Hide all public symbols in libssl

With the guentherizer 9000 ok tb@
author: beck <> 2023-07-08 16:40:14 +0000
committer: beck <> 2023-07-08 16:40:14 +0000
commit: fce75ad52c1586db1ba9f44c6be85668e7d4a110 (patch)
tree: d94ae887e23f22265426a27314feb2539fbd467b /src/lib/libssl/ssl_ciph.c
parent: c15c3edb5607f3e03c47fdea19a5828ad6d9c477 (diff)
download: openbsd-fce75ad52c1586db1ba9f44c6be85668e7d4a110.tar.gz
openbsd-fce75ad52c1586db1ba9f44c6be85668e7d4a110.tar.bz2
openbsd-fce75ad52c1586db1ba9f44c6be85668e7d4a110.zip
1 files changed, 32 insertions, 7 deletions
diff --git a/src/lib/libssl/ssl_ciph.c b/src/lib/libssl/ssl_ciph.c
index a71c5042c7..b735cd7b30 100644
--- a/src/lib/libssl/ssl_ciph.c
+++ b/src/lib/libssl/ssl_ciph.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_ciph.c,v 1.135 2022/11/26 16:08:55 tb Exp $ */
+/* $OpenBSD: ssl_ciph.c,v 1.136 2023/07/08 16:40:13 beck Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -475,9 +475,11 @@ ssl_cipher_get_evp(const SSL_SESSION *ss, const EVP_CIPHER **enc,
        case SSL_CAMELLIA256:
                *enc = EVP_camellia_256_cbc();
                break;
+#ifndef OPENSSL_NO_GOST
        case SSL_eGOST2814789CNT:
                *enc = EVP_gost2814789_cnt();
                break;
+#endif
        }
        switch (ss->cipher->algorithm_mac) {
@@ -493,6 +495,7 @@ ssl_cipher_get_evp(const SSL_SESSION *ss, const EVP_CIPHER **enc,
        case SSL_SHA384:
                *md = EVP_sha384();
                break;
+#ifndef OPENSSL_NO_GOST
        case SSL_GOST89MAC:
                *md = EVP_gost2814789imit();
                break;
@@ -502,8 +505,8 @@ ssl_cipher_get_evp(const SSL_SESSION *ss, const EVP_CIPHER **enc,
        case SSL_STREEBOG256:
                *md = EVP_streebog256();
                break;
+#endif
        }
        if (*enc == NULL || *md == NULL)
                return 0;
@@ -515,15 +518,18 @@ ssl_cipher_get_evp(const SSL_SESSION *ss, const EVP_CIPHER **enc,
                return 0;
        if (EVP_CIPHER_mode(*enc) == EVP_CIPH_GCM_MODE)
                return 0;
+#ifndef OPENSSL_NO_GOST
+        /* XXX JFC. die in fire already */
        if (ss->cipher->algorithm_mac == SSL_GOST89MAC) {
                *mac_pkey_type = EVP_PKEY_GOSTIMIT;
                *mac_secret_size = 32; /* XXX */
        } else {
+#endif
                *mac_pkey_type = EVP_PKEY_HMAC;
                *mac_secret_size = EVP_MD_size(*md);
+#ifndef OPENSSL_NO_GOST
        }
+#endif
        return 1;
 }
@@ -578,18 +584,20 @@ ssl_get_handshake_evp_md(SSL *s, const EVP_MD **md)
        case SSL_HANDSHAKE_MAC_DEFAULT:
                *md = EVP_md5_sha1();
                return 1;
+#ifndef OPENSSL_NO_GOST
        case SSL_HANDSHAKE_MAC_GOST94:
                *md = EVP_gostr341194();
                return 1;
+        case SSL_HANDSHAKE_MAC_STREEBOG256:
+                *md = EVP_streebog256();
+                return 1;
+#endif
        case SSL_HANDSHAKE_MAC_SHA256:
                *md = EVP_sha256();
                return 1;
        case SSL_HANDSHAKE_MAC_SHA384:
