Consolidate all of the SSL method structs/functions into a single file.

Discussed with tb@
author: jsing <> 2018-11-05 05:45:15 +0000
committer: jsing <> 2018-11-05 05:45:15 +0000
commit: fb9f160cf8d816f5dd783bf8cad3828d2aa35dbe (patch)
tree: 3f0fe5c046ee4d7240d6ea15879199dca6797790
parent: 4248d53deb162850abf1ed3e2cb99d6bd43824f2 (diff)
download: openbsd-fb9f160cf8d816f5dd783bf8cad3828d2aa35dbe.tar.gz
openbsd-fb9f160cf8d816f5dd783bf8cad3828d2aa35dbe.tar.bz2
openbsd-fb9f160cf8d816f5dd783bf8cad3828d2aa35dbe.zip
8 files changed, 672 insertions, 871 deletions
diff --git a/src/lib/libssl/Makefile b/src/lib/libssl/Makefile
index 6a397a7df7..e912562a75 100644
--- a/src/lib/libssl/Makefile
+++ b/src/lib/libssl/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.39 2018/03/17 16:20:01 beck Exp $
+# $OpenBSD: Makefile,v 1.40 2018/11/05 05:45:15 jsing Exp $
 .include <bsd.own.mk>
 .ifndef NOMAN
@@ -26,13 +26,13 @@ SYMBOL_LIST=	${.CURDIR}/Symbols.list
 SRCS= \
        ssl_srvr.c ssl_clnt.c s3_lib.c ssl_pkt.c ssl_both.c \
-        t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c t1_hash.c \
+        t1_lib.c t1_enc.c t1_hash.c \
-        d1_meth.c d1_srvr.c d1_clnt.c d1_lib.c d1_pkt.c \
+        d1_srvr.c d1_clnt.c d1_lib.c d1_pkt.c \
        d1_both.c d1_enc.c d1_srtp.c \
        ssl_lib.c ssl_cert.c ssl_sess.c \
        ssl_ciph.c ssl_stat.c ssl_rsa.c \
        ssl_asn1.c ssl_txt.c ssl_algs.c \
-        bio_ssl.c ssl_err.c \
+        bio_ssl.c ssl_err.c ssl_methods.c \
        ssl_packet.c ssl_tlsext.c ssl_versions.c pqueue.c ssl_init.c
 SRCS+=  s3_cbc.c
 SRCS+=  bs_ber.c bs_cbb.c bs_cbs.c
diff --git a/src/lib/libssl/d1_clnt.c b/src/lib/libssl/d1_clnt.c
index 8f60f4a8c4..ee21a1bebc 100644
--- a/src/lib/libssl/d1_clnt.c
+++ b/src/lib/libssl/d1_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_clnt.c,v 1.81 2018/08/30 16:56:16 jsing Exp $ */
+/* $OpenBSD: d1_clnt.c,v 1.82 2018/11/05 05:45:15 jsing Exp $ */
 /*
 * DTLS implementation written by Nagendra Modadugu
 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -127,49 +127,6 @@
 #include "bytestring.h"
-static const SSL_METHOD_INTERNAL DTLSv1_client_method_internal_data = {
-        .version = DTLS1_VERSION,
-        .min_version = DTLS1_VERSION,
-        .max_version = DTLS1_VERSION,
-        .ssl_new = dtls1_new,
-        .ssl_clear = dtls1_clear,
-        .ssl_free = dtls1_free,
-        .ssl_accept = ssl_undefined_function,
-        .ssl_connect = ssl3_connect,
-        .get_ssl_method = dtls1_get_client_method,
-        .get_timeout = dtls1_default_timeout,
-        .ssl_version = ssl_undefined_void_function,
-        .ssl_renegotiate = ssl3_renegotiate,
-        .ssl_renegotiate_check = ssl3_renegotiate_check,
-        .ssl_get_message = dtls1_get_message,
-        .ssl_read_bytes = dtls1_read_bytes,
-        .ssl_write_bytes = dtls1_write_app_data_bytes,
-        .ssl3_enc = &DTLSv1_enc_data,
-};
-static const SSL_METHOD DTLSv1_client_method_data = {
-        .ssl_dispatch_alert = dtls1_dispatch_alert,
-        .num_ciphers = ssl3_num_ciphers,
-        .get_cipher = dtls1_get_cipher,
-        .get_cipher_by_char = ssl3_get_cipher_by_char,
-        .put_cipher_by_char = ssl3_put_cipher_by_char,
-        .internal = &DTLSv1_client_method_internal_data,
-};
-const SSL_METHOD *
-DTLSv1_client_method(void)
-{
-        return &DTLSv1_client_method_data;
-}
-const SSL_METHOD *
-dtls1_get_client_method(int ver)
-{
-        if (ver == DTLS1_VERSION)
-                return (DTLSv1_client_method());
-        return (NULL);
-}
 int
 dtls1_get_hello_verify(SSL *s)
 {
diff --git a/src/lib/libssl/d1_meth.c b/src/lib/libssl/d1_meth.c
deleted file mode 100644
index e157dc4d93..0000000000
--- a/src/lib/libssl/d1_meth.c
+++ /dev/null
@@ -1,109 +0,0 @@
-/* $OpenBSD: d1_meth.c,v 1.17 2018/08/30 16:56:16 jsing Exp $ */
-/*
- * DTLS implementation written by Nagendra Modadugu
- * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
- */
-/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#include <stdio.h>
-#include <openssl/objects.h>
-#include "ssl_locl.h"
-static const SSL_METHOD *dtls1_get_method(int ver);
-static const SSL_METHOD_INTERNAL DTLSv1_method_internal_data = {
-        .version = DTLS1_VERSION,
-        .min_version = DTLS1_VERSION,
-        .max_version = DTLS1_VERSION,
-        .ssl_new = dtls1_new,
-        .ssl_clear = dtls1_clear,
-        .ssl_free = dtls1_free,
-        .ssl_accept = ssl3_accept,
-        .ssl_connect = ssl3_connect,
-        .get_ssl_method = dtls1_get_method,
-        .get_timeout = dtls1_default_timeout,
-        .ssl_version = ssl_undefined_void_function,
-        .ssl_renegotiate = ssl3_renegotiate,
-        .ssl_renegotiate_check = ssl3_renegotiate_check,
-        .ssl_get_message = dtls1_get_message,
-        .ssl_read_bytes = dtls1_read_bytes,
-        .ssl_write_bytes = dtls1_write_app_data_bytes,
-        .ssl3_enc = &DTLSv1_enc_data,
-};
-static const SSL_METHOD DTLSv1_method_data = {
-        .ssl_dispatch_alert = dtls1_dispatch_alert,
-        .num_ciphers = ssl3_num_ciphers,
-        .get_cipher = dtls1_get_cipher,
-        .get_cipher_by_char = ssl3_get_cipher_by_char,
-        .put_cipher_by_char = ssl3_put_cipher_by_char,
-        .internal = &DTLSv1_method_internal_data,
-};
-const SSL_METHOD *
-DTLSv1_method(void)
-{
-        return &DTLSv1_method_data;
-}
-static const SSL_METHOD *
-dtls1_get_method(int ver)
-{
-        if (ver == DTLS1_VERSION)
-                return (DTLSv1_method());
-        return (NULL);
-}
diff --git a/src/lib/libssl/d1_srvr.c b/src/lib/libssl/d1_srvr.c
index c0ee0d00aa..1a1ee5429e 100644
--- a/src/lib/libssl/d1_srvr.c
+++ b/src/lib/libssl/d1_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_srvr.c,v 1.94 2018/08/30 16:56:16 jsing Exp $ */
