Now that SSLv3 is going away, TLS_* and SSLv23 are equivalent.

Remove the TLS method data and tls_any_* functions. Point to SSLv23. ok jsing@
author: doug <> 2015-08-29 17:15:52 +0000
committer: doug <> 2015-08-29 17:15:52 +0000
commit: b9add1b57a2fe8006e83c66e6f16f11da2031ba5 (patch)
tree: 46b40b124d813a80f0a074ea25d45d394cbb329f /src
parent: 894fa8429438387a0acb89d0b1c08baa287d2294 (diff)
download: openbsd-b9add1b57a2fe8006e83c66e6f16f11da2031ba5.tar.gz
openbsd-b9add1b57a2fe8006e83c66e6f16f11da2031ba5.tar.bz2
openbsd-b9add1b57a2fe8006e83c66e6f16f11da2031ba5.zip
7 files changed, 12 insertions, 288 deletions
diff --git a/src/lib/libssl/s23_clnt.c b/src/lib/libssl/s23_clnt.c
index a99a7691bd..aa668a3ccf 100644
--- a/src/lib/libssl/s23_clnt.c
+++ b/src/lib/libssl/s23_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s23_clnt.c,v 1.41 2015/08/27 06:21:15 doug Exp $ */
+/* $OpenBSD: s23_clnt.c,v 1.42 2015/08/29 17:15:52 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -120,7 +120,6 @@
 static const SSL_METHOD *ssl23_get_client_method(int ver);
 static int ssl23_client_hello(SSL *s);
 static int ssl23_get_server_hello(SSL *s);
-static const SSL_METHOD *tls_any_get_client_method(int ver);
 const SSL_METHOD SSLv23_client_method_data = {
        .version = TLS1_2_VERSION,
@@ -154,39 +153,6 @@ const SSL_METHOD SSLv23_client_method_data = {
        .ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
 };
-const SSL_METHOD TLS_client_method_data = {
-        .version = TLS1_2_VERSION,
-        .ssl_new = tls1_new,
-        .ssl_clear = tls1_clear,
-        .ssl_free = tls1_free,
-        .ssl_accept = ssl_undefined_function,
-        .ssl_connect = tls_any_connect,
-        .ssl_read = ssl23_read,
-        .ssl_peek = ssl23_peek,
-        .ssl_write = ssl23_write,
-        .ssl_shutdown = ssl_undefined_function,
-        .ssl_renegotiate = ssl_undefined_function,
-        .ssl_renegotiate_check = ssl_ok,
-        .ssl_get_message = ssl3_get_message,
-        .ssl_read_bytes = ssl3_read_bytes,
-        .ssl_write_bytes = ssl3_write_bytes,
-        .ssl_dispatch_alert = ssl3_dispatch_alert,
-        .ssl_ctrl = ssl3_ctrl,
-        .ssl_ctx_ctrl = ssl3_ctx_ctrl,
-        .get_cipher_by_char = ssl3_get_cipher_by_char,
-        .put_cipher_by_char = ssl3_put_cipher_by_char,
-        .ssl_pending = ssl_undefined_const_function,
-        .num_ciphers = ssl3_num_ciphers,
-        .get_cipher = ssl3_get_cipher,
-        .get_ssl_method = tls_any_get_client_method,
-        .get_timeout = ssl23_default_timeout,
-        .ssl3_enc = &ssl3_undef_enc_method,
-        .ssl_version = ssl_undefined_void_function,
-        .ssl_callback_ctrl = ssl3_callback_ctrl,
-        .ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
-};
 const SSL_METHOD *
 SSLv23_client_method(void)
 {
@@ -570,29 +536,5 @@ err:
 const SSL_METHOD *
 TLS_client_method(void)
 {
-        return &TLS_client_method_data;
+        return &SSLv23_client_method_data;
-}
-static const SSL_METHOD *
-tls_any_get_client_method(int ver)
-{
-        if (ver == SSL3_VERSION)
-                return (NULL);
-        else
-                return ssl23_get_client_method(ver);
-}
-int
-tls_any_connect(SSL *s)
-{
-        int ret;
-        unsigned long old_options;
-        old_options = s->options;
-        s->options |= SSL_OP_NO_SSLv3;
-        ret = ssl23_connect(s);
-        s->options = old_options;
-        return ret;
 }
diff --git a/src/lib/libssl/s23_srvr.c b/src/lib/libssl/s23_srvr.c
index 7b2107680e..d4ca586c2d 100644
--- a/src/lib/libssl/s23_srvr.c
+++ b/src/lib/libssl/s23_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s23_srvr.c,v 1.42 2015/08/27 06:21:15 doug Exp $ */
+/* $OpenBSD: s23_srvr.c,v 1.43 2015/08/29 17:15:52 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -119,7 +119,6 @@
 static const SSL_METHOD *ssl23_get_server_method(int ver);
 int ssl23_get_client_hello(SSL *s);
-static const SSL_METHOD *tls_any_get_server_method(int ver);
 const SSL_METHOD SSLv23_server_method_data = {
