← Back to branch summary

~ubuntu-branches/ubuntu/maverick/openssl/maverick

« back to all changes in this revision

Viewing changes to ssl/ssl_ciph.c

  • Committer: Bazaar Package Importer
  • Author(s): Christoph Martin
  • Date: 2004-12-16 18:41:29 UTC
  • mto: (11.1.1 lenny)
  • mto: This revision was merged to the branch mainline in revision 3.
  • Revision ID: james.westby@ubuntu.com-20041216184129-z7xjkul57mh1jiha
Tags: upstream-0.9.7e
ImportĀ upstreamĀ versionĀ 0.9.7e

Show diffs side-by-side

added added

removed removed

Lines of Context:
ssl/ssl_ciph.c
59
59
#include <stdio.h>
60
60
#include <openssl/objects.h>
61
61
#include <openssl/comp.h>
 
62
#include <openssl/fips.h>
62
63
#include "ssl_locl.h"
63
64
 
64
65
#define SSL_ENC_DES_IDX         0
153
154
        {0,SSL_TXT_LOW,   0, 0,   SSL_LOW, 0,0,0,0,SSL_STRONG_MASK},
154
155
        {0,SSL_TXT_MEDIUM,0, 0,SSL_MEDIUM, 0,0,0,0,SSL_STRONG_MASK},
155
156
        {0,SSL_TXT_HIGH,  0, 0,  SSL_HIGH, 0,0,0,0,SSL_STRONG_MASK},
 
157
        {0,SSL_TXT_FIPS,  0, 0,  SSL_FIPS, 0,0,0,0,SSL_FIPS|SSL_STRONG_NONE},
156
158
        };
157
159
 
158
160
static int init_ciphers=1;
159
161
 
160
162
static void load_ciphers(void)
161
163
        {
162
 
        init_ciphers=0;
163
164
        ssl_cipher_methods[SSL_ENC_DES_IDX]= 
164
165
                EVP_get_cipherbyname(SN_des_cbc);
165
166
        ssl_cipher_methods[SSL_ENC_3DES_IDX]=
183
184
                EVP_get_digestbyname(SN_md5);
184
185
        ssl_digest_methods[SSL_MD_SHA1_IDX]=
185
186
                EVP_get_digestbyname(SN_sha1);
 
187
        init_ciphers=0;
186
188
        }
187
189
 
188
190
int ssl_cipher_get_evp(SSL_SESSION *s, const EVP_CIPHER **enc,
359
361
                {
360
362
                c = ssl_method->get_cipher(i);
361
363
                /* drop those that use any of that is not available */
 
364
#ifdef OPENSSL_FIPS
 
365
                if ((c != NULL) && c->valid && !(c->algorithms & mask)
 
366
                        && (!FIPS_mode() || (c->algo_strength & SSL_FIPS)))
 
367
#else
362
368
                if ((c != NULL) && c->valid && !(c->algorithms & mask))
 
369
#endif
363
370
                        {
364
371
                        co_list[co_list_num].cipher = c;
365
372
                        co_list[co_list_num].next = NULL;
854
861
         */
855
862
        for (curr = head; curr != NULL; curr = curr->next)
856
863
                {
 
864
#ifdef OPENSSL_FIPS
 
865
                if (curr->active && (!FIPS_mode() || curr->cipher->algo_strength & SSL_FIPS))
 
866
#else
857
867
                if (curr->active)
 
868
#endif
858
869
                        {
859
870
                        sk_SSL_CIPHER_push(cipherstack, curr->cipher);
860
871
#ifdef CIPHER_DEBUG