diff options
| author | jsing <> | 2020-10-07 08:43:34 +0000 |
|---|---|---|
| committer | jsing <> | 2020-10-07 08:43:34 +0000 |
| commit | eaae66413ad2b6a728338460fadaf9b311f4e851 (patch) | |
| tree | a4dafa9c14aa253f898d3d6a2d8ad7c9d88b0ee1 | |
| parent | db49c1b46248450826f76c7d1a09328b0768d673 (diff) | |
| download | openbsd-eaae66413ad2b6a728338460fadaf9b311f4e851.tar.gz openbsd-eaae66413ad2b6a728338460fadaf9b311f4e851.tar.bz2 openbsd-eaae66413ad2b6a728338460fadaf9b311f4e851.zip | |
Mop up various things that are now unused with the new record layer.
ok inoguchi@ tb@
| -rw-r--r-- | src/lib/libssl/ssl_locl.h | 15 | ||||
| -rw-r--r-- | src/lib/libssl/t1_enc.c | 15 | ||||
| -rw-r--r-- | src/lib/libssl/t1_lib.c | 8 |
3 files changed, 6 insertions, 32 deletions
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h index 41b3c02724..b207dc65e9 100644 --- a/src/lib/libssl/ssl_locl.h +++ b/src/lib/libssl/ssl_locl.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_locl.h,v 1.298 2020/10/03 18:01:55 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_locl.h,v 1.299 2020/10/07 08:43:34 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -317,10 +317,6 @@ __BEGIN_HIDDEN_DECLS | |||
| 317 | #define SSL_IS_DTLS(s) \ | 317 | #define SSL_IS_DTLS(s) \ |
| 318 | (s->method->internal->version == DTLS1_VERSION) | 318 | (s->method->internal->version == DTLS1_VERSION) |
| 319 | 319 | ||
| 320 | /* See if we need explicit IV. */ | ||
| 321 | #define SSL_USE_EXPLICIT_IV(s) \ | ||
| 322 | (s->method->internal->ssl3_enc->enc_flags & SSL_ENC_FLAG_EXPLICIT_IV) | ||
| 323 | |||
| 324 | /* See if we use signature algorithms extension. */ | 320 | /* See if we use signature algorithms extension. */ |
| 325 | #define SSL_USE_SIGALGS(s) \ | 321 | #define SSL_USE_SIGALGS(s) \ |
| 326 | (s->method->internal->ssl3_enc->enc_flags & SSL_ENC_FLAG_SIGALGS) | 322 | (s->method->internal->ssl3_enc->enc_flags & SSL_ENC_FLAG_SIGALGS) |
| @@ -751,10 +747,6 @@ typedef struct ssl_internal_st { | |||
| 751 | 747 | ||
| 752 | STACK_OF(SSL_CIPHER) *cipher_list_tls13; | 748 | STACK_OF(SSL_CIPHER) *cipher_list_tls13; |
| 753 | 749 | ||
| 754 | /* These are the ones being used, the ones in SSL_SESSION are | ||
| 755 | * the ones to be 'copied' into these ones */ | ||
| 756 | int mac_flags; | ||
| 757 | |||
| 758 | SSL_AEAD_CTX *aead_read_ctx; /* AEAD context. If non-NULL, then | 750 | SSL_AEAD_CTX *aead_read_ctx; /* AEAD context. If non-NULL, then |
| 759 | enc_read_ctx and read_hash are | 751 | enc_read_ctx and read_hash are |
| 760 | ignored. */ | 752 | ignored. */ |
| @@ -842,8 +834,6 @@ typedef struct ssl3_state_internal_st { | |||
| 842 | int read_mac_secret_size; | 834 | int read_mac_secret_size; |
| 843 | unsigned char read_mac_secret[EVP_MAX_MD_SIZE]; | 835 | unsigned char read_mac_secret[EVP_MAX_MD_SIZE]; |
| 844 | unsigned char write_sequence[SSL3_SEQUENCE_SIZE]; | 836 | unsigned char write_sequence[SSL3_SEQUENCE_SIZE]; |
| 845 | int write_mac_secret_size; | ||
| 846 | unsigned char write_mac_secret[EVP_MAX_MD_SIZE]; | ||
| 847 | 837 | ||
| 848 | SSL3_BUFFER_INTERNAL rbuf; /* read IO goes into here */ | 838 | SSL3_BUFFER_INTERNAL rbuf; /* read IO goes into here */ |
| 849 | SSL3_BUFFER_INTERNAL wbuf; /* write IO goes into here */ | 839 | SSL3_BUFFER_INTERNAL wbuf; /* write IO goes into here */ |
| @@ -1081,9 +1071,6 @@ typedef struct ssl3_enc_method { | |||
| 1081 | * Flag values for enc_flags. | 1071 | * Flag values for enc_flags. |
| 1082 | */ | 1072 | */ |
| 1083 | 1073 | ||
| 1084 | /* Uses explicit IV. */ | ||
| 1085 | #define SSL_ENC_FLAG_EXPLICIT_IV (1 << 0) | ||
| 1086 | |||
| 1087 | /* Uses signature algorithms extension. */ | 1074 | /* Uses signature algorithms extension. */ |
