3 files changed, 3 insertions, 73 deletions
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index df115725a0..e6b5576545 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.347 2021/05/16 15:49:01 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.348 2021/06/13 15:34:41 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -1257,7 +1257,6 @@ int tls1_generate_key_block(SSL *s, uint8_t *key_block, size_t key_block_len);
 int tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen,
    const char *label, size_t llen, const unsigned char *p, size_t plen,
    int use_context);
-int tls1_alert_code(int code);
 int ssl_ok(SSL *s);
 int tls12_derive_finished(SSL *s);
diff --git a/src/lib/libssl/ssl_pkt.c b/src/lib/libssl/ssl_pkt.c
index ae47055079..e959ccaf2f 100644
--- a/src/lib/libssl/ssl_pkt.c
+++ b/src/lib/libssl/ssl_pkt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_pkt.c,v 1.43 2021/05/16 14:10:43 jsing Exp $ */
+/* $OpenBSD: ssl_pkt.c,v 1.44 2021/06/13 15:34:41 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -1181,10 +1181,6 @@ ssl3_do_change_cipher_spec(SSL *s)
 int
 ssl3_send_alert(SSL *s, int level, int desc)
 {
-        /* Map tls/ssl alert value to correct one */
-        desc = tls1_alert_code(desc);
-        if (desc < 0)
-                return -1;
        /* If a fatal one, remove from cache */
        if ((level == 2) && (s->session != NULL))
                SSL_CTX_remove_session(s->ctx, s->session);
diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c
index 87d2f9e590..15afb1bae8 100644
--- a/src/lib/libssl/t1_enc.c
+++ b/src/lib/libssl/t1_enc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_enc.c,v 1.149 2021/06/13 15:29:19 jsing Exp $ */
+/* $OpenBSD: t1_enc.c,v 1.150 2021/06/13 15:34:41 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -494,68 +494,3 @@ tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen,
        return (rv);
 }
-int
-tls1_alert_code(int code)
-{
-        switch (code) {
-        case SSL_AD_CLOSE_NOTIFY:
-                return (SSL3_AD_CLOSE_NOTIFY);
-        case SSL_AD_UNEXPECTED_MESSAGE:
-                return (SSL3_AD_UNEXPECTED_MESSAGE);
-        case SSL_AD_BAD_RECORD_MAC:
-                return (SSL3_AD_BAD_RECORD_MAC);
-        case SSL_AD_RECORD_OVERFLOW:
-                return (TLS1_AD_RECORD_OVERFLOW);
-        case SSL_AD_DECOMPRESSION_FAILURE:
-                return (SSL3_AD_DECOMPRESSION_FAILURE);
-        case SSL_AD_HANDSHAKE_FAILURE:
-                return (SSL3_AD_HANDSHAKE_FAILURE);
-        case SSL_AD_BAD_CERTIFICATE:
-                return (SSL3_AD_BAD_CERTIFICATE);
-        case SSL_AD_UNSUPPORTED_CERTIFICATE:
-                return (SSL3_AD_UNSUPPORTED_CERTIFICATE);
-        case SSL_AD_CERTIFICATE_REVOKED:
-                return (SSL3_AD_CERTIFICATE_REVOKED);
-        case SSL_AD_CERTIFICATE_EXPIRED:
-                return (SSL3_AD_CERTIFICATE_EXPIRED);
-        case SSL_AD_CERTIFICATE_UNKNOWN:
-                return (SSL3_AD_CERTIFICATE_UNKNOWN);
-        case SSL_AD_ILLEGAL_PARAMETER:
-                return (SSL3_AD_ILLEGAL_PARAMETER);
-        case SSL_AD_UNKNOWN_CA:
