Make more of libssl's record layer state internal.

In January 2017, we changed large amounts of libssl's data structures to be non-visible/internal, however intentionally left things that the software ecosystem was needing to use. The four or so applications that reached into libssl for record layer related state now implement alternative code. As such, make these data structures internal. ok tb@
author: jsing <> 2018-10-24 18:04:50 +0000
committer: jsing <> 2018-10-24 18:04:50 +0000
commit: d7e0aa4b59fc46f038370bf8dc64821eb4a7d804 (patch)
tree: ce8dad95e6021ab405b0ec175b26682e47bea424 /src/lib/libssl/s3_lib.c
parent: c988048231bcb1d2abd6613e83760d63c461a080 (diff)
download: openbsd-d7e0aa4b59fc46f038370bf8dc64821eb4a7d804.tar.gz
openbsd-d7e0aa4b59fc46f038370bf8dc64821eb4a7d804.tar.bz2
openbsd-d7e0aa4b59fc46f038370bf8dc64821eb4a7d804.zip
1 files changed, 14 insertions, 14 deletions
diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c
index 02e6c66a47..6fcbbfc2c5 100644
--- a/src/lib/libssl/s3_lib.c
+++ b/src/lib/libssl/s3_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_lib.c,v 1.170 2018/09/06 16:40:45 jsing Exp $ */
+/* $OpenBSD: s3_lib.c,v 1.171 2018/10/24 18:04:50 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -1543,10 +1543,10 @@ ssl3_clear(SSL *s)
        freezero(S3I(s)->tmp.x25519, X25519_KEY_LENGTH);
        S3I(s)->tmp.x25519 = NULL;
-        rp = s->s3->rbuf.buf;
+        rp = S3I(s)->rbuf.buf;
-        wp = s->s3->wbuf.buf;
+        wp = S3I(s)->wbuf.buf;
-        rlen = s->s3->rbuf.len;
+        rlen = S3I(s)->rbuf.len;
-        wlen = s->s3->wbuf.len;
+        wlen = S3I(s)->wbuf.len;
        BIO_free(S3I(s)->handshake_buffer);
        S3I(s)->handshake_buffer = NULL;
@@ -1561,10 +1561,10 @@ ssl3_clear(SSL *s)
        memset(s->s3, 0, sizeof(*s->s3));
        S3I(s) = internal;
-        s->s3->rbuf.buf = rp;
+        S3I(s)->rbuf.buf = rp;
-        s->s3->wbuf.buf = wp;
+        S3I(s)->wbuf.buf = wp;
-        s->s3->rbuf.len = rlen;
+        S3I(s)->rbuf.len = rlen;
-        s->s3->wbuf.len = wlen;
+        S3I(s)->wbuf.len = wlen;
        ssl_free_wbio_buffer(s);
@@ -2406,11 +2406,11 @@ ssl3_shutdown(SSL *s)
                ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_CLOSE_NOTIFY);
                /*
                 * Our shutdown alert has been sent now, and if it still needs
-                 * to be written, s->s3->alert_dispatch will be true
+                 * to be written, S3I(s)->alert_dispatch will be true
                 */
-                if (s->s3->alert_dispatch)
+                if (S3I(s)->alert_dispatch)
                        return(-1);     /* return WANT_WRITE */
-        } else if (s->s3->alert_dispatch) {
+        } else if (S3I(s)->alert_dispatch) {
                /* resend it if not sent */
                ret = s->method->ssl_dispatch_alert(s);
                if (ret == -1) {
@@ -2431,7 +2431,7 @@ ssl3_shutdown(SSL *s)
        }
        if ((s->internal->shutdown == (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN)) &&
-            !s->s3->alert_dispatch)
+            !S3I(s)->alert_dispatch)
                return (1);
        else
                return (0);
@@ -2509,7 +2509,7 @@ ssl3_renegotiate_check(SSL *s)
        int     ret = 0;
        if (S3I(s)->renegotiate) {
-                if ((s->s3->rbuf.left == 0) && (s->s3->wbuf.left == 0) &&
+                if ((S3I(s)->rbuf.left == 0) && (S3I(s)->wbuf.left == 0) &&
                    !SSL_in_init(s)) {
                        /*
                         * If we are the server, and we have sent
author	jsing <>	2018-10-24 18:04:50 +0000
committer	jsing <>	2018-10-24 18:04:50 +0000
commit	d7e0aa4b59fc46f038370bf8dc64821eb4a7d804 (patch)
tree	ce8dad95e6021ab405b0ec175b26682e47bea424 /src/lib/libssl/s3_lib.c
parent	c988048231bcb1d2abd6613e83760d63c461a080 (diff)
download	openbsd-d7e0aa4b59fc46f038370bf8dc64821eb4a7d804.tar.gz openbsd-d7e0aa4b59fc46f038370bf8dc64821eb4a7d804.tar.bz2 openbsd-d7e0aa4b59fc46f038370bf8dc64821eb4a7d804.zip

diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c index 02e6c66a47..6fcbbfc2c5 100644 --- a/src/lib/libssl/s3_lib.c +++ b/src/lib/libssl/s3_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: s3_lib.c,v 1.170 2018/09/06 16:40:45 jsing Exp $ */	1	/* $OpenBSD: s3_lib.c,v 1.171 2018/10/24 18:04:50 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -1543,10 +1543,10 @@ ssl3_clear(SSL *s)
1543	freezero(S3I(s)->tmp.x25519, X25519_KEY_LENGTH);	1543	freezero(S3I(s)->tmp.x25519, X25519_KEY_LENGTH);
1544	S3I(s)->tmp.x25519 = NULL;	1544	S3I(s)->tmp.x25519 = NULL;
1545		1545
1546	rp = s->s3->rbuf.buf;	1546	rp = S3I(s)->rbuf.buf;
1547	wp = s->s3->wbuf.buf;	1547	wp = S3I(s)->wbuf.buf;
1548	rlen = s->s3->rbuf.len;	1548	rlen = S3I(s)->rbuf.len;
1549	wlen = s->s3->wbuf.len;	1549	wlen = S3I(s)->wbuf.len;
1550		1550
1551	BIO_free(S3I(s)->handshake_buffer);	1551	BIO_free(S3I(s)->handshake_buffer);
1552	S3I(s)->handshake_buffer = NULL;	1552	S3I(s)->handshake_buffer = NULL;
@@ -1561,10 +1561,10 @@ ssl3_clear(SSL *s)
1561	memset(s->s3, 0, sizeof(*s->s3));	1561	memset(s->s3, 0, sizeof(*s->s3));
1562	S3I(s) = internal;	1562	S3I(s) = internal;
1563		1563
1564	s->s3->rbuf.buf = rp;	1564	S3I(s)->rbuf.buf = rp;
1565	s->s3->wbuf.buf = wp;	1565	S3I(s)->wbuf.buf = wp;
1566	s->s3->rbuf.len = rlen;	1566	S3I(s)->rbuf.len = rlen;
1567	s->s3->wbuf.len = wlen;	1567	S3I(s)->wbuf.len = wlen;
1568		1568
1569	ssl_free_wbio_buffer(s);	1569	ssl_free_wbio_buffer(s);
1570		1570
@@ -2406,11 +2406,11 @@ ssl3_shutdown(SSL *s)
2406	ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_CLOSE_NOTIFY);	2406	ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_CLOSE_NOTIFY);
2407	/*	2407	/*
2408	* Our shutdown alert has been sent now, and if it still needs	2408	* Our shutdown alert has been sent now, and if it still needs
2409	* to be written, s->s3->alert_dispatch will be true	2409	* to be written, S3I(s)->alert_dispatch will be true
2410	*/	2410	*/
2411	if (s->s3->alert_dispatch)	2411	if (S3I(s)->alert_dispatch)
2412	return(-1); /* return WANT_WRITE */	2412	return(-1); /* return WANT_WRITE */
2413	} else if (s->s3->alert_dispatch) {	2413	} else if (S3I(s)->alert_dispatch) {
2414	/* resend it if not sent */	2414	/* resend it if not sent */
2415	ret = s->method->ssl_dispatch_alert(s);	2415	ret = s->method->ssl_dispatch_alert(s);
2416	if (ret == -1) {	2416	if (ret == -1) {
@@ -2431,7 +2431,7 @@ ssl3_shutdown(SSL *s)
2431	}	2431	}
2432		2432
2433	if ((s->internal->shutdown == (SSL_SENT_SHUTDOWN\|SSL_RECEIVED_SHUTDOWN)) &&	2433	if ((s->internal->shutdown == (SSL_SENT_SHUTDOWN\|SSL_RECEIVED_SHUTDOWN)) &&
2434	!s->s3->alert_dispatch)	2434	!S3I(s)->alert_dispatch)
2435	return (1);	2435	return (1);
2436	else	2436	else
2437	return (0);	2437	return (0);
@@ -2509,7 +2509,7 @@ ssl3_renegotiate_check(SSL *s)
2509	int ret = 0;	2509	int ret = 0;
2510		2510
2511	if (S3I(s)->renegotiate) {	2511	if (S3I(s)->renegotiate) {
2512	if ((s->s3->rbuf.left == 0) && (s->s3->wbuf.left == 0) &&	2512	if ((S3I(s)->rbuf.left == 0) && (S3I(s)->wbuf.left == 0) &&
2513	!SSL_in_init(s)) {	2513	!SSL_in_init(s)) {
2514	/*	2514	/*
2515	* If we are the server, and we have sent	2515	* If we are the server, and we have sent