                *md = EVP_sha384();
                return 1;
-        case SSL_HANDSHAKE_MAC_STREEBOG256:
-                *md = EVP_streebog256();
-                return 1;
        default:
                break;
        }
@@ -1406,12 +1414,14 @@ SSL_CIPHER_get_by_id(unsigned int id)
 {
        return ssl3_get_cipher_by_id(id);
 }
+LSSL_ALIAS(SSL_CIPHER_get_by_id);
 const SSL_CIPHER *
 SSL_CIPHER_get_by_value(uint16_t value)
 {
        return ssl3_get_cipher_by_value(value);
 }
+LSSL_ALIAS(SSL_CIPHER_get_by_value);
 char *
 SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
@@ -1565,6 +1575,7 @@ SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
        return (ret);
 }
+LSSL_ALIAS(SSL_CIPHER_description);
 const char *
 SSL_CIPHER_get_version(const SSL_CIPHER *c)
@@ -1576,6 +1587,7 @@ SSL_CIPHER_get_version(const SSL_CIPHER *c)
        else
                return("unknown");
 }
+LSSL_ALIAS(SSL_CIPHER_get_version);
 /* return the actual cipher being used */
 const char *
@@ -1585,6 +1597,7 @@ SSL_CIPHER_get_name(const SSL_CIPHER *c)
                return (c->name);
        return("(NONE)");
 }
+LSSL_ALIAS(SSL_CIPHER_get_name);
 /* number of bits for symmetric cipher */
 int
@@ -1599,18 +1612,21 @@ SSL_CIPHER_get_bits(const SSL_CIPHER *c, int *alg_bits)
        }
        return (ret);
 }
+LSSL_ALIAS(SSL_CIPHER_get_bits);
 unsigned long
 SSL_CIPHER_get_id(const SSL_CIPHER *c)
 {
        return c->id;
 }
+LSSL_ALIAS(SSL_CIPHER_get_id);
 uint16_t
 SSL_CIPHER_get_value(const SSL_CIPHER *c)
 {
        return ssl3_cipher_get_value(c);
 }
+LSSL_ALIAS(SSL_CIPHER_get_value);
 const SSL_CIPHER *
 SSL_CIPHER_find(SSL *ssl, const unsigned char *ptr)
@@ -1625,6 +1641,7 @@ SSL_CIPHER_find(SSL *ssl, const unsigned char *ptr)
        return ssl3_get_cipher_by_value(cipher_value);
 }
+LSSL_ALIAS(SSL_CIPHER_find);
 int
 SSL_CIPHER_get_cipher_nid(const SSL_CIPHER *c)
@@ -1658,6 +1675,7 @@ SSL_CIPHER_get_cipher_nid(const SSL_CIPHER *c)
                return NID_undef;
        }
 }
+LSSL_ALIAS(SSL_CIPHER_get_cipher_nid);
 int
 SSL_CIPHER_get_digest_nid(const SSL_CIPHER *c)
@@ -1683,6 +1701,7 @@ SSL_CIPHER_get_digest_nid(const SSL_CIPHER *c)
                return NID_undef;
        }
 }
+LSSL_ALIAS(SSL_CIPHER_get_digest_nid);
 int
 SSL_CIPHER_get_kx_nid(const SSL_CIPHER *c)
@@ -1700,6 +1719,7 @@ SSL_CIPHER_get_kx_nid(const SSL_CIPHER *c)
                return NID_undef;
        }
 }
+LSSL_ALIAS(SSL_CIPHER_get_kx_nid);
 int
 SSL_CIPHER_get_auth_nid(const SSL_CIPHER *c)
@@ -1717,27 +1737,32 @@ SSL_CIPHER_get_auth_nid(const SSL_CIPHER *c)
                return NID_undef;
        }
 }
+LSSL_ALIAS(SSL_CIPHER_get_auth_nid);
 int
 SSL_CIPHER_is_aead(const SSL_CIPHER *c)
 {
        return (c->algorithm_mac & SSL_AEAD) == SSL_AEAD;
 }
+LSSL_ALIAS(SSL_CIPHER_is_aead);
 void *
 SSL_COMP_get_compression_methods(void)
 {
        return NULL;
 }
+LSSL_ALIAS(SSL_COMP_get_compression_methods);
 int
 SSL_COMP_add_compression_method(int id, void *cm)
 {
        return 1;
 }
