The branch OpenSSL_1_0_2-stable has been updated
via 2df619b06ca0026e40e8689020b0e54ed7165583 (commit)
from cef9dcbb45c936024cda5d741aee586aa530f052 (commit)
- Log -----------------------------------------------------------------
commit 2df619b06ca0026e40e8689020b0e54ed7165583
Author: Dr. Stephen Henson <[email protected]>
Date: Fri Sep 4 00:20:34 2015 +0100
Match SUITEB strings at start of cipher list.
PR#4009.
Reviewed-by: Rich Salz <[email protected]>
(cherry picked from commit 13e228d6845aff7e454eea7c9ddd392ebfbd2868)
Conflicts:
ssl/ssl_ciph.c
-----------------------------------------------------------------------
Summary of changes:
ssl/ssl_ciph.c | 11 ++++++-----
1 file changed, 6 insertions(+), 5 deletions(-)
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
index 2cc9a4a..a53f25b 100644
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -1404,15 +1404,16 @@ static int check_suiteb_cipher_list(const SSL_METHOD
*meth, CERT *c,
const char **prule_str)
{
unsigned int suiteb_flags = 0, suiteb_comb2 = 0;
- if (!strcmp(*prule_str, "SUITEB128"))
- suiteb_flags = SSL_CERT_FLAG_SUITEB_128_LOS;
- else if (!strcmp(*prule_str, "SUITEB128ONLY"))
+ if (strncmp(*prule_str, "SUITEB128ONLY", 13) == 0) {
suiteb_flags = SSL_CERT_FLAG_SUITEB_128_LOS_ONLY;
- else if (!strcmp(*prule_str, "SUITEB128C2")) {
+ } else if (strncmp(*prule_str, "SUITEB128C2", 11) == 0) {
suiteb_comb2 = 1;
suiteb_flags = SSL_CERT_FLAG_SUITEB_128_LOS;
- } else if (!strcmp(*prule_str, "SUITEB192"))
+ } else if (strncmp(*prule_str, "SUITEB128", 9) == 0) {
+ suiteb_flags = SSL_CERT_FLAG_SUITEB_128_LOS;
+ } else if (strncmp(*prule_str, "SUITEB192", 9) == 0) {
suiteb_flags = SSL_CERT_FLAG_SUITEB_192_LOS;
+ }
if (suiteb_flags) {
c->cert_flags &= ~SSL_CERT_FLAG_SUITEB_128_LOS;
_____
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
