summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorbeck <>2023-07-08 16:40:14 +0000
committerbeck <>2023-07-08 16:40:14 +0000
commit14ddb694bbb3c9305a88c2f04345fb9499f8cd09 (patch)
treed94ae887e23f22265426a27314feb2539fbd467b /src
parentfb3005d44347523e79c18cf8f224d6044f34af04 (diff)
downloadopenbsd-14ddb694bbb3c9305a88c2f04345fb9499f8cd09.tar.gz
openbsd-14ddb694bbb3c9305a88c2f04345fb9499f8cd09.tar.bz2
openbsd-14ddb694bbb3c9305a88c2f04345fb9499f8cd09.zip
Hide all public symbols in libssl
With the guentherizer 9000 ok tb@
Diffstat (limited to 'src')
-rw-r--r--src/lib/libssl/bio_ssl.c6
-rw-r--r--src/lib/libssl/d1_srtp.c6
-rw-r--r--src/lib/libssl/hidden/openssl/srtp.h33
-rw-r--r--src/lib/libssl/hidden/openssl/ssl.h366
-rw-r--r--src/lib/libssl/hidden/openssl/tls1.h32
-rw-r--r--src/lib/libssl/s3_lib.c18
-rw-r--r--src/lib/libssl/ssl_algs.c4
-rw-r--r--src/lib/libssl/ssl_asn1.c4
-rw-r--r--src/lib/libssl/ssl_cert.c13
-rw-r--r--src/lib/libssl/ssl_ciph.c39
-rw-r--r--src/lib/libssl/ssl_clnt.c6
-rw-r--r--src/lib/libssl/ssl_err.c4
-rw-r--r--src/lib/libssl/ssl_init.c3
-rw-r--r--src/lib/libssl/ssl_lib.c197
-rw-r--r--src/lib/libssl/ssl_methods.c26
-rw-r--r--src/lib/libssl/ssl_rsa.c23
-rw-r--r--src/lib/libssl/ssl_sess.c54
-rw-r--r--src/lib/libssl/ssl_srvr.c6
-rw-r--r--src/lib/libssl/ssl_stat.c10
-rw-r--r--src/lib/libssl/ssl_txt.c4
-rw-r--r--src/lib/libssl/tls12_record_layer.c7
21 files changed, 828 insertions, 33 deletions
diff --git a/src/lib/libssl/bio_ssl.c b/src/lib/libssl/bio_ssl.c
index 1a8cda84d6..08e47dbfac 100644
--- a/src/lib/libssl/bio_ssl.c
+++ b/src/lib/libssl/bio_ssl.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bio_ssl.c,v 1.38 2023/02/16 08:38:17 tb Exp $ */ 1/* $OpenBSD: bio_ssl.c,v 1.39 2023/07/08 16:40:13 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -120,6 +120,7 @@ ssl_new(BIO *bi)
120 bi->flags = 0; 120 bi->flags = 0;
121 return (1); 121 return (1);
122} 122}
123LSSL_ALIAS(BIO_f_ssl);
123 124
124static int 125static int
125ssl_free(BIO *a) 126ssl_free(BIO *a)
@@ -514,6 +515,7 @@ BIO_new_buffer_ssl_connect(SSL_CTX *ctx)
514 BIO_free(ssl); 515 BIO_free(ssl);
515 return (NULL); 516 return (NULL);
516} 517}
518LSSL_ALIAS(BIO_new_buffer_ssl_connect);
517 519
518BIO * 520BIO *
519BIO_new_ssl_connect(SSL_CTX *ctx) 521BIO_new_ssl_connect(SSL_CTX *ctx)
@@ -575,6 +577,7 @@ BIO_ssl_copy_session_id(BIO *t, BIO *f)
575 return (0); 577 return (0);
576 return (1); 578 return (1);
577} 579}
580LSSL_ALIAS(BIO_new_ssl_connect);
578 581
579void 582void
580BIO_ssl_shutdown(BIO *b) 583BIO_ssl_shutdown(BIO *b)
@@ -590,3 +593,4 @@ BIO_ssl_shutdown(BIO *b)
590 b = b->next_bio; 593 b = b->next_bio;
591 } 594 }
592} 595}
596LSSL_ALIAS(BIO_ssl_shutdown);
diff --git a/src/lib/libssl/d1_srtp.c b/src/lib/libssl/d1_srtp.c
index 6073f0d2d4..67c4495a17 100644
--- a/src/lib/libssl/d1_srtp.c
+++ b/src/lib/libssl/d1_srtp.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: d1_srtp.c,v 1.32 2022/11/26 16:08:55 tb Exp $ */ 1/* $OpenBSD: d1_srtp.c,v 1.33 2023/07/08 16:40:13 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -229,12 +229,14 @@ SSL_CTX_set_tlsext_use_srtp(SSL_CTX *ctx, const char *profiles)
229{ 229{
230 return ssl_ctx_make_profiles(profiles, &ctx->srtp_profiles); 230 return ssl_ctx_make_profiles(profiles, &ctx->srtp_profiles);
231} 231}
232LSSL_ALIAS(SSL_CTX_set_tlsext_use_srtp);
232 233
233int 234int
234SSL_set_tlsext_use_srtp(SSL *s, const char *profiles) 235SSL_set_tlsext_use_srtp(SSL *s, const char *profiles)
235{ 236{
236 return ssl_ctx_make_profiles(profiles, &s->srtp_profiles); 237 return ssl_ctx_make_profiles(profiles, &s->srtp_profiles);
237} 238}
239LSSL_ALIAS(SSL_set_tlsext_use_srtp);
238 240
239 241
240STACK_OF(SRTP_PROTECTION_PROFILE) * 242STACK_OF(SRTP_PROTECTION_PROFILE) *
@@ -251,6 +253,7 @@ SSL_get_srtp_profiles(SSL *s)
251 253
252 return NULL; 254 return NULL;
253} 255}
256LSSL_ALIAS(SSL_get_srtp_profiles);
254 257
255SRTP_PROTECTION_PROFILE * 258SRTP_PROTECTION_PROFILE *
256SSL_get_selected_srtp_profile(SSL *s) 259SSL_get_selected_srtp_profile(SSL *s)
@@ -258,5 +261,6 @@ SSL_get_selected_srtp_profile(SSL *s)
258 /* XXX cast away the const */ 261 /* XXX cast away the const */
259 return (SRTP_PROTECTION_PROFILE *)s->srtp_profile; 262 return (SRTP_PROTECTION_PROFILE *)s->srtp_profile;
260} 263}
264LSSL_ALIAS(SSL_get_selected_srtp_profile);
261 265
262#endif 266#endif
diff --git a/src/lib/libssl/hidden/openssl/srtp.h b/src/lib/libssl/hidden/openssl/srtp.h
new file mode 100644
index 0000000000..2440fc93d9
--- /dev/null
+++ b/src/lib/libssl/hidden/openssl/srtp.h
@@ -0,0 +1,33 @@
1/* $OpenBSD: srtp.h,v 1.1 2023/07/08 16:40:14 beck Exp $ */
2/*
3 * Copyright (c) 2023 Bob Beck <beck@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#ifndef _LIBSSL_SRTP_H
19#define _LIBSSL_SRTP_H
20
21#ifndef _MSC_VER
22#include_next <openssl/srtp.h>
23#else
24#include "../include/openssl/srtp.h"
25#endif
26#include "ssl_namespace.h"
27
28LSSL_USED(SSL_CTX_set_tlsext_use_srtp);
29LSSL_USED(SSL_set_tlsext_use_srtp);
30LSSL_USED(SSL_get_srtp_profiles);
31LSSL_USED(SSL_get_selected_srtp_profile);
32
33#endif /* _LIBSSL_SRTP_H */
diff --git a/src/lib/libssl/hidden/openssl/ssl.h b/src/lib/libssl/hidden/openssl/ssl.h
index 3bd2eed748..acc99fe138 100644
--- a/src/lib/libssl/hidden/openssl/ssl.h
+++ b/src/lib/libssl/hidden/openssl/ssl.h
@@ -1,6 +1,6 @@
1/* $OpenBSD: ssl.h,v 1.2 2023/07/05 21:14:54 bcook Exp $ */ 1/* $OpenBSD: ssl.h,v 1.3 2023/07/08 16:40:14 beck Exp $ */
2/* 2/*
3 * Copyright (c) 2022 Philip Guenther <guenther@openbsd.org> 3 * Copyright (c) 2023 Bob Beck <beck@openbsd.org>
4 * 4 *
5 * Permission to use, copy, modify, and distribute this software for any 5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above 6 * purpose with or without fee is hereby granted, provided that the above
@@ -15,8 +15,8 @@
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */ 16 */
17 17
18#ifndef _LIBSSL_SSL_H_ 18#ifndef _LIBSSL_SSL_H
19#define _LIBSSL_SSL_H_ 19#define _LIBSSL_SSL_H
20 20
21#ifndef _MSC_VER 21#ifndef _MSC_VER
22#include_next <openssl/ssl.h> 22#include_next <openssl/ssl.h>
@@ -25,11 +25,361 @@
25#endif 25#endif
26#include "ssl_namespace.h" 26#include "ssl_namespace.h"
27 27
28LSSL_USED(SSL_CTX_set_msg_callback);
29LSSL_USED(SSL_set_msg_callback);
30LSSL_USED(SSL_CTX_set_keylog_callback);
31LSSL_USED(SSL_CTX_get_keylog_callback);
32LSSL_USED(SSL_set_num_tickets);
33LSSL_USED(SSL_get_num_tickets);
34LSSL_USED(SSL_CTX_set_num_tickets);
35LSSL_USED(SSL_CTX_get_num_tickets);
36LSSL_USED(SSL_get0_verified_chain);
37LSSL_USED(SSL_CTX_sessions);
38LSSL_USED(SSL_CTX_sess_set_new_cb);
39LSSL_USED(SSL_CTX_sess_get_new_cb);
40LSSL_USED(SSL_CTX_sess_set_remove_cb);
41LSSL_USED(SSL_CTX_sess_get_remove_cb);
42LSSL_USED(SSL_CTX_sess_set_get_cb);
43LSSL_USED(SSL_CTX_set_info_callback);
44LSSL_USED(SSL_CTX_get_info_callback);
45LSSL_USED(SSL_CTX_set_client_cert_cb);
46LSSL_USED(SSL_CTX_get_client_cert_cb);
47LSSL_USED(SSL_CTX_set_client_cert_engine);
48LSSL_USED(SSL_CTX_set_cookie_generate_cb);
49LSSL_USED(SSL_CTX_set_cookie_verify_cb);
50LSSL_USED(SSL_CTX_set_next_protos_advertised_cb);
51LSSL_USED(SSL_CTX_set_next_proto_select_cb);
52LSSL_USED(SSL_select_next_proto);
53LSSL_USED(SSL_get0_next_proto_negotiated);
54LSSL_USED(SSL_CTX_set_alpn_protos);
55LSSL_USED(SSL_set_alpn_protos);
56LSSL_USED(SSL_CTX_set_alpn_select_cb);
57LSSL_USED(SSL_get0_alpn_selected);
58LSSL_USED(SSL_set_psk_use_session_callback);
59LSSL_USED(SSL_get_finished);
60LSSL_USED(SSL_get_peer_finished);
61LSSL_USED(SSL_verify_client_post_handshake);
62LSSL_USED(SSL_CTX_set_post_handshake_auth);
63LSSL_USED(SSL_set_post_handshake_auth);
64LSSL_USED(PEM_read_bio_SSL_SESSION);
65LSSL_USED(PEM_read_SSL_SESSION);
66LSSL_USED(PEM_write_bio_SSL_SESSION);
67LSSL_USED(PEM_write_SSL_SESSION);
68LSSL_USED(SSL_CTX_set0_chain);
69LSSL_USED(SSL_CTX_set1_chain);
70LSSL_USED(SSL_CTX_add0_chain_cert);
71LSSL_USED(SSL_CTX_add1_chain_cert);
72LSSL_USED(SSL_CTX_get0_chain_certs);
73LSSL_USED(SSL_CTX_clear_chain_certs);
74LSSL_USED(SSL_set0_chain);
75LSSL_USED(SSL_set1_chain);
76LSSL_USED(SSL_add0_chain_cert);
77LSSL_USED(SSL_add1_chain_cert);
78LSSL_USED(SSL_get0_chain_certs);
79LSSL_USED(SSL_clear_chain_certs);
80LSSL_USED(SSL_CTX_set1_groups);
81LSSL_USED(SSL_CTX_set1_groups_list);
82LSSL_USED(SSL_set1_groups);
83LSSL_USED(SSL_set1_groups_list);
84LSSL_USED(SSL_CTX_get_min_proto_version);
85LSSL_USED(SSL_CTX_get_max_proto_version);
86LSSL_USED(SSL_CTX_set_min_proto_version);
87LSSL_USED(SSL_CTX_set_max_proto_version);
88LSSL_USED(SSL_get_min_proto_version);
89LSSL_USED(SSL_get_max_proto_version);
90LSSL_USED(SSL_set_min_proto_version);
91LSSL_USED(SSL_set_max_proto_version);
92LSSL_USED(SSL_CTX_get_ssl_method);
28LSSL_USED(BIO_f_ssl); 93LSSL_USED(BIO_f_ssl);
29LSSL_USED(BIO_new_ssl); 94LSSL_USED(BIO_new_ssl);
30LSSL_USED(BIO_new_ssl_connect); 95LSSL_USED(BIO_new_ssl_connect);
31LSSL_UNUSED(BIO_new_buffer_ssl_connect); 96LSSL_USED(BIO_new_buffer_ssl_connect);
32LSSL_UNUSED(BIO_ssl_copy_session_id); 97LSSL_USED(BIO_ssl_copy_session_id);
33LSSL_UNUSED(BIO_ssl_shutdown); 98LSSL_USED(BIO_ssl_shutdown);
99LSSL_USED(SSL_CTX_get_ciphers);
100LSSL_USED(SSL_CTX_set_cipher_list);
101LSSL_USED(SSL_CTX_set_ciphersuites);
102LSSL_USED(SSL_CTX_new);
103LSSL_USED(SSL_CTX_free);
104LSSL_USED(SSL_CTX_up_ref);
105LSSL_USED(SSL_CTX_set_timeout);
106LSSL_USED(SSL_CTX_get_timeout);
107LSSL_USED(SSL_CTX_get_cert_store);
108LSSL_USED(SSL_CTX_set_cert_store);
109LSSL_USED(SSL_CTX_get0_certificate);
110LSSL_USED(SSL_CTX_get0_privatekey);
111LSSL_USED(SSL_want);
112LSSL_USED(SSL_clear);
113LSSL_USED(SSL_CTX_flush_sessions);
114LSSL_USED(SSL_get_current_cipher);
115LSSL_USED(SSL_CIPHER_get_by_id);
116LSSL_USED(SSL_CIPHER_get_by_value);
117LSSL_USED(SSL_CIPHER_get_bits);
118LSSL_USED(SSL_CIPHER_get_version);
119LSSL_USED(SSL_CIPHER_get_name);
120LSSL_USED(SSL_CIPHER_get_id);
121LSSL_USED(SSL_CIPHER_get_value);
122LSSL_USED(SSL_CIPHER_find);
123LSSL_USED(SSL_CIPHER_get_cipher_nid);
124LSSL_USED(SSL_CIPHER_get_digest_nid);
125LSSL_USED(SSL_CIPHER_get_kx_nid);
126LSSL_USED(SSL_CIPHER_get_auth_nid);
127LSSL_USED(SSL_CIPHER_is_aead);
128LSSL_USED(SSL_get_fd);
129LSSL_USED(SSL_get_rfd);
130LSSL_USED(SSL_get_wfd);
131LSSL_USED(SSL_get_cipher_list);
132LSSL_USED(SSL_get_shared_ciphers);
133LSSL_USED(SSL_get_read_ahead);
134LSSL_USED(SSL_pending);
135LSSL_USED(SSL_set_fd);
136LSSL_USED(SSL_set_rfd);
137LSSL_USED(SSL_set_wfd);
138LSSL_USED(SSL_set_bio);
139LSSL_USED(SSL_get_rbio);
140LSSL_USED(SSL_set0_rbio);
141LSSL_USED(SSL_get_wbio);
142LSSL_USED(SSL_set_cipher_list);
143LSSL_USED(SSL_set_ciphersuites);
144LSSL_USED(SSL_set_read_ahead);
145LSSL_USED(SSL_get_verify_mode);
146LSSL_USED(SSL_get_verify_depth);
147LSSL_USED(SSL_get_verify_callback);
148LSSL_USED(SSL_set_verify);
149LSSL_USED(SSL_set_verify_depth);
150LSSL_USED(SSL_use_RSAPrivateKey);
151LSSL_USED(SSL_use_RSAPrivateKey_ASN1);
152LSSL_USED(SSL_use_PrivateKey);
153LSSL_USED(SSL_use_PrivateKey_ASN1);
154LSSL_USED(SSL_use_certificate);
155LSSL_USED(SSL_use_certificate_ASN1);
156LSSL_USED(SSL_use_RSAPrivateKey_file);
157LSSL_USED(SSL_use_PrivateKey_file);
158LSSL_USED(SSL_use_certificate_file);
159LSSL_USED(SSL_use_certificate_chain_file);
160LSSL_USED(SSL_CTX_use_RSAPrivateKey_file);
161LSSL_USED(SSL_CTX_use_PrivateKey_file);
162LSSL_USED(SSL_CTX_use_certificate_file);
163LSSL_USED(SSL_CTX_use_certificate_chain_file);
164LSSL_USED(SSL_CTX_use_certificate_chain_mem);
165LSSL_USED(SSL_load_client_CA_file);
166LSSL_USED(SSL_add_file_cert_subjects_to_stack);
167LSSL_USED(SSL_add_dir_cert_subjects_to_stack);
168LSSL_USED(SSL_load_error_strings);
169LSSL_USED(SSL_state_string);
170LSSL_USED(SSL_rstate_string);
171LSSL_USED(SSL_state_string_long);
172LSSL_USED(SSL_rstate_string_long);
173LSSL_USED(SSL_SESSION_get0_cipher);
174LSSL_USED(SSL_SESSION_get_master_key);
175LSSL_USED(SSL_SESSION_get_protocol_version);
176LSSL_USED(SSL_SESSION_get_time);
177LSSL_USED(SSL_SESSION_set_time);
178LSSL_USED(SSL_SESSION_get_timeout);
179LSSL_USED(SSL_SESSION_set_timeout);
180LSSL_USED(SSL_copy_session_id);
181LSSL_USED(SSL_SESSION_get0_peer);
182LSSL_USED(SSL_SESSION_set1_id);
183LSSL_USED(SSL_SESSION_set1_id_context);
184LSSL_USED(SSL_SESSION_is_resumable);
185LSSL_USED(SSL_SESSION_new);
186LSSL_USED(SSL_SESSION_free);
187LSSL_USED(SSL_SESSION_up_ref);
188LSSL_USED(SSL_SESSION_get_id);
189LSSL_USED(SSL_SESSION_get0_id_context);
190LSSL_USED(SSL_SESSION_get_max_early_data);
191LSSL_USED(SSL_SESSION_set_max_early_data);
192LSSL_USED(SSL_SESSION_get_ticket_lifetime_hint);
193LSSL_USED(SSL_SESSION_has_ticket);
194LSSL_USED(SSL_SESSION_get_compress_id);
195LSSL_USED(SSL_SESSION_print_fp);
196LSSL_USED(SSL_SESSION_print);
197LSSL_USED(i2d_SSL_SESSION);
198LSSL_USED(SSL_set_session);
199LSSL_USED(SSL_CTX_add_session);
200LSSL_USED(SSL_CTX_remove_session);
201LSSL_USED(SSL_CTX_set_generate_session_id);
202LSSL_USED(SSL_set_generate_session_id);
203LSSL_USED(SSL_has_matching_session_id);
204LSSL_USED(d2i_SSL_SESSION);
205LSSL_USED(SSL_get_peer_cert_chain);
206LSSL_USED(SSL_CTX_get_verify_mode);
207LSSL_USED(SSL_CTX_get_verify_depth);
208LSSL_USED(SSL_CTX_get_verify_callback);
209LSSL_USED(SSL_CTX_set_verify);
210LSSL_USED(SSL_CTX_set_verify_depth);
211LSSL_USED(SSL_CTX_set_cert_verify_callback);
212LSSL_USED(SSL_CTX_use_RSAPrivateKey);
213LSSL_USED(SSL_CTX_use_RSAPrivateKey_ASN1);
214LSSL_USED(SSL_CTX_use_PrivateKey);
215LSSL_USED(SSL_CTX_use_PrivateKey_ASN1);
216LSSL_USED(SSL_CTX_use_certificate);
217LSSL_USED(SSL_CTX_use_certificate_ASN1);
218LSSL_USED(SSL_CTX_get_default_passwd_cb);
219LSSL_USED(SSL_CTX_set_default_passwd_cb);
220LSSL_USED(SSL_CTX_get_default_passwd_cb_userdata);
221LSSL_USED(SSL_CTX_set_default_passwd_cb_userdata);
222LSSL_USED(SSL_CTX_check_private_key);
223LSSL_USED(SSL_check_private_key);
224LSSL_USED(SSL_CTX_set_session_id_context);
225LSSL_USED(SSL_set_session_id_context);
226LSSL_USED(SSL_CTX_set_purpose);
227LSSL_USED(SSL_set_purpose);
228LSSL_USED(SSL_CTX_set_trust);
229LSSL_USED(SSL_set_trust);
230LSSL_USED(SSL_set1_host);
231LSSL_USED(SSL_set_hostflags);
232LSSL_USED(SSL_get0_peername);
233LSSL_USED(SSL_CTX_get0_param);
234LSSL_USED(SSL_CTX_set1_param);
235LSSL_USED(SSL_get0_param);
236LSSL_USED(SSL_set1_param);
237LSSL_USED(SSL_new);
238LSSL_USED(SSL_free);
239LSSL_USED(SSL_up_ref);
240LSSL_USED(SSL_accept);
241LSSL_USED(SSL_connect);
242LSSL_USED(SSL_is_dtls);
243LSSL_USED(SSL_is_server);
244LSSL_USED(SSL_read);
245LSSL_USED(SSL_peek);
246LSSL_USED(SSL_write);
247LSSL_USED(SSL_read_ex);
248LSSL_USED(SSL_peek_ex);
249LSSL_USED(SSL_write_ex);
250LSSL_USED(SSL_CTX_get_max_early_data);
251LSSL_USED(SSL_CTX_set_max_early_data);
252LSSL_USED(SSL_get_max_early_data);
253LSSL_USED(SSL_set_max_early_data);
254LSSL_USED(SSL_get_early_data_status);
255LSSL_USED(SSL_read_early_data);
256LSSL_USED(SSL_write_early_data);
257LSSL_USED(SSL_ctrl);
258LSSL_USED(SSL_callback_ctrl);
259LSSL_USED(SSL_CTX_ctrl);
260LSSL_USED(SSL_CTX_callback_ctrl);
261LSSL_USED(SSL_get_error);
262LSSL_USED(SSL_get_version);
263LSSL_USED(SSL_CTX_set_ssl_version);
264LSSL_USED(SSLv23_method);
265LSSL_USED(SSLv23_server_method);
266LSSL_USED(SSLv23_client_method);
267LSSL_USED(TLSv1_method);
268LSSL_USED(TLSv1_server_method);
269LSSL_USED(TLSv1_client_method);
270LSSL_USED(TLSv1_1_method);
271LSSL_USED(TLSv1_1_server_method);
272LSSL_USED(TLSv1_1_client_method);
273LSSL_USED(TLSv1_2_method);
274LSSL_USED(TLSv1_2_server_method);
275LSSL_USED(TLSv1_2_client_method);
276LSSL_USED(TLS_method);
277LSSL_USED(TLS_server_method);
278LSSL_USED(TLS_client_method);
279LSSL_USED(DTLSv1_method);
280LSSL_USED(DTLSv1_server_method);
281LSSL_USED(DTLSv1_client_method);
282LSSL_USED(DTLSv1_2_method);
