diff options
author | Matt Caswell <matt@openssl.org> | 2020-01-16 12:14:27 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2020-02-06 11:59:07 +0000 |
commit | c8f6c28a938fc887ee3d2337f09db453e7fb0369 (patch) | |
tree | 80fab6c444adfb668fa03edc2297b729757b53c9 /ssl/statem/extensions_clnt.c | |
parent | 8b6ffd40401bd3b78538cb8d496db0c6926185b0 (diff) |
Explicitly fetch ciphers and digests in libssl
We modify libssl to use explicitly fetched ciphers, digests and other
algorithms as required based on the configured library context and
property query string for the SSL_CTX that is being used.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10854)
Diffstat (limited to 'ssl/statem/extensions_clnt.c')
-rw-r--r-- | ssl/statem/extensions_clnt.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c index 75fecdeaa6..776473e659 100644 --- a/ssl/statem/extensions_clnt.c +++ b/ssl/statem/extensions_clnt.c @@ -981,7 +981,7 @@ EXT_RETURN tls_construct_ctos_padding(SSL *s, WPACKET *pkt, if (s->session->ssl_version == TLS1_3_VERSION && s->session->ext.ticklen != 0 && s->session->cipher != NULL) { - const EVP_MD *md = ssl_md(s->session->cipher->algorithm2); + const EVP_MD *md = ssl_md(s->ctx, s->session->cipher->algorithm2); if (md != NULL) { /* @@ -1059,7 +1059,7 @@ EXT_RETURN tls_construct_ctos_psk(SSL *s, WPACKET *pkt, unsigned int context, ERR_R_INTERNAL_ERROR); return EXT_RETURN_FAIL; } - mdres = ssl_md(s->session->cipher->algorithm2); + mdres = ssl_md(s->ctx, s->session->cipher->algorithm2); if (mdres == NULL) { /* * Don't recognize this cipher so we can't use the session. @@ -1132,7 +1132,7 @@ EXT_RETURN tls_construct_ctos_psk(SSL *s, WPACKET *pkt, unsigned int context, return EXT_RETURN_NOT_SENT; if (s->psksession != NULL) { - mdpsk = ssl_md(s->psksession->cipher->algorithm2); + mdpsk = ssl_md(s->ctx, s->psksession->cipher->algorithm2); if (mdpsk == NULL) { /* * Don't recognize this cipher so we can't use the session. |