KSSL is dead... nuke KSSL_DEBUG from orbit.

ok beck@ miod@
author: jsing <> 2014-05-20 16:59:05 +0000
committer: jsing <> 2014-05-20 16:59:05 +0000
commit: 0ec843903451a54afa6be0cb924fc7a996079191 (patch)
tree: 2ef56a158500b0335eca60d2194ea1186d7b6e47 /src/lib/libssl/t1_enc.c
parent: c5dc4929a3e8bc91a204eff5b55c10ce54cec591 (diff)
download: openbsd-0ec843903451a54afa6be0cb924fc7a996079191.tar.gz
openbsd-0ec843903451a54afa6be0cb924fc7a996079191.tar.bz2
openbsd-0ec843903451a54afa6be0cb924fc7a996079191.zip
1 files changed, 0 insertions, 83 deletions
diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c
index 2480fecd7e..5a95fd2744 100644
--- a/src/lib/libssl/t1_enc.c
+++ b/src/lib/libssl/t1_enc.c
@@ -144,9 +144,6 @@
 #include <openssl/hmac.h>
 #include <openssl/md5.h>
 #include <openssl/rand.h>
-#ifdef KSSL_DEBUG
-#include <openssl/des.h>
-#endif
 /* seed1 through seed5 are virtually concatenated */
 static int
@@ -297,17 +294,6 @@ tls1_generate_key_block(SSL *s, unsigned char *km, unsigned char *tmp, int num)
            NULL, 0, NULL, 0,
            s->session->master_key, s->session->master_key_length,
            km, tmp, num);
-#ifdef KSSL_DEBUG
-        printf("tls1_generate_key_block() ==> %d byte master_key =\n\t",
-            s->session->master_key_length);
-        {
-                int i;
-                for (i = 0; i < s->session->master_key_length; i++) {
-                        printf("%02X", s->session->master_key[i]);
-                }
-                printf("\n");
-        }
-#endif    /* KSSL_DEBUG */
        return ret;
 }
@@ -344,22 +330,6 @@ tls1_change_cipher_state(SSL *s, int which)
        comp = s->s3->tmp.new_compression;
 #endif
-#ifdef KSSL_DEBUG
-        printf("tls1_change_cipher_state(which= %d) w/\n", which);
-        printf("\talg= %ld/%ld, comp= %p\n",
-            s->s3->tmp.new_cipher->algorithm_mkey,
-            s->s3->tmp.new_cipher->algorithm_auth,
-            comp);
-        printf("\tevp_cipher == %p ==? &d_cbc_ede_cipher3\n", c);
-        printf("\tevp_cipher: nid, blksz= %d, %d, keylen=%d, ivlen=%d\n",
-            c->nid, c->block_size, c->key_len, c->iv_len);
-        printf("\tkey_block: len= %d, data= ", s->s3->tmp.key_block_length);
-        {
-                int i;
-                for (i = 0; i < s->s3->tmp.key_block_length; i++)
-                        printf("%02x", s->s3->tmp.key_block[i]);  printf("\n");
-        }
-#endif  /* KSSL_DEBUG */
        if (which & SSL3_CC_READ) {
                if (s->s3->tmp.new_cipher->algorithm2 & TLS1_STREAM_MAC)
@@ -519,16 +489,6 @@ tls1_change_cipher_state(SSL *s, int which)
                }
        }
-#ifdef KSSL_DEBUG
-        {
-                int i;
-                printf("EVP_CipherInit_ex(dd, c, key=, iv=, which)\n");
-                printf("\tkey= "); for (i = 0; i<c->key_len; i++) printf("%02x", key[i]);
-                printf("\n");