283LSSL_USED(DTLSv1_2_server_method);
284LSSL_USED(DTLSv1_2_client_method);
285LSSL_USED(DTLS_method);
286LSSL_USED(DTLS_server_method);
287LSSL_USED(DTLS_client_method);
288LSSL_USED(SSL_get_ciphers);
289LSSL_USED(SSL_get_client_ciphers);
290LSSL_USED(SSL_get1_supported_ciphers);
291LSSL_USED(SSL_do_handshake);
292LSSL_USED(SSL_renegotiate);
293LSSL_USED(SSL_renegotiate_abbreviated);
294LSSL_USED(SSL_renegotiate_pending);
295LSSL_USED(SSL_shutdown);
296LSSL_USED(SSL_get_ssl_method);
297LSSL_USED(SSL_set_ssl_method);
298LSSL_USED(SSL_alert_type_string_long);
299LSSL_USED(SSL_alert_type_string);
300LSSL_USED(SSL_alert_desc_string_long);
301LSSL_USED(SSL_alert_desc_string);
302LSSL_USED(SSL_set_client_CA_list);
303LSSL_USED(SSL_CTX_set_client_CA_list);
304LSSL_USED(SSL_get_client_CA_list);
305LSSL_USED(SSL_CTX_get_client_CA_list);
306LSSL_USED(SSL_add_client_CA);
307LSSL_USED(SSL_CTX_add_client_CA);
308LSSL_USED(SSL_set_connect_state);
309LSSL_USED(SSL_set_accept_state);
310LSSL_USED(SSL_get_default_timeout);
311LSSL_USED(SSL_library_init);
312LSSL_USED(SSL_CIPHER_description);
313LSSL_USED(SSL_dup_CA_list);
314LSSL_USED(SSL_dup);
315LSSL_USED(SSL_get_certificate);
316LSSL_USED(SSL_get_privatekey);
317LSSL_USED(SSL_CTX_set_quiet_shutdown);
318LSSL_USED(SSL_CTX_get_quiet_shutdown);
319LSSL_USED(SSL_set_quiet_shutdown);
320LSSL_USED(SSL_get_quiet_shutdown);
321LSSL_USED(SSL_set_shutdown);
322LSSL_USED(SSL_get_shutdown);
323LSSL_USED(SSL_version);
324LSSL_USED(SSL_CTX_set_default_verify_paths);
325LSSL_USED(SSL_CTX_load_verify_locations);
326LSSL_USED(SSL_CTX_load_verify_mem);
327LSSL_USED(SSL_get_session);
328LSSL_USED(SSL_get1_session);
329LSSL_USED(SSL_get_SSL_CTX);
330LSSL_USED(SSL_set_SSL_CTX);
331LSSL_USED(SSL_set_info_callback);
332LSSL_USED(SSL_get_info_callback);
333LSSL_USED(SSL_state);
334LSSL_USED(SSL_set_state);
335LSSL_USED(SSL_set_verify_result);
336LSSL_USED(SSL_get_verify_result);
337LSSL_USED(SSL_set_ex_data);
338LSSL_USED(SSL_get_ex_data);
339LSSL_USED(SSL_get_ex_new_index);
340LSSL_USED(SSL_SESSION_set_ex_data);
341LSSL_USED(SSL_SESSION_get_ex_data);
342LSSL_USED(SSL_SESSION_get_ex_new_index);
343LSSL_USED(SSL_CTX_set_ex_data);
344LSSL_USED(SSL_CTX_get_ex_data);
345LSSL_USED(SSL_CTX_get_ex_new_index);
346LSSL_USED(SSL_get_ex_data_X509_STORE_CTX_idx);
347LSSL_USED(SSL_CTX_set_tmp_rsa_callback);
348LSSL_USED(SSL_set_tmp_rsa_callback);
349LSSL_USED(SSL_CTX_set_tmp_dh_callback);
350LSSL_USED(SSL_set_tmp_dh_callback);
351LSSL_USED(SSL_CTX_set_tmp_ecdh_callback);
352LSSL_USED(SSL_set_tmp_ecdh_callback);
353LSSL_USED(SSL_get_client_random);
354LSSL_USED(SSL_get_server_random);
355LSSL_USED(SSL_get_current_compression);
356LSSL_USED(SSL_get_current_expansion);
357LSSL_USED(SSL_get_peer_certificate);
358LSSL_USED(SSL_COMP_get_name);
359LSSL_USED(SSL_COMP_get_compression_methods);
360LSSL_USED(SSL_COMP_add_compression_method);
361LSSL_USED(SSL_set_session_ticket_ext);
362LSSL_USED(SSL_set_session_ticket_ext_cb);
363LSSL_USED(SSL_set_session_secret_cb);
364LSSL_USED(SSL_set_debug);
365LSSL_USED(SSL_cache_hit);
366LSSL_USED(SSL_set_security_level);
367LSSL_USED(SSL_get_security_level);
368LSSL_USED(SSL_CTX_set_security_level);
369LSSL_USED(SSL_CTX_get_security_level);
370LSSL_USED(SSL_CTX_set_quic_method);
371LSSL_USED(SSL_CTX_sess_get_get_cb);
372LSSL_USED(SSL_set_quic_method);
373LSSL_USED(SSL_is_quic);
374LSSL_USED(SSL_quic_max_handshake_flight_len);
375LSSL_USED(SSL_quic_read_level);
376LSSL_USED(SSL_quic_write_level);
377LSSL_USED(SSL_provide_quic_data);
378LSSL_USED(SSL_process_quic_post_handshake);
379LSSL_USED(SSL_set_quic_transport_params);
380LSSL_USED(SSL_get_peer_quic_transport_params);
381LSSL_USED(SSL_set_quic_use_legacy_codepoint);
382LSSL_USED(ERR_load_SSL_strings);
383LSSL_USED(OPENSSL_init_ssl);
34 384
35#endif /* _LIBSSL_SSL_H_ */ 385#endif /* _LIBSSL_SSL_H */
diff --git a/src/lib/libssl/hidden/openssl/tls1.h b/src/lib/libssl/hidden/openssl/tls1.h
new file mode 100644
index 0000000000..de93f9aa2e
--- /dev/null
+++ b/src/lib/libssl/hidden/openssl/tls1.h
@@ -0,0 +1,32 @@
1/* $OpenBSD: tls1.h,v 1.1 2023/07/08 16:40:14 beck Exp $ */
2/*
3 * Copyright (c) 2023 Bob Beck <beck@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#ifndef _LIBSSL_TLS1_H
19#define _LIBSSL_TLS1_H
20
21#ifndef _MSC_VER
22#include_next <openssl/tls1.h>
23#else
24#include "../include/openssl/tls1.h"
25#endif
26#include "ssl_namespace.h"
27
28LSSL_USED(SSL_get_servername);
29LSSL_USED(SSL_get_servername_type);
30LSSL_USED(SSL_export_keying_material);
31
32#endif /* _LIBSSL_TLS1_H */
diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c
index 7561060120..7ab6880131 100644
--- a/src/lib/libssl/s3_lib.c
+++ b/src/lib/libssl/s3_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: s3_lib.c,v 1.245 2023/07/02 17:21:32 beck Exp $ */ 1/* $OpenBSD: s3_lib.c,v 1.246 2023/07/08 16:40:13 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -1931,24 +1931,28 @@ SSL_set0_chain(SSL *ssl, STACK_OF(X509) *chain)
1931{ 1931{
1932 return ssl_cert_set0_chain(NULL, ssl, chain); 1932 return ssl_cert_set0_chain(NULL, ssl, chain);
1933} 1933}
1934LSSL_ALIAS(SSL_set0_chain);
1934 1935
1935int 1936int
1936SSL_set1_chain(SSL *ssl, STACK_OF(X509) *chain) 1937SSL_set1_chain(SSL *ssl, STACK_OF(X509) *chain)
1937{ 1938{
1938 return ssl_cert_set1_chain(NULL, ssl, chain); 1939 return ssl_cert_set1_chain(NULL, ssl, chain);
1939} 1940}
1941LSSL_ALIAS(SSL_set1_chain);
1940 1942
1941int 1943int
1942SSL_add0_chain_cert(SSL *ssl, X509 *x509) 1944SSL_add0_chain_cert(SSL *ssl, X509 *x509)
1943{ 1945{
1944 return ssl_cert_add0_chain_cert(NULL, ssl, x509); 1946 return ssl_cert_add0_chain_cert(NULL, ssl, x509);
1945} 1947}
1948LSSL_ALIAS(SSL_add0_chain_cert);
1946 1949
1947int 1950int
1948SSL_add1_chain_cert(SSL *ssl, X509 *x509) 1951SSL_add1_chain_cert(SSL *ssl, X509 *x509)
1949{ 1952{
1950 return ssl_cert_add1_chain_cert(NULL, ssl, x509); 1953 return ssl_cert_add1_chain_cert(NULL, ssl, x509);
1951} 1954}
1955LSSL_ALIAS(SSL_add1_chain_cert);
1952 1956
1953int 1957int
1954SSL_get0_chain_certs(const SSL *ssl, STACK_OF(X509) **out_chain) 1958SSL_get0_chain_certs(const SSL *ssl, STACK_OF(X509) **out_chain)
@@ -1960,12 +1964,14 @@ SSL_get0_chain_certs(const SSL *ssl, STACK_OF(X509) **out_chain)
1960 1964
1961 return 1; 1965 return 1;
1962} 1966}
1967LSSL_ALIAS(SSL_get0_chain_certs);
1963 1968
1964int 1969int
1965SSL_clear_chain_certs(SSL *ssl) 1970SSL_clear_chain_certs(SSL *ssl)
1966{ 1971{
1967 return ssl_cert_set0_chain(NULL, ssl, NULL); 1972 return ssl_cert_set0_chain(NULL, ssl, NULL);
1968} 1973}
1974LSSL_ALIAS(SSL_clear_chain_certs);
1969 1975
1970int 1976int
1971SSL_set1_groups(SSL *s, const int *groups, size_t groups_len) 1977SSL_set1_groups(SSL *s, const int *groups, size_t groups_len)
@@ -1973,6 +1979,7 @@ SSL_set1_groups(SSL *s, const int *groups, size_t groups_len)
1973 return tls1_set_groups(&s->tlsext_supportedgroups, 1979 return tls1_set_groups(&s->tlsext_supportedgroups,
1974 &s->tlsext_supportedgroups_length, groups, groups_len); 1980 &s->tlsext_supportedgroups_length, groups, groups_len);
1975} 1981}
1982LSSL_ALIAS(SSL_set1_groups);
1976 1983
1977int 1984int
1978SSL_set1_groups_list(SSL *s, const char *groups) 1985SSL_set1_groups_list(SSL *s, const char *groups)
@@ -1980,6 +1987,7 @@ SSL_set1_groups_list(SSL *s, const char *groups)
1980 return tls1_set_group_list(&s->tlsext_supportedgroups, 1987 return tls1_set_group_list(&s->tlsext_supportedgroups,
1981 &s->tlsext_supportedgroups_length, groups); 1988 &s->tlsext_supportedgroups_length, groups);
1982} 1989}
1990LSSL_ALIAS(SSL_set1_groups_list);
1983 1991
1984static int 1992static int
1985_SSL_get_signature_nid(SSL *s, int *nid) 1993_SSL_get_signature_nid(SSL *s, int *nid)
@@ -2322,24 +2330,28 @@ SSL_CTX_set0_chain(SSL_CTX *ctx, STACK_OF(X509) *chain)
2322{ 2330{
2323 return ssl_cert_set0_chain(ctx, NULL, chain); 2331 return ssl_cert_set0_chain(ctx, NULL, chain);
2324} 2332}
2333LSSL_ALIAS(SSL_CTX_set0_chain);
2325 2334
2326int 2335int
2327SSL_CTX_set1_chain(SSL_CTX *ctx, STACK_OF(X509) *chain) 2336SSL_CTX_set1_chain(SSL_CTX *ctx, STACK_OF(X509) *chain)
2328{ 2337{
2329 return ssl_cert_set1_chain(ctx, NULL, chain); 2338 return ssl_cert_set1_chain(ctx, NULL, chain);
2330} 2339}
2340LSSL_ALIAS(SSL_CTX_set1_chain);
2331 2341
2332int 2342int
2333SSL_CTX_add0_chain_cert(SSL_CTX *ctx, X509 *x509) 2343SSL_CTX_add0_chain_cert(SSL_CTX *ctx, X509 *x509)
2334{ 2344{
2335 return ssl_cert_add0_chain_cert(ctx, NULL, x509); 2345 return ssl_cert_add0_chain_cert(ctx, NULL, x509);
2336} 2346}
2347LSSL_ALIAS(SSL_CTX_add0_chain_cert);
2337 2348
2338int 2349int
2339SSL_CTX_add1_chain_cert(SSL_CTX *ctx, X509 *x509) 2350SSL_CTX_add1_chain_cert(SSL_CTX *ctx, X509 *x509)
2340{ 2351{
2341 return ssl_cert_add1_chain_cert(ctx, NULL, x509); 2352 return ssl_cert_add1_chain_cert(ctx, NULL, x509);
2342} 2353}
2354LSSL_ALIAS(SSL_CTX_add1_chain_cert);
2343 2355
2344int 2356int
2345SSL_CTX_get0_chain_certs(const SSL_CTX *ctx, STACK_OF(X509) **out_chain) 2357SSL_CTX_get0_chain_certs(const SSL_CTX *ctx, STACK_OF(X509) **out_chain)
@@ -2351,12 +2363,14 @@ SSL_CTX_get0_chain_certs(const SSL_CTX *ctx, STACK_OF(X509) **out_chain)
2351 2363
2352 return 1; 2364 return 1;
2353} 2365}
2366LSSL_ALIAS(SSL_CTX_get0_chain_certs);
2354 2367
2355int 2368int
2356SSL_CTX_clear_chain_certs(SSL_CTX *ctx) 2369SSL_CTX_clear_chain_certs(SSL_CTX *ctx)
2357{ 2370{
2358 return ssl_cert_set0_chain(ctx, NULL, NULL); 2371 return ssl_cert_set0_chain(ctx, NULL, NULL);
2359} 2372}
2373LSSL_ALIAS(SSL_CTX_clear_chain_certs);
2360 2374
2361static int 2375static int
2362_SSL_CTX_add_extra_chain_cert(SSL_CTX *ctx, X509 *cert) 2376_SSL_CTX_add_extra_chain_cert(SSL_CTX *ctx, X509 *cert)
@@ -2402,6 +2416,7 @@ SSL_CTX_set1_groups(SSL_CTX *ctx, const int *groups, size_t groups_len)
2402 return tls1_set_groups(&ctx->tlsext_supportedgroups, 2416 return tls1_set_groups(&ctx->tlsext_supportedgroups,
2403 &ctx->tlsext_supportedgroups_length, groups, groups_len); 2417 &ctx->tlsext_supportedgroups_length, groups, groups_len);
2404} 2418}
2419LSSL_ALIAS(SSL_CTX_set1_groups);
2405 2420
2406int 2421int
2407SSL_CTX_set1_groups_list(SSL_CTX *ctx, const char *groups) 2422SSL_CTX_set1_groups_list(SSL_CTX *ctx, const char *groups)
@@ -2409,6 +2424,7 @@ SSL_CTX_set1_groups_list(SSL_CTX *ctx, const char *groups)
2409 return tls1_set_group_list(&ctx->tlsext_supportedgroups, 2424 return tls1_set_group_list(&ctx->tlsext_supportedgroups,
2410 &ctx->tlsext_supportedgroups_length, groups); 2425 &ctx->tlsext_supportedgroups_length, groups);
2411} 2426}
2427LSSL_ALIAS(SSL_CTX_set1_groups_list);
2412 2428
2413long 2429long
2414ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) 2430ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
diff --git a/src/lib/libssl/ssl_algs.c b/src/lib/libssl/ssl_algs.c
index ab23f4bc45..684697df51 100644
--- a/src/lib/libssl/ssl_algs.c
+++ b/src/lib/libssl/ssl_algs.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_algs.c,v 1.31 2022/11/26 16:08:55 tb Exp $ */ 1/* $OpenBSD: ssl_algs.c,v 1.32 2023/07/08 16:40:13 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -122,4 +122,4 @@ SSL_library_init(void)
122 122
123 return (1); 123 return (1);
124} 124}
125 125LSSL_ALIAS(SSL_library_init);
diff --git a/src/lib/libssl/ssl_asn1.c b/src/lib/libssl/ssl_asn1.c
index 7684602129..f4552f1c94 100644
--- a/src/lib/libssl/ssl_asn1.c
+++ b/src/lib/libssl/ssl_asn1.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_asn1.c,v 1.66 2022/11/26 16:08:55 tb Exp $ */ 1/* $OpenBSD: ssl_asn1.c,v 1.67 2023/07/08 16:40:13 beck Exp $ */
2/* 2/*
3 * Copyright (c) 2016 Joel Sing <jsing@openbsd.org> 3 * Copyright (c) 2016 Joel Sing <jsing@openbsd.org>
4 * 4 *
@@ -238,6 +238,7 @@ i2d_SSL_SESSION(SSL_SESSION *ss, unsigned char **pp)
238 238
239 return rv; 239 return rv;
240} 240}
241LSSL_ALIAS(i2d_SSL_SESSION);
241 242
242SSL_SESSION * 243SSL_SESSION *
243d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length) 244d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length)
@@ -416,3 +417,4 @@ d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length)
416 417
417 return (NULL); 418 return (NULL);
418} 419}
420LSSL_ALIAS(d2i_SSL_SESSION);
diff --git a/src/lib/libssl/ssl_cert.c b/src/lib/libssl/ssl_cert.c
index 8a333b4278..a288050269 100644
--- a/src/lib/libssl/ssl_cert.c
+++ b/src/lib/libssl/ssl_cert.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_cert.c,v 1.106 2023/05/26 13:44:05 tb Exp $ */ 1/* $OpenBSD: ssl_cert.c,v 1.107 2023/07/08 16:40:13 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -157,6 +157,7 @@ SSL_get_ex_data_X509_STORE_CTX_idx(void)
157 157
158 return ssl_x509_store_ctx_idx; 158 return ssl_x509_store_ctx_idx;
159} 159}
160LSSL_ALIAS(SSL_get_ex_data_X509_STORE_CTX_idx);
160 161
161SSL_CERT * 162SSL_CERT *
162ssl_cert_new(void) 163ssl_cert_new(void)
@@ -487,24 +488,28 @@ SSL_dup_CA_list(const STACK_OF(X509_NAME) *sk)
487 sk_X509_NAME_pop_free(ret, X509_NAME_free); 488 sk_X509_NAME_pop_free(ret, X509_NAME_free);
488 return NULL; 489 return NULL;
489} 490}
491LSSL_ALIAS(SSL_dup_CA_list);
490 492
491void 493void
492SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *name_list) 494SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *name_list)
493{ 495{
494 set_client_CA_list(&(s->client_CA), name_list); 496 set_client_CA_list(&(s->client_CA), name_list);
495} 497}
498LSSL_ALIAS(SSL_set_client_CA_list);
496 499
497void 500void
498SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *name_list) 501SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *name_list)
499{ 502{
500 set_client_CA_list(&(ctx->client_CA), name_list); 503 set_client_CA_list(&(ctx->client_CA), name_list);
501} 504}
505LSSL_ALIAS(SSL_CTX_set_client_CA_list);
502 506
503STACK_OF(X509_NAME) * 507STACK_OF(X509_NAME) *
504SSL_CTX_get_client_CA_list(const SSL_CTX *ctx) 508SSL_CTX_get_client_CA_list(const SSL_CTX *ctx)
505{ 509{
506 return (ctx->client_CA); 510 return (ctx->client_CA);
507} 511}
512LSSL_ALIAS(SSL_CTX_get_client_CA_list);
508 513
509STACK_OF(X509_NAME) * 514STACK_OF(X509_NAME) *
510SSL_get_client_CA_list(const SSL *s) 515SSL_get_client_CA_list(const SSL *s)
@@ -522,6 +527,7 @@ SSL_get_client_CA_list(const SSL *s)
522 return (s->ctx->client_CA); 527 return (s->ctx->client_CA);
523 } 528 }
524} 529}
530LSSL_ALIAS(SSL_get_client_CA_list);
525 531
526static int 532static int
527add_client_CA(STACK_OF(X509_NAME) **sk, X509 *x) 533add_client_CA(STACK_OF(X509_NAME) **sk, X509 *x)
@@ -548,12 +554,14 @@ SSL_add_client_CA(SSL *ssl, X509 *x)
548{ 554{
549 return (add_client_CA(&(ssl->client_CA), x)); 555 return (add_client_CA(&(ssl->client_CA), x));
550} 556}
557LSSL_ALIAS(SSL_add_client_CA);
551 558
552int 559int
553SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x) 560SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x)
554{ 561{
555 return (add_client_CA(&(ctx->client_CA), x)); 562 return (add_client_CA(&(ctx->client_CA), x));
556} 563}
564LSSL_ALIAS(SSL_CTX_add_client_CA);
557 565
558static int 566static int
559xname_cmp(const X509_NAME * const *a, const X509_NAME * const *b) 567xname_cmp(const X509_NAME * const *a, const X509_NAME * const *b)
@@ -628,6 +636,7 @@ SSL_load_client_CA_file(const char *file)
628 636
629 return (ret); 637 return (ret);
630} 638}
639LSSL_ALIAS(SSL_load_client_CA_file);
631 640
632/*! 641/*!
633 * Add a file of certs to a stack. 642 * Add a file of certs to a stack.
@@ -688,6 +697,7 @@ SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
688 697
689 return ret; 698 return ret;
690} 699}
700LSSL_ALIAS(SSL_add_file_cert_subjects_to_stack);
691 701
692/*! 702/*!
693 * Add a directory of certs to a stack. 703 * Add a directory of certs to a stack.
