diff options
Diffstat (limited to 'app/openssl/ssl/ssl_lib.c')
| -rw-r--r-- | app/openssl/ssl/ssl_lib.c | 39 |
1 files changed, 1 insertions, 38 deletions
diff --git a/app/openssl/ssl/ssl_lib.c b/app/openssl/ssl/ssl_lib.c index 3de68a78..8d2c3a76 100644 --- a/app/openssl/ssl/ssl_lib.c +++ b/app/openssl/ssl/ssl_lib.c @@ -1403,10 +1403,6 @@ char *SSL_get_shared_ciphers(const SSL *s,char *buf,int len) p=buf; sk=s->session->ciphers; - - if (sk_SSL_CIPHER_num(sk) == 0) - return NULL; - for (i=0; i<sk_SSL_CIPHER_num(sk); i++) { int n; @@ -2675,10 +2671,6 @@ int SSL_get_error(const SSL *s,int i) { return(SSL_ERROR_WANT_X509_LOOKUP); } - if ((i < 0) && SSL_want_channel_id_lookup(s)) - { - return(SSL_ERROR_WANT_CHANNEL_ID_LOOKUP); - } if (i == 0) { @@ -3427,41 +3419,12 @@ int SSL_cutthrough_complete(const SSL *s) s->version >= SSL3_VERSION && s->s3->in_read_app_data == 0 && /* cutthrough only applies to write() */ (SSL_get_mode((SSL*)s) & SSL_MODE_HANDSHAKE_CUTTHROUGH) && /* cutthrough enabled */ - ssl3_can_cutthrough(s) && /* cutthrough allowed */ + SSL_get_cipher_bits(s, NULL) >= 128 && /* strong cipher choosen */ s->s3->previous_server_finished_len == 0 && /* not a renegotiation handshake */ (s->state == SSL3_ST_CR_SESSION_TICKET_A || /* ready to write app-data*/ s->state == SSL3_ST_CR_FINISHED_A)); } -int ssl3_can_cutthrough(const SSL *s) - { - const SSL_CIPHER *c; - - /* require a strong enough cipher */ - if (SSL_get_cipher_bits(s, NULL) < 128) - return 0; - - /* require ALPN or NPN extension */ - if (!s->s3->alpn_selected -#ifndef OPENSSL_NO_NEXTPROTONEG - && !s->s3->next_proto_neg_seen -#endif - ) - { - return 0; - } - - /* require a forward-secret cipher */ - c = SSL_get_current_cipher(s); - if (!c || (c->algorithm_mkey != SSL_kEDH && - c->algorithm_mkey != SSL_kEECDH)) - { - return 0; - } - - return 1; - } - /* Allocates new EVP_MD_CTX and sets pointer to it into given pointer * vairable, freeing EVP_MD_CTX previously stored in that variable, if * any. If EVP_MD pointer is passed, initializes ctx with this md |