grpc 1.10.0 → 1.11.0.pre2

data/third_party/boringssl/ssl/ssl_asn1.cc

@@ -152,49 +152,49 @@ namespace bssl {
 
 static const unsigned kVersion = 1;
 
-static const int kTimeTag =
+static const unsigned kTimeTag =
     CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 1;
-static const int kTimeoutTag =
+static const unsigned kTimeoutTag =
     CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 2;
-static const int kPeerTag =
+static const unsigned kPeerTag =
     CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 3;
-static const int kSessionIDContextTag =
+static const unsigned kSessionIDContextTag =
     CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 4;
-static const int kVerifyResultTag =
+static const unsigned kVerifyResultTag =
     CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 5;
-static const int kHostNameTag =
+static const unsigned kHostNameTag =
     CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 6;
-static const int kPSKIdentityTag =
+static const unsigned kPSKIdentityTag =
     CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 8;
-static const int kTicketLifetimeHintTag =
+static const unsigned kTicketLifetimeHintTag =
     CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 9;
-static const int kTicketTag =
+static const unsigned kTicketTag =
     CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 10;
-static const int kPeerSHA256Tag =
+static const unsigned kPeerSHA256Tag =
     CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 13;
-static const int kOriginalHandshakeHashTag =
+static const unsigned kOriginalHandshakeHashTag =
     CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 14;
-static const int kSignedCertTimestampListTag =
+static const unsigned kSignedCertTimestampListTag =
     CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 15;
-static const int kOCSPResponseTag =
+static const unsigned kOCSPResponseTag =
     CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 16;
-static const int kExtendedMasterSecretTag =
+static const unsigned kExtendedMasterSecretTag =
     CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 17;
-static const int kGroupIDTag =
+static const unsigned kGroupIDTag =
     CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 18;
-static const int kCertChainTag =
+static const unsigned kCertChainTag =
     CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 19;
-static const int kTicketAgeAddTag =
+static const unsigned kTicketAgeAddTag =
     CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 21;
-static const int kIsServerTag =
+static const unsigned kIsServerTag =
     CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 22;
-static const int kPeerSignatureAlgorithmTag =
+static const unsigned kPeerSignatureAlgorithmTag =
     CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 23;
-static const int kTicketMaxEarlyDataTag =
+static const unsigned kTicketMaxEarlyDataTag =
     CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 24;
-static const int kAuthTimeoutTag =
+static const unsigned kAuthTimeoutTag =
     CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 25;
-static const int kEarlyALPNTag =
+static const unsigned kEarlyALPNTag =
     CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 26;
 
 static int SSL_SESSION_to_bytes_full(const SSL_SESSION *in, uint8_t **out_data,

data/third_party/boringssl/ssl/ssl_buffer.cc

@@ -36,17 +36,22 @@ static_assert(0xffff <= INT_MAX, "uint16_t does not fit in int");
 static_assert((SSL3_ALIGN_PAYLOAD & (SSL3_ALIGN_PAYLOAD - 1)) == 0,
               "SSL3_ALIGN_PAYLOAD must be a power of 2");
 
-// ensure_buffer ensures |buf| has capacity at least |cap|, aligned such that
-// data written after |header_len| is aligned to a |SSL3_ALIGN_PAYLOAD|-byte
-// boundary. It returns one on success and zero on error.
-static int ensure_buffer(SSL3_BUFFER *buf, size_t header_len, size_t cap) {
-  if (cap > 0xffff) {
+void SSLBuffer::Clear() {
+  free(buf_);  // Allocated with malloc().
+  buf_ = nullptr;
+  offset_ = 0;
+  size_ = 0;
+  cap_ = 0;
+}
+
+bool SSLBuffer::EnsureCap(size_t header_len, size_t new_cap) {
+  if (new_cap > 0xffff) {
     OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
-    return 0;
+    return false;
   }
 
-  if (buf->cap >= cap) {
-    return 1;
+  if (cap_ >= new_cap) {
+    return true;
   }
 
