ssl2.h and ssl23.h join the party in the attic

Now that the SSL2 client hello support is gone, nothing uses this anymore, except that a few ports still need SSL2_VERSION. ok beck
author: tb <> 2024-07-13 18:33:18 +0000
committer: tb <> 2024-07-13 18:33:18 +0000
commit: dfcd8a8d076839996503a7743601fd0ee686a0d0 (patch)
tree: 4966c0a9f0261466ab6055016c251996494e5cef /src
parent: 887938c431474ff916a38fb6794af1148ce9393b (diff)
download: openbsd-dfcd8a8d076839996503a7743601fd0ee686a0d0.tar.gz
openbsd-dfcd8a8d076839996503a7743601fd0ee686a0d0.tar.bz2
openbsd-dfcd8a8d076839996503a7743601fd0ee686a0d0.zip
5 files changed, 11 insertions, 257 deletions
diff --git a/src/lib/libssl/Makefile b/src/lib/libssl/Makefile
index 7d3b221db9..1100b99ce2 100644
--- a/src/lib/libssl/Makefile
+++ b/src/lib/libssl/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.83 2024/07/09 09:39:14 beck Exp $
+# $OpenBSD: Makefile,v 1.84 2024/07/13 18:33:18 tb Exp $
 .include <bsd.own.mk>
 .ifndef NOMAN
@@ -89,7 +89,7 @@ SRCS= \
        tls_key_share.c \
        tls_lib.c
-HDRS=   dtls1.h srtp.h ssl.h ssl2.h ssl23.h ssl3.h tls1.h
+HDRS=   dtls1.h srtp.h ssl.h ssl3.h tls1.h
 .PATH:  ${.CURDIR}
diff --git a/src/lib/libssl/man/ssl.3 b/src/lib/libssl/man/ssl.3
index 0c793d780d..5bceba7245 100644
--- a/src/lib/libssl/man/ssl.3
+++ b/src/lib/libssl/man/ssl.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: ssl.3,v 1.24 2024/05/09 17:57:36 jmc Exp $
+.\" $OpenBSD: ssl.3,v 1.25 2024/07/13 18:33:18 tb Exp $
 .\" full merge up to: OpenSSL e330f55d Nov 11 00:51:04 2016 +0100
 .\" selective merge up to: OpenSSL 322755cc Sep 1 08:40:51 2018 +0800
 .\"
@@ -51,7 +51,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: May 9 2024 $
+.Dd $Mdocdate: July 13 2024 $
 .Dt SSL 3
 .Os
 .Sh NAME
@@ -147,13 +147,6 @@ It internally includes both more private SSL headers and headers from the
 library.
 Whenever you need hardcore details on the internals of the SSL API, look inside
 this header file.
-.It Pa ssl2.h
-That's the sub header file dealing with the SSLv2 protocol only.
-.Bf Em
- Usually you don't have to include it explicitly because it's already included
-by
-.Pa ssl.h .
-.Ef
 .It Pa ssl3.h
 That's the sub header file dealing with the SSLv3 protocol only.
 .Bf Em
@@ -161,14 +154,6 @@ Usually you don't have to include it explicitly because it's already included
 by
 .Pa ssl.h .
 .Ef
-.It Pa ssl23.h
-That's the sub header file dealing with the combined use of the SSLv2 and SSLv3
-protocols.
-.Bf Em
-Usually you don't have to include it explicitly because it's already included
-by
-.Pa ssl.h .
-.Ef
 .It Pa tls1.h
 That's the sub header file dealing with the TLSv1 protocol only.
 .Bf Em
diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h
index 22d4809868..e63312a123 100644
--- a/src/lib/libssl/ssl.h
+++ b/src/lib/libssl/ssl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl.h,v 1.237 2024/05/27 09:12:31 jsg Exp $ */
+/* $OpenBSD: ssl.h,v 1.238 2024/07/13 18:33:18 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -653,11 +653,9 @@ void SSL_set_psk_use_session_callback(SSL *s, SSL_psk_use_session_cb_func cb);
 }
 #endif
-#include <openssl/ssl2.h>
 #include <openssl/ssl3.h>
 #include <openssl/tls1.h>       /* This is mostly sslv3 with a few tweaks */
 #include <openssl/dtls1.h>      /* Datagram TLS */
-#include <openssl/ssl23.h>
 #include <openssl/srtp.h>       /* Support for the use_srtp extension */
 #ifdef  __cplusplus
@@ -2331,6 +2329,12 @@ void ERR_load_SSL_strings(void);
 int OPENSSL_init_ssl(uint64_t opts, const void *settings);
 int SSL_library_init(void);
+/*
+ * A few things still use this without #ifdef guard.
