diff options
| author | jsing <> | 2022-02-05 14:54:10 +0000 |
|---|---|---|
| committer | jsing <> | 2022-02-05 14:54:10 +0000 |
| commit | a463011117e88ea3125fb580b8c6c60d68722651 (patch) | |
| tree | da7fe094101bf3711667cf1650e3c6f57a50e2ff /src/lib/libssl/ssl_lib.c | |
| parent | 54b37ce29213d429a1f20782418b17863e8b4b9b (diff) | |
| download | openbsd-a463011117e88ea3125fb580b8c6c60d68722651.tar.gz openbsd-a463011117e88ea3125fb580b8c6c60d68722651.tar.bz2 openbsd-a463011117e88ea3125fb580b8c6c60d68722651.zip | |
Bye bye S3I.
S3I has served us well, however now that libssl is fully opaque it is time
to say goodbye. Aside from removing the calloc/free/memset, the rest is
mechanical sed.
ok inoguchi@ tb@
Diffstat (limited to 'src/lib/libssl/ssl_lib.c')
| -rw-r--r-- | src/lib/libssl/ssl_lib.c | 46 |
1 files changed, 23 insertions, 23 deletions
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c index 91080e9360..ad7fe4d575 100644 --- a/src/lib/libssl/ssl_lib.c +++ b/src/lib/libssl/ssl_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_lib.c,v 1.287 2022/01/14 09:10:11 tb Exp $ */ | 1 | /* $OpenBSD: ssl_lib.c,v 1.288 2022/02/05 14:54:10 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -732,10 +732,10 @@ SSL_get_finished(const SSL *s, void *buf, size_t count) | |||
| 732 | { | 732 | { |
| 733 | size_t ret; | 733 | size_t ret; |
| 734 | 734 | ||
| 735 | ret = S3I(s)->hs.finished_len; | 735 | ret = s->s3->hs.finished_len; |
| 736 | if (count > ret) | 736 | if (count > ret) |
| 737 | count = ret; | 737 | count = ret; |
| 738 | memcpy(buf, S3I(s)->hs.finished, count); | 738 | memcpy(buf, s->s3->hs.finished, count); |
| 739 | return (ret); | 739 | return (ret); |
| 740 | } | 740 | } |
| 741 | 741 | ||
| @@ -745,10 +745,10 @@ SSL_get_peer_finished(const SSL *s, void *buf, size_t count) | |||
| 745 | { | 745 | { |
| 746 | size_t ret; | 746 | size_t ret; |
| 747 | 747 | ||
| 748 | ret = S3I(s)->hs.peer_finished_len; | 748 | ret = s->s3->hs.peer_finished_len; |
| 749 | if (count > ret) | 749 | if (count > ret) |
| 750 | count = ret; | 750 | count = ret; |
| 751 | memcpy(buf, S3I(s)->hs.peer_finished, count); | 751 | memcpy(buf, s->s3->hs.peer_finished, count); |
| 752 | return (ret); | 752 | return (ret); |
| 753 | } | 753 | } |
| 754 | 754 | ||
| @@ -1294,7 +1294,7 @@ SSL_ctrl(SSL *s, int cmd, long larg, void *parg) | |||
| 1294 | return (1); | 1294 | return (1); |
| 1295 | case SSL_CTRL_GET_RI_SUPPORT: | 1295 | case SSL_CTRL_GET_RI_SUPPORT: |
| 1296 | if (s->s3) | 1296 | if (s->s3) |
| 1297 | return (S3I(s)->send_connection_binding); | 1297 | return (s->s3->send_connection_binding); |
| 1298 | else return (0); | 1298 | else return (0); |
| 1299 | default: | 1299 | default: |
| 1300 | if (SSL_is_dtls(s)) | 1300 | if (SSL_is_dtls(s)) |
| @@ -1837,8 +1837,8 @@ void | |||
| 1837 | SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data, | 1837 | SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data, |
| 1838 | unsigned int *len) | 1838 | unsigned int *len) |
| 1839 | { | 1839 | { |
| 1840 | *data = ssl->s3->internal->alpn_selected; | 1840 | *data = ssl->s3->alpn_selected; |
| 1841 | *len = ssl->s3->internal->alpn_selected_len; | 1841 | *len = ssl->s3->alpn_selected_len; |
| 1842 | } | 1842 | } |
