diff options
| author | jsing <> | 2015-09-02 17:59:15 +0000 |
|---|---|---|
| committer | jsing <> | 2015-09-02 17:59:15 +0000 |
| commit | 6979bbfe4fd79a2951b19171936b69968db66c1e (patch) | |
| tree | 5ed4d431f7e35e43a4977f14c4711fe9c9af39e0 | |
| parent | 7a0325c92218252068766465cba0cc0eb35d0c93 (diff) | |
| download | openbsd-6979bbfe4fd79a2951b19171936b69968db66c1e.tar.gz openbsd-6979bbfe4fd79a2951b19171936b69968db66c1e.tar.bz2 openbsd-6979bbfe4fd79a2951b19171936b69968db66c1e.zip | |
Replace dtls1_client_hello() with ssl3_client_hello() - both are basically
the same code, with two slight differences for DTLS handling.
Also, make use of send_cookie to determine if the client random needs to
be preserved, rather than testing if it is zeroed (hopefully your random
number generator never returned all zeros, since the existing code would
break). Inspired by BoringSSL.
ok doug@
| -rw-r--r-- | src/lib/libssl/d1_clnt.c | 105 | ||||
| -rw-r--r-- | src/lib/libssl/s3_clnt.c | 27 | ||||
| -rw-r--r-- | src/lib/libssl/src/ssl/d1_clnt.c | 105 | ||||
| -rw-r--r-- | src/lib/libssl/src/ssl/s3_clnt.c | 27 | ||||
| -rw-r--r-- | src/lib/libssl/src/ssl/ssl_locl.h | 3 | ||||
| -rw-r--r-- | src/lib/libssl/ssl_locl.h | 3 |
6 files changed, 58 insertions, 212 deletions
diff --git a/src/lib/libssl/d1_clnt.c b/src/lib/libssl/d1_clnt.c index b087535ce1..23d6b372c9 100644 --- a/src/lib/libssl/d1_clnt.c +++ b/src/lib/libssl/d1_clnt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: d1_clnt.c,v 1.47 2015/07/15 18:35:34 beck Exp $ */ | 1 | /* $OpenBSD: d1_clnt.c,v 1.48 2015/09/02 17:59:15 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * DTLS implementation written by Nagendra Modadugu | 3 | * DTLS implementation written by Nagendra Modadugu |
| 4 | * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. | 4 | * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. |
| @@ -263,7 +263,7 @@ dtls1_connect(SSL *s) | |||
| 263 | } | 263 | } |
| 264 | 264 | ||
| 265 | dtls1_start_timer(s); | 265 | dtls1_start_timer(s); |
| 266 | ret = dtls1_client_hello(s); | 266 | ret = ssl3_client_hello(s); |
| 267 | if (ret <= 0) | 267 | if (ret <= 0) |
| 268 | goto end; | 268 | goto end; |
| 269 | 269 | ||
| @@ -275,9 +275,10 @@ dtls1_connect(SSL *s) | |||
| 275 | 275 | ||
| 276 | s->init_num = 0; | 276 | s->init_num = 0; |
| 277 | 277 | ||
| 278 | /* turn on buffering for the next lot of output */ | 278 | /* turn on buffering for the next lot of output */ |
| 279 | if (s->bbio != s->wbio) | 279 | if (s->bbio != s->wbio) |
| 280 | s->wbio = BIO_push(s->bbio, s->wbio); | 280 | s->wbio = BIO_push(s->bbio, s->wbio); |
| 281 | |||
| 281 | break; | 282 | break; |
| 282 | 283 | ||
| 283 | case SSL3_ST_CR_SRVR_HELLO_A: | 284 | case SSL3_ST_CR_SRVR_HELLO_A: |
| @@ -603,100 +604,6 @@ end: | |||
| 603 | return (ret); | 604 | return (ret); |
| 604 | } | 605 | } |
| 605 | 606 | ||
| 606 | int | ||
| 607 | dtls1_client_hello(SSL *s) | ||
| 608 | { | ||
| 609 | unsigned char *bufend, *d, *p; | ||
| 610 | unsigned int i; | ||
| 611 | |||
| 612 | if (s->state == SSL3_ST_CW_CLNT_HELLO_A) { | ||