-                return (TLS1_AD_UNKNOWN_CA);
-        case SSL_AD_ACCESS_DENIED:
-                return (TLS1_AD_ACCESS_DENIED);
-        case SSL_AD_DECODE_ERROR:
-                return (TLS1_AD_DECODE_ERROR);
-        case SSL_AD_DECRYPT_ERROR:
-                return (TLS1_AD_DECRYPT_ERROR);
-        case SSL_AD_PROTOCOL_VERSION:
-                return (TLS1_AD_PROTOCOL_VERSION);
-        case SSL_AD_INSUFFICIENT_SECURITY:
-                return (TLS1_AD_INSUFFICIENT_SECURITY);
-        case SSL_AD_INTERNAL_ERROR:
-                return (TLS1_AD_INTERNAL_ERROR);
-        case SSL_AD_INAPPROPRIATE_FALLBACK:
-                return(TLS1_AD_INAPPROPRIATE_FALLBACK);
-        case SSL_AD_USER_CANCELLED:
-                return (TLS1_AD_USER_CANCELLED);
-        case SSL_AD_NO_RENEGOTIATION:
-                return (TLS1_AD_NO_RENEGOTIATION);
-        case SSL_AD_UNSUPPORTED_EXTENSION:
-                return (TLS1_AD_UNSUPPORTED_EXTENSION);
-        case SSL_AD_CERTIFICATE_UNOBTAINABLE:
-                return (TLS1_AD_CERTIFICATE_UNOBTAINABLE);
-        case SSL_AD_UNRECOGNIZED_NAME:
-                return (TLS1_AD_UNRECOGNIZED_NAME);
-        case SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE:
-                return (TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE);
-        case SSL_AD_BAD_CERTIFICATE_HASH_VALUE:
-                return (TLS1_AD_BAD_CERTIFICATE_HASH_VALUE);
-        case SSL_AD_UNKNOWN_PSK_IDENTITY:
-                return (TLS1_AD_UNKNOWN_PSK_IDENTITY);
-        default:
-                return (-1);
-        }
-}

diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h index df115725a0..e6b5576545 100644 --- a/src/lib/libssl/ssl_locl.h +++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_locl.h,v 1.347 2021/05/16 15:49:01 jsing Exp $ */	1	/* $OpenBSD: ssl_locl.h,v 1.348 2021/06/13 15:34:41 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -1257,7 +1257,6 @@ int tls1_generate_key_block(SSL s, uint8_t key_block, size_t key_block_len);
1257	int tls1_export_keying_material(SSL s, unsigned char out, size_t olen,	1257	int tls1_export_keying_material(SSL s, unsigned char out, size_t olen,
1258	const char label, size_t llen, const unsigned char p, size_t plen,	1258	const char label, size_t llen, const unsigned char p, size_t plen,
1259	int use_context);	1259	int use_context);
1260	int tls1_alert_code(int code);
1261	int ssl_ok(SSL *s);	1260	int ssl_ok(SSL *s);
1262		1261
1263	int tls12_derive_finished(SSL *s);	1262	int tls12_derive_finished(SSL *s);


diff --git a/src/lib/libssl/ssl_pkt.c b/src/lib/libssl/ssl_pkt.c index ae47055079..e959ccaf2f 100644 --- a/src/lib/libssl/ssl_pkt.c +++ b/src/lib/libssl/ssl_pkt.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_pkt.c,v 1.43 2021/05/16 14:10:43 jsing Exp $ */	1	/* $OpenBSD: ssl_pkt.c,v 1.44 2021/06/13 15:34:41 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -1181,10 +1181,6 @@ ssl3_do_change_cipher_spec(SSL *s)
1181	int	1181	int
1182	ssl3_send_alert(SSL *s, int level, int desc)	1182	ssl3_send_alert(SSL *s, int level, int desc)
1183	{	1183	{
1184	/* Map tls/ssl alert value to correct one */