+ */
+#define SSL2_VERSION    0x0002
 #ifdef  __cplusplus
 }
 #endif
diff --git a/src/lib/libssl/ssl2.h b/src/lib/libssl/ssl2.h
deleted file mode 100644
index 3a8d300729..0000000000
--- a/src/lib/libssl/ssl2.h
+++ /dev/null
@@ -1,153 +0,0 @@
-/* $OpenBSD: ssl2.h,v 1.12 2014/12/14 15:30:50 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-#ifndef HEADER_SSL2_H
-#define HEADER_SSL2_H
-#ifdef  __cplusplus
-extern "C" {
-#endif
-/* Protocol Version Codes */
-#define SSL2_VERSION            0x0002
-#define SSL2_VERSION_MAJOR      0x00
-#define SSL2_VERSION_MINOR      0x02
-/* #define SSL2_CLIENT_VERSION  0x0002 */
-/* #define SSL2_SERVER_VERSION  0x0002 */
-/* Protocol Message Codes */
-#define SSL2_MT_ERROR                   0
-#define SSL2_MT_CLIENT_HELLO            1
-#define SSL2_MT_CLIENT_MASTER_KEY       2
-#define SSL2_MT_CLIENT_FINISHED         3
-#define SSL2_MT_SERVER_HELLO            4
-#define SSL2_MT_SERVER_VERIFY           5
-#define SSL2_MT_SERVER_FINISHED         6
-#define SSL2_MT_REQUEST_CERTIFICATE     7
-#define SSL2_MT_CLIENT_CERTIFICATE      8
-/* Error Message Codes */
-#define SSL2_PE_UNDEFINED_ERROR         0x0000
-#define SSL2_PE_NO_CIPHER               0x0001
-#define SSL2_PE_NO_CERTIFICATE          0x0002
-#define SSL2_PE_BAD_CERTIFICATE         0x0004
-#define SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE 0x0006
-/* Cipher Kind Values */
-#define SSL2_CK_NULL_WITH_MD5                   0x02000000 /* v3 */
-#define SSL2_CK_RC4_128_WITH_MD5                0x02010080
-#define SSL2_CK_RC4_128_EXPORT40_WITH_MD5       0x02020080
-#define SSL2_CK_RC2_128_CBC_WITH_MD5            0x02030080
-#define SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5   0x02040080
-#define SSL2_CK_IDEA_128_CBC_WITH_MD5           0x02050080
-#define SSL2_CK_DES_64_CBC_WITH_MD5             0x02060040
-#define SSL2_CK_DES_64_CBC_WITH_SHA             0x02060140 /* v3 */
-#define SSL2_CK_DES_192_EDE3_CBC_WITH_MD5       0x020700c0
-#define SSL2_CK_DES_192_EDE3_CBC_WITH_SHA       0x020701c0 /* v3 */
-#define SSL2_CK_RC4_64_WITH_MD5                 0x02080080 /* MS hack */
-#define SSL2_CK_DES_64_CFB64_WITH_MD5_1         0x02ff0800 /* SSLeay */
-#define SSL2_CK_NULL                            0x02ff0810 /* SSLeay */
-#define SSL2_TXT_DES_64_CFB64_WITH_MD5_1        "DES-CFB-M1"
-#define SSL2_TXT_NULL_WITH_MD5                  "NULL-MD5"
-#define SSL2_TXT_RC4_128_WITH_MD5               "RC4-MD5"
-#define SSL2_TXT_RC4_128_EXPORT40_WITH_MD5      "EXP-RC4-MD5"
-#define SSL2_TXT_RC2_128_CBC_WITH_MD5           "RC2-CBC-MD5"
-#define SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5  "EXP-RC2-CBC-MD5"
-#define SSL2_TXT_IDEA_128_CBC_WITH_MD5          "IDEA-CBC-MD5"
-#define SSL2_TXT_DES_64_CBC_WITH_MD5            "DES-CBC-MD5"
-#define SSL2_TXT_DES_64_CBC_WITH_SHA            "DES-CBC-SHA"
