Rename functions that moved to t1_enc.c, with a tls1_ prefix instead of a

ssl3_ prefix. ok beck@
author: jsing <> 2015-09-11 18:08:21 +0000
committer: jsing <> 2015-09-11 18:08:21 +0000
commit: c42e261f37ac3f2934dd92296a095be3cbe461c1 (patch)
tree: 378accab3864084b0135769f8d9117e86df41845 /src/lib
parent: 63eec788b454a03bda0826cf41f02edb6771089c (diff)
download: openbsd-c42e261f37ac3f2934dd92296a095be3cbe461c1.tar.gz
openbsd-c42e261f37ac3f2934dd92296a095be3cbe461c1.tar.bz2
openbsd-c42e261f37ac3f2934dd92296a095be3cbe461c1.zip
24 files changed, 130 insertions, 130 deletions
diff --git a/src/lib/libssl/d1_both.c b/src/lib/libssl/d1_both.c
index dd67028a38..448bd76fd0 100644
--- a/src/lib/libssl/d1_both.c
+++ b/src/lib/libssl/d1_both.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_both.c,v 1.37 2015/09/11 16:28:37 jsing Exp $ */
+/* $OpenBSD: d1_both.c,v 1.38 2015/09/11 18:08:21 jsing Exp $ */
 /*
 * DTLS implementation written by Nagendra Modadugu
 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -363,7 +363,7 @@ dtls1_do_write(SSL *s, int type)
                                        xlen = ret - DTLS1_HM_HEADER_LENGTH;
                                }
-                                ssl3_finish_mac(s, p, xlen);
+                                tls1_finish_mac(s, p, xlen);
                        }
                        if (ret == s->init_num) {
@@ -444,7 +444,7 @@ again:
        p -= DTLS1_HM_HEADER_LENGTH;
        msg_len += DTLS1_HM_HEADER_LENGTH;
-        ssl3_finish_mac(s, p, msg_len);
+        tls1_finish_mac(s, p, msg_len);
        if (s->msg_callback)
                s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, p, msg_len,
                    s, s->msg_callback_arg);
diff --git a/src/lib/libssl/d1_clnt.c b/src/lib/libssl/d1_clnt.c
index f5745b1e7d..f45ef939ed 100644
--- a/src/lib/libssl/d1_clnt.c
+++ b/src/lib/libssl/d1_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_clnt.c,v 1.51 2015/09/11 16:28:37 jsing Exp $ */
+/* $OpenBSD: d1_clnt.c,v 1.52 2015/09/11 18:08:21 jsing Exp $ */
 /*
 * DTLS implementation written by Nagendra Modadugu
 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -256,7 +256,7 @@ dtls1_connect(SSL *s)
                        s->shutdown = 0;
                        /* every DTLS ClientHello resets Finished MAC */
-                        if (!ssl3_init_finished_mac(s)) {
+                        if (!tls1_init_finished_mac(s)) {
                                ret = -1;
                                goto end;
                        }
@@ -541,7 +541,7 @@ dtls1_connect(SSL *s)
                case SSL_ST_OK:
                        /* clean a few things up */
-                        ssl3_cleanup_key_block(s);
+                        tls1_cleanup_key_block(s);
                        /* If we are not 'joining' the last two packets,
                         * remove the buffering now */
diff --git a/src/lib/libssl/d1_pkt.c b/src/lib/libssl/d1_pkt.c
index ca716a2222..5326a2c3d0 100644
--- a/src/lib/libssl/d1_pkt.c
+++ b/src/lib/libssl/d1_pkt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_pkt.c,v 1.47 2015/09/10 17:57:50 jsing Exp $ */
+/* $OpenBSD: d1_pkt.c,v 1.48 2015/09/11 18:08:21 jsing Exp $ */
 /*
 * DTLS implementation written by Nagendra Modadugu
 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -1319,7 +1319,7 @@ do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len)
        wr->type=type; /* not needed but helps for debugging */
        wr->length += DTLS1_RT_HEADER_LENGTH;
-        ssl3_record_sequence_increment(s->s3->write_sequence);
+        tls1_record_sequence_increment(s->s3->write_sequence);
        /* now let's set up wb */
        wb->left = prefix_len + wr->length;
diff --git a/src/lib/libssl/d1_srvr.c b/src/lib/libssl/d1_srvr.c
index 66f79c3953..c0489adfa4 100644
--- a/src/lib/libssl/d1_srvr.c
+++ b/src/lib/libssl/d1_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_srvr.c,v 1.57 2015/09/11 16:28:37 jsing Exp $ */
+/* $OpenBSD: d1_srvr.c,v 1.58 2015/09/11 18:08:21 jsing Exp $ */
 /*
 * DTLS implementation written by Nagendra Modadugu
 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -249,7 +249,7 @@ dtls1_accept(SSL *s)
                                        goto end;
                                }
-                                if (!ssl3_init_finished_mac(s)) {
+                                if (!tls1_init_finished_mac(s)) {
                                        ret = -1;
                                        goto end;
                                }
@@ -278,7 +278,7 @@ dtls1_accept(SSL *s)
                        s->state = SSL3_ST_SW_FLUSH;
                        s->init_num = 0;
-                        if (!ssl3_init_finished_mac(s)) {
+                        if (!tls1_init_finished_mac(s)) {
                                ret = -1;
                                goto end;
                        }
@@ -335,7 +335,7 @@ dtls1_accept(SSL *s)
                        s->s3->tmp.next_state = SSL3_ST_SR_CLNT_HELLO_A;
                        /* HelloVerifyRequest resets Finished MAC */
-                        if (!ssl3_init_finished_mac(s)) {
+                        if (!tls1_init_finished_mac(s)) {
                                ret = -1;
                                goto end;
                        }
@@ -602,7 +602,7 @@ dtls1_accept(SSL *s)