@@ -728,3 +738,4 @@ SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, const char *dir)
728 } 738 }
729 return ret; 739 return ret;
730} 740}
741LSSL_ALIAS(SSL_add_dir_cert_subjects_to_stack);
diff --git a/src/lib/libssl/ssl_ciph.c b/src/lib/libssl/ssl_ciph.c
index a71c5042c7..b735cd7b30 100644
--- a/src/lib/libssl/ssl_ciph.c
+++ b/src/lib/libssl/ssl_ciph.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_ciph.c,v 1.135 2022/11/26 16:08:55 tb Exp $ */ 1/* $OpenBSD: ssl_ciph.c,v 1.136 2023/07/08 16:40:13 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -475,9 +475,11 @@ ssl_cipher_get_evp(const SSL_SESSION *ss, const EVP_CIPHER **enc,
475 case SSL_CAMELLIA256: 475 case SSL_CAMELLIA256:
476 *enc = EVP_camellia_256_cbc(); 476 *enc = EVP_camellia_256_cbc();
477 break; 477 break;
478#ifndef OPENSSL_NO_GOST
478 case SSL_eGOST2814789CNT: 479 case SSL_eGOST2814789CNT:
479 *enc = EVP_gost2814789_cnt(); 480 *enc = EVP_gost2814789_cnt();
480 break; 481 break;
482#endif
481 } 483 }
482 484
483 switch (ss->cipher->algorithm_mac) { 485 switch (ss->cipher->algorithm_mac) {
@@ -493,6 +495,7 @@ ssl_cipher_get_evp(const SSL_SESSION *ss, const EVP_CIPHER **enc,
493 case SSL_SHA384: 495 case SSL_SHA384:
494 *md = EVP_sha384(); 496 *md = EVP_sha384();
495 break; 497 break;
498#ifndef OPENSSL_NO_GOST
496 case SSL_GOST89MAC: 499 case SSL_GOST89MAC:
497 *md = EVP_gost2814789imit(); 500 *md = EVP_gost2814789imit();
498 break; 501 break;
@@ -502,8 +505,8 @@ ssl_cipher_get_evp(const SSL_SESSION *ss, const EVP_CIPHER **enc,
502 case SSL_STREEBOG256: 505 case SSL_STREEBOG256:
503 *md = EVP_streebog256(); 506 *md = EVP_streebog256();
504 break; 507 break;
508#endif
505 } 509 }
506
507 if (*enc == NULL || *md == NULL) 510 if (*enc == NULL || *md == NULL)
508 return 0; 511 return 0;
509 512
@@ -515,15 +518,18 @@ ssl_cipher_get_evp(const SSL_SESSION *ss, const EVP_CIPHER **enc,
515 return 0; 518 return 0;
516 if (EVP_CIPHER_mode(*enc) == EVP_CIPH_GCM_MODE) 519 if (EVP_CIPHER_mode(*enc) == EVP_CIPH_GCM_MODE)
517 return 0; 520 return 0;
518 521#ifndef OPENSSL_NO_GOST
522 /* XXX JFC. die in fire already */
519 if (ss->cipher->algorithm_mac == SSL_GOST89MAC) { 523 if (ss->cipher->algorithm_mac == SSL_GOST89MAC) {
520 *mac_pkey_type = EVP_PKEY_GOSTIMIT; 524 *mac_pkey_type = EVP_PKEY_GOSTIMIT;
521 *mac_secret_size = 32; /* XXX */ 525 *mac_secret_size = 32; /* XXX */
522 } else { 526 } else {
527#endif
523 *mac_pkey_type = EVP_PKEY_HMAC; 528 *mac_pkey_type = EVP_PKEY_HMAC;
524 *mac_secret_size = EVP_MD_size(*md); 529 *mac_secret_size = EVP_MD_size(*md);
530#ifndef OPENSSL_NO_GOST
525 } 531 }
526 532#endif
527 return 1; 533 return 1;
528} 534}
529 535
@@ -578,18 +584,20 @@ ssl_get_handshake_evp_md(SSL *s, const EVP_MD **md)
578 case SSL_HANDSHAKE_MAC_DEFAULT: 584 case SSL_HANDSHAKE_MAC_DEFAULT:
579 *md = EVP_md5_sha1(); 585 *md = EVP_md5_sha1();
580 return 1; 586 return 1;
587#ifndef OPENSSL_NO_GOST
581 case SSL_HANDSHAKE_MAC_GOST94: 588 case SSL_HANDSHAKE_MAC_GOST94:
582 *md = EVP_gostr341194(); 589 *md = EVP_gostr341194();
583 return 1; 590 return 1;
591 case SSL_HANDSHAKE_MAC_STREEBOG256:
592 *md = EVP_streebog256();
593 return 1;
594#endif
584 case SSL_HANDSHAKE_MAC_SHA256: 595 case SSL_HANDSHAKE_MAC_SHA256:
585 *md = EVP_sha256(); 596 *md = EVP_sha256();
586 return 1; 597 return 1;
587 case SSL_HANDSHAKE_MAC_SHA384: 598 case SSL_HANDSHAKE_MAC_SHA384:
588 *md = EVP_sha384(); 599 *md = EVP_sha384();
589 return 1; 600 return 1;
590 case SSL_HANDSHAKE_MAC_STREEBOG256:
591 *md = EVP_streebog256();
592 return 1;
593 default: 601 default:
594 break; 602 break;
595 } 603 }
@@ -1406,12 +1414,14 @@ SSL_CIPHER_get_by_id(unsigned int id)
1406{ 1414{
1407 return ssl3_get_cipher_by_id(id); 1415 return ssl3_get_cipher_by_id(id);
1408} 1416}
1417LSSL_ALIAS(SSL_CIPHER_get_by_id);
1409 1418
1410const SSL_CIPHER * 1419const SSL_CIPHER *
1411SSL_CIPHER_get_by_value(uint16_t value) 1420SSL_CIPHER_get_by_value(uint16_t value)
1412{ 1421{
1413 return ssl3_get_cipher_by_value(value); 1422 return ssl3_get_cipher_by_value(value);
1414} 1423}
1424LSSL_ALIAS(SSL_CIPHER_get_by_value);
1415 1425
1416char * 1426char *
1417SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len) 1427SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
@@ -1565,6 +1575,7 @@ SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
1565 1575
1566 return (ret); 1576 return (ret);
1567} 1577}
1578LSSL_ALIAS(SSL_CIPHER_description);
1568 1579
1569const char * 1580const char *
1570SSL_CIPHER_get_version(const SSL_CIPHER *c) 1581SSL_CIPHER_get_version(const SSL_CIPHER *c)
@@ -1576,6 +1587,7 @@ SSL_CIPHER_get_version(const SSL_CIPHER *c)
1576 else 1587 else
1577 return("unknown"); 1588 return("unknown");
1578} 1589}
1590LSSL_ALIAS(SSL_CIPHER_get_version);
1579 1591
1580/* return the actual cipher being used */ 1592/* return the actual cipher being used */
1581const char * 1593const char *
@@ -1585,6 +1597,7 @@ SSL_CIPHER_get_name(const SSL_CIPHER *c)
1585 return (c->name); 1597 return (c->name);
1586 return("(NONE)"); 1598 return("(NONE)");
1587} 1599}
1600LSSL_ALIAS(SSL_CIPHER_get_name);
1588 1601
1589/* number of bits for symmetric cipher */ 1602/* number of bits for symmetric cipher */
1590int 1603int
@@ -1599,18 +1612,21 @@ SSL_CIPHER_get_bits(const SSL_CIPHER *c, int *alg_bits)
1599 } 1612 }
1600 return (ret); 1613 return (ret);
1601} 1614}
1615LSSL_ALIAS(SSL_CIPHER_get_bits);
1602 1616
1603unsigned long 1617unsigned long
1604SSL_CIPHER_get_id(const SSL_CIPHER *c) 1618SSL_CIPHER_get_id(const SSL_CIPHER *c)
1605{ 1619{
1606 return c->id; 1620 return c->id;
1607} 1621}
1622LSSL_ALIAS(SSL_CIPHER_get_id);
1608 1623
1609uint16_t 1624uint16_t
1610SSL_CIPHER_get_value(const SSL_CIPHER *c) 1625SSL_CIPHER_get_value(const SSL_CIPHER *c)
1611{ 1626{
1612 return ssl3_cipher_get_value(c); 1627 return ssl3_cipher_get_value(c);
1613} 1628}
1629LSSL_ALIAS(SSL_CIPHER_get_value);
1614 1630
1615const SSL_CIPHER * 1631const SSL_CIPHER *
1616SSL_CIPHER_find(SSL *ssl, const unsigned char *ptr) 1632SSL_CIPHER_find(SSL *ssl, const unsigned char *ptr)
@@ -1625,6 +1641,7 @@ SSL_CIPHER_find(SSL *ssl, const unsigned char *ptr)
1625 1641
1626 return ssl3_get_cipher_by_value(cipher_value); 1642 return ssl3_get_cipher_by_value(cipher_value);
1627} 1643}
1644LSSL_ALIAS(SSL_CIPHER_find);
1628 1645
1629int 1646int
1630SSL_CIPHER_get_cipher_nid(const SSL_CIPHER *c) 1647SSL_CIPHER_get_cipher_nid(const SSL_CIPHER *c)
@@ -1658,6 +1675,7 @@ SSL_CIPHER_get_cipher_nid(const SSL_CIPHER *c)
1658 return NID_undef; 1675 return NID_undef;
1659 } 1676 }
1660} 1677}
1678LSSL_ALIAS(SSL_CIPHER_get_cipher_nid);
1661 1679
1662int 1680int
1663SSL_CIPHER_get_digest_nid(const SSL_CIPHER *c) 1681SSL_CIPHER_get_digest_nid(const SSL_CIPHER *c)
@@ -1683,6 +1701,7 @@ SSL_CIPHER_get_digest_nid(const SSL_CIPHER *c)
1683 return NID_undef; 1701 return NID_undef;
1684 } 1702 }
1685} 1703}
1704LSSL_ALIAS(SSL_CIPHER_get_digest_nid);
1686 1705
1687int 1706int
1688SSL_CIPHER_get_kx_nid(const SSL_CIPHER *c) 1707SSL_CIPHER_get_kx_nid(const SSL_CIPHER *c)
@@ -1700,6 +1719,7 @@ SSL_CIPHER_get_kx_nid(const SSL_CIPHER *c)
1700 return NID_undef; 1719 return NID_undef;
1701 } 1720 }
1702} 1721}
1722LSSL_ALIAS(SSL_CIPHER_get_kx_nid);
1703 1723
1704int 1724int
1705SSL_CIPHER_get_auth_nid(const SSL_CIPHER *c) 1725SSL_CIPHER_get_auth_nid(const SSL_CIPHER *c)
@@ -1717,27 +1737,32 @@ SSL_CIPHER_get_auth_nid(const SSL_CIPHER *c)
1717 return NID_undef; 1737 return NID_undef;
1718 } 1738 }
1719} 1739}
1740LSSL_ALIAS(SSL_CIPHER_get_auth_nid);
1720 1741
1721int 1742int
1722SSL_CIPHER_is_aead(const SSL_CIPHER *c) 1743SSL_CIPHER_is_aead(const SSL_CIPHER *c)
1723{ 1744{
1724 return (c->algorithm_mac & SSL_AEAD) == SSL_AEAD; 1745 return (c->algorithm_mac & SSL_AEAD) == SSL_AEAD;
1725} 1746}
1747LSSL_ALIAS(SSL_CIPHER_is_aead);
1726 1748
1727void * 1749void *
1728SSL_COMP_get_compression_methods(void) 1750SSL_COMP_get_compression_methods(void)
1729{ 1751{
1730 return NULL; 1752 return NULL;
1731} 1753}
1754LSSL_ALIAS(SSL_COMP_get_compression_methods);
1732 1755
1733int 1756int
1734SSL_COMP_add_compression_method(int id, void *cm) 1757SSL_COMP_add_compression_method(int id, void *cm)
1735{ 1758{
1736 return 1; 1759 return 1;
1737} 1760}
1761LSSL_ALIAS(SSL_COMP_add_compression_method);
1738 1762
1739const char * 1763const char *
1740SSL_COMP_get_name(const void *comp) 1764SSL_COMP_get_name(const void *comp)
1741{ 1765{
1742 return NULL; 1766 return NULL;
1743} 1767}
1768LSSL_ALIAS(SSL_COMP_get_name);
diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c
index 6aea590132..441da643fd 100644
--- a/src/lib/libssl/ssl_clnt.c
+++ b/src/lib/libssl/ssl_clnt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_clnt.c,v 1.160 2023/06/11 19:01:01 tb Exp $ */ 1/* $OpenBSD: ssl_clnt.c,v 1.161 2023/07/08 16:40:13 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -2123,12 +2123,14 @@ ssl3_send_client_verify_sigalgs(SSL *s, EVP_PKEY *pkey,
2123 SSLerror(s, ERR_R_EVP_LIB); 2123 SSLerror(s, ERR_R_EVP_LIB);
2124 goto err; 2124 goto err;
2125 } 2125 }
2126#ifndef OPENSSL_NO_GOST
2126 if (sigalg->key_type == EVP_PKEY_GOSTR01 && 2127 if (sigalg->key_type == EVP_PKEY_GOSTR01 &&
2127 EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN, 2128 EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN,
2128 EVP_PKEY_CTRL_GOST_SIG_FORMAT, GOST_SIG_FORMAT_RS_LE, NULL) <= 0) { 2129 EVP_PKEY_CTRL_GOST_SIG_FORMAT, GOST_SIG_FORMAT_RS_LE, NULL) <= 0) {
2129 SSLerror(s, ERR_R_EVP_LIB); 2130 SSLerror(s, ERR_R_EVP_LIB);
2130 goto err; 2131 goto err;
2131 } 2132 }
2133#endif
2132 if ((sigalg->flags & SIGALG_FLAG_RSA_PSS) && 2134 if ((sigalg->flags & SIGALG_FLAG_RSA_PSS) &&
2133 (!EVP_PKEY_CTX_set_rsa_padding(pctx, RSA_PKCS1_PSS_PADDING) || 2135 (!EVP_PKEY_CTX_set_rsa_padding(pctx, RSA_PKCS1_PSS_PADDING) ||
2134 !EVP_PKEY_CTX_set_rsa_pss_saltlen(pctx, -1))) { 2136 !EVP_PKEY_CTX_set_rsa_pss_saltlen(pctx, -1))) {
@@ -2267,11 +2269,13 @@ ssl3_send_client_verify_gost(SSL *s, EVP_PKEY *pkey, CBB *cert_verify)
2267 SSLerror(s, ERR_R_EVP_LIB); 2269 SSLerror(s, ERR_R_EVP_LIB);
2268 goto err; 2270 goto err;
2269 } 2271 }
2272#ifndef OPENSSL_NO_GOST
2270 if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN, 2273 if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN,
2271 EVP_PKEY_CTRL_GOST_SIG_FORMAT, GOST_SIG_FORMAT_RS_LE, NULL) <= 0) { 2274 EVP_PKEY_CTRL_GOST_SIG_FORMAT, GOST_SIG_FORMAT_RS_LE, NULL) <= 0) {
2272 SSLerror(s, ERR_R_EVP_LIB); 2275 SSLerror(s, ERR_R_EVP_LIB);
2273 goto err; 2276 goto err;
2274 } 2277 }
2278#endif
2275 if (!EVP_DigestSign(mctx, NULL, &signature_len, hdata, hdata_len)) { 2279 if (!EVP_DigestSign(mctx, NULL, &signature_len, hdata, hdata_len)) {
2276 SSLerror(s, ERR_R_EVP_LIB); 2280 SSLerror(s, ERR_R_EVP_LIB);
2277 goto err; 2281 goto err;
diff --git a/src/lib/libssl/ssl_err.c b/src/lib/libssl/ssl_err.c
index 59d8119e10..28097ea70a 100644
--- a/src/lib/libssl/ssl_err.c
+++ b/src/lib/libssl/ssl_err.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_err.c,v 1.45 2022/11/26 16:08:55 tb Exp $ */ 1/* $OpenBSD: ssl_err.c,v 1.46 2023/07/08 16:40:13 beck Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
4 * 4 *
@@ -482,6 +482,7 @@ ERR_load_SSL_strings(void)
482 } 482 }
483#endif 483#endif
484} 484}
485LSSL_ALIAS(ERR_load_SSL_strings);
485 486
486void 487void
487SSL_load_error_strings(void) 488SSL_load_error_strings(void)
@@ -491,6 +492,7 @@ SSL_load_error_strings(void)
491 ERR_load_SSL_strings(); 492 ERR_load_SSL_strings();
492#endif 493#endif
493} 494}
495LSSL_ALIAS(SSL_load_error_strings);
494 496
495int 497int
496SSL_state_func_code(int state) { 498SSL_state_func_code(int state) {
diff --git a/src/lib/libssl/ssl_init.c b/src/lib/libssl/ssl_init.c
index 65f38e25db..a8646cc092 100644
--- a/src/lib/libssl/ssl_init.c
+++ b/src/lib/libssl/ssl_init.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_init.c,v 1.3 2022/11/26 16:08:55 tb Exp $ */ 1/* $OpenBSD: ssl_init.c,v 1.4 2023/07/08 16:40:13 beck Exp $ */
2/* 2/*
3 * Copyright (c) 2018 Bob Beck <beck@openbsd.org> 3 * Copyright (c) 2018 Bob Beck <beck@openbsd.org>
4 * 4 *
@@ -49,3 +49,4 @@ OPENSSL_init_ssl(uint64_t opts, const void *settings)
49 49
50 return 1; 50 return 1;
51} 51}
52LSSL_ALIAS(OPENSSL_init_ssl);
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
index f6c9406139..b1169b0242 100644
--- a/src/lib/libssl/ssl_lib.c
+++ b/src/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_lib.c,v 1.310 2023/05/26 13:44:05 tb Exp $ */ 1/* $OpenBSD: ssl_lib.c,v 1.311 2023/07/08 16:40:13 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -218,6 +218,7 @@ SSL_clear(SSL *s)
218 218
219 return (1); 219 return (1);
220} 220}
221LSSL_ALIAS(SSL_clear);
221 222
222/* Used to change an SSL_CTXs default SSL method type */ 223/* Used to change an SSL_CTXs default SSL method type */
223int 224int
@@ -236,6 +237,7 @@ SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth)
236 } 237 }
237 return (1); 238 return (1);
238} 239}
240LSSL_ALIAS(SSL_CTX_set_ssl_version);
239 241
240SSL * 242SSL *
241SSL_new(SSL_CTX *ctx) 243SSL_new(SSL_CTX *ctx)
@@ -360,6 +362,7 @@ SSL_new(SSL_CTX *ctx)
360 SSLerrorx(ERR_R_MALLOC_FAILURE); 362 SSLerrorx(ERR_R_MALLOC_FAILURE);
361 return (NULL); 363 return (NULL);
362} 364}
365LSSL_ALIAS(SSL_new);
363 366
364int 367int
365SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx, 368SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx,
@@ -374,6 +377,7 @@ SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx,
374 377
375 return (1); 378 return (1);
376} 379}
380LSSL_ALIAS(SSL_CTX_set_session_id_context);
377 381
378int 382int
379SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx, 383SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx,
@@ -388,6 +392,7 @@ SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx,
388 392
389 return (1); 393 return (1);
390} 394}
395LSSL_ALIAS(SSL_set_session_id_context);
391 396
392int 397int
393SSL_CTX_set_generate_session_id(SSL_CTX *ctx, GEN_SESSION_CB cb) 398SSL_CTX_set_generate_session_id(SSL_CTX *ctx, GEN_SESSION_CB cb)
@@ -397,6 +402,7 @@ SSL_CTX_set_generate_session_id(SSL_CTX *ctx, GEN_SESSION_CB cb)
397 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX); 402 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
398 return (1); 403 return (1);
399} 404}
405LSSL_ALIAS(SSL_CTX_set_generate_session_id);
400 406
401int 407int
402SSL_set_generate_session_id(SSL *ssl, GEN_SESSION_CB cb) 408SSL_set_generate_session_id(SSL *ssl, GEN_SESSION_CB cb)
@@ -406,6 +412,7 @@ SSL_set_generate_session_id(SSL *ssl, GEN_SESSION_CB cb)
406 CRYPTO_w_unlock(CRYPTO_LOCK_SSL); 412 CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
407 return (1); 413 return (1);
408} 414}
415LSSL_ALIAS(SSL_set_generate_session_id);
409 416
410int 417int
411SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id, 418SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
@@ -432,30 +439,35 @@ SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
432 CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX); 439 CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
433 return (p != NULL); 440 return (p != NULL);
434} 441}
442LSSL_ALIAS(SSL_has_matching_session_id);
435 443
436int 444int
437SSL_CTX_set_purpose(SSL_CTX *s, int purpose) 445SSL_CTX_set_purpose(SSL_CTX *s, int purpose)
438{ 446{
439 return (X509_VERIFY_PARAM_set_purpose(s->param, purpose)); 447 return (X509_VERIFY_PARAM_set_purpose(s->param, purpose));
440} 448}
449LSSL_ALIAS(SSL_CTX_set_purpose);
441 450
442int 451int
443SSL_set_purpose(SSL *s, int purpose) 452SSL_set_purpose(SSL *s, int purpose)
444{ 453{
445 return (X509_VERIFY_PARAM_set_purpose(s->param, purpose)); 454 return (X509_VERIFY_PARAM_set_purpose(s->param, purpose));
446} 455}
456LSSL_ALIAS(SSL_set_purpose);
447 457
448int 458int
449SSL_CTX_set_trust(SSL_CTX *s, int trust) 459SSL_CTX_set_trust(SSL_CTX *s, int trust)
450{ 460{
451 return (X509_VERIFY_PARAM_set_trust(s->param, trust)); 461 return (X509_VERIFY_PARAM_set_trust(s->param, trust));
452} 462}
463LSSL_ALIAS(SSL_CTX_set_trust);
453 464
454int 465int
455SSL_set_trust(SSL *s, int trust) 466SSL_set_trust(SSL *s, int trust)
456{ 467{
457 return (X509_VERIFY_PARAM_set_trust(s->param, trust)); 468 return (X509_VERIFY_PARAM_set_trust(s->param, trust));
458} 469}
470LSSL_ALIAS(SSL_set_trust);
459 471
460int 472int
461SSL_set1_host(SSL *s, const char *hostname) 473SSL_set1_host(SSL *s, const char *hostname)
@@ -470,42 +482,49 @@ SSL_set1_host(SSL *s, const char *hostname)
470 else 482 else
471 return X509_VERIFY_PARAM_set1_host(s->param, hostname, 0); 483 return X509_VERIFY_PARAM_set1_host(s->param, hostname, 0);
472} 484}
485LSSL_ALIAS(SSL_set1_host);
473 486
474void 487void
475SSL_set_hostflags(SSL *s, unsigned int flags) 488SSL_set_hostflags(SSL *s, unsigned int flags)
476{ 489{
477 X509_VERIFY_PARAM_set_hostflags(s->param, flags); 490 X509_VERIFY_PARAM_set_hostflags(s->param, flags);
478} 491}
492LSSL_ALIAS(SSL_set_hostflags);
479 493
480const char * 494const char *
481SSL_get0_peername(SSL *s) 495SSL_get0_peername(SSL *s)
482{ 496{
483 return X509_VERIFY_PARAM_get0_peername(s->param); 497 return X509_VERIFY_PARAM_get0_peername(s->param);
484} 498}
499LSSL_ALIAS(SSL_get0_peername);
485 500
486X509_VERIFY_PARAM * 501X509_VERIFY_PARAM *
487SSL_CTX_get0_param(SSL_CTX *ctx) 502SSL_CTX_get0_param(SSL_CTX *ctx)
488{ 503{
489 return (ctx->param); 504 return (ctx->param);
490} 505}
506LSSL_ALIAS(SSL_CTX_get0_param);
491 507
492int 508int
493SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm) 509SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm)
494{ 510{
495 return (X509_VERIFY_PARAM_set1(ctx->param, vpm)); 511 return (X509_VERIFY_PARAM_set1(ctx->param, vpm));
496} 512}
513LSSL_ALIAS(SSL_CTX_set1_param);
497 514
498X509_VERIFY_PARAM * 515X509_VERIFY_PARAM *
499SSL_get0_param(SSL *ssl) 516SSL_get0_param(SSL *ssl)
500{ 517{
501 return (ssl->param); 518 return (ssl->param);
502} 519}
520LSSL_ALIAS(SSL_get0_param);
503 521
504int 522int
505SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm) 523SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm)
506{ 524{
507 return (X509_VERIFY_PARAM_set1(ssl->param, vpm)); 525 return (X509_VERIFY_PARAM_set1(ssl->param, vpm));
508} 526}
527LSSL_ALIAS(SSL_set1_param);
509 528
510void 529void
511SSL_free(SSL *s) 530SSL_free(SSL *s)
@@ -585,6 +604,7 @@ SSL_free(SSL *s)
585 604
586 free(s); 605 free(s);
587} 606}
607LSSL_ALIAS(SSL_free);
588 608
589int 609int
590SSL_up_ref(SSL *s) 610SSL_up_ref(SSL *s)
@@ -592,6 +612,7 @@ SSL_up_ref(SSL *s)
592 int refs = CRYPTO_add(&s->references, 1, CRYPTO_LOCK_SSL); 612 int refs = CRYPTO_add(&s->references, 1, CRYPTO_LOCK_SSL);
593 return (refs > 1) ? 1 : 0; 613 return (refs > 1) ? 1 : 0;
594} 614}
615LSSL_ALIAS(SSL_up_ref);
595 616
596void 617void
597SSL_set_bio(SSL *s, BIO *rbio, BIO *wbio) 618SSL_set_bio(SSL *s, BIO *rbio, BIO *wbio)
@@ -611,12 +632,14 @@ SSL_set_bio(SSL *s, BIO *rbio, BIO *wbio)
611 s->rbio = rbio; 632 s->rbio = rbio;
612 s->wbio = wbio; 633 s->wbio = wbio;
613} 634}
635LSSL_ALIAS(SSL_set_bio);
614 636
615BIO * 637BIO *
616SSL_get_rbio(const SSL *s) 638SSL_get_rbio(const SSL *s)
617{ 639{
618 return (s->rbio); 640 return (s->rbio);
619} 641}
642LSSL_ALIAS(SSL_get_rbio);
620 643
621void 644void
622SSL_set0_rbio(SSL *s, BIO *rbio) 645SSL_set0_rbio(SSL *s, BIO *rbio)
@@ -624,18 +647,21 @@ SSL_set0_rbio(SSL *s, BIO *rbio)
624 BIO_free_all(s->rbio); 647 BIO_free_all(s->rbio);
625 s->rbio = rbio; 648 s->rbio = rbio;
626} 649}
650LSSL_ALIAS(SSL_set0_rbio);
627 651
628BIO * 652BIO *
629SSL_get_wbio(const SSL *s) 653SSL_get_wbio(const SSL *s)
630{ 654{
631 return (s->wbio); 655 return (s->wbio);
632} 656}
657LSSL_ALIAS(SSL_get_wbio);
633 658
634int 659int
635SSL_get_fd(const SSL *s) 660SSL_get_fd(const SSL *s)
636{ 661{
637 return (SSL_get_rfd(s)); 662 return (SSL_get_rfd(s));
638} 663}
664LSSL_ALIAS(SSL_get_fd);
639 665
640int 666int
641SSL_get_rfd(const SSL *s) 667SSL_get_rfd(const SSL *s)
@@ -649,6 +675,7 @@ SSL_get_rfd(const SSL *s)
649 BIO_get_fd(r, &ret); 675 BIO_get_fd(r, &ret);
