Hi, I believe it would be nice to have an efficient way to check if handshake results in a SRP or PSK ciphersuite. As I do not like to trick with OpenSSL internal structures, I suggest to add the following to ssl_ciph.c :
int SSL_CIPHER_is_PSK(const SSL_CIPHER *c)
{
if (c != NULL && c->algorithm_auth == SSL_aPSK) return 1;
return 0;
}
int SSL_CIPHER_is_SRP(const SSL_CIPHER *c)
{
if (c != NULL && c->algorithm_auth == SSL_aSRP) return 1;
return 0;
}
Might be a better alternative ?
By the way, I do not see a reason why SSL_CIPHER_get_id() is not protected
against NULL pointer dereference of SSL_CIPHER *c as in
SSL_CIPHER_get_bits() or SSL_CIPHER_get_name().
A patch against 1.0.2e is attached, but need update of .def ordinals.
Thanks for your work,
Michel
ssl_ciph-1.0.2e.patch
Description: Binary data
_______________________________________________ openssl-bugs-mod mailing list openssl-bugs-...@openssl.org https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod
_______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