-                printf("\t iv= "); for (i = 0; i<c->iv_len; i++) printf("%02x", iv[i]);
-                printf("\n");
-        }
-#endif  /* KSSL_DEBUG */
        if (EVP_CIPHER_mode(c) == EVP_CIPH_GCM_MODE) {
                EVP_CipherInit_ex(dd, c, NULL, key, NULL, (which & SSL3_CC_WRITE));
@@ -572,9 +532,6 @@ tls1_setup_key_block(SSL *s)
        int mac_type = NID_undef, mac_secret_size = 0;
        int ret = 0;
-#ifdef KSSL_DEBUG
-        printf ("tls1_setup_key_block()\n");
-#endif  /* KSSL_DEBUG */
        if (s->s3->tmp.key_block_length != 0)
                return (1);
@@ -709,9 +666,6 @@ tls1_enc(SSL *s, int send)
                        enc = EVP_CIPHER_CTX_cipher(s->enc_read_ctx);
        }
-#ifdef KSSL_DEBUG
-        printf("tls1_enc(%d)\n", send);
-#endif    /* KSSL_DEBUG */
        if ((s->session == NULL) || (ds == NULL) || (enc == NULL)) {
                memmove(rec->data, rec->input, rec->length);
@@ -768,23 +722,6 @@ tls1_enc(SSL *s, int send)
                        rec->length += i;
                }
-#ifdef KSSL_DEBUG
-                {
-                        unsigned long ui;
-                        printf("EVP_Cipher(ds=%p, rec->data=%p, rec->input=%p, l=%ld) ==>\n",
-                            ds, rec->data, rec->input, l);
-                        printf("\tEVP_CIPHER_CTX: %d buf_len, %d key_len [%d %d], %d iv_len\n",
-                            ds->buf_len, ds->cipher->key_len,
-                            DES_KEY_SZ, DES_SCHEDULE_SZ,
-                            ds->cipher->iv_len);
-                        printf("\t\tIV: ");
-                        for (i = 0; i<ds->cipher->iv_len; i++) printf("%02X", ds->iv[i]);
-                                printf("\n");
-                        printf("\trec->input=");
-                        for (ui = 0; ui<l; ui++) printf(" %02x", rec->input[ui]);
-                                printf("\n");
-                }
-#endif  /* KSSL_DEBUG */
                if (!send) {
                        if (l == 0 || l % bs != 0)
@@ -801,14 +738,6 @@ tls1_enc(SSL *s, int send)
                        rec->length -= EVP_GCM_TLS_EXPLICIT_IV_LEN;
                }
-#ifdef KSSL_DEBUG
-                {
-                        unsigned long i;
-                        printf("\trec->data=");
-                        for (i = 0; i < l; i++)
-                                printf(" %02x", rec->data[i]);  printf("\n");
-                }
-#endif  /* KSSL_DEBUG */
                ret = 1;
                if (EVP_MD_CTX_md(s->read_hash) != NULL)
@@ -1017,9 +946,6 @@ tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
        int col = 0, sol = 0;
-#ifdef KSSL_DEBUG
-        printf ("tls1_generate_master_secret(%p,%p, %p, %d)\n", s, out, p, len);
-#endif  /* KSSL_DEBUG */
 #ifdef TLSEXT_TYPE_opaque_prf_input
        if (s->s3->client_opaque_prf_input != NULL && s->s3->server_opaque_prf_input != NULL &&