        .version = TLS1_2_VERSION,
@@ -153,38 +152,6 @@ const SSL_METHOD SSLv23_server_method_data = {
        .ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
 };
-const SSL_METHOD TLS_server_method_data = {
-        .version = TLS1_2_VERSION,
-        .ssl_new = tls1_new,
-        .ssl_clear = tls1_clear,
-        .ssl_free = tls1_free,
-        .ssl_accept = tls_any_accept,
-        .ssl_connect = ssl_undefined_function,
-        .ssl_read = ssl23_read,
-        .ssl_peek = ssl23_peek,
-        .ssl_write = ssl23_write,
-        .ssl_shutdown = ssl_undefined_function,
-        .ssl_renegotiate = ssl_undefined_function,
-        .ssl_renegotiate_check = ssl_ok,
-        .ssl_get_message = ssl3_get_message,
-        .ssl_read_bytes = ssl3_read_bytes,
-        .ssl_write_bytes = ssl3_write_bytes,
-        .ssl_dispatch_alert = ssl3_dispatch_alert,
-        .ssl_ctrl = ssl3_ctrl,
-        .ssl_ctx_ctrl = ssl3_ctx_ctrl,
-        .get_cipher_by_char = ssl3_get_cipher_by_char,
-        .put_cipher_by_char = ssl3_put_cipher_by_char,
-        .ssl_pending = ssl_undefined_const_function,
-        .num_ciphers = ssl3_num_ciphers,
-        .get_cipher = ssl3_get_cipher,
-        .get_ssl_method = tls_any_get_server_method,
-        .get_timeout = ssl23_default_timeout,
-        .ssl3_enc = &ssl3_undef_enc_method,
-        .ssl_version = ssl_undefined_void_function,
-        .ssl_callback_ctrl = ssl3_callback_ctrl,
-        .ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
-};
 const SSL_METHOD *
 SSLv23_server_method(void)
 {
@@ -592,29 +559,5 @@ ssl23_get_client_hello(SSL *s)
 const SSL_METHOD *
 TLS_server_method(void)
 {
-        return &TLS_server_method_data;
+        return &SSLv23_server_method_data;
-}
-static const SSL_METHOD *
-tls_any_get_server_method(int ver)
-{
-        if (ver == SSL3_VERSION)
-                return (NULL);
-        else
-                return ssl23_get_server_method(ver);
-}
-int
-tls_any_accept(SSL *s)
-{
-        int ret;
-        unsigned long old_options;
-        old_options = s->options;
-        s->options |= SSL_OP_NO_SSLv3;
-        ret = ssl23_accept(s);
-        s->options = old_options;
-        return ret;
 }
diff --git a/src/lib/libssl/src/ssl/s23_clnt.c b/src/lib/libssl/src/ssl/s23_clnt.c
index a99a7691bd..aa668a3ccf 100644
--- a/src/lib/libssl/src/ssl/s23_clnt.c
+++ b/src/lib/libssl/src/ssl/s23_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s23_clnt.c,v 1.41 2015/08/27 06:21:15 doug Exp $ */
+/* $OpenBSD: s23_clnt.c,v 1.42 2015/08/29 17:15:52 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -120,7 +120,6 @@
 static const SSL_METHOD *ssl23_get_client_method(int ver);
 static int ssl23_client_hello(SSL *s);
 static int ssl23_get_server_hello(SSL *s);
-static const SSL_METHOD *tls_any_get_client_method(int ver);
 const SSL_METHOD SSLv23_client_method_data = {
        .version = TLS1_2_VERSION,
@@ -154,39 +153,6 @@ const SSL_METHOD SSLv23_client_method_data = {
        .ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
 };
-const SSL_METHOD TLS_client_method_data = {
-        .version = TLS1_2_VERSION,
-        .ssl_new = tls1_new,
-        .ssl_clear = tls1_clear,
-        .ssl_free = tls1_free,
-        .ssl_accept = ssl_undefined_function,
-        .ssl_connect = tls_any_connect,
-        .ssl_read = ssl23_read,
-        .ssl_peek = ssl23_peek,
-        .ssl_write = ssl23_write,
-        .ssl_shutdown = ssl_undefined_function,
-        .ssl_renegotiate = ssl_undefined_function,
-        .ssl_renegotiate_check = ssl_ok,
-        .ssl_get_message = ssl3_get_message,
-        .ssl_read_bytes = ssl3_read_bytes,
-        .ssl_write_bytes = ssl3_write_bytes,
-        .ssl_dispatch_alert = ssl3_dispatch_alert,
-        .ssl_ctrl = ssl3_ctrl,
-        .ssl_ctx_ctrl = ssl3_ctx_ctrl,
-        .get_cipher_by_char = ssl3_get_cipher_by_char,
-        .put_cipher_by_char = ssl3_put_cipher_by_char,
-        .ssl_pending = ssl_undefined_const_function,
-        .num_ciphers = ssl3_num_ciphers,
-        .get_cipher = ssl3_get_cipher,
