aboutsummaryrefslogtreecommitdiff
path: root/networking
diff options
context:
space:
mode:
authorDenys Vlasenko <vda.linux@googlemail.com>2018-11-26 16:30:22 +0100
committerDenys Vlasenko <vda.linux@googlemail.com>2018-11-26 16:30:22 +0100
commit60f784027e0e755a9338c548101eefb0bf7a1be6 (patch)
tree859b5dd65b6ef5c006078d5c4b9e3742ff537c09 /networking
parentd9f6c3b091cc1a2a824520e22764ea1538957f3d (diff)
downloadbusybox-60f784027e0e755a9338c548101eefb0bf7a1be6.tar.gz
tls: cipher 009D is not yet supported, don't test for it
function old new delta tls_handshake 2116 2108 -8 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Diffstat (limited to 'networking')
-rw-r--r--networking/tls.c7
1 files changed, 3 insertions, 4 deletions
diff --git a/networking/tls.c b/networking/tls.c
index 6c87e12ff..750a152e8 100644
--- a/networking/tls.c
+++ b/networking/tls.c
@@ -1629,7 +1629,6 @@ static void get_server_hello(tls_state_t *tls)
struct server_hello *hp;
uint8_t *cipherid;
uint8_t cipherid1;
- unsigned cipher;
int len, len24;
len = tls_xread_handshake_block(tls, 74 - 32);
@@ -1696,8 +1695,7 @@ static void get_server_hello(tls_state_t *tls)
0x00,0x3B, // TLS_RSA_WITH_NULL_SHA256
#endif
cipherid1 = cipherid[1];
- tls->cipher_id = cipher = 0x100 * cipherid[0] + cipherid1;
- dbg("server chose cipher %04x\n", cipher);
+ tls->cipher_id = 0x100 * cipherid[0] + cipherid1;
tls->key_size = AES256_KEYSIZE;
tls->MAC_size = SHA256_OUTSIZE;
/*tls->IV_size = 0; - already is */
@@ -1728,13 +1726,14 @@ static void get_server_hello(tls_state_t *tls)
if (cipherid1 <= 0x35) {
tls->MAC_size = SHA1_OUTSIZE;
} else
- if (cipherid1 == 0x9C || cipherid1 == 0x9D) {
+ if (cipherid1 == 0x9C /*|| cipherid1 == 0x9D*/) {
/* 009C,9D are AES-GCM */
tls->flags |= ENCRYPTION_AESGCM;
tls->MAC_size = 0;
tls->IV_size = 4;
}
}
+ dbg("server chose cipher %04x\n", tls->cipher_id);
dbg("key_size:%u MAC_size:%u IV_size:%u\n", tls->key_size, tls->MAC_size, tls->IV_size);
/* Handshake hash eventually destined to FINISHED record