+/* $OpenBSD: d1_srvr.c,v 1.95 2018/11/05 05:45:15 jsing Exp $ */
 /*
 * DTLS implementation written by Nagendra Modadugu
 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -125,49 +125,6 @@
 #include <openssl/objects.h>
 #include <openssl/x509.h>
-static const SSL_METHOD_INTERNAL DTLSv1_server_method_internal_data = {
-        .version = DTLS1_VERSION,
-        .min_version = DTLS1_VERSION,
-        .max_version = DTLS1_VERSION,
-        .ssl_new = dtls1_new,
-        .ssl_clear = dtls1_clear,
-        .ssl_free = dtls1_free,
-        .ssl_accept = ssl3_accept,
-        .ssl_connect = ssl_undefined_function,
-        .get_ssl_method = dtls1_get_server_method,
-        .get_timeout = dtls1_default_timeout,
-        .ssl_version = ssl_undefined_void_function,
-        .ssl_renegotiate = ssl3_renegotiate,
-        .ssl_renegotiate_check = ssl3_renegotiate_check,
-        .ssl_get_message = dtls1_get_message,
-        .ssl_read_bytes = dtls1_read_bytes,
-        .ssl_write_bytes = dtls1_write_app_data_bytes,
-        .ssl3_enc = &DTLSv1_enc_data,
-};
-static const SSL_METHOD DTLSv1_server_method_data = {
-        .ssl_dispatch_alert = dtls1_dispatch_alert,
-        .num_ciphers = ssl3_num_ciphers,
-        .get_cipher = dtls1_get_cipher,
-        .get_cipher_by_char = ssl3_get_cipher_by_char,
-        .put_cipher_by_char = ssl3_put_cipher_by_char,
-        .internal = &DTLSv1_server_method_internal_data,
-};
-const SSL_METHOD *
-DTLSv1_server_method(void)
-{
-        return &DTLSv1_server_method_data;
-}
-const SSL_METHOD *
-dtls1_get_server_method(int ver)
-{
-        if (ver == DTLS1_VERSION)
-                return (DTLSv1_server_method());
-        return (NULL);
-}
 int
 dtls1_send_hello_verify_request(SSL *s)
 {
diff --git a/src/lib/libssl/ssl_methods.c b/src/lib/libssl/ssl_methods.c
new file mode 100644
index 0000000000..3e9f18bc40
--- /dev/null
+++ b/src/lib/libssl/ssl_methods.c
@@ -0,0 +1,666 @@
+/* $OpenBSD: ssl_methods.c,v 1.1 2018/11/05 05:45:15 jsing Exp $ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include "ssl_locl.h"
+static const SSL_METHOD_INTERNAL DTLSv1_client_method_internal_data = {
+        .version = DTLS1_VERSION,
+        .min_version = DTLS1_VERSION,
+        .max_version = DTLS1_VERSION,
+        .ssl_new = dtls1_new,
+        .ssl_clear = dtls1_clear,
+        .ssl_free = dtls1_free,
+        .ssl_accept = ssl_undefined_function,
+        .ssl_connect = ssl3_connect,
+        .get_ssl_method = dtls1_get_client_method,
+        .get_timeout = dtls1_default_timeout,
+        .ssl_version = ssl_undefined_void_function,
+        .ssl_renegotiate = ssl3_renegotiate,
+        .ssl_renegotiate_check = ssl3_renegotiate_check,
+        .ssl_get_message = dtls1_get_message,
+        .ssl_read_bytes = dtls1_read_bytes,
+        .ssl_write_bytes = dtls1_write_app_data_bytes,
+        .ssl3_enc = &DTLSv1_enc_data,
+};
+static const SSL_METHOD DTLSv1_client_method_data = {
+        .ssl_dispatch_alert = dtls1_dispatch_alert,
+        .num_ciphers = ssl3_num_ciphers,
+        .get_cipher = dtls1_get_cipher,
+        .get_cipher_by_char = ssl3_get_cipher_by_char,
+        .put_cipher_by_char = ssl3_put_cipher_by_char,
+        .internal = &DTLSv1_client_method_internal_data,
+};
+const SSL_METHOD *
+DTLSv1_client_method(void)
+{
+        return &DTLSv1_client_method_data;
+}
+const SSL_METHOD *
+dtls1_get_client_method(int ver)
+{
+        if (ver == DTLS1_VERSION)
+                return (DTLSv1_client_method());
+        return (NULL);
+}
+static const SSL_METHOD *dtls1_get_method(int ver);
+static const SSL_METHOD_INTERNAL DTLSv1_method_internal_data = {
+        .version = DTLS1_VERSION,
+        .min_version = DTLS1_VERSION,
+        .max_version = DTLS1_VERSION,
+        .ssl_new = dtls1_new,
+        .ssl_clear = dtls1_clear,
+        .ssl_free = dtls1_free,
+        .ssl_accept = ssl3_accept,
+        .ssl_connect = ssl3_connect,
+        .get_ssl_method = dtls1_get_method,
+        .get_timeout = dtls1_default_timeout,
+        .ssl_version = ssl_undefined_void_function,
+        .ssl_renegotiate = ssl3_renegotiate,
+        .ssl_renegotiate_check = ssl3_renegotiate_check,
+        .ssl_get_message = dtls1_get_message,
+        .ssl_read_bytes = dtls1_read_bytes,
+        .ssl_write_bytes = dtls1_write_app_data_bytes,
+        .ssl3_enc = &DTLSv1_enc_data,
+};
+static const SSL_METHOD DTLSv1_method_data = {
+        .ssl_dispatch_alert = dtls1_dispatch_alert,
+        .num_ciphers = ssl3_num_ciphers,
+        .get_cipher = dtls1_get_cipher,
+        .get_cipher_by_char = ssl3_get_cipher_by_char,
+        .put_cipher_by_char = ssl3_put_cipher_by_char,
+        .internal = &DTLSv1_method_internal_data,
+};
+const SSL_METHOD *
+DTLSv1_method(void)
+{
+        return &DTLSv1_method_data;
+}
+static const SSL_METHOD *
+dtls1_get_method(int ver)
+{
+        if (ver == DTLS1_VERSION)
+                return (DTLSv1_method());
+        return (NULL);
+}
+static const SSL_METHOD_INTERNAL DTLSv1_server_method_internal_data = {
+        .version = DTLS1_VERSION,
+        .min_version = DTLS1_VERSION,
+        .max_version = DTLS1_VERSION,
+        .ssl_new = dtls1_new,
+        .ssl_clear = dtls1_clear,
+        .ssl_free = dtls1_free,
+        .ssl_accept = ssl3_accept,
+        .ssl_connect = ssl_undefined_function,
+        .get_ssl_method = dtls1_get_server_method,
+        .get_timeout = dtls1_default_timeout,
+        .ssl_version = ssl_undefined_void_function,
+        .ssl_renegotiate = ssl3_renegotiate,
+        .ssl_renegotiate_check = ssl3_renegotiate_check,
+        .ssl_get_message = dtls1_get_message,
+        .ssl_read_bytes = dtls1_read_bytes,
+        .ssl_write_bytes = dtls1_write_app_data_bytes,
+        .ssl3_enc = &DTLSv1_enc_data,
