projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Delete duplicate entry.
[openssl.git]
/
ssl
/
s3_lib.c
diff --git
a/ssl/s3_lib.c
b/ssl/s3_lib.c
index 68b1ada5bce1a493326616c357ae5f91c59e48eb..220533734ac0746b19352186bee0c8cf733af334 100644
(file)
--- a/
ssl/s3_lib.c
+++ b/
ssl/s3_lib.c
@@
-1678,7
+1678,7
@@
OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_3DES,
SSL_SHA1,
SSL_TLSV1,
SSL_3DES,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP|SSL_HIGH,
+ SSL_NOT_EXP|SSL_HIGH
|SSL_FIPS
,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
168,
168,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
168,
168,
@@
-1694,7
+1694,7
@@
OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_AES128,
SSL_SHA1,
SSL_TLSV1,
SSL_AES128,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP|SSL_HIGH,
+ SSL_NOT_EXP|SSL_HIGH
|SSL_FIPS
,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
128,
128,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
128,
128,
@@
-1710,7
+1710,7
@@
OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_AES256,
SSL_SHA1,
SSL_TLSV1,
SSL_AES256,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP|SSL_HIGH,
+ SSL_NOT_EXP|SSL_HIGH
|SSL_FIPS
,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
256,
256,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
256,
256,
@@
-3029,8
+3029,6
@@
void ssl3_free(SSL *s)
SSL_SRP_CTX_free(s);
#endif
#ifndef OPENSSL_NO_TLSEXT
SSL_SRP_CTX_free(s);
#endif
#ifndef OPENSSL_NO_TLSEXT
- if (s->s3->tlsext_authz_client_types != NULL)
- OPENSSL_free(s->s3->tlsext_authz_client_types);
if (s->s3->tlsext_custom_types != NULL)
OPENSSL_free(s->s3->tlsext_custom_types);
#endif
if (s->s3->tlsext_custom_types != NULL)
OPENSSL_free(s->s3->tlsext_custom_types);
#endif
@@
-3078,11
+3076,6
@@
void ssl3_clear(SSL *s)
}
#endif
#ifndef OPENSSL_NO_TLSEXT
}
#endif
#ifndef OPENSSL_NO_TLSEXT
- if (s->s3->tlsext_authz_client_types != NULL)
- {
- OPENSSL_free(s->s3->tlsext_authz_client_types);
- s->s3->tlsext_authz_client_types = NULL;
- }
if (s->s3->tlsext_custom_types != NULL)
{
OPENSSL_free(s->s3->tlsext_custom_types);
if (s->s3->tlsext_custom_types != NULL)
{
OPENSSL_free(s->s3->tlsext_custom_types);
@@
-3091,8
+3084,8
@@
void ssl3_clear(SSL *s)
s->s3->tlsext_custom_types_count = 0;
#ifndef OPENSSL_NO_EC
s->s3->is_probably_safari = 0;
s->s3->tlsext_custom_types_count = 0;
#ifndef OPENSSL_NO_EC
s->s3->is_probably_safari = 0;
-#endif /* OPENSSL_NO_EC */
-#endif /* OPENSSL_NO_TLSEXT */
+#endif /*
!
OPENSSL_NO_EC */
+#endif /*
!
OPENSSL_NO_TLSEXT */
rp = s->s3->rbuf.buf;
wp = s->s3->wbuf.buf;
rp = s->s3->rbuf.buf;
wp = s->s3->wbuf.buf;
@@
-3892,10
+3885,6
@@
long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
case SSL_CTRL_SET_CHAIN_CERT_STORE:
return ssl_cert_set_cert_store(ctx->cert, parg, 1, larg);
case SSL_CTRL_SET_CHAIN_CERT_STORE:
return ssl_cert_set_cert_store(ctx->cert, parg, 1, larg);
- case SSL_CTRL_SET_TLSEXT_AUTHZ_SERVER_AUDIT_PROOF_CB_ARG:
- ctx->tlsext_authz_server_audit_proof_cb_arg = parg;
- break;
-
#endif /* !OPENSSL_NO_TLSEXT */
/* A Thawte special :-) */
#endif /* !OPENSSL_NO_TLSEXT */
/* A Thawte special :-) */
@@
-4005,12
+3994,6
@@
long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
ctx->srp_ctx.SRP_give_srp_client_pwd_callback=(char *(*)(SSL *,void *))fp;
break;
#endif
ctx->srp_ctx.SRP_give_srp_client_pwd_callback=(char *(*)(SSL *,void *))fp;
break;
#endif
-
- case SSL_CTRL_SET_TLSEXT_AUTHZ_SERVER_AUDIT_PROOF_CB:
- ctx->tlsext_authz_server_audit_proof_cb =
- (int (*)(SSL *, void *))fp;
- break;
-
#endif
case SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB:
{
#endif
case SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB:
{
@@
-4173,15
+4156,15
@@
SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
ii=sk_SSL_CIPHER_find(allow,c);
if (ii >= 0)
{
ii=sk_SSL_CIPHER_find(allow,c);
if (ii >= 0)
{
+#if !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_TLSEXT)
if ((alg_k & SSL_kEECDH) && (alg_a & SSL_aECDSA) && s->s3->is_probably_safari)
{
if (!ret) ret=sk_SSL_CIPHER_value(allow,ii);
if ((alg_k & SSL_kEECDH) && (alg_a & SSL_aECDSA) && s->s3->is_probably_safari)
{
if (!ret) ret=sk_SSL_CIPHER_value(allow,ii);
+ continue;
}
}
- else
- {
- ret=sk_SSL_CIPHER_value(allow,ii);
- break;
- }
+#endif
+ ret=sk_SSL_CIPHER_value(allow,ii);
+ break;
}
}
return(ret);
}
}
return(ret);