-        .get_ssl_method = tls_any_get_client_method,
-        .get_timeout = ssl23_default_timeout,
-        .ssl3_enc = &ssl3_undef_enc_method,
-        .ssl_version = ssl_undefined_void_function,
-        .ssl_callback_ctrl = ssl3_callback_ctrl,
-        .ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
-};
 const SSL_METHOD *
 SSLv23_client_method(void)
 {
@@ -570,29 +536,5 @@ err:
 const SSL_METHOD *
 TLS_client_method(void)
 {
-        return &TLS_client_method_data;
+        return &SSLv23_client_method_data;
-}
-static const SSL_METHOD *
-tls_any_get_client_method(int ver)
-{
-        if (ver == SSL3_VERSION)
-                return (NULL);
-        else
-                return ssl23_get_client_method(ver);
-}
-int
-tls_any_connect(SSL *s)
-{
-        int ret;
-        unsigned long old_options;
-        old_options = s->options;
-        s->options |= SSL_OP_NO_SSLv3;
-        ret = ssl23_connect(s);
-        s->options = old_options;
-        return ret;
 }
diff --git a/src/lib/libssl/src/ssl/s23_meth.c b/src/lib/libssl/src/ssl/s23_meth.c
index acc8315b91..dfccf1150d 100644
--- a/src/lib/libssl/src/ssl/s23_meth.c
+++ b/src/lib/libssl/src/ssl/s23_meth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s23_meth.c,v 1.20 2015/08/27 06:21:15 doug Exp $ */
+/* $OpenBSD: s23_meth.c,v 1.21 2015/08/29 17:15:52 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -63,7 +63,6 @@
 #include "ssl_locl.h"
 static const SSL_METHOD *ssl23_get_method(int ver);
-static const SSL_METHOD *tls_any_get_method(int ver);
 const SSL_METHOD SSLv23_method_data = {
        .version = TLS1_2_VERSION,
@@ -115,49 +114,8 @@ ssl23_get_method(int ver)
        return (NULL);
 }
-const SSL_METHOD TLS_method_data = {
-        .version = TLS1_2_VERSION,
-        .ssl_new = tls1_new,
-        .ssl_clear = tls1_clear,
-        .ssl_free = tls1_free,
-        .ssl_accept = tls_any_accept,
-        .ssl_connect = tls_any_connect,
-        .ssl_read = ssl23_read,
-        .ssl_peek = ssl23_peek,
-        .ssl_write = ssl23_write,
-        .ssl_shutdown = ssl_undefined_function,
-        .ssl_renegotiate = ssl_undefined_function,
-        .ssl_renegotiate_check = ssl_ok,
-        .ssl_get_message = ssl3_get_message,
-        .ssl_read_bytes = ssl3_read_bytes,
-        .ssl_write_bytes = ssl3_write_bytes,
-        .ssl_dispatch_alert = ssl3_dispatch_alert,
-        .ssl_ctrl = ssl3_ctrl,
-        .ssl_ctx_ctrl = ssl3_ctx_ctrl,
-        .get_cipher_by_char = ssl3_get_cipher_by_char,
-        .put_cipher_by_char = ssl3_put_cipher_by_char,
-        .ssl_pending = ssl_undefined_const_function,
-        .num_ciphers = ssl3_num_ciphers,
-        .get_cipher = ssl3_get_cipher,
-        .get_ssl_method = tls_any_get_method,
-        .get_timeout = ssl23_default_timeout,
-        .ssl3_enc = &ssl3_undef_enc_method,
-        .ssl_version = ssl_undefined_void_function,
-        .ssl_callback_ctrl = ssl3_callback_ctrl,
-        .ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
-};
 const SSL_METHOD *
 TLS_method(void)
 {
-        return &TLS_method_data;
+        return &SSLv23_method_data;
-}
-static const SSL_METHOD *
-tls_any_get_method(int ver)
-{
-        if (ver == SSL3_VERSION)
-                return (NULL);
-        else
-                return ssl23_get_method(ver);
 }
diff --git a/src/lib/libssl/src/ssl/s23_srvr.c b/src/lib/libssl/src/ssl/s23_srvr.c
index 7b2107680e..d4ca586c2d 100644
--- a/src/lib/libssl/src/ssl/s23_srvr.c
+++ b/src/lib/libssl/src/ssl/s23_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s23_srvr.c,v 1.42 2015/08/27 06:21:15 doug Exp $ */
+/* $OpenBSD: s23_srvr.c,v 1.43 2015/08/29 17:15:52 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -119,7 +119,6 @@
 static const SSL_METHOD *ssl23_get_server_method(int ver);
 int ssl23_get_client_hello(SSL *s);
-static const SSL_METHOD *tls_any_get_server_method(int ver);
 const SSL_METHOD SSLv23_server_method_data = {
        .version = TLS1_2_VERSION,
@@ -153,38 +152,6 @@ const SSL_METHOD SSLv23_server_method_data = {