+};
+static const SSL_METHOD DTLSv1_server_method_data = {
+        .ssl_dispatch_alert = dtls1_dispatch_alert,
+        .num_ciphers = ssl3_num_ciphers,
+        .get_cipher = dtls1_get_cipher,
+        .get_cipher_by_char = ssl3_get_cipher_by_char,
+        .put_cipher_by_char = ssl3_put_cipher_by_char,
+        .internal = &DTLSv1_server_method_internal_data,
+};
+const SSL_METHOD *
+DTLSv1_server_method(void)
+{
+        return &DTLSv1_server_method_data;
+}
+const SSL_METHOD *
+dtls1_get_server_method(int ver)
+{
+        if (ver == DTLS1_VERSION)
+                return (DTLSv1_server_method());
+        return (NULL);
+}
+static const SSL_METHOD_INTERNAL TLS_client_method_internal_data = {
+        .version = TLS1_2_VERSION,
+        .min_version = TLS1_VERSION,
+        .max_version = TLS1_2_VERSION,
+        .ssl_new = tls1_new,
+        .ssl_clear = tls1_clear,
+        .ssl_free = tls1_free,
+        .ssl_accept = ssl_undefined_function,
+        .ssl_connect = ssl3_connect,
+        .get_ssl_method = tls1_get_client_method,
+        .get_timeout = tls1_default_timeout,
+        .ssl_version = ssl_undefined_void_function,
+        .ssl_renegotiate = ssl_undefined_function,
+        .ssl_renegotiate_check = ssl_ok,
+        .ssl_get_message = ssl3_get_message,
+        .ssl_read_bytes = ssl3_read_bytes,
+        .ssl_write_bytes = ssl3_write_bytes,
+        .ssl3_enc = &TLSv1_2_enc_data,
+};
+static const SSL_METHOD TLS_client_method_data = {
+        .ssl_dispatch_alert = ssl3_dispatch_alert,
+        .num_ciphers = ssl3_num_ciphers,
+        .get_cipher = ssl3_get_cipher,
+        .get_cipher_by_char = ssl3_get_cipher_by_char,
+        .put_cipher_by_char = ssl3_put_cipher_by_char,
+        .internal = &TLS_client_method_internal_data,
+};
+static const SSL_METHOD_INTERNAL TLSv1_client_method_internal_data = {
+        .version = TLS1_VERSION,
+        .min_version = TLS1_VERSION,
+        .max_version = TLS1_VERSION,
+        .ssl_new = tls1_new,
+        .ssl_clear = tls1_clear,
+        .ssl_free = tls1_free,
+        .ssl_accept = ssl_undefined_function,
+        .ssl_connect = ssl3_connect,
+        .get_ssl_method = tls1_get_client_method,
+        .get_timeout = tls1_default_timeout,
+        .ssl_version = ssl_undefined_void_function,
+        .ssl_renegotiate = ssl3_renegotiate,
+        .ssl_renegotiate_check = ssl3_renegotiate_check,
+        .ssl_get_message = ssl3_get_message,
+        .ssl_read_bytes = ssl3_read_bytes,
+        .ssl_write_bytes = ssl3_write_bytes,
+        .ssl3_enc = &TLSv1_enc_data,
+};
+static const SSL_METHOD TLSv1_client_method_data = {
+        .ssl_dispatch_alert = ssl3_dispatch_alert,
+        .num_ciphers = ssl3_num_ciphers,
+        .get_cipher = ssl3_get_cipher,
+        .get_cipher_by_char = ssl3_get_cipher_by_char,
+        .put_cipher_by_char = ssl3_put_cipher_by_char,
+        .internal = &TLSv1_client_method_internal_data,
+};
+static const SSL_METHOD_INTERNAL TLSv1_1_client_method_internal_data = {
+        .version = TLS1_1_VERSION,
+        .min_version = TLS1_1_VERSION,
+        .max_version = TLS1_1_VERSION,
+        .ssl_new = tls1_new,
+        .ssl_clear = tls1_clear,
+        .ssl_free = tls1_free,
+        .ssl_accept = ssl_undefined_function,
+        .ssl_connect = ssl3_connect,
+        .get_ssl_method = tls1_get_client_method,
+        .get_timeout = tls1_default_timeout,
+        .ssl_version = ssl_undefined_void_function,
+        .ssl_renegotiate = ssl3_renegotiate,
+        .ssl_renegotiate_check = ssl3_renegotiate_check,
+        .ssl_get_message = ssl3_get_message,
+        .ssl_read_bytes = ssl3_read_bytes,
+        .ssl_write_bytes = ssl3_write_bytes,
+        .ssl3_enc = &TLSv1_1_enc_data,
+};
+static const SSL_METHOD TLSv1_1_client_method_data = {
+        .ssl_dispatch_alert = ssl3_dispatch_alert,
+        .num_ciphers = ssl3_num_ciphers,
+        .get_cipher = ssl3_get_cipher,
+        .get_cipher_by_char = ssl3_get_cipher_by_char,
+        .put_cipher_by_char = ssl3_put_cipher_by_char,
+        .internal = &TLSv1_1_client_method_internal_data,
+};
+static const SSL_METHOD_INTERNAL TLSv1_2_client_method_internal_data = {
+        .version = TLS1_2_VERSION,
+        .min_version = TLS1_2_VERSION,
+        .max_version = TLS1_2_VERSION,
+        .ssl_new = tls1_new,
+        .ssl_clear = tls1_clear,
+        .ssl_free = tls1_free,
+        .ssl_accept = ssl_undefined_function,
+        .ssl_connect = ssl3_connect,
+        .get_ssl_method = tls1_get_client_method,
+        .get_timeout = tls1_default_timeout,
+        .ssl_version = ssl_undefined_void_function,
+        .ssl_renegotiate = ssl3_renegotiate,
+        .ssl_renegotiate_check = ssl3_renegotiate_check,
+        .ssl_get_message = ssl3_get_message,
+        .ssl_read_bytes = ssl3_read_bytes,
+        .ssl_write_bytes = ssl3_write_bytes,
+        .ssl3_enc = &TLSv1_2_enc_data,
+};
+static const SSL_METHOD TLSv1_2_client_method_data = {
+        .ssl_dispatch_alert = ssl3_dispatch_alert,
+        .num_ciphers = ssl3_num_ciphers,
+        .get_cipher = ssl3_get_cipher,
+        .get_cipher_by_char = ssl3_get_cipher_by_char,
+        .put_cipher_by_char = ssl3_put_cipher_by_char,
+        .internal = &TLSv1_2_client_method_internal_data,
+};
+const SSL_METHOD *
+tls1_get_client_method(int ver)
+{
+        if (ver == TLS1_2_VERSION)
+                return (TLSv1_2_client_method());
+        if (ver == TLS1_1_VERSION)
+                return (TLSv1_1_client_method());
+        if (ver == TLS1_VERSION)
+                return (TLSv1_client_method());
+        return (NULL);
+}
+const SSL_METHOD *
+SSLv23_client_method(void)
+{
+        return (TLS_client_method());
+}
+const SSL_METHOD *
+TLS_client_method(void)
+{
+        return (&TLS_client_method_data);
+}
+const SSL_METHOD *
+TLSv1_client_method(void)
+{
+        return (&TLSv1_client_method_data);
+}
+const SSL_METHOD *
+TLSv1_1_client_method(void)
+{
+        return (&TLSv1_1_client_method_data);
+}
+const SSL_METHOD *
+TLSv1_2_client_method(void)
+{
+        return (&TLSv1_2_client_method_data);
+}
+static const SSL_METHOD *tls1_get_method(int ver);
+static const SSL_METHOD_INTERNAL TLS_method_internal_data = {
+        .version = TLS1_2_VERSION,
+        .min_version = TLS1_VERSION,
+        .max_version = TLS1_2_VERSION,
+        .ssl_new = tls1_new,
+        .ssl_clear = tls1_clear,
+        .ssl_free = tls1_free,
+        .ssl_accept = ssl3_accept,
+        .ssl_connect = ssl3_connect,
+        .get_ssl_method = tls1_get_method,
+        .get_timeout = tls1_default_timeout,
+        .ssl_version = ssl_undefined_void_function,
+        .ssl_renegotiate = ssl_undefined_function,
+        .ssl_renegotiate_check = ssl_ok,
+        .ssl_get_message = ssl3_get_message,
+        .ssl_read_bytes = ssl3_read_bytes,
+        .ssl_write_bytes = ssl3_write_bytes,
+        .ssl3_enc = &TLSv1_2_enc_data,
+};
+static const SSL_METHOD TLS_method_data = {
+        .ssl_dispatch_alert = ssl3_dispatch_alert,
+        .num_ciphers = ssl3_num_ciphers,
+        .get_cipher = ssl3_get_cipher,
+        .get_cipher_by_char = ssl3_get_cipher_by_char,
+        .put_cipher_by_char = ssl3_put_cipher_by_char,
+        .internal = &TLS_method_internal_data,
+};
+static const SSL_METHOD_INTERNAL TLSv1_method_internal_data = {
+        .version = TLS1_VERSION,
+        .min_version = TLS1_VERSION,
+        .max_version = TLS1_VERSION,
+        .ssl_new = tls1_new,
+        .ssl_clear = tls1_clear,
+        .ssl_free = tls1_free,
+        .ssl_accept = ssl3_accept,
+        .ssl_connect = ssl3_connect,
+        .get_ssl_method = tls1_get_method,
+        .get_timeout = tls1_default_timeout,
+        .ssl_version = ssl_undefined_void_function,
+        .ssl_renegotiate = ssl3_renegotiate,
+        .ssl_renegotiate_check = ssl3_renegotiate_check,
+        .ssl_get_message = ssl3_get_message,
+        .ssl_read_bytes = ssl3_read_bytes,
+        .ssl_write_bytes = ssl3_write_bytes,
+        .ssl3_enc = &TLSv1_enc_data,
+};
+static const SSL_METHOD TLSv1_method_data = {
+        .ssl_dispatch_alert = ssl3_dispatch_alert,
+        .num_ciphers = ssl3_num_ciphers,
+        .get_cipher = ssl3_get_cipher,
+        .get_cipher_by_char = ssl3_get_cipher_by_char,
+        .put_cipher_by_char = ssl3_put_cipher_by_char,
+        .internal = &TLSv1_method_internal_data,
+};
+static const SSL_METHOD_INTERNAL TLSv1_1_method_internal_data = {
+        .version = TLS1_1_VERSION,
+        .min_version = TLS1_1_VERSION,
+        .max_version = TLS1_1_VERSION,
+        .ssl_new = tls1_new,
+        .ssl_clear = tls1_clear,
+        .ssl_free = tls1_free,
+        .ssl_accept = ssl3_accept,
+        .ssl_connect = ssl3_connect,
+        .get_ssl_method = tls1_get_method,
+        .get_timeout = tls1_default_timeout,
+        .ssl_version = ssl_undefined_void_function,
+        .ssl_renegotiate = ssl3_renegotiate,
+        .ssl_renegotiate_check = ssl3_renegotiate_check,
+        .ssl_get_message = ssl3_get_message,
+        .ssl_read_bytes = ssl3_read_bytes,
+        .ssl_write_bytes = ssl3_write_bytes,
+        .ssl3_enc = &TLSv1_1_enc_data,
+};
+static const SSL_METHOD TLSv1_1_method_data = {
+        .ssl_dispatch_alert = ssl3_dispatch_alert,
+        .num_ciphers = ssl3_num_ciphers,
+        .get_cipher = ssl3_get_cipher,
+        .get_cipher_by_char = ssl3_get_cipher_by_char,
+        .put_cipher_by_char = ssl3_put_cipher_by_char,
+        .internal = &TLSv1_1_method_internal_data,
+};
+static const SSL_METHOD_INTERNAL TLSv1_2_method_internal_data = {
+        .version = TLS1_2_VERSION,
+        .min_version = TLS1_2_VERSION,
+        .max_version = TLS1_2_VERSION,
+        .ssl_new = tls1_new,
+        .ssl_clear = tls1_clear,
+        .ssl_free = tls1_free,
+        .ssl_accept = ssl3_accept,
+        .ssl_connect = ssl3_connect,
+        .get_ssl_method = tls1_get_method,
+        .get_timeout = tls1_default_timeout,
+        .ssl_version = ssl_undefined_void_function,
+        .ssl_renegotiate = ssl3_renegotiate,
+        .ssl_renegotiate_check = ssl3_renegotiate_check,
+        .ssl_get_message = ssl3_get_message,
+        .ssl_read_bytes = ssl3_read_bytes,
+        .ssl_write_bytes = ssl3_write_bytes,
+        .ssl3_enc = &TLSv1_2_enc_data,
+};
+static const SSL_METHOD TLSv1_2_method_data = {
+        .ssl_dispatch_alert = ssl3_dispatch_alert,
+        .num_ciphers = ssl3_num_ciphers,
+        .get_cipher = ssl3_get_cipher,
+        .get_cipher_by_char = ssl3_get_cipher_by_char,
+        .put_cipher_by_char = ssl3_put_cipher_by_char,
+        .internal = &TLSv1_2_method_internal_data,
+};
+static const SSL_METHOD *
+tls1_get_method(int ver)
+{
+        if (ver == TLS1_2_VERSION)
+                return (TLSv1_2_method());
+        if (ver == TLS1_1_VERSION)
+                return (TLSv1_1_method());
+        if (ver == TLS1_VERSION)
+                return (TLSv1_method());
+        return (NULL);
+}
+const SSL_METHOD *
+SSLv23_method(void)
+{
+        return (TLS_method());
+}
+const SSL_METHOD *
+TLS_method(void)
+{
+        return &TLS_method_data;
+}
+const SSL_METHOD *
+TLSv1_method(void)
+{
+        return (&TLSv1_method_data);
+}
+const SSL_METHOD *
+TLSv1_1_method(void)
+{
+        return (&TLSv1_1_method_data);
+}
+const SSL_METHOD *
+TLSv1_2_method(void)
+{
+        return (&TLSv1_2_method_data);
+}
+static const SSL_METHOD_INTERNAL TLS_server_method_internal_data = {
+        .version = TLS1_2_VERSION,
+        .min_version = TLS1_VERSION,
+        .max_version = TLS1_2_VERSION,
+        .ssl_new = tls1_new,
+        .ssl_clear = tls1_clear,
+        .ssl_free = tls1_free,
+        .ssl_accept = ssl3_accept,
+        .ssl_connect = ssl_undefined_function,
+        .get_ssl_method = tls1_get_server_method,
+        .get_timeout = tls1_default_timeout,
+        .ssl_version = ssl_undefined_void_function,
+        .ssl_renegotiate = ssl_undefined_function,
+        .ssl_renegotiate_check = ssl_ok,
+        .ssl_get_message = ssl3_get_message,
+        .ssl_read_bytes = ssl3_read_bytes,
+        .ssl_write_bytes = ssl3_write_bytes,
+        .ssl3_enc = &TLSv1_2_enc_data,
+};
+static const SSL_METHOD TLS_server_method_data = {
+        .ssl_dispatch_alert = ssl3_dispatch_alert,
+        .num_ciphers = ssl3_num_ciphers,
+        .get_cipher = ssl3_get_cipher,
+        .get_cipher_by_char = ssl3_get_cipher_by_char,
+        .put_cipher_by_char = ssl3_put_cipher_by_char,
+        .internal = &TLS_server_method_internal_data,
+};
+static const SSL_METHOD_INTERNAL TLSv1_server_method_internal_data = {
+        .version = TLS1_VERSION,
+        .min_version = TLS1_VERSION,
+        .max_version = TLS1_VERSION,
+        .ssl_new = tls1_new,
+        .ssl_clear = tls1_clear,
+        .ssl_free = tls1_free,
+        .ssl_accept = ssl3_accept,
+        .ssl_connect = ssl_undefined_function,
+        .get_ssl_method = tls1_get_server_method,
+        .get_timeout = tls1_default_timeout,
+        .ssl_version = ssl_undefined_void_function,
+        .ssl_renegotiate = ssl3_renegotiate,
+        .ssl_renegotiate_check = ssl3_renegotiate_check,
+        .ssl_get_message = ssl3_get_message,
+        .ssl_read_bytes = ssl3_read_bytes,
+        .ssl_write_bytes = ssl3_write_bytes,
+        .ssl3_enc = &TLSv1_enc_data,
+};
+static const SSL_METHOD TLSv1_server_method_data = {
+        .ssl_dispatch_alert = ssl3_dispatch_alert,
+        .num_ciphers = ssl3_num_ciphers,
+        .get_cipher = ssl3_get_cipher,
+        .get_cipher_by_char = ssl3_get_cipher_by_char,
+        .put_cipher_by_char = ssl3_put_cipher_by_char,
+        .internal = &TLSv1_server_method_internal_data,
+};
+static const SSL_METHOD_INTERNAL TLSv1_1_server_method_internal_data = {
+        .version = TLS1_1_VERSION,
+        .min_version = TLS1_1_VERSION,
+        .max_version = TLS1_1_VERSION,
+        .ssl_new = tls1_new,
+        .ssl_clear = tls1_clear,
+        .ssl_free = tls1_free,
+        .ssl_accept = ssl3_accept,
+        .ssl_connect = ssl_undefined_function,
+        .get_ssl_method = tls1_get_server_method,
+        .get_timeout = tls1_default_timeout,
+        .ssl_version = ssl_undefined_void_function,
+        .ssl_renegotiate = ssl3_renegotiate,
+        .ssl_renegotiate_check = ssl3_renegotiate_check,
+        .ssl_get_message = ssl3_get_message,
+        .ssl_read_bytes = ssl3_read_bytes,
+        .ssl_write_bytes = ssl3_write_bytes,
+        .ssl3_enc = &TLSv1_1_enc_data,
+};
+static const SSL_METHOD TLSv1_1_server_method_data = {
+        .ssl_dispatch_alert = ssl3_dispatch_alert,
+        .num_ciphers = ssl3_num_ciphers,
+        .get_cipher = ssl3_get_cipher,
+        .get_cipher_by_char = ssl3_get_cipher_by_char,
+        .put_cipher_by_char = ssl3_put_cipher_by_char,
+        .internal = &TLSv1_1_server_method_internal_data,
+};
+static const SSL_METHOD_INTERNAL TLSv1_2_server_method_internal_data = {
+        .version = TLS1_2_VERSION,
+        .min_version = TLS1_2_VERSION,
+        .max_version = TLS1_2_VERSION,
+        .ssl_new = tls1_new,
+        .ssl_clear = tls1_clear,
+        .ssl_free = tls1_free,
+        .ssl_accept = ssl3_accept,
+        .ssl_connect = ssl_undefined_function,
+        .get_ssl_method = tls1_get_server_method,
+        .get_timeout = tls1_default_timeout,
+        .ssl_version = ssl_undefined_void_function,
+        .ssl_renegotiate = ssl3_renegotiate,
+        .ssl_renegotiate_check = ssl3_renegotiate_check,
+        .ssl_get_message = ssl3_get_message,
+        .ssl_read_bytes = ssl3_read_bytes,
+        .ssl_write_bytes = ssl3_write_bytes,
+        .ssl3_enc = &TLSv1_2_enc_data,
+};
+static const SSL_METHOD TLSv1_2_server_method_data = {
+        .ssl_dispatch_alert = ssl3_dispatch_alert,
+        .num_ciphers = ssl3_num_ciphers,
+        .get_cipher = ssl3_get_cipher,
+        .get_cipher_by_char = ssl3_get_cipher_by_char,
+        .put_cipher_by_char = ssl3_put_cipher_by_char,
+        .internal = &TLSv1_2_server_method_internal_data,
+};
+const SSL_METHOD *
+tls1_get_server_method(int ver)
+{
+        if (ver == TLS1_2_VERSION)
+                return (TLSv1_2_server_method());
+        if (ver == TLS1_1_VERSION)
+                return (TLSv1_1_server_method());
+        if (ver == TLS1_VERSION)
+                return (TLSv1_server_method());
+        return (NULL);
+}
+const SSL_METHOD *
+SSLv23_server_method(void)
+{
+        return (TLS_server_method());
+}
+const SSL_METHOD *
+TLS_server_method(void)
+{
+        return (&TLS_server_method_data);
+}
+const SSL_METHOD *
+TLSv1_server_method(void)
+{
+        return (&TLSv1_server_method_data);
+}
+const SSL_METHOD *
+TLSv1_1_server_method(void)
+{
+        return (&TLSv1_1_server_method_data);
+}
+const SSL_METHOD *
+TLSv1_2_server_method(void)
+{
+        return (&TLSv1_2_server_method_data);
+}
diff --git a/src/lib/libssl/t1_clnt.c b/src/lib/libssl/t1_clnt.c
deleted file mode 100644
index 4e3b208743..0000000000
--- a/src/lib/libssl/t1_clnt.c
+++ /dev/null
@@ -1,223 +0,0 @@
-/* $OpenBSD: t1_clnt.c,v 1.26 2018/08/30 16:56:16 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-#include <stdio.h>
-#include "ssl_locl.h"
-#include <openssl/buffer.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-static const SSL_METHOD_INTERNAL TLS_client_method_internal_data = {
