Address code review
This commit is contained in:
Juliusz Sosinowicz
parent
afd0e5af4e
commit
1288d71132
@ -26198,8 +26198,8 @@ ciphersuites introduced through the "bulk" ciphersuites.
|
||||
|
||||
@return true on success, else false.
|
||||
*/
|
||||
int SetCipherList(const WOLFSSL_CTX* ctx, const WOLFSSL* ssl, Suites* suites,
|
||||
const char* list)
|
||||
static int ParseCipherList(Suites* suites,
|
||||
const char* list, ProtocolVersion version, int privateKeySz, byte side)
|
||||
{
|
||||
int ret = 0;
|
||||
int idx = 0;
|
||||
@ -26217,21 +26217,11 @@ int SetCipherList(const WOLFSSL_CTX* ctx, const WOLFSSL* ssl, Suites* suites,
|
||||
const int suiteSz = GetCipherNamesSize();
|
||||
const char* next = list;
|
||||
|
||||
ProtocolVersion version;
|
||||
int privateKeySz = 0;
|
||||
byte side;
|
||||
|
||||
if (suites == NULL || list == NULL || (ctx == NULL && ssl == NULL)) {
|
||||
if (suites == NULL || list == NULL) {
|
||||
WOLFSSL_MSG("SetCipherList parameter error");
|
||||
return 0;
|
||||
}
|
||||
|
||||
version = ctx != NULL ? ctx->method->version : ssl->version;
|
||||
#ifndef NO_CERTS
|
||||
privateKeySz = (int)(ctx != NULL ? ctx->privateKeySz : ssl->buffers.keySz);
|
||||
#endif
|
||||
side = (byte)(ctx != NULL ? ctx->method->side : ssl->options.side);
|
||||
|
||||
if (next[0] == 0 || XSTRCMP(next, "ALL") == 0 ||
|
||||
XSTRCMP(next, "DEFAULT") == 0 || XSTRCMP(next, "HIGH") == 0) {
|
||||
/* Add all ciphersuites except anonymous and null ciphers. Prefer RSA */
|
||||
@ -26640,6 +26630,41 @@ int SetCipherList(const WOLFSSL_CTX* ctx, const WOLFSSL* ssl, Suites* suites,
|
||||
return ret;
|
||||
}
|
||||
|
||||
int SetCipherList_ex(const WOLFSSL_CTX* ctx, const WOLFSSL* ssl,
|
||||
Suites* suites, const char* list)
|
||||
{
|
||||
ProtocolVersion version;
|
||||
int privateKeySz = 0;
|
||||
byte side;
|
||||
|
||||
if (ctx != NULL) {
|
||||
version = ctx->method->version;
|
||||
#ifndef NO_CERTS
|
||||
privateKeySz = ctx->privateKeySz;
|
||||
#endif
|
||||
side = ctx->method->side;
|
||||
}
|
||||
else if (ssl != NULL) {
|
||||
version = ssl->version;
|
||||
#ifndef NO_CERTS
|
||||
privateKeySz = ssl->buffers.keySz;
|
||||
#endif
|
||||
side = (byte)ssl->options.side;
|
||||
}
|
||||
else {
|
||||
WOLFSSL_MSG("SetCipherList_ex parameter error");
|
||||
return 0;
|
||||
}
|
||||
|
||||
return ParseCipherList(suites, list, version, privateKeySz, side);
|
||||
}
|
||||
|
||||
int SetCipherList(const WOLFSSL_CTX* ctx, Suites* suites,
|
||||
const char* list)
|
||||
{
|
||||
return SetCipherList_ex(ctx, NULL, suites, list);
|
||||
}
|
||||
|
||||
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_SET_CIPHER_BYTES)
|
||||
int SetCipherListFromBytes(WOLFSSL_CTX* ctx, Suites* suites, const byte* list,
|
||||
const int listSz)
|
||||
|
||||
@ -11864,7 +11864,7 @@ static int wolfSSL_parse_cipher_list(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
|
||||
/* list has mixed(pre-TLSv13 and TLSv13) suites
|
||||
* update cipher suites the same as before
|
||||
*/
|
||||
return (SetCipherList(ctx, ssl, suites, list)) ? WOLFSSL_SUCCESS :
|
||||
return (SetCipherList_ex(ctx, ssl, suites, list)) ? WOLFSSL_SUCCESS :
|
||||
WOLFSSL_FAILURE;
|
||||
}
|
||||
else if (listattribute == 1) {
|
||||
@ -11905,7 +11905,7 @@ static int wolfSSL_parse_cipher_list(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
|
||||
XMEMCPY(suitesCpy, suites->suites, suites->suiteSz);
|
||||
suitesCpySz = suites->suiteSz;
|
||||
|
||||
ret = SetCipherList(ctx, ssl, suites, list);
|
||||
ret = SetCipherList_ex(ctx, ssl, suites, list);
|
||||
if (ret != 1) {
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
XFREE(suitesCpy, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
@ -11971,7 +11971,7 @@ int wolfSSL_CTX_set_cipher_list(WOLFSSL_CTX* ctx, const char* list)
|
||||
#ifdef OPENSSL_EXTRA
|
||||
return wolfSSL_parse_cipher_list(ctx, NULL, ctx->suites, list);
|
||||
#else
|
||||
return (SetCipherList(ctx, NULL, ctx->suites, list)) ?
|
||||
return (SetCipherList(ctx, ctx->suites, list)) ?
|
||||
WOLFSSL_SUCCESS : WOLFSSL_FAILURE;
|
||||
#endif
|
||||
}
|
||||
@ -12007,7 +12007,7 @@ int wolfSSL_set_cipher_list(WOLFSSL* ssl, const char* list)
|
||||
#ifdef OPENSSL_EXTRA
|
||||
return wolfSSL_parse_cipher_list(NULL, ssl, ssl->suites, list);
|
||||
#else
|
||||
return (SetCipherList(NULL, ssl, ssl->suites, list)) ?
|
||||
return (SetCipherList_ex(NULL, ssl, ssl->suites, list)) ?
|
||||
WOLFSSL_SUCCESS :
|
||||
WOLFSSL_FAILURE;
|
||||
#endif
|
||||
|
||||
@ -2377,8 +2377,10 @@ typedef struct TLSX TLSX;
|
||||
WOLFSSL_LOCAL int MatchSuite_ex(const WOLFSSL* ssl, Suites* peerSuites,
|
||||
CipherSuite* cs, TLSX* extensions);
|
||||
WOLFSSL_LOCAL int MatchSuite(WOLFSSL* ssl, Suites* peerSuites);
|
||||
WOLFSSL_LOCAL int SetCipherList(const WOLFSSL_CTX* ctx, const WOLFSSL* ssl,
|
||||
WOLFSSL_LOCAL int SetCipherList_ex(const WOLFSSL_CTX* ctx, const WOLFSSL* ssl,
|
||||
Suites* suites, const char* list);
|
||||
WOLFSSL_LOCAL int SetCipherList(const WOLFSSL_CTX* ctx, Suites* suites,
|
||||
const char* list);
|
||||
WOLFSSL_LOCAL int SetCipherListFromBytes(WOLFSSL_CTX* ctx, Suites* suites,
|
||||
const byte* list, const int listSz);
|
||||
WOLFSSL_LOCAL int SetSuitesHashSigAlgo(Suites* suites, const char* list);
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user