                case SSL_ST_OK:
                        /* clean a few things up */
-                        ssl3_cleanup_key_block(s);
+                        tls1_cleanup_key_block(s);
                        /* remove buffering on output */
                        ssl_free_wbio_buffer(s);
diff --git a/src/lib/libssl/s23_clnt.c b/src/lib/libssl/s23_clnt.c
index 1078bc0155..c6920e2b34 100644
--- a/src/lib/libssl/s23_clnt.c
+++ b/src/lib/libssl/s23_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s23_clnt.c,v 1.45 2015/09/11 14:39:05 jsing Exp $ */
+/* $OpenBSD: s23_clnt.c,v 1.46 2015/09/11 18:08:21 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -168,7 +168,7 @@ ssl23_connect(SSL *s)
                                ret = -1;
                                goto end;
                        }
-                        if (!ssl3_init_finished_mac(s)) {
+                        if (!tls1_init_finished_mac(s)) {
                                ret = -1;
                                goto end;
                        }
@@ -348,7 +348,7 @@ ssl23_client_hello(SSL *s)
                s->init_num = p - buf;
                s->init_off = 0;
-                ssl3_finish_mac(s, &(buf[SSL3_RT_HEADER_LENGTH]),
+                tls1_finish_mac(s, &(buf[SSL3_RT_HEADER_LENGTH]),
                    s->init_num - SSL3_RT_HEADER_LENGTH);
                s->state = SSL23_ST_CW_CLNT_HELLO_B;
diff --git a/src/lib/libssl/s23_srvr.c b/src/lib/libssl/s23_srvr.c
index d0699a55d7..08b416cab8 100644
--- a/src/lib/libssl/s23_srvr.c
+++ b/src/lib/libssl/s23_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s23_srvr.c,v 1.44 2015/09/11 14:47:56 jsing Exp $ */
+/* $OpenBSD: s23_srvr.c,v 1.45 2015/09/11 18:08:21 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -158,7 +158,7 @@ ssl23_accept(SSL *s)
                                ret = -1;
                                goto end;
                        }
-                        if (!ssl3_init_finished_mac(s)) {
+                        if (!tls1_init_finished_mac(s)) {
                                ret = -1;
                                goto end;
                        }
@@ -383,7 +383,7 @@ ssl23_get_client_hello(SSL *s)
                if (j != n + 2)
                        return -1;
-                ssl3_finish_mac(s, s->packet + 2, s->packet_length - 2);
+                tls1_finish_mac(s, s->packet + 2, s->packet_length - 2);
                if (s->msg_callback)
                        s->msg_callback(0, SSL2_VERSION, 0, s->packet + 2,
                            s->packet_length - 2, s, s->msg_callback_arg);
diff --git a/src/lib/libssl/s3_both.c b/src/lib/libssl/s3_both.c
index cd8afd1946..49b1e50659 100644
--- a/src/lib/libssl/s3_both.c
+++ b/src/lib/libssl/s3_both.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_both.c,v 1.46 2015/09/11 16:41:05 jsing Exp $ */
+/* $OpenBSD: s3_both.c,v 1.47 2015/09/11 18:08:21 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -146,7 +146,7 @@ ssl3_do_write(SSL *s, int type)
                 * Should not be done for 'Hello Request's, but in that case
                 * we'll ignore the result anyway.
                 */
-                ssl3_finish_mac(s,
+                tls1_finish_mac(s,
                    (unsigned char *)&s->init_buf->data[s->init_off], ret);
        if (ret == s->init_num) {
@@ -524,7 +524,7 @@ ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
                ssl3_take_mac(s);
        /* Feed this message into MAC computation. */
-        ssl3_finish_mac(s, (unsigned char *)s->init_buf->data, s->init_num + 4);
+        tls1_finish_mac(s, (unsigned char *)s->init_buf->data, s->init_num + 4);
        if (s->msg_callback)
                s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE,
                    s->init_buf->data, (size_t)s->init_num + 4, s,
diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c
index e4ce8163ac..eed359450f 100644
--- a/src/lib/libssl/s3_clnt.c
+++ b/src/lib/libssl/s3_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_clnt.c,v 1.126 2015/09/10 15:56:26 jsing Exp $ */
+/* $OpenBSD: s3_clnt.c,v 1.127 2015/09/11 18:08:21 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -234,7 +234,7 @@ ssl3_connect(SSL *s)
                        /* don't push the buffering BIO quite yet */
-                        if (!ssl3_init_finished_mac(s)) {
+                        if (!tls1_init_finished_mac(s)) {
                                ret = -1;
                                goto end;
                        }
@@ -517,7 +517,7 @@ ssl3_connect(SSL *s)
                case SSL_ST_OK:
                        /* clean a few things up */
-                        ssl3_cleanup_key_block(s);
+                        tls1_cleanup_key_block(s);
                        if (s->init_buf != NULL) {
                                BUF_MEM_free(s->init_buf);
@@ -885,7 +885,7 @@ ssl3_get_server_hello(SSL *s)
         */
        alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
        if (!(SSL_USE_SIGALGS(s) || (alg_k & SSL_kGOST)) &&
-            !ssl3_digest_cached_records(s)) {
+            !tls1_digest_cached_records(s)) {
                al = SSL_AD_INTERNAL_ERROR;
                goto f_err;
        }
@@ -1524,7 +1524,7 @@ ssl3_get_certificate_request(SSL *s)
                 * as we wont be doing client auth.
