CVSROOT: /cvs Module name: src Changes by: js...@cvs.openbsd.org 2024/07/23 08:40:54
Modified files: lib/libssl : d1_lib.c s3_lib.c ssl_ciph.c ssl_local.h ssl_methods.c Log message: Remove get_cipher from SSL_METHOD. Inline the get_cipher implementation (including the special handling for DTLS) in ssl_cipher_collect_ciphers() (the only consumer), remove the get_cipher member of SSL_METHOD and mop up dtls1_get_cipher(). ssl3_get_cipher() has always had a strange property of being a reverse index, which is relied on by the cipher list ordering code, since it currently assumes that high cipher suite values are preferable. Rather than complicating ssl3_get_cipher() (and regress), change the iteration order in ssl_cipher_collect_ciphers() to match what it requires. Lastly, rename ssl3_get_cipher() to be more descriptive. ok tb@