650 return (ret); 676 return (ret);
651} 677}
678LSSL_ALIAS(SSL_get_rfd);
652 679
653int 680int
654SSL_get_wfd(const SSL *s) 681SSL_get_wfd(const SSL *s)
@@ -662,6 +689,7 @@ SSL_get_wfd(const SSL *s)
662 BIO_get_fd(r, &ret); 689 BIO_get_fd(r, &ret);
663 return (ret); 690 return (ret);
664} 691}
692LSSL_ALIAS(SSL_get_wfd);
665 693
666int 694int
667SSL_set_fd(SSL *s, int fd) 695SSL_set_fd(SSL *s, int fd)
@@ -681,6 +709,7 @@ SSL_set_fd(SSL *s, int fd)
681 err: 709 err:
682 return (ret); 710 return (ret);
683} 711}
712LSSL_ALIAS(SSL_set_fd);
684 713
685int 714int
686SSL_set_wfd(SSL *s, int fd) 715SSL_set_wfd(SSL *s, int fd)
@@ -704,6 +733,7 @@ SSL_set_wfd(SSL *s, int fd)
704 err: 733 err:
705 return (ret); 734 return (ret);
706} 735}
736LSSL_ALIAS(SSL_set_wfd);
707 737
708int 738int
709SSL_set_rfd(SSL *s, int fd) 739SSL_set_rfd(SSL *s, int fd)
@@ -727,6 +757,7 @@ SSL_set_rfd(SSL *s, int fd)
727 err: 757 err:
728 return (ret); 758 return (ret);
729} 759}
760LSSL_ALIAS(SSL_set_rfd);
730 761
731 762
732/* return length of latest Finished message we sent, copy to 'buf' */ 763/* return length of latest Finished message we sent, copy to 'buf' */
@@ -741,6 +772,7 @@ SSL_get_finished(const SSL *s, void *buf, size_t count)
741 memcpy(buf, s->s3->hs.finished, count); 772 memcpy(buf, s->s3->hs.finished, count);
742 return (ret); 773 return (ret);
743} 774}
775LSSL_ALIAS(SSL_get_finished);
744 776
745/* return length of latest Finished message we expected, copy to 'buf' */ 777/* return length of latest Finished message we expected, copy to 'buf' */
746size_t 778size_t
@@ -754,6 +786,7 @@ SSL_get_peer_finished(const SSL *s, void *buf, size_t count)
754 memcpy(buf, s->s3->hs.peer_finished, count); 786 memcpy(buf, s->s3->hs.peer_finished, count);
755 return (ret); 787 return (ret);
756} 788}
789LSSL_ALIAS(SSL_get_peer_finished);
757 790
758 791
759int 792int
@@ -761,30 +794,35 @@ SSL_get_verify_mode(const SSL *s)
761{ 794{
762 return (s->verify_mode); 795 return (s->verify_mode);
763} 796}
797LSSL_ALIAS(SSL_get_verify_mode);
764 798
765int 799int
766SSL_get_verify_depth(const SSL *s) 800SSL_get_verify_depth(const SSL *s)
767{ 801{
768 return (X509_VERIFY_PARAM_get_depth(s->param)); 802 return (X509_VERIFY_PARAM_get_depth(s->param));
769} 803}
804LSSL_ALIAS(SSL_get_verify_depth);
770 805
771int 806int
772(*SSL_get_verify_callback(const SSL *s))(int, X509_STORE_CTX *) 807(*SSL_get_verify_callback(const SSL *s))(int, X509_STORE_CTX *)
773{ 808{
774 return (s->verify_callback); 809 return (s->verify_callback);
775} 810}
811LSSL_ALIAS(SSL_get_verify_callback);
776 812
777void 813void
778SSL_CTX_set_keylog_callback(SSL_CTX *ctx, SSL_CTX_keylog_cb_func cb) 814SSL_CTX_set_keylog_callback(SSL_CTX *ctx, SSL_CTX_keylog_cb_func cb)
779{ 815{
780 ctx->keylog_callback = cb; 816 ctx->keylog_callback = cb;
781} 817}
818LSSL_ALIAS(SSL_CTX_set_keylog_callback);
782 819
783SSL_CTX_keylog_cb_func 820SSL_CTX_keylog_cb_func
784SSL_CTX_get_keylog_callback(const SSL_CTX *ctx) 821SSL_CTX_get_keylog_callback(const SSL_CTX *ctx)
785{ 822{
786 return (ctx->keylog_callback); 823 return (ctx->keylog_callback);
787} 824}
825LSSL_ALIAS(SSL_CTX_get_keylog_callback);
788 826
789int 827int
790SSL_set_num_tickets(SSL *s, size_t num_tickets) 828SSL_set_num_tickets(SSL *s, size_t num_tickets)
@@ -793,12 +831,14 @@ SSL_set_num_tickets(SSL *s, size_t num_tickets)
793 831
794 return 1; 832 return 1;
795} 833}
834LSSL_ALIAS(SSL_set_num_tickets);
796 835
797size_t 836size_t
798SSL_get_num_tickets(const SSL *s) 837SSL_get_num_tickets(const SSL *s)
799{ 838{
800 return s->num_tickets; 839 return s->num_tickets;
801} 840}
841LSSL_ALIAS(SSL_get_num_tickets);
802 842
803int 843int
804SSL_CTX_set_num_tickets(SSL_CTX *ctx, size_t num_tickets) 844SSL_CTX_set_num_tickets(SSL_CTX *ctx, size_t num_tickets)
@@ -807,30 +847,35 @@ SSL_CTX_set_num_tickets(SSL_CTX *ctx, size_t num_tickets)
807 847
808 return 1; 848 return 1;
809} 849}
850LSSL_ALIAS(SSL_CTX_set_num_tickets);
810 851
811size_t 852size_t
812SSL_CTX_get_num_tickets(const SSL_CTX *ctx) 853SSL_CTX_get_num_tickets(const SSL_CTX *ctx)
813{ 854{
814 return ctx->num_tickets; 855 return ctx->num_tickets;
815} 856}
857LSSL_ALIAS(SSL_CTX_get_num_tickets);
816 858
817int 859int
818SSL_CTX_get_verify_mode(const SSL_CTX *ctx) 860SSL_CTX_get_verify_mode(const SSL_CTX *ctx)
819{ 861{
820 return (ctx->verify_mode); 862 return (ctx->verify_mode);
821} 863}
864LSSL_ALIAS(SSL_CTX_get_verify_mode);
822 865
823int 866int
824SSL_CTX_get_verify_depth(const SSL_CTX *ctx) 867SSL_CTX_get_verify_depth(const SSL_CTX *ctx)
825{ 868{
826 return (X509_VERIFY_PARAM_get_depth(ctx->param)); 869 return (X509_VERIFY_PARAM_get_depth(ctx->param));
827} 870}
871LSSL_ALIAS(SSL_CTX_get_verify_depth);
828 872
829int 873int
830(*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))(int, X509_STORE_CTX *) 874(*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))(int, X509_STORE_CTX *)
831{ 875{
832 return (ctx->default_verify_callback); 876 return (ctx->default_verify_callback);
833} 877}
878LSSL_ALIAS(SSL_CTX_get_verify_callback);
834 879
835void 880void
836SSL_set_verify(SSL *s, int mode, 881SSL_set_verify(SSL *s, int mode,
@@ -840,30 +885,35 @@ SSL_set_verify(SSL *s, int mode,
840 if (callback != NULL) 885 if (callback != NULL)
841 s->verify_callback = callback; 886 s->verify_callback = callback;
842} 887}
888LSSL_ALIAS(SSL_set_verify);
843 889
844void 890void
845SSL_set_verify_depth(SSL *s, int depth) 891SSL_set_verify_depth(SSL *s, int depth)
846{ 892{
847 X509_VERIFY_PARAM_set_depth(s->param, depth); 893 X509_VERIFY_PARAM_set_depth(s->param, depth);
848} 894}
895LSSL_ALIAS(SSL_set_verify_depth);
849 896
850void 897void
851SSL_set_read_ahead(SSL *s, int yes) 898SSL_set_read_ahead(SSL *s, int yes)
852{ 899{
853 s->read_ahead = yes; 900 s->read_ahead = yes;
854} 901}
902LSSL_ALIAS(SSL_set_read_ahead);
855 903
856int 904int
857SSL_get_read_ahead(const SSL *s) 905SSL_get_read_ahead(const SSL *s)
858{ 906{
859 return (s->read_ahead); 907 return (s->read_ahead);
860} 908}
909LSSL_ALIAS(SSL_get_read_ahead);
861 910
862int 911int
863SSL_pending(const SSL *s) 912SSL_pending(const SSL *s)
864{ 913{
865 return (s->method->ssl_pending(s)); 914 return (s->method->ssl_pending(s));
866} 915}
916LSSL_ALIAS(SSL_pending);
867 917
868X509 * 918X509 *
869SSL_get_peer_certificate(const SSL *s) 919SSL_get_peer_certificate(const SSL *s)
@@ -880,6 +930,7 @@ SSL_get_peer_certificate(const SSL *s)
880 930
881 return cert; 931 return cert;
882} 932}
933LSSL_ALIAS(SSL_get_peer_certificate);
883 934
884STACK_OF(X509) * 935STACK_OF(X509) *
885SSL_get_peer_cert_chain(const SSL *s) 936SSL_get_peer_cert_chain(const SSL *s)
@@ -896,6 +947,7 @@ SSL_get_peer_cert_chain(const SSL *s)
896 947
897 return s->s3->hs.peer_certs_no_leaf; 948 return s->s3->hs.peer_certs_no_leaf;
898} 949}
950LSSL_ALIAS(SSL_get_peer_cert_chain);
899 951
900STACK_OF(X509) * 952STACK_OF(X509) *
901SSL_get0_verified_chain(const SSL *s) 953SSL_get0_verified_chain(const SSL *s)
@@ -904,6 +956,7 @@ SSL_get0_verified_chain(const SSL *s)
904 return NULL; 956 return NULL;
905 return s->s3->hs.verified_chain; 957 return s->s3->hs.verified_chain;
906} 958}
959LSSL_ALIAS(SSL_get0_verified_chain);
907 960
908/* 961/*
909 * Now in theory, since the calling process own 't' it should be safe to 962 * Now in theory, since the calling process own 't' it should be safe to
@@ -939,6 +992,7 @@ SSL_copy_session_id(SSL *t, const SSL *f)
939 992
940 return 1; 993 return 1;
941} 994}
995LSSL_ALIAS(SSL_copy_session_id);
942 996
943/* Fix this so it checks all the valid key/cert options */ 997/* Fix this so it checks all the valid key/cert options */
944int 998int
@@ -956,6 +1010,7 @@ SSL_CTX_check_private_key(const SSL_CTX *ctx)
956 return (X509_check_private_key(ctx->cert->key->x509, 1010 return (X509_check_private_key(ctx->cert->key->x509,
957 ctx->cert->key->privatekey)); 1011 ctx->cert->key->privatekey));
958} 1012}
1013LSSL_ALIAS(SSL_CTX_check_private_key);
959 1014
960/* Fix this function so that it takes an optional type parameter */ 1015/* Fix this function so that it takes an optional type parameter */
961int 1016int
@@ -980,6 +1035,7 @@ SSL_check_private_key(const SSL *ssl)
980 return (X509_check_private_key(ssl->cert->key->x509, 1035 return (X509_check_private_key(ssl->cert->key->x509,
981 ssl->cert->key->privatekey)); 1036 ssl->cert->key->privatekey));
982} 1037}
1038LSSL_ALIAS(SSL_check_private_key);
983 1039
984int 1040int
985SSL_accept(SSL *s) 1041SSL_accept(SSL *s)
@@ -989,6 +1045,7 @@ SSL_accept(SSL *s)
989 1045
990 return (s->method->ssl_accept(s)); 1046 return (s->method->ssl_accept(s));
991} 1047}
1048LSSL_ALIAS(SSL_accept);
992 1049
993int 1050int
994SSL_connect(SSL *s) 1051SSL_connect(SSL *s)
@@ -998,18 +1055,21 @@ SSL_connect(SSL *s)
998 1055
999 return (s->method->ssl_connect(s)); 1056 return (s->method->ssl_connect(s));
1000} 1057}
1058LSSL_ALIAS(SSL_connect);
1001 1059
1002int 1060int
1003SSL_is_dtls(const SSL *s) 1061SSL_is_dtls(const SSL *s)
1004{ 1062{
1005 return s->method->dtls; 1063 return s->method->dtls;
1006} 1064}
1065LSSL_ALIAS(SSL_is_dtls);
1007 1066
1008int 1067int
1009SSL_is_server(const SSL *s) 1068SSL_is_server(const SSL *s)
1010{ 1069{
1011 return s->server; 1070 return s->server;
1012} 1071}
1072LSSL_ALIAS(SSL_is_server);
1013 1073
1014static long 1074static long
1015ssl_get_default_timeout() 1075ssl_get_default_timeout()
@@ -1026,6 +1086,7 @@ SSL_get_default_timeout(const SSL *s)
1026{ 1086{
1027 return (ssl_get_default_timeout()); 1087 return (ssl_get_default_timeout());
1028} 1088}
1089LSSL_ALIAS(SSL_get_default_timeout);
1029 1090
1030int 1091int
1031SSL_read(SSL *s, void *buf, int num) 1092SSL_read(SSL *s, void *buf, int num)
@@ -1051,6 +1112,7 @@ SSL_read(SSL *s, void *buf, int num)
1051 } 1112 }
1052 return ssl3_read(s, buf, num); 1113 return ssl3_read(s, buf, num);
1053} 1114}
1115LSSL_ALIAS(SSL_read);
1054 1116
1055int 1117int
1056SSL_read_ex(SSL *s, void *buf, size_t num, size_t *bytes_read) 1118SSL_read_ex(SSL *s, void *buf, size_t num, size_t *bytes_read)
@@ -1070,6 +1132,7 @@ SSL_read_ex(SSL *s, void *buf, size_t num, size_t *bytes_read)
1070 1132
1071 return ret > 0; 1133 return ret > 0;
1072} 1134}
1135LSSL_ALIAS(SSL_read_ex);
1073 1136
1074int 1137int
1075SSL_peek(SSL *s, void *buf, int num) 1138SSL_peek(SSL *s, void *buf, int num)
@@ -1094,6 +1157,7 @@ SSL_peek(SSL *s, void *buf, int num)
1094 } 1157 }
1095 return ssl3_peek(s, buf, num); 1158 return ssl3_peek(s, buf, num);
1096} 1159}
1160LSSL_ALIAS(SSL_peek);
1097 1161
1098int 1162int
1099SSL_peek_ex(SSL *s, void *buf, size_t num, size_t *bytes_peeked) 1163SSL_peek_ex(SSL *s, void *buf, size_t num, size_t *bytes_peeked)
@@ -1113,6 +1177,7 @@ SSL_peek_ex(SSL *s, void *buf, size_t num, size_t *bytes_peeked)
1113 1177
1114 return ret > 0; 1178 return ret > 0;
1115} 1179}
1180LSSL_ALIAS(SSL_peek_ex);
1116 1181
1117int 1182int
1118SSL_write(SSL *s, const void *buf, int num) 1183SSL_write(SSL *s, const void *buf, int num)
@@ -1139,6 +1204,7 @@ SSL_write(SSL *s, const void *buf, int num)
1139 } 1204 }
1140 return ssl3_write(s, buf, num); 1205 return ssl3_write(s, buf, num);
1141} 1206}
1207LSSL_ALIAS(SSL_write);
1142 1208
1143int 1209int
1144SSL_write_ex(SSL *s, const void *buf, size_t num, size_t *bytes_written) 1210SSL_write_ex(SSL *s, const void *buf, size_t num, size_t *bytes_written)
@@ -1164,36 +1230,42 @@ SSL_write_ex(SSL *s, const void *buf, size_t num, size_t *bytes_written)
1164 1230
1165 return ret > 0; 1231 return ret > 0;
1166} 1232}
1233LSSL_ALIAS(SSL_write_ex);
1167 1234
1168uint32_t 1235uint32_t
1169SSL_CTX_get_max_early_data(const SSL_CTX *ctx) 1236SSL_CTX_get_max_early_data(const SSL_CTX *ctx)
1170{ 1237{
1171 return 0; 1238 return 0;
1172} 1239}
1240LSSL_ALIAS(SSL_CTX_get_max_early_data);
1173 1241
1174int 1242int
1175SSL_CTX_set_max_early_data(SSL_CTX *ctx, uint32_t max_early_data) 1243SSL_CTX_set_max_early_data(SSL_CTX *ctx, uint32_t max_early_data)
1176{ 1244{
1177 return 1; 1245 return 1;
1178} 1246}
1247LSSL_ALIAS(SSL_CTX_set_max_early_data);
1179 1248
1180uint32_t 1249uint32_t
1181SSL_get_max_early_data(const SSL *s) 1250SSL_get_max_early_data(const SSL *s)
1182{ 1251{
1183 return 0; 1252 return 0;
1184} 1253}
1254LSSL_ALIAS(SSL_get_max_early_data);
1185 1255
1186int 1256int
1187SSL_set_max_early_data(SSL *s, uint32_t max_early_data) 1257SSL_set_max_early_data(SSL *s, uint32_t max_early_data)
1188{ 1258{
1189 return 1; 1259 return 1;
1190} 1260}
1261LSSL_ALIAS(SSL_set_max_early_data);
1191 1262
1192int 1263int
1193SSL_get_early_data_status(const SSL *s) 1264SSL_get_early_data_status(const SSL *s)
1194{ 1265{
1195 return SSL_EARLY_DATA_REJECTED; 1266 return SSL_EARLY_DATA_REJECTED;
1196} 1267}
1268LSSL_ALIAS(SSL_get_early_data_status);
1197 1269
1198int 1270int
1199SSL_read_early_data(SSL *s, void *buf, size_t num, size_t *readbytes) 1271SSL_read_early_data(SSL *s, void *buf, size_t num, size_t *readbytes)
@@ -1207,6 +1279,7 @@ SSL_read_early_data(SSL *s, void *buf, size_t num, size_t *readbytes)
1207 1279
1208 return SSL_READ_EARLY_DATA_FINISH; 1280 return SSL_READ_EARLY_DATA_FINISH;
1209} 1281}
1282LSSL_ALIAS(SSL_read_early_data);
1210 1283
1211int 1284int
1212SSL_write_early_data(SSL *s, const void *buf, size_t num, size_t *written) 1285SSL_write_early_data(SSL *s, const void *buf, size_t num, size_t *written)
@@ -1215,6 +1288,7 @@ SSL_write_early_data(SSL *s, const void *buf, size_t num, size_t *written)
1215 SSLerror(s, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 1288 SSLerror(s, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1216 return 0; 1289 return 0;
1217} 1290}
1291LSSL_ALIAS(SSL_write_early_data);
1218 1292
1219int 1293int
1220SSL_shutdown(SSL *s) 1294SSL_shutdown(SSL *s)
@@ -1236,6 +1310,7 @@ SSL_shutdown(SSL *s)
1236 1310
1237 return (1); 1311 return (1);
1238} 1312}
1313LSSL_ALIAS(SSL_shutdown);
1239 1314
1240int 1315int
1241SSL_renegotiate(SSL *s) 1316SSL_renegotiate(SSL *s)
@@ -1247,6 +1322,7 @@ SSL_renegotiate(SSL *s)
1247 1322
1248 return (s->method->ssl_renegotiate(s)); 1323 return (s->method->ssl_renegotiate(s));
1249} 1324}
1325LSSL_ALIAS(SSL_renegotiate);
1250 1326
1251int 1327int
1252SSL_renegotiate_abbreviated(SSL *s) 1328SSL_renegotiate_abbreviated(SSL *s)
@@ -1258,6 +1334,7 @@ SSL_renegotiate_abbreviated(SSL *s)
1258 1334
1259 return (s->method->ssl_renegotiate(s)); 1335 return (s->method->ssl_renegotiate(s));
1260} 1336}
1337LSSL_ALIAS(SSL_renegotiate_abbreviated);
1261 1338
1262int 1339int
1263SSL_renegotiate_pending(SSL *s) 1340SSL_renegotiate_pending(SSL *s)
@@ -1268,6 +1345,7 @@ SSL_renegotiate_pending(SSL *s)
1268 */ 1345 */
1269 return (s->renegotiate != 0); 1346 return (s->renegotiate != 0);
1270} 1347}
1348LSSL_ALIAS(SSL_renegotiate_pending);
1271 1349
1272long 1350long
1273SSL_ctrl(SSL *s, int cmd, long larg, void *parg) 1351SSL_ctrl(SSL *s, int cmd, long larg, void *parg)
@@ -1325,6 +1403,7 @@ SSL_ctrl(SSL *s, int cmd, long larg, void *parg)
1325 return ssl3_ctrl(s, cmd, larg, parg); 1403 return ssl3_ctrl(s, cmd, larg, parg);
1326 } 1404 }
1327} 1405}
1406LSSL_ALIAS(SSL_ctrl);
1328 1407
1329long 1408long
1330SSL_callback_ctrl(SSL *s, int cmd, void (*fp)(void)) 1409SSL_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
@@ -1338,12 +1417,14 @@ SSL_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
1338 return (ssl3_callback_ctrl(s, cmd, fp)); 1417 return (ssl3_callback_ctrl(s, cmd, fp));
1339 } 1418 }
1340} 1419}
1420LSSL_ALIAS(SSL_callback_ctrl);
1341 1421
1342struct lhash_st_SSL_SESSION * 1422struct lhash_st_SSL_SESSION *
1343SSL_CTX_sessions(SSL_CTX *ctx) 1423SSL_CTX_sessions(SSL_CTX *ctx)
1344{ 1424{
1345 return (ctx->sessions); 1425 return (ctx->sessions);
1346} 1426}
1427LSSL_ALIAS(SSL_CTX_sessions);
1347 1428
1348long 1429long
1349SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) 1430SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
@@ -1423,6 +1504,7 @@ SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
1423 return (ssl3_ctx_ctrl(ctx, cmd, larg, parg)); 1504 return (ssl3_ctx_ctrl(ctx, cmd, larg, parg));
1424 } 1505 }
1425} 1506}
1507LSSL_ALIAS(SSL_CTX_ctrl);
1426 1508
1427long 1509long
1428SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void)) 1510SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
@@ -1436,6 +1518,7 @@ SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
1436 return (ssl3_ctx_callback_ctrl(ctx, cmd, fp)); 1518 return (ssl3_ctx_callback_ctrl(ctx, cmd, fp));
1437 } 1519 }
1438} 1520}
1521LSSL_ALIAS(SSL_CTX_callback_ctrl);
1439 1522
1440int 1523int
1441ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b) 1524ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b)
@@ -1459,6 +1542,7 @@ SSL_get_ciphers(const SSL *s)
1459 1542
1460 return (s->ctx->cipher_list); 1543 return (s->ctx->cipher_list);
1461} 1544}
1545LSSL_ALIAS(SSL_get_ciphers);
1462 1546
1463STACK_OF(SSL_CIPHER) * 1547STACK_OF(SSL_CIPHER) *
1464SSL_get_client_ciphers(const SSL *s) 1548SSL_get_client_ciphers(const SSL *s)
@@ -1467,6 +1551,7 @@ SSL_get_client_ciphers(const SSL *s)
1467 return NULL; 1551 return NULL;
1468 return s->session->ciphers; 1552 return s->session->ciphers;
1469} 1553}
1554LSSL_ALIAS(SSL_get_client_ciphers);
1470 1555
1471STACK_OF(SSL_CIPHER) * 1556STACK_OF(SSL_CIPHER) *
1472SSL_get1_supported_ciphers(SSL *s) 1557SSL_get1_supported_ciphers(SSL *s)
@@ -1504,6 +1589,7 @@ SSL_get1_supported_ciphers(SSL *s)
1504 sk_SSL_CIPHER_free(supported_ciphers); 1589 sk_SSL_CIPHER_free(supported_ciphers);
1505 return NULL; 1590 return NULL;
1506} 1591}
1592LSSL_ALIAS(SSL_get1_supported_ciphers);
1507 1593
1508/* See if we have any ECC cipher suites. */ 1594/* See if we have any ECC cipher suites. */
1509int 1595int
@@ -1544,6 +1630,7 @@ SSL_get_cipher_list(const SSL *s, int n)
1544 1630
1545 return (cipher->name); 1631 return (cipher->name);
1546} 1632}
1633LSSL_ALIAS(SSL_get_cipher_list);
1547 1634
1548STACK_OF(SSL_CIPHER) * 1635STACK_OF(SSL_CIPHER) *
1549SSL_CTX_get_ciphers(const SSL_CTX *ctx) 1636SSL_CTX_get_ciphers(const SSL_CTX *ctx)
@@ -1552,6 +1639,7 @@ SSL_CTX_get_ciphers(const SSL_CTX *ctx)
1552 return NULL; 1639 return NULL;
1553 return ctx->cipher_list; 1640 return ctx->cipher_list;
1554} 1641}
1642LSSL_ALIAS(SSL_CTX_get_ciphers);
1555 1643
1556/* Specify the ciphers to be used by default by the SSL_CTX. */ 1644/* Specify the ciphers to be used by default by the SSL_CTX. */
1557int 1645int
@@ -1576,6 +1664,7 @@ SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str)
1576 } 1664 }
1577 return (1); 1665 return (1);
1578} 1666}
1667LSSL_ALIAS(SSL_CTX_set_cipher_list);
1579 1668
1580int 1669int
1581SSL_CTX_set_ciphersuites(SSL_CTX *ctx, const char *str) 1670SSL_CTX_set_ciphersuites(SSL_CTX *ctx, const char *str)
@@ -1590,6 +1679,7 @@ SSL_CTX_set_ciphersuites(SSL_CTX *ctx, const char *str)
1590 1679
1591 return 1; 1680 return 1;
1592} 1681}
1682LSSL_ALIAS(SSL_CTX_set_ciphersuites);
1593 1683
1594/* Specify the ciphers to be used by the SSL. */ 1684/* Specify the ciphers to be used by the SSL. */
1595int 1685int
@@ -1611,6 +1701,7 @@ SSL_set_cipher_list(SSL *s, const char *str)
1611 } 1701 }
1612 return (1); 1702 return (1);
1613} 1703}
1704LSSL_ALIAS(SSL_set_cipher_list);
1614 1705
1615int 1706int
1616SSL_set_ciphersuites(SSL *s, const char *str) 1707SSL_set_ciphersuites(SSL *s, const char *str)
@@ -1630,6 +1721,7 @@ SSL_set_ciphersuites(SSL *s, const char *str)
1630 1721
1631 return 1; 1722 return 1;
1632} 1723}
1724LSSL_ALIAS(SSL_set_ciphersuites);
1633 1725
1634char * 1726char *
1635SSL_get_shared_ciphers(const SSL *s, char *buf, int len) 1727SSL_get_shared_ciphers(const SSL *s, char *buf, int len)
@@ -1671,6 +1763,7 @@ SSL_get_shared_ciphers(const SSL *s, char *buf, int len)
1671 *end = '\0'; 1763 *end = '\0';
1672 return buf; 1764 return buf;
1673} 1765}
1766LSSL_ALIAS(SSL_get_shared_ciphers);
1674 1767
1675/* 1768/*
1676 * Return a servername extension value if provided in Client Hello, or NULL. 1769 * Return a servername extension value if provided in Client Hello, or NULL.
