Publicaties 0 Wiki Activiteit
Bladeren bron

Add SSL_CTX_get_ciphers. 

This is an API from OpenSSL 1.1.0 which is a little risky to add ahead
of bumping OPENSSL_VERSION_NUMBER, but anything which currently builds
against BoringSSL already had an #ifdef due to the
ssl_cipher_preference_list_st business anyway.

Bump BORINGSSL_API_VERSION to make it easier to patch envoy for this.

BUG=6

Change-Id: If8307e30eb069bbd7dc4b8447b6e48e83899d584
Reviewed-on: https://boringssl-review.googlesource.com/14067
Reviewed-by: Steven Valdez <svaldez@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
kris/onging/CECPQ3_patch15
David Benjamin 7 jaren geleden
committed by CQ bot account: commit-bot@chromium.org
bovenliggende
f29c429324
commit
8ebeabf0e2
3 gewijzigde bestanden met toevoegingen van 11 en 6 verwijderingen
Zij-aan-zij weergave
Diff opties
Statistieken weergeven Download Patch-bestand Download Diff-bestand
  1. +1
    -1
      include/openssl/base.h
  2. +4
    -0
      include/openssl/ssl.h
  3. +6
    -5
      ssl/ssl_lib.c

+ 1
- 1
include/openssl/base.h Bestand weergeven

@@ -141,7 +141,7 @@ extern "C" {
* A consumer may use this symbol in the preprocessor to temporarily build
* against multiple revisions of BoringSSL at the same time. It is not
* recommended to do so for longer than is necessary. */
#define BORINGSSL_API_VERSION 2
#define BORINGSSL_API_VERSION 3

#if defined(BORINGSSL_SHARED_LIBRARY)



+ 4
- 0
include/openssl/ssl.h Bestand weergeven

@@ -1366,6 +1366,10 @@ OPENSSL_EXPORT int SSL_set_strict_cipher_list(SSL *ssl, const char *str);
* inputs, unless an empty cipher list results. */
OPENSSL_EXPORT int SSL_set_cipher_list(SSL *ssl, const char *str);

/* SSL_CTX_get_ciphers returns the cipher list for |ctx|, in order of
* preference. */
OPENSSL_EXPORT STACK_OF(SSL_CIPHER) *SSL_CTX_get_ciphers(const SSL_CTX *ctx);

/* SSL_get_ciphers returns the cipher list for |ssl|, in order of preference. */
OPENSSL_EXPORT STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *ssl);



+ 6
- 5
ssl/ssl_lib.c Bestand weergeven

@@ -1455,6 +1455,10 @@ int SSL_set_tmp_dh(SSL *ssl, const DH *dh) {
return 1;
}

OPENSSL_EXPORT STACK_OF(SSL_CIPHER) *SSL_CTX_get_ciphers(const SSL_CTX *ctx) {
return ctx->cipher_list->ciphers;
}

STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *ssl) {
if (ssl == NULL) {
return NULL;
@@ -1470,19 +1474,16 @@ STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *ssl) {
}

const char *SSL_get_cipher_list(const SSL *ssl, int n) {
const SSL_CIPHER *c;
STACK_OF(SSL_CIPHER) *sk;

if (ssl == NULL) {
return NULL;
}

sk = SSL_get_ciphers(ssl);
STACK_OF(SSL_CIPHER) *sk = SSL_get_ciphers(ssl);
if (sk == NULL || n < 0 || (size_t)n >= sk_SSL_CIPHER_num(sk)) {
return NULL;
}

c = sk_SSL_CIPHER_value(sk, n);
const SSL_CIPHER *c = sk_SSL_CIPHER_value(sk, n);
if (c == NULL) {
return NULL;
}


Schrijf Voorbeeld
Laden…
Annuleren
Opslaan