@@ -1051,9 +977,6 @@ tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
        BIO_dump_fp(stderr, (char *)s->session->master_key, SSL3_MASTER_SECRET_SIZE);
 #endif
-#ifdef KSSL_DEBUG
-        printf ("tls1_generate_master_secret() complete\n");
-#endif  /* KSSL_DEBUG */
        return (SSL3_MASTER_SECRET_SIZE);
 }
@@ -1067,9 +990,6 @@ tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen,
        size_t vallen, currentvalpos;
        int rv;
-#ifdef KSSL_DEBUG
-        printf ("tls1_export_keying_material(%p,%p,%d,%s,%d,%p,%d)\n", s, out, olen, label, llen, p, plen);
-#endif  /* KSSL_DEBUG */
        buff = malloc(olen);
        if (buff == NULL)
@@ -1129,9 +1049,6 @@ tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen,
            s->session->master_key, s->session->master_key_length,
            out, buff, olen);
-#ifdef KSSL_DEBUG
-        printf ("tls1_export_keying_material() complete\n");
-#endif  /* KSSL_DEBUG */
        goto ret;
 err1:
        SSLerr(SSL_F_TLS1_EXPORT_KEYING_MATERIAL, SSL_R_TLS_ILLEGAL_EXPORTER_LABEL);
author	jsing <>	2014-05-20 16:59:05 +0000
committer	jsing <>	2014-05-20 16:59:05 +0000
commit	0ec843903451a54afa6be0cb924fc7a996079191 (patch)
tree	2ef56a158500b0335eca60d2194ea1186d7b6e47 /src/lib/libssl/t1_enc.c
parent	c5dc4929a3e8bc91a204eff5b55c10ce54cec591 (diff)
download	openbsd-0ec843903451a54afa6be0cb924fc7a996079191.tar.gz openbsd-0ec843903451a54afa6be0cb924fc7a996079191.tar.bz2 openbsd-0ec843903451a54afa6be0cb924fc7a996079191.zip

diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c index 2480fecd7e..5a95fd2744 100644 --- a/src/lib/libssl/t1_enc.c +++ b/src/lib/libssl/t1_enc.c
@@ -144,9 +144,6 @@
144	#include <openssl/hmac.h>	144	#include <openssl/hmac.h>
145	#include <openssl/md5.h>	145	#include <openssl/md5.h>
146	#include <openssl/rand.h>	146	#include <openssl/rand.h>
147	#ifdef KSSL_DEBUG
148	#include <openssl/des.h>
149	#endif
150		147
151	/* seed1 through seed5 are virtually concatenated */	148	/* seed1 through seed5 are virtually concatenated */
152	static int	149	static int
@@ -297,17 +294,6 @@ tls1_generate_key_block(SSL s, unsigned char km, unsigned char *tmp, int num)
297	NULL, 0, NULL, 0,	294	NULL, 0, NULL, 0,
298	s->session->master_key, s->session->master_key_length,	295	s->session->master_key, s->session->master_key_length,
299	km, tmp, num);	296	km, tmp, num);
300	#ifdef KSSL_DEBUG
301	printf("tls1_generate_key_block() ==> %d byte master_key =\n\t",
302	s->session->master_key_length);
303	{
304	int i;
305	for (i = 0; i < s->session->master_key_length; i++) {
306	printf("%02X", s->session->master_key[i]);
307	}
308	printf("\n");
309	}
310	#endif /* KSSL_DEBUG */
311	return ret;	297	return ret;
312	}	298	}
313		299
@@ -344,22 +330,6 @@ tls1_change_cipher_state(SSL *s, int which)
344	comp = s->s3->tmp.new_compression;	330	comp = s->s3->tmp.new_compression;
345	#endif	331	#endif
346		332