@@ -1686,6 +1779,7 @@ SSL_get_servername(const SSL *s, const int type)
1686 s->session->tlsext_hostname : 1779 s->session->tlsext_hostname :
1687 s->tlsext_hostname); 1780 s->tlsext_hostname);
1688} 1781}
1782LSSL_ALIAS(SSL_get_servername);
1689 1783
1690int 1784int
1691SSL_get_servername_type(const SSL *s) 1785SSL_get_servername_type(const SSL *s)
@@ -1696,6 +1790,7 @@ SSL_get_servername_type(const SSL *s)
1696 return (TLSEXT_NAMETYPE_host_name); 1790 return (TLSEXT_NAMETYPE_host_name);
1697 return (-1); 1791 return (-1);
1698} 1792}
1793LSSL_ALIAS(SSL_get_servername_type);
1699 1794
1700/* 1795/*
1701 * SSL_select_next_proto implements standard protocol selection. It is 1796 * SSL_select_next_proto implements standard protocol selection. It is
@@ -1749,6 +1844,7 @@ SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
1749 *outlen = result[0]; 1844 *outlen = result[0];
1750 return (status); 1845 return (status);
1751} 1846}
1847LSSL_ALIAS(SSL_select_next_proto);
1752 1848
1753/* SSL_get0_next_proto_negotiated is deprecated. */ 1849/* SSL_get0_next_proto_negotiated is deprecated. */
1754void 1850void
@@ -1758,6 +1854,7 @@ SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data,
1758 *data = NULL; 1854 *data = NULL;
1759 *len = 0; 1855 *len = 0;
1760} 1856}
1857LSSL_ALIAS(SSL_get0_next_proto_negotiated);
1761 1858
1762/* SSL_CTX_set_next_protos_advertised_cb is deprecated. */ 1859/* SSL_CTX_set_next_protos_advertised_cb is deprecated. */
1763void 1860void
@@ -1765,6 +1862,7 @@ SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *ctx, int (*cb) (SSL *ssl,
1765 const unsigned char **out, unsigned int *outlen, void *arg), void *arg) 1862 const unsigned char **out, unsigned int *outlen, void *arg), void *arg)
1766{ 1863{
1767} 1864}
1865LSSL_ALIAS(SSL_CTX_set_next_protos_advertised_cb);
1768 1866
1769/* SSL_CTX_set_next_proto_select_cb is deprecated. */ 1867/* SSL_CTX_set_next_proto_select_cb is deprecated. */
1770void 1868void
@@ -1773,6 +1871,7 @@ SSL_CTX_set_next_proto_select_cb(SSL_CTX *ctx, int (*cb) (SSL *s,
1773 unsigned int inlen, void *arg), void *arg) 1871 unsigned int inlen, void *arg), void *arg)
1774{ 1872{
1775} 1873}
1874LSSL_ALIAS(SSL_CTX_set_next_proto_select_cb);
1776 1875
1777/* 1876/*
1778 * SSL_CTX_set_alpn_protos sets the ALPN protocol list to the specified 1877 * SSL_CTX_set_alpn_protos sets the ALPN protocol list to the specified
@@ -1806,6 +1905,7 @@ SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos,
1806 /* NOTE: Return values are the reverse of what you expect. */ 1905 /* NOTE: Return values are the reverse of what you expect. */
1807 return failed; 1906 return failed;
1808} 1907}
1908LSSL_ALIAS(SSL_CTX_set_alpn_protos);
1809 1909
1810/* 1910/*
1811 * SSL_set_alpn_protos sets the ALPN protocol list to the specified 1911 * SSL_set_alpn_protos sets the ALPN protocol list to the specified
@@ -1839,6 +1939,7 @@ SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos,
1839 /* NOTE: Return values are the reverse of what you expect. */ 1939 /* NOTE: Return values are the reverse of what you expect. */
1840 return failed; 1940 return failed;
1841} 1941}
1942LSSL_ALIAS(SSL_set_alpn_protos);
1842 1943
1843/* 1944/*
1844 * SSL_CTX_set_alpn_select_cb sets a callback function that is called during 1945 * SSL_CTX_set_alpn_select_cb sets a callback function that is called during
@@ -1853,6 +1954,7 @@ SSL_CTX_set_alpn_select_cb(SSL_CTX* ctx,
1853 ctx->alpn_select_cb = cb; 1954 ctx->alpn_select_cb = cb;
1854 ctx->alpn_select_cb_arg = arg; 1955 ctx->alpn_select_cb_arg = arg;
1855} 1956}
1957LSSL_ALIAS(SSL_CTX_set_alpn_select_cb);
1856 1958
1857/* 1959/*
1858 * SSL_get0_alpn_selected gets the selected ALPN protocol (if any). On return 1960 * SSL_get0_alpn_selected gets the selected ALPN protocol (if any). On return
@@ -1867,12 +1969,14 @@ SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
1867 *data = ssl->s3->alpn_selected; 1969 *data = ssl->s3->alpn_selected;
1868 *len = ssl->s3->alpn_selected_len; 1970 *len = ssl->s3->alpn_selected_len;
1869} 1971}
1972LSSL_ALIAS(SSL_get0_alpn_selected);
1870 1973
1871void 1974void
1872SSL_set_psk_use_session_callback(SSL *s, SSL_psk_use_session_cb_func cb) 1975SSL_set_psk_use_session_callback(SSL *s, SSL_psk_use_session_cb_func cb)
1873{ 1976{
1874 return; 1977 return;
1875} 1978}
1979LSSL_ALIAS(SSL_set_psk_use_session_callback);
1876 1980
1877int 1981int
1878SSL_export_keying_material(SSL *s, unsigned char *out, size_t out_len, 1982SSL_export_keying_material(SSL *s, unsigned char *out, size_t out_len,
@@ -1891,6 +1995,7 @@ SSL_export_keying_material(SSL *s, unsigned char *out, size_t out_len,
1891 return tls12_exporter(s, label, label_len, context, context_len, 1995 return tls12_exporter(s, label, label_len, context, context_len,
1892 use_context, out, out_len); 1996 use_context, out, out_len);
1893} 1997}
1998LSSL_ALIAS(SSL_export_keying_material);
1894 1999
1895static unsigned long 2000static unsigned long
1896ssl_session_hash(const SSL_SESSION *a) 2001ssl_session_hash(const SSL_SESSION *a)
@@ -2092,6 +2197,7 @@ SSL_CTX_new(const SSL_METHOD *meth)
2092 SSL_CTX_free(ret); 2197 SSL_CTX_free(ret);
2093 return (NULL); 2198 return (NULL);
2094} 2199}
2200LSSL_ALIAS(SSL_CTX_new);
2095 2201
2096void 2202void
2097SSL_CTX_free(SSL_CTX *ctx) 2203SSL_CTX_free(SSL_CTX *ctx)
@@ -2146,6 +2252,7 @@ SSL_CTX_free(SSL_CTX *ctx)
2146 2252
2147 free(ctx); 2253 free(ctx);
2148} 2254}
2255LSSL_ALIAS(SSL_CTX_free);
2149 2256
2150int 2257int
2151SSL_CTX_up_ref(SSL_CTX *ctx) 2258SSL_CTX_up_ref(SSL_CTX *ctx)
@@ -2153,30 +2260,35 @@ SSL_CTX_up_ref(SSL_CTX *ctx)
2153 int refs = CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX); 2260 int refs = CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
2154 return ((refs > 1) ? 1 : 0); 2261 return ((refs > 1) ? 1 : 0);
2155} 2262}
2263LSSL_ALIAS(SSL_CTX_up_ref);
2156 2264
2157pem_password_cb * 2265pem_password_cb *
2158SSL_CTX_get_default_passwd_cb(SSL_CTX *ctx) 2266SSL_CTX_get_default_passwd_cb(SSL_CTX *ctx)
2159{ 2267{
2160 return (ctx->default_passwd_callback); 2268 return (ctx->default_passwd_callback);
2161} 2269}
2270LSSL_ALIAS(SSL_CTX_get_default_passwd_cb);
2162 2271
2163void 2272void
2164SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb) 2273SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb)
2165{ 2274{
2166 ctx->default_passwd_callback = cb; 2275 ctx->default_passwd_callback = cb;
2167} 2276}
2277LSSL_ALIAS(SSL_CTX_set_default_passwd_cb);
2168 2278
2169void * 2279void *
2170SSL_CTX_get_default_passwd_cb_userdata(SSL_CTX *ctx) 2280SSL_CTX_get_default_passwd_cb_userdata(SSL_CTX *ctx)
2171{ 2281{
2172 return ctx->default_passwd_callback_userdata; 2282 return ctx->default_passwd_callback_userdata;
2173} 2283}
2284LSSL_ALIAS(SSL_CTX_get_default_passwd_cb_userdata);
2174 2285
2175void 2286void
2176SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u) 2287SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u)
2177{ 2288{
2178 ctx->default_passwd_callback_userdata = u; 2289 ctx->default_passwd_callback_userdata = u;
2179} 2290}
2291LSSL_ALIAS(SSL_CTX_set_default_passwd_cb_userdata);
2180 2292
2181void 2293void
2182SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, 2294SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx,
@@ -2185,6 +2297,7 @@ SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx,
2185 ctx->app_verify_callback = cb; 2297 ctx->app_verify_callback = cb;
2186 ctx->app_verify_arg = arg; 2298 ctx->app_verify_arg = arg;
2187} 2299}
2300LSSL_ALIAS(SSL_CTX_set_cert_verify_callback);
2188 2301
2189void 2302void
2190SSL_CTX_set_verify(SSL_CTX *ctx, int mode, int (*cb)(int, X509_STORE_CTX *)) 2303SSL_CTX_set_verify(SSL_CTX *ctx, int mode, int (*cb)(int, X509_STORE_CTX *))
@@ -2192,12 +2305,14 @@ SSL_CTX_set_verify(SSL_CTX *ctx, int mode, int (*cb)(int, X509_STORE_CTX *))
2192 ctx->verify_mode = mode; 2305 ctx->verify_mode = mode;
2193 ctx->default_verify_callback = cb; 2306 ctx->default_verify_callback = cb;
2194} 2307}
2308LSSL_ALIAS(SSL_CTX_set_verify);
2195 2309
2196void 2310void
2197SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth) 2311SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth)
2198{ 2312{
2199 X509_VERIFY_PARAM_set_depth(ctx->param, depth); 2313 X509_VERIFY_PARAM_set_depth(ctx->param, depth);
2200} 2314}
2315LSSL_ALIAS(SSL_CTX_set_verify_depth);
2201 2316
2202void 2317void
2203ssl_set_cert_masks(SSL_CERT *c, const SSL_CIPHER *cipher) 2318ssl_set_cert_masks(SSL_CERT *c, const SSL_CIPHER *cipher)
@@ -2478,6 +2593,7 @@ SSL_get_ssl_method(SSL *s)
2478{ 2593{
2479 return (s->method); 2594 return (s->method);
2480} 2595}
2596LSSL_ALIAS(SSL_get_ssl_method);
2481 2597
2482int 2598int
2483SSL_set_ssl_method(SSL *s, const SSL_METHOD *method) 2599SSL_set_ssl_method(SSL *s, const SSL_METHOD *method)
@@ -2504,6 +2620,7 @@ SSL_set_ssl_method(SSL *s, const SSL_METHOD *method)
2504 2620
2505 return (ret); 2621 return (ret);
2506} 2622}
2623LSSL_ALIAS(SSL_set_ssl_method);
2507 2624
2508int 2625int
2509SSL_get_error(const SSL *s, int i) 2626SSL_get_error(const SSL *s, int i)
@@ -2583,6 +2700,7 @@ SSL_get_error(const SSL *s, int i)
2583 2700
2584 return (SSL_ERROR_SYSCALL); 2701 return (SSL_ERROR_SYSCALL);
2585} 2702}
2703LSSL_ALIAS(SSL_get_error);
2586 2704
2587int 2705int
2588SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method) 2706SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method)
@@ -2594,6 +2712,7 @@ SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method)
2594 2712
2595 return 1; 2713 return 1;
2596} 2714}
2715LSSL_ALIAS(SSL_CTX_set_quic_method);
2597 2716
2598int 2717int
2599SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method) 2718SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method)
@@ -2605,6 +2724,7 @@ SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method)
2605 2724
2606 return 1; 2725 return 1;
2607} 2726}
2727LSSL_ALIAS(SSL_set_quic_method);
2608 2728
2609size_t 2729size_t
2610SSL_quic_max_handshake_flight_len(const SSL *ssl, 2730SSL_quic_max_handshake_flight_len(const SSL *ssl,
@@ -2652,18 +2772,21 @@ SSL_quic_max_handshake_flight_len(const SSL *ssl,
2652 2772
2653 return 0; 2773 return 0;
2654} 2774}
2775LSSL_ALIAS(SSL_quic_max_handshake_flight_len);
2655 2776
2656enum ssl_encryption_level_t 2777enum ssl_encryption_level_t
2657SSL_quic_read_level(const SSL *ssl) 2778SSL_quic_read_level(const SSL *ssl)
2658{ 2779{
2659 return ssl->s3->hs.tls13.quic_read_level; 2780 return ssl->s3->hs.tls13.quic_read_level;
2660} 2781}
2782LSSL_ALIAS(SSL_quic_read_level);
2661 2783
2662enum ssl_encryption_level_t 2784enum ssl_encryption_level_t
2663SSL_quic_write_level(const SSL *ssl) 2785SSL_quic_write_level(const SSL *ssl)
2664{ 2786{
2665 return ssl->s3->hs.tls13.quic_write_level; 2787 return ssl->s3->hs.tls13.quic_write_level;
2666} 2788}
2789LSSL_ALIAS(SSL_quic_write_level);
2667 2790
2668int 2791int
2669SSL_provide_quic_data(SSL *ssl, enum ssl_encryption_level_t level, 2792SSL_provide_quic_data(SSL *ssl, enum ssl_encryption_level_t level,
@@ -2697,6 +2820,7 @@ SSL_provide_quic_data(SSL *ssl, enum ssl_encryption_level_t level,
2697 */ 2820 */
2698 return tls_buffer_append(ssl->s3->hs.tls13.quic_read_buffer, data, len); 2821 return tls_buffer_append(ssl->s3->hs.tls13.quic_read_buffer, data, len);
2699} 2822}
2823LSSL_ALIAS(SSL_provide_quic_data);
2700 2824
2701int 2825int
2702SSL_process_quic_post_handshake(SSL *ssl) 2826SSL_process_quic_post_handshake(SSL *ssl)
@@ -2704,6 +2828,7 @@ SSL_process_quic_post_handshake(SSL *ssl)
2704 /* XXX - this needs to run PHH received. */ 2828 /* XXX - this needs to run PHH received. */
2705 return 1; 2829 return 1;
2706} 2830}
2831LSSL_ALIAS(SSL_process_quic_post_handshake);
2707 2832
2708int 2833int
2709SSL_do_handshake(SSL *s) 2834SSL_do_handshake(SSL *s)
@@ -2720,6 +2845,7 @@ SSL_do_handshake(SSL *s)
2720 2845
2721 return s->handshake_func(s); 2846 return s->handshake_func(s);
2722} 2847}
2848LSSL_ALIAS(SSL_do_handshake);
2723 2849
2724/* 2850/*
2725 * For the next 2 functions, SSL_clear() sets shutdown and so 2851 * For the next 2 functions, SSL_clear() sets shutdown and so
@@ -2734,6 +2860,7 @@ SSL_set_accept_state(SSL *s)
2734 s->handshake_func = s->method->ssl_accept; 2860 s->handshake_func = s->method->ssl_accept;
2735 ssl_clear_cipher_state(s); 2861 ssl_clear_cipher_state(s);
2736} 2862}
2863LSSL_ALIAS(SSL_set_accept_state);
2737 2864
2738void 2865void
2739SSL_set_connect_state(SSL *s) 2866SSL_set_connect_state(SSL *s)
@@ -2744,6 +2871,7 @@ SSL_set_connect_state(SSL *s)
2744 s->handshake_func = s->method->ssl_connect; 2871 s->handshake_func = s->method->ssl_connect;
2745 ssl_clear_cipher_state(s); 2872 ssl_clear_cipher_state(s);
2746} 2873}
2874LSSL_ALIAS(SSL_set_connect_state);
2747 2875
2748int 2876int
2749ssl_undefined_function(SSL *s) 2877ssl_undefined_function(SSL *s)
@@ -2792,6 +2920,7 @@ SSL_get_version(const SSL *s)
2792{ 2920{
2793 return ssl_version_string(s->version); 2921 return ssl_version_string(s->version);
2794} 2922}
2923LSSL_ALIAS(SSL_get_version);
2795 2924
2796SSL * 2925SSL *
2797SSL_dup(SSL *s) 2926SSL_dup(SSL *s)
@@ -2915,6 +3044,7 @@ SSL_dup(SSL *s)
2915 SSL_free(ret); 3044 SSL_free(ret);
2916 return NULL; 3045 return NULL;
2917} 3046}
3047LSSL_ALIAS(SSL_dup);
2918 3048
2919void 3049void
2920ssl_clear_cipher_state(SSL *s) 3050ssl_clear_cipher_state(SSL *s)
@@ -2957,6 +3087,7 @@ SSL_get_certificate(const SSL *s)
2957{ 3087{
2958 return (s->cert->key->x509); 3088 return (s->cert->key->x509);
2959} 3089}
3090LSSL_ALIAS(SSL_get_certificate);
2960 3091
2961/* Fix this function so that it takes an optional type parameter */ 3092/* Fix this function so that it takes an optional type parameter */
2962EVP_PKEY * 3093EVP_PKEY *
@@ -2964,6 +3095,7 @@ SSL_get_privatekey(const SSL *s)
2964{ 3095{
2965 return (s->cert->key->privatekey); 3096 return (s->cert->key->privatekey);
2966} 3097}
3098LSSL_ALIAS(SSL_get_privatekey);
2967 3099
2968const SSL_CIPHER * 3100const SSL_CIPHER *
2969SSL_get_current_cipher(const SSL *s) 3101SSL_get_current_cipher(const SSL *s)
@@ -2972,17 +3104,20 @@ SSL_get_current_cipher(const SSL *s)
2972 return (s->session->cipher); 3104 return (s->session->cipher);
2973 return (NULL); 3105 return (NULL);
2974} 3106}
3107LSSL_ALIAS(SSL_get_current_cipher);
2975const void * 3108const void *
2976SSL_get_current_compression(SSL *s) 3109SSL_get_current_compression(SSL *s)
2977{ 3110{
2978 return (NULL); 3111 return (NULL);
2979} 3112}
3113LSSL_ALIAS(SSL_get_current_compression);
2980 3114
2981const void * 3115const void *
2982SSL_get_current_expansion(SSL *s) 3116SSL_get_current_expansion(SSL *s)
2983{ 3117{
2984 return (NULL); 3118 return (NULL);
2985} 3119}
3120LSSL_ALIAS(SSL_get_current_expansion);
2986 3121
2987size_t 3122size_t
2988SSL_get_client_random(const SSL *s, unsigned char *out, size_t max_out) 3123SSL_get_client_random(const SSL *s, unsigned char *out, size_t max_out)
@@ -2999,6 +3134,7 @@ SSL_get_client_random(const SSL *s, unsigned char *out, size_t max_out)
2999 3134
3000 return len; 3135 return len;
3001} 3136}
3137LSSL_ALIAS(SSL_get_client_random);
3002 3138
3003size_t 3139size_t
3004SSL_get_server_random(const SSL *s, unsigned char *out, size_t max_out) 3140SSL_get_server_random(const SSL *s, unsigned char *out, size_t max_out)
@@ -3015,6 +3151,7 @@ SSL_get_server_random(const SSL *s, unsigned char *out, size_t max_out)
3015 3151
3016 return len; 3152 return len;
3017} 3153}
3154LSSL_ALIAS(SSL_get_server_random);
3018 3155
3019int 3156int
3020ssl_init_wbio_buffer(SSL *s, int push) 3157ssl_init_wbio_buffer(SSL *s, int push)
@@ -3069,48 +3206,56 @@ SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode)
3069{ 3206{
3070 ctx->quiet_shutdown = mode; 3207 ctx->quiet_shutdown = mode;
3071} 3208}
3209LSSL_ALIAS(SSL_CTX_set_quiet_shutdown);
3072 3210
3073int 3211int
3074SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx) 3212SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx)
3075{ 3213{
3076 return (ctx->quiet_shutdown); 3214 return (ctx->quiet_shutdown);
3077} 3215}
3216LSSL_ALIAS(SSL_CTX_get_quiet_shutdown);
3078 3217
3079void 3218void
3080SSL_set_quiet_shutdown(SSL *s, int mode) 3219SSL_set_quiet_shutdown(SSL *s, int mode)
3081{ 3220{
3082 s->quiet_shutdown = mode; 3221 s->quiet_shutdown = mode;
3083} 3222}
3223LSSL_ALIAS(SSL_set_quiet_shutdown);
3084 3224
3085int 3225int
3086SSL_get_quiet_shutdown(const SSL *s) 3226SSL_get_quiet_shutdown(const SSL *s)
3087{ 3227{
3088 return (s->quiet_shutdown); 3228 return (s->quiet_shutdown);
3089} 3229}
3230LSSL_ALIAS(SSL_get_quiet_shutdown);
3090 3231
3091void 3232void
3092SSL_set_shutdown(SSL *s, int mode) 3233SSL_set_shutdown(SSL *s, int mode)
3093{ 3234{
3094 s->shutdown = mode; 3235 s->shutdown = mode;
3095} 3236}
3237LSSL_ALIAS(SSL_set_shutdown);
3096 3238
3097int 3239int
3098SSL_get_shutdown(const SSL *s) 3240SSL_get_shutdown(const SSL *s)
3099{ 3241{
3100 return (s->shutdown); 3242 return (s->shutdown);
3101} 3243}
3244LSSL_ALIAS(SSL_get_shutdown);
3102 3245
3103int 3246int
3104SSL_version(const SSL *s) 3247SSL_version(const SSL *s)
3105{ 3248{
3106 return (s->version); 3249 return (s->version);
3107} 3250}
3251LSSL_ALIAS(SSL_version);
3108 3252
3109SSL_CTX * 3253SSL_CTX *
3110SSL_get_SSL_CTX(const SSL *ssl) 3254SSL_get_SSL_CTX(const SSL *ssl)
3111{ 3255{
3112 return (ssl->ctx); 3256 return (ssl->ctx);
3113} 3257}
3258LSSL_ALIAS(SSL_get_SSL_CTX);
3114 3259
3115SSL_CTX * 3260SSL_CTX *
3116SSL_set_SSL_CTX(SSL *ssl, SSL_CTX* ctx) 3261SSL_set_SSL_CTX(SSL *ssl, SSL_CTX* ctx)
@@ -3133,12 +3278,14 @@ SSL_set_SSL_CTX(SSL *ssl, SSL_CTX* ctx)
3133 3278
3134 return (ssl->ctx); 3279 return (ssl->ctx);
3135} 3280}
3281LSSL_ALIAS(SSL_set_SSL_CTX);
3136 3282
3137int 3283int
3138SSL_CTX_set_default_verify_paths(SSL_CTX *ctx) 3284SSL_CTX_set_default_verify_paths(SSL_CTX *ctx)
3139{ 3285{
3140 return (X509_STORE_set_default_paths(ctx->cert_store)); 3286 return (X509_STORE_set_default_paths(ctx->cert_store));
3141} 3287}
3288LSSL_ALIAS(SSL_CTX_set_default_verify_paths);
3142 3289
3143int 3290int
3144SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile, 3291SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
@@ -3146,18 +3293,21 @@ SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
3146{ 3293{
3147 return (X509_STORE_load_locations(ctx->cert_store, CAfile, CApath)); 3294 return (X509_STORE_load_locations(ctx->cert_store, CAfile, CApath));
3148} 3295}
3296LSSL_ALIAS(SSL_CTX_load_verify_locations);
3149 3297
3150int 3298int
3151SSL_CTX_load_verify_mem(SSL_CTX *ctx, void *buf, int len) 3299SSL_CTX_load_verify_mem(SSL_CTX *ctx, void *buf, int len)
3152{ 3300{