-        .version = TLS1_2_VERSION,
-        .min_version = TLS1_VERSION,
-        .max_version = TLS1_2_VERSION,
-        .ssl_new = tls1_new,
-        .ssl_clear = tls1_clear,
-        .ssl_free = tls1_free,
-        .ssl_accept = ssl_undefined_function,
-        .ssl_connect = ssl3_connect,
-        .get_ssl_method = tls1_get_client_method,
-        .get_timeout = tls1_default_timeout,
-        .ssl_version = ssl_undefined_void_function,
-        .ssl_renegotiate = ssl_undefined_function,
-        .ssl_renegotiate_check = ssl_ok,
-        .ssl_get_message = ssl3_get_message,
-        .ssl_read_bytes = ssl3_read_bytes,
-        .ssl_write_bytes = ssl3_write_bytes,
-        .ssl3_enc = &TLSv1_2_enc_data,
-};
-static const SSL_METHOD TLS_client_method_data = {
-        .ssl_dispatch_alert = ssl3_dispatch_alert,
-        .num_ciphers = ssl3_num_ciphers,
-        .get_cipher = ssl3_get_cipher,
-        .get_cipher_by_char = ssl3_get_cipher_by_char,
-        .put_cipher_by_char = ssl3_put_cipher_by_char,
-        .internal = &TLS_client_method_internal_data,
-};
-static const SSL_METHOD_INTERNAL TLSv1_client_method_internal_data = {
-        .version = TLS1_VERSION,
-        .min_version = TLS1_VERSION,
-        .max_version = TLS1_VERSION,
-        .ssl_new = tls1_new,
-        .ssl_clear = tls1_clear,
-        .ssl_free = tls1_free,
-        .ssl_accept = ssl_undefined_function,
-        .ssl_connect = ssl3_connect,
-        .get_ssl_method = tls1_get_client_method,
-        .get_timeout = tls1_default_timeout,
-        .ssl_version = ssl_undefined_void_function,
-        .ssl_renegotiate = ssl3_renegotiate,
-        .ssl_renegotiate_check = ssl3_renegotiate_check,
-        .ssl_get_message = ssl3_get_message,
-        .ssl_read_bytes = ssl3_read_bytes,
-        .ssl_write_bytes = ssl3_write_bytes,
-        .ssl3_enc = &TLSv1_enc_data,
-};
-static const SSL_METHOD TLSv1_client_method_data = {
-        .ssl_dispatch_alert = ssl3_dispatch_alert,
-        .num_ciphers = ssl3_num_ciphers,
-        .get_cipher = ssl3_get_cipher,
-        .get_cipher_by_char = ssl3_get_cipher_by_char,
-        .put_cipher_by_char = ssl3_put_cipher_by_char,
-        .internal = &TLSv1_client_method_internal_data,
-};
-static const SSL_METHOD_INTERNAL TLSv1_1_client_method_internal_data = {
-        .version = TLS1_1_VERSION,
-        .min_version = TLS1_1_VERSION,
-        .max_version = TLS1_1_VERSION,
-        .ssl_new = tls1_new,
-        .ssl_clear = tls1_clear,
-        .ssl_free = tls1_free,
-        .ssl_accept = ssl_undefined_function,
-        .ssl_connect = ssl3_connect,
-        .get_ssl_method = tls1_get_client_method,
-        .get_timeout = tls1_default_timeout,
-        .ssl_version = ssl_undefined_void_function,
-        .ssl_renegotiate = ssl3_renegotiate,
-        .ssl_renegotiate_check = ssl3_renegotiate_check,
-        .ssl_get_message = ssl3_get_message,
-        .ssl_read_bytes = ssl3_read_bytes,
-        .ssl_write_bytes = ssl3_write_bytes,
-        .ssl3_enc = &TLSv1_1_enc_data,
-};
-static const SSL_METHOD TLSv1_1_client_method_data = {
-        .ssl_dispatch_alert = ssl3_dispatch_alert,
-        .num_ciphers = ssl3_num_ciphers,
-        .get_cipher = ssl3_get_cipher,
-        .get_cipher_by_char = ssl3_get_cipher_by_char,
-        .put_cipher_by_char = ssl3_put_cipher_by_char,
-        .internal = &TLSv1_1_client_method_internal_data,
-};
-static const SSL_METHOD_INTERNAL TLSv1_2_client_method_internal_data = {
-        .version = TLS1_2_VERSION,
-        .min_version = TLS1_2_VERSION,
-        .max_version = TLS1_2_VERSION,
-        .ssl_new = tls1_new,
-        .ssl_clear = tls1_clear,
-        .ssl_free = tls1_free,
-        .ssl_accept = ssl_undefined_function,
-        .ssl_connect = ssl3_connect,
-        .get_ssl_method = tls1_get_client_method,
-        .get_timeout = tls1_default_timeout,
-        .ssl_version = ssl_undefined_void_function,
-        .ssl_renegotiate = ssl3_renegotiate,
-        .ssl_renegotiate_check = ssl3_renegotiate_check,
-        .ssl_get_message = ssl3_get_message,
-        .ssl_read_bytes = ssl3_read_bytes,
-        .ssl_write_bytes = ssl3_write_bytes,
-        .ssl3_enc = &TLSv1_2_enc_data,
-};
-static const SSL_METHOD TLSv1_2_client_method_data = {
-        .ssl_dispatch_alert = ssl3_dispatch_alert,
-        .num_ciphers = ssl3_num_ciphers,
-        .get_cipher = ssl3_get_cipher,
-        .get_cipher_by_char = ssl3_get_cipher_by_char,
-        .put_cipher_by_char = ssl3_put_cipher_by_char,
-        .internal = &TLSv1_2_client_method_internal_data,
-};
-const SSL_METHOD *
-tls1_get_client_method(int ver)
-{
-        if (ver == TLS1_2_VERSION)
-                return (TLSv1_2_client_method());
-        if (ver == TLS1_1_VERSION)
-                return (TLSv1_1_client_method());
-        if (ver == TLS1_VERSION)
-                return (TLSv1_client_method());
-        return (NULL);
-}
-const SSL_METHOD *
-SSLv23_client_method(void)
-{
-        return (TLS_client_method());
-}
-const SSL_METHOD *
-TLS_client_method(void)
-{
-        return (&TLS_client_method_data);
-}
-const SSL_METHOD *
-TLSv1_client_method(void)
-{
-        return (&TLSv1_client_method_data);
-}
-const SSL_METHOD *
-TLSv1_1_client_method(void)
-{
-        return (&TLSv1_1_client_method_data);
-}
-const SSL_METHOD *
-TLSv1_2_client_method(void)
-{
-        return (&TLSv1_2_client_method_data);
-}
diff --git a/src/lib/libssl/t1_meth.c b/src/lib/libssl/t1_meth.c
deleted file mode 100644
index 5ce8c9135b..0000000000
--- a/src/lib/libssl/t1_meth.c
+++ /dev/null
@@ -1,223 +0,0 @@
-/* $OpenBSD: t1_meth.c,v 1.25 2018/08/30 16:56:16 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-#include <stdio.h>
-#include <openssl/objects.h>
-#include "ssl_locl.h"