+LSSL_ALIAS(SSL_COMP_add_compression_method);
 const char *
 SSL_COMP_get_name(const void *comp)
 {
        return NULL;
 }
+LSSL_ALIAS(SSL_COMP_get_name);
author	beck <>	2023-07-08 16:40:14 +0000
committer	beck <>	2023-07-08 16:40:14 +0000
commit	fce75ad52c1586db1ba9f44c6be85668e7d4a110 (patch)
tree	d94ae887e23f22265426a27314feb2539fbd467b /src/lib/libssl/ssl_ciph.c
parent	c15c3edb5607f3e03c47fdea19a5828ad6d9c477 (diff)
download	openbsd-fce75ad52c1586db1ba9f44c6be85668e7d4a110.tar.gz openbsd-fce75ad52c1586db1ba9f44c6be85668e7d4a110.tar.bz2 openbsd-fce75ad52c1586db1ba9f44c6be85668e7d4a110.zip

diff --git a/src/lib/libssl/ssl_ciph.c b/src/lib/libssl/ssl_ciph.c index a71c5042c7..b735cd7b30 100644 --- a/src/lib/libssl/ssl_ciph.c +++ b/src/lib/libssl/ssl_ciph.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_ciph.c,v 1.135 2022/11/26 16:08:55 tb Exp $ */	1	/* $OpenBSD: ssl_ciph.c,v 1.136 2023/07/08 16:40:13 beck Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -475,9 +475,11 @@ ssl_cipher_get_evp(const SSL_SESSION ss, const EVP_CIPHER *enc,
475	case SSL_CAMELLIA256:	475	case SSL_CAMELLIA256:
476	*enc = EVP_camellia_256_cbc();	476	*enc = EVP_camellia_256_cbc();
477	break;	477	break;
		478	#ifndef OPENSSL_NO_GOST
478	case SSL_eGOST2814789CNT:	479	case SSL_eGOST2814789CNT:
479	*enc = EVP_gost2814789_cnt();	480	*enc = EVP_gost2814789_cnt();
480	break;	481	break;
		482	#endif
481	}	483	}
482		484
483	switch (ss->cipher->algorithm_mac) {	485	switch (ss->cipher->algorithm_mac) {
@@ -493,6 +495,7 @@ ssl_cipher_get_evp(const SSL_SESSION ss, const EVP_CIPHER *enc,
493	case SSL_SHA384:	495	case SSL_SHA384:
494	*md = EVP_sha384();	496	*md = EVP_sha384();
495	break;	497	break;
		498	#ifndef OPENSSL_NO_GOST
496	case SSL_GOST89MAC:	499	case SSL_GOST89MAC:
497	*md = EVP_gost2814789imit();	500	*md = EVP_gost2814789imit();
498	break;	501	break;
@@ -502,8 +505,8 @@ ssl_cipher_get_evp(const SSL_SESSION ss, const EVP_CIPHER *enc,
502	case SSL_STREEBOG256:	505	case SSL_STREEBOG256:
503	*md = EVP_streebog256();	506	*md = EVP_streebog256();
504	break;	507	break;
		508	#endif
505	}	509	}
506
507	if (enc == NULL \|\| md == NULL)	510	if (enc == NULL \|\| md == NULL)
508	return 0;	511	return 0;
509		512
@@ -515,15 +518,18 @@ ssl_cipher_get_evp(const SSL_SESSION ss, const EVP_CIPHER *enc,
515	return 0;	518	return 0;
516	if (EVP_CIPHER_mode(*enc) == EVP_CIPH_GCM_MODE)	519	if (EVP_CIPHER_mode(*enc) == EVP_CIPH_GCM_MODE)
517	return 0;	520	return 0;
518		521	#ifndef OPENSSL_NO_GOST
		522	/* XXX JFC. die in fire already */
519	if (ss->cipher->algorithm_mac == SSL_GOST89MAC) {	523	if (ss->cipher->algorithm_mac == SSL_GOST89MAC) {
520	*mac_pkey_type = EVP_PKEY_GOSTIMIT;	524	*mac_pkey_type = EVP_PKEY_GOSTIMIT;
521	mac_secret_size = 32; / XXX */	525	mac_secret_size = 32; / XXX */
522	} else {	526	} else {
		527	#endif
523	*mac_pkey_type = EVP_PKEY_HMAC;	528	*mac_pkey_type = EVP_PKEY_HMAC;
524	mac_secret_size = EVP_MD_size(md);	529	mac_secret_size = EVP_MD_size(md);
		530	#ifndef OPENSSL_NO_GOST
525	}	531	}
526		532	#endif