                 */
                if (s->s3->handshake_buffer) {
-                        if (!ssl3_digest_cached_records(s))
+                        if (!tls1_digest_cached_records(s))
                                goto err;
                }
                return (1);
@@ -2309,7 +2309,7 @@ ssl3_send_client_verify(SSL *s)
                        }
                        s2n(u, p);
                        n = u + 4;
-                        if (!ssl3_digest_cached_records(s))
+                        if (!tls1_digest_cached_records(s))
                                goto err;
                } else if (pkey->type == EVP_PKEY_RSA) {
                        s->method->ssl3_enc->cert_verify_mac(
@@ -2381,7 +2381,7 @@ ssl3_send_client_verify(SSL *s)
                                    ERR_R_EVP_LIB);
                                goto err;
                        }
-                        if (!ssl3_digest_cached_records(s))
+                        if (!tls1_digest_cached_records(s))
                                goto err;
                        j = sigsize;
                        s2n(j, p);
diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c
index 984e343c95..1a619e3d30 100644
--- a/src/lib/libssl/s3_lib.c
+++ b/src/lib/libssl/s3_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_lib.c,v 1.103 2015/09/11 17:32:23 jsing Exp $ */
+/* $OpenBSD: s3_lib.c,v 1.104 2015/09/11 18:08:21 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -2023,7 +2023,7 @@ ssl3_free(SSL *s)
        if (s == NULL)
                return;
-        ssl3_cleanup_key_block(s);
+        tls1_cleanup_key_block(s);
        ssl3_release_read_buffer(s);
        ssl3_release_write_buffer(s);
@@ -2033,7 +2033,7 @@ ssl3_free(SSL *s)
        if (s->s3->tmp.ca_names != NULL)
                sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
        BIO_free(s->s3->handshake_buffer);
-        ssl3_free_digest_list(s);
+        tls1_free_digest_list(s);
        free(s->s3->alpn_selected);
        explicit_bzero(s->s3, sizeof *s->s3);
@@ -2047,7 +2047,7 @@ ssl3_clear(SSL *s)
        unsigned char   *rp, *wp;
        size_t           rlen, wlen;
-        ssl3_cleanup_key_block(s);
+        tls1_cleanup_key_block(s);
        if (s->s3->tmp.ca_names != NULL)
                sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
@@ -2064,7 +2064,7 @@ ssl3_clear(SSL *s)
        BIO_free(s->s3->handshake_buffer);
        s->s3->handshake_buffer = NULL;
-        ssl3_free_digest_list(s);
+        tls1_free_digest_list(s);
        free(s->s3->alpn_selected);
        s->s3->alpn_selected = NULL;
diff --git a/src/lib/libssl/s3_srvr.c b/src/lib/libssl/s3_srvr.c
index 4bbc160d58..da7f6d71cd 100644
--- a/src/lib/libssl/s3_srvr.c
+++ b/src/lib/libssl/s3_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_srvr.c,v 1.117 2015/09/10 17:57:50 jsing Exp $ */
+/* $OpenBSD: s3_srvr.c,v 1.118 2015/09/11 18:08:21 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -239,7 +239,7 @@ ssl3_accept(SSL *s)
                                        goto end;
                                }
-                                if (!ssl3_init_finished_mac(s)) {
+                                if (!tls1_init_finished_mac(s)) {
                                        ret = -1;
                                        goto end;
                                }
@@ -279,7 +279,7 @@ ssl3_accept(SSL *s)
                        s->state = SSL3_ST_SW_FLUSH;
                        s->init_num = 0;
-                        if (!ssl3_init_finished_mac(s)) {
+                        if (!tls1_init_finished_mac(s)) {
                                ret = -1;
                                goto end;
                        }
@@ -393,7 +393,7 @@ ssl3_accept(SSL *s)
                                s->s3->tmp.cert_request = 0;
                                s->state = SSL3_ST_SW_SRVR_DONE_A;
                                if (s->s3->handshake_buffer)
-                                        if (!ssl3_digest_cached_records(s))
+                                        if (!tls1_digest_cached_records(s))
                                                return (-1);
                        } else {
                                s->s3->tmp.cert_request = 1;
@@ -485,7 +485,7 @@ ssl3_accept(SSL *s)
                                        return (-1);
                                }
                                s->s3->flags |= TLS1_FLAGS_KEEP_HANDSHAKE;
-                                if (!ssl3_digest_cached_records(s))
+                                if (!tls1_digest_cached_records(s))
                                        return (-1);
                        } else {
                                int offset = 0;
@@ -502,7 +502,7 @@ ssl3_accept(SSL *s)
                                 * But it is next step
                                 */
                                if (s->s3->handshake_buffer)
-                                        if (!ssl3_digest_cached_records(s))
+                                        if (!tls1_digest_cached_records(s))
                                                return (-1);
                                for (dgst_num = 0; dgst_num < SSL_MAX_DIGEST;
                                    dgst_num++)
@@ -633,7 +633,7 @@ ssl3_accept(SSL *s)
                case SSL_ST_OK:
                        /* clean a few things up */
-                        ssl3_cleanup_key_block(s);
+                        tls1_cleanup_key_block(s);
                        BUF_MEM_free(s->init_buf);
                        s->init_buf = NULL;
@@ -1035,7 +1035,7 @@ ssl3_get_client_hello(SSL *s)
        alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
        if (!(SSL_USE_SIGALGS(s) || (alg_k & SSL_kGOST)) ||
            !(s->verify_mode & SSL_VERIFY_PEER)) {
-                if (!ssl3_digest_cached_records(s)) {
+                if (!tls1_digest_cached_records(s)) {
                        al = SSL_AD_INTERNAL_ERROR;
                        goto f_err;
                }
@@ -2384,7 +2384,7 @@ ssl3_get_client_certificate(SSL *s)
                        goto f_err;
                }
                /* No client certificate so digest cached records */
-                if (s->s3->handshake_buffer && !ssl3_digest_cached_records(s)) {
+                if (s->s3->handshake_buffer && !tls1_digest_cached_records(s)) {
                        al = SSL_AD_INTERNAL_ERROR;
                        goto f_err;
                }
diff --git a/src/lib/libssl/src/ssl/d1_both.c b/src/lib/libssl/src/ssl/d1_both.c
index dd67028a38..448bd76fd0 100644
--- a/src/lib/libssl/src/ssl/d1_both.c
+++ b/src/lib/libssl/src/ssl/d1_both.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_both.c,v 1.37 2015/09/11 16:28:37 jsing Exp $ */
+/* $OpenBSD: d1_both.c,v 1.38 2015/09/11 18:08:21 jsing Exp $ */
 /*
 * DTLS implementation written by Nagendra Modadugu
 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -363,7 +363,7 @@ dtls1_do_write(SSL *s, int type)
                                        xlen = ret - DTLS1_HM_HEADER_LENGTH;
                                }
-                                ssl3_finish_mac(s, p, xlen);
+                                tls1_finish_mac(s, p, xlen);
                        }
                        if (ret == s->init_num) {
