Add and use a constant-time memcmp.

[oweals/openssl.git] / ssl / s3_lib.c

diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index f8b3e4a32ae819872f2c8231b51545d7cfd63c01..d71c819b00e2adf548216d237d83ca571199f336 100644 (file)
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -2011,6 +2011,22 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
        256,
        256,
        },
+#ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL
+       {
+       1,
+       "SCSV",
+       SSL3_CK_SCSV,
+       0,
+       0,
+       0,
+       0,
+       0,
+       0,
+       0,
+       0,
+       0
+       },
+#endif
 
 #ifndef OPENSSL_NO_ECDH
        /* Cipher C001 */
@@ -3514,6 +3530,16 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
                        return 0;
                        }
 
+       case SSL_CTRL_GET_EC_POINT_FORMATS:
+               {
+               SSL_SESSION *sess = s->session;
+               const unsigned char **pformat = parg;
+               if (!sess || !sess->tlsext_ecpointformatlist)
+                       return 0;
+               *pformat = sess->tlsext_ecpointformatlist;
+               return (int)sess->tlsext_ecpointformatlist_length;
+               }
+
        default:
                break;
                }