527	return 1;	533	return 1;
528	}	534	}
529		535
@@ -578,18 +584,20 @@ ssl_get_handshake_evp_md(SSL s, const EVP_MD *md)
578	case SSL_HANDSHAKE_MAC_DEFAULT:	584	case SSL_HANDSHAKE_MAC_DEFAULT:
579	*md = EVP_md5_sha1();	585	*md = EVP_md5_sha1();
580	return 1;	586	return 1;
		587	#ifndef OPENSSL_NO_GOST
581	case SSL_HANDSHAKE_MAC_GOST94:	588	case SSL_HANDSHAKE_MAC_GOST94:
582	*md = EVP_gostr341194();	589	*md = EVP_gostr341194();
583	return 1;	590	return 1;
		591	case SSL_HANDSHAKE_MAC_STREEBOG256:
		592	*md = EVP_streebog256();
		593	return 1;
		594	#endif
584	case SSL_HANDSHAKE_MAC_SHA256:	595	case SSL_HANDSHAKE_MAC_SHA256:
585	*md = EVP_sha256();	596	*md = EVP_sha256();
586	return 1;	597	return 1;
587	case SSL_HANDSHAKE_MAC_SHA384:	598	case SSL_HANDSHAKE_MAC_SHA384:
588	*md = EVP_sha384();	599	*md = EVP_sha384();
589	return 1;	600	return 1;
590	case SSL_HANDSHAKE_MAC_STREEBOG256:
591	*md = EVP_streebog256();
592	return 1;
593	default:	601	default:
594	break;	602	break;
595	}	603	}
@@ -1406,12 +1414,14 @@ SSL_CIPHER_get_by_id(unsigned int id)
1406	{	1414	{
1407	return ssl3_get_cipher_by_id(id);	1415	return ssl3_get_cipher_by_id(id);
1408	}	1416	}
		1417	LSSL_ALIAS(SSL_CIPHER_get_by_id);
1409		1418
1410	const SSL_CIPHER *	1419	const SSL_CIPHER *
1411	SSL_CIPHER_get_by_value(uint16_t value)	1420	SSL_CIPHER_get_by_value(uint16_t value)
1412	{	1421	{
1413	return ssl3_get_cipher_by_value(value);	1422	return ssl3_get_cipher_by_value(value);
1414	}	1423	}
		1424	LSSL_ALIAS(SSL_CIPHER_get_by_value);
1415		1425
1416	char *	1426	char *
1417	SSL_CIPHER_description(const SSL_CIPHER cipher, char buf, int len)	1427	SSL_CIPHER_description(const SSL_CIPHER cipher, char buf, int len)
@@ -1565,6 +1575,7 @@ SSL_CIPHER_description(const SSL_CIPHER cipher, char buf, int len)
1565		1575
1566	return (ret);	1576	return (ret);
1567	}	1577	}
		1578	LSSL_ALIAS(SSL_CIPHER_description);
1568		1579
1569	const char *	1580	const char *
1570	SSL_CIPHER_get_version(const SSL_CIPHER *c)	1581	SSL_CIPHER_get_version(const SSL_CIPHER *c)
@@ -1576,6 +1587,7 @@ SSL_CIPHER_get_version(const SSL_CIPHER *c)
1576	else	1587	else
1577	return("unknown");	1588	return("unknown");
1578	}	1589	}
		1590	LSSL_ALIAS(SSL_CIPHER_get_version);
1579		1591
1580	/* return the actual cipher being used */	1592	/* return the actual cipher being used */
1581	const char *	1593	const char *
@@ -1585,6 +1597,7 @@ SSL_CIPHER_get_name(const SSL_CIPHER *c)
1585	return (c->name);	1597	return (c->name);
1586	return("(NONE)");	1598	return("(NONE)");
1587	}	1599	}
		1600	LSSL_ALIAS(SSL_CIPHER_get_name);
1588		1601
1589	/* number of bits for symmetric cipher */	1602	/* number of bits for symmetric cipher */
1590	int	1603	int
@@ -1599,18 +1612,21 @@ SSL_CIPHER_get_bits(const SSL_CIPHER c, int alg_bits)
1599	}	1612	}
1600	return (ret);	1613	return (ret);
1601	}	1614	}
		1615	LSSL_ALIAS(SSL_CIPHER_get_bits);
1602		1616
1603	unsigned long	1617	unsigned long
1604	SSL_CIPHER_get_id(const SSL_CIPHER *c)	1618	SSL_CIPHER_get_id(const SSL_CIPHER *c)
1605	{	1619	{
