diff options
author | Matt Caswell <matt@openssl.org> | 2020-05-21 16:36:32 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2020-06-19 10:19:31 +0100 |
commit | 260009d877bfd6fe75aef08ecf4c366127f1f78e (patch) | |
tree | c054d1dfa8752082864c51a0f497c615897d658b /ssl/s3_lib.c | |
parent | 90929138d73ae46fe2fa3014028ab010043af23e (diff) |
Update the various SSL group getting and setting functions
A number of these functions returned a NID or an array of NIDs for the
groups. Now that groups can come from the providers we do not necessarily
know the NID. Therefore we need to handle this in a clean way.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11914)
Diffstat (limited to 'ssl/s3_lib.c')
-rw-r--r-- | ssl/s3_lib.c | 17 |
1 files changed, 7 insertions, 10 deletions
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 8004c6483a..a7f1e4d83a 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -3653,13 +3653,10 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) const TLS_GROUP_INFO *cinf = tls1_group_id_lookup(s->ctx, clist[i]); - if (cinf != NULL) { - cptr[i] = tls1_group_id2nid(cinf->group_id); - if (cptr[i] == NID_undef) - cptr[i] = TLSEXT_nid_unknown | clist[i]; - } else { + if (cinf != NULL) + cptr[i] = tls1_group_id2nid(cinf->group_id, 1); + else cptr[i] = TLSEXT_nid_unknown | clist[i]; - } } } return (int)clistlen; @@ -3670,7 +3667,7 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) &s->ext.supportedgroups_len, parg, larg); case SSL_CTRL_SET_GROUPS_LIST: - return tls1_set_groups_list(&s->ext.supportedgroups, + return tls1_set_groups_list(s->ctx, &s->ext.supportedgroups, &s->ext.supportedgroups_len, parg); case SSL_CTRL_GET_SHARED_GROUP: @@ -3678,11 +3675,11 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) uint16_t id = tls1_shared_group(s, larg); if (larg != -1) - return tls1_group_id2nid(id); + return tls1_group_id2nid(id, 1); return id; } case SSL_CTRL_GET_NEGOTIATED_GROUP: - ret = tls1_group_id2nid(s->s3.group_id); + ret = tls1_group_id2nid(s->s3.group_id, 1); break; #endif /* !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH) */ @@ -3967,7 +3964,7 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) parg, larg); case SSL_CTRL_SET_GROUPS_LIST: - return tls1_set_groups_list(&ctx->ext.supportedgroups, + return tls1_set_groups_list(ctx, &ctx->ext.supportedgroups, &ctx->ext.supportedgroups_len, parg); #endif /* !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH) */ |