Split most of SSL_METHOD out into an internal variant, which is opaque.

Discussed with beck@
author: jsing <> 2017-01-23 13:36:13 +0000
committer: jsing <> 2017-01-23 13:36:13 +0000
commit: 0eff443f2ac1ae9043870f2d40d9dc0d57f236d6 (patch)
tree: 84ee9c4c985fe1078df40f818b7697846dba1c18 /src/lib/libssl/ssl_locl.h
parent: 76088a8d37b68292f56046a6a4dea9544ad5ab89 (diff)
download: openbsd-0eff443f2ac1ae9043870f2d40d9dc0d57f236d6.tar.gz
openbsd-0eff443f2ac1ae9043870f2d40d9dc0d57f236d6.tar.bz2
openbsd-0eff443f2ac1ae9043870f2d40d9dc0d57f236d6.zip
1 files changed, 41 insertions, 5 deletions
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index 1aac55f101..df1e12bf39 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.160 2017/01/23 08:48:44 beck Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.161 2017/01/23 13:36:13 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -327,19 +327,20 @@ __BEGIN_HIDDEN_DECLS
 #define SSL_C_PKEYLENGTH(c)     1024
 /* Check if an SSL structure is using DTLS. */
-#define SSL_IS_DTLS(s) (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_DTLS)
+#define SSL_IS_DTLS(s) \
+        (s->method->internal->ssl3_enc->enc_flags & SSL_ENC_FLAG_DTLS)
 /* See if we need explicit IV. */
 #define SSL_USE_EXPLICIT_IV(s) \
-        (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_EXPLICIT_IV)
+        (s->method->internal->ssl3_enc->enc_flags & SSL_ENC_FLAG_EXPLICIT_IV)
 /* See if we use signature algorithms extension. */
 #define SSL_USE_SIGALGS(s) \
-        (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_SIGALGS)
+        (s->method->internal->ssl3_enc->enc_flags & SSL_ENC_FLAG_SIGALGS)
 /* Allow TLS 1.2 ciphersuites: applies to DTLS 1.2 as well as TLS 1.2. */
 #define SSL_USE_TLS1_2_CIPHERS(s) \
-        (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_TLS1_2_CIPHERS)
+        (s->method->internal->ssl3_enc->enc_flags & SSL_ENC_FLAG_TLS1_2_CIPHERS)
 /* Mostly for SSLv3 */
 #define SSL_PKEY_RSA_ENC        0
@@ -372,6 +373,41 @@ __BEGIN_HIDDEN_DECLS
 #define EXPLICIT_CHAR2_CURVE_TYPE  2
 #define NAMED_CURVE_TYPE           3
+typedef struct ssl_method_internal_st {
+        int version;
+        uint16_t min_version;
+        uint16_t max_version;
+        int (*ssl_new)(SSL *s);
+        void (*ssl_clear)(SSL *s);
+        void (*ssl_free)(SSL *s);
+        int (*ssl_accept)(SSL *s);
+        int (*ssl_connect)(SSL *s);
+        int (*ssl_read)(SSL *s, void *buf, int len);
+        int (*ssl_peek)(SSL *s, void *buf, int len);
+        int (*ssl_write)(SSL *s, const void *buf, int len);
+        int (*ssl_shutdown)(SSL *s);
+        int (*ssl_renegotiate)(SSL *s);
+        int (*ssl_renegotiate_check)(SSL *s);
+        long (*ssl_get_message)(SSL *s, int st1, int stn, int mt,
+            long max, int *ok);
+        int (*ssl_read_bytes)(SSL *s, int type, unsigned char *buf,
+            int len, int peek);
+        int (*ssl_write_bytes)(SSL *s, int type, const void *buf_, int len);
+        int (*ssl_pending)(const SSL *s);
+        const struct ssl_method_st *(*get_ssl_method)(int version);
+        long (*get_timeout)(void);
+        int (*ssl_version)(void);
+        struct ssl3_enc_method *ssl3_enc; /* Extra SSLv3/TLS stuff */
+} SSL_METHOD_INTERNAL;
 typedef struct ssl_session_internal_st {
        CRYPTO_EX_DATA ex_data; /* application specific data */
author	jsing <>	2017-01-23 13:36:13 +0000
committer	jsing <>	2017-01-23 13:36:13 +0000
commit	0eff443f2ac1ae9043870f2d40d9dc0d57f236d6 (patch)
tree	84ee9c4c985fe1078df40f818b7697846dba1c18 /src/lib/libssl/ssl_locl.h
parent	76088a8d37b68292f56046a6a4dea9544ad5ab89 (diff)