        .ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
 };
-const SSL_METHOD TLS_server_method_data = {
-        .version = TLS1_2_VERSION,
-        .ssl_new = tls1_new,
-        .ssl_clear = tls1_clear,
-        .ssl_free = tls1_free,
-        .ssl_accept = tls_any_accept,
-        .ssl_connect = ssl_undefined_function,
-        .ssl_read = ssl23_read,
-        .ssl_peek = ssl23_peek,
-        .ssl_write = ssl23_write,
-        .ssl_shutdown = ssl_undefined_function,
-        .ssl_renegotiate = ssl_undefined_function,
-        .ssl_renegotiate_check = ssl_ok,
-        .ssl_get_message = ssl3_get_message,
-        .ssl_read_bytes = ssl3_read_bytes,
-        .ssl_write_bytes = ssl3_write_bytes,
-        .ssl_dispatch_alert = ssl3_dispatch_alert,
-        .ssl_ctrl = ssl3_ctrl,
-        .ssl_ctx_ctrl = ssl3_ctx_ctrl,
-        .get_cipher_by_char = ssl3_get_cipher_by_char,
-        .put_cipher_by_char = ssl3_put_cipher_by_char,
-        .ssl_pending = ssl_undefined_const_function,
-        .num_ciphers = ssl3_num_ciphers,
-        .get_cipher = ssl3_get_cipher,
-        .get_ssl_method = tls_any_get_server_method,
-        .get_timeout = ssl23_default_timeout,
-        .ssl3_enc = &ssl3_undef_enc_method,
-        .ssl_version = ssl_undefined_void_function,
-        .ssl_callback_ctrl = ssl3_callback_ctrl,
-        .ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
-};
 const SSL_METHOD *
 SSLv23_server_method(void)
 {
@@ -592,29 +559,5 @@ ssl23_get_client_hello(SSL *s)
 const SSL_METHOD *
 TLS_server_method(void)
 {
-        return &TLS_server_method_data;
+        return &SSLv23_server_method_data;
-}
-static const SSL_METHOD *
-tls_any_get_server_method(int ver)
-{
-        if (ver == SSL3_VERSION)
-                return (NULL);
-        else
-                return ssl23_get_server_method(ver);
-}
-int
-tls_any_accept(SSL *s)
-{
-        int ret;
-        unsigned long old_options;
-        old_options = s->options;
-        s->options |= SSL_OP_NO_SSLv3;
-        ret = ssl23_accept(s);
-        s->options = old_options;
-        return ret;
 }
diff --git a/src/lib/libssl/src/ssl/ssl_locl.h b/src/lib/libssl/src/ssl/ssl_locl.h
index 74b699a48c..098065f3bc 100644
--- a/src/lib/libssl/src/ssl/ssl_locl.h
+++ b/src/lib/libssl/src/ssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.100 2015/07/24 07:57:48 doug Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.101 2015/08/29 17:15:52 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -757,8 +757,6 @@ int ssl23_accept(SSL *s);
 int ssl23_connect(SSL *s);
 int ssl23_read_bytes(SSL *s, int n);
 int ssl23_write_bytes(SSL *s);
-int tls_any_accept(SSL *s);
-int tls_any_connect(SSL *s);
 int tls1_new(SSL *s);
 void tls1_free(SSL *s);
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index 74b699a48c..098065f3bc 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.100 2015/07/24 07:57:48 doug Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.101 2015/08/29 17:15:52 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -757,8 +757,6 @@ int ssl23_accept(SSL *s);
 int ssl23_connect(SSL *s);
 int ssl23_read_bytes(SSL *s, int n);
 int ssl23_write_bytes(SSL *s);
-int tls_any_accept(SSL *s);
-int tls_any_connect(SSL *s);
 int tls1_new(SSL *s);
 void tls1_free(SSL *s);
author	doug <>	2015-08-29 17:15:52 +0000
committer	doug <>	2015-08-29 17:15:52 +0000
commit	b9add1b57a2fe8006e83c66e6f16f11da2031ba5 (patch)
tree	46b40b124d813a80f0a074ea25d45d394cbb329f /src
parent	894fa8429438387a0acb89d0b1c08baa287d2294 (diff)
download	openbsd-b9add1b57a2fe8006e83c66e6f16f11da2031ba5.tar.gz openbsd-b9add1b57a2fe8006e83c66e6f16f11da2031ba5.tar.bz2 openbsd-b9add1b57a2fe8006e83c66e6f16f11da2031ba5.zip

diff --git a/src/lib/libssl/s23_clnt.c b/src/lib/libssl/s23_clnt.c index a99a7691bd..aa668a3ccf 100644 --- a/src/lib/libssl/s23_clnt.c +++ b/src/lib/libssl/s23_clnt.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: s23_clnt.c,v 1.41 2015/08/27 06:21:15 doug Exp $ */	1	/* $OpenBSD: s23_clnt.c,v 1.42 2015/08/29 17:15:52 doug Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -120,7 +120,6 @@
