Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
MR: #1595
uint32_t disabled_auth,
uint32_t disabled_enc,
uint32_t disabled_mac,
uint32_t disabled_auth,
uint32_t disabled_enc,
uint32_t disabled_mac,
CIPHER_ORDER *co_list,
CIPHER_ORDER **head_p,
CIPHER_ORDER **tail_p)
CIPHER_ORDER *co_list,
CIPHER_ORDER **head_p,
CIPHER_ORDER **tail_p)
!(c->algorithm_mkey & disabled_mkey) &&
!(c->algorithm_auth & disabled_auth) &&
!(c->algorithm_enc & disabled_enc) &&
!(c->algorithm_mkey & disabled_mkey) &&
!(c->algorithm_auth & disabled_auth) &&
!(c->algorithm_enc & disabled_enc) &&
- !(c->algorithm_mac & disabled_mac) &&
- !(c->algorithm_ssl & disabled_ssl)) {
+ !(c->algorithm_mac & disabled_mac)) {
co_list[co_list_num].cipher = c;
co_list[co_list_num].next = NULL;
co_list[co_list_num].prev = NULL;
co_list[co_list_num].cipher = c;
co_list[co_list_num].next = NULL;
co_list[co_list_num].prev = NULL;
uint32_t disabled_auth,
uint32_t disabled_enc,
uint32_t disabled_mac,
uint32_t disabled_auth,
uint32_t disabled_enc,
uint32_t disabled_mac,
CIPHER_ORDER *head)
{
CIPHER_ORDER *ciph_curr;
CIPHER_ORDER *head)
{
CIPHER_ORDER *ciph_curr;
uint32_t mask_auth = ~disabled_auth;
uint32_t mask_enc = ~disabled_enc;
uint32_t mask_mac = ~disabled_mac;
uint32_t mask_auth = ~disabled_auth;
uint32_t mask_enc = ~disabled_enc;
uint32_t mask_mac = ~disabled_mac;
- uint32_t mask_ssl = ~disabled_ssl;
/*
* First, add the real ciphers as already collected
/*
* First, add the real ciphers as already collected
uint32_t algorithm_auth = cipher_aliases[i].algorithm_auth;
uint32_t algorithm_enc = cipher_aliases[i].algorithm_enc;
uint32_t algorithm_mac = cipher_aliases[i].algorithm_mac;
uint32_t algorithm_auth = cipher_aliases[i].algorithm_auth;
uint32_t algorithm_enc = cipher_aliases[i].algorithm_enc;
uint32_t algorithm_mac = cipher_aliases[i].algorithm_mac;
- uint32_t algorithm_ssl = cipher_aliases[i].algorithm_ssl;
if (algorithm_mkey)
if ((algorithm_mkey & mask_mkey) == 0)
if (algorithm_mkey)
if ((algorithm_mkey & mask_mkey) == 0)
if ((algorithm_mac & mask_mac) == 0)
continue;
if ((algorithm_mac & mask_mac) == 0)
continue;
- if (algorithm_ssl)
- if ((algorithm_ssl & mask_ssl) == 0)
- continue;
-
*ca_curr = (SSL_CIPHER *)(cipher_aliases + i);
ca_curr++;
}
*ca_curr = (SSL_CIPHER *)(cipher_aliases + i);
ca_curr++;
}
const char *rule_str, CERT *c)
{
int ok, num_of_ciphers, num_of_alias_max, num_of_group_aliases;
const char *rule_str, CERT *c)
{
int ok, num_of_ciphers, num_of_alias_max, num_of_group_aliases;
- uint32_t disabled_mkey, disabled_auth, disabled_enc, disabled_mac,
- disabled_ssl;
+ uint32_t disabled_mkey, disabled_auth, disabled_enc, disabled_mac;
STACK_OF(SSL_CIPHER) *cipherstack, *tmp_cipher_list;
const char *rule_p;
CIPHER_ORDER *co_list = NULL, *head = NULL, *tail = NULL, *curr;
STACK_OF(SSL_CIPHER) *cipherstack, *tmp_cipher_list;
const char *rule_p;
CIPHER_ORDER *co_list = NULL, *head = NULL, *tail = NULL, *curr;
disabled_auth = disabled_auth_mask;
disabled_enc = disabled_enc_mask;
disabled_mac = disabled_mac_mask;
disabled_auth = disabled_auth_mask;
disabled_enc = disabled_enc_mask;
disabled_mac = disabled_mac_mask;
/*
* Now we have to collect the available ciphers from the compiled
/*
* Now we have to collect the available ciphers from the compiled
ssl_cipher_collect_ciphers(ssl_method, num_of_ciphers,
disabled_mkey, disabled_auth, disabled_enc,
ssl_cipher_collect_ciphers(ssl_method, num_of_ciphers,
disabled_mkey, disabled_auth, disabled_enc,
- disabled_mac, disabled_ssl, co_list, &head,
+ disabled_mac, co_list, &head,
&tail);
/* Now arrange all ciphers by preference. */
&tail);
/* Now arrange all ciphers by preference. */
}
ssl_cipher_collect_aliases(ca_list, num_of_group_aliases,
disabled_mkey, disabled_auth, disabled_enc,
}
ssl_cipher_collect_aliases(ca_list, num_of_group_aliases,
disabled_mkey, disabled_auth, disabled_enc,
- disabled_mac, disabled_ssl, head);
/*
* If the rule_string begins with DEFAULT, apply the default rule
/*
* If the rule_string begins with DEFAULT, apply the default rule
projects / openssl.git / commitdiff