Skip to content

T
Third Party Openssl

OpenHarmony / Third Party Openssl
接近 2 年 前同步成功

通知 12
Star 18
Fork 1
T
Third Party Openssl
提交 643a3580 编写于 作者: M Matt Caswell
浏览文件
操作

Move the downgrade sentinel declarations to a header file 

Reviewed-by: NRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3022)
上级 b9647e34
隐藏空白更改
内联 并排
Showing with 11 addition and 15 deletion
ssl/s3_lib.c
浏览文件 @ 643a3580
...@@ -58,6 +58,14 @@ ...@@ -58,6 +58,14 @@
#define SSL3_NUM_CIPHERS OSSL_NELEM(ssl3_ciphers) #define SSL3_NUM_CIPHERS OSSL_NELEM(ssl3_ciphers)
#define SSL3_NUM_SCSVS OSSL_NELEM(ssl3_scsvs) #define SSL3_NUM_SCSVS OSSL_NELEM(ssl3_scsvs)
/* TLSv1.3 downgrade protection sentinel values */
const unsigned char tls11downgrade[] = {
0x44, 0x4f, 0x57, 0x4e, 0x47, 0x52, 0x44, 0x00
};
const unsigned char tls12downgrade[] = {
0x44, 0x4f, 0x57, 0x4e, 0x47, 0x52, 0x44, 0x01
};
/* /*
* The list of available ciphers, mostly organized into the following * The list of available ciphers, mostly organized into the following
* groups: * groups:
...@@ -4030,13 +4038,6 @@ int ssl_fill_hello_random(SSL *s, int server, unsigned char *result, size_t len, ...@@ -4030,13 +4038,6 @@ int ssl_fill_hello_random(SSL *s, int server, unsigned char *result, size_t len,
} }
#ifndef OPENSSL_NO_TLS13DOWNGRADE #ifndef OPENSSL_NO_TLS13DOWNGRADE
if (ret) { if (ret) {
static const unsigned char tls11downgrade[] = {
0x44, 0x4f, 0x57, 0x4e, 0x47, 0x52, 0x44, 0x00
};
static const unsigned char tls12downgrade[] = {
0x44, 0x4f, 0x57, 0x4e, 0x47, 0x52, 0x44, 0x01
};
assert(sizeof(tls11downgrade) < len && sizeof(tls12downgrade) < len); assert(sizeof(tls11downgrade) < len && sizeof(tls12downgrade) < len);
if (dgrd == DOWNGRADE_TO_1_2) if (dgrd == DOWNGRADE_TO_1_2)
memcpy(result + len - sizeof(tls12downgrade), tls12downgrade, memcpy(result + len - sizeof(tls12downgrade), tls12downgrade,
......
ssl/ssl_locl.h
浏览文件 @ 643a3580
...@@ -1865,6 +1865,9 @@ typedef enum tlsext_index_en { ...@@ -1865,6 +1865,9 @@ typedef enum tlsext_index_en {
/* A dummy signature value not valid for TLSv1.2 signature algs */ /* A dummy signature value not valid for TLSv1.2 signature algs */
#define TLSEXT_signature_rsa_pss 0x0101 #define TLSEXT_signature_rsa_pss 0x0101
/* TLSv1.3 downgrade protection sentinel values */
extern const unsigned char tls11downgrade[8];
extern const unsigned char tls12downgrade[8];
extern SSL3_ENC_METHOD ssl3_undef_enc_method; extern SSL3_ENC_METHOD ssl3_undef_enc_method;
......
ssl/statem/statem_lib.c
浏览文件 @ 643a3580
...@@ -1726,14 +1726,6 @@ int ssl_choose_client_version(SSL *s, int version, int checkdgrd, int *al) ...@@ -1726,14 +1726,6 @@ int ssl_choose_client_version(SSL *s, int version, int checkdgrd, int *al)
for (vent = table; vent->version != 0; ++vent) { for (vent = table; vent->version != 0; ++vent) {
const SSL_METHOD *method; const SSL_METHOD *method;
int err; int err;
#ifndef OPENSSL_NO_TLS13DOWNGRADE
static const unsigned char tls11downgrade[] = {
0x44, 0x4f, 0x57, 0x4e, 0x47, 0x52, 0x44, 0x00
};
static const unsigned char tls12downgrade[] = {
0x44, 0x4f, 0x57, 0x4e, 0x47, 0x52, 0x44, 0x01
};
#endif
if (vent->cmeth == NULL) if (vent->cmeth == NULL)
continue; continue;
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册