120	static const SSL_METHOD *ssl23_get_client_method(int ver);	120	static const SSL_METHOD *ssl23_get_client_method(int ver);
121	static int ssl23_client_hello(SSL *s);	121	static int ssl23_client_hello(SSL *s);
122	static int ssl23_get_server_hello(SSL *s);	122	static int ssl23_get_server_hello(SSL *s);
123	static const SSL_METHOD *tls_any_get_client_method(int ver);
124		123
125	const SSL_METHOD SSLv23_client_method_data = {	124	const SSL_METHOD SSLv23_client_method_data = {
126	.version = TLS1_2_VERSION,	125	.version = TLS1_2_VERSION,
@@ -154,39 +153,6 @@ const SSL_METHOD SSLv23_client_method_data = {
154	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,	153	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
155	};	154	};
156		155
157	const SSL_METHOD TLS_client_method_data = {
158	.version = TLS1_2_VERSION,
159	.ssl_new = tls1_new,
160	.ssl_clear = tls1_clear,
161	.ssl_free = tls1_free,
162	.ssl_accept = ssl_undefined_function,
163	.ssl_connect = tls_any_connect,
164	.ssl_read = ssl23_read,
165	.ssl_peek = ssl23_peek,
166	.ssl_write = ssl23_write,
167	.ssl_shutdown = ssl_undefined_function,
168	.ssl_renegotiate = ssl_undefined_function,
169	.ssl_renegotiate_check = ssl_ok,
170	.ssl_get_message = ssl3_get_message,
171	.ssl_read_bytes = ssl3_read_bytes,
172	.ssl_write_bytes = ssl3_write_bytes,
173	.ssl_dispatch_alert = ssl3_dispatch_alert,
174	.ssl_ctrl = ssl3_ctrl,
175	.ssl_ctx_ctrl = ssl3_ctx_ctrl,
176	.get_cipher_by_char = ssl3_get_cipher_by_char,
177	.put_cipher_by_char = ssl3_put_cipher_by_char,
178	.ssl_pending = ssl_undefined_const_function,
179	.num_ciphers = ssl3_num_ciphers,
180	.get_cipher = ssl3_get_cipher,
181	.get_ssl_method = tls_any_get_client_method,
182	.get_timeout = ssl23_default_timeout,
183	.ssl3_enc = &ssl3_undef_enc_method,
184	.ssl_version = ssl_undefined_void_function,
185	.ssl_callback_ctrl = ssl3_callback_ctrl,
186	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
187	};
188
189
190	const SSL_METHOD *	156	const SSL_METHOD *
191	SSLv23_client_method(void)	157	SSLv23_client_method(void)
192	{	158	{
@@ -570,29 +536,5 @@ err:
570	const SSL_METHOD *	536	const SSL_METHOD *
571	TLS_client_method(void)	537	TLS_client_method(void)
572	{	538	{
573	return &TLS_client_method_data;	539	return &SSLv23_client_method_data;
574	}
575
576	static const SSL_METHOD *
577	tls_any_get_client_method(int ver)
578	{
579	if (ver == SSL3_VERSION)
580	return (NULL);
581	else
582	return ssl23_get_client_method(ver);
583	}
584
585	int
586	tls_any_connect(SSL *s)
587	{
588	int ret;
589	unsigned long old_options;
590
591	old_options = s->options;
592
593	s->options \|= SSL_OP_NO_SSLv3;
594	ret = ssl23_connect(s);
595	s->options = old_options;
596
597	return ret;
598	}	540	}


diff --git a/src/lib/libssl/s23_srvr.c b/src/lib/libssl/s23_srvr.c index 7b2107680e..d4ca586c2d 100644 --- a/src/lib/libssl/s23_srvr.c +++ b/src/lib/libssl/s23_srvr.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: s23_srvr.c,v 1.42 2015/08/27 06:21:15 doug Exp $ */	1	/* $OpenBSD: s23_srvr.c,v 1.43 2015/08/29 17:15:52 doug Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -119,7 +119,6 @@
119		119
120	static const SSL_METHOD *ssl23_get_server_method(int ver);	120	static const SSL_METHOD *ssl23_get_server_method(int ver);
121	int ssl23_get_client_hello(SSL *s);	121	int ssl23_get_client_hello(SSL *s);
122	static const SSL_METHOD *tls_any_get_server_method(int ver);
123		122
124	const SSL_METHOD SSLv23_server_method_data = {	123	const SSL_METHOD SSLv23_server_method_data = {
125	.version = TLS1_2_VERSION,	124	.version = TLS1_2_VERSION,
@@ -153,38 +152,6 @@ const SSL_METHOD SSLv23_server_method_data = {
153	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,	152	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
154	};	153	};
155		154
156	const SSL_METHOD TLS_server_method_data = {
157	.version = TLS1_2_VERSION,
158	.ssl_new = tls1_new,
159	.ssl_clear = tls1_clear,
160	.ssl_free = tls1_free,
161	.ssl_accept = tls_any_accept,