@@ -444,7 +444,7 @@ again:
        p -= DTLS1_HM_HEADER_LENGTH;
        msg_len += DTLS1_HM_HEADER_LENGTH;
-        ssl3_finish_mac(s, p, msg_len);
+        tls1_finish_mac(s, p, msg_len);
        if (s->msg_callback)
                s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, p, msg_len,
                    s, s->msg_callback_arg);
diff --git a/src/lib/libssl/src/ssl/d1_clnt.c b/src/lib/libssl/src/ssl/d1_clnt.c
index f5745b1e7d..f45ef939ed 100644
--- a/src/lib/libssl/src/ssl/d1_clnt.c
+++ b/src/lib/libssl/src/ssl/d1_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_clnt.c,v 1.51 2015/09/11 16:28:37 jsing Exp $ */
+/* $OpenBSD: d1_clnt.c,v 1.52 2015/09/11 18:08:21 jsing Exp $ */
 /*
 * DTLS implementation written by Nagendra Modadugu
 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -256,7 +256,7 @@ dtls1_connect(SSL *s)
                        s->shutdown = 0;
                        /* every DTLS ClientHello resets Finished MAC */
-                        if (!ssl3_init_finished_mac(s)) {
+                        if (!tls1_init_finished_mac(s)) {
                                ret = -1;
                                goto end;
                        }
@@ -541,7 +541,7 @@ dtls1_connect(SSL *s)
                case SSL_ST_OK:
                        /* clean a few things up */
-                        ssl3_cleanup_key_block(s);
+                        tls1_cleanup_key_block(s);
                        /* If we are not 'joining' the last two packets,
                         * remove the buffering now */
diff --git a/src/lib/libssl/src/ssl/d1_pkt.c b/src/lib/libssl/src/ssl/d1_pkt.c
index ca716a2222..5326a2c3d0 100644
--- a/src/lib/libssl/src/ssl/d1_pkt.c
+++ b/src/lib/libssl/src/ssl/d1_pkt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_pkt.c,v 1.47 2015/09/10 17:57:50 jsing Exp $ */
+/* $OpenBSD: d1_pkt.c,v 1.48 2015/09/11 18:08:21 jsing Exp $ */
 /*
 * DTLS implementation written by Nagendra Modadugu
 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -1319,7 +1319,7 @@ do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len)
        wr->type=type; /* not needed but helps for debugging */
        wr->length += DTLS1_RT_HEADER_LENGTH;
-        ssl3_record_sequence_increment(s->s3->write_sequence);
+        tls1_record_sequence_increment(s->s3->write_sequence);
        /* now let's set up wb */
        wb->left = prefix_len + wr->length;
diff --git a/src/lib/libssl/src/ssl/d1_srvr.c b/src/lib/libssl/src/ssl/d1_srvr.c
index 66f79c3953..c0489adfa4 100644
--- a/src/lib/libssl/src/ssl/d1_srvr.c
+++ b/src/lib/libssl/src/ssl/d1_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_srvr.c,v 1.57 2015/09/11 16:28:37 jsing Exp $ */
+/* $OpenBSD: d1_srvr.c,v 1.58 2015/09/11 18:08:21 jsing Exp $ */
 /*
 * DTLS implementation written by Nagendra Modadugu
 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -249,7 +249,7 @@ dtls1_accept(SSL *s)
                                        goto end;
                                }
-                                if (!ssl3_init_finished_mac(s)) {
+                                if (!tls1_init_finished_mac(s)) {
                                        ret = -1;
                                        goto end;
                                }
@@ -278,7 +278,7 @@ dtls1_accept(SSL *s)
                        s->state = SSL3_ST_SW_FLUSH;
                        s->init_num = 0;
-                        if (!ssl3_init_finished_mac(s)) {
+                        if (!tls1_init_finished_mac(s)) {
                                ret = -1;
                                goto end;
                        }
@@ -335,7 +335,7 @@ dtls1_accept(SSL *s)
                        s->s3->tmp.next_state = SSL3_ST_SR_CLNT_HELLO_A;
                        /* HelloVerifyRequest resets Finished MAC */
-                        if (!ssl3_init_finished_mac(s)) {
+                        if (!tls1_init_finished_mac(s)) {
                                ret = -1;
                                goto end;
                        }
@@ -602,7 +602,7 @@ dtls1_accept(SSL *s)
                case SSL_ST_OK:
                        /* clean a few things up */
-                        ssl3_cleanup_key_block(s);
+                        tls1_cleanup_key_block(s);
                        /* remove buffering on output */
                        ssl_free_wbio_buffer(s);
diff --git a/src/lib/libssl/src/ssl/s23_clnt.c b/src/lib/libssl/src/ssl/s23_clnt.c
index 1078bc0155..c6920e2b34 100644
--- a/src/lib/libssl/src/ssl/s23_clnt.c
+++ b/src/lib/libssl/src/ssl/s23_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s23_clnt.c,v 1.45 2015/09/11 14:39:05 jsing Exp $ */
+/* $OpenBSD: s23_clnt.c,v 1.46 2015/09/11 18:08:21 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -168,7 +168,7 @@ ssl23_connect(SSL *s)
                                ret = -1;
                                goto end;
                        }
-                        if (!ssl3_init_finished_mac(s)) {
+                        if (!tls1_init_finished_mac(s)) {
                                ret = -1;
                                goto end;
                        }
@@ -348,7 +348,7 @@ ssl23_client_hello(SSL *s)
                s->init_num = p - buf;
                s->init_off = 0;
-                ssl3_finish_mac(s, &(buf[SSL3_RT_HEADER_LENGTH]),
+                tls1_finish_mac(s, &(buf[SSL3_RT_HEADER_LENGTH]),
                    s->init_num - SSL3_RT_HEADER_LENGTH);
                s->state = SSL23_ST_CW_CLNT_HELLO_B;
diff --git a/src/lib/libssl/src/ssl/s23_srvr.c b/src/lib/libssl/src/ssl/s23_srvr.c
index d0699a55d7..08b416cab8 100644
--- a/src/lib/libssl/src/ssl/s23_srvr.c
+++ b/src/lib/libssl/src/ssl/s23_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s23_srvr.c,v 1.44 2015/09/11 14:47:56 jsing Exp $ */
+/* $OpenBSD: s23_srvr.c,v 1.45 2015/09/11 18:08:21 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -158,7 +158,7 @@ ssl23_accept(SSL *s)
                                ret = -1;
                                goto end;
                        }
-                        if (!ssl3_init_finished_mac(s)) {
+                        if (!tls1_init_finished_mac(s)) {
                                ret = -1;
                                goto end;
                        }
@@ -383,7 +383,7 @@ ssl23_get_client_hello(SSL *s)
                if (j != n + 2)
                        return -1;
-                ssl3_finish_mac(s, s->packet + 2, s->packet_length - 2);
+                tls1_finish_mac(s, s->packet + 2, s->packet_length - 2);
                if (s->msg_callback)
                        s->msg_callback(0, SSL2_VERSION, 0, s->packet + 2,
                            s->packet_length - 2, s, s->msg_callback_arg);
diff --git a/src/lib/libssl/src/ssl/s3_both.c b/src/lib/libssl/src/ssl/s3_both.c
index cd8afd1946..49b1e50659 100644
--- a/src/lib/libssl/src/ssl/s3_both.c
+++ b/src/lib/libssl/src/ssl/s3_both.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_both.c,v 1.46 2015/09/11 16:41:05 jsing Exp $ */
+/* $OpenBSD: s3_both.c,v 1.47 2015/09/11 18:08:21 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -146,7 +146,7 @@ ssl3_do_write(SSL *s, int type)
                 * Should not be done for 'Hello Request's, but in that case
                 * we'll ignore the result anyway.
