summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorbeck <>2023-07-06 07:56:32 +0000
committerbeck <>2023-07-06 07:56:32 +0000
commitdeb33f171f3135e4367961ec4388c20da87f41c8 (patch)
treecd4fa65e93f388ffae1d6151100b66212bd029ce /src
parent86e9fdb1f24e39ab0ee179d5efcd68a28ed9c2af (diff)
downloadopenbsd-deb33f171f3135e4367961ec4388c20da87f41c8.tar.gz
openbsd-deb33f171f3135e4367961ec4388c20da87f41c8.tar.bz2
openbsd-deb33f171f3135e4367961ec4388c20da87f41c8.zip
unifdef the LIBRESSL_HAS_TLS1_3_[CLIENT|SERVER] goo
And remove the tendrils. This was useful for transition but we are now well past this.
Diffstat (limited to 'src')
-rw-r--r--src/lib/libssl/Makefile6
-rw-r--r--src/lib/libssl/ssl_local.h14
-rw-r--r--src/lib/libssl/ssl_methods.c37
3 files changed, 3 insertions, 54 deletions
diff --git a/src/lib/libssl/Makefile b/src/lib/libssl/Makefile
index b5b4ff4d31..9783885cd7 100644
--- a/src/lib/libssl/Makefile
+++ b/src/lib/libssl/Makefile
@@ -1,4 +1,4 @@
1# $OpenBSD: Makefile,v 1.79 2023/05/05 21:23:02 tb Exp $ 1# $OpenBSD: Makefile,v 1.80 2023/07/06 07:56:32 beck Exp $
2 2
3.include <bsd.own.mk> 3.include <bsd.own.mk>
4.ifndef NOMAN 4.ifndef NOMAN
@@ -19,10 +19,6 @@ CFLAGS+= -DLIBRESSL_INTERNAL
19.ifdef NAMESPACE 19.ifdef NAMESPACE
20CFLAGS+= -DLIBRESSL_NAMESPACE 20CFLAGS+= -DLIBRESSL_NAMESPACE
21.endif 21.endif
22.ifdef TLS1_3
23CFLAGS+= -DLIBRESSL_HAS_TLS1_3_CLIENT
24CFLAGS+= -DLIBRESSL_HAS_TLS1_3_SERVER
25.endif
26.ifdef TLS1_3_DEBUG 22.ifdef TLS1_3_DEBUG
27CFLAGS+= -DTLS13_DEBUG 23CFLAGS+= -DTLS13_DEBUG
28.endif 24.endif
diff --git a/src/lib/libssl/ssl_local.h b/src/lib/libssl/ssl_local.h
index cb38e5f91c..9666f3882a 100644
--- a/src/lib/libssl/ssl_local.h
+++ b/src/lib/libssl/ssl_local.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_local.h,v 1.6 2023/05/26 13:44:05 tb Exp $ */ 1/* $OpenBSD: ssl_local.h,v 1.7 2023/07/06 07:56:32 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -174,18 +174,6 @@ __BEGIN_HIDDEN_DECLS
174#define LIBRESSL_HAS_DTLS1_2 174#define LIBRESSL_HAS_DTLS1_2
175#endif 175#endif
176 176
177#ifndef LIBRESSL_HAS_TLS1_3_CLIENT
178#define LIBRESSL_HAS_TLS1_3_CLIENT
179#endif
180
181#ifndef LIBRESSL_HAS_TLS1_3_SERVER
182#define LIBRESSL_HAS_TLS1_3_SERVER
183#endif
184
185#if defined(LIBRESSL_HAS_TLS1_3_CLIENT) || defined(LIBRESSL_HAS_TLS1_3_SERVER)
186#define LIBRESSL_HAS_TLS1_3
187#endif
188
189/* LOCAL STUFF */ 177/* LOCAL STUFF */
190 178
191#define SSL_DECRYPT 0 179#define SSL_DECRYPT 0
diff --git a/src/lib/libssl/ssl_methods.c b/src/lib/libssl/ssl_methods.c
index dac28011f4..8e89ef632e 100644
--- a/src/lib/libssl/ssl_methods.c
+++ b/src/lib/libssl/ssl_methods.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_methods.c,v 1.29 2022/11/26 16:08:56 tb Exp $ */ 1/* $OpenBSD: ssl_methods.c,v 1.30 2023/07/06 07:56:32 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -240,7 +240,6 @@ DTLS_server_method(void)