download	openbsd-0eff443f2ac1ae9043870f2d40d9dc0d57f236d6.tar.gz openbsd-0eff443f2ac1ae9043870f2d40d9dc0d57f236d6.tar.bz2 openbsd-0eff443f2ac1ae9043870f2d40d9dc0d57f236d6.zip

diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h index 1aac55f101..df1e12bf39 100644 --- a/src/lib/libssl/ssl_locl.h +++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_locl.h,v 1.160 2017/01/23 08:48:44 beck Exp $ */	1	/* $OpenBSD: ssl_locl.h,v 1.161 2017/01/23 13:36:13 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -327,19 +327,20 @@ __BEGIN_HIDDEN_DECLS
327	#define SSL_C_PKEYLENGTH(c) 1024	327	#define SSL_C_PKEYLENGTH(c) 1024
328		328
329	/* Check if an SSL structure is using DTLS. */	329	/* Check if an SSL structure is using DTLS. */
330	#define SSL_IS_DTLS(s) (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_DTLS)	330	#define SSL_IS_DTLS(s) \
		331	(s->method->internal->ssl3_enc->enc_flags & SSL_ENC_FLAG_DTLS)
331		332
332	/* See if we need explicit IV. */	333	/* See if we need explicit IV. */
333	#define SSL_USE_EXPLICIT_IV(s) \	334	#define SSL_USE_EXPLICIT_IV(s) \
334	(s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_EXPLICIT_IV)	335	(s->method->internal->ssl3_enc->enc_flags & SSL_ENC_FLAG_EXPLICIT_IV)
335		336
336	/* See if we use signature algorithms extension. */	337	/* See if we use signature algorithms extension. */
337	#define SSL_USE_SIGALGS(s) \	338	#define SSL_USE_SIGALGS(s) \
338	(s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_SIGALGS)	339	(s->method->internal->ssl3_enc->enc_flags & SSL_ENC_FLAG_SIGALGS)
339		340
340	/* Allow TLS 1.2 ciphersuites: applies to DTLS 1.2 as well as TLS 1.2. */	341	/* Allow TLS 1.2 ciphersuites: applies to DTLS 1.2 as well as TLS 1.2. */
341	#define SSL_USE_TLS1_2_CIPHERS(s) \	342	#define SSL_USE_TLS1_2_CIPHERS(s) \
342	(s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_TLS1_2_CIPHERS)	343	(s->method->internal->ssl3_enc->enc_flags & SSL_ENC_FLAG_TLS1_2_CIPHERS)
343		344
344	/* Mostly for SSLv3 */	345	/* Mostly for SSLv3 */
345	#define SSL_PKEY_RSA_ENC 0	346	#define SSL_PKEY_RSA_ENC 0
@@ -372,6 +373,41 @@ __BEGIN_HIDDEN_DECLS
372	#define EXPLICIT_CHAR2_CURVE_TYPE 2	373	#define EXPLICIT_CHAR2_CURVE_TYPE 2
373	#define NAMED_CURVE_TYPE 3	374	#define NAMED_CURVE_TYPE 3
374		375
		376	typedef struct ssl_method_internal_st {
		377	int version;
		378
		379	uint16_t min_version;
		380	uint16_t max_version;
		381
		382	int (ssl_new)(SSL s);
		383	void (ssl_clear)(SSL s);
		384	void (ssl_free)(SSL s);
		385
		386	int (ssl_accept)(SSL s);
		387	int (ssl_connect)(SSL s);
		388	int (ssl_read)(SSL s, void *buf, int len);
		389	int (ssl_peek)(SSL s, void *buf, int len);
		390	int (ssl_write)(SSL s, const void *buf, int len);
		391	int (ssl_shutdown)(SSL s);
		392
		393	int (ssl_renegotiate)(SSL s);
		394	int (ssl_renegotiate_check)(SSL s);
		395
		396	long (ssl_get_message)(SSL s, int st1, int stn, int mt,
		397	long max, int *ok);
		398	int (ssl_read_bytes)(SSL s, int type, unsigned char *buf,
		399	int len, int peek);
		400	int (ssl_write_bytes)(SSL s, int type, const void *buf_, int len);
		401
		402	int (ssl_pending)(const SSL s);
		403	const struct ssl_method_st (get_ssl_method)(int version);
		404
		405	long (*get_timeout)(void);
		406	int (*ssl_version)(void);
		407
		408	struct ssl3_enc_method ssl3_enc; / Extra SSLv3/TLS stuff */
		409	} SSL_METHOD_INTERNAL;
		410
375	typedef struct ssl_session_internal_st {	411	typedef struct ssl_session_internal_st {
376	CRYPTO_EX_DATA ex_data; /* application specific data */	412	CRYPTO_EX_DATA ex_data; /* application specific data */
377		413