347	#ifdef KSSL_DEBUG
348	printf("tls1_change_cipher_state(which= %d) w/\n", which);
349	printf("\talg= %ld/%ld, comp= %p\n",
350	s->s3->tmp.new_cipher->algorithm_mkey,
351	s->s3->tmp.new_cipher->algorithm_auth,
352	comp);
353	printf("\tevp_cipher == %p ==? &d_cbc_ede_cipher3\n", c);
354	printf("\tevp_cipher: nid, blksz= %d, %d, keylen=%d, ivlen=%d\n",
355	c->nid, c->block_size, c->key_len, c->iv_len);
356	printf("\tkey_block: len= %d, data= ", s->s3->tmp.key_block_length);
357	{
358	int i;
359	for (i = 0; i < s->s3->tmp.key_block_length; i++)
360	printf("%02x", s->s3->tmp.key_block[i]); printf("\n");
361	}
362	#endif /* KSSL_DEBUG */
363		333
364	if (which & SSL3_CC_READ) {	334	if (which & SSL3_CC_READ) {
365	if (s->s3->tmp.new_cipher->algorithm2 & TLS1_STREAM_MAC)	335	if (s->s3->tmp.new_cipher->algorithm2 & TLS1_STREAM_MAC)
@@ -519,16 +489,6 @@ tls1_change_cipher_state(SSL *s, int which)
519	}	489	}
520	}	490	}
521		491
522	#ifdef KSSL_DEBUG
523	{
524	int i;
525	printf("EVP_CipherInit_ex(dd, c, key=, iv=, which)\n");
526	printf("\tkey= "); for (i = 0; i<c->key_len; i++) printf("%02x", key[i]);
527	printf("\n");
528	printf("\t iv= "); for (i = 0; i<c->iv_len; i++) printf("%02x", iv[i]);
529	printf("\n");
530	}
531	#endif /* KSSL_DEBUG */
532		492
533	if (EVP_CIPHER_mode(c) == EVP_CIPH_GCM_MODE) {	493	if (EVP_CIPHER_mode(c) == EVP_CIPH_GCM_MODE) {
534	EVP_CipherInit_ex(dd, c, NULL, key, NULL, (which & SSL3_CC_WRITE));	494	EVP_CipherInit_ex(dd, c, NULL, key, NULL, (which & SSL3_CC_WRITE));
@@ -572,9 +532,6 @@ tls1_setup_key_block(SSL *s)
572	int mac_type = NID_undef, mac_secret_size = 0;	532	int mac_type = NID_undef, mac_secret_size = 0;
573	int ret = 0;	533	int ret = 0;
574		534
575	#ifdef KSSL_DEBUG
576	printf ("tls1_setup_key_block()\n");
577	#endif /* KSSL_DEBUG */
578		535
579	if (s->s3->tmp.key_block_length != 0)	536	if (s->s3->tmp.key_block_length != 0)
580	return (1);	537	return (1);
@@ -709,9 +666,6 @@ tls1_enc(SSL *s, int send)
709	enc = EVP_CIPHER_CTX_cipher(s->enc_read_ctx);	666	enc = EVP_CIPHER_CTX_cipher(s->enc_read_ctx);
710	}	667	}
711		668
712	#ifdef KSSL_DEBUG
713	printf("tls1_enc(%d)\n", send);
714	#endif /* KSSL_DEBUG */
715		669
716	if ((s->session == NULL) \|\| (ds == NULL) \|\| (enc == NULL)) {	670	if ((s->session == NULL) \|\| (ds == NULL) \|\| (enc == NULL)) {
717	memmove(rec->data, rec->input, rec->length);	671	memmove(rec->data, rec->input, rec->length);
@@ -768,23 +722,6 @@ tls1_enc(SSL *s, int send)
768	rec->length += i;	722	rec->length += i;
769	}	723	}
770		724
771	#ifdef KSSL_DEBUG
772	{
773	unsigned long ui;
774	printf("EVP_Cipher(ds=%p, rec->data=%p, rec->input=%p, l=%ld) ==>\n",
775	ds, rec->data, rec->input, l);
776	printf("\tEVP_CIPHER_CTX: %d buf_len, %d key_len [%d %d], %d iv_len\n",
777	ds->buf_len, ds->cipher->key_len,
778	DES_KEY_SZ, DES_SCHEDULE_SZ,
779	ds->cipher->iv_len);
780	printf("\t\tIV: ");
