Move handshake message handling functions from ssl_both.c to client/server.

Currently, ssl_both.c contains several functions that are used by both the legacy client and legacy server. This interwines the client and server, making it harder to make progressive changes. While it does deduplicate some code, it also ends up with code that is conditioned on s->server and forces the caller to pass in SSL3_ST_* values. Move these functions from ssl_both.c into ssl_clnt.c and ssl_srvr.c, renaming as appropriate and removing the s->server conditionals. Also move the client and server function prototypes from ssl_locl.h into the .c files, making them static in the process. ok tb@
author: jsing <> 2022-10-01 16:23:15 +0000
committer: jsing <> 2022-10-01 16:23:15 +0000
commit: d5e660940f76ba9fedb2400c0fa888e996ee93c9 (patch)
tree: 17355bd2c7397fbcda5912079e30abc288561c2f /src/lib/libssl/ssl_locl.h
parent: 891337e5a26a9faa47ed08abfbaeaf58e11c669c (diff)
download: openbsd-d5e660940f76ba9fedb2400c0fa888e996ee93c9.tar.gz
openbsd-d5e660940f76ba9fedb2400c0fa888e996ee93c9.tar.bz2
openbsd-d5e660940f76ba9fedb2400c0fa888e996ee93c9.zip
1 files changed, 1 insertions, 36 deletions
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index a6fc6eaa32..a8d5308e8c 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.425 2022/09/10 15:29:33 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.426 2022/10/01 16:23:15 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -1357,16 +1357,10 @@ int ssl_verify_alarm_type(long type);
 int SSL_SESSION_ticket(SSL_SESSION *ss, unsigned char **out, size_t *out_len);
 const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p);
-int ssl3_send_server_certificate(SSL *s);
-int ssl3_send_newsession_ticket(SSL *s);
-int ssl3_send_cert_status(SSL *s);
-int ssl3_get_finished(SSL *s, int state_a, int state_b);
-int ssl3_send_change_cipher_spec(SSL *s, int state_a, int state_b);
 int ssl3_do_write(SSL *s, int type);
 int ssl3_send_alert(SSL *s, int level, int desc);
 int ssl3_get_req_cert_types(SSL *s, CBB *cbb);
 int ssl3_get_message(SSL *s, int st1, int stn, int mt, long max);
-int ssl3_send_finished(SSL *s, int state_a, int state_b);
 int ssl3_num_ciphers(void);
 const SSL_CIPHER *ssl3_get_cipher(unsigned int u);
 const SSL_CIPHER *ssl3_get_cipher_by_id(unsigned int id);
@@ -1424,35 +1418,6 @@ int ssl_server_legacy_first_packet(SSL *s);
 int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
    unsigned int len);
-/* some client-only functions */
-int ssl3_send_client_hello(SSL *s);
-int ssl3_get_dtls_hello_verify(SSL *s);
-int ssl3_get_server_hello(SSL *s);
-int ssl3_get_certificate_request(SSL *s);
-int ssl3_get_new_session_ticket(SSL *s);
-int ssl3_get_cert_status(SSL *s);
-int ssl3_get_server_done(SSL *s);
-int ssl3_send_client_verify(SSL *s);
-int ssl3_send_client_certificate(SSL *s);
-int ssl_do_client_cert_cb(SSL *s, X509 **px509, EVP_PKEY **ppkey);
-int ssl3_send_client_key_exchange(SSL *s);
-int ssl3_get_server_key_exchange(SSL *s);
-int ssl3_get_server_certificate(SSL *s);
-int ssl3_check_cert_and_algorithm(SSL *s);
-int ssl3_check_finished(SSL *s);
-/* some server-only functions */
-int ssl3_get_client_hello(SSL *s);
-int ssl3_send_dtls_hello_verify_request(SSL *s);
-int ssl3_send_server_hello(SSL *s);
-int ssl3_send_hello_request(SSL *s);
-int ssl3_send_server_key_exchange(SSL *s);
-int ssl3_send_certificate_request(SSL *s);
-int ssl3_send_server_done(SSL *s);
-int ssl3_get_client_certificate(SSL *s);
-int ssl3_get_client_key_exchange(SSL *s);
-int ssl3_get_cert_verify(SSL *s);
 int ssl_kex_generate_dhe(DH *dh, DH *dh_params);
 int ssl_kex_generate_dhe_params_auto(DH *dh, size_t key_len);
 int ssl_kex_params_dhe(DH *dh, CBB *cbb);
author	jsing <>	2022-10-01 16:23:15 +0000
committer	jsing <>	2022-10-01 16:23:15 +0000
commit	d5e660940f76ba9fedb2400c0fa888e996ee93c9 (patch)