   // Add up to |SSL3_ALIGN_PAYLOAD| - 1 bytes of slack for alignment.
@@ -54,88 +59,88 @@ static int ensure_buffer(SSL3_BUFFER *buf, size_t header_len, size_t cap) {
   // Since this buffer gets allocated quite frequently and doesn't contain any
   // sensitive data, we allocate with malloc rather than |OPENSSL_malloc| and
   // avoid zeroing on free.
-  uint8_t *new_buf = (uint8_t *)malloc(cap + SSL3_ALIGN_PAYLOAD - 1);
+  uint8_t *new_buf = (uint8_t *)malloc(new_cap + SSL3_ALIGN_PAYLOAD - 1);
   if (new_buf == NULL) {
     OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
-    return 0;
+    return false;
   }
 
   // Offset the buffer such that the record body is aligned.
   size_t new_offset =
       (0 - header_len - (uintptr_t)new_buf) & (SSL3_ALIGN_PAYLOAD - 1);
 
-  if (buf->buf != NULL) {
-    OPENSSL_memcpy(new_buf + new_offset, buf->buf + buf->offset, buf->len);
-    free(buf->buf);  // Allocated with malloc().
+  if (buf_ != NULL) {
+    OPENSSL_memcpy(new_buf + new_offset, buf_ + offset_, size_);
+    free(buf_);  // Allocated with malloc().
   }
 
-  buf->buf = new_buf;
-  buf->offset = new_offset;
-  buf->cap = cap;
-  return 1;
+  buf_ = new_buf;
+  offset_ = new_offset;
+  cap_ = new_cap;
+  return true;
 }
 
-static void consume_buffer(SSL3_BUFFER *buf, size_t len) {
-  if (len > buf->len) {
+void SSLBuffer::DidWrite(size_t new_size) {
+  if (new_size > cap() - size()) {
     abort();
   }
-  buf->offset += (uint16_t)len;
-  buf->len -= (uint16_t)len;
-  buf->cap -= (uint16_t)len;
+  size_ += new_size;
 }
 
-static void clear_buffer(SSL3_BUFFER *buf) {
-  free(buf->buf);  // Allocated with malloc().
-  OPENSSL_memset(buf, 0, sizeof(SSL3_BUFFER));
+void SSLBuffer::Consume(size_t len) {
+  if (len > size_) {
+    abort();
+  }
+  offset_ += (uint16_t)len;
+  size_ -= (uint16_t)len;
+  cap_ -= (uint16_t)len;
 }
 
-Span<uint8_t> ssl_read_buffer(SSL *ssl) {
-  return MakeSpan(ssl->s3->read_buffer.buf + ssl->s3->read_buffer.offset,
-                  ssl->s3->read_buffer.len);
+void SSLBuffer::DiscardConsumed() {
+  if (size_ == 0) {
+    Clear();
+  }
 }
 
 static int dtls_read_buffer_next_packet(SSL *ssl) {
-  SSL3_BUFFER *buf = &ssl->s3->read_buffer;
+  SSLBuffer *buf = &ssl->s3->read_buffer;
 
-  if (buf->len > 0) {
+  if (!buf->empty()) {
     // It is an error to call |dtls_read_buffer_extend| when the read buffer is
     // not empty.
     OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
     return -1;
   }
 
-  // Read a single packet from |ssl->rbio|. |buf->cap| must fit in an int.
-  int ret = BIO_read(ssl->rbio, buf->buf + buf->offset, (int)buf->cap);
+  // Read a single packet from |ssl->rbio|. |buf->cap()| must fit in an int.
+  int ret = BIO_read(ssl->rbio, buf->data(), static_cast<int>(buf->cap()));
   if (ret <= 0) {
-    ssl->rwstate = SSL_READING;
+    ssl->s3->rwstate = SSL_READING;
     return ret;
   }
-  // |BIO_read| was bound by |buf->cap|, so this cannot overflow.
-  buf->len = (uint16_t)ret;
+  buf->DidWrite(static_cast<size_t>(ret));
   return 1;
 }
 
 static int tls_read_buffer_extend_to(SSL *ssl, size_t len) {
-  SSL3_BUFFER *buf = &ssl->s3->read_buffer;
+  SSLBuffer *buf = &ssl->s3->read_buffer;
 
-  if (len > buf->cap) {
+  if (len > buf->cap()) {
     OPENSSL_PUT_ERROR(SSL, SSL_R_BUFFER_TOO_SMALL);
     return -1;
   }
 