781	for (i = 0; i<ds->cipher->iv_len; i++) printf("%02X", ds->iv[i]);
782	printf("\n");
783	printf("\trec->input=");
784	for (ui = 0; ui<l; ui++) printf(" %02x", rec->input[ui]);
785	printf("\n");
786	}
787	#endif /* KSSL_DEBUG */
788		725
789	if (!send) {	726	if (!send) {
790	if (l == 0 \|\| l % bs != 0)	727	if (l == 0 \|\| l % bs != 0)
@@ -801,14 +738,6 @@ tls1_enc(SSL *s, int send)
801	rec->length -= EVP_GCM_TLS_EXPLICIT_IV_LEN;	738	rec->length -= EVP_GCM_TLS_EXPLICIT_IV_LEN;
802	}	739	}
803		740
804	#ifdef KSSL_DEBUG
805	{
806	unsigned long i;
807	printf("\trec->data=");
808	for (i = 0; i < l; i++)
809	printf(" %02x", rec->data[i]); printf("\n");
810	}
811	#endif /* KSSL_DEBUG */
812		741
813	ret = 1;	742	ret = 1;
814	if (EVP_MD_CTX_md(s->read_hash) != NULL)	743	if (EVP_MD_CTX_md(s->read_hash) != NULL)
@@ -1017,9 +946,6 @@ tls1_generate_master_secret(SSL s, unsigned char out, unsigned char *p,
1017	int col = 0, sol = 0;	946	int col = 0, sol = 0;
1018		947
1019		948
1020	#ifdef KSSL_DEBUG
1021	printf ("tls1_generate_master_secret(%p,%p, %p, %d)\n", s, out, p, len);
1022	#endif /* KSSL_DEBUG */
1023		949
1024	#ifdef TLSEXT_TYPE_opaque_prf_input	950	#ifdef TLSEXT_TYPE_opaque_prf_input
1025	if (s->s3->client_opaque_prf_input != NULL && s->s3->server_opaque_prf_input != NULL &&	951	if (s->s3->client_opaque_prf_input != NULL && s->s3->server_opaque_prf_input != NULL &&
@@ -1051,9 +977,6 @@ tls1_generate_master_secret(SSL s, unsigned char out, unsigned char *p,
1051	BIO_dump_fp(stderr, (char *)s->session->master_key, SSL3_MASTER_SECRET_SIZE);	977	BIO_dump_fp(stderr, (char *)s->session->master_key, SSL3_MASTER_SECRET_SIZE);
1052	#endif	978	#endif
1053		979
1054	#ifdef KSSL_DEBUG
1055	printf ("tls1_generate_master_secret() complete\n");
1056	#endif /* KSSL_DEBUG */
1057	return (SSL3_MASTER_SECRET_SIZE);	980	return (SSL3_MASTER_SECRET_SIZE);
1058	}	981	}
1059		982
@@ -1067,9 +990,6 @@ tls1_export_keying_material(SSL s, unsigned char out, size_t olen,
1067	size_t vallen, currentvalpos;	990	size_t vallen, currentvalpos;
1068	int rv;	991	int rv;
1069		992
1070	#ifdef KSSL_DEBUG
1071	printf ("tls1_export_keying_material(%p,%p,%d,%s,%d,%p,%d)\n", s, out, olen, label, llen, p, plen);
1072	#endif /* KSSL_DEBUG */
1073		993
1074	buff = malloc(olen);	994	buff = malloc(olen);
1075	if (buff == NULL)	995	if (buff == NULL)
@@ -1129,9 +1049,6 @@ tls1_export_keying_material(SSL s, unsigned char out, size_t olen,
1129	s->session->master_key, s->session->master_key_length,	1049	s->session->master_key, s->session->master_key_length,
1130	out, buff, olen);	1050	out, buff, olen);
1131		1051
1132	#ifdef KSSL_DEBUG
1133	printf ("tls1_export_keying_material() complete\n");
1134	#endif /* KSSL_DEBUG */
1135	goto ret;	1052	goto ret;
1136	err1:	1053	err1:
1137	SSLerr(SSL_F_TLS1_EXPORT_KEYING_MATERIAL, SSL_R_TLS_ILLEGAL_EXPORTER_LABEL);	1054	SSLerr(SSL_F_TLS1_EXPORT_KEYING_MATERIAL, SSL_R_TLS_ILLEGAL_EXPORTER_LABEL);