Split most of SSL_METHOD out into an internal variant, which is opaque.

Discussed with beck@
author: jsing <> 2017-01-23 13:36:13 +0000
committer: jsing <> 2017-01-23 13:36:13 +0000
commit: 4ae6fa4e9b3c20e6347b1b4ad62b1051ed5d7630 (patch)
tree: 84ee9c4c985fe1078df40f818b7697846dba1c18 /src/lib/libssl/d1_pkt.c
parent: d997e8b2da4774b32b9a1e6368bb19aca5bf82c2 (diff)
download: openbsd-4ae6fa4e9b3c20e6347b1b4ad62b1051ed5d7630.tar.gz
openbsd-4ae6fa4e9b3c20e6347b1b4ad62b1051ed5d7630.tar.bz2
openbsd-4ae6fa4e9b3c20e6347b1b4ad62b1051ed5d7630.zip
1 files changed, 5 insertions, 5 deletions
diff --git a/src/lib/libssl/d1_pkt.c b/src/lib/libssl/d1_pkt.c
index 1dba3d0c4d..c64aa8f106 100644
--- a/src/lib/libssl/d1_pkt.c
+++ b/src/lib/libssl/d1_pkt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_pkt.c,v 1.56 2017/01/23 08:48:44 beck Exp $ */
+/* $OpenBSD: d1_pkt.c,v 1.57 2017/01/23 13:36:13 jsing Exp $ */
 /*
 * DTLS implementation written by Nagendra Modadugu
 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -361,7 +361,7 @@ dtls1_process_record(SSL *s)
        /* decrypt in place in 'rr->input' */
        rr->data = rr->input;
-        enc_err = s->method->ssl3_enc->enc(s, 0);
+        enc_err = s->method->internal->ssl3_enc->enc(s, 0);
        /* enc_err is:
         *    0: (in non-constant time) if the record is publically invalid.
         *    1: if the padding is valid
@@ -417,7 +417,7 @@ dtls1_process_record(SSL *s)
                        mac = &rr->data[rr->length];
                }
-                i = s->method->ssl3_enc->mac(s, md, 0 /* not send */);
+                i = s->method->internal->ssl3_enc->mac(s, md, 0 /* not send */);
                if (i < 0 || mac == NULL || timingsafe_memcmp(md, mac, (size_t)mac_size) != 0)
                        enc_err = -1;
                if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH + mac_size)
@@ -1279,7 +1279,7 @@ do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len)
         * wr->data still points in the wb->buf */
        if (mac_size != 0) {
-                if (s->method->ssl3_enc->mac(s, &(p[wr->length + bs]), 1) < 0)
+                if (s->method->internal->ssl3_enc->mac(s, &(p[wr->length + bs]), 1) < 0)
                        goto err;
                wr->length += mac_size;
        }
@@ -1298,7 +1298,7 @@ do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len)
                wr->length += bs;
        }
-        s->method->ssl3_enc->enc(s, 1);
+        s->method->internal->ssl3_enc->enc(s, 1);
        /* record length after mac and block padding */
 /*      if (type == SSL3_RT_APPLICATION_DATA ||
author	jsing <>	2017-01-23 13:36:13 +0000
committer	jsing <>	2017-01-23 13:36:13 +0000
commit	4ae6fa4e9b3c20e6347b1b4ad62b1051ed5d7630 (patch)
tree	84ee9c4c985fe1078df40f818b7697846dba1c18 /src/lib/libssl/d1_pkt.c
parent	d997e8b2da4774b32b9a1e6368bb19aca5bf82c2 (diff)
download	openbsd-4ae6fa4e9b3c20e6347b1b4ad62b1051ed5d7630.tar.gz openbsd-4ae6fa4e9b3c20e6347b1b4ad62b1051ed5d7630.tar.bz2 openbsd-4ae6fa4e9b3c20e6347b1b4ad62b1051ed5d7630.zip

diff --git a/src/lib/libssl/d1_pkt.c b/src/lib/libssl/d1_pkt.c index 1dba3d0c4d..c64aa8f106 100644 --- a/src/lib/libssl/d1_pkt.c +++ b/src/lib/libssl/d1_pkt.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: d1_pkt.c,v 1.56 2017/01/23 08:48:44 beck Exp $ */	1	/* $OpenBSD: d1_pkt.c,v 1.57 2017/01/23 13:36:13 jsing Exp $ */
2	/*	2	/*
3	* DTLS implementation written by Nagendra Modadugu	3	* DTLS implementation written by Nagendra Modadugu
4	* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.	4	* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -361,7 +361,7 @@ dtls1_process_record(SSL *s)
361	/* decrypt in place in 'rr->input' */	361	/* decrypt in place in 'rr->input' */
362	rr->data = rr->input;	362	rr->data = rr->input;
363		363
364	enc_err = s->method->ssl3_enc->enc(s, 0);	364	enc_err = s->method->internal->ssl3_enc->enc(s, 0);
365	/* enc_err is:	365	/* enc_err is:
366	* 0: (in non-constant time) if the record is publically invalid.	366	* 0: (in non-constant time) if the record is publically invalid.
367	* 1: if the padding is valid	367	* 1: if the padding is valid
@@ -417,7 +417,7 @@ dtls1_process_record(SSL *s)
417	mac = &rr->data[rr->length];	417	mac = &rr->data[rr->length];
418	}	418	}
419		419
420	i = s->method->ssl3_enc->mac(s, md, 0 /* not send */);	420	i = s->method->internal->ssl3_enc->mac(s, md, 0 /* not send */);
421	if (i < 0 \|\| mac == NULL \|\| timingsafe_memcmp(md, mac, (size_t)mac_size) != 0)	421	if (i < 0 \|\| mac == NULL \|\| timingsafe_memcmp(md, mac, (size_t)mac_size) != 0)
422	enc_err = -1;	422	enc_err = -1;
423	if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH + mac_size)	423	if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH + mac_size)
@@ -1279,7 +1279,7 @@ do_dtls1_write(SSL s, int type, const unsigned char buf, unsigned int len)
1279	* wr->data still points in the wb->buf */	1279	* wr->data still points in the wb->buf */
1280		1280
1281	if (mac_size != 0) {	1281	if (mac_size != 0) {
1282	if (s->method->ssl3_enc->mac(s, &(p[wr->length + bs]), 1) < 0)	1282	if (s->method->internal->ssl3_enc->mac(s, &(p[wr->length + bs]), 1) < 0)
1283	goto err;	1283	goto err;
1284	wr->length += mac_size;	1284	wr->length += mac_size;
1285	}	1285	}
@@ -1298,7 +1298,7 @@ do_dtls1_write(SSL s, int type, const unsigned char buf, unsigned int len)
1298	wr->length += bs;	1298	wr->length += bs;
1299	}	1299	}
1300		1300
1301	s->method->ssl3_enc->enc(s, 1);	1301	s->method->internal->ssl3_enc->enc(s, 1);
1302		1302
1303	/* record length after mac and block padding */	1303	/* record length after mac and block padding */
1304	/* if (type == SSL3_RT_APPLICATION_DATA \|\|	1304	/* if (type == SSL3_RT_APPLICATION_DATA \|\|