RT2842: Remove spurious close-comment marker.

[openssl.git] / ssl / ssl_ciph.c

diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
index 839b210081bc10ba7c68821ee6f81d21386ae565..eb1acf17cd6a913e713740a3e11c592ec02d2577 100644 (file)
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -270,6 +270,7 @@ static const SSL_CIPHER cipher_aliases[]={
        {0,SSL_TXT_aGOST94,0,0,SSL_aGOST94,0,0,0,0,0,0,0},
        {0,SSL_TXT_aGOST01,0,0,SSL_aGOST01,0,0,0,0,0,0,0},
        {0,SSL_TXT_aGOST,0,0,SSL_aGOST94|SSL_aGOST01,0,0,0,0,0,0,0},
+       {0,SSL_TXT_aSRP,0,    0,SSL_aSRP,  0,0,0,0,0,0,0},
 
        /* aliases combining key exchange and server authentication */
        {0,SSL_TXT_EDH,0,     SSL_kEDH,~SSL_aNULL,0,0,0,0,0,0,0},
@@ -562,7 +563,7 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
                break;
                }
 
-       if ((i < 0) || (i > SSL_ENC_NUM_IDX))
+       if ((i < 0) || (i >= SSL_ENC_NUM_IDX))
                *enc=NULL;
        else
                {
@@ -596,7 +597,7 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
                i= -1;
                break;
                }
-       if ((i < 0) || (i > SSL_MD_NUM_IDX))
+       if ((i < 0) || (i >= SSL_MD_NUM_IDX))
        {
                *md=NULL; 
                if (mac_pkey_type!=NULL) *mac_pkey_type = NID_undef;
@@ -931,7 +932,7 @@ static void ssl_cipher_apply_rule(unsigned long cipher_id,
                int rule, int strength_bits,
                CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p)
        {
-       CIPHER_ORDER *head, *tail, *curr, *curr2, *last;
+       CIPHER_ORDER *head, *tail, *curr, *next, *last;
        const SSL_CIPHER *cp;
        int reverse = 0;
 
@@ -948,21 +949,25 @@ static void ssl_cipher_apply_rule(unsigned long cipher_id,
 
        if (reverse)
                {
-               curr = tail;
+               next = tail;
                last = head;
                }
        else
                {
-               curr = head;
+               next = head;
                last = tail;
                }
 
-       curr2 = curr;
+       curr = NULL;
        for (;;)
                {
-               if ((curr == NULL) || (curr == last)) break;
-               curr = curr2;
-               curr2 = reverse ? curr->prev : curr->next;
+               if (curr == last) break;
+
+               curr = next;
+
+               if (curr == NULL) break;
+
+               next = reverse ? curr->prev : curr->next;
 
                cp = curr->cipher;
 
@@ -1672,6 +1677,9 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
        case SSL_kSRP:
                kx="SRP";
                break;
+       case SSL_kGOST:
+               kx="GOST";
+               break;
        default:
                kx="unknown";
                }
@@ -1702,6 +1710,15 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
        case SSL_aPSK:
                au="PSK";
                break;
+       case SSL_aSRP:
+               au="SRP";
+               break;
+       case SSL_aGOST94:
+               au="GOST94";
+               break;
+       case SSL_aGOST01:
+               au="GOST01";
+               break;
        default:
                au="unknown";
                break;
@@ -1749,6 +1766,9 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
        case SSL_SEED:
                enc="SEED(128)";
                break;
+       case SSL_eGOST2814789CNT:
+               enc="GOST89(256)";
+               break;
        default:
                enc="unknown";
                break;
@@ -1771,6 +1791,12 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
        case SSL_AEAD:
                mac="AEAD";
                break;
+       case SSL_GOST89MAC:
+               mac="GOST89";
+               break;
+       case SSL_GOST94:
+               mac="GOST94";
+               break;
        default:
                mac="unknown";
                break;
@@ -1870,9 +1896,23 @@ STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void)
        return(ssl_comp_methods);
        }
 
-void SSL_COMP_set0_compression_methods(STACK_OF(SSL_COMP) *meths)
+STACK_OF(SSL_COMP) *SSL_COMP_set0_compression_methods(STACK_OF(SSL_COMP) *meths)
        {
+       STACK_OF(SSL_COMP) *old_meths = ssl_comp_methods;
        ssl_comp_methods = meths;
+       return old_meths;
+       }
+
+static void cmeth_free(SSL_COMP *cm)
+       {
+       OPENSSL_free(cm);
+       }
+
+void SSL_COMP_free_compression_methods(void)
+       {
+       STACK_OF(SSL_COMP) *old_meths = ssl_comp_methods;
+       ssl_comp_methods = NULL;
+       sk_SSL_COMP_pop_free(old_meths, cmeth_free);
        }
 
 int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm)