Rename the TLS Supported Elliptic Curves extension to Supported Groups.

RFC 7919 renamed the Supported Elliptic Curves TLS extension to Supported Groups and redefined it to include finite field DH (FFDH) in addition to elliptic curve DH (ECDH). As such, rename the TLS extension and change the associated code to refer to groups rather than curves. ok beck@ tb@
author: jsing <> 2018-11-05 20:41:30 +0000
committer: jsing <> 2018-11-05 20:41:30 +0000
commit: cc6841304de92627d97efb8864bf697cea3c3c11 (patch)
tree: 0dcb778a3611a7834d75d19cbaf3ab20c8778177 /src/lib/libssl/t1_lib.c
parent: 10fbcf441c789825e293dcdf108f5d3a6066e929 (diff)
download: openbsd-cc6841304de92627d97efb8864bf697cea3c3c11.tar.gz
openbsd-cc6841304de92627d97efb8864bf697cea3c3c11.tar.bz2
openbsd-cc6841304de92627d97efb8864bf697cea3c3c11.zip
1 files changed, 29 insertions, 29 deletions
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c
index b06004e88a..758f7b1e11 100644
--- a/src/lib/libssl/t1_lib.c
+++ b/src/lib/libssl/t1_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_lib.c,v 1.146 2018/11/05 06:55:37 jsing Exp $ */
+/* $OpenBSD: t1_lib.c,v 1.147 2018/11/05 20:41:30 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -361,25 +361,25 @@ tls1_get_formatlist(SSL *s, int client_formats, const uint8_t **pformats,
 }
 /*
- * Return the appropriate curve list. If client_curves is non-zero, return
+ * Return the appropriate group list. If client_groups is non-zero, return
- * the client/session curves. Otherwise return the custom curve list if one
+ * the client/session groups. Otherwise return the custom group list if one
- * exists, or the default curves if a custom list has not been specified.
+ * exists, or the default groups if a custom list has not been specified.
 */
 void
-tls1_get_curvelist(SSL *s, int client_curves, const uint16_t **pcurves,
+tls1_get_group_list(SSL *s, int client_groups, const uint16_t **pgroups,
-    size_t *pcurveslen)
+    size_t *pgroupslen)
 {
-        if (client_curves != 0) {
+        if (client_groups != 0) {
-                *pcurves = SSI(s)->tlsext_supportedgroups;
+                *pgroups = SSI(s)->tlsext_supportedgroups;
-                *pcurveslen = SSI(s)->tlsext_supportedgroups_length;
+                *pgroupslen = SSI(s)->tlsext_supportedgroups_length;
                return;
        }
-        *pcurves = s->internal->tlsext_supportedgroups;
+        *pgroups = s->internal->tlsext_supportedgroups;
-        *pcurveslen = s->internal->tlsext_supportedgroups_length;
+        *pgroupslen = s->internal->tlsext_supportedgroups_length;
-        if (*pcurves == NULL) {
+        if (*pgroups == NULL) {
-                *pcurves = eccurves_default;
+                *pgroups = eccurves_default;
-                *pcurveslen = sizeof(eccurves_default) / 2;
+                *pgroupslen = sizeof(eccurves_default) / 2;
        }
 }
@@ -410,7 +410,7 @@ tls1_set_groups(uint16_t **out_group_ids, size_t *out_group_ids_len,
 }
 int
-tls1_set_groups_list(uint16_t **out_group_ids, size_t *out_group_ids_len,
+tls1_set_group_list(uint16_t **out_group_ids, size_t *out_group_ids_len,
    const char *groups)
 {
        uint16_t *new_group_ids, *group_ids = NULL;
@@ -461,13 +461,13 @@ tls1_set_groups_list(uint16_t **out_group_ids, size_t *out_group_ids_len,
 int
 tls1_check_curve(SSL *s, const uint16_t curve_id)
 {
-        const uint16_t *curves;
+        const uint16_t *groups;
-        size_t curveslen, i;
+        size_t groupslen, i;
-        tls1_get_curvelist(s, 0, &curves, &curveslen);
+        tls1_get_group_list(s, 0, &groups, &groupslen);
-        for (i = 0; i < curveslen; i++) {
+        for (i = 0; i < groupslen; i++) {
-                if (curves[i] == curve_id)
+                if (groups[i] == curve_id)
                        return (1);
        }
        return (0);
@@ -486,8 +486,8 @@ tls1_get_shared_curve(SSL *s)
        /* Return first preference shared curve. */
        server_pref = (s->internal->options & SSL_OP_CIPHER_SERVER_PREFERENCE);
-        tls1_get_curvelist(s, (server_pref == 0), &pref, &preflen);
+        tls1_get_group_list(s, (server_pref == 0), &pref, &preflen);
-        tls1_get_curvelist(s, (server_pref != 0), &supp, &supplen);
+        tls1_get_group_list(s, (server_pref != 0), &supp, &supplen);
        for (i = 0; i < preflen; i++) {
                for (j = 0; j < supplen; j++) {
@@ -548,8 +548,8 @@ tls1_set_ec_id(uint16_t *curve_id, uint8_t *comp_id, EC_KEY *ec)
 static int
 tls1_check_ec_key(SSL *s, const uint16_t *curve_id, const uint8_t *comp_id)
 {
-        size_t curveslen, formatslen, i;
+        size_t groupslen, formatslen, i;
-        const uint16_t *curves;
+        const uint16_t *groups;
        const uint8_t *formats;
        /*
@@ -569,13 +569,13 @@ tls1_check_ec_key(SSL *s, const uint16_t *curve_id, const uint8_t *comp_id)
        /*
         * Check curve list if present, otherwise everything is supported.
         */
-        tls1_get_curvelist(s, 1, &curves, &curveslen);
+        tls1_get_group_list(s, 1, &groups, &groupslen);
-        if (curve_id != NULL && curves != NULL) {
+        if (curve_id != NULL && groups != NULL) {
-                for (i = 0; i < curveslen; i++) {
+                for (i = 0; i < groupslen; i++) {
-                        if (curves[i] == *curve_id)
+                        if (groups[i] == *curve_id)
                                break;
                }
-                if (i == curveslen)
+                if (i == groupslen)
                        return (0);
        }
author	jsing <>	2018-11-05 20:41:30 +0000
committer	jsing <>	2018-11-05 20:41:30 +0000
commit	cc6841304de92627d97efb8864bf697cea3c3c11 (patch)
tree	0dcb778a3611a7834d75d19cbaf3ab20c8778177 /src/lib/libssl/t1_lib.c
parent	10fbcf441c789825e293dcdf108f5d3a6066e929 (diff)
download	openbsd-cc6841304de92627d97efb8864bf697cea3c3c11.tar.gz openbsd-cc6841304de92627d97efb8864bf697cea3c3c11.tar.bz2 openbsd-cc6841304de92627d97efb8864bf697cea3c3c11.zip

diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c index b06004e88a..758f7b1e11 100644 --- a/src/lib/libssl/t1_lib.c +++ b/src/lib/libssl/t1_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: t1_lib.c,v 1.146 2018/11/05 06:55:37 jsing Exp $ */	1	/* $OpenBSD: t1_lib.c,v 1.147 2018/11/05 20:41:30 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -361,25 +361,25 @@ tls1_get_formatlist(SSL s, int client_formats, const uint8_t *pformats,
361	}	361	}
362		362
363	/*	363	/*
364	* Return the appropriate curve list. If client_curves is non-zero, return	364	* Return the appropriate group list. If client_groups is non-zero, return
365	* the client/session curves. Otherwise return the custom curve list if one	365	* the client/session groups. Otherwise return the custom group list if one
366	* exists, or the default curves if a custom list has not been specified.	366	* exists, or the default groups if a custom list has not been specified.
367	*/	367	*/
368	void	368	void
369	tls1_get_curvelist(SSL s, int client_curves, const uint16_t *pcurves,	369	tls1_get_group_list(SSL s, int client_groups, const uint16_t *pgroups,
370	size_t *pcurveslen)	370	size_t *pgroupslen)
371	{	371	{
372	if (client_curves != 0) {	372	if (client_groups != 0) {
373	*pcurves = SSI(s)->tlsext_supportedgroups;	373	*pgroups = SSI(s)->tlsext_supportedgroups;
374	*pcurveslen = SSI(s)->tlsext_supportedgroups_length;	374	*pgroupslen = SSI(s)->tlsext_supportedgroups_length;
375	return;	375	return;
376	}	376	}
377		377
378	*pcurves = s->internal->tlsext_supportedgroups;	378	*pgroups = s->internal->tlsext_supportedgroups;
379	*pcurveslen = s->internal->tlsext_supportedgroups_length;	379	*pgroupslen = s->internal->tlsext_supportedgroups_length;
380	if (*pcurves == NULL) {	380	if (*pgroups == NULL) {
381	*pcurves = eccurves_default;	381	*pgroups = eccurves_default;
382	*pcurveslen = sizeof(eccurves_default) / 2;	382	*pgroupslen = sizeof(eccurves_default) / 2;
383	}	383	}
384	}	384	}
385		385
@@ -410,7 +410,7 @@ tls1_set_groups(uint16_t *out_group_ids, size_t out_group_ids_len,
410	}	410	}
411		411
412	int	412	int
413	tls1_set_groups_list(uint16_t *out_group_ids, size_t out_group_ids_len,	413	tls1_set_group_list(uint16_t *out_group_ids, size_t out_group_ids_len,
414	const char *groups)	414	const char *groups)
415	{	415	{
416	uint16_t new_group_ids, group_ids = NULL;	416	uint16_t new_group_ids, group_ids = NULL;
@@ -461,13 +461,13 @@ tls1_set_groups_list(uint16_t *out_group_ids, size_t out_group_ids_len,
461	int	461	int
462	tls1_check_curve(SSL *s, const uint16_t curve_id)	462	tls1_check_curve(SSL *s, const uint16_t curve_id)
463	{	463	{
464	const uint16_t *curves;	464	const uint16_t *groups;
465	size_t curveslen, i;	465	size_t groupslen, i;
466		466
467	tls1_get_curvelist(s, 0, &curves, &curveslen);	467	tls1_get_group_list(s, 0, &groups, &groupslen);
468		468
469	for (i = 0; i < curveslen; i++) {	469	for (i = 0; i < groupslen; i++) {
470	if (curves[i] == curve_id)	470	if (groups[i] == curve_id)
471	return (1);	471	return (1);
472	}	472	}
473	return (0);	473	return (0);
@@ -486,8 +486,8 @@ tls1_get_shared_curve(SSL *s)
486		486
487	/* Return first preference shared curve. */	487	/* Return first preference shared curve. */
488	server_pref = (s->internal->options & SSL_OP_CIPHER_SERVER_PREFERENCE);	488	server_pref = (s->internal->options & SSL_OP_CIPHER_SERVER_PREFERENCE);
489	tls1_get_curvelist(s, (server_pref == 0), &pref, &preflen);	489	tls1_get_group_list(s, (server_pref == 0), &pref, &preflen);
490	tls1_get_curvelist(s, (server_pref != 0), &supp, &supplen);	490	tls1_get_group_list(s, (server_pref != 0), &supp, &supplen);
491		491
492	for (i = 0; i < preflen; i++) {	492	for (i = 0; i < preflen; i++) {
493	for (j = 0; j < supplen; j++) {	493	for (j = 0; j < supplen; j++) {
@@ -548,8 +548,8 @@ tls1_set_ec_id(uint16_t curve_id, uint8_t comp_id, EC_KEY *ec)
548	static int	548	static int
549	tls1_check_ec_key(SSL s, const uint16_t curve_id, const uint8_t *comp_id)	549	tls1_check_ec_key(SSL s, const uint16_t curve_id, const uint8_t *comp_id)
550	{	550	{
551	size_t curveslen, formatslen, i;	551	size_t groupslen, formatslen, i;
552	const uint16_t *curves;	552	const uint16_t *groups;
553	const uint8_t *formats;	553	const uint8_t *formats;
554		554
555	/*	555	/*
@@ -569,13 +569,13 @@ tls1_check_ec_key(SSL s, const uint16_t curve_id, const uint8_t *comp_id)
569	/*	569	/*
570	* Check curve list if present, otherwise everything is supported.	570	* Check curve list if present, otherwise everything is supported.
571	*/	571	*/
572	tls1_get_curvelist(s, 1, &curves, &curveslen);	572	tls1_get_group_list(s, 1, &groups, &groupslen);
573	if (curve_id != NULL && curves != NULL) {	573	if (curve_id != NULL && groups != NULL) {
574	for (i = 0; i < curveslen; i++) {	574	for (i = 0; i < groupslen; i++) {
575	if (curves[i] == *curve_id)	575	if (groups[i] == *curve_id)
576	break;	576	break;
577	}	577	}
578	if (i == curveslen)	578	if (i == groupslen)
579	return (0);	579	return (0);
580	}	580	}
581		581