                 */
-                ssl3_finish_mac(s,
+                tls1_finish_mac(s,
                    (unsigned char *)&s->init_buf->data[s->init_off], ret);
        if (ret == s->init_num) {
@@ -524,7 +524,7 @@ ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
                ssl3_take_mac(s);
        /* Feed this message into MAC computation. */
-        ssl3_finish_mac(s, (unsigned char *)s->init_buf->data, s->init_num + 4);
+        tls1_finish_mac(s, (unsigned char *)s->init_buf->data, s->init_num + 4);
        if (s->msg_callback)
                s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE,
                    s->init_buf->data, (size_t)s->init_num + 4, s,
diff --git a/src/lib/libssl/src/ssl/s3_clnt.c b/src/lib/libssl/src/ssl/s3_clnt.c
index e4ce8163ac..eed359450f 100644
--- a/src/lib/libssl/src/ssl/s3_clnt.c
+++ b/src/lib/libssl/src/ssl/s3_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_clnt.c,v 1.126 2015/09/10 15:56:26 jsing Exp $ */
+/* $OpenBSD: s3_clnt.c,v 1.127 2015/09/11 18:08:21 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -234,7 +234,7 @@ ssl3_connect(SSL *s)
                        /* don't push the buffering BIO quite yet */
-                        if (!ssl3_init_finished_mac(s)) {
+                        if (!tls1_init_finished_mac(s)) {
                                ret = -1;
                                goto end;
                        }
@@ -517,7 +517,7 @@ ssl3_connect(SSL *s)
                case SSL_ST_OK:
                        /* clean a few things up */
-                        ssl3_cleanup_key_block(s);
+                        tls1_cleanup_key_block(s);
                        if (s->init_buf != NULL) {
                                BUF_MEM_free(s->init_buf);
@@ -885,7 +885,7 @@ ssl3_get_server_hello(SSL *s)
         */
        alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
        if (!(SSL_USE_SIGALGS(s) || (alg_k & SSL_kGOST)) &&
-            !ssl3_digest_cached_records(s)) {
+            !tls1_digest_cached_records(s)) {
                al = SSL_AD_INTERNAL_ERROR;
                goto f_err;
        }
@@ -1524,7 +1524,7 @@ ssl3_get_certificate_request(SSL *s)
                 * as we wont be doing client auth.
                 */
                if (s->s3->handshake_buffer) {
-                        if (!ssl3_digest_cached_records(s))
+                        if (!tls1_digest_cached_records(s))
                                goto err;
                }
                return (1);
@@ -2309,7 +2309,7 @@ ssl3_send_client_verify(SSL *s)
                        }
                        s2n(u, p);
                        n = u + 4;
-                        if (!ssl3_digest_cached_records(s))
+                        if (!tls1_digest_cached_records(s))
                                goto err;
                } else if (pkey->type == EVP_PKEY_RSA) {
                        s->method->ssl3_enc->cert_verify_mac(
@@ -2381,7 +2381,7 @@ ssl3_send_client_verify(SSL *s)
                                    ERR_R_EVP_LIB);
                                goto err;
                        }
-                        if (!ssl3_digest_cached_records(s))
+                        if (!tls1_digest_cached_records(s))
                                goto err;
                        j = sigsize;
                        s2n(j, p);
diff --git a/src/lib/libssl/src/ssl/s3_lib.c b/src/lib/libssl/src/ssl/s3_lib.c
index 984e343c95..1a619e3d30 100644
--- a/src/lib/libssl/src/ssl/s3_lib.c
+++ b/src/lib/libssl/src/ssl/s3_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_lib.c,v 1.103 2015/09/11 17:32:23 jsing Exp $ */
+/* $OpenBSD: s3_lib.c,v 1.104 2015/09/11 18:08:21 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -2023,7 +2023,7 @@ ssl3_free(SSL *s)
        if (s == NULL)
                return;
-        ssl3_cleanup_key_block(s);
+        tls1_cleanup_key_block(s);
        ssl3_release_read_buffer(s);
        ssl3_release_write_buffer(s);
@@ -2033,7 +2033,7 @@ ssl3_free(SSL *s)
        if (s->s3->tmp.ca_names != NULL)
                sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
        BIO_free(s->s3->handshake_buffer);
-        ssl3_free_digest_list(s);
+        tls1_free_digest_list(s);
        free(s->s3->alpn_selected);
        explicit_bzero(s->s3, sizeof *s->s3);
@@ -2047,7 +2047,7 @@ ssl3_clear(SSL *s)
        unsigned char   *rp, *wp;
        size_t           rlen, wlen;
-        ssl3_cleanup_key_block(s);
+        tls1_cleanup_key_block(s);
        if (s->s3->tmp.ca_names != NULL)
                sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
@@ -2064,7 +2064,7 @@ ssl3_clear(SSL *s)
        BIO_free(s->s3->handshake_buffer);
        s->s3->handshake_buffer = NULL;
-        ssl3_free_digest_list(s);
+        tls1_free_digest_list(s);
        free(s->s3->alpn_selected);
        s->s3->alpn_selected = NULL;
diff --git a/src/lib/libssl/src/ssl/s3_srvr.c b/src/lib/libssl/src/ssl/s3_srvr.c
index 4bbc160d58..da7f6d71cd 100644
--- a/src/lib/libssl/src/ssl/s3_srvr.c
+++ b/src/lib/libssl/src/ssl/s3_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_srvr.c,v 1.117 2015/09/10 17:57:50 jsing Exp $ */
+/* $OpenBSD: s3_srvr.c,v 1.118 2015/09/11 18:08:21 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -239,7 +239,7 @@ ssl3_accept(SSL *s)
                                        goto end;
                                }
-                                if (!ssl3_init_finished_mac(s)) {
+                                if (!tls1_init_finished_mac(s)) {
                                        ret = -1;
                                        goto end;
                                }