162	.ssl_connect = ssl_undefined_function,
163	.ssl_read = ssl23_read,
164	.ssl_peek = ssl23_peek,
165	.ssl_write = ssl23_write,
166	.ssl_shutdown = ssl_undefined_function,
167	.ssl_renegotiate = ssl_undefined_function,
168	.ssl_renegotiate_check = ssl_ok,
169	.ssl_get_message = ssl3_get_message,
170	.ssl_read_bytes = ssl3_read_bytes,
171	.ssl_write_bytes = ssl3_write_bytes,
172	.ssl_dispatch_alert = ssl3_dispatch_alert,
173	.ssl_ctrl = ssl3_ctrl,
174	.ssl_ctx_ctrl = ssl3_ctx_ctrl,
175	.get_cipher_by_char = ssl3_get_cipher_by_char,
176	.put_cipher_by_char = ssl3_put_cipher_by_char,
177	.ssl_pending = ssl_undefined_const_function,
178	.num_ciphers = ssl3_num_ciphers,
179	.get_cipher = ssl3_get_cipher,
180	.get_ssl_method = tls_any_get_server_method,
181	.get_timeout = ssl23_default_timeout,
182	.ssl3_enc = &ssl3_undef_enc_method,
183	.ssl_version = ssl_undefined_void_function,
184	.ssl_callback_ctrl = ssl3_callback_ctrl,
185	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
186	};
187
188	const SSL_METHOD *	155	const SSL_METHOD *
189	SSLv23_server_method(void)	156	SSLv23_server_method(void)
190	{	157	{
@@ -592,29 +559,5 @@ ssl23_get_client_hello(SSL *s)
592	const SSL_METHOD *	559	const SSL_METHOD *
593	TLS_server_method(void)	560	TLS_server_method(void)
594	{	561	{
595	return &TLS_server_method_data;	562	return &SSLv23_server_method_data;
596	}
597
598	static const SSL_METHOD *
599	tls_any_get_server_method(int ver)
600	{
601	if (ver == SSL3_VERSION)
602	return (NULL);
603	else
604	return ssl23_get_server_method(ver);
605	}
606
607	int
608	tls_any_accept(SSL *s)
609	{
610	int ret;
611	unsigned long old_options;
612
613	old_options = s->options;
614
615	s->options \|= SSL_OP_NO_SSLv3;
616	ret = ssl23_accept(s);
617	s->options = old_options;
618
619	return ret;
620	}	563	}


diff --git a/src/lib/libssl/src/ssl/s23_clnt.c b/src/lib/libssl/src/ssl/s23_clnt.c index a99a7691bd..aa668a3ccf 100644 --- a/src/lib/libssl/src/ssl/s23_clnt.c +++ b/src/lib/libssl/src/ssl/s23_clnt.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: s23_clnt.c,v 1.41 2015/08/27 06:21:15 doug Exp $ */	1	/* $OpenBSD: s23_clnt.c,v 1.42 2015/08/29 17:15:52 doug Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -120,7 +120,6 @@
120	static const SSL_METHOD *ssl23_get_client_method(int ver);	120	static const SSL_METHOD *ssl23_get_client_method(int ver);
121	static int ssl23_client_hello(SSL *s);	121	static int ssl23_client_hello(SSL *s);
122	static int ssl23_get_server_hello(SSL *s);	122	static int ssl23_get_server_hello(SSL *s);
123	static const SSL_METHOD *tls_any_get_client_method(int ver);
124		123
125	const SSL_METHOD SSLv23_client_method_data = {	124	const SSL_METHOD SSLv23_client_method_data = {
126	.version = TLS1_2_VERSION,	125	.version = TLS1_2_VERSION,
@@ -154,39 +153,6 @@ const SSL_METHOD SSLv23_client_method_data = {
154	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,	153	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
155	};	154	};
156		155
157	const SSL_METHOD TLS_client_method_data = {
158	.version = TLS1_2_VERSION,
159	.ssl_new = tls1_new,
160	.ssl_clear = tls1_clear,
161	.ssl_free = tls1_free,
162	.ssl_accept = ssl_undefined_function,
163	.ssl_connect = tls_any_connect,
164	.ssl_read = ssl23_read,
165	.ssl_peek = ssl23_peek,
166	.ssl_write = ssl23_write,
167	.ssl_shutdown = ssl_undefined_function,
168	.ssl_renegotiate = ssl_undefined_function,
169	.ssl_renegotiate_check = ssl_ok,
170	.ssl_get_message = ssl3_get_message,
171	.ssl_read_bytes = ssl3_read_bytes,
172	.ssl_write_bytes = ssl3_write_bytes,
173	.ssl_dispatch_alert = ssl3_dispatch_alert,
174	.ssl_ctrl = ssl3_ctrl,
175	.ssl_ctx_ctrl = ssl3_ctx_ctrl,
176	.get_cipher_by_char = ssl3_get_cipher_by_char,
177	.put_cipher_by_char = ssl3_put_cipher_by_char,
178	.ssl_pending = ssl_undefined_const_function,
179	.num_ciphers = ssl3_num_ciphers,
180	.get_cipher = ssl3_get_cipher,
181	.get_ssl_method = tls_any_get_client_method,
182	.get_timeout = ssl23_default_timeout,
183	.ssl3_enc = &ssl3_undef_enc_method,
