Allow cipher strings to be given using its standard name

[openssl.git] / ssl / ssl_ciph.c

diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
index dd22e57c59f0301463c4b6c6615cc0b04b138b05..01044deba3c9d476191152a3ed060c2b0c22dbf3 100644 (file)
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -1042,9 +1042,9 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
             while (((ch >= 'A') && (ch <= 'Z')) ||
                    ((ch >= '0') && (ch <= '9')) ||
                    ((ch >= 'a') && (ch <= 'z')) ||
-                   (ch == '-') || (ch == '.') || (ch == '='))
+                   (ch == '-') || (ch == '_') || (ch == '.') || (ch == '='))
 #else
-            while (isalnum((unsigned char)ch) || (ch == '-') || (ch == '.')
+            while (isalnum((unsigned char)ch) || (ch == '-') || (ch == '_') || (ch == '.')
                    || (ch == '='))
 #endif
             {
@@ -1095,6 +1095,11 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
                     && (ca_list[j]->name[buflen] == '\0')) {
                     found = 1;
                     break;
+                } else if (ca_list[j]->stdname != NULL
+                           && strncmp(buf, ca_list[j]->stdname, buflen) == 0
+                           && ca_list[j]->stdname[buflen] == '\0') {
+                    found = 1;
+                    break;
                 } else
                     j++;
             }