1606	return c->id;	1620	return c->id;
1607	}	1621	}
		1622	LSSL_ALIAS(SSL_CIPHER_get_id);
1608		1623
1609	uint16_t	1624	uint16_t
1610	SSL_CIPHER_get_value(const SSL_CIPHER *c)	1625	SSL_CIPHER_get_value(const SSL_CIPHER *c)
1611	{	1626	{
1612	return ssl3_cipher_get_value(c);	1627	return ssl3_cipher_get_value(c);
1613	}	1628	}
		1629	LSSL_ALIAS(SSL_CIPHER_get_value);
1614		1630
1615	const SSL_CIPHER *	1631	const SSL_CIPHER *
1616	SSL_CIPHER_find(SSL ssl, const unsigned char ptr)	1632	SSL_CIPHER_find(SSL ssl, const unsigned char ptr)
@@ -1625,6 +1641,7 @@ SSL_CIPHER_find(SSL ssl, const unsigned char ptr)
1625		1641
1626	return ssl3_get_cipher_by_value(cipher_value);	1642	return ssl3_get_cipher_by_value(cipher_value);
1627	}	1643	}
		1644	LSSL_ALIAS(SSL_CIPHER_find);
1628		1645
1629	int	1646	int
1630	SSL_CIPHER_get_cipher_nid(const SSL_CIPHER *c)	1647	SSL_CIPHER_get_cipher_nid(const SSL_CIPHER *c)
@@ -1658,6 +1675,7 @@ SSL_CIPHER_get_cipher_nid(const SSL_CIPHER *c)
1658	return NID_undef;	1675	return NID_undef;
1659	}	1676	}
1660	}	1677	}
		1678	LSSL_ALIAS(SSL_CIPHER_get_cipher_nid);
1661		1679
1662	int	1680	int
1663	SSL_CIPHER_get_digest_nid(const SSL_CIPHER *c)	1681	SSL_CIPHER_get_digest_nid(const SSL_CIPHER *c)
@@ -1683,6 +1701,7 @@ SSL_CIPHER_get_digest_nid(const SSL_CIPHER *c)
1683	return NID_undef;	1701	return NID_undef;
1684	}	1702	}
1685	}	1703	}
		1704	LSSL_ALIAS(SSL_CIPHER_get_digest_nid);
1686		1705
1687	int	1706	int
1688	SSL_CIPHER_get_kx_nid(const SSL_CIPHER *c)	1707	SSL_CIPHER_get_kx_nid(const SSL_CIPHER *c)
@@ -1700,6 +1719,7 @@ SSL_CIPHER_get_kx_nid(const SSL_CIPHER *c)
1700	return NID_undef;	1719	return NID_undef;
1701	}	1720	}
1702	}	1721	}
		1722	LSSL_ALIAS(SSL_CIPHER_get_kx_nid);
1703		1723
1704	int	1724	int
1705	SSL_CIPHER_get_auth_nid(const SSL_CIPHER *c)	1725	SSL_CIPHER_get_auth_nid(const SSL_CIPHER *c)
@@ -1717,27 +1737,32 @@ SSL_CIPHER_get_auth_nid(const SSL_CIPHER *c)
1717	return NID_undef;	1737	return NID_undef;
1718	}	1738	}
1719	}	1739	}
		1740	LSSL_ALIAS(SSL_CIPHER_get_auth_nid);
1720		1741
1721	int	1742	int
1722	SSL_CIPHER_is_aead(const SSL_CIPHER *c)	1743	SSL_CIPHER_is_aead(const SSL_CIPHER *c)
1723	{	1744	{
1724	return (c->algorithm_mac & SSL_AEAD) == SSL_AEAD;	1745	return (c->algorithm_mac & SSL_AEAD) == SSL_AEAD;
1725	}	1746	}
		1747	LSSL_ALIAS(SSL_CIPHER_is_aead);
1726		1748
1727	void *	1749	void *
1728	SSL_COMP_get_compression_methods(void)	1750	SSL_COMP_get_compression_methods(void)
1729	{	1751	{
1730	return NULL;	1752	return NULL;
1731	}	1753	}
		1754	LSSL_ALIAS(SSL_COMP_get_compression_methods);
1732		1755
1733	int	1756	int
1734	SSL_COMP_add_compression_method(int id, void *cm)	1757	SSL_COMP_add_compression_method(int id, void *cm)
1735	{	1758	{
1736	return 1;	1759	return 1;
1737	}	1760	}
		1761	LSSL_ALIAS(SSL_COMP_add_compression_method);
1738		1762
1739	const char *	1763	const char *
1740	SSL_COMP_get_name(const void *comp)	1764	SSL_COMP_get_name(const void *comp)
1741	{	1765	{
1742	return NULL;	1766	return NULL;
1743	}	1767	}
		1768	LSSL_ALIAS(SSL_COMP_get_name);