3153 return (X509_STORE_load_mem(ctx->cert_store, buf, len)); 3301 return (X509_STORE_load_mem(ctx->cert_store, buf, len));
3154} 3302}
3303LSSL_ALIAS(SSL_CTX_load_verify_mem);
3155 3304
3156void 3305void
3157SSL_set_info_callback(SSL *ssl, void (*cb)(const SSL *ssl, int type, int val)) 3306SSL_set_info_callback(SSL *ssl, void (*cb)(const SSL *ssl, int type, int val))
3158{ 3307{
3159 ssl->info_callback = cb; 3308 ssl->info_callback = cb;
3160} 3309}
3310LSSL_ALIAS(SSL_set_info_callback);
3161 3311
3162void (*SSL_get_info_callback(const SSL *ssl))(const SSL *ssl, int type, int val) 3312void (*SSL_get_info_callback(const SSL *ssl))(const SSL *ssl, int type, int val)
3163{ 3313{
@@ -3169,42 +3319,49 @@ SSL_state(const SSL *ssl)
3169{ 3319{
3170 return (ssl->s3->hs.state); 3320 return (ssl->s3->hs.state);
3171} 3321}
3322LSSL_ALIAS(SSL_state);
3172 3323
3173void 3324void
3174SSL_set_state(SSL *ssl, int state) 3325SSL_set_state(SSL *ssl, int state)
3175{ 3326{
3176 ssl->s3->hs.state = state; 3327 ssl->s3->hs.state = state;
3177} 3328}
3329LSSL_ALIAS(SSL_set_state);
3178 3330
3179void 3331void
3180SSL_set_verify_result(SSL *ssl, long arg) 3332SSL_set_verify_result(SSL *ssl, long arg)
3181{ 3333{
3182 ssl->verify_result = arg; 3334 ssl->verify_result = arg;
3183} 3335}
3336LSSL_ALIAS(SSL_set_verify_result);
3184 3337
3185long 3338long
3186SSL_get_verify_result(const SSL *ssl) 3339SSL_get_verify_result(const SSL *ssl)
3187{ 3340{
3188 return (ssl->verify_result); 3341 return (ssl->verify_result);
3189} 3342}
3343LSSL_ALIAS(SSL_get_verify_result);
3190 3344
3191int 3345int
3192SSL_verify_client_post_handshake(SSL *ssl) 3346SSL_verify_client_post_handshake(SSL *ssl)
3193{ 3347{
3194 return 0; 3348 return 0;
3195} 3349}
3350LSSL_ALIAS(SSL_verify_client_post_handshake);
3196 3351
3197void 3352void
3198SSL_CTX_set_post_handshake_auth(SSL_CTX *ctx, int val) 3353SSL_CTX_set_post_handshake_auth(SSL_CTX *ctx, int val)
3199{ 3354{
3200 return; 3355 return;
3201} 3356}
3357LSSL_ALIAS(SSL_CTX_set_post_handshake_auth);
3202 3358
3203void 3359void
3204SSL_set_post_handshake_auth(SSL *ssl, int val) 3360SSL_set_post_handshake_auth(SSL *ssl, int val)
3205{ 3361{
3206 return; 3362 return;
3207} 3363}
3364LSSL_ALIAS(SSL_set_post_handshake_auth);
3208 3365
3209int 3366int
3210SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, 3367SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
@@ -3213,18 +3370,21 @@ SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
3213 return (CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL, argl, argp, 3370 return (CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL, argl, argp,
3214 new_func, dup_func, free_func)); 3371 new_func, dup_func, free_func));
3215} 3372}
3373LSSL_ALIAS(SSL_get_ex_new_index);
3216 3374
3217int 3375int
3218SSL_set_ex_data(SSL *s, int idx, void *arg) 3376SSL_set_ex_data(SSL *s, int idx, void *arg)
3219{ 3377{
3220 return (CRYPTO_set_ex_data(&s->ex_data, idx, arg)); 3378 return (CRYPTO_set_ex_data(&s->ex_data, idx, arg));
3221} 3379}
3380LSSL_ALIAS(SSL_set_ex_data);
3222 3381
3223void * 3382void *
3224SSL_get_ex_data(const SSL *s, int idx) 3383SSL_get_ex_data(const SSL *s, int idx)
3225{ 3384{
3226 return (CRYPTO_get_ex_data(&s->ex_data, idx)); 3385 return (CRYPTO_get_ex_data(&s->ex_data, idx));
3227} 3386}
3387LSSL_ALIAS(SSL_get_ex_data);
3228 3388
3229int 3389int
3230SSL_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, 3390SSL_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
@@ -3233,18 +3393,21 @@ SSL_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
3233 return (CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX, argl, argp, 3393 return (CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX, argl, argp,
3234 new_func, dup_func, free_func)); 3394 new_func, dup_func, free_func));
3235} 3395}
3396LSSL_ALIAS(SSL_CTX_get_ex_new_index);
3236 3397
3237int 3398int
3238SSL_CTX_set_ex_data(SSL_CTX *s, int idx, void *arg) 3399SSL_CTX_set_ex_data(SSL_CTX *s, int idx, void *arg)
3239{ 3400{
3240 return (CRYPTO_set_ex_data(&s->ex_data, idx, arg)); 3401 return (CRYPTO_set_ex_data(&s->ex_data, idx, arg));
3241} 3402}
3403LSSL_ALIAS(SSL_CTX_set_ex_data);
3242 3404
3243void * 3405void *
3244SSL_CTX_get_ex_data(const SSL_CTX *s, int idx) 3406SSL_CTX_get_ex_data(const SSL_CTX *s, int idx)
3245{ 3407{
3246 return (CRYPTO_get_ex_data(&s->ex_data, idx)); 3408 return (CRYPTO_get_ex_data(&s->ex_data, idx));
3247} 3409}
3410LSSL_ALIAS(SSL_CTX_get_ex_data);
3248 3411
3249int 3412int
3250ssl_ok(SSL *s) 3413ssl_ok(SSL *s)
@@ -3257,6 +3420,7 @@ SSL_CTX_get_cert_store(const SSL_CTX *ctx)
3257{ 3420{
3258 return (ctx->cert_store); 3421 return (ctx->cert_store);
3259} 3422}
3423LSSL_ALIAS(SSL_CTX_get_cert_store);
3260 3424
3261void 3425void
3262SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *store) 3426SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *store)
@@ -3264,6 +3428,7 @@ SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *store)
3264 X509_STORE_free(ctx->cert_store); 3428 X509_STORE_free(ctx->cert_store);
3265 ctx->cert_store = store; 3429 ctx->cert_store = store;
3266} 3430}
3431LSSL_ALIAS(SSL_CTX_set_cert_store);
3267 3432
3268X509 * 3433X509 *
3269SSL_CTX_get0_certificate(const SSL_CTX *ctx) 3434SSL_CTX_get0_certificate(const SSL_CTX *ctx)
@@ -3273,6 +3438,7 @@ SSL_CTX_get0_certificate(const SSL_CTX *ctx)
3273 3438
3274 return ctx->cert->key->x509; 3439 return ctx->cert->key->x509;
3275} 3440}
3441LSSL_ALIAS(SSL_CTX_get0_certificate);
3276 3442
3277EVP_PKEY * 3443EVP_PKEY *
3278SSL_CTX_get0_privatekey(const SSL_CTX *ctx) 3444SSL_CTX_get0_privatekey(const SSL_CTX *ctx)
@@ -3282,12 +3448,14 @@ SSL_CTX_get0_privatekey(const SSL_CTX *ctx)
3282 3448
3283 return ctx->cert->key->privatekey; 3449 return ctx->cert->key->privatekey;
3284} 3450}
3451LSSL_ALIAS(SSL_CTX_get0_privatekey);
3285 3452
3286int 3453int
3287SSL_want(const SSL *s) 3454SSL_want(const SSL *s)
3288{ 3455{
3289 return (s->rwstate); 3456 return (s->rwstate);
3290} 3457}
3458LSSL_ALIAS(SSL_want);
3291 3459
3292void 3460void
3293SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx, RSA *(*cb)(SSL *ssl, int is_export, 3461SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx, RSA *(*cb)(SSL *ssl, int is_export,
@@ -3295,6 +3463,7 @@ SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx, RSA *(*cb)(SSL *ssl, int is_export,
3295{ 3463{
3296 SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_RSA_CB,(void (*)(void))cb); 3464 SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_RSA_CB,(void (*)(void))cb);
3297} 3465}
3466LSSL_ALIAS(SSL_CTX_set_tmp_rsa_callback);
3298 3467
3299void 3468void
3300SSL_set_tmp_rsa_callback(SSL *ssl, RSA *(*cb)(SSL *ssl, int is_export, 3469SSL_set_tmp_rsa_callback(SSL *ssl, RSA *(*cb)(SSL *ssl, int is_export,
@@ -3302,6 +3471,7 @@ SSL_set_tmp_rsa_callback(SSL *ssl, RSA *(*cb)(SSL *ssl, int is_export,
3302{ 3471{
3303 SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_RSA_CB,(void (*)(void))cb); 3472 SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_RSA_CB,(void (*)(void))cb);
3304} 3473}
3474LSSL_ALIAS(SSL_set_tmp_rsa_callback);
3305 3475
3306void 3476void
3307SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx, DH *(*dh)(SSL *ssl, int is_export, 3477SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx, DH *(*dh)(SSL *ssl, int is_export,
@@ -3309,6 +3479,7 @@ SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx, DH *(*dh)(SSL *ssl, int is_export,
3309{ 3479{
3310 SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_DH_CB,(void (*)(void))dh); 3480 SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_DH_CB,(void (*)(void))dh);
3311} 3481}
3482LSSL_ALIAS(SSL_CTX_set_tmp_dh_callback);
3312 3483
3313void 3484void
3314SSL_set_tmp_dh_callback(SSL *ssl, DH *(*dh)(SSL *ssl, int is_export, 3485SSL_set_tmp_dh_callback(SSL *ssl, DH *(*dh)(SSL *ssl, int is_export,
@@ -3316,6 +3487,7 @@ SSL_set_tmp_dh_callback(SSL *ssl, DH *(*dh)(SSL *ssl, int is_export,
3316{ 3487{
3317 SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_DH_CB,(void (*)(void))dh); 3488 SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_DH_CB,(void (*)(void))dh);
3318} 3489}
3490LSSL_ALIAS(SSL_set_tmp_dh_callback);
3319 3491
3320void 3492void
3321SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx, EC_KEY *(*ecdh)(SSL *ssl, 3493SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx, EC_KEY *(*ecdh)(SSL *ssl,
@@ -3324,6 +3496,7 @@ SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx, EC_KEY *(*ecdh)(SSL *ssl,
3324 SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_ECDH_CB, 3496 SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_ECDH_CB,
3325 (void (*)(void))ecdh); 3497 (void (*)(void))ecdh);
3326} 3498}
3499LSSL_ALIAS(SSL_CTX_set_tmp_ecdh_callback);
3327 3500
3328void 3501void
3329SSL_set_tmp_ecdh_callback(SSL *ssl, EC_KEY *(*ecdh)(SSL *ssl, int is_export, 3502SSL_set_tmp_ecdh_callback(SSL *ssl, EC_KEY *(*ecdh)(SSL *ssl, int is_export,
@@ -3331,6 +3504,7 @@ SSL_set_tmp_ecdh_callback(SSL *ssl, EC_KEY *(*ecdh)(SSL *ssl, int is_export,
3331{ 3504{
3332 SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_ECDH_CB,(void (*)(void))ecdh); 3505 SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_ECDH_CB,(void (*)(void))ecdh);
3333} 3506}
3507LSSL_ALIAS(SSL_set_tmp_ecdh_callback);
3334 3508
3335 3509
3336void 3510void
@@ -3340,6 +3514,7 @@ SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int version,
3340 SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_MSG_CALLBACK, 3514 SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_MSG_CALLBACK,
3341 (void (*)(void))cb); 3515 (void (*)(void))cb);
3342} 3516}
3517LSSL_ALIAS(SSL_CTX_set_msg_callback);
3343 3518
3344void 3519void
3345SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version, 3520SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version,
@@ -3347,24 +3522,28 @@ SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version,
3347{ 3522{
3348 SSL_callback_ctrl(ssl, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb); 3523 SSL_callback_ctrl(ssl, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb);
3349} 3524}
3525LSSL_ALIAS(SSL_set_msg_callback);
3350 3526
3351void 3527void
3352SSL_set_debug(SSL *s, int debug) 3528SSL_set_debug(SSL *s, int debug)
3353{ 3529{
3354 s->debug = debug; 3530 s->debug = debug;
3355} 3531}
3532LSSL_ALIAS(SSL_set_debug);
3356 3533
3357int 3534int
3358SSL_cache_hit(SSL *s) 3535SSL_cache_hit(SSL *s)
3359{ 3536{
3360 return (s->hit); 3537 return (s->hit);
3361} 3538}
3539LSSL_ALIAS(SSL_cache_hit);
3362 3540
3363int 3541int
3364SSL_CTX_get_min_proto_version(SSL_CTX *ctx) 3542SSL_CTX_get_min_proto_version(SSL_CTX *ctx)
3365{ 3543{
3366 return ctx->min_proto_version; 3544 return ctx->min_proto_version;
3367} 3545}
3546LSSL_ALIAS(SSL_CTX_get_min_proto_version);
3368 3547
3369int 3548int
3370SSL_CTX_set_min_proto_version(SSL_CTX *ctx, uint16_t version) 3549SSL_CTX_set_min_proto_version(SSL_CTX *ctx, uint16_t version)
@@ -3373,12 +3552,14 @@ SSL_CTX_set_min_proto_version(SSL_CTX *ctx, uint16_t version)
3373 ctx->max_tls_version, &ctx->min_tls_version, 3552 ctx->max_tls_version, &ctx->min_tls_version,
3374 &ctx->min_proto_version); 3553 &ctx->min_proto_version);
3375} 3554}
3555LSSL_ALIAS(SSL_CTX_set_min_proto_version);
3376 3556
3377int 3557int
3378SSL_CTX_get_max_proto_version(SSL_CTX *ctx) 3558SSL_CTX_get_max_proto_version(SSL_CTX *ctx)
3379{ 3559{
3380 return ctx->max_proto_version; 3560 return ctx->max_proto_version;
3381} 3561}
3562LSSL_ALIAS(SSL_CTX_get_max_proto_version);
3382 3563
3383int 3564int
3384SSL_CTX_set_max_proto_version(SSL_CTX *ctx, uint16_t version) 3565SSL_CTX_set_max_proto_version(SSL_CTX *ctx, uint16_t version)
@@ -3387,12 +3568,14 @@ SSL_CTX_set_max_proto_version(SSL_CTX *ctx, uint16_t version)
3387 ctx->min_tls_version, &ctx->max_tls_version, 3568 ctx->min_tls_version, &ctx->max_tls_version,
3388 &ctx->max_proto_version); 3569 &ctx->max_proto_version);
3389} 3570}
3571LSSL_ALIAS(SSL_CTX_set_max_proto_version);
3390 3572
3391int 3573int
3392SSL_get_min_proto_version(SSL *ssl) 3574SSL_get_min_proto_version(SSL *ssl)
3393{ 3575{
3394 return ssl->min_proto_version; 3576 return ssl->min_proto_version;
3395} 3577}
3578LSSL_ALIAS(SSL_get_min_proto_version);
3396 3579
3397int 3580int
3398SSL_set_min_proto_version(SSL *ssl, uint16_t version) 3581SSL_set_min_proto_version(SSL *ssl, uint16_t version)
@@ -3401,11 +3584,13 @@ SSL_set_min_proto_version(SSL *ssl, uint16_t version)
3401 ssl->max_tls_version, &ssl->min_tls_version, 3584 ssl->max_tls_version, &ssl->min_tls_version,
3402 &ssl->min_proto_version); 3585 &ssl->min_proto_version);
3403} 3586}
3587LSSL_ALIAS(SSL_set_min_proto_version);
3404int 3588int
3405SSL_get_max_proto_version(SSL *ssl) 3589SSL_get_max_proto_version(SSL *ssl)
3406{ 3590{
3407 return ssl->max_proto_version; 3591 return ssl->max_proto_version;
3408} 3592}
3593LSSL_ALIAS(SSL_get_max_proto_version);
3409 3594
3410int 3595int
3411SSL_set_max_proto_version(SSL *ssl, uint16_t version) 3596SSL_set_max_proto_version(SSL *ssl, uint16_t version)
@@ -3414,42 +3599,49 @@ SSL_set_max_proto_version(SSL *ssl, uint16_t version)
3414 ssl->min_tls_version, &ssl->max_tls_version, 3599 ssl->min_tls_version, &ssl->max_tls_version,
3415 &ssl->max_proto_version); 3600 &ssl->max_proto_version);
3416} 3601}
3602LSSL_ALIAS(SSL_set_max_proto_version);
3417 3603
3418const SSL_METHOD * 3604const SSL_METHOD *
3419SSL_CTX_get_ssl_method(const SSL_CTX *ctx) 3605SSL_CTX_get_ssl_method(const SSL_CTX *ctx)
3420{ 3606{
3421 return ctx->method; 3607 return ctx->method;
3422} 3608}
3609LSSL_ALIAS(SSL_CTX_get_ssl_method);
3423 3610
3424int 3611int
3425SSL_CTX_get_security_level(const SSL_CTX *ctx) 3612SSL_CTX_get_security_level(const SSL_CTX *ctx)
3426{ 3613{
3427 return ctx->cert->security_level; 3614 return ctx->cert->security_level;
3428} 3615}
3616LSSL_ALIAS(SSL_CTX_get_security_level);
3429 3617
3430void 3618void
3431SSL_CTX_set_security_level(SSL_CTX *ctx, int level) 3619SSL_CTX_set_security_level(SSL_CTX *ctx, int level)
3432{ 3620{
3433 ctx->cert->security_level = level; 3621 ctx->cert->security_level = level;
3434} 3622}
3623LSSL_ALIAS(SSL_CTX_set_security_level);
3435 3624
3436int 3625int
3437SSL_get_security_level(const SSL *ssl) 3626SSL_get_security_level(const SSL *ssl)
3438{ 3627{
3439 return ssl->cert->security_level; 3628 return ssl->cert->security_level;
3440} 3629}
3630LSSL_ALIAS(SSL_get_security_level);
3441 3631
3442void 3632void
3443SSL_set_security_level(SSL *ssl, int level) 3633SSL_set_security_level(SSL *ssl, int level)
3444{ 3634{
3445 ssl->cert->security_level = level; 3635 ssl->cert->security_level = level;
3446} 3636}
3637LSSL_ALIAS(SSL_set_security_level);
3447 3638
3448int 3639int
3449SSL_is_quic(const SSL *ssl) 3640SSL_is_quic(const SSL *ssl)
3450{ 3641{
3451 return ssl->quic_method != NULL; 3642 return ssl->quic_method != NULL;
3452} 3643}
3644LSSL_ALIAS(SSL_is_quic);
3453 3645
3454int 3646int
3455SSL_set_quic_transport_params(SSL *ssl, const uint8_t *params, 3647SSL_set_quic_transport_params(SSL *ssl, const uint8_t *params,
@@ -3468,6 +3660,7 @@ SSL_set_quic_transport_params(SSL *ssl, const uint8_t *params,
3468 3660
3469 return 1; 3661 return 1;
3470} 3662}
3663LSSL_ALIAS(SSL_set_quic_transport_params);
3471 3664
3472void 3665void
3473SSL_get_peer_quic_transport_params(const SSL *ssl, const uint8_t **out_params, 3666SSL_get_peer_quic_transport_params(const SSL *ssl, const uint8_t **out_params,
@@ -3476,12 +3669,14 @@ SSL_get_peer_quic_transport_params(const SSL *ssl, const uint8_t **out_params,
3476 *out_params = ssl->s3->peer_quic_transport_params; 3669 *out_params = ssl->s3->peer_quic_transport_params;
3477 *out_params_len = ssl->s3->peer_quic_transport_params_len; 3670 *out_params_len = ssl->s3->peer_quic_transport_params_len;
3478} 3671}
3672LSSL_ALIAS(SSL_get_peer_quic_transport_params);
3479 3673
3480void 3674void
3481SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy) 3675SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy)
3482{ 3676{
3483 /* Not supported. */ 3677 /* Not supported. */
3484} 3678}
3679LSSL_ALIAS(SSL_set_quic_use_legacy_codepoint);
3485 3680
3486static int 3681static int
3487ssl_cipher_id_cmp_BSEARCH_CMP_FN(const void *a_, const void *b_) 3682ssl_cipher_id_cmp_BSEARCH_CMP_FN(const void *a_, const void *b_)
diff --git a/src/lib/libssl/ssl_methods.c b/src/lib/libssl/ssl_methods.c
index 8e89ef632e..ca80da62fd 100644
--- a/src/lib/libssl/ssl_methods.c
+++ b/src/lib/libssl/ssl_methods.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_methods.c,v 1.30 2023/07/06 07:56:32 beck Exp $ */ 1/* $OpenBSD: ssl_methods.c,v 1.31 2023/07/08 16:40:13 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -191,54 +191,63 @@ DTLSv1_client_method(void)
191{ 191{
192 return &DTLSv1_client_method_data; 192 return &DTLSv1_client_method_data;
193} 193}
194LSSL_ALIAS(DTLSv1_client_method);
194 195
195const SSL_METHOD * 196const SSL_METHOD *
196DTLSv1_method(void) 197DTLSv1_method(void)
197{ 198{
198 return &DTLSv1_method_data; 199 return &DTLSv1_method_data;
199} 200}
201LSSL_ALIAS(DTLSv1_method);
200 202
201const SSL_METHOD * 203const SSL_METHOD *
202DTLSv1_server_method(void) 204DTLSv1_server_method(void)
203{ 205{
204 return &DTLSv1_method_data; 206 return &DTLSv1_method_data;
205} 207}
208LSSL_ALIAS(DTLSv1_server_method);
206 209
207const SSL_METHOD * 210const SSL_METHOD *
208DTLSv1_2_client_method(void) 211DTLSv1_2_client_method(void)
209{ 212{
210 return &DTLSv1_2_client_method_data; 213 return &DTLSv1_2_client_method_data;
211} 214}
215LSSL_ALIAS(DTLSv1_2_client_method);
212 216
213const SSL_METHOD * 217const SSL_METHOD *
214DTLSv1_2_method(void) 218DTLSv1_2_method(void)
215{ 219{
216 return &DTLSv1_2_method_data; 220 return &DTLSv1_2_method_data;
217} 221}
222LSSL_ALIAS(DTLSv1_2_method);
218 223
219const SSL_METHOD * 224const SSL_METHOD *
220DTLSv1_2_server_method(void) 225DTLSv1_2_server_method(void)
221{ 226{
222 return &DTLSv1_2_method_data; 227 return &DTLSv1_2_method_data;
223} 228}
229LSSL_ALIAS(DTLSv1_2_server_method);
224 230
225const SSL_METHOD * 231const SSL_METHOD *
226DTLS_client_method(void) 232DTLS_client_method(void)
227{ 233{
228 return &DTLS_client_method_data; 234 return &DTLS_client_method_data;
229} 235}
236LSSL_ALIAS(DTLS_client_method);
230 237
231const SSL_METHOD * 238const SSL_METHOD *
232DTLS_method(void) 239DTLS_method(void)
233{ 240{
234 return &DTLS_method_data; 241 return &DTLS_method_data;
235} 242}
243LSSL_ALIAS(DTLS_method);
236 244
237const SSL_METHOD * 245const SSL_METHOD *
238DTLS_server_method(void) 246DTLS_server_method(void)
239{ 247{