184	.ssl_version = ssl_undefined_void_function,
185	.ssl_callback_ctrl = ssl3_callback_ctrl,
186	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
187	};
188
189
190	const SSL_METHOD *	156	const SSL_METHOD *
191	SSLv23_client_method(void)	157	SSLv23_client_method(void)
192	{	158	{
@@ -570,29 +536,5 @@ err:
570	const SSL_METHOD *	536	const SSL_METHOD *
571	TLS_client_method(void)	537	TLS_client_method(void)
572	{	538	{
573	return &TLS_client_method_data;	539	return &SSLv23_client_method_data;
574	}
575
576	static const SSL_METHOD *
577	tls_any_get_client_method(int ver)
578	{
579	if (ver == SSL3_VERSION)
580	return (NULL);
581	else
582	return ssl23_get_client_method(ver);
583	}
584
585	int
586	tls_any_connect(SSL *s)
587	{
588	int ret;
589	unsigned long old_options;
590
591	old_options = s->options;
592
593	s->options \|= SSL_OP_NO_SSLv3;
594	ret = ssl23_connect(s);
595	s->options = old_options;
596
597	return ret;
598	}	540	}


diff --git a/src/lib/libssl/src/ssl/s23_meth.c b/src/lib/libssl/src/ssl/s23_meth.c index acc8315b91..dfccf1150d 100644 --- a/src/lib/libssl/src/ssl/s23_meth.c +++ b/src/lib/libssl/src/ssl/s23_meth.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: s23_meth.c,v 1.20 2015/08/27 06:21:15 doug Exp $ */	1	/* $OpenBSD: s23_meth.c,v 1.21 2015/08/29 17:15:52 doug Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -63,7 +63,6 @@
63	#include "ssl_locl.h"	63	#include "ssl_locl.h"
64		64
65	static const SSL_METHOD *ssl23_get_method(int ver);	65	static const SSL_METHOD *ssl23_get_method(int ver);
66	static const SSL_METHOD *tls_any_get_method(int ver);
67		66
68	const SSL_METHOD SSLv23_method_data = {	67	const SSL_METHOD SSLv23_method_data = {
69	.version = TLS1_2_VERSION,	68	.version = TLS1_2_VERSION,
@@ -115,49 +114,8 @@ ssl23_get_method(int ver)
115	return (NULL);	114	return (NULL);
116	}	115	}
117		116
118	const SSL_METHOD TLS_method_data = {
119	.version = TLS1_2_VERSION,
120	.ssl_new = tls1_new,
121	.ssl_clear = tls1_clear,
122	.ssl_free = tls1_free,
123	.ssl_accept = tls_any_accept,
124	.ssl_connect = tls_any_connect,
125	.ssl_read = ssl23_read,
126	.ssl_peek = ssl23_peek,
127	.ssl_write = ssl23_write,
128	.ssl_shutdown = ssl_undefined_function,
129	.ssl_renegotiate = ssl_undefined_function,
130	.ssl_renegotiate_check = ssl_ok,
131	.ssl_get_message = ssl3_get_message,
132	.ssl_read_bytes = ssl3_read_bytes,
133	.ssl_write_bytes = ssl3_write_bytes,
134	.ssl_dispatch_alert = ssl3_dispatch_alert,
135	.ssl_ctrl = ssl3_ctrl,
136	.ssl_ctx_ctrl = ssl3_ctx_ctrl,
137	.get_cipher_by_char = ssl3_get_cipher_by_char,
138	.put_cipher_by_char = ssl3_put_cipher_by_char,
139	.ssl_pending = ssl_undefined_const_function,
140	.num_ciphers = ssl3_num_ciphers,
141	.get_cipher = ssl3_get_cipher,
142	.get_ssl_method = tls_any_get_method,
143	.get_timeout = ssl23_default_timeout,
144	.ssl3_enc = &ssl3_undef_enc_method,
145	.ssl_version = ssl_undefined_void_function,
146	.ssl_callback_ctrl = ssl3_callback_ctrl,
147	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
148	};
149
150	const SSL_METHOD *	117	const SSL_METHOD *
151	TLS_method(void)	118	TLS_method(void)
152	{	119	{
153	return &TLS_method_data;	120	return &SSLv23_method_data;
154	}
155
156	static const SSL_METHOD *
157	tls_any_get_method(int ver)
158	{
159	if (ver == SSL3_VERSION)
160	return (NULL);
161	else
162	return ssl23_get_method(ver);
163	}	121	}


diff --git a/src/lib/libssl/src/ssl/s23_srvr.c b/src/lib/libssl/src/ssl/s23_srvr.c index 7b2107680e..d4ca586c2d 100644 --- a/src/lib/libssl/src/ssl/s23_srvr.c +++ b/src/lib/libssl/src/ssl/s23_srvr.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: s23_srvr.c,v 1.42 2015/08/27 06:21:15 doug Exp $ */	1	/* $OpenBSD: s23_srvr.c,v 1.43 2015/08/29 17:15:52 doug Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -119,7 +119,6 @@
119		119
120	static const SSL_METHOD *ssl23_get_server_method(int ver);	120	static const SSL_METHOD *ssl23_get_server_method(int ver);
121	int ssl23_get_client_hello(SSL *s);	121	int ssl23_get_client_hello(SSL *s);
122	static const SSL_METHOD *tls_any_get_server_method(int ver);