   // Read until the target length is reached.
-  while (buf->len < len) {
+  while (buf->size() < len) {
     // The amount of data to read is bounded by |buf->cap|, which must fit in an
     // int.
-    int ret = BIO_read(ssl->rbio, buf->buf + buf->offset + buf->len,
-                       (int)(len - buf->len));
+    int ret = BIO_read(ssl->rbio, buf->data() + buf->size(),
+                       static_cast<int>(len - buf->size()));
     if (ret <= 0) {
-      ssl->rwstate = SSL_READING;
+      ssl->s3->rwstate = SSL_READING;
       return ret;
     }
-    // |BIO_read| was bound by |buf->cap - buf->len|, so this cannot
-    // overflow.
-    buf->len += (uint16_t)ret;
+    buf->DidWrite(static_cast<size_t>(ret));
   }
 
   return 1;
@@ -143,7 +148,7 @@ static int tls_read_buffer_extend_to(SSL *ssl, size_t len) {
 
 int ssl_read_buffer_extend_to(SSL *ssl, size_t len) {
   // |ssl_read_buffer_extend_to| implicitly discards any consumed data.
-  ssl_read_buffer_discard(ssl);
+  ssl->s3->read_buffer.DiscardConsumed();
 
   if (SSL_is_dtls(ssl)) {
     static_assert(
@@ -154,7 +159,7 @@ int ssl_read_buffer_extend_to(SSL *ssl, size_t len) {
     len = DTLS1_RT_HEADER_LENGTH + SSL3_RT_MAX_ENCRYPTED_LENGTH;
   }
 
-  if (!ensure_buffer(&ssl->s3->read_buffer, ssl_record_prefix_len(ssl), len)) {
+  if (!ssl->s3->read_buffer.EnsureCap(ssl_record_prefix_len(ssl), len)) {
     return -1;
   }
 
@@ -174,38 +179,51 @@ int ssl_read_buffer_extend_to(SSL *ssl, size_t len) {
   if (ret <= 0) {
     // If the buffer was empty originally and remained empty after attempting to
     // extend it, release the buffer until the next attempt.
-    ssl_read_buffer_discard(ssl);
+    ssl->s3->read_buffer.DiscardConsumed();
   }
   return ret;
 }
 
-void ssl_read_buffer_consume(SSL *ssl, size_t len) {
-  SSL3_BUFFER *buf = &ssl->s3->read_buffer;
+int ssl_handle_open_record(SSL *ssl, bool *out_retry, ssl_open_record_t ret,
+                           size_t consumed, uint8_t alert) {
+  *out_retry = false;
+  if (ret != ssl_open_record_partial) {
+    ssl->s3->read_buffer.Consume(consumed);
+  }
+  if (ret != ssl_open_record_success) {
+    // Nothing was returned to the caller, so discard anything marked consumed.
+    ssl->s3->read_buffer.DiscardConsumed();
+  }
+  switch (ret) {
+    case ssl_open_record_success:
+      return 1;
+
+    case ssl_open_record_partial: {
+      int read_ret = ssl_read_buffer_extend_to(ssl, consumed);
+      if (read_ret <= 0) {
+        return read_ret;
+      }
+      *out_retry = true;
+      return 1;
+    }
 
-  consume_buffer(buf, len);
+    case ssl_open_record_discard:
+      *out_retry = true;
+      return 1;
 
-  // The TLS stack never reads beyond the current record, so there will never be
-  // unconsumed data. If read-ahead is ever reimplemented,
-  // |ssl_read_buffer_discard| will require a |memcpy| to shift the excess back
-  // to the front of the buffer, to ensure there is enough space for the next
-  // record.
-  assert(SSL_is_dtls(ssl) || len == 0 || buf->len == 0);
-}
+    case ssl_open_record_close_notify:
+      return 0;
 
-void ssl_read_buffer_discard(SSL *ssl) {
-  if (ssl->s3->read_buffer.len == 0) {
-    ssl_read_buffer_clear(ssl);
+    case ssl_open_record_error:
+      if (alert != 0) {
+        ssl_send_alert(ssl, SSL3_AL_FATAL, alert);
+      }
+      return -1;
   }
+  assert(0);
+  return -1;
 }
 
-void ssl_read_buffer_clear(SSL *ssl) {
-  clear_buffer(&ssl->s3->read_buffer);
-}
-
-
-int ssl_write_buffer_is_pending(const SSL *ssl) {
-  return ssl->s3->write_buffer.len > 0;
-}
 
 static_assert(SSL3_RT_HEADER_LENGTH * 2 +
                       SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD * 2 +
@@ -218,61 +236,37 @@ static_assert(DTLS1_RT_HEADER_LENGTH + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD +
                   0xffff,
               "maximum DTLS write buffer is too large");
 
