Initial "opaque SSL" framework. If an application defines

[openssl.git] / ssl / ssl_ciph.c

diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
index bee3507ea18a904c8042017f4f2371080c77abcd..84829e5e9ad158884af6a667a3b32ae52851881e 100644 (file)
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -247,6 +247,7 @@ static const SSL_CIPHER cipher_aliases[]={
        {0,SSL_TXT_ECDH,0,    SSL_kECDHr|SSL_kECDHe|SSL_kEECDH,0,0,0,0,0,0,0,0},
 
         {0,SSL_TXT_kPSK,0,    SSL_kPSK,  0,0,0,0,0,0,0,0},
+       {0,SSL_TXT_kSRP,0,    SSL_kSRP,  0,0,0,0,0,0,0,0},
        {0,SSL_TXT_kGOST,0, SSL_kGOST,0,0,0,0,0,0,0,0},
 
        /* server authentication aliases */
@@ -273,6 +274,7 @@ static const SSL_CIPHER cipher_aliases[]={
        {0,SSL_TXT_ADH,0,     SSL_kEDH,SSL_aNULL,0,0,0,0,0,0,0},
        {0,SSL_TXT_AECDH,0,   SSL_kEECDH,SSL_aNULL,0,0,0,0,0,0,0},
         {0,SSL_TXT_PSK,0,     SSL_kPSK,SSL_aPSK,0,0,0,0,0,0,0},
+       {0,SSL_TXT_SRP,0,     SSL_kSRP,0,0,0,0,0,0,0,0},
 
 
        /* symmetric encryption aliases */
@@ -660,6 +662,9 @@ static void ssl_cipher_get_disabled(unsigned long *mkey, unsigned long *auth, un
 #ifdef OPENSSL_NO_PSK
        *mkey |= SSL_kPSK;
        *auth |= SSL_aPSK;
+#endif
+#ifdef OPENSSL_NO_SRP
+       *mkey |= SSL_kSRP;
 #endif
        /* Check for presence of GOST 34.10 algorithms, and if they
         * do not present, disable  appropriate auth and key exchange */
@@ -1027,7 +1032,7 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
                 const SSL_CIPHER **ca_list)
        {
        unsigned long alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl, algo_strength;
-       const char *l, *start, *buf;
+       const char *l, *buf;
        int j, multi, found, rule, retval, ok, buflen;
        unsigned long cipher_id = 0;
        char ch;
@@ -1064,7 +1069,6 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
                alg_ssl = 0;
                algo_strength = 0;
 
-               start=l;
                for (;;)
                        {
                        ch = *l;
@@ -1456,7 +1460,7 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
        int is_export,pkl,kl;
        const char *ver,*exp_str;
        const char *kx,*au,*enc,*mac;
-       unsigned long alg_mkey,alg_auth,alg_enc,alg_mac,alg_ssl,alg2,alg_s;
+       unsigned long alg_mkey,alg_auth,alg_enc,alg_mac,alg_ssl,alg2;
 #ifdef KSSL_DEBUG
        static const char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s AL=%lx/%lx/%lx/%lx/%lx\n";
 #else
@@ -1469,7 +1473,6 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
        alg_mac = cipher->algorithm_mac;
        alg_ssl = cipher->algorithm_ssl;
 
-       alg_s=cipher->algo_strength;
        alg2=cipher->algorithm2;
 
        is_export=SSL_C_IS_EXPORT(cipher);
@@ -1513,6 +1516,9 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
        case SSL_kPSK:
                kx="PSK";
                break;
+       case SSL_kSRP:
+               kx="SRP";
+               break;
        default:
                kx="unknown";
                }
@@ -1654,6 +1660,11 @@ int SSL_CIPHER_get_bits(const SSL_CIPHER *c, int *alg_bits)
        return(ret);
        }
 
+unsigned long SSL_CIPHER_get_id(const SSL_CIPHER *c)
+       {
+       return c->id;
+       }
+
 SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n)
        {
        SSL_COMP *ctmp;