-#define SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5      "DES-CBC3-MD5"
-#define SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA      "DES-CBC3-SHA"
-#define SSL2_TXT_RC4_64_WITH_MD5                "RC4-64-MD5"
-#define SSL2_TXT_NULL                           "NULL"
-/* Flags for the SSL_CIPHER.algorithm2 field */
-#define SSL2_CF_5_BYTE_ENC                      0x01
-#define SSL2_CF_8_BYTE_ENC                      0x02
-/* Certificate Type Codes */
-#define SSL2_CT_X509_CERTIFICATE                0x01
-/* Authentication Type Code */
-#define SSL2_AT_MD5_WITH_RSA_ENCRYPTION         0x01
-#define SSL2_MAX_SSL_SESSION_ID_LENGTH          32
-/* Upper/Lower Bounds */
-#define SSL2_MAX_MASTER_KEY_LENGTH_IN_BITS      256
-#define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER    32767u  /* 2^15-1 */
-#define SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER    16383   /* 2^14-1 */
-#define SSL2_CHALLENGE_LENGTH   16
-/*#define SSL2_CHALLENGE_LENGTH 32 */
-#define SSL2_MIN_CHALLENGE_LENGTH       16
-#define SSL2_MAX_CHALLENGE_LENGTH       32
-#define SSL2_CONNECTION_ID_LENGTH       16
-#define SSL2_MAX_CONNECTION_ID_LENGTH   16
-#define SSL2_SSL_SESSION_ID_LENGTH      16
-#define SSL2_MAX_CERT_CHALLENGE_LENGTH  32
-#define SSL2_MIN_CERT_CHALLENGE_LENGTH  16
-#define SSL2_MAX_KEY_MATERIAL_LENGTH    24
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/src/lib/libssl/ssl23.h b/src/lib/libssl/ssl23.h
deleted file mode 100644
index 570e4b0171..0000000000
--- a/src/lib/libssl/ssl23.h
+++ /dev/null
@@ -1,82 +0,0 @@
-/* $OpenBSD: ssl23.h,v 1.4 2014/12/14 15:30:50 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-#ifndef HEADER_SSL23_H
-#define HEADER_SSL23_H
-#ifdef  __cplusplus
-extern "C" {
-#endif
-/*client */
-/* write to server */
-#define SSL23_ST_CW_CLNT_HELLO_A        (0x210|SSL_ST_CONNECT)
-#define SSL23_ST_CW_CLNT_HELLO_B        (0x211|SSL_ST_CONNECT)
-/* read from server */
-#define SSL23_ST_CR_SRVR_HELLO_A        (0x220|SSL_ST_CONNECT)
-#define SSL23_ST_CR_SRVR_HELLO_B        (0x221|SSL_ST_CONNECT)
-/* server */
-/* read from client */
-#define SSL23_ST_SR_CLNT_HELLO_A        (0x210|SSL_ST_ACCEPT)
-#define SSL23_ST_SR_CLNT_HELLO_B        (0x211|SSL_ST_ACCEPT)
-#ifdef  __cplusplus
-}
-#endif
-#endif
author	tb <>	2024-07-13 18:33:18 +0000
committer	tb <>	2024-07-13 18:33:18 +0000
commit	dfcd8a8d076839996503a7743601fd0ee686a0d0 (patch)
tree	4966c0a9f0261466ab6055016c251996494e5cef /src
parent	887938c431474ff916a38fb6794af1148ce9393b (diff)
download	openbsd-dfcd8a8d076839996503a7743601fd0ee686a0d0.tar.gz openbsd-dfcd8a8d076839996503a7743601fd0ee686a0d0.tar.bz2 openbsd-dfcd8a8d076839996503a7743601fd0ee686a0d0.zip

diff --git a/src/lib/libssl/Makefile b/src/lib/libssl/Makefile index 7d3b221db9..1100b99ce2 100644 --- a/src/lib/libssl/Makefile +++ b/src/lib/libssl/Makefile
