generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Match SUITEB strings at start of cipher list.

Browse Source 
PR#4009.

Reviewed-by: Rich Salz <rsalz@openssl.org>
This commit is contained in:
Dr. Stephen Henson 2015-09-04 00:20:34 +01:00
parent d4ab70f27c
commit 13e228d684
1 changed files with 6 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
ssl/ssl_ciph.c
View File

@ -1330,15 +1330,16 @@ static int check_suiteb_cipher_list(const SSL_METHOD *meth, CERT *c,
const char **prule_str) const char **prule_str)
{ {
unsigned int suiteb_flags = 0, suiteb_comb2 = 0; unsigned int suiteb_flags = 0, suiteb_comb2 = 0;
if (strcmp(*prule_str, "SUITEB128") == 0) if (strncmp(*prule_str, "SUITEB128ONLY", 13) == 0) {
suiteb_flags = SSL_CERT_FLAG_SUITEB_128_LOS;
else if (strcmp(*prule_str, "SUITEB128ONLY") == 0)
suiteb_flags = SSL_CERT_FLAG_SUITEB_128_LOS_ONLY; suiteb_flags = SSL_CERT_FLAG_SUITEB_128_LOS_ONLY;
else if (strcmp(*prule_str, "SUITEB128C2") == 0) { } else if (strncmp(*prule_str, "SUITEB128C2", 11) == 0) {
suiteb_comb2 = 1; suiteb_comb2 = 1;
suiteb_flags = SSL_CERT_FLAG_SUITEB_128_LOS; suiteb_flags = SSL_CERT_FLAG_SUITEB_128_LOS;
} else if (strcmp(*prule_str, "SUITEB192") == 0) } else if (strncmp(*prule_str, "SUITEB128", 9) == 0) {
suiteb_flags = SSL_CERT_FLAG_SUITEB_128_LOS;
} else if (strncmp(*prule_str, "SUITEB192", 9) == 0) {
suiteb_flags = SSL_CERT_FLAG_SUITEB_192_LOS; suiteb_flags = SSL_CERT_FLAG_SUITEB_192_LOS;
}
if (suiteb_flags) { if (suiteb_flags) {
c->cert_flags &= ~SSL_CERT_FLAG_SUITEB_128_LOS; c->cert_flags &= ~SSL_CERT_FLAG_SUITEB_128_LOS;