CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
}
-int ssl_cipher_get_evp(SSL_SESSION *s, const EVP_CIPHER **enc,
+int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
const EVP_MD **md, SSL_COMP **comp)
{
int i;
if (!found)
break; /* ignore this entry */
- algorithms |= ca_list[j]->algorithms;
+ algorithms |= (ca_list[j]->algorithms & ~mask) |
+ (ca_list[j]->algorithms & algorithms & mask);
mask |= ca_list[j]->mask;
- algo_strength |= ca_list[j]->algo_strength;
+ algo_strength |= (ca_list[j]->algo_strength & ~mask_strength) |
+ (ca_list[j]->algo_strength & algorithms & mask_strength);
mask_strength |= ca_list[j]->mask_strength;
if (!multi) break;
}
}
OPENSSL_free(co_list); /* Not needed any longer */
+ /* if no ciphers where selected let's return NULL */
+ if (sk_SSL_CIPHER_num(cipherstack) == 0)
+ {
+ SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH);
+ sk_SSL_CIPHER_free(cipherstack);
+ return NULL;
+ }
/*
* The following passage is a little bit odd. If pointer variables
return(buf);
}
-char *SSL_CIPHER_get_version(SSL_CIPHER *c)
+char *SSL_CIPHER_get_version(const SSL_CIPHER *c)
{
int i;
}
/* return the actual cipher being used */
-const char *SSL_CIPHER_get_name(SSL_CIPHER *c)
+const char *SSL_CIPHER_get_name(const SSL_CIPHER *c)
{
if (c != NULL)
return(c->name);
}
/* number of bits for symmetric cipher */
-int SSL_CIPHER_get_bits(SSL_CIPHER *c, int *alg_bits)
+int SSL_CIPHER_get_bits(const SSL_CIPHER *c, int *alg_bits)
{
int ret=0;