fix warnings/inconsistencies caused by the recent changes to the

ciphersuite selection code in HEAD

Submitted by: Victor Duchovni

diff --git a/ssl/d1_clnt.c b/ssl/d1_clnt.c
index 0f3dd708a678feaa53294a886be248d3f0a89db5..486bd32b0329462dd1493a3856e8813d9deb3b1a 100644 (file)
--- a/ssl/d1_clnt.c
+++ b/ssl/d1_clnt.c
@@ -144,7 +144,7 @@ IMPLEMENT_dtls1_meth_func(DTLSv1_client_method,
 int dtls1_connect(SSL *s)
        {
        BUF_MEM *buf=NULL;
 int dtls1_connect(SSL *s)
        {
        BUF_MEM *buf=NULL;

-       unsigned long Time=(unsigned long)time(NULL),l;
+       unsigned long Time=(unsigned long)time(NULL);

        long num1;
        void (*cb)(const SSL *ssl,int type,int val)=NULL;
        int ret= -1;
        long num1;
        void (*cb)(const SSL *ssl,int type,int val)=NULL;
        int ret= -1;

diff --git a/ssl/d1_srvr.c b/ssl/d1_srvr.c
index 450524a5e91ee95ee8b9b961e3bdb7529b4aa841..0fc40078f4fc8d13db4da21c643fcc168b22261d 100644 (file)
--- a/ssl/d1_srvr.c
+++ b/ssl/d1_srvr.c
@@ -145,7 +145,7 @@ IMPLEMENT_dtls1_meth_func(DTLSv1_server_method,
 int dtls1_accept(SSL *s)
        {
        BUF_MEM *buf;
 int dtls1_accept(SSL *s)
        {
        BUF_MEM *buf;

-       unsigned long l,Time=(unsigned long)time(NULL);
+       unsigned long Time=(unsigned long)time(NULL);

        void (*cb)(const SSL *ssl,int type,int val)=NULL;
        long num1;
        unsigned long alg_k;
        void (*cb)(const SSL *ssl,int type,int val)=NULL;
        long num1;
        unsigned long alg_k;

diff --git a/ssl/s2_lib.c b/ssl/s2_lib.c
index 30ca8606e41298e692d3da8a7a3be6433fdd5aaf..25148d3397a99bdef7348f613b4e8a6cedd4459b 100644 (file)
--- a/ssl/s2_lib.c
+++ b/ssl/s2_lib.c
@@ -279,6 +279,10 @@ OPENSSL_GLOBAL SSL_CIPHER ssl2_ciphers[]={
        SSL2_TXT_NULL,
        SSL2_CK_NULL,
        0,
        SSL2_TXT_NULL,
        SSL2_CK_NULL,
        0,

+       0,
+       0,
+       0,
+       SSL_SSLV2,

        SSL_STRONG_NONE,
        0,
        0,
        SSL_STRONG_NONE,
        0,
        0,

diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index 2a19ec496e7e34613d04393e7cf1e0b7a76fd74c..980dd7928872ca224f0372f51986bffa31283b55 100644 (file)
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -1828,7 +1828,7 @@ int ssl3_send_client_key_exchange(SSL *s)
 
 #ifdef KSSL_DEBUG
                        printf("ssl3_send_client_key_exchange(%lx & %lx)\n",
 
 #ifdef KSSL_DEBUG
                        printf("ssl3_send_client_key_exchange(%lx & %lx)\n",

-                               l, SSL_kKRB5);
+                               alg_k, SSL_kKRB5);

 #endif /* KSSL_DEBUG */
 
                        authp = NULL;
 #endif /* KSSL_DEBUG */
 
                        authp = NULL;

diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index d4114f3de8e0ffcab8ecb8bbd59fb5d490519596..d438cbb10d0114a7cb05c78d6382da7abe4146bc 100644 (file)
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -699,12 +699,12 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
        1,
        SSL3_TXT_KRB5_RC4_128_SHA,
        SSL3_CK_KRB5_RC4_128_SHA,
        1,
        SSL3_TXT_KRB5_RC4_128_SHA,
        SSL3_CK_KRB5_RC4_128_SHA,

-       SSL_kKRB5,SSL_aKRB5,
+       SSL_kKRB5,
+       SSL_aKRB5,

        SSL_RC4,
        SSL_SHA1,
        SSL_SSLV3,
        SSL_RC4,
        SSL_SHA1,
        SSL_SSLV3,

-       SSL_NOT_EXP,
-       SSL_MEDIUM,
+       SSL_NOT_EXP|SSL_MEDIUM,

        0,
        128,
        128,
        0,
        128,
        128,


@@ -799,7 +799,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
        SSL_aKRB5,
        SSL_DES,
        SSL_SHA1,
        SSL_aKRB5,
        SSL_DES,
        SSL_SHA1,

-       |SSL_SSLV3,
+       SSL_SSLV3,

        SSL_EXPORT|SSL_EXP40,
        0,
        40,
        SSL_EXPORT|SSL_EXP40,
        0,
        40,