#include <stdio.h>
#include <openssl/objects.h>
+#ifndef OPENSSL_NO_COMP
#include <openssl/comp.h>
+#endif
+#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
+#endif
#include "ssl_locl.h"
#define SSL_ENC_DES_IDX 0
/* Search for public key algorithm with given name and
* return its pkey_id if it is available. Otherwise return 0
*/
+#ifdef OPENSSL_NO_ENGINE
+
static int get_optional_pkey_id(const char *pkey_name)
{
const EVP_PKEY_ASN1_METHOD *ameth;
- ENGINE *tmpeng = NULL;
int pkey_id=0;
- ameth = EVP_PKEY_asn1_find_str(&tmpeng,pkey_name,-1);
+ ameth = EVP_PKEY_asn1_find_str(NULL,pkey_name,-1);
if (ameth)
{
EVP_PKEY_asn1_get0_info(&pkey_id, NULL,NULL,NULL,NULL,ameth);
}
- if (tmpeng) ENGINE_finish(tmpeng);
return pkey_id;
}
+#else
+
+static int get_optional_pkey_id(const char *pkey_name)
+ {
+ const EVP_PKEY_ASN1_METHOD *ameth;
+ ENGINE *tmpeng = NULL;
+ int pkey_id=0;
+ ameth = EVP_PKEY_asn1_find_str(&tmpeng,pkey_name,-1);
+ if (ameth)
+ {
+ EVP_PKEY_asn1_get0_info(&pkey_id, NULL,NULL,NULL,NULL,ameth);
+ }
+ if (tmpeng) ENGINE_finish(tmpeng);
+ return pkey_id;
+ }
+
+#endif
+
void ssl_load_ciphers(void)
{
ssl_cipher_methods[SSL_ENC_DES_IDX]=
EVP_get_digestbyname(SN_md5);
ssl_mac_secret_size[SSL_MD_MD5_IDX]=
EVP_MD_size(ssl_digest_methods[SSL_MD_MD5_IDX]);
+ OPENSSL_assert(ssl_mac_secret_size[SSL_MD_MD5_IDX] >= 0);
ssl_digest_methods[SSL_MD_SHA1_IDX]=
EVP_get_digestbyname(SN_sha1);
ssl_mac_secret_size[SSL_MD_SHA1_IDX]=
EVP_MD_size(ssl_digest_methods[SSL_MD_SHA1_IDX]);
+ OPENSSL_assert(ssl_mac_secret_size[SSL_MD_SHA1_IDX] >= 0);
ssl_digest_methods[SSL_MD_GOST94_IDX]=
EVP_get_digestbyname(SN_id_GostR3411_94);
if (ssl_digest_methods[SSL_MD_GOST94_IDX])
{
ssl_mac_secret_size[SSL_MD_GOST94_IDX]=
EVP_MD_size(ssl_digest_methods[SSL_MD_GOST94_IDX]);
+ OPENSSL_assert(ssl_mac_secret_size[SSL_MD_GOST94_IDX] >= 0);
}
ssl_digest_methods[SSL_MD_GOST89MAC_IDX]=
EVP_get_digestbyname(SN_id_Gost28147_89_MAC);
const SSL_CIPHER **ca_list)
{
unsigned long alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl, algo_strength;
- const char *l, *start, *buf;
+ const char *l, *buf;
int j, multi, found, rule, retval, ok, buflen;
unsigned long cipher_id = 0;
char ch;
alg_ssl = 0;
algo_strength = 0;
- start=l;
for (;;)
{
ch = *l;
*cipher_list_by_id = tmp_cipher_list;
(void)sk_SSL_CIPHER_set_cmp_func(*cipher_list_by_id,ssl_cipher_ptr_id_cmp);
+ sk_SSL_CIPHER_sort(*cipher_list_by_id);
return(cipherstack);
}
-char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len)
+char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
{
int is_export,pkl,kl;
const char *ver,*exp_str;
const char *kx,*au,*enc,*mac;
- unsigned long alg_mkey,alg_auth,alg_enc,alg_mac,alg_ssl,alg2,alg_s;
+ unsigned long alg_mkey,alg_auth,alg_enc,alg_mac,alg_ssl,alg2;
#ifdef KSSL_DEBUG
static const char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s AL=%lx/%lx/%lx/%lx/%lx\n";
#else
alg_mac = cipher->algorithm_mac;
alg_ssl = cipher->algorithm_ssl;
- alg_s=cipher->algo_strength;
alg2=cipher->algorithm2;
is_export=SSL_C_IS_EXPORT(cipher);
comp->method=cm;
load_builtin_compressions();
if (ssl_comp_methods
- && !sk_SSL_COMP_find(ssl_comp_methods,comp))
+ && sk_SSL_COMP_find(ssl_comp_methods,comp) >= 0)
{
OPENSSL_free(comp);
MemCheck_on();