| 613 | SSL_SESSION *sess = s->session; | ||
| 614 | |||
| 615 | if ((s->session == NULL) || | ||
| 616 | (s->session->ssl_version != s->version) || | ||
| 617 | (!sess->session_id_length && !sess->tlsext_tick) || | ||
| 618 | (s->session->not_resumable)) { | ||
| 619 | if (!ssl_get_new_session(s, 0)) | ||
| 620 | goto err; | ||
| 621 | } | ||
| 622 | /* else use the pre-loaded session */ | ||
| 623 | |||
| 624 | p = s->s3->client_random; | ||
| 625 | |||
| 626 | /* if client_random is initialized, reuse it, we are | ||
| 627 | * required to use same upon reply to HelloVerify */ | ||
| 628 | for (i = 0; p[i]=='\0' && i < sizeof(s->s3->client_random); i++) | ||
| 629 | ; | ||
| 630 | if (i == sizeof(s->s3->client_random)) | ||
| 631 | arc4random_buf(p, sizeof(s->s3->client_random)); | ||
| 632 | |||
| 633 | d = p = ssl3_handshake_msg_start(s, SSL3_MT_CLIENT_HELLO); | ||
| 634 | |||
| 635 | *(p++) = s->version >> 8; | ||
| 636 | *(p++) = s->version&0xff; | ||
| 637 | s->client_version = s->version; | ||
| 638 | |||
| 639 | /* Random stuff */ | ||
| 640 | memcpy(p, s->s3->client_random, SSL3_RANDOM_SIZE); | ||
| 641 | p += SSL3_RANDOM_SIZE; | ||
| 642 | |||
| 643 | /* Session ID */ | ||
| 644 | if (s->new_session) | ||
| 645 | i = 0; | ||
| 646 | else | ||
| 647 | i = s->session->session_id_length; | ||
| 648 | *(p++) = i; | ||
| 649 | if (i != 0) { | ||
| 650 | if (i > sizeof s->session->session_id) { | ||
| 651 | SSLerr(SSL_F_DTLS1_CLIENT_HELLO, | ||
| 652 | ERR_R_INTERNAL_ERROR); | ||
| 653 | goto err; | ||
| 654 | } | ||
| 655 | memcpy(p, s->session->session_id, i); | ||
| 656 | p += i; | ||
| 657 | } | ||
| 658 | |||
| 659 | /* cookie stuff */ | ||
| 660 | if (s->d1->cookie_len > sizeof(s->d1->cookie)) { | ||
| 661 | SSLerr(SSL_F_DTLS1_CLIENT_HELLO, ERR_R_INTERNAL_ERROR); | ||
| 662 | goto err; | ||
| 663 | } | ||
| 664 | *(p++) = s->d1->cookie_len; | ||
| 665 | memcpy(p, s->d1->cookie, s->d1->cookie_len); | ||
| 666 | p += s->d1->cookie_len; | ||
| 667 | |||
| 668 | /* Ciphers supported */ | ||
| 669 | i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &p[2]); | ||
| 670 | if (i == 0) { | ||
| 671 | SSLerr(SSL_F_DTLS1_CLIENT_HELLO, | ||
| 672 | SSL_R_NO_CIPHERS_AVAILABLE); | ||
| 673 | goto err; | ||
| 674 | } | ||
| 675 | s2n(i, p); | ||
| 676 | p += i; | ||
| 677 | |||
| 678 | /* add in (no) COMPRESSION */ | ||
| 679 | *(p++) = 1; | ||
| 680 | *(p++) = 0; /* Add the NULL method */ | ||
| 681 | |||
| 682 | bufend = (unsigned char *)s->init_buf->data + | ||
| 683 | SSL3_RT_MAX_PLAIN_LENGTH; | ||
| 684 | if ((p = ssl_add_clienthello_tlsext(s, p, bufend)) == NULL) { | ||
| 685 | SSLerr(SSL_F_DTLS1_CLIENT_HELLO, ERR_R_INTERNAL_ERROR); | ||
| 686 | goto err; | ||
| 687 | } | ||
| 688 | |||
| 689 | ssl3_handshake_msg_finish(s, p - d); | ||
| 690 | |||
| 691 | s->state = SSL3_ST_CW_CLNT_HELLO_B; | ||
| 692 | } | ||
| 693 | |||
| 694 | /* SSL3_ST_CW_CLNT_HELLO_B */ | ||
| 695 | return (ssl3_handshake_write(s)); | ||
| 696 | err: | ||
| 697 | return (-1); | ||
| 698 | } | ||
| 699 | |||
| 700 | static int | 607 | static int |