123		122
124	const SSL_METHOD SSLv23_server_method_data = {	123	const SSL_METHOD SSLv23_server_method_data = {
125	.version = TLS1_2_VERSION,	124	.version = TLS1_2_VERSION,
@@ -153,38 +152,6 @@ const SSL_METHOD SSLv23_server_method_data = {
153	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,	152	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
154	};	153	};
155		154
156	const SSL_METHOD TLS_server_method_data = {
157	.version = TLS1_2_VERSION,
158	.ssl_new = tls1_new,
159	.ssl_clear = tls1_clear,
160	.ssl_free = tls1_free,
161	.ssl_accept = tls_any_accept,
162	.ssl_connect = ssl_undefined_function,
163	.ssl_read = ssl23_read,
164	.ssl_peek = ssl23_peek,
165	.ssl_write = ssl23_write,
166	.ssl_shutdown = ssl_undefined_function,
167	.ssl_renegotiate = ssl_undefined_function,
168	.ssl_renegotiate_check = ssl_ok,
169	.ssl_get_message = ssl3_get_message,
170	.ssl_read_bytes = ssl3_read_bytes,
171	.ssl_write_bytes = ssl3_write_bytes,
172	.ssl_dispatch_alert = ssl3_dispatch_alert,
173	.ssl_ctrl = ssl3_ctrl,
174	.ssl_ctx_ctrl = ssl3_ctx_ctrl,
175	.get_cipher_by_char = ssl3_get_cipher_by_char,
176	.put_cipher_by_char = ssl3_put_cipher_by_char,
177	.ssl_pending = ssl_undefined_const_function,
178	.num_ciphers = ssl3_num_ciphers,
179	.get_cipher = ssl3_get_cipher,
180	.get_ssl_method = tls_any_get_server_method,
181	.get_timeout = ssl23_default_timeout,
182	.ssl3_enc = &ssl3_undef_enc_method,
183	.ssl_version = ssl_undefined_void_function,
184	.ssl_callback_ctrl = ssl3_callback_ctrl,
185	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
186	};
187
188	const SSL_METHOD *	155	const SSL_METHOD *
189	SSLv23_server_method(void)	156	SSLv23_server_method(void)
190	{	157	{
@@ -592,29 +559,5 @@ ssl23_get_client_hello(SSL *s)
592	const SSL_METHOD *	559	const SSL_METHOD *
593	TLS_server_method(void)	560	TLS_server_method(void)
594	{	561	{
595	return &TLS_server_method_data;	562	return &SSLv23_server_method_data;
596	}
597
598	static const SSL_METHOD *
599	tls_any_get_server_method(int ver)
600	{
601	if (ver == SSL3_VERSION)
602	return (NULL);
603	else
604	return ssl23_get_server_method(ver);
605	}
606
607	int
608	tls_any_accept(SSL *s)
609	{
610	int ret;
611	unsigned long old_options;
612
613	old_options = s->options;
614
615	s->options \|= SSL_OP_NO_SSLv3;
616	ret = ssl23_accept(s);
617	s->options = old_options;
618
619	return ret;
620	}	563	}


diff --git a/src/lib/libssl/src/ssl/ssl_locl.h b/src/lib/libssl/src/ssl/ssl_locl.h index 74b699a48c..098065f3bc 100644 --- a/src/lib/libssl/src/ssl/ssl_locl.h +++ b/src/lib/libssl/src/ssl/ssl_locl.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_locl.h,v 1.100 2015/07/24 07:57:48 doug Exp $ */	1	/* $OpenBSD: ssl_locl.h,v 1.101 2015/08/29 17:15:52 doug Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -757,8 +757,6 @@ int ssl23_accept(SSL *s);
757	int ssl23_connect(SSL *s);	757	int ssl23_connect(SSL *s);
758	int ssl23_read_bytes(SSL *s, int n);	758	int ssl23_read_bytes(SSL *s, int n);
759	int ssl23_write_bytes(SSL *s);	759	int ssl23_write_bytes(SSL *s);
760	int tls_any_accept(SSL *s);
761	int tls_any_connect(SSL *s);
762		760
763	int tls1_new(SSL *s);	761	int tls1_new(SSL *s);
764	void tls1_free(SSL *s);	762	void tls1_free(SSL *s);


diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h index 74b699a48c..098065f3bc 100644 --- a/src/lib/libssl/ssl_locl.h +++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_locl.h,v 1.100 2015/07/24 07:57:48 doug Exp $ */	1	/* $OpenBSD: ssl_locl.h,v 1.101 2015/08/29 17:15:52 doug Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -757,8 +757,6 @@ int ssl23_accept(SSL *s);
757	int ssl23_connect(SSL *s);	757	int ssl23_connect(SSL *s);
758	int ssl23_read_bytes(SSL *s, int n);	758	int ssl23_read_bytes(SSL *s, int n);
759	int ssl23_write_bytes(SSL *s);	759	int ssl23_write_bytes(SSL *s);
760	int tls_any_accept(SSL *s);
761	int tls_any_connect(SSL *s);
762		760
763	int tls1_new(SSL *s);	761	int tls1_new(SSL *s);
764	void tls1_free(SSL *s);	762	void tls1_free(SSL *s);