diff options
| author | tb <> | 2025-03-09 15:53:36 +0000 |
|---|---|---|
| committer | tb <> | 2025-03-09 15:53:36 +0000 |
| commit | 35761752f2bfb222979aa98610559dcfa73b3b57 (patch) | |
| tree | fdf63c3e86200e85b3faaf385839c00af061ba8b /src | |
| parent | 38cf98dc69b5872f5a59ded35918c72a565982cf (diff) | |
| download | openbsd-35761752f2bfb222979aa98610559dcfa73b3b57.tar.gz openbsd-35761752f2bfb222979aa98610559dcfa73b3b57.tar.bz2 openbsd-35761752f2bfb222979aa98610559dcfa73b3b57.zip | |
const correct tls_session_secret_cb_fn()
Various ports throw a warning since their tls_session_secret_cb's
signature doesn't match what we expect. Aligns us with OpenSSL 1.1.
This is only useful for RFC 4851 EAP-FAST implementations and
surprisingly it's undocumented.
ok jsing
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libssl/ssl.h | 4 | ||||
| -rw-r--r-- | src/lib/libssl/ssl_clnt.c | 4 | ||||
| -rw-r--r-- | src/lib/libssl/ssl_sess.c | 4 | ||||
| -rw-r--r-- | src/lib/libssl/ssl_srvr.c | 4 |
4 files changed, 8 insertions, 8 deletions
diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h index 650131a779..062c6dcbb9 100644 --- a/src/lib/libssl/ssl.h +++ b/src/lib/libssl/ssl.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl.h,v 1.245 2024/10/23 01:57:19 jsg Exp $ */ | 1 | /* $OpenBSD: ssl.h,v 1.246 2025/03/09 15:53:36 tb Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -364,7 +364,7 @@ DECLARE_STACK_OF(SRTP_PROTECTION_PROFILE) | |||
| 364 | typedef int (*tls_session_ticket_ext_cb_fn)(SSL *s, const unsigned char *data, | 364 | typedef int (*tls_session_ticket_ext_cb_fn)(SSL *s, const unsigned char *data, |
| 365 | int len, void *arg); | 365 | int len, void *arg); |
| 366 | typedef int (*tls_session_secret_cb_fn)(SSL *s, void *secret, int *secret_len, | 366 | typedef int (*tls_session_secret_cb_fn)(SSL *s, void *secret, int *secret_len, |
| 367 | STACK_OF(SSL_CIPHER) *peer_ciphers, SSL_CIPHER **cipher, void *arg); | 367 | STACK_OF(SSL_CIPHER) *peer_ciphers, const SSL_CIPHER **cipher, void *arg); |
| 368 | 368 | ||
| 369 | /* Allow initial connection to servers that don't support RI */ | 369 | /* Allow initial connection to servers that don't support RI */ |
| 370 | #define SSL_OP_LEGACY_SERVER_CONNECT 0x00000004L | 370 | #define SSL_OP_LEGACY_SERVER_CONNECT 0x00000004L |
diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c index 593ed553d3..0d3dcf78af 100644 --- a/src/lib/libssl/ssl_clnt.c +++ b/src/lib/libssl/ssl_clnt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_clnt.c,v 1.168 2024/07/22 14:47:15 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_clnt.c,v 1.169 2025/03/09 15:53:36 tb Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -926,7 +926,7 @@ ssl3_get_server_hello(SSL *s) | |||
| 926 | * pre-shared secret. | 926 | * pre-shared secret. |
| 927 | */ | 927 | */ |
| 928 | if (s->tls_session_secret_cb != NULL) { | 928 | if (s->tls_session_secret_cb != NULL) { |
| 929 | SSL_CIPHER *pref_cipher = NULL; | 929 | const SSL_CIPHER *pref_cipher = NULL; |
| 930 | int master_key_length = sizeof(s->session->master_key); | 930 | int master_key_length = sizeof(s->session->master_key); |
| 931 | 931 | ||
| 932 | if (!s->tls_session_secret_cb(s, | 932 | if (!s->tls_session_secret_cb(s, |
diff --git a/src/lib/libssl/ssl_sess.c b/src/lib/libssl/ssl_sess.c index 5aea990278..a5cfc33c04 100644 --- a/src/lib/libssl/ssl_sess.c +++ b/src/lib/libssl/ssl_sess.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_sess.c,v 1.128 2024/07/22 14:47:15 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_sess.c,v 1.129 2025/03/09 15:53:36 tb Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -1057,7 +1057,7 @@ LSSL_ALIAS(SSL_CTX_get_timeout); | |||
| 1057 | int | 1057 | int |
| 1058 | SSL_set_session_secret_cb(SSL *s, int (*tls_session_secret_cb)(SSL *s, | 1058 | SSL_set_session_secret_cb(SSL *s, int (*tls_session_secret_cb)(SSL *s, |
| 1059 | void *secret, int *secret_len, STACK_OF(SSL_CIPHER) *peer_ciphers, | 1059 | void *secret, int *secret_len, STACK_OF(SSL_CIPHER) *peer_ciphers, |
| 1060 | SSL_CIPHER **cipher, void *arg), void *arg) | 1060 | const SSL_CIPHER **cipher, void *arg), void *arg) |
| 1061 | { | 1061 | { |
| 1062 | if (s == NULL) | 1062 | if (s == NULL) |
| 1063 | return (0); | 1063 | return (0); |
diff --git a/src/lib/libssl/ssl_srvr.c b/src/lib/libssl/ssl_srvr.c index 302b6bdf0f..db4ba38b51 100644 --- a/src/lib/libssl/ssl_srvr.c +++ b/src/lib/libssl/ssl_srvr.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_srvr.c,v 1.165 2024/07/22 14:47:15 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_srvr.c,v 1.166 2025/03/09 15:53:36 tb Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -1058,7 +1058,7 @@ ssl3_get_client_hello(SSL *s) | |||
| 1058 | } | 1058 | } |
| 1059 | 1059 | ||
| 1060 | if (!s->hit && s->tls_session_secret_cb != NULL) { | 1060 | if (!s->hit && s->tls_session_secret_cb != NULL) { |
| 1061 | SSL_CIPHER *pref_cipher = NULL; | 1061 | const SSL_CIPHER *pref_cipher = NULL; |
| 1062 | int master_key_length = sizeof(s->session->master_key); | 1062 | int master_key_length = sizeof(s->session->master_key); |
| 1063 | 1063 | ||
| 1064 | if (!s->tls_session_secret_cb(s, | 1064 | if (!s->tls_session_secret_cb(s, |