vtls/rustls: simplify ciphersuite skipping

Now that the rustls vtls backend is using rustls 0.14 we can take
advantage of `rustls_supported_ciphersuite_protocol_version()` to skip
TLS 1.3 and TLS 1.2 ciphersuites as required without needing to
interrogate the ciphersuite names as `rustls_str`s.

Closes #14889

diff --git a/lib/vtls/rustls.c b/lib/vtls/rustls.c
index 848bd973cd4233c3cb3c4df31f3592fb0ee6a7a8..241d2cc54029133697d65d80dc6f954a0dd2fda0 100644 (file)
--- a/lib/vtls/rustls.c
+++ b/lib/vtls/rustls.c
@@ -447,10 +447,9 @@ cr_get_selected_ciphers(struct Curl_easy *data,
   if(!ciphers13) {
     /* Add default TLSv1.3 ciphers to selection */
     for(j = 0; j < default_len; j++) {
-      struct rustls_str s;
       entry = rustls_default_crypto_provider_ciphersuites_get(j);
-      s = rustls_supported_ciphersuite_get_name(entry);
-      if(s.len < 5 || strncmp(s.data, "TLS13", 5) != 0)
+      if(rustls_supported_ciphersuite_protocol_version(entry) !=
+        RUSTLS_TLS_VERSION_TLSV1_3)
         continue;
 
       selected[count++] = entry;
@@ -505,10 +504,9 @@ add_ciphers:
   if(!ciphers12) {
     /* Add default TLSv1.2 ciphers to selection */
     for(j = 0; j < default_len; j++) {
-      struct rustls_str s;
       entry = rustls_default_crypto_provider_ciphersuites_get(j);
-      s = rustls_supported_ciphersuite_get_name(entry);
-      if(s.len >= 5 && strncmp(s.data, "TLS13", 5) == 0)
+      if(rustls_supported_ciphersuite_protocol_version(entry) ==
+          RUSTLS_TLS_VERSION_TLSV1_3)
         continue;
 
       /* No duplicates allowed (so selected cannot overflow) */