-int ssl_write_buffer_init(SSL *ssl, uint8_t **out_ptr, size_t max_len) {
-  SSL3_BUFFER *buf = &ssl->s3->write_buffer;
-
-  if (buf->buf != NULL) {
-    OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
-    return 0;
-  }
-
-  if (!ensure_buffer(buf, ssl_seal_align_prefix_len(ssl), max_len)) {
-    return 0;
-  }
-  *out_ptr = buf->buf + buf->offset;
-  return 1;
-}
-
-void ssl_write_buffer_set_len(SSL *ssl, size_t len) {
-  SSL3_BUFFER *buf = &ssl->s3->write_buffer;
-
-  if (len > buf->cap) {
-    abort();
-  }
-  buf->len = len;
-}
-
 static int tls_write_buffer_flush(SSL *ssl) {
-  SSL3_BUFFER *buf = &ssl->s3->write_buffer;
+  SSLBuffer *buf = &ssl->s3->write_buffer;
 
-  while (buf->len > 0) {
-    int ret = BIO_write(ssl->wbio, buf->buf + buf->offset, buf->len);
+  while (!buf->empty()) {
+    int ret = BIO_write(ssl->wbio, buf->data(), buf->size());
     if (ret <= 0) {
-      ssl->rwstate = SSL_WRITING;
+      ssl->s3->rwstate = SSL_WRITING;
       return ret;
     }
-    consume_buffer(buf, (size_t)ret);
+    buf->Consume(static_cast<size_t>(ret));
   }
-  ssl_write_buffer_clear(ssl);
+  buf->Clear();
   return 1;
 }
 
 static int dtls_write_buffer_flush(SSL *ssl) {
-  SSL3_BUFFER *buf = &ssl->s3->write_buffer;
-  if (buf->len == 0) {
+  SSLBuffer *buf = &ssl->s3->write_buffer;
+  if (buf->empty()) {
     return 1;
   }
 
-  int ret = BIO_write(ssl->wbio, buf->buf + buf->offset, buf->len);
+  int ret = BIO_write(ssl->wbio, buf->data(), buf->size());
   if (ret <= 0) {
-    ssl->rwstate = SSL_WRITING;
+    ssl->s3->rwstate = SSL_WRITING;
     // If the write failed, drop the write buffer anyway. Datagram transports
     // can't write half a packet, so the caller is expected to retry from the
     // top.
-    ssl_write_buffer_clear(ssl);
+    buf->Clear();
     return ret;
   }
-  ssl_write_buffer_clear(ssl);
+  buf->Clear();
   return 1;
 }
 
@@ -289,8 +283,4 @@ int ssl_write_buffer_flush(SSL *ssl) {
   }
 }
 
-void ssl_write_buffer_clear(SSL *ssl) {
-  clear_buffer(&ssl->s3->write_buffer);
-}
-
 }  // namespace bssl

data/third_party/boringssl/ssl/ssl_cert.cc

@@ -704,6 +704,17 @@ UniquePtr<STACK_OF(CRYPTO_BUFFER)> ssl_parse_client_CA_list(SSL *ssl,
   return ret;
 }
 
+bool ssl_has_client_CAs(SSL *ssl) {
+  STACK_OF(CRYPTO_BUFFER) *names = ssl->client_CA;
+  if (names == NULL) {
+    names = ssl->ctx->client_CA;
+  }
+  if (names == NULL) {
+    return false;
+  }
+  return sk_CRYPTO_BUFFER_num(names) > 0;
+}
+
 int ssl_add_client_CA_list(SSL *ssl, CBB *cbb) {
   CBB child, name_cbb;
   if (!CBB_add_u16_length_prefixed(cbb, &child)) {
@@ -732,7 +743,7 @@ int ssl_add_client_CA_list(SSL *ssl, CBB *cbb) {
 int ssl_check_leaf_certificate(SSL_HANDSHAKE *hs, EVP_PKEY *pkey,
                                const CRYPTO_BUFFER *leaf) {
   SSL *const ssl = hs->ssl;
-  assert(ssl3_protocol_version(ssl) < TLS1_3_VERSION);
+  assert(ssl_protocol_version(ssl) < TLS1_3_VERSION);
 
