diff options
author | Tomas Mraz <tomas@openssl.org> | 2021-03-26 17:50:03 +0100 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2021-04-01 14:39:53 +0200 |
commit | e2e20129a9b9f898d382d199f9debdb549b882ff (patch) | |
tree | 95db3f7a870cd05a0241fcf6119c7bc48b66ca3e | |
parent | 0a4a48a8b4eecc16a5c024492de09483370a7d5d (diff) |
OBJ_nid2sn(NID_sha256) is completely equivalent to OSSL_DIGEST_NAME_SHA2_256
The comment is bogus as that call for NID_sha256 does not do
anything else than looking up the string in an internal table.
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14703)
-rw-r--r-- | ssl/s3_lib.c | 6 |
1 files changed, 1 insertions, 5 deletions
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index f5b063319b..1b491e7f92 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -4275,12 +4275,8 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt, if (prefer_sha256) { const SSL_CIPHER *tmp = sk_SSL_CIPHER_value(allow, ii); - /* - * TODO: When there are no more legacy digests we can just use - * OSSL_DIGEST_NAME_SHA2_256 instead of calling OBJ_nid2sn - */ if (EVP_MD_is_a(ssl_md(s->ctx, tmp->algorithm2), - OBJ_nid2sn(NID_sha256))) { + OSSL_DIGEST_NAME_SHA2_256)) { ret = tmp; break; } |