240 return &DTLS_method_data; 248 return &DTLS_method_data;
241} 249}
250LSSL_ALIAS(DTLS_server_method);
242 251
243static const SSL_METHOD TLS_method_data = { 252static const SSL_METHOD TLS_method_data = {
244 .dtls = 0, 253 .dtls = 0,
@@ -434,18 +443,21 @@ TLS_client_method(void)
434{ 443{
435 return (&TLS_client_method_data); 444 return (&TLS_client_method_data);
436} 445}
446LSSL_ALIAS(TLS_client_method);
437 447
438const SSL_METHOD * 448const SSL_METHOD *
439TLS_method(void) 449TLS_method(void)
440{ 450{
441 return (&TLS_method_data); 451 return (&TLS_method_data);
442} 452}
453LSSL_ALIAS(TLS_method);
443 454
444const SSL_METHOD * 455const SSL_METHOD *
445TLS_server_method(void) 456TLS_server_method(void)
446{ 457{
447 return TLS_method(); 458 return TLS_method();
448} 459}
460LSSL_ALIAS(TLS_server_method);
449 461
450const SSL_METHOD * 462const SSL_METHOD *
451tls_legacy_method(void) 463tls_legacy_method(void)
@@ -458,72 +470,84 @@ SSLv23_client_method(void)
458{ 470{
459 return TLS_client_method(); 471 return TLS_client_method();
460} 472}
473LSSL_ALIAS(SSLv23_client_method);
461 474
462const SSL_METHOD * 475const SSL_METHOD *
463SSLv23_method(void) 476SSLv23_method(void)
464{ 477{
465 return TLS_method(); 478 return TLS_method();
466} 479}
480LSSL_ALIAS(SSLv23_method);
467 481
468const SSL_METHOD * 482const SSL_METHOD *
469SSLv23_server_method(void) 483SSLv23_server_method(void)
470{ 484{
471 return TLS_method(); 485 return TLS_method();
472} 486}
487LSSL_ALIAS(SSLv23_server_method);
473 488
474const SSL_METHOD * 489const SSL_METHOD *
475TLSv1_client_method(void) 490TLSv1_client_method(void)
476{ 491{
477 return (&TLSv1_client_method_data); 492 return (&TLSv1_client_method_data);
478} 493}
494LSSL_ALIAS(TLSv1_client_method);
479 495
480const SSL_METHOD * 496const SSL_METHOD *
481TLSv1_method(void) 497TLSv1_method(void)
482{ 498{
483 return (&TLSv1_method_data); 499 return (&TLSv1_method_data);
484} 500}
501LSSL_ALIAS(TLSv1_method);
485 502
486const SSL_METHOD * 503const SSL_METHOD *
487TLSv1_server_method(void) 504TLSv1_server_method(void)
488{ 505{
489 return (&TLSv1_method_data); 506 return (&TLSv1_method_data);
490} 507}
508LSSL_ALIAS(TLSv1_server_method);
491 509
492const SSL_METHOD * 510const SSL_METHOD *
493TLSv1_1_client_method(void) 511TLSv1_1_client_method(void)
494{ 512{
495 return (&TLSv1_1_client_method_data); 513 return (&TLSv1_1_client_method_data);
496} 514}
515LSSL_ALIAS(TLSv1_1_client_method);
497 516
498const SSL_METHOD * 517const SSL_METHOD *
499TLSv1_1_method(void) 518TLSv1_1_method(void)
500{ 519{
501 return (&TLSv1_1_method_data); 520 return (&TLSv1_1_method_data);
502} 521}
522LSSL_ALIAS(TLSv1_1_method);
503 523
504const SSL_METHOD * 524const SSL_METHOD *
505TLSv1_1_server_method(void) 525TLSv1_1_server_method(void)
506{ 526{
507 return (&TLSv1_1_method_data); 527 return (&TLSv1_1_method_data);
508} 528}
529LSSL_ALIAS(TLSv1_1_server_method);
509 530
510const SSL_METHOD * 531const SSL_METHOD *
511TLSv1_2_client_method(void) 532TLSv1_2_client_method(void)
512{ 533{
513 return (&TLSv1_2_client_method_data); 534 return (&TLSv1_2_client_method_data);
514} 535}
536LSSL_ALIAS(TLSv1_2_client_method);
515 537
516const SSL_METHOD * 538const SSL_METHOD *
517TLSv1_2_method(void) 539TLSv1_2_method(void)
518{ 540{
519 return (&TLSv1_2_method_data); 541 return (&TLSv1_2_method_data);
520} 542}
543LSSL_ALIAS(TLSv1_2_method);
521 544
522const SSL_METHOD * 545const SSL_METHOD *
523TLSv1_2_server_method(void) 546TLSv1_2_server_method(void)
524{ 547{
525 return (&TLSv1_2_method_data); 548 return (&TLSv1_2_method_data);
526} 549}
550LSSL_ALIAS(TLSv1_2_server_method);
527 551
528const SSL_METHOD * 552const SSL_METHOD *
529ssl_get_method(uint16_t version) 553ssl_get_method(uint16_t version)
diff --git a/src/lib/libssl/ssl_rsa.c b/src/lib/libssl/ssl_rsa.c
index f84315ba3e..68137bc5fb 100644
--- a/src/lib/libssl/ssl_rsa.c
+++ b/src/lib/libssl/ssl_rsa.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_rsa.c,v 1.49 2022/11/26 16:08:56 tb Exp $ */ 1/* $OpenBSD: ssl_rsa.c,v 1.50 2023/07/08 16:40:13 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -83,6 +83,7 @@ SSL_use_certificate(SSL *ssl, X509 *x)
83 } 83 }
84 return ssl_set_cert(NULL, ssl, x); 84 return ssl_set_cert(NULL, ssl, x);
85} 85}
86LSSL_ALIAS(SSL_use_certificate);
86 87
87int 88int
88SSL_use_certificate_file(SSL *ssl, const char *file, int type) 89SSL_use_certificate_file(SSL *ssl, const char *file, int type)
@@ -126,6 +127,7 @@ SSL_use_certificate_file(SSL *ssl, const char *file, int type)
126 BIO_free(in); 127 BIO_free(in);
127 return (ret); 128 return (ret);
128} 129}
130LSSL_ALIAS(SSL_use_certificate_file);
129 131
130int 132int
131SSL_use_certificate_ASN1(SSL *ssl, const unsigned char *d, int len) 133SSL_use_certificate_ASN1(SSL *ssl, const unsigned char *d, int len)
@@ -143,6 +145,7 @@ SSL_use_certificate_ASN1(SSL *ssl, const unsigned char *d, int len)
143 X509_free(x); 145 X509_free(x);
144 return (ret); 146 return (ret);
145} 147}
148LSSL_ALIAS(SSL_use_certificate_ASN1);
146 149
147int 150int
148SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa) 151SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa)
@@ -166,6 +169,7 @@ SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa)
166 EVP_PKEY_free(pkey); 169 EVP_PKEY_free(pkey);
167 return (ret); 170 return (ret);
168} 171}
172LSSL_ALIAS(SSL_use_RSAPrivateKey);
169 173
170static int 174static int
171ssl_set_pkey(SSL_CTX *ctx, SSL *ssl, EVP_PKEY *pkey) 175ssl_set_pkey(SSL_CTX *ctx, SSL *ssl, EVP_PKEY *pkey)
@@ -259,6 +263,7 @@ SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type)
259 BIO_free(in); 263 BIO_free(in);
260 return (ret); 264 return (ret);
261} 265}
266LSSL_ALIAS(SSL_use_RSAPrivateKey_file);
262 267
263int 268int
264SSL_use_RSAPrivateKey_ASN1(SSL *ssl, const unsigned char *d, long len) 269SSL_use_RSAPrivateKey_ASN1(SSL *ssl, const unsigned char *d, long len)
@@ -275,6 +280,7 @@ SSL_use_RSAPrivateKey_ASN1(SSL *ssl, const unsigned char *d, long len)
275 RSA_free(rsa); 280 RSA_free(rsa);
276 return (ret); 281 return (ret);
277} 282}
283LSSL_ALIAS(SSL_use_RSAPrivateKey_ASN1);
278 284
279int 285int
280SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey) 286SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey)
@@ -288,6 +294,7 @@ SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey)
288 ret = ssl_set_pkey(NULL, ssl, pkey); 294 ret = ssl_set_pkey(NULL, ssl, pkey);
289 return (ret); 295 return (ret);
290} 296}
297LSSL_ALIAS(SSL_use_PrivateKey);
291 298
292int 299int
293SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type) 300SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type)
@@ -328,6 +335,7 @@ SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type)
328 BIO_free(in); 335 BIO_free(in);
329 return (ret); 336 return (ret);
330} 337}
338LSSL_ALIAS(SSL_use_PrivateKey_file);
331 339
332int 340int
333SSL_use_PrivateKey_ASN1(int type, SSL *ssl, const unsigned char *d, long len) 341SSL_use_PrivateKey_ASN1(int type, SSL *ssl, const unsigned char *d, long len)
@@ -344,6 +352,7 @@ SSL_use_PrivateKey_ASN1(int type, SSL *ssl, const unsigned char *d, long len)
344 EVP_PKEY_free(pkey); 352 EVP_PKEY_free(pkey);
345 return (ret); 353 return (ret);
346} 354}
355LSSL_ALIAS(SSL_use_PrivateKey_ASN1);
347 356
348int 357int
349SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x) 358SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x)
@@ -354,6 +363,7 @@ SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x)
354 } 363 }
355 return ssl_set_cert(ctx, NULL, x); 364 return ssl_set_cert(ctx, NULL, x);
356} 365}
366LSSL_ALIAS(SSL_CTX_use_certificate);
357 367
358static int 368static int
359ssl_get_password_cb_and_arg(SSL_CTX *ctx, SSL *ssl, 369ssl_get_password_cb_and_arg(SSL_CTX *ctx, SSL *ssl,
@@ -475,6 +485,7 @@ SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type)
475 BIO_free(in); 485 BIO_free(in);
476 return (ret); 486 return (ret);
477} 487}
488LSSL_ALIAS(SSL_CTX_use_certificate_file);
478 489
479int 490int
480SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, const unsigned char *d) 491SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, const unsigned char *d)
@@ -492,6 +503,7 @@ SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, const unsigned char *d)
492 X509_free(x); 503 X509_free(x);
493 return (ret); 504 return (ret);
494} 505}
506LSSL_ALIAS(SSL_CTX_use_certificate_ASN1);
495 507
496int 508int
497SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa) 509SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa)
@@ -515,6 +527,7 @@ SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa)
515 EVP_PKEY_free(pkey); 527 EVP_PKEY_free(pkey);
516 return (ret); 528 return (ret);
517} 529}
530LSSL_ALIAS(SSL_CTX_use_RSAPrivateKey);
518 531
519int 532int
520SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type) 533SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type)
@@ -555,6 +568,7 @@ SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type)
555 BIO_free(in); 568 BIO_free(in);
556 return (ret); 569 return (ret);
557} 570}
571LSSL_ALIAS(SSL_CTX_use_RSAPrivateKey_file);
558 572
559int 573int
560SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, const unsigned char *d, long len) 574SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, const unsigned char *d, long len)
@@ -571,6 +585,7 @@ SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, const unsigned char *d, long len)
571 RSA_free(rsa); 585 RSA_free(rsa);
572 return (ret); 586 return (ret);
573} 587}
588LSSL_ALIAS(SSL_CTX_use_RSAPrivateKey_ASN1);
574 589
575int 590int
576SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey) 591SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey)
@@ -581,6 +596,7 @@ SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey)
581 } 596 }
582 return ssl_set_pkey(ctx, NULL, pkey); 597 return ssl_set_pkey(ctx, NULL, pkey);
583} 598}
599LSSL_ALIAS(SSL_CTX_use_PrivateKey);
584 600
585int 601int
586SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type) 602SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type)
@@ -621,6 +637,7 @@ SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type)
621 BIO_free(in); 637 BIO_free(in);
622 return (ret); 638 return (ret);
623} 639}
640LSSL_ALIAS(SSL_CTX_use_PrivateKey_file);
624 641
625int 642int
626SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx, const unsigned char *d, 643SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx, const unsigned char *d,
@@ -638,6 +655,7 @@ SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx, const unsigned char *d,
638 EVP_PKEY_free(pkey); 655 EVP_PKEY_free(pkey);
639 return (ret); 656 return (ret);
640} 657}
658LSSL_ALIAS(SSL_CTX_use_PrivateKey_ASN1);
641 659
642 660
643/* 661/*
@@ -721,12 +739,14 @@ SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file)
721{ 739{
722 return ssl_use_certificate_chain_file(ctx, NULL, file); 740 return ssl_use_certificate_chain_file(ctx, NULL, file);
723} 741}
742LSSL_ALIAS(SSL_CTX_use_certificate_chain_file);
724 743
725int 744int
726SSL_use_certificate_chain_file(SSL *ssl, const char *file) 745SSL_use_certificate_chain_file(SSL *ssl, const char *file)
727{ 746{
728 return ssl_use_certificate_chain_file(NULL, ssl, file); 747 return ssl_use_certificate_chain_file(NULL, ssl, file);
729} 748}
749LSSL_ALIAS(SSL_use_certificate_chain_file);
730 750
731int 751int
732SSL_CTX_use_certificate_chain_mem(SSL_CTX *ctx, void *buf, int len) 752SSL_CTX_use_certificate_chain_mem(SSL_CTX *ctx, void *buf, int len)
@@ -746,3 +766,4 @@ SSL_CTX_use_certificate_chain_mem(SSL_CTX *ctx, void *buf, int len)
746 BIO_free(in); 766 BIO_free(in);
747 return (ret); 767 return (ret);
748} 768}
769LSSL_ALIAS(SSL_CTX_use_certificate_chain_mem);
diff --git a/src/lib/libssl/ssl_sess.c b/src/lib/libssl/ssl_sess.c
index 5847a43dcd..aa6b08eae6 100644
--- a/src/lib/libssl/ssl_sess.c
+++ b/src/lib/libssl/ssl_sess.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_sess.c,v 1.121 2022/11/26 16:08:56 tb Exp $ */ 1/* $OpenBSD: ssl_sess.c,v 1.122 2023/07/08 16:40:13 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -154,6 +154,7 @@ SSL_get_session(const SSL *ssl)
154{ 154{
155 return (ssl->session); 155 return (ssl->session);
156} 156}
157LSSL_ALIAS(SSL_get_session);
157 158
158/* variant of SSL_get_session: caller really gets something */ 159/* variant of SSL_get_session: caller really gets something */
159SSL_SESSION * 160SSL_SESSION *
@@ -174,6 +175,7 @@ SSL_get1_session(SSL *ssl)
174 175
175 return (sess); 176 return (sess);
176} 177}
178LSSL_ALIAS(SSL_get1_session);
177 179
178int 180int
179SSL_SESSION_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, 181SSL_SESSION_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
@@ -182,30 +184,35 @@ SSL_SESSION_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
182 return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_SESSION, 184 return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_SESSION,
183 argl, argp, new_func, dup_func, free_func); 185 argl, argp, new_func, dup_func, free_func);
184} 186}
187LSSL_ALIAS(SSL_SESSION_get_ex_new_index);
185 188
186int 189int
187SSL_SESSION_set_ex_data(SSL_SESSION *s, int idx, void *arg) 190SSL_SESSION_set_ex_data(SSL_SESSION *s, int idx, void *arg)
188{ 191{
189 return (CRYPTO_set_ex_data(&s->ex_data, idx, arg)); 192 return (CRYPTO_set_ex_data(&s->ex_data, idx, arg));
190} 193}
194LSSL_ALIAS(SSL_SESSION_set_ex_data);
191 195
192void * 196void *
193SSL_SESSION_get_ex_data(const SSL_SESSION *s, int idx) 197SSL_SESSION_get_ex_data(const SSL_SESSION *s, int idx)
194{ 198{
195 return (CRYPTO_get_ex_data(&s->ex_data, idx)); 199 return (CRYPTO_get_ex_data(&s->ex_data, idx));
196} 200}
201LSSL_ALIAS(SSL_SESSION_get_ex_data);
197 202
198uint32_t 203uint32_t
199SSL_SESSION_get_max_early_data(const SSL_SESSION *s) 204SSL_SESSION_get_max_early_data(const SSL_SESSION *s)
200{ 205{
201 return 0; 206 return 0;
202} 207}
208LSSL_ALIAS(SSL_SESSION_get_max_early_data);
203 209
204int 210int
205SSL_SESSION_set_max_early_data(SSL_SESSION *s, uint32_t max_early_data) 211SSL_SESSION_set_max_early_data(SSL_SESSION *s, uint32_t max_early_data)
206{ 212{
207 return 1; 213 return 1;
208} 214}
215LSSL_ALIAS(SSL_SESSION_set_max_early_data);
209 216
210SSL_SESSION * 217SSL_SESSION *
211SSL_SESSION_new(void) 218SSL_SESSION_new(void)
@@ -241,6 +248,7 @@ SSL_SESSION_new(void)
241 248
242 return (ss); 249 return (ss);
243} 250}
251LSSL_ALIAS(SSL_SESSION_new);
244 252
245SSL_SESSION * 253SSL_SESSION *
246ssl_session_dup(SSL_SESSION *sess, int include_ticket) 254ssl_session_dup(SSL_SESSION *sess, int include_ticket)
@@ -354,6 +362,7 @@ SSL_SESSION_get_id(const SSL_SESSION *ss, unsigned int *len)
354 *len = (unsigned int)ss->session_id_length; 362 *len = (unsigned int)ss->session_id_length;
355 return ss->session_id; 363 return ss->session_id;
356} 364}
365LSSL_ALIAS(SSL_SESSION_get_id);
357 366
358const unsigned char * 367const unsigned char *
359SSL_SESSION_get0_id_context(const SSL_SESSION *ss, unsigned int *len) 368SSL_SESSION_get0_id_context(const SSL_SESSION *ss, unsigned int *len)
@@ -362,24 +371,28 @@ SSL_SESSION_get0_id_context(const SSL_SESSION *ss, unsigned int *len)
362 *len = (unsigned int)ss->sid_ctx_length; 371 *len = (unsigned int)ss->sid_ctx_length;
363 return ss->sid_ctx; 372 return ss->sid_ctx;
364} 373}
374LSSL_ALIAS(SSL_SESSION_get0_id_context);
365 375
366unsigned int 376unsigned int
367SSL_SESSION_get_compress_id(const SSL_SESSION *ss) 377SSL_SESSION_get_compress_id(const SSL_SESSION *ss)
368{ 378{
369 return 0; 379 return 0;
370} 380}
381LSSL_ALIAS(SSL_SESSION_get_compress_id);
371 382
372unsigned long 383unsigned long
373SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION *s) 384SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION *s)
374{ 385{
375 return s->tlsext_tick_lifetime_hint; 386 return s->tlsext_tick_lifetime_hint;
376} 387}
388LSSL_ALIAS(SSL_SESSION_get_ticket_lifetime_hint);
377 389
378int 390int
379SSL_SESSION_has_ticket(const SSL_SESSION *s) 391SSL_SESSION_has_ticket(const SSL_SESSION *s)
380{ 392{
381 return (s->tlsext_ticklen > 0) ? 1 : 0; 393 return (s->tlsext_ticklen > 0) ? 1 : 0;
382} 394}
395LSSL_ALIAS(SSL_SESSION_has_ticket);
383 396
384/* 397/*
385 * SSLv3/TLSv1 has 32 bytes (256 bits) of session ID space. As such, filling 398 * SSLv3/TLSv1 has 32 bytes (256 bits) of session ID space. As such, filling
@@ -815,12 +828,14 @@ SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c)
815 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX); 828 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
816 return (ret); 829 return (ret);
817} 830}
831LSSL_ALIAS(SSL_CTX_add_session);
818 832
819int 833int
820SSL_CTX_remove_session(SSL_CTX *ctx, SSL_SESSION *c) 834SSL_CTX_remove_session(SSL_CTX *ctx, SSL_SESSION *c)
821{ 835{
822 return remove_session_lock(ctx, c, 1); 836 return remove_session_lock(ctx, c, 1);
823} 837}
838LSSL_ALIAS(SSL_CTX_remove_session);
824 839
825static int 840static int
826remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck) 841remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck)
@@ -881,6 +896,7 @@ SSL_SESSION_free(SSL_SESSION *ss)
881 896
882 freezero(ss, sizeof(*ss)); 897 freezero(ss, sizeof(*ss));
883} 898}
899LSSL_ALIAS(SSL_SESSION_free);
884 900
885int 901int
886SSL_SESSION_up_ref(SSL_SESSION *ss) 902SSL_SESSION_up_ref(SSL_SESSION *ss)
@@ -888,6 +904,7 @@ SSL_SESSION_up_ref(SSL_SESSION *ss)
888 int refs = CRYPTO_add(&ss->references, 1, CRYPTO_LOCK_SSL_SESSION); 904 int refs = CRYPTO_add(&ss->references, 1, CRYPTO_LOCK_SSL_SESSION);
889 return (refs > 1) ? 1 : 0; 905 return (refs > 1) ? 1 : 0;
890} 906}
907LSSL_ALIAS(SSL_SESSION_up_ref);
891 908
892int 909int
893SSL_set_session(SSL *s, SSL_SESSION *session) 910SSL_set_session(SSL *s, SSL_SESSION *session)
@@ -916,6 +933,7 @@ SSL_set_session(SSL *s, SSL_SESSION *session)
916 933
917 return (1); 934 return (1);
918} 935}
936LSSL_ALIAS(SSL_set_session);
919 937
920size_t 938size_t
921SSL_SESSION_get_master_key(const SSL_SESSION *ss, unsigned char *out, 939SSL_SESSION_get_master_key(const SSL_SESSION *ss, unsigned char *out,
@@ -933,6 +951,7 @@ SSL_SESSION_get_master_key(const SSL_SESSION *ss, unsigned char *out,
933 951
934 return len; 952 return len;
935} 953}
954LSSL_ALIAS(SSL_SESSION_get_master_key);
936 955
937long 956long
938SSL_SESSION_set_timeout(SSL_SESSION *s, long t) 957SSL_SESSION_set_timeout(SSL_SESSION *s, long t)
@@ -942,6 +961,7 @@ SSL_SESSION_set_timeout(SSL_SESSION *s, long t)
942 s->timeout = t; 961 s->timeout = t;
943 return (1); 962 return (1);
944} 963}
964LSSL_ALIAS(SSL_SESSION_set_timeout);
945 965