@@ -279,7 +279,7 @@ ssl3_accept(SSL *s)
                        s->state = SSL3_ST_SW_FLUSH;
                        s->init_num = 0;
-                        if (!ssl3_init_finished_mac(s)) {
+                        if (!tls1_init_finished_mac(s)) {
                                ret = -1;
                                goto end;
                        }
@@ -393,7 +393,7 @@ ssl3_accept(SSL *s)
                                s->s3->tmp.cert_request = 0;
                                s->state = SSL3_ST_SW_SRVR_DONE_A;
                                if (s->s3->handshake_buffer)
-                                        if (!ssl3_digest_cached_records(s))
+                                        if (!tls1_digest_cached_records(s))
                                                return (-1);
                        } else {
                                s->s3->tmp.cert_request = 1;
@@ -485,7 +485,7 @@ ssl3_accept(SSL *s)
                                        return (-1);
                                }
                                s->s3->flags |= TLS1_FLAGS_KEEP_HANDSHAKE;
-                                if (!ssl3_digest_cached_records(s))
+                                if (!tls1_digest_cached_records(s))
                                        return (-1);
                        } else {
                                int offset = 0;
@@ -502,7 +502,7 @@ ssl3_accept(SSL *s)
                                 * But it is next step
                                 */
                                if (s->s3->handshake_buffer)
-                                        if (!ssl3_digest_cached_records(s))
+                                        if (!tls1_digest_cached_records(s))
                                                return (-1);
                                for (dgst_num = 0; dgst_num < SSL_MAX_DIGEST;
                                    dgst_num++)
@@ -633,7 +633,7 @@ ssl3_accept(SSL *s)
                case SSL_ST_OK:
                        /* clean a few things up */
-                        ssl3_cleanup_key_block(s);
+                        tls1_cleanup_key_block(s);
                        BUF_MEM_free(s->init_buf);
                        s->init_buf = NULL;
@@ -1035,7 +1035,7 @@ ssl3_get_client_hello(SSL *s)
        alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
        if (!(SSL_USE_SIGALGS(s) || (alg_k & SSL_kGOST)) ||
            !(s->verify_mode & SSL_VERIFY_PEER)) {
-                if (!ssl3_digest_cached_records(s)) {
+                if (!tls1_digest_cached_records(s)) {
                        al = SSL_AD_INTERNAL_ERROR;
                        goto f_err;
                }
@@ -2384,7 +2384,7 @@ ssl3_get_client_certificate(SSL *s)
                        goto f_err;
                }
                /* No client certificate so digest cached records */
-                if (s->s3->handshake_buffer && !ssl3_digest_cached_records(s)) {
+                if (s->s3->handshake_buffer && !tls1_digest_cached_records(s)) {
                        al = SSL_AD_INTERNAL_ERROR;
                        goto f_err;
                }
diff --git a/src/lib/libssl/src/ssl/ssl_locl.h b/src/lib/libssl/src/ssl/ssl_locl.h
index 976bd27618..f9be29b241 100644
--- a/src/lib/libssl/src/ssl/ssl_locl.h
+++ b/src/lib/libssl/src/ssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.118 2015/09/11 17:37:47 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.119 2015/09/11 18:08:21 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -595,13 +595,11 @@ void ssl_load_ciphers(void);
 const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p);
 int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p);
-int ssl3_init_finished_mac(SSL *s);
 int ssl3_send_server_certificate(SSL *s);
 int ssl3_send_newsession_ticket(SSL *s);
 int ssl3_send_cert_status(SSL *s);
 int ssl3_get_finished(SSL *s, int state_a, int state_b);
 int ssl3_send_change_cipher_spec(SSL *s, int state_a, int state_b);
-void ssl3_cleanup_key_block(SSL *s);
 int ssl3_do_write(SSL *s, int type);
 int ssl3_send_alert(SSL *s, int level, int desc);
 int ssl3_get_req_cert_type(SSL *s, unsigned char *p);
@@ -619,8 +617,6 @@ int ssl3_renegotiate_check(SSL *ssl);
 int ssl3_dispatch_alert(SSL *s);
 int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek);
 int ssl3_write_bytes(SSL *s, int type, const void *buf, int len);
-void ssl3_finish_mac(SSL *s, const unsigned char *buf, int len);
-void ssl3_free_digest_list(SSL *s);
 unsigned long ssl3_output_cert_chain(SSL *s, X509 *x);
 SSL_CIPHER *ssl3_choose_cipher(SSL *ssl, STACK_OF(SSL_CIPHER) *clnt,
    STACK_OF(SSL_CIPHER) *srvr);
@@ -630,7 +626,6 @@ int	ssl3_setup_read_buffer(SSL *s);
 int     ssl3_setup_write_buffer(SSL *s);
 int     ssl3_release_read_buffer(SSL *s);
 int     ssl3_release_write_buffer(SSL *s);
-int     ssl3_digest_cached_records(SSL *s);
 int     ssl3_new(SSL *s);
 void    ssl3_free(SSL *s);
 int     ssl3_accept(SSL *s);
@@ -650,7 +645,7 @@ unsigned char *ssl3_handshake_msg_start(SSL *s, uint8_t htype);
 void ssl3_handshake_msg_finish(SSL *s, unsigned int len);
 int ssl3_handshake_write(SSL *s);
-void ssl3_record_sequence_increment(unsigned char *seq);
+void tls1_record_sequence_increment(unsigned char *seq);
 int ssl3_do_change_cipher_spec(SSL *ssl);
 int ssl23_read(SSL *s, void *buf, int len);
@@ -767,6 +762,11 @@ int dtls1_enc(SSL *s, int snd);
 int ssl_init_wbio_buffer(SSL *s, int push);
 void ssl_free_wbio_buffer(SSL *s);
+int tls1_init_finished_mac(SSL *s);
+void tls1_finish_mac(SSL *s, const unsigned char *buf, int len);
+void tls1_free_digest_list(SSL *s);
+void tls1_cleanup_key_block(SSL *s);