@@ -1,4 +1,4 @@
1	# $OpenBSD: Makefile,v 1.83 2024/07/09 09:39:14 beck Exp $	1	# $OpenBSD: Makefile,v 1.84 2024/07/13 18:33:18 tb Exp $
2		2
3	.include <bsd.own.mk>	3	.include <bsd.own.mk>
4	.ifndef NOMAN	4	.ifndef NOMAN
@@ -89,7 +89,7 @@ SRCS= \
89	tls_key_share.c \	89	tls_key_share.c \
90	tls_lib.c	90	tls_lib.c
91		91
92	HDRS= dtls1.h srtp.h ssl.h ssl2.h ssl23.h ssl3.h tls1.h	92	HDRS= dtls1.h srtp.h ssl.h ssl3.h tls1.h
93		93
94	.PATH: ${.CURDIR}	94	.PATH: ${.CURDIR}
95		95


diff --git a/src/lib/libssl/man/ssl.3 b/src/lib/libssl/man/ssl.3 index 0c793d780d..5bceba7245 100644 --- a/src/lib/libssl/man/ssl.3 +++ b/src/lib/libssl/man/ssl.3
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: ssl.3,v 1.24 2024/05/09 17:57:36 jmc Exp $	1	.\" $OpenBSD: ssl.3,v 1.25 2024/07/13 18:33:18 tb Exp $
2	.\" full merge up to: OpenSSL e330f55d Nov 11 00:51:04 2016 +0100	2	.\" full merge up to: OpenSSL e330f55d Nov 11 00:51:04 2016 +0100
3	.\" selective merge up to: OpenSSL 322755cc Sep 1 08:40:51 2018 +0800	3	.\" selective merge up to: OpenSSL 322755cc Sep 1 08:40:51 2018 +0800
4	.\"	4	.\"
@@ -51,7 +51,7 @@
51	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	51	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
52	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	52	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
53	.\"	53	.\"
54	.Dd $Mdocdate: May 9 2024 $	54	.Dd $Mdocdate: July 13 2024 $
55	.Dt SSL 3	55	.Dt SSL 3
56	.Os	56	.Os
57	.Sh NAME	57	.Sh NAME
@@ -147,13 +147,6 @@ It internally includes both more private SSL headers and headers from the
147	library.	147	library.
148	Whenever you need hardcore details on the internals of the SSL API, look inside	148	Whenever you need hardcore details on the internals of the SSL API, look inside
149	this header file.	149	this header file.
150	.It Pa ssl2.h
151	That's the sub header file dealing with the SSLv2 protocol only.
152	.Bf Em
153	Usually you don't have to include it explicitly because it's already included
154	by
155	.Pa ssl.h .
156	.Ef
157	.It Pa ssl3.h	150	.It Pa ssl3.h
158	That's the sub header file dealing with the SSLv3 protocol only.	151	That's the sub header file dealing with the SSLv3 protocol only.
159	.Bf Em	152	.Bf Em
@@ -161,14 +154,6 @@ Usually you don't have to include it explicitly because it's already included
161	by	154	by
162	.Pa ssl.h .	155	.Pa ssl.h .
163	.Ef	156	.Ef
164	.It Pa ssl23.h
165	That's the sub header file dealing with the combined use of the SSLv2 and SSLv3
166	protocols.
167	.Bf Em
168	Usually you don't have to include it explicitly because it's already included
169	by
170	.Pa ssl.h .
171	.Ef
172	.It Pa tls1.h	157	.It Pa tls1.h
173	That's the sub header file dealing with the TLSv1 protocol only.	158	That's the sub header file dealing with the TLSv1 protocol only.