| 701 | dtls1_get_hello_verify(SSL *s) | 608 | dtls1_get_hello_verify(SSL *s) |
| 702 | { | 609 | { |
diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c index 5b9af06aa5..1d1a0c77f0 100644 --- a/src/lib/libssl/s3_clnt.c +++ b/src/lib/libssl/s3_clnt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_clnt.c,v 1.124 2015/09/01 13:38:27 jsing Exp $ */ | 1 | /* $OpenBSD: s3_clnt.c,v 1.125 2015/09/02 17:59:15 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -584,7 +584,6 @@ end: | |||
| 584 | return (ret); | 584 | return (ret); |
| 585 | } | 585 | } |
| 586 | 586 | ||
| 587 | |||
| 588 | int | 587 | int |
| 589 | ssl3_client_hello(SSL *s) | 588 | ssl3_client_hello(SSL *s) |
| 590 | { | 589 | { |
| @@ -603,7 +602,13 @@ ssl3_client_hello(SSL *s) | |||
| 603 | } | 602 | } |
| 604 | /* else use the pre-loaded session */ | 603 | /* else use the pre-loaded session */ |
| 605 | 604 | ||
| 606 | arc4random_buf(s->s3->client_random, SSL3_RANDOM_SIZE); | 605 | /* |
| 606 | * If a DTLS ClientHello message is being resent after a | ||
| 607 | * HelloVerifyRequest, we must retain the original client | ||
| 608 | * random value. | ||
| 609 | */ | ||
| 610 | if (!SSL_IS_DTLS(s) || s->d1->send_cookie == 0) | ||
| 611 | arc4random_buf(s->s3->client_random, SSL3_RANDOM_SIZE); | ||
| 607 | 612 | ||
| 608 | d = p = ssl3_handshake_msg_start(s, SSL3_MT_CLIENT_HELLO); | 613 | d = p = ssl3_handshake_msg_start(s, SSL3_MT_CLIENT_HELLO); |
| 609 | 614 | ||
| @@ -660,6 +665,18 @@ ssl3_client_hello(SSL *s) | |||
| 660 | p += i; | 665 | p += i; |
| 661 | } | 666 | } |
| 662 | 667 | ||
| 668 | /* DTLS Cookie. */ | ||
| 669 | if (SSL_IS_DTLS(s)) { | ||
| 670 | if (s->d1->cookie_len > sizeof(s->d1->cookie)) { | ||
| 671 | SSLerr(SSL_F_DTLS1_CLIENT_HELLO, | ||
| 672 | ERR_R_INTERNAL_ERROR); | ||
| 673 | goto err; | ||
| 674 | } | ||
| 675 | *(p++) = s->d1->cookie_len; | ||
| 676 | memcpy(p, s->d1->cookie, s->d1->cookie_len); | ||
| 677 | p += s->d1->cookie_len; | ||
| 678 | } | ||
| 679 | |||
| 663 | /* Ciphers supported */ | 680 | /* Ciphers supported */ |
| 664 | i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &p[2]); | 681 | i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &p[2]); |
| 665 | if (i == 0) { | 682 | if (i == 0) { |
| @@ -683,9 +700,9 @@ ssl3_client_hello(SSL *s) | |||
| 683 | goto err; | 700 | goto err; |
| 684 | } | 701 | } |
| 685 | 702 | ||
| 686 | s->state = SSL3_ST_CW_CLNT_HELLO_B; | ||
| 687 | |||
| 688 | ssl3_handshake_msg_finish(s, p - d); | 703 | ssl3_handshake_msg_finish(s, p - d); |
| 704 | |||
| 705 | s->state = SSL3_ST_CW_CLNT_HELLO_B; | ||
| 689 | } | 706 | } |
| 690 | 707 | ||
| 691 | /* SSL3_ST_CW_CLNT_HELLO_B */ | 708 | /* SSL3_ST_CW_CLNT_HELLO_B */ |
diff --git a/src/lib/libssl/src/ssl/d1_clnt.c b/src/lib/libssl/src/ssl/d1_clnt.c index b087535ce1..23d6b372c9 100644 --- a/src/lib/libssl/src/ssl/d1_clnt.c +++ b/src/lib/libssl/src/ssl/d1_clnt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: d1_clnt.c,v 1.47 2015/07/15 18:35:34 beck Exp $ */ | 1 | /* $OpenBSD: d1_clnt.c,v 1.48 2015/09/02 17:59:15 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * DTLS implementation written by Nagendra Modadugu | 3 | * DTLS implementation written by Nagendra Modadugu |
