Drop support for printing SSLv2 ciphers names.
authorKurt Roeckx <kurt@roeckx.be>
Sun, 21 Feb 2016 18:57:43 +0000 (19:57 +0100)
committerKurt Roeckx <kurt@roeckx.be>
Sat, 27 Feb 2016 12:07:10 +0000 (13:07 +0100)
Reviewed-by: Rich Salz <rsalz@openssl.org>
MR: #2083

apps/s_cb.c

index b74d682..8a25d17 100644 (file)
@@ -1061,11 +1061,12 @@ int args_excert(int opt, SSL_EXCERT **pexc)
 static void print_raw_cipherlist(SSL *s)
 {
     const unsigned char *rlist;
-    static const unsigned char scsv_id[] = { 0, 0, 0xFF };
+    static const unsigned char scsv_id[] = { 0, 0xFF };
     size_t i, rlistlen, num;
     if (!SSL_is_server(s))
         return;
     num = SSL_get0_raw_cipherlist(s, NULL);
+    OPENSSL_assert(num == 2);
     rlistlen = SSL_get0_raw_cipherlist(s, &rlist);
     BIO_puts(bio_err, "Client cipher list: ");
     for (i = 0; i < rlistlen; i += num, rlist += num) {
@@ -1074,7 +1075,7 @@ static void print_raw_cipherlist(SSL *s)
             BIO_puts(bio_err, ":");
         if (c)
             BIO_puts(bio_err, SSL_CIPHER_get_name(c));
-        else if (!memcmp(rlist, scsv_id - num + 3, num))
+        else if (!memcmp(rlist, scsv_id, num))
             BIO_puts(bio_err, "SCSV");
         else {
             size_t j;