| 1088 | #define SSL_ENC_FLAG_SIGALGS (1 << 1) | 1075 | #define SSL_ENC_FLAG_SIGALGS (1 << 1) |
| 1089 | 1076 | ||
diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c index 7a71a08434..debbf286f6 100644 --- a/src/lib/libssl/t1_enc.c +++ b/src/lib/libssl/t1_enc.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: t1_enc.c,v 1.124 2020/10/03 17:35:16 jsing Exp $ */ | 1 | /* $OpenBSD: t1_enc.c,v 1.125 2020/10/07 08:43:34 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -423,11 +423,6 @@ tls1_change_cipher_state_cipher(SSL *s, char is_read, | |||
| 423 | stream_mac = S3I(s)->hs.new_cipher->algorithm2 & TLS1_STREAM_MAC; | 423 | stream_mac = S3I(s)->hs.new_cipher->algorithm2 & TLS1_STREAM_MAC; |
| 424 | 424 | ||
| 425 | if (is_read) { | 425 | if (is_read) { |
| 426 | if (stream_mac) | ||
| 427 | s->internal->mac_flags |= SSL_MAC_FLAG_READ_MAC_STREAM; | ||
| 428 | else | ||
| 429 | s->internal->mac_flags &= ~SSL_MAC_FLAG_READ_MAC_STREAM; | ||
| 430 | |||
| 431 | ssl_clear_cipher_read_state(s); | 426 | ssl_clear_cipher_read_state(s); |
| 432 | 427 | ||
| 433 | if ((cipher_ctx = EVP_CIPHER_CTX_new()) == NULL) | 428 | if ((cipher_ctx = EVP_CIPHER_CTX_new()) == NULL) |
| @@ -445,11 +440,6 @@ tls1_change_cipher_state_cipher(SSL *s, char is_read, | |||
| 445 | S3I(s)->read_mac_secret, mac_secret_size)) | 440 | S3I(s)->read_mac_secret, mac_secret_size)) |
| 446 | goto err; | 441 | goto err; |
| 447 | } else { | 442 | } else { |
| 448 | if (stream_mac) | ||
| 449 | s->internal->mac_flags |= SSL_MAC_FLAG_WRITE_MAC_STREAM; | ||
| 450 | else | ||
| 451 | s->internal->mac_flags &= ~SSL_MAC_FLAG_WRITE_MAC_STREAM; | ||
| 452 | |||
| 453 | /* | 443 | /* |
| 454 | * DTLS fragments retain a pointer to the compression, cipher | 444 | * DTLS fragments retain a pointer to the compression, cipher |
| 455 | * and hash contexts, so that it can restore state in order | 445 | * and hash contexts, so that it can restore state in order |
| @@ -581,9 +571,6 @@ tls1_change_cipher_state(SSL *s, int which) | |||
| 581 | if (is_read) { | 571 | if (is_read) { |
| 582 | memcpy(S3I(s)->read_mac_secret, mac_secret, mac_secret_size); | 572 | memcpy(S3I(s)->read_mac_secret, mac_secret, mac_secret_size); |
| 583 | S3I(s)->read_mac_secret_size = mac_secret_size; | 573 | S3I(s)->read_mac_secret_size = mac_secret_size; |
| 584 | } else { | ||
| 585 | memcpy(S3I(s)->write_mac_secret, mac_secret, mac_secret_size); | ||
| 586 | S3I(s)->write_mac_secret_size = mac_secret_size; | ||
| 587 | } | 574 | } |
| 588 | 575 | ||
| 589 | if (aead != NULL) { | 576 | if (aead != NULL) { |
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c index f091dd001b..5635c8ff43 100644 --- a/src/lib/libssl/t1_lib.c +++ b/src/lib/libssl/t1_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: t1_lib.c,v 1.176 2020/09/12 17:25:11 tb Exp $ */ | 1 | /* $OpenBSD: t1_lib.c,v 1.177 2020/10/07 08:43:34 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -130,12 +130,12 @@ SSL3_ENC_METHOD TLSv1_enc_data = { | |||
| 130 | }; | 130 | }; |
| 131 | 131 | ||
| 132 | SSL3_ENC_METHOD TLSv1_1_enc_data = { | 132 | SSL3_ENC_METHOD TLSv1_1_enc_data = { |
| 133 | .enc_flags = SSL_ENC_FLAG_EXPLICIT_IV, | 133 | .enc_flags = 0, |
| 134 | }; | 134 | }; |
| 135 | 135 | ||
| 136 | SSL3_ENC_METHOD TLSv1_2_enc_data = { | 136 | SSL3_ENC_METHOD TLSv1_2_enc_data = { |
| 137 | .enc_flags = SSL_ENC_FLAG_EXPLICIT_IV|SSL_ENC_FLAG_SIGALGS| | 137 | .enc_flags = SSL_ENC_FLAG_SIGALGS|SSL_ENC_FLAG_SHA256_PRF| |
| 138 | SSL_ENC_FLAG_SHA256_PRF|SSL_ENC_FLAG_TLS1_2_CIPHERS, | 138 | SSL_ENC_FLAG_TLS1_2_CIPHERS, |
| 139 | }; | 139 | }; |
| 140 | 140 | ||
| 141 | int | 141 | int |