help to check whether handshake negociates SRP or PSK ciphersuite
Michel
michel.sales at free.fr
Mon Dec 7 15:32:22 UTC 2015
Hi,
I believe it would be nice to have an efficient way to check if handshake
results in a SRP or PSK ciphersuite.
As I do not like to trick with OpenSSL internal structures, I suggest to add
the following to ssl_ciph.c :
int SSL_CIPHER_is_PSK(const SSL_CIPHER *c)
{
if (c != NULL && c->algorithm_auth == SSL_aPSK) return 1;
return 0;
}
int SSL_CIPHER_is_SRP(const SSL_CIPHER *c)
{
if (c != NULL && c->algorithm_auth == SSL_aSRP) return 1;
return 0;
}
Might be a better alternative ?
By the way, I do not see a reason why SSL_CIPHER_get_id() is not protected
against NULL pointer dereference of SSL_CIPHER *c as in
SSL_CIPHER_get_bits() or SSL_CIPHER_get_name().
A patch against 1.0.2e is attached, but need update of .def ordinals.
Thanks for your work,
Michel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-bugs-mod/attachments/20151207/aaac6056/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ssl_ciph-1.0.2e.patch
Type: application/octet-stream
Size: 1302 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-bugs-mod/attachments/20151207/aaac6056/attachment-0001.obj>
More information about the openssl-bugs-mod
mailing list