   // Check the certificate's type matches the cipher.
   if (!(hs->new_cipher->algorithm_auth & ssl_cipher_auth_mask_for_key(pkey))) {

data/third_party/boringssl/ssl/ssl_cipher.cc

@@ -578,7 +578,7 @@ typedef struct cipher_alias_st {
 
 static const CIPHER_ALIAS kCipherAliases[] = {
     // "ALL" doesn't include eNULL. It must be explicitly enabled.
-    {"ALL", ~0u, ~0u, ~SSL_eNULL, ~0u, 0},
+    {"ALL", ~0u, ~0u, ~0u, ~0u, 0},
 
     // The "COMPLEMENTOFDEFAULT" rule is omitted. It matches nothing.
 
@@ -594,7 +594,7 @@ static const CIPHER_ALIAS kCipherAliases[] = {
     {"kPSK", SSL_kPSK, ~0u, ~0u, ~0u, 0},
 
     // server authentication aliases
-    {"aRSA", ~0u, SSL_aRSA, ~SSL_eNULL, ~0u, 0},
+    {"aRSA", ~0u, SSL_aRSA, ~0u, ~0u, 0},
     {"aECDSA", ~0u, SSL_aECDSA, ~0u, ~0u, 0},
     {"ECDSA", ~0u, SSL_aECDSA, ~0u, ~0u, 0},
     {"aPSK", ~0u, SSL_aPSK, ~0u, ~0u, 0},
@@ -602,7 +602,7 @@ static const CIPHER_ALIAS kCipherAliases[] = {
     // aliases combining key exchange and server authentication
     {"ECDHE", SSL_kECDHE, ~0u, ~0u, ~0u, 0},
     {"EECDH", SSL_kECDHE, ~0u, ~0u, ~0u, 0},
-    {"RSA", SSL_kRSA, SSL_aRSA, ~SSL_eNULL, ~0u, 0},
+    {"RSA", SSL_kRSA, SSL_aRSA, ~0u, ~0u, 0},
     {"PSK", SSL_kPSK, SSL_aPSK, ~0u, ~0u, 0},
 
     // symmetric encryption aliases
@@ -614,20 +614,20 @@ static const CIPHER_ALIAS kCipherAliases[] = {
     {"CHACHA20", ~0u, ~0u, SSL_CHACHA20POLY1305, ~0u, 0},
 
     // MAC aliases
-    {"SHA1", ~0u, ~0u, ~SSL_eNULL, SSL_SHA1, 0},
-    {"SHA", ~0u, ~0u, ~SSL_eNULL, SSL_SHA1, 0},
+    {"SHA1", ~0u, ~0u, ~0u, SSL_SHA1, 0},
+    {"SHA", ~0u, ~0u, ~0u, SSL_SHA1, 0},
     {"SHA256", ~0u, ~0u, ~0u, SSL_SHA256, 0},
     {"SHA384", ~0u, ~0u, ~0u, SSL_SHA384, 0},
 
     // Legacy protocol minimum version aliases. "TLSv1" is intentionally the
     // same as "SSLv3".
-    {"SSLv3", ~0u, ~0u, ~SSL_eNULL, ~0u, SSL3_VERSION},
-    {"TLSv1", ~0u, ~0u, ~SSL_eNULL, ~0u, SSL3_VERSION},
-    {"TLSv1.2", ~0u, ~0u, ~SSL_eNULL, ~0u, TLS1_2_VERSION},
+    {"SSLv3", ~0u, ~0u, ~0u, ~0u, SSL3_VERSION},
+    {"TLSv1", ~0u, ~0u, ~0u, ~0u, SSL3_VERSION},
+    {"TLSv1.2", ~0u, ~0u, ~0u, ~0u, TLS1_2_VERSION},
 
     // Legacy strength classes.
-    {"HIGH", ~0u, ~0u, ~SSL_eNULL, ~0u, 0},
-    {"FIPS", ~0u, ~0u, ~SSL_eNULL, ~0u, 0},
+    {"HIGH", ~0u, ~0u, ~0u, ~0u, 0},
+    {"FIPS", ~0u, ~0u, ~0u, ~0u, 0},
 };
 
 static const size_t kCipherAliasesLen = OPENSSL_ARRAY_SIZE(kCipherAliases);
@@ -811,19 +811,14 @@ static void ll_append_head(CIPHER_ORDER **head, CIPHER_ORDER *curr,
   *head = curr;
 }
 