1185	desc = tls1_alert_code(desc);
1186	if (desc < 0)
1187	return -1;
1188	/* If a fatal one, remove from cache */	1184	/* If a fatal one, remove from cache */
1189	if ((level == 2) && (s->session != NULL))	1185	if ((level == 2) && (s->session != NULL))
1190	SSL_CTX_remove_session(s->ctx, s->session);	1186	SSL_CTX_remove_session(s->ctx, s->session);


diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c index 87d2f9e590..15afb1bae8 100644 --- a/src/lib/libssl/t1_enc.c +++ b/src/lib/libssl/t1_enc.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: t1_enc.c,v 1.149 2021/06/13 15:29:19 jsing Exp $ */	1	/* $OpenBSD: t1_enc.c,v 1.150 2021/06/13 15:34:41 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -494,68 +494,3 @@ tls1_export_keying_material(SSL s, unsigned char out, size_t olen,
494		494
495	return (rv);	495	return (rv);
496	}	496	}
497
498	int
499	tls1_alert_code(int code)
500	{
501	switch (code) {
502	case SSL_AD_CLOSE_NOTIFY:
503	return (SSL3_AD_CLOSE_NOTIFY);
504	case SSL_AD_UNEXPECTED_MESSAGE:
505	return (SSL3_AD_UNEXPECTED_MESSAGE);
506	case SSL_AD_BAD_RECORD_MAC:
507	return (SSL3_AD_BAD_RECORD_MAC);
508	case SSL_AD_RECORD_OVERFLOW:
509	return (TLS1_AD_RECORD_OVERFLOW);
510	case SSL_AD_DECOMPRESSION_FAILURE:
511	return (SSL3_AD_DECOMPRESSION_FAILURE);
512	case SSL_AD_HANDSHAKE_FAILURE:
513	return (SSL3_AD_HANDSHAKE_FAILURE);
514	case SSL_AD_BAD_CERTIFICATE:
515	return (SSL3_AD_BAD_CERTIFICATE);
516	case SSL_AD_UNSUPPORTED_CERTIFICATE:
517	return (SSL3_AD_UNSUPPORTED_CERTIFICATE);
518	case SSL_AD_CERTIFICATE_REVOKED:
519	return (SSL3_AD_CERTIFICATE_REVOKED);
520	case SSL_AD_CERTIFICATE_EXPIRED:
521	return (SSL3_AD_CERTIFICATE_EXPIRED);
522	case SSL_AD_CERTIFICATE_UNKNOWN:
523	return (SSL3_AD_CERTIFICATE_UNKNOWN);
524	case SSL_AD_ILLEGAL_PARAMETER:
525	return (SSL3_AD_ILLEGAL_PARAMETER);
526	case SSL_AD_UNKNOWN_CA:
527	return (TLS1_AD_UNKNOWN_CA);
528	case SSL_AD_ACCESS_DENIED:
529	return (TLS1_AD_ACCESS_DENIED);
530	case SSL_AD_DECODE_ERROR:
531	return (TLS1_AD_DECODE_ERROR);
532	case SSL_AD_DECRYPT_ERROR:
533	return (TLS1_AD_DECRYPT_ERROR);
534	case SSL_AD_PROTOCOL_VERSION:
535	return (TLS1_AD_PROTOCOL_VERSION);
536	case SSL_AD_INSUFFICIENT_SECURITY:
537	return (TLS1_AD_INSUFFICIENT_SECURITY);
538	case SSL_AD_INTERNAL_ERROR:
539	return (TLS1_AD_INTERNAL_ERROR);
540	case SSL_AD_INAPPROPRIATE_FALLBACK:
541	return(TLS1_AD_INAPPROPRIATE_FALLBACK);
542	case SSL_AD_USER_CANCELLED:
543	return (TLS1_AD_USER_CANCELLED);
544	case SSL_AD_NO_RENEGOTIATION:
545	return (TLS1_AD_NO_RENEGOTIATION);
546	case SSL_AD_UNSUPPORTED_EXTENSION:
547	return (TLS1_AD_UNSUPPORTED_EXTENSION);
548	case SSL_AD_CERTIFICATE_UNOBTAINABLE:
549	return (TLS1_AD_CERTIFICATE_UNOBTAINABLE);
550	case SSL_AD_UNRECOGNIZED_NAME:
551	return (TLS1_AD_UNRECOGNIZED_NAME);
552	case SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE:
553	return (TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE);
554	case SSL_AD_BAD_CERTIFICATE_HASH_VALUE:
555	return (TLS1_AD_BAD_CERTIFICATE_HASH_VALUE);
556	case SSL_AD_UNKNOWN_PSK_IDENTITY:
557	return (TLS1_AD_UNKNOWN_PSK_IDENTITY);
558	default:
559	return (-1);
560	}
561	}