Remove redundant checks in ssl_cert_dup. This was causing spurious error messages...

[openssl.git] / ssl / s23_lib.c

diff --git a/ssl/s23_lib.c b/ssl/s23_lib.c
index fc2981308d55e3d4b16e5f6fb59482ea5226cd4b..f3c29d1dde61ec93d6e3fce69853d53539769e73 100644 (file)
--- a/ssl/s23_lib.c
+++ b/ssl/s23_lib.c
@@ -65,11 +65,6 @@ long ssl23_default_timeout(void)
        return(300);
        }
 
-IMPLEMENT_ssl23_meth_func(sslv23_base_method,
-                       ssl_undefined_function,
-                       ssl_undefined_function,
-                       ssl_bad_method)
-
 int ssl23_num_ciphers(void)
        {
        return(ssl3_num_ciphers()
@@ -79,7 +74,7 @@ int ssl23_num_ciphers(void)
            );
        }
 
-SSL_CIPHER *ssl23_get_cipher(unsigned int u)
+const SSL_CIPHER *ssl23_get_cipher(unsigned int u)
        {
        unsigned int uu=ssl3_num_ciphers();
 
@@ -95,16 +90,10 @@ SSL_CIPHER *ssl23_get_cipher(unsigned int u)
 
 /* This function needs to check if the ciphers required are actually
  * available */
-SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p)
+const SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p)
        {
-       SSL_CIPHER c,*cp;
-       unsigned long id;
-       int n;
+       const SSL_CIPHER *cp;
 
-       n=ssl3_num_ciphers();
-       id=0x03000000|((unsigned long)p[0]<<16L)|
-               ((unsigned long)p[1]<<8L)|(unsigned long)p[2];
-       c.id=id;
        cp=ssl3_get_cipher_by_char(p);
 #ifndef OPENSSL_NO_SSL2
        if (cp == NULL)
@@ -118,6 +107,13 @@ int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
        long l;
 
        /* We can write SSLv2 and SSLv3 ciphers */
+       /* but no ECC ciphers */
+       if (c->algorithm_mkey == SSL_kECDHr ||
+               c->algorithm_mkey == SSL_kECDHe ||
+               c->algorithm_mkey == SSL_kEECDH ||
+               c->algorithm_auth == SSL_aECDH ||
+               c->algorithm_auth == SSL_aECDSA)
+               return 0;
        if (p != NULL)
                {
                l=c->id;