-static void ssl_cipher_collect_ciphers(const SSL_PROTOCOL_METHOD *ssl_method,
-                                       CIPHER_ORDER *co_list,
+static void ssl_cipher_collect_ciphers(CIPHER_ORDER *co_list,
                                        CIPHER_ORDER **head_p,
                                        CIPHER_ORDER **tail_p) {
-  // The set of ciphers is static, but some subset may be unsupported by
-  // |ssl_method|, so the list may be smaller.
   size_t co_list_num = 0;
-  for (size_t i = 0; i < kCiphersLen; i++) {
-    const SSL_CIPHER *cipher = &kCiphers[i];
-    if (ssl_method->supports_cipher(cipher) &&
-        // TLS 1.3 ciphers do not participate in this mechanism.
-        cipher->algorithm_mkey != SSL_kGENERIC) {
-      co_list[co_list_num].cipher = cipher;
+  for (const SSL_CIPHER &cipher : kCiphers) {
+    // TLS 1.3 ciphers do not participate in this mechanism.
+    if (cipher.algorithm_mkey != SSL_kGENERIC) {
+      co_list[co_list_num].cipher = &cipher;
       co_list[co_list_num].next = NULL;
       co_list[co_list_num].prev = NULL;
       co_list[co_list_num].active = false;
@@ -923,7 +918,9 @@ static void ssl_cipher_apply_rule(
           !(alg_auth & cp->algorithm_auth) ||
           !(alg_enc & cp->algorithm_enc) ||
           !(alg_mac & cp->algorithm_mac) ||
-          (min_version != 0 && SSL_CIPHER_get_min_version(cp) != min_version)) {
+          (min_version != 0 && SSL_CIPHER_get_min_version(cp) != min_version) ||
+          // The NULL cipher must be selected explicitly.
+          cp->algorithm_enc == SSL_eNULL) {
         continue;
       }
     }
@@ -1023,8 +1020,7 @@ static bool ssl_cipher_strength_sort(CIPHER_ORDER **head_p,
   return true;
 }
 
-static bool ssl_cipher_process_rulestr(const SSL_PROTOCOL_METHOD *ssl_method,
-                                       const char *rule_str,
+static bool ssl_cipher_process_rulestr(const char *rule_str,
                                        CIPHER_ORDER **head_p,
                                        CIPHER_ORDER **tail_p, bool strict) {
   uint32_t alg_mkey, alg_auth, alg_enc, alg_mac;
@@ -1206,7 +1202,6 @@ static bool ssl_cipher_process_rulestr(const SSL_PROTOCOL_METHOD *ssl_method,
 }
 
 bool ssl_create_cipher_list(
-    const SSL_PROTOCOL_METHOD *ssl_method,
     struct ssl_cipher_preference_list_st **out_cipher_list,
     const char *rule_str, bool strict) {
   STACK_OF(SSL_CIPHER) *cipherstack = NULL;
@@ -1229,7 +1224,7 @@ bool ssl_create_cipher_list(
     return false;
   }
 
-  ssl_cipher_collect_ciphers(ssl_method, co_list, &head, &tail);
+  ssl_cipher_collect_ciphers(co_list, &head, &tail);
 
   // Now arrange all ciphers by preference:
   // TODO(davidben): Compute this order once and copy it.
@@ -1288,8 +1283,8 @@ bool ssl_create_cipher_list(
   // using the (possibly available) additional rules.
   const char *rule_p = rule_str;
   if (strncmp(rule_str, "DEFAULT", 7) == 0) {
-    if (!ssl_cipher_process_rulestr(ssl_method, SSL_DEFAULT_CIPHER_LIST, &head,
-                                    &tail, strict)) {
+    if (!ssl_cipher_process_rulestr(SSL_DEFAULT_CIPHER_LIST, &head, &tail,
+                                    strict)) {
       goto err;
     }
     rule_p += 7;
@@ -1299,7 +1294,7 @@ bool ssl_create_cipher_list(
   }
 
   if (*rule_p != '\0' &&
-      !ssl_cipher_process_rulestr(ssl_method, rule_p, &head, &tail, strict)) {
+      !ssl_cipher_process_rulestr(rule_p, &head, &tail, strict)) {
     goto err;
   }