174	.Bf Em	159	.Bf Em


diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h index 22d4809868..e63312a123 100644 --- a/src/lib/libssl/ssl.h +++ b/src/lib/libssl/ssl.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl.h,v 1.237 2024/05/27 09:12:31 jsg Exp $ */	1	/* $OpenBSD: ssl.h,v 1.238 2024/07/13 18:33:18 tb Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -653,11 +653,9 @@ void SSL_set_psk_use_session_callback(SSL *s, SSL_psk_use_session_cb_func cb);
653	}	653	}
654	#endif	654	#endif
655		655
656	#include <openssl/ssl2.h>
657	#include <openssl/ssl3.h>	656	#include <openssl/ssl3.h>
658	#include <openssl/tls1.h> /* This is mostly sslv3 with a few tweaks */	657	#include <openssl/tls1.h> /* This is mostly sslv3 with a few tweaks */
659	#include <openssl/dtls1.h> /* Datagram TLS */	658	#include <openssl/dtls1.h> /* Datagram TLS */
660	#include <openssl/ssl23.h>
661	#include <openssl/srtp.h> /* Support for the use_srtp extension */	659	#include <openssl/srtp.h> /* Support for the use_srtp extension */
662		660
663	#ifdef __cplusplus	661	#ifdef __cplusplus
@@ -2331,6 +2329,12 @@ void ERR_load_SSL_strings(void);
2331	int OPENSSL_init_ssl(uint64_t opts, const void *settings);	2329	int OPENSSL_init_ssl(uint64_t opts, const void *settings);
2332	int SSL_library_init(void);	2330	int SSL_library_init(void);
2333		2331
		2332	/*
		2333	* A few things still use this without #ifdef guard.
		2334	*/
		2335
		2336	#define SSL2_VERSION 0x0002
		2337
2334	#ifdef __cplusplus	2338	#ifdef __cplusplus
2335	}	2339	}
2336	#endif	2340	#endif


diff --git a/src/lib/libssl/ssl2.h b/src/lib/libssl/ssl2.h deleted file mode 100644 index 3a8d300729..0000000000 --- a/src/lib/libssl/ssl2.h +++ /dev/null
@@ -1,153 +0,0 @@
1	/* $OpenBSD: ssl2.h,v 1.12 2014/12/14 15:30:50 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.
4	*
5	* This package is an SSL implementation written
6	* by Eric Young (eay@cryptsoft.com).
7	* The implementation was written so as to conform with Netscapes SSL.
8	*
9	* This library is free for commercial and non-commercial use as long as
10	* the following conditions are aheared to. The following conditions
11	* apply to all code found in this distribution, be it the RC4, RSA,
12	* lhash, DES, etc., code; not just the SSL code. The SSL documentation
13	* included with this distribution is covered by the same copyright terms
14	* except that the holder is Tim Hudson (tjh@cryptsoft.com).
15	*
16	* Copyright remains Eric Young's, and as such any Copyright notices in
17	* the code are not to be removed.
18	* If this package is used in a product, Eric Young should be given attribution
19	* as the author of the parts of the library used.
20	* This can be in the form of a textual message at program startup or
21	* in documentation (online or textual) provided with the package.
22	*
23	* Redistribution and use in source and binary forms, with or without
24	* modification, are permitted provided that the following conditions
25	* are met:
26	* 1. Redistributions of source code must retain the copyright
27	* notice, this list of conditions and the following disclaimer.
28	* 2. Redistributions in binary form must reproduce the above copyright
29	* notice, this list of conditions and the following disclaimer in the
30	* documentation and/or other materials provided with the distribution.
31	* 3. All advertising materials mentioning features or use of this software
32	* must display the following acknowledgement:
33	* "This product includes cryptographic software written by
34	* Eric Young (eay@cryptsoft.com)"
35	* The word 'cryptographic' can be left out if the rouines from the library
36	* being used are not cryptographic related :-).
37	* 4. If you include any Windows specific code (or a derivative thereof) from
38	* the apps directory (application code) you must include an acknowledgement:
39	* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40	*
41	* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44	* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51	* SUCH DAMAGE.
52	*
53	* The licence and distribution terms for any publically available version or
54	* derivative of this code cannot be changed. i.e. this code cannot simply be
55	* copied and put under another distribution licence
56	* [including the GNU Public Licence.]