| 4 | * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. | 4 | * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. |
| @@ -263,7 +263,7 @@ dtls1_connect(SSL *s) | |||
| 263 | } | 263 | } |
| 264 | 264 | ||
| 265 | dtls1_start_timer(s); | 265 | dtls1_start_timer(s); |
| 266 | ret = dtls1_client_hello(s); | 266 | ret = ssl3_client_hello(s); |
| 267 | if (ret <= 0) | 267 | if (ret <= 0) |
| 268 | goto end; | 268 | goto end; |
| 269 | 269 | ||
| @@ -275,9 +275,10 @@ dtls1_connect(SSL *s) | |||
| 275 | 275 | ||
| 276 | s->init_num = 0; | 276 | s->init_num = 0; |
| 277 | 277 | ||
| 278 | /* turn on buffering for the next lot of output */ | 278 | /* turn on buffering for the next lot of output */ |
| 279 | if (s->bbio != s->wbio) | 279 | if (s->bbio != s->wbio) |
| 280 | s->wbio = BIO_push(s->bbio, s->wbio); | 280 | s->wbio = BIO_push(s->bbio, s->wbio); |
| 281 | |||
| 281 | break; | 282 | break; |
| 282 | 283 | ||
| 283 | case SSL3_ST_CR_SRVR_HELLO_A: | 284 | case SSL3_ST_CR_SRVR_HELLO_A: |
| @@ -603,100 +604,6 @@ end: | |||
| 603 | return (ret); | 604 | return (ret); |
| 604 | } | 605 | } |
| 605 | 606 | ||
| 606 | int | ||
| 607 | dtls1_client_hello(SSL *s) | ||
| 608 | { | ||
| 609 | unsigned char *bufend, *d, *p; | ||
| 610 | unsigned int i; | ||
| 611 | |||
| 612 | if (s->state == SSL3_ST_CW_CLNT_HELLO_A) { | ||
| 613 | SSL_SESSION *sess = s->session; | ||
| 614 | |||
| 615 | if ((s->session == NULL) || | ||
| 616 | (s->session->ssl_version != s->version) || | ||
| 617 | (!sess->session_id_length && !sess->tlsext_tick) || | ||
| 618 | (s->session->not_resumable)) { | ||
| 619 | if (!ssl_get_new_session(s, 0)) | ||
| 620 | goto err; | ||
| 621 | } | ||
| 622 | /* else use the pre-loaded session */ | ||
| 623 | |||
| 624 | p = s->s3->client_random; | ||
| 625 | |||
| 626 | /* if client_random is initialized, reuse it, we are | ||
| 627 | * required to use same upon reply to HelloVerify */ | ||
| 628 | for (i = 0; p[i]=='\0' && i < sizeof(s->s3->client_random); i++) | ||
| 629 | ; | ||
| 630 | if (i == sizeof(s->s3->client_random)) | ||
| 631 | arc4random_buf(p, sizeof(s->s3->client_random)); | ||
| 632 | |||
| 633 | d = p = ssl3_handshake_msg_start(s, SSL3_MT_CLIENT_HELLO); | ||
| 634 | |||
| 635 | *(p++) = s->version >> 8; | ||
| 636 | *(p++) = s->version&0xff; | ||
| 637 | s->client_version = s->version; | ||
| 638 | |||
| 639 | /* Random stuff */ | ||
| 640 | memcpy(p, s->s3->client_random, SSL3_RANDOM_SIZE); | ||
| 641 | p += SSL3_RANDOM_SIZE; | ||
| 642 | |||
| 643 | /* Session ID */ | ||
| 644 | if (s->new_session) | ||
| 645 | i = 0; | ||
| 646 | else | ||
| 647 | i = s->session->session_id_length; | ||
| 648 | *(p++) = i; | ||
| 649 | if (i != 0) { | ||
| 650 | if (i > sizeof s->session->session_id) { | ||
| 651 | SSLerr(SSL_F_DTLS1_CLIENT_HELLO, | ||
| 652 | ERR_R_INTERNAL_ERROR); | ||
| 653 | goto err; | ||
| 654 | } | ||
| 655 | memcpy(p, s->session->session_id, i); | ||
| 656 | p += i; | ||
| 657 | } | ||
| 658 | |||