-static const SSL_METHOD *tls1_get_method(int ver);
-static const SSL_METHOD_INTERNAL TLS_method_internal_data = {
-        .version = TLS1_2_VERSION,
-        .min_version = TLS1_VERSION,
-        .max_version = TLS1_2_VERSION,
-        .ssl_new = tls1_new,
-        .ssl_clear = tls1_clear,
-        .ssl_free = tls1_free,
-        .ssl_accept = ssl3_accept,
-        .ssl_connect = ssl3_connect,
-        .get_ssl_method = tls1_get_method,
-        .get_timeout = tls1_default_timeout,
-        .ssl_version = ssl_undefined_void_function,
-        .ssl_renegotiate = ssl_undefined_function,
-        .ssl_renegotiate_check = ssl_ok,
-        .ssl_get_message = ssl3_get_message,
-        .ssl_read_bytes = ssl3_read_bytes,
-        .ssl_write_bytes = ssl3_write_bytes,
-        .ssl3_enc = &TLSv1_2_enc_data,
-};
-static const SSL_METHOD TLS_method_data = {
-        .ssl_dispatch_alert = ssl3_dispatch_alert,
-        .num_ciphers = ssl3_num_ciphers,
-        .get_cipher = ssl3_get_cipher,
-        .get_cipher_by_char = ssl3_get_cipher_by_char,
-        .put_cipher_by_char = ssl3_put_cipher_by_char,
-        .internal = &TLS_method_internal_data,
-};
-static const SSL_METHOD_INTERNAL TLSv1_method_internal_data = {
-        .version = TLS1_VERSION,
-        .min_version = TLS1_VERSION,
-        .max_version = TLS1_VERSION,
-        .ssl_new = tls1_new,
-        .ssl_clear = tls1_clear,
-        .ssl_free = tls1_free,
-        .ssl_accept = ssl3_accept,
-        .ssl_connect = ssl3_connect,
-        .get_ssl_method = tls1_get_method,
-        .get_timeout = tls1_default_timeout,
-        .ssl_version = ssl_undefined_void_function,
-        .ssl_renegotiate = ssl3_renegotiate,
-        .ssl_renegotiate_check = ssl3_renegotiate_check,
-        .ssl_get_message = ssl3_get_message,
-        .ssl_read_bytes = ssl3_read_bytes,
-        .ssl_write_bytes = ssl3_write_bytes,
-        .ssl3_enc = &TLSv1_enc_data,
-};
-static const SSL_METHOD TLSv1_method_data = {
-        .ssl_dispatch_alert = ssl3_dispatch_alert,
-        .num_ciphers = ssl3_num_ciphers,
-        .get_cipher = ssl3_get_cipher,
-        .get_cipher_by_char = ssl3_get_cipher_by_char,
-        .put_cipher_by_char = ssl3_put_cipher_by_char,
-        .internal = &TLSv1_method_internal_data,
-};
-static const SSL_METHOD_INTERNAL TLSv1_1_method_internal_data = {
-        .version = TLS1_1_VERSION,
-        .min_version = TLS1_1_VERSION,
-        .max_version = TLS1_1_VERSION,
-        .ssl_new = tls1_new,
-        .ssl_clear = tls1_clear,
-        .ssl_free = tls1_free,
-        .ssl_accept = ssl3_accept,
-        .ssl_connect = ssl3_connect,
-        .get_ssl_method = tls1_get_method,
-        .get_timeout = tls1_default_timeout,
-        .ssl_version = ssl_undefined_void_function,
-        .ssl_renegotiate = ssl3_renegotiate,
-        .ssl_renegotiate_check = ssl3_renegotiate_check,
-        .ssl_get_message = ssl3_get_message,
-        .ssl_read_bytes = ssl3_read_bytes,
-        .ssl_write_bytes = ssl3_write_bytes,
-        .ssl3_enc = &TLSv1_1_enc_data,
-};
-static const SSL_METHOD TLSv1_1_method_data = {
-        .ssl_dispatch_alert = ssl3_dispatch_alert,
-        .num_ciphers = ssl3_num_ciphers,
-        .get_cipher = ssl3_get_cipher,
-        .get_cipher_by_char = ssl3_get_cipher_by_char,
-        .put_cipher_by_char = ssl3_put_cipher_by_char,
-        .internal = &TLSv1_1_method_internal_data,
-};
-static const SSL_METHOD_INTERNAL TLSv1_2_method_internal_data = {
-        .version = TLS1_2_VERSION,
-        .min_version = TLS1_2_VERSION,
-        .max_version = TLS1_2_VERSION,
-        .ssl_new = tls1_new,
-        .ssl_clear = tls1_clear,
-        .ssl_free = tls1_free,
-        .ssl_accept = ssl3_accept,
-        .ssl_connect = ssl3_connect,
-        .get_ssl_method = tls1_get_method,
-        .get_timeout = tls1_default_timeout,
-        .ssl_version = ssl_undefined_void_function,
-        .ssl_renegotiate = ssl3_renegotiate,
-        .ssl_renegotiate_check = ssl3_renegotiate_check,
-        .ssl_get_message = ssl3_get_message,
-        .ssl_read_bytes = ssl3_read_bytes,
-        .ssl_write_bytes = ssl3_write_bytes,
-        .ssl3_enc = &TLSv1_2_enc_data,
-};
-static const SSL_METHOD TLSv1_2_method_data = {
-        .ssl_dispatch_alert = ssl3_dispatch_alert,
-        .num_ciphers = ssl3_num_ciphers,
-        .get_cipher = ssl3_get_cipher,
-        .get_cipher_by_char = ssl3_get_cipher_by_char,
-        .put_cipher_by_char = ssl3_put_cipher_by_char,
-        .internal = &TLSv1_2_method_internal_data,
-};
-static const SSL_METHOD *
-tls1_get_method(int ver)
-{
-        if (ver == TLS1_2_VERSION)
-                return (TLSv1_2_method());
-        if (ver == TLS1_1_VERSION)
-                return (TLSv1_1_method());
-        if (ver == TLS1_VERSION)
-                return (TLSv1_method());
-        return (NULL);
-}
-const SSL_METHOD *
-SSLv23_method(void)
-{
-        return (TLS_method());
-}
-const SSL_METHOD *
-TLS_method(void)
-{
-        return &TLS_method_data;
-}
-const SSL_METHOD *
-TLSv1_method(void)
-{
-        return (&TLSv1_method_data);
-}
-const SSL_METHOD *
-TLSv1_1_method(void)
-{
-        return (&TLSv1_1_method_data);
-}
-const SSL_METHOD *
-TLSv1_2_method(void)
-{
-        return (&TLSv1_2_method_data);
-}
diff --git a/src/lib/libssl/t1_srvr.c b/src/lib/libssl/t1_srvr.c
deleted file mode 100644
index 02c5cf46ae..0000000000
--- a/src/lib/libssl/t1_srvr.c
+++ /dev/null
@@ -1,224 +0,0 @@
-/* $OpenBSD: t1_srvr.c,v 1.27 2018/08/30 16:56:16 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-#include <stdio.h>
-#include "ssl_locl.h"
-#include <openssl/buffer.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-static const SSL_METHOD_INTERNAL TLS_server_method_internal_data = {
-        .version = TLS1_2_VERSION,
