CVSROOT: /cvs
Module name: src
Changes by: js...@cvs.openbsd.org 2024/07/23 08:40:54
Modified files:
lib/libssl : d1_lib.c s3_lib.c ssl_ciph.c ssl_local.h
ssl_methods.c
Log message:
Remove get_cipher from SSL_METHOD.
Inline the get_cipher implementation (including the special handling
for DTLS) in ssl_cipher_collect_ciphers() (the only consumer), remove
the get_cipher member of SSL_METHOD and mop up dtls1_get_cipher().
ssl3_get_cipher() has always had a strange property of being a reverse
index, which is relied on by the cipher list ordering code, since it
currently assumes that high cipher suite values are preferable. Rather
than complicating ssl3_get_cipher() (and regress), change the iteration
order in ssl_cipher_collect_ciphers() to match what it requires. Lastly,
rename ssl3_get_cipher() to be more descriptive.
ok tb@