240 return &DTLS_method_data; 240 return &DTLS_method_data;
241} 241}
242 242
243#if defined(LIBRESSL_HAS_TLS1_3_CLIENT) && defined(LIBRESSL_HAS_TLS1_3_SERVER)
244static const SSL_METHOD TLS_method_data = { 243static const SSL_METHOD TLS_method_data = {
245 .dtls = 0, 244 .dtls = 0,
246 .server = 1, 245 .server = 1,
@@ -261,7 +260,6 @@ static const SSL_METHOD TLS_method_data = {
261 .get_cipher = ssl3_get_cipher, 260 .get_cipher = ssl3_get_cipher,
262 .enc_flags = TLSV1_3_ENC_FLAGS, 261 .enc_flags = TLSV1_3_ENC_FLAGS,
263}; 262};
264#endif
265 263
266static const SSL_METHOD TLS_legacy_method_data = { 264static const SSL_METHOD TLS_legacy_method_data = {
267 .dtls = 0, 265 .dtls = 0,
@@ -284,7 +282,6 @@ static const SSL_METHOD TLS_legacy_method_data = {
284 .enc_flags = TLSV1_2_ENC_FLAGS, 282 .enc_flags = TLSV1_2_ENC_FLAGS,
285}; 283};
286 284
287#if defined(LIBRESSL_HAS_TLS1_3_CLIENT)
288static const SSL_METHOD TLS_client_method_data = { 285static const SSL_METHOD TLS_client_method_data = {
289 .dtls = 0, 286 .dtls = 0,
290 .server = 0, 287 .server = 0,
@@ -306,30 +303,6 @@ static const SSL_METHOD TLS_client_method_data = {
306 .enc_flags = TLSV1_3_ENC_FLAGS, 303 .enc_flags = TLSV1_3_ENC_FLAGS,
307}; 304};
308 305
309#else
310
311static const SSL_METHOD TLS_legacy_client_method_data = {
312 .dtls = 0,
313 .server = 0,
314 .version = TLS1_2_VERSION,
315 .min_tls_version = TLS1_VERSION,
316 .max_tls_version = TLS1_2_VERSION,
317 .ssl_new = tls1_new,
318 .ssl_clear = tls1_clear,
319 .ssl_free = tls1_free,
320 .ssl_accept = ssl3_accept,
321 .ssl_connect = ssl3_connect,
322 .ssl_shutdown = ssl3_shutdown,
323 .ssl_renegotiate = ssl_undefined_function,
324 .ssl_renegotiate_check = ssl_ok,
325 .ssl_pending = ssl3_pending,
326 .ssl_read_bytes = ssl3_read_bytes,
327 .ssl_write_bytes = ssl3_write_bytes,
328 .get_cipher = ssl3_get_cipher,
329 .enc_flags = TLSV1_2_ENC_FLAGS,
330};
331#endif
332
333static const SSL_METHOD TLSv1_method_data = { 306static const SSL_METHOD TLSv1_method_data = {
334 .dtls = 0, 307 .dtls = 0,
335 .server = 1, 308 .server = 1,
@@ -459,21 +432,13 @@ static const SSL_METHOD TLSv1_2_client_method_data = {
459const SSL_METHOD * 432const SSL_METHOD *
460TLS_client_method(void) 433TLS_client_method(void)
461{ 434{
462#if defined(LIBRESSL_HAS_TLS1_3_CLIENT)
463 return (&TLS_client_method_data); 435 return (&TLS_client_method_data);
464#else
465 return (&TLS_legacy_client_method_data);
466#endif
467} 436}
468 437
469const SSL_METHOD * 438const SSL_METHOD *
470TLS_method(void) 439TLS_method(void)
471{ 440{
472#if defined(LIBRESSL_HAS_TLS1_3_CLIENT) && defined(LIBRESSL_HAS_TLS1_3_SERVER)
473 return (&TLS_method_data); 441 return (&TLS_method_data);
474#else
475 return tls_legacy_method();
476#endif
477} 442}
478 443
479const SSL_METHOD * 444const SSL_METHOD *
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-11-19 00:47:43 +0000