57	*/
58
59	#ifndef HEADER_SSL2_H
60	#define HEADER_SSL2_H
61
62	#ifdef __cplusplus
63	extern "C" {
64	#endif
65
66	/* Protocol Version Codes */
67	#define SSL2_VERSION 0x0002
68	#define SSL2_VERSION_MAJOR 0x00
69	#define SSL2_VERSION_MINOR 0x02
70	/* #define SSL2_CLIENT_VERSION 0x0002 */
71	/* #define SSL2_SERVER_VERSION 0x0002 */
72
73	/* Protocol Message Codes */
74	#define SSL2_MT_ERROR 0
75	#define SSL2_MT_CLIENT_HELLO 1
76	#define SSL2_MT_CLIENT_MASTER_KEY 2
77	#define SSL2_MT_CLIENT_FINISHED 3
78	#define SSL2_MT_SERVER_HELLO 4
79	#define SSL2_MT_SERVER_VERIFY 5
80	#define SSL2_MT_SERVER_FINISHED 6
81	#define SSL2_MT_REQUEST_CERTIFICATE 7
82	#define SSL2_MT_CLIENT_CERTIFICATE 8
83
84	/* Error Message Codes */
85	#define SSL2_PE_UNDEFINED_ERROR 0x0000
86	#define SSL2_PE_NO_CIPHER 0x0001
87	#define SSL2_PE_NO_CERTIFICATE 0x0002
88	#define SSL2_PE_BAD_CERTIFICATE 0x0004
89	#define SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE 0x0006
90
91	/* Cipher Kind Values */
92	#define SSL2_CK_NULL_WITH_MD5 0x02000000 /* v3 */
93	#define SSL2_CK_RC4_128_WITH_MD5 0x02010080
94	#define SSL2_CK_RC4_128_EXPORT40_WITH_MD5 0x02020080
95	#define SSL2_CK_RC2_128_CBC_WITH_MD5 0x02030080
96	#define SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5 0x02040080
97	#define SSL2_CK_IDEA_128_CBC_WITH_MD5 0x02050080
98	#define SSL2_CK_DES_64_CBC_WITH_MD5 0x02060040
99	#define SSL2_CK_DES_64_CBC_WITH_SHA 0x02060140 /* v3 */
100	#define SSL2_CK_DES_192_EDE3_CBC_WITH_MD5 0x020700c0
101	#define SSL2_CK_DES_192_EDE3_CBC_WITH_SHA 0x020701c0 /* v3 */
102	#define SSL2_CK_RC4_64_WITH_MD5 0x02080080 /* MS hack */
103
104	#define SSL2_CK_DES_64_CFB64_WITH_MD5_1 0x02ff0800 /* SSLeay */
105	#define SSL2_CK_NULL 0x02ff0810 /* SSLeay */
106
107	#define SSL2_TXT_DES_64_CFB64_WITH_MD5_1 "DES-CFB-M1"
108	#define SSL2_TXT_NULL_WITH_MD5 "NULL-MD5"
109	#define SSL2_TXT_RC4_128_WITH_MD5 "RC4-MD5"
110	#define SSL2_TXT_RC4_128_EXPORT40_WITH_MD5 "EXP-RC4-MD5"
111	#define SSL2_TXT_RC2_128_CBC_WITH_MD5 "RC2-CBC-MD5"
112	#define SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 "EXP-RC2-CBC-MD5"
113	#define SSL2_TXT_IDEA_128_CBC_WITH_MD5 "IDEA-CBC-MD5"
114	#define SSL2_TXT_DES_64_CBC_WITH_MD5 "DES-CBC-MD5"
115	#define SSL2_TXT_DES_64_CBC_WITH_SHA "DES-CBC-SHA"
116	#define SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5 "DES-CBC3-MD5"
117	#define SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA "DES-CBC3-SHA"
118	#define SSL2_TXT_RC4_64_WITH_MD5 "RC4-64-MD5"
119
120	#define SSL2_TXT_NULL "NULL"
121
122	/* Flags for the SSL_CIPHER.algorithm2 field */
123	#define SSL2_CF_5_BYTE_ENC 0x01
124	#define SSL2_CF_8_BYTE_ENC 0x02
125
126	/* Certificate Type Codes */
127	#define SSL2_CT_X509_CERTIFICATE 0x01
128
129	/* Authentication Type Code */
130	#define SSL2_AT_MD5_WITH_RSA_ENCRYPTION 0x01
131
132	#define SSL2_MAX_SSL_SESSION_ID_LENGTH 32
133
134	/* Upper/Lower Bounds */
135	#define SSL2_MAX_MASTER_KEY_LENGTH_IN_BITS 256
136	#define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER 32767u /* 2^15-1 */
137	#define SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER 16383 /* 2^14-1 */
138
139	#define SSL2_CHALLENGE_LENGTH 16
140	/#define SSL2_CHALLENGE_LENGTH 32 /
141	#define SSL2_MIN_CHALLENGE_LENGTH 16
142	#define SSL2_MAX_CHALLENGE_LENGTH 32
143	#define SSL2_CONNECTION_ID_LENGTH 16
144	#define SSL2_MAX_CONNECTION_ID_LENGTH 16
145	#define SSL2_SSL_SESSION_ID_LENGTH 16
146	#define SSL2_MAX_CERT_CHALLENGE_LENGTH 32
147	#define SSL2_MIN_CERT_CHALLENGE_LENGTH 16
148	#define SSL2_MAX_KEY_MATERIAL_LENGTH 24
149
150	#ifdef __cplusplus
151	}
152	#endif
153	#endif


diff --git a/src/lib/libssl/ssl23.h b/src/lib/libssl/ssl23.h deleted file mode 100644 index 570e4b0171..0000000000 --- a/src/lib/libssl/ssl23.h +++ /dev/null
@@ -1,82 +0,0 @@
1	/* $OpenBSD: ssl23.h,v 1.4 2014/12/14 15:30:50 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.