| 659 | /* cookie stuff */ | ||
| 660 | if (s->d1->cookie_len > sizeof(s->d1->cookie)) { | ||
| 661 | SSLerr(SSL_F_DTLS1_CLIENT_HELLO, ERR_R_INTERNAL_ERROR); | ||
| 662 | goto err; | ||
| 663 | } | ||
| 664 | *(p++) = s->d1->cookie_len; | ||
| 665 | memcpy(p, s->d1->cookie, s->d1->cookie_len); | ||
| 666 | p += s->d1->cookie_len; | ||
| 667 | |||
| 668 | /* Ciphers supported */ | ||
| 669 | i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &p[2]); | ||
| 670 | if (i == 0) { | ||
| 671 | SSLerr(SSL_F_DTLS1_CLIENT_HELLO, | ||
| 672 | SSL_R_NO_CIPHERS_AVAILABLE); | ||
| 673 | goto err; | ||
| 674 | } | ||
| 675 | s2n(i, p); | ||
| 676 | p += i; | ||
| 677 | |||
| 678 | /* add in (no) COMPRESSION */ | ||
| 679 | *(p++) = 1; | ||
| 680 | *(p++) = 0; /* Add the NULL method */ | ||
| 681 | |||
| 682 | bufend = (unsigned char *)s->init_buf->data + | ||
| 683 | SSL3_RT_MAX_PLAIN_LENGTH; | ||
| 684 | if ((p = ssl_add_clienthello_tlsext(s, p, bufend)) == NULL) { | ||
| 685 | SSLerr(SSL_F_DTLS1_CLIENT_HELLO, ERR_R_INTERNAL_ERROR); | ||
| 686 | goto err; | ||
| 687 | } | ||
| 688 | |||
| 689 | ssl3_handshake_msg_finish(s, p - d); | ||
| 690 | |||
| 691 | s->state = SSL3_ST_CW_CLNT_HELLO_B; | ||
| 692 | } | ||
| 693 | |||
| 694 | /* SSL3_ST_CW_CLNT_HELLO_B */ | ||
| 695 | return (ssl3_handshake_write(s)); | ||
| 696 | err: | ||
| 697 | return (-1); | ||
| 698 | } | ||
| 699 | |||
| 700 | static int | 607 | static int |
| 701 | dtls1_get_hello_verify(SSL *s) | 608 | dtls1_get_hello_verify(SSL *s) |
| 702 | { | 609 | { |
diff --git a/src/lib/libssl/src/ssl/s3_clnt.c b/src/lib/libssl/src/ssl/s3_clnt.c index 5b9af06aa5..1d1a0c77f0 100644 --- a/src/lib/libssl/src/ssl/s3_clnt.c +++ b/src/lib/libssl/src/ssl/s3_clnt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_clnt.c,v 1.124 2015/09/01 13:38:27 jsing Exp $ */ | 1 | /* $OpenBSD: s3_clnt.c,v 1.125 2015/09/02 17:59:15 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -584,7 +584,6 @@ end: | |||
| 584 | return (ret); | 584 | return (ret); |
| 585 | } | 585 | } |
| 586 | 586 | ||
| 587 | |||
| 588 | int | 587 | int |
| 589 | ssl3_client_hello(SSL *s) | 588 | ssl3_client_hello(SSL *s) |
| 590 | { | 589 | { |
| @@ -603,7 +602,13 @@ ssl3_client_hello(SSL *s) | |||
| 603 | } | 602 | } |
| 604 | /* else use the pre-loaded session */ | 603 | /* else use the pre-loaded session */ |
| 605 | 604 | ||
| 606 | arc4random_buf(s->s3->client_random, SSL3_RANDOM_SIZE); | 605 | /* |
| 606 | * If a DTLS ClientHello message is being resent after a | ||
| 607 | * HelloVerifyRequest, we must retain the original client | ||
| 608 | * random value. | ||
| 609 | */ | ||
| 610 | if (!SSL_IS_DTLS(s) || s->d1->send_cookie == 0) | ||
| 611 | arc4random_buf(s->s3->client_random, SSL3_RANDOM_SIZE); | ||
| 607 | 612 | ||
| 608 | d = p = ssl3_handshake_msg_start(s, SSL3_MT_CLIENT_HELLO); | 613 | d = p = ssl3_handshake_msg_start(s, SSL3_MT_CLIENT_HELLO); |
| 609 | 614 | ||
| @@ -660,6 +665,18 @@ ssl3_client_hello(SSL *s) | |||
| 660 | p += i; | 665 | p += i; |
| 661 | } | 666 | } |
| 662 | 667 | ||
| 668 | /* DTLS Cookie. */ | ||