946long 966long
947SSL_SESSION_get_timeout(const SSL_SESSION *s) 967SSL_SESSION_get_timeout(const SSL_SESSION *s)
@@ -950,6 +970,7 @@ SSL_SESSION_get_timeout(const SSL_SESSION *s)
950 return (0); 970 return (0);
951 return (s->timeout); 971 return (s->timeout);
952} 972}
973LSSL_ALIAS(SSL_SESSION_get_timeout);
953 974
954/* XXX 2038 */ 975/* XXX 2038 */
955long 976long
@@ -959,6 +980,7 @@ SSL_SESSION_get_time(const SSL_SESSION *s)
959 return (0); 980 return (0);
960 return (s->time); 981 return (s->time);
961} 982}
983LSSL_ALIAS(SSL_SESSION_get_time);
962 984
963/* XXX 2038 */ 985/* XXX 2038 */
964long 986long
@@ -969,24 +991,28 @@ SSL_SESSION_set_time(SSL_SESSION *s, long t)
969 s->time = t; 991 s->time = t;
970 return (t); 992 return (t);
971} 993}
994LSSL_ALIAS(SSL_SESSION_set_time);
972 995
973int 996int
974SSL_SESSION_get_protocol_version(const SSL_SESSION *s) 997SSL_SESSION_get_protocol_version(const SSL_SESSION *s)
975{ 998{
976 return s->ssl_version; 999 return s->ssl_version;
977} 1000}
1001LSSL_ALIAS(SSL_SESSION_get_protocol_version);
978 1002
979const SSL_CIPHER * 1003const SSL_CIPHER *
980SSL_SESSION_get0_cipher(const SSL_SESSION *s) 1004SSL_SESSION_get0_cipher(const SSL_SESSION *s)
981{ 1005{
982 return s->cipher; 1006 return s->cipher;
983} 1007}
1008LSSL_ALIAS(SSL_SESSION_get0_cipher);
984 1009
985X509 * 1010X509 *
986SSL_SESSION_get0_peer(SSL_SESSION *s) 1011SSL_SESSION_get0_peer(SSL_SESSION *s)
987{ 1012{
988 return s->peer_cert; 1013 return s->peer_cert;
989} 1014}
1015LSSL_ALIAS(SSL_SESSION_get0_peer);
990 1016
991int 1017int
992SSL_SESSION_set1_id(SSL_SESSION *s, const unsigned char *sid, 1018SSL_SESSION_set1_id(SSL_SESSION *s, const unsigned char *sid,
@@ -1000,6 +1026,7 @@ SSL_SESSION_set1_id(SSL_SESSION *s, const unsigned char *sid,
1000 memmove(s->session_id, sid, sid_len); 1026 memmove(s->session_id, sid, sid_len);
1001 return 1; 1027 return 1;
1002} 1028}
1029LSSL_ALIAS(SSL_SESSION_set1_id);
1003 1030
1004int 1031int
1005SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx, 1032SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx,
@@ -1014,12 +1041,14 @@ SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx,
1014 1041
1015 return 1; 1042 return 1;
1016} 1043}
1044LSSL_ALIAS(SSL_SESSION_set1_id_context);
1017 1045
1018int 1046int
1019SSL_SESSION_is_resumable(const SSL_SESSION *s) 1047SSL_SESSION_is_resumable(const SSL_SESSION *s)
1020{ 1048{
1021 return 0; 1049 return 0;
1022} 1050}
1051LSSL_ALIAS(SSL_SESSION_is_resumable);
1023 1052
1024long 1053long
1025SSL_CTX_set_timeout(SSL_CTX *s, long t) 1054SSL_CTX_set_timeout(SSL_CTX *s, long t)
@@ -1033,6 +1062,7 @@ SSL_CTX_set_timeout(SSL_CTX *s, long t)
1033 1062
1034 return (l); 1063 return (l);
1035} 1064}
1065LSSL_ALIAS(SSL_CTX_set_timeout);
1036 1066
1037long 1067long
1038SSL_CTX_get_timeout(const SSL_CTX *s) 1068SSL_CTX_get_timeout(const SSL_CTX *s)
@@ -1041,6 +1071,7 @@ SSL_CTX_get_timeout(const SSL_CTX *s)
1041 return (0); 1071 return (0);
1042 return (s->session_timeout); 1072 return (s->session_timeout);
1043} 1073}
1074LSSL_ALIAS(SSL_CTX_get_timeout);
1044 1075
1045int 1076int
1046SSL_set_session_secret_cb(SSL *s, int (*tls_session_secret_cb)(SSL *s, 1077SSL_set_session_secret_cb(SSL *s, int (*tls_session_secret_cb)(SSL *s,
@@ -1053,6 +1084,7 @@ SSL_set_session_secret_cb(SSL *s, int (*tls_session_secret_cb)(SSL *s,
1053 s->tls_session_secret_cb_arg = arg; 1084 s->tls_session_secret_cb_arg = arg;
1054 return (1); 1085 return (1);
1055} 1086}
1087LSSL_ALIAS(SSL_set_session_secret_cb);
1056 1088
1057int 1089int
1058SSL_set_session_ticket_ext_cb(SSL *s, tls_session_ticket_ext_cb_fn cb, 1090SSL_set_session_ticket_ext_cb(SSL *s, tls_session_ticket_ext_cb_fn cb,
@@ -1064,6 +1096,7 @@ SSL_set_session_ticket_ext_cb(SSL *s, tls_session_ticket_ext_cb_fn cb,
1064 s->tls_session_ticket_ext_cb_arg = arg; 1096 s->tls_session_ticket_ext_cb_arg = arg;
1065 return (1); 1097 return (1);
1066} 1098}
1099LSSL_ALIAS(SSL_set_session_ticket_ext_cb);
1067 1100
1068int 1101int
1069SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len) 1102SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len)
@@ -1093,6 +1126,7 @@ SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len)
1093 1126
1094 return 0; 1127 return 0;
1095} 1128}
1129LSSL_ALIAS(SSL_set_session_ticket_ext);
1096 1130
1097typedef struct timeout_param_st { 1131typedef struct timeout_param_st {
1098 SSL_CTX *ctx; 1132 SSL_CTX *ctx;
@@ -1145,6 +1179,7 @@ SSL_CTX_flush_sessions(SSL_CTX *s, long t)
1145 CHECKED_LHASH_OF(SSL_SESSION, tp.cache)->down_load = i; 1179 CHECKED_LHASH_OF(SSL_SESSION, tp.cache)->down_load = i;
1146 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX); 1180 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
1147} 1181}
1182LSSL_ALIAS(SSL_CTX_flush_sessions);
1148 1183
1149int 1184int
1150ssl_clear_bad_session(SSL *s) 1185ssl_clear_bad_session(SSL *s)
@@ -1214,12 +1249,14 @@ SSL_CTX_sess_set_new_cb(SSL_CTX *ctx,
1214 int (*cb)(struct ssl_st *ssl, SSL_SESSION *sess)) { 1249 int (*cb)(struct ssl_st *ssl, SSL_SESSION *sess)) {
1215 ctx->new_session_cb = cb; 1250 ctx->new_session_cb = cb;
1216} 1251}
1252LSSL_ALIAS(SSL_CTX_sess_set_new_cb);
1217 1253
1218int 1254int
1219(*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx))(SSL *ssl, SSL_SESSION *sess) 1255(*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx))(SSL *ssl, SSL_SESSION *sess)
1220{ 1256{
1221 return ctx->new_session_cb; 1257 return ctx->new_session_cb;
1222} 1258}
1259LSSL_ALIAS(SSL_CTX_sess_get_new_cb);
1223 1260
1224void 1261void
1225SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx, 1262SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx,
@@ -1227,12 +1264,14 @@ SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx,
1227{ 1264{
1228 ctx->remove_session_cb = cb; 1265 ctx->remove_session_cb = cb;
1229} 1266}
1267LSSL_ALIAS(SSL_CTX_sess_set_remove_cb);
1230 1268
1231void 1269void
1232(*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx))(SSL_CTX * ctx, SSL_SESSION *sess) 1270(*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx))(SSL_CTX * ctx, SSL_SESSION *sess)
1233{ 1271{
1234 return ctx->remove_session_cb; 1272 return ctx->remove_session_cb;
1235} 1273}
1274LSSL_ALIAS(SSL_CTX_sess_get_remove_cb);
1236 1275
1237void 1276void
1238SSL_CTX_sess_set_get_cb(SSL_CTX *ctx, SSL_SESSION *(*cb)(struct ssl_st *ssl, 1277SSL_CTX_sess_set_get_cb(SSL_CTX *ctx, SSL_SESSION *(*cb)(struct ssl_st *ssl,
@@ -1240,6 +1279,7 @@ SSL_CTX_sess_set_get_cb(SSL_CTX *ctx, SSL_SESSION *(*cb)(struct ssl_st *ssl,
1240{ 1279{
1241 ctx->get_session_cb = cb; 1280 ctx->get_session_cb = cb;
1242} 1281}
1282LSSL_ALIAS(SSL_CTX_sess_set_get_cb);
1243 1283
1244SSL_SESSION * 1284SSL_SESSION *
1245(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx))(SSL *ssl, const unsigned char *data, 1285(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx))(SSL *ssl, const unsigned char *data,
@@ -1247,6 +1287,7 @@ SSL_SESSION *
1247{ 1287{
1248 return ctx->get_session_cb; 1288 return ctx->get_session_cb;
1249} 1289}
1290LSSL_ALIAS(SSL_CTX_sess_get_get_cb);
1250 1291
1251void 1292void
1252SSL_CTX_set_info_callback(SSL_CTX *ctx, 1293SSL_CTX_set_info_callback(SSL_CTX *ctx,
@@ -1254,12 +1295,14 @@ SSL_CTX_set_info_callback(SSL_CTX *ctx,
1254{ 1295{
1255 ctx->info_callback = cb; 1296 ctx->info_callback = cb;
1256} 1297}
1298LSSL_ALIAS(SSL_CTX_set_info_callback);
1257 1299
1258void 1300void
1259(*SSL_CTX_get_info_callback(SSL_CTX *ctx))(const SSL *ssl, int type, int val) 1301(*SSL_CTX_get_info_callback(SSL_CTX *ctx))(const SSL *ssl, int type, int val)
1260{ 1302{
1261 return ctx->info_callback; 1303 return ctx->info_callback;
1262} 1304}
1305LSSL_ALIAS(SSL_CTX_get_info_callback);
1263 1306
1264void 1307void
1265SSL_CTX_set_client_cert_cb(SSL_CTX *ctx, 1308SSL_CTX_set_client_cert_cb(SSL_CTX *ctx,
@@ -1267,6 +1310,7 @@ SSL_CTX_set_client_cert_cb(SSL_CTX *ctx,
1267{ 1310{
1268 ctx->client_cert_cb = cb; 1311 ctx->client_cert_cb = cb;
1269} 1312}
1313LSSL_ALIAS(SSL_CTX_set_client_cert_cb);
1270 1314
1271int 1315int
1272(*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx))(SSL * ssl, X509 ** x509, 1316(*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx))(SSL * ssl, X509 ** x509,
@@ -1274,6 +1318,7 @@ int
1274{ 1318{
1275 return ctx->client_cert_cb; 1319 return ctx->client_cert_cb;
1276} 1320}
1321LSSL_ALIAS(SSL_CTX_get_client_cert_cb);
1277 1322
1278#ifndef OPENSSL_NO_ENGINE 1323#ifndef OPENSSL_NO_ENGINE
1279int 1324int
@@ -1291,6 +1336,7 @@ SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e)
1291 ctx->client_cert_engine = e; 1336 ctx->client_cert_engine = e;
1292 return 1; 1337 return 1;
1293} 1338}
1339LSSL_ALIAS(SSL_CTX_set_client_cert_engine);
1294#endif 1340#endif
1295 1341
1296void 1342void
@@ -1299,6 +1345,7 @@ SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx,
1299{ 1345{
1300 ctx->app_gen_cookie_cb = cb; 1346 ctx->app_gen_cookie_cb = cb;
1301} 1347}
1348LSSL_ALIAS(SSL_CTX_set_cookie_generate_cb);
1302 1349
1303void 1350void
1304SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx, 1351SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx,
@@ -1306,6 +1353,7 @@ SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx,
1306{ 1353{
1307 ctx->app_verify_cookie_cb = cb; 1354 ctx->app_verify_cookie_cb = cb;
1308} 1355}
1356LSSL_ALIAS(SSL_CTX_set_cookie_verify_cb);
1309 1357
1310int 1358int
1311PEM_write_SSL_SESSION(FILE *fp, SSL_SESSION *x) 1359PEM_write_SSL_SESSION(FILE *fp, SSL_SESSION *x)
@@ -1313,6 +1361,7 @@ PEM_write_SSL_SESSION(FILE *fp, SSL_SESSION *x)
1313 return PEM_ASN1_write((i2d_of_void *)i2d_SSL_SESSION, 1361 return PEM_ASN1_write((i2d_of_void *)i2d_SSL_SESSION,
1314 PEM_STRING_SSL_SESSION, fp, x, NULL, NULL, 0, NULL, NULL); 1362 PEM_STRING_SSL_SESSION, fp, x, NULL, NULL, 0, NULL, NULL);
1315} 1363}
1364LSSL_ALIAS(PEM_write_SSL_SESSION);
1316 1365
1317SSL_SESSION * 1366SSL_SESSION *
1318PEM_read_SSL_SESSION(FILE *fp, SSL_SESSION **x, pem_password_cb *cb, void *u) 1367PEM_read_SSL_SESSION(FILE *fp, SSL_SESSION **x, pem_password_cb *cb, void *u)
@@ -1320,6 +1369,7 @@ PEM_read_SSL_SESSION(FILE *fp, SSL_SESSION **x, pem_password_cb *cb, void *u)
1320 return PEM_ASN1_read((d2i_of_void *)d2i_SSL_SESSION, 1369 return PEM_ASN1_read((d2i_of_void *)d2i_SSL_SESSION,
1321 PEM_STRING_SSL_SESSION, fp, (void **)x, cb, u); 1370 PEM_STRING_SSL_SESSION, fp, (void **)x, cb, u);
1322} 1371}
1372LSSL_ALIAS(PEM_read_SSL_SESSION);
1323 1373
1324SSL_SESSION * 1374SSL_SESSION *
1325PEM_read_bio_SSL_SESSION(BIO *bp, SSL_SESSION **x, pem_password_cb *cb, void *u) 1375PEM_read_bio_SSL_SESSION(BIO *bp, SSL_SESSION **x, pem_password_cb *cb, void *u)
@@ -1327,6 +1377,7 @@ PEM_read_bio_SSL_SESSION(BIO *bp, SSL_SESSION **x, pem_password_cb *cb, void *u)
1327 return PEM_ASN1_read_bio((d2i_of_void *)d2i_SSL_SESSION, 1377 return PEM_ASN1_read_bio((d2i_of_void *)d2i_SSL_SESSION,
1328 PEM_STRING_SSL_SESSION, bp, (void **)x, cb, u); 1378 PEM_STRING_SSL_SESSION, bp, (void **)x, cb, u);
1329} 1379}
1380LSSL_ALIAS(PEM_read_bio_SSL_SESSION);
1330 1381
1331int 1382int
1332PEM_write_bio_SSL_SESSION(BIO *bp, SSL_SESSION *x) 1383PEM_write_bio_SSL_SESSION(BIO *bp, SSL_SESSION *x)
@@ -1334,3 +1385,4 @@ PEM_write_bio_SSL_SESSION(BIO *bp, SSL_SESSION *x)
1334 return PEM_ASN1_write_bio((i2d_of_void *)i2d_SSL_SESSION, 1385 return PEM_ASN1_write_bio((i2d_of_void *)i2d_SSL_SESSION,
1335 PEM_STRING_SSL_SESSION, bp, x, NULL, NULL, 0, NULL, NULL); 1386 PEM_STRING_SSL_SESSION, bp, x, NULL, NULL, 0, NULL, NULL);
1336} 1387}
1388LSSL_ALIAS(PEM_write_bio_SSL_SESSION);
diff --git a/src/lib/libssl/ssl_srvr.c b/src/lib/libssl/ssl_srvr.c
index 8edbf77156..a518e1ac91 100644
--- a/src/lib/libssl/ssl_srvr.c
+++ b/src/lib/libssl/ssl_srvr.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_srvr.c,v 1.155 2023/06/11 19:01:01 tb Exp $ */ 1/* $OpenBSD: ssl_srvr.c,v 1.156 2023/07/08 16:40:13 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -1832,8 +1832,10 @@ ssl3_get_client_kex_gost(SSL *s, CBS *cbs)
1832 CBS gostblob; 1832 CBS gostblob;
1833 1833
1834 /* Get our certificate private key*/ 1834 /* Get our certificate private key*/
1835#ifndef OPENSSL_NO_GOST
1835 if ((s->s3->hs.cipher->algorithm_auth & SSL_aGOST01) != 0) 1836 if ((s->s3->hs.cipher->algorithm_auth & SSL_aGOST01) != 0)
1836 pkey = s->cert->pkeys[SSL_PKEY_GOST01].privatekey; 1837 pkey = s->cert->pkeys[SSL_PKEY_GOST01].privatekey;
1838#endif
1837 1839
1838 if ((pkey_ctx = EVP_PKEY_CTX_new(pkey, NULL)) == NULL) 1840 if ((pkey_ctx = EVP_PKEY_CTX_new(pkey, NULL)) == NULL)
1839 goto err; 1841 goto err;
@@ -2047,6 +2049,7 @@ ssl3_get_cert_verify(SSL *s)
2047 al = SSL_AD_INTERNAL_ERROR; 2049 al = SSL_AD_INTERNAL_ERROR;
2048 goto fatal_err; 2050 goto fatal_err;
2049 } 2051 }
2052#ifndef OPENSSL_NO_GOST
2050 if (sigalg->key_type == EVP_PKEY_GOSTR01 && 2053 if (sigalg->key_type == EVP_PKEY_GOSTR01 &&
2051 EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_VERIFY, 2054 EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_VERIFY,
2052 EVP_PKEY_CTRL_GOST_SIG_FORMAT, GOST_SIG_FORMAT_RS_LE, 2055 EVP_PKEY_CTRL_GOST_SIG_FORMAT, GOST_SIG_FORMAT_RS_LE,
@@ -2054,6 +2057,7 @@ ssl3_get_cert_verify(SSL *s)
2054 al = SSL_AD_INTERNAL_ERROR; 2057 al = SSL_AD_INTERNAL_ERROR;
2055 goto fatal_err; 2058 goto fatal_err;
2056 } 2059 }
2060#endif
2057 if (EVP_DigestVerify(mctx, CBS_data(&signature), 2061 if (EVP_DigestVerify(mctx, CBS_data(&signature),
2058 CBS_len(&signature), hdata, hdatalen) <= 0) { 2062 CBS_len(&signature), hdata, hdatalen) <= 0) {
2059 SSLerror(s, ERR_R_EVP_LIB); 2063 SSLerror(s, ERR_R_EVP_LIB);
diff --git a/src/lib/libssl/ssl_stat.c b/src/lib/libssl/ssl_stat.c
index b423033e43..803b83bb9f 100644
--- a/src/lib/libssl/ssl_stat.c
+++ b/src/lib/libssl/ssl_stat.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_stat.c,v 1.20 2022/11/26 16:08:56 tb Exp $ */ 1/* $OpenBSD: ssl_stat.c,v 1.21 2023/07/08 16:40:13 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -319,6 +319,7 @@ SSL_state_string_long(const SSL *s)
319 } 319 }
320 return (str); 320 return (str);
321} 321}
322LSSL_ALIAS(SSL_state_string_long);
322 323
323const char * 324const char *
324SSL_rstate_string_long(const SSL *s) 325SSL_rstate_string_long(const SSL *s)
@@ -341,6 +342,7 @@ SSL_rstate_string_long(const SSL *s)
341 } 342 }
342 return (str); 343 return (str);
343} 344}
345LSSL_ALIAS(SSL_rstate_string_long);
344 346
345const char * 347const char *
346SSL_state_string(const SSL *s) 348SSL_state_string(const SSL *s)
@@ -547,6 +549,7 @@ SSL_state_string(const SSL *s)
547 } 549 }
548 return (str); 550 return (str);
549} 551}
552LSSL_ALIAS(SSL_state_string);
550 553
551const char * 554const char *
552SSL_alert_type_string_long(int value) 555SSL_alert_type_string_long(int value)
@@ -559,6 +562,7 @@ SSL_alert_type_string_long(int value)
559 else 562 else
560 return ("unknown"); 563 return ("unknown");
561} 564}
565LSSL_ALIAS(SSL_alert_type_string_long);
562 566
563const char * 567const char *
564SSL_alert_type_string(int value) 568SSL_alert_type_string(int value)
@@ -571,6 +575,7 @@ SSL_alert_type_string(int value)
571 else 575 else
572 return ("U"); 576 return ("U");
573} 577}
578LSSL_ALIAS(SSL_alert_type_string);
574 579
575const char * 580const char *
576SSL_alert_desc_string(int value) 581SSL_alert_desc_string(int value)
@@ -668,6 +673,7 @@ SSL_alert_desc_string(int value)
668 } 673 }
669 return (str); 674 return (str);
670} 675}
676LSSL_ALIAS(SSL_alert_desc_string);
671 677
672const char * 678const char *
673SSL_alert_desc_string_long(int value) 679SSL_alert_desc_string_long(int value)
@@ -765,6 +771,7 @@ SSL_alert_desc_string_long(int value)
765 } 771 }
766 return (str); 772 return (str);
767} 773}
774LSSL_ALIAS(SSL_alert_desc_string_long);
768 775
769const char * 776const char *
770SSL_rstate_string(const SSL *s) 777SSL_rstate_string(const SSL *s)
@@ -787,3 +794,4 @@ SSL_rstate_string(const SSL *s)
787 } 794 }
788 return (str); 795 return (str);
789} 796}
797LSSL_ALIAS(SSL_rstate_string);
diff --git a/src/lib/libssl/ssl_txt.c b/src/lib/libssl/ssl_txt.c
index 270e60a389..ee3d218d68 100644
--- a/src/lib/libssl/ssl_txt.c
+++ b/src/lib/libssl/ssl_txt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_txt.c,v 1.36 2022/11/26 16:08:56 tb Exp $ */ 1/* $OpenBSD: ssl_txt.c,v 1.37 2023/07/08 16:40:13 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -103,6 +103,7 @@ SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *x)
103 BIO_free(b); 103 BIO_free(b);
104 return ret; 104 return ret;
105} 105}
106LSSL_ALIAS(SSL_SESSION_print_fp);
106 107
107int 108int
108SSL_SESSION_print(BIO *bp, const SSL_SESSION *x) 109SSL_SESSION_print(BIO *bp, const SSL_SESSION *x)
@@ -197,3 +198,4 @@ SSL_SESSION_print(BIO *bp, const SSL_SESSION *x)
197 err: 198 err:
198 return ret; 199 return ret;
199} 200}
201LSSL_ALIAS(SSL_SESSION_print);
diff --git a/src/lib/libssl/tls12_record_layer.c b/src/lib/libssl/tls12_record_layer.c
index 59f5d32452..e0601363f6 100644
--- a/src/lib/libssl/tls12_record_layer.c
+++ b/src/lib/libssl/tls12_record_layer.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: tls12_record_layer.c,v 1.38 2022/11/26 16:08:56 tb Exp $ */ 1/* $OpenBSD: tls12_record_layer.c,v 1.39 2023/07/08 16:40:13 beck Exp $ */
2/* 2/*
3 * Copyright (c) 2020 Joel Sing <jsing@openbsd.org> 3 * Copyright (c) 2020 Joel Sing <jsing@openbsd.org>
4 * 4 *
@@ -485,6 +485,8 @@ tls12_record_layer_ccs_cipher(struct tls12_record_layer *rl,
485 if (EVP_CIPHER_key_length(rl->cipher) != CBS_len(key)) 485 if (EVP_CIPHER_key_length(rl->cipher) != CBS_len(key))
486 goto err; 486 goto err;
487 487
488#ifndef OPENSSL_NO_GOST
489 /* XXX die die die
488 /* Special handling for GOST... */ 490 /* Special handling for GOST... */
489 if (EVP_MD_type(rl->mac_hash) == NID_id_Gost28147_89_MAC) { 491 if (EVP_MD_type(rl->mac_hash) == NID_id_Gost28147_89_MAC) {
490 if (CBS_len(mac_key) != 32) 492 if (CBS_len(mac_key) != 32)
@@ -492,11 +494,14 @@ tls12_record_layer_ccs_cipher(struct tls12_record_layer *rl,
492 mac_type = EVP_PKEY_GOSTIMIT; 494 mac_type = EVP_PKEY_GOSTIMIT;
493 rp->stream_mac = 1; 495 rp->stream_mac = 1;
494 } else { 496 } else {
497#endif
495 if (CBS_len(mac_key) > INT_MAX) 498 if (CBS_len(mac_key) > INT_MAX)
496 goto err; 499 goto err;
497 if (EVP_MD_size(rl->mac_hash) != CBS_len(mac_key)) 500 if (EVP_MD_size(rl->mac_hash) != CBS_len(mac_key))
498 goto err; 501 goto err;
502#ifndef OPENSSL_NO_GOST
499 } 503 }
504#endif
500 505
501 if ((rp->cipher_ctx = EVP_CIPHER_CTX_new()) == NULL) 506 if ((rp->cipher_ctx = EVP_CIPHER_CTX_new()) == NULL)
502 goto err; 507 goto err;
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-11-01 16:26:48 +0000