4	*
5	* This package is an SSL implementation written
6	* by Eric Young (eay@cryptsoft.com).
7	* The implementation was written so as to conform with Netscapes SSL.
8	*
9	* This library is free for commercial and non-commercial use as long as
10	* the following conditions are aheared to. The following conditions
11	* apply to all code found in this distribution, be it the RC4, RSA,
12	* lhash, DES, etc., code; not just the SSL code. The SSL documentation
13	* included with this distribution is covered by the same copyright terms
14	* except that the holder is Tim Hudson (tjh@cryptsoft.com).
15	*
16	* Copyright remains Eric Young's, and as such any Copyright notices in
17	* the code are not to be removed.
18	* If this package is used in a product, Eric Young should be given attribution
19	* as the author of the parts of the library used.
20	* This can be in the form of a textual message at program startup or
21	* in documentation (online or textual) provided with the package.
22	*
23	* Redistribution and use in source and binary forms, with or without
24	* modification, are permitted provided that the following conditions
25	* are met:
26	* 1. Redistributions of source code must retain the copyright
27	* notice, this list of conditions and the following disclaimer.
28	* 2. Redistributions in binary form must reproduce the above copyright
29	* notice, this list of conditions and the following disclaimer in the
30	* documentation and/or other materials provided with the distribution.
31	* 3. All advertising materials mentioning features or use of this software
32	* must display the following acknowledgement:
33	* "This product includes cryptographic software written by
34	* Eric Young (eay@cryptsoft.com)"
35	* The word 'cryptographic' can be left out if the rouines from the library
36	* being used are not cryptographic related :-).
37	* 4. If you include any Windows specific code (or a derivative thereof) from
38	* the apps directory (application code) you must include an acknowledgement:
39	* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40	*
41	* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44	* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51	* SUCH DAMAGE.
52	*
53	* The licence and distribution terms for any publically available version or
54	* derivative of this code cannot be changed. i.e. this code cannot simply be
55	* copied and put under another distribution licence
56	* [including the GNU Public Licence.]
57	*/
58
59	#ifndef HEADER_SSL23_H
60	#define HEADER_SSL23_H
61
62	#ifdef __cplusplus
63	extern "C" {
64	#endif
65
66	/client /
67	/* write to server */
68	#define SSL23_ST_CW_CLNT_HELLO_A (0x210\|SSL_ST_CONNECT)
69	#define SSL23_ST_CW_CLNT_HELLO_B (0x211\|SSL_ST_CONNECT)
70	/* read from server */
71	#define SSL23_ST_CR_SRVR_HELLO_A (0x220\|SSL_ST_CONNECT)
72	#define SSL23_ST_CR_SRVR_HELLO_B (0x221\|SSL_ST_CONNECT)
73
74	/* server */
75	/* read from client */
76	#define SSL23_ST_SR_CLNT_HELLO_A (0x210\|SSL_ST_ACCEPT)
77	#define SSL23_ST_SR_CLNT_HELLO_B (0x211\|SSL_ST_ACCEPT)
78
79	#ifdef __cplusplus
80	}
81	#endif
82	#endif