Stop using ssl{_ctx,}_security() outside of ssl_seclevel.c

The API is ugly and we can easily abstract it away. The SSL_SECOP_* stuff is now confined into ssl_seclevel.c and the rest of the library can make use of the more straightforward wrappers, which makes it a lot easier on the eyes. ok beck jsing
author: tb <> 2022-07-02 16:31:04 +0000
committer: tb <> 2022-07-02 16:31:04 +0000
commit: 274f622e186b69a67b9ccd2ebb48918c3a67ad64 (patch)
tree: bc3bde853323758696c370e558e602d43422a86d /src/lib/libssl/ssl_tlsext.c
parent: ef99055644809bf9803db0f1022b2a923a0e3236 (diff)
download: openbsd-274f622e186b69a67b9ccd2ebb48918c3a67ad64.tar.gz
openbsd-274f622e186b69a67b9ccd2ebb48918c3a67ad64.tar.bz2
openbsd-274f622e186b69a67b9ccd2ebb48918c3a67ad64.zip
1 files changed, 3 insertions, 3 deletions
diff --git a/src/lib/libssl/ssl_tlsext.c b/src/lib/libssl/ssl_tlsext.c
index 7457925572..fa1eef3587 100644
--- a/src/lib/libssl/ssl_tlsext.c
+++ b/src/lib/libssl/ssl_tlsext.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_tlsext.c,v 1.118 2022/07/02 16:00:12 tb Exp $ */
+/* $OpenBSD: ssl_tlsext.c,v 1.119 2022/07/02 16:31:04 tb Exp $ */
 /*
 * Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org>
 * Copyright (c) 2017 Doug Hogan <doug@openbsd.org>
@@ -1126,7 +1126,7 @@ tlsext_sessionticket_client_needs(SSL *s, uint16_t msg_type)
        if ((SSL_get_options(s) & SSL_OP_NO_TICKET) != 0)
                return 0;
-        if (!ssl_security(s, SSL_SECOP_TICKET, 0, 0, NULL))
+        if (!ssl_security_tickets(s))
                return 0;
        if (s->internal->new_session)
@@ -1209,7 +1209,7 @@ tlsext_sessionticket_server_needs(SSL *s, uint16_t msg_type)
 {
        return (s->internal->tlsext_ticket_expected &&
            !(SSL_get_options(s) & SSL_OP_NO_TICKET) &&
-            ssl_security(s, SSL_SECOP_TICKET, 0, 0, NULL));
+            ssl_security_tickets(s));
 }
 int
author	tb <>	2022-07-02 16:31:04 +0000
committer	tb <>	2022-07-02 16:31:04 +0000
commit	274f622e186b69a67b9ccd2ebb48918c3a67ad64 (patch)
tree	bc3bde853323758696c370e558e602d43422a86d /src/lib/libssl/ssl_tlsext.c
parent	ef99055644809bf9803db0f1022b2a923a0e3236 (diff)
download	openbsd-274f622e186b69a67b9ccd2ebb48918c3a67ad64.tar.gz openbsd-274f622e186b69a67b9ccd2ebb48918c3a67ad64.tar.bz2 openbsd-274f622e186b69a67b9ccd2ebb48918c3a67ad64.zip

diff --git a/src/lib/libssl/ssl_tlsext.c b/src/lib/libssl/ssl_tlsext.c index 7457925572..fa1eef3587 100644 --- a/src/lib/libssl/ssl_tlsext.c +++ b/src/lib/libssl/ssl_tlsext.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_tlsext.c,v 1.118 2022/07/02 16:00:12 tb Exp $ */	1	/* $OpenBSD: ssl_tlsext.c,v 1.119 2022/07/02 16:31:04 tb Exp $ */
2	/*	2	/*
3	* Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org>	3	* Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org>
4	* Copyright (c) 2017 Doug Hogan <doug@openbsd.org>	4	* Copyright (c) 2017 Doug Hogan <doug@openbsd.org>
@@ -1126,7 +1126,7 @@ tlsext_sessionticket_client_needs(SSL *s, uint16_t msg_type)
1126	if ((SSL_get_options(s) & SSL_OP_NO_TICKET) != 0)	1126	if ((SSL_get_options(s) & SSL_OP_NO_TICKET) != 0)
1127	return 0;	1127	return 0;
1128		1128
1129	if (!ssl_security(s, SSL_SECOP_TICKET, 0, 0, NULL))	1129	if (!ssl_security_tickets(s))
1130	return 0;	1130	return 0;
1131		1131
1132	if (s->internal->new_session)	1132	if (s->internal->new_session)
@@ -1209,7 +1209,7 @@ tlsext_sessionticket_server_needs(SSL *s, uint16_t msg_type)
1209	{	1209	{
1210	return (s->internal->tlsext_ticket_expected &&	1210	return (s->internal->tlsext_ticket_expected &&
1211	!(SSL_get_options(s) & SSL_OP_NO_TICKET) &&	1211	!(SSL_get_options(s) & SSL_OP_NO_TICKET) &&
1212	ssl_security(s, SSL_SECOP_TICKET, 0, 0, NULL));	1212	ssl_security_tickets(s));
1213	}	1213	}
1214		1214
1215	int	1215	int