| 1843 | 1843 | ||
| 1844 | void | 1844 | void |
| @@ -2224,8 +2224,8 @@ ssl_using_ecc_cipher(SSL *s) | |||
| 2224 | { | 2224 | { |
| 2225 | unsigned long alg_a, alg_k; | 2225 | unsigned long alg_a, alg_k; |
| 2226 | 2226 | ||
| 2227 | alg_a = S3I(s)->hs.cipher->algorithm_auth; | 2227 | alg_a = s->s3->hs.cipher->algorithm_auth; |
| 2228 | alg_k = S3I(s)->hs.cipher->algorithm_mkey; | 2228 | alg_k = s->s3->hs.cipher->algorithm_mkey; |
| 2229 | 2229 | ||
| 2230 | return s->session->tlsext_ecpointformatlist != NULL && | 2230 | return s->session->tlsext_ecpointformatlist != NULL && |
| 2231 | s->session->tlsext_ecpointformatlist_length > 0 && | 2231 | s->session->tlsext_ecpointformatlist_length > 0 && |
| @@ -2235,7 +2235,7 @@ ssl_using_ecc_cipher(SSL *s) | |||
| 2235 | int | 2235 | int |
| 2236 | ssl_check_srvr_ecc_cert_and_alg(SSL *s, X509 *x) | 2236 | ssl_check_srvr_ecc_cert_and_alg(SSL *s, X509 *x) |
| 2237 | { | 2237 | { |
| 2238 | const SSL_CIPHER *cs = S3I(s)->hs.cipher; | 2238 | const SSL_CIPHER *cs = s->s3->hs.cipher; |
| 2239 | unsigned long alg_a; | 2239 | unsigned long alg_a; |
| 2240 | 2240 | ||
| 2241 | alg_a = cs->algorithm_auth; | 2241 | alg_a = cs->algorithm_auth; |
| @@ -2259,9 +2259,9 @@ ssl_get_server_send_pkey(const SSL *s) | |||
| 2259 | int i; | 2259 | int i; |
| 2260 | 2260 | ||
| 2261 | c = s->cert; | 2261 | c = s->cert; |
| 2262 | ssl_set_cert_masks(c, S3I(s)->hs.cipher); | 2262 | ssl_set_cert_masks(c, s->s3->hs.cipher); |
| 2263 | 2263 | ||
| 2264 | alg_a = S3I(s)->hs.cipher->algorithm_auth; | 2264 | alg_a = s->s3->hs.cipher->algorithm_auth; |
| 2265 | 2265 | ||
| 2266 | if (alg_a & SSL_aECDSA) { | 2266 | if (alg_a & SSL_aECDSA) { |
| 2267 | i = SSL_PKEY_ECC; | 2267 | i = SSL_PKEY_ECC; |
| @@ -2319,9 +2319,9 @@ ssl_dhe_params_auto_key_bits(SSL *s) | |||
| 2319 | 2319 | ||
| 2320 | if (s->cert->dhe_params_auto == 2) { | 2320 | if (s->cert->dhe_params_auto == 2) { |
| 2321 | key_bits = 1024; | 2321 | key_bits = 1024; |
| 2322 | } else if (S3I(s)->hs.cipher->algorithm_auth & SSL_aNULL) { | 2322 | } else if (s->s3->hs.cipher->algorithm_auth & SSL_aNULL) { |
| 2323 | key_bits = 1024; | 2323 | key_bits = 1024; |
| 2324 | if (S3I(s)->hs.cipher->strength_bits == 256) | 2324 | if (s->s3->hs.cipher->strength_bits == 256) |
| 2325 | key_bits = 3072; | 2325 | key_bits = 3072; |
| 2326 | } else { | 2326 | } else { |
| 2327 | if ((cpk = ssl_get_server_send_pkey(s)) == NULL) | 2327 | if ((cpk = ssl_get_server_send_pkey(s)) == NULL) |
| @@ -2352,7 +2352,7 @@ ssl_should_update_external_cache(SSL *s, int mode) | |||
| 2352 | return 1; | 2352 | return 1; |
| 2353 | 2353 | ||
| 2354 | /* If it's TLS 1.3, do it to match OpenSSL */ | 2354 | /* If it's TLS 1.3, do it to match OpenSSL */ |
| 2355 | if (S3I(s)->hs.negotiated_tls_version >= TLS1_3_VERSION) | 2355 | if (s->s3->hs.negotiated_tls_version >= TLS1_3_VERSION) |
| 2356 | return 1; | 2356 | return 1; |
| 2357 | 2357 | ||
| 2358 | return 0; | 2358 | return 0; |
| @@ -2377,7 +2377,7 @@ ssl_should_update_internal_cache(SSL *s, int mode) | |||
| 2377 | return 0; | 2377 | return 0; |
| 2378 | 2378 | ||
| 2379 | /* If we are lesser than TLS 1.3, Cache it. */ | 2379 | /* If we are lesser than TLS 1.3, Cache it. */ |
