From 52b8dad8ec6eb0dcada52851af5f9498af7a91be Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bodo=20M=C3=B6ller?= Date: Sat, 17 Feb 2007 06:45:38 +0000 Subject: Reorganize the data used for SSL ciphersuite pattern matching. This change resolves a number of problems and obviates multiple kludges. A new feature is that you can now say "AES256" or "AES128" (not just "AES", which enables both). In some cases the ciphersuite list generated from a given string is affected by this change. I hope this is just in those cases where the previous behaviour did not make sense. --- ssl/t1_enc.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) (limited to 'ssl/t1_enc.c') diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index 29892e6..8398d27 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -56,7 +56,7 @@ * [including the GNU Public Licence.] */ /* ==================================================================== - * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. + * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -274,8 +274,10 @@ int tls1_change_cipher_state(SSL *s, int which) #ifdef KSSL_DEBUG printf("tls1_change_cipher_state(which= %d) w/\n", which); - printf("\talg= %ld, comp= %p\n", s->s3->tmp.new_cipher->algorithms, - comp); + printf("\talg= %ld/%ld, comp= %p\n", + s->s3->tmp.new_cipher->algorithm_mkey, + s->s3->tmp.new_cipher->algorithm_auth, + comp); printf("\tevp_cipher == %p ==? &d_cbc_ede_cipher3\n", c); printf("\tevp_cipher: nid, blksz= %d, %d, keylen=%d, ivlen=%d\n", c->nid,c->block_size,c->key_len,c->iv_len); @@ -531,11 +533,11 @@ printf("\nkey block\n"); if (s->session->cipher != NULL) { - if ((s->session->cipher->algorithms & SSL_ENC_MASK) == SSL_eNULL) + if (s->session->cipher->algorithm_enc == SSL_eNULL) s->s3->need_empty_fragments = 0; #ifndef OPENSSL_NO_RC4 - if ((s->session->cipher->algorithms & SSL_ENC_MASK) == SSL_RC4) + if (s->session->cipher->algorithm_enc == SSL_RC4) s->s3->need_empty_fragments = 0; #endif } -- cgit v1.1