[openssl-dev] [openssl.org #4173] help to check whether handshake negociates SRP or PSK ciphersuite
Michel via RT
rt at openssl.org
Mon Dec 7 15:47:56 UTC 2015
Hi,
I believe it would be nice to have an efficient way to check if handshake
results in a SRP or PSK ciphersuite.
As I do not like to trick with OpenSSL internal structures, I suggest to add
the following to ssl_ciph.c :
int SSL_CIPHER_is_PSK(const SSL_CIPHER *c)
{
if (c != NULL && c->algorithm_auth == SSL_aPSK) return 1;
return 0;
}
int SSL_CIPHER_is_SRP(const SSL_CIPHER *c)
{
if (c != NULL && c->algorithm_auth == SSL_aSRP) return 1;
return 0;
}
Might be a better alternative ?
By the way, I do not see a reason why SSL_CIPHER_get_id() is not protected
against NULL pointer dereference of SSL_CIPHER *c as in
SSL_CIPHER_get_bits() or SSL_CIPHER_get_name().
A patch against 1.0.2e is attached, but need update of .def ordinals.
Thanks for your work,
Michel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ssl_ciph-1.0.2e.patch
Type: application/octet-stream
Size: 1302 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20151207/075a5f8b/attachment.obj>
-------------- next part --------------
_______________________________________________
openssl-bugs-mod mailing list
openssl-bugs-mod at openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod
More information about the openssl-dev
mailing list