pike.git / lib / modules / SSL.pmod / Session.pike

version» Context lines:

pike.git/lib/modules/SSL.pmod/Session.pike:172:    int found;    foreach(signature_algorithms, array(int) sup_alg) {    if (found = equal(sign_alg, sup_alg)) break;    }    if (!found) return 0;    }    } else {    if (!(ke_mask & cp->ke_mask)) return 0;       // GNU-TLS doesn't like eg SHA being used with SHA256 certs. -  Crypto.Hash hash = HASH_lookup[cp->sign_algs[0][0]]; +  Crypto.Hash hash = [object(Crypto.Hash)]HASH_lookup[cp->sign_algs[0][0]];    if (!hash) return 0;    if (hash->digest_size() > h_max) return 0;    }      #if constant(Crypto.ECC.Curve)    if (cp->key->curve) {    // Is the ECC curve supported by the client?    Crypto.ECC.Curve c =    ([object(Crypto.ECC.SECP_521R1.ECDSA)]cp->key)->curve();    SSL3_DEBUG_MSG("Curve: %O (%O)\n",
pike.git/lib/modules/SSL.pmod/Session.pike:271:    if (!sizeof(cipher_suites)) return 0;       SSL3_DEBUG_MSG("Candidate certificates: %O\n", certs);       // Find the set of key exchange and hash algorithms supported by the client.    int ke_mask = 0;    int h_max = 0;    foreach(cipher_suites, int suite) {    if (CIPHER_SUITES[suite]) {    ke_mask |= 1 << [int](CIPHER_SUITES[suite][0]); -  Crypto.Hash hash = HASH_lookup[CIPHER_SUITES[suite][2]]; +  Crypto.Hash hash = +  [object(Crypto.Hash)]HASH_lookup[CIPHER_SUITES[suite][2]];    if (hash && (hash->digest_size() > h_max)) {    h_max = hash->digest_size();    }    }    }       // Filter any certs that the client doesn't support.    certs = [array(CertificatePair)]    filter(certs, is_supported_cert, ke_mask, h_max, version, ecc_curves);