generic-library/curl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

nss: do not count enabled cipher-suites

Browse Source 
We only care if at least one cipher-suite is enabled, so it does
not make any sense to iterate till the end and count all enabled
cipher-suites.
This commit is contained in:
Kamil Dudka 2016-02-04 10:41:15 +01:00
parent 5f835fb266
commit 6390e65664
1 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
lib/vtls/nss.c
View File

@ -275,21 +275,21 @@ static SECStatus set_ciphers(struct SessionHandle *data, PRFileDesc * model,
} }
/* /*
* Get the number of ciphers that are enabled. We use this to determine * Return true if at least one cipher-suite is enabled. Used to determine
* if we need to call NSS_SetDomesticPolicy() to enable the default ciphers. * if we need to call NSS_SetDomesticPolicy() to enable the default ciphers.
*/ */
static int num_enabled_ciphers(void) static bool any_cipher_enabled(void)
{ {
PRInt32 policy = 0;
int count = 0;
unsigned int i; unsigned int i;
for(i=0; i<NUM_OF_CIPHERS; i++) { for(i=0; i<NUM_OF_CIPHERS; i++) {
PRInt32 policy = 0;
SSL_CipherPolicyGet(cipherlist[i].num, &policy); SSL_CipherPolicyGet(cipherlist[i].num, &policy);
if(policy) if(policy)
count++; return TRUE;
} }
return count;
return FALSE;
} }
/* /*
@ -1228,7 +1228,7 @@ static CURLcode nss_init(struct SessionHandle *data)
if(result) if(result)
return result; return result;
if(num_enabled_ciphers() == 0) if(!any_cipher_enabled())
NSS_SetDomesticPolicy(); NSS_SetDomesticPolicy();
initialized = 1; initialized = 1;