+int tls1_digest_cached_records(SSL *s);
 int tls1_change_cipher_state(SSL *s, int which);
 int tls1_setup_key_block(SSL *s);
 int tls1_enc(SSL *s, int snd);
diff --git a/src/lib/libssl/src/ssl/t1_enc.c b/src/lib/libssl/src/ssl/t1_enc.c
index 892fc31796..1c96abb378 100644
--- a/src/lib/libssl/src/ssl/t1_enc.c
+++ b/src/lib/libssl/src/ssl/t1_enc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_enc.c,v 1.82 2015/09/11 17:54:23 jsing Exp $ */
+/* $OpenBSD: t1_enc.c,v 1.83 2015/09/11 18:08:21 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -144,7 +144,7 @@
 #include <openssl/md5.h>
 void
-ssl3_cleanup_key_block(SSL *s)
+tls1_cleanup_key_block(SSL *s)
 {
        if (s->s3->tmp.key_block != NULL) {
                explicit_bzero(s->s3->tmp.key_block,
@@ -156,10 +156,10 @@ ssl3_cleanup_key_block(SSL *s)
 }
 int
-ssl3_init_finished_mac(SSL *s)
+tls1_init_finished_mac(SSL *s)
 {
        BIO_free(s->s3->handshake_buffer);
-        ssl3_free_digest_list(s);
+        tls1_free_digest_list(s);
        s->s3->handshake_buffer = BIO_new(BIO_s_mem());
        if (s->s3->handshake_buffer == NULL)
@@ -171,7 +171,7 @@ ssl3_init_finished_mac(SSL *s)
 }
 void
-ssl3_free_digest_list(SSL *s)
+tls1_free_digest_list(SSL *s)
 {
        int i;
@@ -189,7 +189,7 @@ ssl3_free_digest_list(SSL *s)
 }
 void
-ssl3_finish_mac(SSL *s, const unsigned char *buf, int len)
+tls1_finish_mac(SSL *s, const unsigned char *buf, int len)
 {
        if (s->s3->handshake_buffer &&
            !(s->s3->flags & TLS1_FLAGS_KEEP_HANDSHAKE)) {
@@ -204,7 +204,7 @@ ssl3_finish_mac(SSL *s, const unsigned char *buf, int len)
 }
 int
-ssl3_digest_cached_records(SSL *s)
+tls1_digest_cached_records(SSL *s)
 {
        int i;
        long mask;
@@ -212,7 +212,7 @@ ssl3_digest_cached_records(SSL *s)
        long hdatalen;
        void *hdata;
-        ssl3_free_digest_list(s);
+        tls1_free_digest_list(s);
        s->s3->handshake_dgst = calloc(SSL_MAX_DIGEST, sizeof(EVP_MD_CTX *));
        if (s->s3->handshake_dgst == NULL) {
@@ -255,7 +255,7 @@ ssl3_digest_cached_records(SSL *s)
 }
 void
-ssl3_record_sequence_increment(unsigned char *seq)
+tls1_record_sequence_increment(unsigned char *seq)
 {
        int i;
@@ -738,7 +738,7 @@ tls1_setup_key_block(SSL *s)
        s->s3->tmp.new_mac_pkey_type = mac_type;
        s->s3->tmp.new_mac_secret_size = mac_secret_size;
-        ssl3_cleanup_key_block(s);
+        tls1_cleanup_key_block(s);
        if ((key_block = reallocarray(NULL, mac_secret_size + key_len + iv_len,
            2)) == NULL) {
@@ -827,7 +827,7 @@ tls1_enc(SSL *s, int send)
                            send ? s->d1->w_epoch : s->d1->r_epoch);
                } else {
                        memcpy(ad, seq, SSL3_SEQUENCE_SIZE);
-                        ssl3_record_sequence_increment(seq);
+                        tls1_record_sequence_increment(seq);
                }
                ad[8] = rec->type;
@@ -975,7 +975,7 @@ tls1_enc(SSL *s, int send)
                                    send ? s->d1->w_epoch : s->d1->r_epoch);
                        } else {
                                memcpy(buf, seq, SSL3_SEQUENCE_SIZE);
-                                ssl3_record_sequence_increment(seq);
+                                tls1_record_sequence_increment(seq);
                        }
                        buf[8] = rec->type;
@@ -1035,7 +1035,7 @@ tls1_cert_verify_mac(SSL *s, int md_nid, unsigned char *out)
        int i;
        if (s->s3->handshake_buffer)
-                if (!ssl3_digest_cached_records(s))
+                if (!tls1_digest_cached_records(s))
                        return 0;
        for (i = 0; i < SSL_MAX_DIGEST; i++) {
@@ -1074,7 +1074,7 @@ tls1_final_finish_mac(SSL *s, const char *str, int slen, unsigned char *out)
        q = buf;
        if (s->s3->handshake_buffer)
-                if (!ssl3_digest_cached_records(s))
+                if (!tls1_digest_cached_records(s))
                        return 0;
        EVP_MD_CTX_init(&ctx);
@@ -1188,7 +1188,7 @@ tls1_mac(SSL *ssl, unsigned char *md, int send)
                EVP_MD_CTX_cleanup(&hmac);
        if (!SSL_IS_DTLS(ssl))
-                ssl3_record_sequence_increment(seq);
+                tls1_record_sequence_increment(seq);
        return (md_size);
 }
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index 976bd27618..f9be29b241 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.118 2015/09/11 17:37:47 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.119 2015/09/11 18:08:21 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -595,13 +595,11 @@ void ssl_load_ciphers(void);
 const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p);
 int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p);
-int ssl3_init_finished_mac(SSL *s);
 int ssl3_send_server_certificate(SSL *s);
 int ssl3_send_newsession_ticket(SSL *s);
 int ssl3_send_cert_status(SSL *s);
 int ssl3_get_finished(SSL *s, int state_a, int state_b);
 int ssl3_send_change_cipher_spec(SSL *s, int state_a, int state_b);
-void ssl3_cleanup_key_block(SSL *s);
 int ssl3_do_write(SSL *s, int type);
 int ssl3_send_alert(SSL *s, int level, int desc);
 int ssl3_get_req_cert_type(SSL *s, unsigned char *p);
@@ -619,8 +617,6 @@ int ssl3_renegotiate_check(SSL *ssl);
 int ssl3_dispatch_alert(SSL *s);
 int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek);
 int ssl3_write_bytes(SSL *s, int type, const void *buf, int len);
-void ssl3_finish_mac(SSL *s, const unsigned char *buf, int len);
-void ssl3_free_digest_list(SSL *s);
 unsigned long ssl3_output_cert_chain(SSL *s, X509 *x);
 SSL_CIPHER *ssl3_choose_cipher(SSL *ssl, STACK_OF(SSL_CIPHER) *clnt,
    STACK_OF(SSL_CIPHER) *srvr);
