Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Backport #13010 #13280

Closed
wants to merge 2 commits into from
Closed

Backport #13010 #13280

wants to merge 2 commits into from

Conversation

@kaduk
Copy link
Contributor

@kaduk kaduk commented Oct 29, 2020

Backport both #13000 and #13010 for 1.1.1.
#13010 was initially approved for 1.1.1 but did not cherry-pick cleanly because #13000 was only on master.

hklaas and others added 2 commits Sep 26, 2020
Return immediately on matched cipher. Without this patch the code only breaks out of the inner for loop, meaning for a matched TLS13 cipher the code will still loop through 160ish SSL3 ciphers.

CLA: trivial

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from #13000)

(cherry picked from commit d93bded)
The handling for the SCSVs was the same as for regular ciphers;
just merge them into the same table-driven handler.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from #13010)

(cherry picked from commit 231849b)
@openssl-machine
Copy link

@openssl-machine openssl-machine commented Oct 31, 2020

24 hours has passed since 'approval: done' was set, but this PR has failing CI tests. Once the tests pass it will get moved to 'approval: ready to merge' automatically, alternatively please review and set the label manually.

@kaduk
Copy link
Contributor Author

@kaduk kaduk commented Nov 2, 2020

(appveyor failure is a spurious issue in one builder's environment, being unable to set up a proper environment to check out the tree in and build)

openssl-machine pushed a commit that referenced this pull request Nov 2, 2020
Return immediately on matched cipher. Without this patch the code only breaks out of the inner for loop, meaning for a matched TLS13 cipher the code will still loop through 160ish SSL3 ciphers.

CLA: trivial

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>

(cherry picked from commit d93bded)

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from #13280)
openssl-machine pushed a commit that referenced this pull request Nov 2, 2020
The handling for the SCSVs was the same as for regular ciphers;
just merge them into the same table-driven handler.

Reviewed-by: Paul Dale <paul.dale@oracle.com>

(cherry picked from commit 231849b)

(Merged from #13280)
@kaduk
Copy link
Contributor Author

@kaduk kaduk commented Nov 2, 2020

Merged to 1.1.1; closing. Thanks again to @hklaas for the original #13000!

@kaduk kaduk closed this Nov 2, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

4 participants