-        .min_version = TLS1_VERSION,
-        .max_version = TLS1_2_VERSION,
-        .ssl_new = tls1_new,
-        .ssl_clear = tls1_clear,
-        .ssl_free = tls1_free,
-        .ssl_accept = ssl3_accept,
-        .ssl_connect = ssl_undefined_function,
-        .get_ssl_method = tls1_get_server_method,
-        .get_timeout = tls1_default_timeout,
-        .ssl_version = ssl_undefined_void_function,
-        .ssl_renegotiate = ssl_undefined_function,
-        .ssl_renegotiate_check = ssl_ok,
-        .ssl_get_message = ssl3_get_message,
-        .ssl_read_bytes = ssl3_read_bytes,
-        .ssl_write_bytes = ssl3_write_bytes,
-        .ssl3_enc = &TLSv1_2_enc_data,
-};
-static const SSL_METHOD TLS_server_method_data = {
-        .ssl_dispatch_alert = ssl3_dispatch_alert,
-        .num_ciphers = ssl3_num_ciphers,
-        .get_cipher = ssl3_get_cipher,
-        .get_cipher_by_char = ssl3_get_cipher_by_char,
-        .put_cipher_by_char = ssl3_put_cipher_by_char,
-        .internal = &TLS_server_method_internal_data,
-};
-static const SSL_METHOD_INTERNAL TLSv1_server_method_internal_data = {
-        .version = TLS1_VERSION,
-        .min_version = TLS1_VERSION,
-        .max_version = TLS1_VERSION,
-        .ssl_new = tls1_new,
-        .ssl_clear = tls1_clear,
-        .ssl_free = tls1_free,
-        .ssl_accept = ssl3_accept,
-        .ssl_connect = ssl_undefined_function,
-        .get_ssl_method = tls1_get_server_method,
-        .get_timeout = tls1_default_timeout,
-        .ssl_version = ssl_undefined_void_function,
-        .ssl_renegotiate = ssl3_renegotiate,
-        .ssl_renegotiate_check = ssl3_renegotiate_check,
-        .ssl_get_message = ssl3_get_message,
-        .ssl_read_bytes = ssl3_read_bytes,
-        .ssl_write_bytes = ssl3_write_bytes,
-        .ssl3_enc = &TLSv1_enc_data,
-};
-static const SSL_METHOD TLSv1_server_method_data = {
-        .ssl_dispatch_alert = ssl3_dispatch_alert,
-        .num_ciphers = ssl3_num_ciphers,
-        .get_cipher = ssl3_get_cipher,
-        .get_cipher_by_char = ssl3_get_cipher_by_char,
-        .put_cipher_by_char = ssl3_put_cipher_by_char,
-        .internal = &TLSv1_server_method_internal_data,
-};
-static const SSL_METHOD_INTERNAL TLSv1_1_server_method_internal_data = {
-        .version = TLS1_1_VERSION,
-        .min_version = TLS1_1_VERSION,
-        .max_version = TLS1_1_VERSION,
-        .ssl_new = tls1_new,
-        .ssl_clear = tls1_clear,
-        .ssl_free = tls1_free,
-        .ssl_accept = ssl3_accept,
-        .ssl_connect = ssl_undefined_function,
-        .get_ssl_method = tls1_get_server_method,
-        .get_timeout = tls1_default_timeout,
-        .ssl_version = ssl_undefined_void_function,
-        .ssl_renegotiate = ssl3_renegotiate,
-        .ssl_renegotiate_check = ssl3_renegotiate_check,
-        .ssl_get_message = ssl3_get_message,
-        .ssl_read_bytes = ssl3_read_bytes,
-        .ssl_write_bytes = ssl3_write_bytes,
-        .ssl3_enc = &TLSv1_1_enc_data,
-};
-static const SSL_METHOD TLSv1_1_server_method_data = {
-        .ssl_dispatch_alert = ssl3_dispatch_alert,
-        .num_ciphers = ssl3_num_ciphers,
-        .get_cipher = ssl3_get_cipher,
-        .get_cipher_by_char = ssl3_get_cipher_by_char,
-        .put_cipher_by_char = ssl3_put_cipher_by_char,
-        .internal = &TLSv1_1_server_method_internal_data,
-};
-static const SSL_METHOD_INTERNAL TLSv1_2_server_method_internal_data = {
-        .version = TLS1_2_VERSION,
-        .min_version = TLS1_2_VERSION,
-        .max_version = TLS1_2_VERSION,
-        .ssl_new = tls1_new,
-        .ssl_clear = tls1_clear,
-        .ssl_free = tls1_free,
-        .ssl_accept = ssl3_accept,
-        .ssl_connect = ssl_undefined_function,
-        .get_ssl_method = tls1_get_server_method,
-        .get_timeout = tls1_default_timeout,
-        .ssl_version = ssl_undefined_void_function,
-        .ssl_renegotiate = ssl3_renegotiate,
-        .ssl_renegotiate_check = ssl3_renegotiate_check,
-        .ssl_get_message = ssl3_get_message,
-        .ssl_read_bytes = ssl3_read_bytes,
-        .ssl_write_bytes = ssl3_write_bytes,
-        .ssl3_enc = &TLSv1_2_enc_data,
-};
-static const SSL_METHOD TLSv1_2_server_method_data = {
-        .ssl_dispatch_alert = ssl3_dispatch_alert,
-        .num_ciphers = ssl3_num_ciphers,
-        .get_cipher = ssl3_get_cipher,
-        .get_cipher_by_char = ssl3_get_cipher_by_char,
-        .put_cipher_by_char = ssl3_put_cipher_by_char,
-        .internal = &TLSv1_2_server_method_internal_data,
-};
-const SSL_METHOD *
-tls1_get_server_method(int ver)
-{
-        if (ver == TLS1_2_VERSION)
-                return (TLSv1_2_server_method());
-        if (ver == TLS1_1_VERSION)
-                return (TLSv1_1_server_method());
-        if (ver == TLS1_VERSION)
-                return (TLSv1_server_method());
-        return (NULL);
-}
-const SSL_METHOD *
-SSLv23_server_method(void)
-{
-        return (TLS_server_method());
-}
-const SSL_METHOD *
-TLS_server_method(void)
-{
-        return (&TLS_server_method_data);
-}
-const SSL_METHOD *
-TLSv1_server_method(void)
-{
-        return (&TLSv1_server_method_data);
-}
-const SSL_METHOD *
-TLSv1_1_server_method(void)
-{
-        return (&TLSv1_1_server_method_data);
-}
-const SSL_METHOD *
-TLSv1_2_server_method(void)
-{
-        return (&TLSv1_2_server_method_data);
-}
author	jsing <>	2018-11-05 05:45:15 +0000
committer	jsing <>	2018-11-05 05:45:15 +0000
commit	fb9f160cf8d816f5dd783bf8cad3828d2aa35dbe (patch)
tree	3f0fe5c046ee4d7240d6ea15879199dca6797790
parent	4248d53deb162850abf1ed3e2cb99d6bd43824f2 (diff)
download	openbsd-fb9f160cf8d816f5dd783bf8cad3828d2aa35dbe.tar.gz openbsd-fb9f160cf8d816f5dd783bf8cad3828d2aa35dbe.tar.bz2 openbsd-fb9f160cf8d816f5dd783bf8cad3828d2aa35dbe.zip