@@ -630,7 +626,6 @@ int	ssl3_setup_read_buffer(SSL *s);
 int     ssl3_setup_write_buffer(SSL *s);
 int     ssl3_release_read_buffer(SSL *s);
 int     ssl3_release_write_buffer(SSL *s);
-int     ssl3_digest_cached_records(SSL *s);
 int     ssl3_new(SSL *s);
 void    ssl3_free(SSL *s);
 int     ssl3_accept(SSL *s);
@@ -650,7 +645,7 @@ unsigned char *ssl3_handshake_msg_start(SSL *s, uint8_t htype);
 void ssl3_handshake_msg_finish(SSL *s, unsigned int len);
 int ssl3_handshake_write(SSL *s);
-void ssl3_record_sequence_increment(unsigned char *seq);
+void tls1_record_sequence_increment(unsigned char *seq);
 int ssl3_do_change_cipher_spec(SSL *ssl);
 int ssl23_read(SSL *s, void *buf, int len);
@@ -767,6 +762,11 @@ int dtls1_enc(SSL *s, int snd);
 int ssl_init_wbio_buffer(SSL *s, int push);
 void ssl_free_wbio_buffer(SSL *s);
+int tls1_init_finished_mac(SSL *s);
+void tls1_finish_mac(SSL *s, const unsigned char *buf, int len);
+void tls1_free_digest_list(SSL *s);
+void tls1_cleanup_key_block(SSL *s);
+int tls1_digest_cached_records(SSL *s);
 int tls1_change_cipher_state(SSL *s, int which);
 int tls1_setup_key_block(SSL *s);
 int tls1_enc(SSL *s, int snd);
diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c
index 892fc31796..1c96abb378 100644
--- a/src/lib/libssl/t1_enc.c
+++ b/src/lib/libssl/t1_enc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_enc.c,v 1.82 2015/09/11 17:54:23 jsing Exp $ */
+/* $OpenBSD: t1_enc.c,v 1.83 2015/09/11 18:08:21 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -144,7 +144,7 @@
 #include <openssl/md5.h>
 void
-ssl3_cleanup_key_block(SSL *s)
+tls1_cleanup_key_block(SSL *s)
 {
        if (s->s3->tmp.key_block != NULL) {
                explicit_bzero(s->s3->tmp.key_block,
@@ -156,10 +156,10 @@ ssl3_cleanup_key_block(SSL *s)
 }
 int
-ssl3_init_finished_mac(SSL *s)
+tls1_init_finished_mac(SSL *s)
 {
        BIO_free(s->s3->handshake_buffer);
-        ssl3_free_digest_list(s);
+        tls1_free_digest_list(s);
        s->s3->handshake_buffer = BIO_new(BIO_s_mem());
        if (s->s3->handshake_buffer == NULL)
@@ -171,7 +171,7 @@ ssl3_init_finished_mac(SSL *s)
 }
 void
-ssl3_free_digest_list(SSL *s)
+tls1_free_digest_list(SSL *s)
 {
        int i;
@@ -189,7 +189,7 @@ ssl3_free_digest_list(SSL *s)
 }
 void
-ssl3_finish_mac(SSL *s, const unsigned char *buf, int len)
+tls1_finish_mac(SSL *s, const unsigned char *buf, int len)
 {
        if (s->s3->handshake_buffer &&
            !(s->s3->flags & TLS1_FLAGS_KEEP_HANDSHAKE)) {
@@ -204,7 +204,7 @@ ssl3_finish_mac(SSL *s, const unsigned char *buf, int len)
 }
 int
-ssl3_digest_cached_records(SSL *s)
+tls1_digest_cached_records(SSL *s)
 {
        int i;
        long mask;
@@ -212,7 +212,7 @@ ssl3_digest_cached_records(SSL *s)
        long hdatalen;
        void *hdata;
-        ssl3_free_digest_list(s);
+        tls1_free_digest_list(s);
        s->s3->handshake_dgst = calloc(SSL_MAX_DIGEST, sizeof(EVP_MD_CTX *));
        if (s->s3->handshake_dgst == NULL) {
@@ -255,7 +255,7 @@ ssl3_digest_cached_records(SSL *s)
 }
 void
-ssl3_record_sequence_increment(unsigned char *seq)
+tls1_record_sequence_increment(unsigned char *seq)
 {
        int i;
@@ -738,7 +738,7 @@ tls1_setup_key_block(SSL *s)
        s->s3->tmp.new_mac_pkey_type = mac_type;
        s->s3->tmp.new_mac_secret_size = mac_secret_size;
-        ssl3_cleanup_key_block(s);
+        tls1_cleanup_key_block(s);
        if ((key_block = reallocarray(NULL, mac_secret_size + key_len + iv_len,
            2)) == NULL) {
@@ -827,7 +827,7 @@ tls1_enc(SSL *s, int send)
                            send ? s->d1->w_epoch : s->d1->r_epoch);
                } else {
                        memcpy(ad, seq, SSL3_SEQUENCE_SIZE);
-                        ssl3_record_sequence_increment(seq);
+                        tls1_record_sequence_increment(seq);
                }
                ad[8] = rec->type;
@@ -975,7 +975,7 @@ tls1_enc(SSL *s, int send)
                                    send ? s->d1->w_epoch : s->d1->r_epoch);
                        } else {
                                memcpy(buf, seq, SSL3_SEQUENCE_SIZE);
-                                ssl3_record_sequence_increment(seq);
+                                tls1_record_sequence_increment(seq);
                        }
                        buf[8] = rec->type;
@@ -1035,7 +1035,7 @@ tls1_cert_verify_mac(SSL *s, int md_nid, unsigned char *out)
        int i;
        if (s->s3->handshake_buffer)
-                if (!ssl3_digest_cached_records(s))
+                if (!tls1_digest_cached_records(s))
                        return 0;
        for (i = 0; i < SSL_MAX_DIGEST; i++) {
@@ -1074,7 +1074,7 @@ tls1_final_finish_mac(SSL *s, const char *str, int slen, unsigned char *out)
        q = buf;
        if (s->s3->handshake_buffer)
-                if (!ssl3_digest_cached_records(s))
+                if (!tls1_digest_cached_records(s))
                        return 0;
        EVP_MD_CTX_init(&ctx);
@@ -1188,7 +1188,7 @@ tls1_mac(SSL *ssl, unsigned char *md, int send)
                EVP_MD_CTX_cleanup(&hmac);
        if (!SSL_IS_DTLS(ssl))
-                ssl3_record_sequence_increment(seq);
+                tls1_record_sequence_increment(seq);
        return (md_size);
 }
author	jsing <>	2015-09-11 18:08:21 +0000
committer	jsing <>	2015-09-11 18:08:21 +0000
commit	c42e261f37ac3f2934dd92296a095be3cbe461c1 (patch)
tree	378accab3864084b0135769f8d9117e86df41845 /src/lib
parent	63eec788b454a03bda0826cf41f02edb6771089c (diff)
download	openbsd-c42e261f37ac3f2934dd92296a095be3cbe461c1.tar.gz openbsd-c42e261f37ac3f2934dd92296a095be3cbe461c1.tar.bz2 openbsd-c42e261f37ac3f2934dd92296a095be3cbe461c1.zip