kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Only resolve which cipher list to use once.

Browse Source 
Get some of the duplicate logic out of the way.

Change-Id: Iee7c64577e14d1ddfead7e1e32c42c5c9f2a310d
Reviewed-on: https://boringssl-review.googlesource.com/11981
Reviewed-by: Steven Valdez <svaldez@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
This commit is contained in:
David Benjamin 2016-10-31 16:29:57 -04:00 committed by CQ bot account: commit-bot@chromium.org
parent 74df74b98f
commit af3b3d397e
3 changed files with 9 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
ssl/internal.h
View File

@ -1652,7 +1652,8 @@ OPENSSL_EXPORT SSL_SESSION *SSL_SESSION_dup(SSL_SESSION *session,
void ssl_cipher_preference_list_free(
struct ssl_cipher_preference_list_st *cipher_list);
struct ssl_cipher_preference_list_st *ssl_get_cipher_preferences(SSL *ssl);
const struct ssl_cipher_preference_list_st *ssl_get_cipher_preferences(
const SSL *ssl);
int ssl_cert_set0_chain(CERT *cert, STACK_OF(X509) *chain);
int ssl_cert_set1_chain(CERT *cert, STACK_OF(X509) *chain);

3
ssl/s3_lib.c
View File

@ -220,7 +220,8 @@ void ssl3_free(SSL *ssl) {
ssl->s3 = NULL;
}
struct ssl_cipher_preference_list_st *ssl_get_cipher_preferences(SSL *ssl) {
const struct ssl_cipher_preference_list_st *ssl_get_cipher_preferences(
const SSL *ssl) {
if (ssl->cipher_list != NULL) {
return ssl->cipher_list;
}

20
ssl/ssl_lib.c
View File

@ -1564,23 +1564,13 @@ STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *ssl) {
return NULL;
}
if (ssl->cipher_list != NULL) {
return ssl->cipher_list->ciphers;
const struct ssl_cipher_preference_list_st *prefs =
ssl_get_cipher_preferences(ssl);
if (prefs == NULL) {
return NULL;
}
if (ssl->version >= TLS1_1_VERSION && ssl->ctx->cipher_list_tls11 != NULL) {
return ssl->ctx->cipher_list_tls11->ciphers;
}
if (ssl->version >= TLS1_VERSION && ssl->ctx->cipher_list_tls10 != NULL) {
return ssl->ctx->cipher_list_tls10->ciphers;
}
if (ssl->ctx->cipher_list != NULL) {
return ssl->ctx->cipher_list->ciphers;
}
return NULL;
return prefs->ciphers;
}
/* return a STACK of the ciphers available for the SSL and in order of