| 669 | if (SSL_IS_DTLS(s)) { | ||
| 670 | if (s->d1->cookie_len > sizeof(s->d1->cookie)) { | ||
| 671 | SSLerr(SSL_F_DTLS1_CLIENT_HELLO, | ||
| 672 | ERR_R_INTERNAL_ERROR); | ||
| 673 | goto err; | ||
| 674 | } | ||
| 675 | *(p++) = s->d1->cookie_len; | ||
| 676 | memcpy(p, s->d1->cookie, s->d1->cookie_len); | ||
| 677 | p += s->d1->cookie_len; | ||
| 678 | } | ||
| 679 | |||
| 663 | /* Ciphers supported */ | 680 | /* Ciphers supported */ |
| 664 | i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &p[2]); | 681 | i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &p[2]); |
| 665 | if (i == 0) { | 682 | if (i == 0) { |
| @@ -683,9 +700,9 @@ ssl3_client_hello(SSL *s) | |||
| 683 | goto err; | 700 | goto err; |
| 684 | } | 701 | } |
| 685 | 702 | ||
| 686 | s->state = SSL3_ST_CW_CLNT_HELLO_B; | ||
| 687 | |||
| 688 | ssl3_handshake_msg_finish(s, p - d); | 703 | ssl3_handshake_msg_finish(s, p - d); |
| 704 | |||
| 705 | s->state = SSL3_ST_CW_CLNT_HELLO_B; | ||
| 689 | } | 706 | } |
| 690 | 707 | ||
| 691 | /* SSL3_ST_CW_CLNT_HELLO_B */ | 708 | /* SSL3_ST_CW_CLNT_HELLO_B */ |
diff --git a/src/lib/libssl/src/ssl/ssl_locl.h b/src/lib/libssl/src/ssl/ssl_locl.h index b7853b24c8..8c8dec77b6 100644 --- a/src/lib/libssl/src/ssl/ssl_locl.h +++ b/src/lib/libssl/src/ssl/ssl_locl.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_locl.h,v 1.102 2015/09/01 13:38:27 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_locl.h,v 1.103 2015/09/02 17:59:15 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -729,7 +729,6 @@ int ssl3_check_cert_and_algorithm(SSL *s); | |||
| 729 | int ssl3_check_finished(SSL *s); | 729 | int ssl3_check_finished(SSL *s); |
| 730 | int ssl3_send_next_proto(SSL *s); | 730 | int ssl3_send_next_proto(SSL *s); |
| 731 | 731 | ||
| 732 | int dtls1_client_hello(SSL *s); | ||
| 733 | int dtls1_send_client_certificate(SSL *s); | 732 | int dtls1_send_client_certificate(SSL *s); |
| 734 | int dtls1_send_client_key_exchange(SSL *s); | 733 | int dtls1_send_client_key_exchange(SSL *s); |
| 735 | int dtls1_send_client_verify(SSL *s); | 734 | int dtls1_send_client_verify(SSL *s); |
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h index b7853b24c8..8c8dec77b6 100644 --- a/src/lib/libssl/ssl_locl.h +++ b/src/lib/libssl/ssl_locl.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_locl.h,v 1.102 2015/09/01 13:38:27 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_locl.h,v 1.103 2015/09/02 17:59:15 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -729,7 +729,6 @@ int ssl3_check_cert_and_algorithm(SSL *s); | |||
| 729 | int ssl3_check_finished(SSL *s); | 729 | int ssl3_check_finished(SSL *s); |
| 730 | int ssl3_send_next_proto(SSL *s); | 730 | int ssl3_send_next_proto(SSL *s); |
| 731 | 731 | ||
| 732 | int dtls1_client_hello(SSL *s); | ||
| 733 | int dtls1_send_client_certificate(SSL *s); | 732 | int dtls1_send_client_certificate(SSL *s); |
| 734 | int dtls1_send_client_key_exchange(SSL *s); | 733 | int dtls1_send_client_key_exchange(SSL *s); |
| 735 | int dtls1_send_client_verify(SSL *s); | 734 | int dtls1_send_client_verify(SSL *s); |