Cross Reference: /freebsd-11.0-release/crypto/openssl/ssl/s3_lib.c

Deleted Added

sdiff udiff text old ( 260403 ) new ( 261037 )

full compact

s3_lib.c (260403)	s3_lib.c (261037)
1/* ssl/s3_lib.c / 2/ Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * --- 1669 unchanged lines hidden (view full) --- 1678 1, 1679 TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA, 1680 TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA, 1681 SSL_kPSK, 1682 SSL_aPSK, 1683 SSL_3DES, 1684 SSL_SHA1, 1685 SSL_TLSV1,	1/* ssl/s3_lib.c / 2/ Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * --- 1669 unchanged lines hidden (view full) --- 1678 1, 1679 TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA, 1680 TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA, 1681 SSL_kPSK, 1682 SSL_aPSK, 1683 SSL_3DES, 1684 SSL_SHA1, 1685 SSL_TLSV1,
1686 SSL_NOT_EXP\|SSL_HIGH,	1686 SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,
1687 SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF, 1688 168, 1689 168, 1690 }, 1691 1692 /* Cipher 8C / 1693* { 1694 1, 1695 TLS1_TXT_PSK_WITH_AES_128_CBC_SHA, 1696 TLS1_CK_PSK_WITH_AES_128_CBC_SHA, 1697 SSL_kPSK, 1698 SSL_aPSK, 1699 SSL_AES128, 1700 SSL_SHA1, 1701 SSL_TLSV1,	1687 SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF, 1688 168, 1689 168, 1690 }, 1691 1692 /* Cipher 8C / 1693* { 1694 1, 1695 TLS1_TXT_PSK_WITH_AES_128_CBC_SHA, 1696 TLS1_CK_PSK_WITH_AES_128_CBC_SHA, 1697 SSL_kPSK, 1698 SSL_aPSK, 1699 SSL_AES128, 1700 SSL_SHA1, 1701 SSL_TLSV1,
1702 SSL_NOT_EXP\|SSL_HIGH,	1702 SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,
1703 SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF, 1704 128, 1705 128, 1706 }, 1707 1708 /* Cipher 8D / 1709* { 1710 1, 1711 TLS1_TXT_PSK_WITH_AES_256_CBC_SHA, 1712 TLS1_CK_PSK_WITH_AES_256_CBC_SHA, 1713 SSL_kPSK, 1714 SSL_aPSK, 1715 SSL_AES256, 1716 SSL_SHA1, 1717 SSL_TLSV1,	1703 SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF, 1704 128, 1705 128, 1706 }, 1707 1708 /* Cipher 8D / 1709* { 1710 1, 1711 TLS1_TXT_PSK_WITH_AES_256_CBC_SHA, 1712 TLS1_CK_PSK_WITH_AES_256_CBC_SHA, 1713 SSL_kPSK, 1714 SSL_aPSK, 1715 SSL_AES256, 1716 SSL_SHA1, 1717 SSL_TLSV1,
1718 SSL_NOT_EXP\|SSL_HIGH,	1718 SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,
1719 SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF, 1720 256, 1721 256, 1722 }, 1723#endif /* OPENSSL_NO_PSK / 1724* 1725#ifndef OPENSSL_NO_SEED 1726 /* SEED ciphersuites from RFC4162 / --- 1305 unchanged lines hidden* (view full) --- 3032#endif 3033#ifndef OPENSSL_NO_ECDH 3034 if (s->s3->tmp.ecdh != NULL) 3035 { 3036 EC_KEY_free(s->s3->tmp.ecdh); 3037 s->s3->tmp.ecdh = NULL; 3038 } 3039#endif	1719 SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF, 1720 256, 1721 256, 1722 }, 1723#endif /* OPENSSL_NO_PSK / 1724* 1725#ifndef OPENSSL_NO_SEED 1726 /* SEED ciphersuites from RFC4162 / --- 1305 unchanged lines hidden* (view full) --- 3032#endif 3033#ifndef OPENSSL_NO_ECDH 3034 if (s->s3->tmp.ecdh != NULL) 3035 { 3036 EC_KEY_free(s->s3->tmp.ecdh); 3037 s->s3->tmp.ecdh = NULL; 3038 } 3039#endif
	3040#ifndef OPENSSL_NO_TLSEXT 3041#ifndef OPENSSL_NO_EC 3042 s->s3->is_probably_safari = 0; 3043#endif /* !OPENSSL_NO_EC / 3044#endif / !OPENSSL_NO_TLSEXT */
3040 3041 rp = s->s3->rbuf.buf; 3042 wp = s->s3->wbuf.buf; 3043 rlen = s->s3->rbuf.len; 3044 wlen = s->s3->wbuf.len; 3045 init_extra = s->s3->init_extra; 3046 if (s->s3->handshake_buffer) { 3047 BIO_free(s->s3->handshake_buffer); --- 963 unchanged lines hidden (view full) --- 4011 } 4012#endif /* OPENSSL_NO_EC / 4013#endif / OPENSSL_NO_TLSEXT / 4014* 4015 if (!ok) continue; 4016 ii=sk_SSL_CIPHER_find(allow,c); 4017 if (ii >= 0) 4018 {	3045 3046 rp = s->s3->rbuf.buf; 3047 wp = s->s3->wbuf.buf; 3048 rlen = s->s3->rbuf.len; 3049 wlen = s->s3->wbuf.len; 3050 init_extra = s->s3->init_extra; 3051 if (s->s3->handshake_buffer) { 3052 BIO_free(s->s3->handshake_buffer); --- 963 unchanged lines hidden (view full) --- 4016 } 4017#endif /* OPENSSL_NO_EC / 4018#endif / OPENSSL_NO_TLSEXT / 4019* 4020 if (!ok) continue; 4021 ii=sk_SSL_CIPHER_find(allow,c); 4022 if (ii >= 0) 4023 {
	4024#if !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_TLSEXT) 4025 if ((alg_k & SSL_kEECDH) && (alg_a & SSL_aECDSA) && s->s3->is_probably_safari) 4026 { 4027 if (!ret) ret=sk_SSL_CIPHER_value(allow,ii); 4028 continue; 4029 } 4030#endif
4019 ret=sk_SSL_CIPHER_value(allow,ii); 4020 break; 4021 } 4022 } 4023 return(ret); 4024 } 4025 4026int ssl3_get_req_cert_type(SSL s, unsigned char p) --- 256 unchanged lines hidden ---	4031 ret=sk_SSL_CIPHER_value(allow,ii); 4032 break; 4033 } 4034 } 4035 return(ret); 4036 } 4037 4038int ssl3_get_req_cert_type(SSL s, unsigned char p) --- 256 unchanged lines hidden ---