tree	17355bd2c7397fbcda5912079e30abc288561c2f /src/lib/libssl/ssl_locl.h
parent	891337e5a26a9faa47ed08abfbaeaf58e11c669c (diff)
download	openbsd-d5e660940f76ba9fedb2400c0fa888e996ee93c9.tar.gz openbsd-d5e660940f76ba9fedb2400c0fa888e996ee93c9.tar.bz2 openbsd-d5e660940f76ba9fedb2400c0fa888e996ee93c9.zip

diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h index a6fc6eaa32..a8d5308e8c 100644 --- a/src/lib/libssl/ssl_locl.h +++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_locl.h,v 1.425 2022/09/10 15:29:33 jsing Exp $ */	1	/* $OpenBSD: ssl_locl.h,v 1.426 2022/10/01 16:23:15 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -1357,16 +1357,10 @@ int ssl_verify_alarm_type(long type);
1357	int SSL_SESSION_ticket(SSL_SESSION ss, unsigned char out, size_t out_len);	1357	int SSL_SESSION_ticket(SSL_SESSION ss, unsigned char out, size_t out_len);
1358		1358
1359	const SSL_CIPHER ssl3_get_cipher_by_char(const unsigned char p);	1359	const SSL_CIPHER ssl3_get_cipher_by_char(const unsigned char p);
1360	int ssl3_send_server_certificate(SSL *s);
1361	int ssl3_send_newsession_ticket(SSL *s);
1362	int ssl3_send_cert_status(SSL *s);
1363	int ssl3_get_finished(SSL *s, int state_a, int state_b);
1364	int ssl3_send_change_cipher_spec(SSL *s, int state_a, int state_b);
1365	int ssl3_do_write(SSL *s, int type);	1360	int ssl3_do_write(SSL *s, int type);
1366	int ssl3_send_alert(SSL *s, int level, int desc);	1361	int ssl3_send_alert(SSL *s, int level, int desc);
1367	int ssl3_get_req_cert_types(SSL s, CBB cbb);	1362	int ssl3_get_req_cert_types(SSL s, CBB cbb);
1368	int ssl3_get_message(SSL *s, int st1, int stn, int mt, long max);	1363	int ssl3_get_message(SSL *s, int st1, int stn, int mt, long max);
1369	int ssl3_send_finished(SSL *s, int state_a, int state_b);
1370	int ssl3_num_ciphers(void);	1364	int ssl3_num_ciphers(void);
1371	const SSL_CIPHER *ssl3_get_cipher(unsigned int u);	1365	const SSL_CIPHER *ssl3_get_cipher(unsigned int u);
1372	const SSL_CIPHER *ssl3_get_cipher_by_id(unsigned int id);	1366	const SSL_CIPHER *ssl3_get_cipher_by_id(unsigned int id);
@@ -1424,35 +1418,6 @@ int ssl_server_legacy_first_packet(SSL *s);
1424	int ssl3_write_pending(SSL s, int type, const unsigned char buf,	1418	int ssl3_write_pending(SSL s, int type, const unsigned char buf,
1425	unsigned int len);	1419	unsigned int len);
1426		1420
1427	/* some client-only functions */
1428	int ssl3_send_client_hello(SSL *s);
1429	int ssl3_get_dtls_hello_verify(SSL *s);
1430	int ssl3_get_server_hello(SSL *s);
1431	int ssl3_get_certificate_request(SSL *s);
1432	int ssl3_get_new_session_ticket(SSL *s);
1433	int ssl3_get_cert_status(SSL *s);
1434	int ssl3_get_server_done(SSL *s);
1435	int ssl3_send_client_verify(SSL *s);
1436	int ssl3_send_client_certificate(SSL *s);
1437	int ssl_do_client_cert_cb(SSL s, X509 px509, EVP_PKEY *ppkey);
1438	int ssl3_send_client_key_exchange(SSL *s);
1439	int ssl3_get_server_key_exchange(SSL *s);
1440	int ssl3_get_server_certificate(SSL *s);
1441	int ssl3_check_cert_and_algorithm(SSL *s);
1442	int ssl3_check_finished(SSL *s);
1443
1444	/* some server-only functions */
1445	int ssl3_get_client_hello(SSL *s);
1446	int ssl3_send_dtls_hello_verify_request(SSL *s);
1447	int ssl3_send_server_hello(SSL *s);
1448	int ssl3_send_hello_request(SSL *s);
1449	int ssl3_send_server_key_exchange(SSL *s);
1450	int ssl3_send_certificate_request(SSL *s);
1451	int ssl3_send_server_done(SSL *s);
1452	int ssl3_get_client_certificate(SSL *s);
1453	int ssl3_get_client_key_exchange(SSL *s);
1454	int ssl3_get_cert_verify(SSL *s);
1455
1456	int ssl_kex_generate_dhe(DH dh, DH dh_params);	1421	int ssl_kex_generate_dhe(DH dh, DH dh_params);
1457	int ssl_kex_generate_dhe_params_auto(DH *dh, size_t key_len);	1422	int ssl_kex_generate_dhe_params_auto(DH *dh, size_t key_len);
1458	int ssl_kex_params_dhe(DH dh, CBB cbb);	1423	int ssl_kex_params_dhe(DH dh, CBB cbb);