Skip to content

T
Third Party Openssl

OpenHarmony / Third Party Openssl
1 年多 前同步成功

通知 10
Star 18
Fork 1
T
Third Party Openssl
提交 a216df59 编写于 作者: M Matt Caswell
浏览文件
操作

Fix SSL_get_shared_ciphers() 

The function SSL_get_shared_ciphers() is supposed to return ciphers shared
by the client and the server. However it only ever returned the client
ciphers.

Fixes #5317
Reviewed-by: NRichard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6113)
上级 c7e10755
隐藏空白更改
内联 并排
Showing with 19 addition and 10 deletion
include/openssl/ssl.h
浏览文件 @ a216df59
...@@ -1497,7 +1497,7 @@ __owur int SSL_get_fd(const SSL *s); ...@@ -1497,7 +1497,7 @@ __owur int SSL_get_fd(const SSL *s);
__owur int SSL_get_rfd(const SSL *s); __owur int SSL_get_rfd(const SSL *s);
__owur int SSL_get_wfd(const SSL *s); __owur int SSL_get_wfd(const SSL *s);
__owur const char *SSL_get_cipher_list(const SSL *s, int n); __owur const char *SSL_get_cipher_list(const SSL *s, int n);
__owur char *SSL_get_shared_ciphers(const SSL *s, char *buf, int len); __owur char *SSL_get_shared_ciphers(const SSL *s, char *buf, int size);
__owur int SSL_get_read_ahead(const SSL *s); __owur int SSL_get_read_ahead(const SSL *s);
__owur int SSL_pending(const SSL *s); __owur int SSL_pending(const SSL *s);
__owur int SSL_has_pending(const SSL *s); __owur int SSL_has_pending(const SSL *s);
......
ssl/ssl_lib.c
浏览文件 @ a216df59
...@@ -2549,28 +2549,37 @@ int SSL_set_cipher_list(SSL *s, const char *str) ...@@ -2549,28 +2549,37 @@ int SSL_set_cipher_list(SSL *s, const char *str)
return 1; return 1;
} }
char *SSL_get_shared_ciphers(const SSL *s, char *buf, int len) char *SSL_get_shared_ciphers(const SSL *s, char *buf, int size)
{ {
char *p; char *p;
STACK_OF(SSL_CIPHER) *sk; STACK_OF(SSL_CIPHER) *clntsk, *srvrsk;
const SSL_CIPHER *c; const SSL_CIPHER *c;
int i; int i;
if ((s->session == NULL) || (s->session->ciphers == NULL) || (len < 2)) if (!s->server
|| s->session == NULL
|| s->session->ciphers == NULL
|| size < 2)
return NULL; return NULL;
p = buf; p = buf;
sk = s->session->ciphers; clntsk = s->session->ciphers;
srvrsk = SSL_get_ciphers(s);
if (clntsk == NULL || srvrsk == NULL)
return NULL;
if (sk_SSL_CIPHER_num(sk) == 0) if (sk_SSL_CIPHER_num(clntsk) == 0 || sk_SSL_CIPHER_num(srvrsk) == 0)
return NULL; return NULL;
for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) { for (i = 0; i < sk_SSL_CIPHER_num(clntsk); i++) {
int n; int n;
c = sk_SSL_CIPHER_value(sk, i); c = sk_SSL_CIPHER_value(clntsk, i);
if (sk_SSL_CIPHER_find(srvrsk, c) < 0)
continue;
n = strlen(c->name); n = strlen(c->name);
if (n + 1 > len) { if (n + 1 > size) {
if (p != buf) if (p != buf)
--p; --p;
*p = '\0'; *p = '\0';
...@@ -2579,7 +2588,7 @@ char *SSL_get_shared_ciphers(const SSL *s, char *buf, int len) ...@@ -2579,7 +2588,7 @@ char *SSL_get_shared_ciphers(const SSL *s, char *buf, int len)
strcpy(p, c->name); strcpy(p, c->name);
p += n; p += n;
*(p++) = ':'; *(p++) = ':';
len -= n + 1; size -= n + 1;
} }
p[-1] = '\0'; p[-1] = '\0';
return buf; return buf;
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册