| 2380 | if (S3I(s)->hs.negotiated_tls_version < TLS1_3_VERSION) | 2380 | if (s->s3->hs.negotiated_tls_version < TLS1_3_VERSION) |
| 2381 | return 1; | 2381 | return 1; |
| 2382 | 2382 | ||
| 2383 | /* Below this we consider TLS 1.3 or later */ | 2383 | /* Below this we consider TLS 1.3 or later */ |
| @@ -2556,7 +2556,7 @@ SSL_get_error(const SSL *s, int i) | |||
| 2556 | 2556 | ||
| 2557 | if (i == 0) { | 2557 | if (i == 0) { |
| 2558 | if ((s->internal->shutdown & SSL_RECEIVED_SHUTDOWN) && | 2558 | if ((s->internal->shutdown & SSL_RECEIVED_SHUTDOWN) && |
| 2559 | (S3I(s)->warn_alert == SSL_AD_CLOSE_NOTIFY)) | 2559 | (s->s3->warn_alert == SSL_AD_CLOSE_NOTIFY)) |
| 2560 | return (SSL_ERROR_ZERO_RETURN); | 2560 | return (SSL_ERROR_ZERO_RETURN); |
| 2561 | } | 2561 | } |
| 2562 | return (SSL_ERROR_SYSCALL); | 2562 | return (SSL_ERROR_SYSCALL); |
| @@ -2589,7 +2589,7 @@ SSL_set_accept_state(SSL *s) | |||
| 2589 | { | 2589 | { |
| 2590 | s->server = 1; | 2590 | s->server = 1; |
| 2591 | s->internal->shutdown = 0; | 2591 | s->internal->shutdown = 0; |
| 2592 | S3I(s)->hs.state = SSL_ST_ACCEPT|SSL_ST_BEFORE; | 2592 | s->s3->hs.state = SSL_ST_ACCEPT|SSL_ST_BEFORE; |
| 2593 | s->internal->handshake_func = s->method->ssl_accept; | 2593 | s->internal->handshake_func = s->method->ssl_accept; |
| 2594 | ssl_clear_cipher_state(s); | 2594 | ssl_clear_cipher_state(s); |
| 2595 | } | 2595 | } |
| @@ -2599,7 +2599,7 @@ SSL_set_connect_state(SSL *s) | |||
| 2599 | { | 2599 | { |
| 2600 | s->server = 0; | 2600 | s->server = 0; |
| 2601 | s->internal->shutdown = 0; | 2601 | s->internal->shutdown = 0; |
| 2602 | S3I(s)->hs.state = SSL_ST_CONNECT|SSL_ST_BEFORE; | 2602 | s->s3->hs.state = SSL_ST_CONNECT|SSL_ST_BEFORE; |
| 2603 | s->internal->handshake_func = s->method->ssl_connect; | 2603 | s->internal->handshake_func = s->method->ssl_connect; |
| 2604 | ssl_clear_cipher_state(s); | 2604 | ssl_clear_cipher_state(s); |
| 2605 | } | 2605 | } |
| @@ -2731,7 +2731,7 @@ SSL_dup(SSL *s) | |||
| 2731 | ret->internal->quiet_shutdown = s->internal->quiet_shutdown; | 2731 | ret->internal->quiet_shutdown = s->internal->quiet_shutdown; |
| 2732 | ret->internal->shutdown = s->internal->shutdown; | 2732 | ret->internal->shutdown = s->internal->shutdown; |
| 2733 | /* SSL_dup does not really work at any state, though */ | 2733 | /* SSL_dup does not really work at any state, though */ |
| 2734 | S3I(ret)->hs.state = S3I(s)->hs.state; | 2734 | ret->s3->hs.state = s->s3->hs.state; |
| 2735 | ret->internal->rstate = s->internal->rstate; | 2735 | ret->internal->rstate = s->internal->rstate; |
| 2736 | 2736 | ||
| 2737 | /* | 2737 | /* |
| @@ -3018,13 +3018,13 @@ void (*SSL_get_info_callback(const SSL *ssl))(const SSL *ssl, int type, int val) | |||
| 3018 | int | 3018 | int |
| 3019 | SSL_state(const SSL *ssl) | 3019 | SSL_state(const SSL *ssl) |
| 3020 | { | 3020 | { |
| 3021 | return (S3I(ssl)->hs.state); | 3021 | return (ssl->s3->hs.state); |
| 3022 | } | 3022 | } |
| 3023 | 3023 | ||
| 3024 | void | 3024 | void |
| 3025 | SSL_set_state(SSL *ssl, int state) | 3025 | SSL_set_state(SSL *ssl, int state) |
| 3026 | { | 3026 | { |
| 3027 | S3I(ssl)->hs.state = state; | 3027 | ssl->s3->hs.state = state; |
| 3028 | } | 3028 | } |
| 3029 | 3029 | ||
| 3030 | void | 3030 | void |