diff options
| author |   schwarze <schwarze@openbsd.org> | 2020-09-15 15:28:38 +0000 |
|---|---|---|
| committer | schwarze <schwarze@openbsd.org> | 2020-09-15 15:28:38 +0000 |
| commit | 728d659e3e6c9196979a62535e43d08035b33597 (patch) | |
| tree | e9342430aa81da37c1f3e37c98f1f8734399215e /lib/libssl/ssl_ciphers.c | |
| parent | umb(4) shows the speed of the LTE connection but misses the b in Mbps. (diff) | |
| download | wireguard-openbsd-728d659e3e6c9196979a62535e43d08035b33597.tar.xz wireguard-openbsd-728d659e3e6c9196979a62535e43d08035b33597.zip | |
Do not destroy an existing cipher list when ssl_parse_ciphersuites()
fails, to match the behaviour of ssl_create_cipher_list(). This also
agrees with the behaviour of SSL_set_ciphersuites(3) in OpenSSL.
Issue found while writing documentation.
OK jsing@
Diffstat (limited to 'lib/libssl/ssl_ciphers.c')
| -rw-r--r-- | lib/libssl/ssl_ciphers.c | 6 |
1 files changed, 2 insertions, 4 deletions
diff --git a/lib/libssl/ssl_ciphers.c b/lib/libssl/ssl_ciphers.c index 0912fb6d257..399e274ad4d 100644 --- a/lib/libssl/ssl_ciphers.c +++ b/lib/libssl/ssl_ciphers.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_ciphers.c,v 1.8 2020/09/14 17:52:38 tb Exp $ */ +/* $OpenBSD: ssl_ciphers.c,v 1.9 2020/09/15 15:28:38 schwarze Exp $ */ /* * Copyright (c) 2015-2017 Doug Hogan <doug@openbsd.org> * Copyright (c) 2015-2018, 2020 Joel Sing <jsing@openbsd.org> @@ -220,9 +220,6 @@ ssl_parse_ciphersuites(STACK_OF(SSL_CIPHER) **out_ciphers, const char *str) int i; int ret = 0; - sk_SSL_CIPHER_free(*out_ciphers); - *out_ciphers = NULL; - if ((ciphers = sk_SSL_CIPHER_new_null()) == NULL) goto err; @@ -255,6 +252,7 @@ ssl_parse_ciphersuites(STACK_OF(SSL_CIPHER) **out_ciphers, const char *str) } done: + sk_SSL_CIPHER_free(*out_ciphers); *out_ciphers = ciphers; ciphers = NULL; ret = 1; |