diff options
| author | Nick Mathewson <nickm@torproject.org> | 2015-05-26 11:05:36 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2015-05-26 11:05:36 -0400 |
| commit | 95375963981bb2346429de86b0cbb558d6b399d5 (patch) | |
| tree | 225afc7cd6efe20871d8e507e2b62345464f6f74 /src/common | |
| parent | 80082b7185feb77f83ff484e1779438aa0396634 (diff) | |
| download | tor-95375963981bb2346429de86b0cbb558d6b399d5.tar.gz tor-95375963981bb2346429de86b0cbb558d6b399d5.zip | |
Stop looking at session->ciphers when possible
If the OpenSSL team accepts my patch to add an
SSL_get_client_ciphers function, this patch will make Tor use it
when available, thereby working better with openssl 1.1.
Diffstat (limited to 'src/common')
| -rw-r--r-- | src/common/tortls.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/src/common/tortls.c b/src/common/tortls.c index 01bccd7a53..d4a565c017 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -1644,13 +1644,19 @@ tor_tls_classify_client_ciphers(const SSL *ssl, static int tor_tls_client_is_using_v2_ciphers(const SSL *ssl) { + STACK_OF(SSL_CIPHER) *ciphers; +#ifdef HAVE_SSL_GET_CLIENT_CIPHERS + ciphers = SSL_get_client_ciphers(ssl); +#else SSL_SESSION *session; if (!(session = SSL_get_session((SSL *)ssl))) { log_info(LD_NET, "No session on TLS?"); return CIPHERS_ERR; } + ciphers = session->ciphers; +#endif - return tor_tls_classify_client_ciphers(ssl, session->ciphers) >= CIPHERS_V2; + return tor_tls_classify_client_ciphers(ssl, ciphers) >= CIPHERS_V2; } /** Invoked when we're accepting a connection on <b>ssl</b>, and the connection |