2 files changed, 11 insertions, 11 deletions
diff --git a/src/lib/libssl/tls13_legacy.c b/src/lib/libssl/tls13_legacy.c
index 8aa806aa45..bacd11b950 100644
--- a/src/lib/libssl/tls13_legacy.c
+++ b/src/lib/libssl/tls13_legacy.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: tls13_legacy.c,v 1.20 2021/01/04 19:19:12 tb Exp $ */
+/*      $OpenBSD: tls13_legacy.c,v 1.21 2021/01/07 16:26:31 tb Exp $ */
 /*
 * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
 *
@@ -515,14 +515,14 @@ tls13_legacy_servername_process(struct tls13_ctx *ctx, uint8_t *alert)
        int legacy_alert = SSL_AD_UNRECOGNIZED_NAME;
        int ret = SSL_TLSEXT_ERR_NOACK;
        SSL_CTX *ssl_ctx = ctx->ssl->ctx;
-        SSL *ssl = ctx->ssl;
+        SSL *s = ctx->ssl;
        if (ssl_ctx->internal->tlsext_servername_callback == NULL)
-                ssl_ctx = ssl->initial_ctx;
+                ssl_ctx = s->initial_ctx;
        if (ssl_ctx->internal->tlsext_servername_callback == NULL)
                return 1;
-        ret = ssl_ctx->internal->tlsext_servername_callback(ssl, &legacy_alert,
+        ret = ssl_ctx->internal->tlsext_servername_callback(s, &legacy_alert,
            ssl_ctx->internal->tlsext_servername_arg);
        if (ret == SSL_TLSEXT_ERR_ALERT_FATAL ||
diff --git a/src/lib/libssl/tls13_server.c b/src/lib/libssl/tls13_server.c
index f929e132a8..2062d4956c 100644
--- a/src/lib/libssl/tls13_server.c
+++ b/src/lib/libssl/tls13_server.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_server.c,v 1.67 2021/01/06 20:15:35 tb Exp $ */
+/* $OpenBSD: tls13_server.c,v 1.68 2021/01/07 16:26:31 tb Exp $ */
 /*
 * Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org>
 * Copyright (c) 2020 Bob Beck <beck@openbsd.org>
@@ -99,7 +99,7 @@ tls13_client_hello_is_legacy(CBS *cbs)
 int
 tls13_client_hello_required_extensions(struct tls13_ctx *ctx)
 {
-        SSL *ssl = ctx->ssl;
+        SSL *s = ctx->ssl;
        /*
         * RFC 8446, section 9.2. If the ClientHello has supported_versions
@@ -111,10 +111,10 @@ tls13_client_hello_required_extensions(struct tls13_ctx *ctx)
         * If we got no pre_shared_key, then signature_algorithms and
         * supported_groups must both be present.
         */
-        if (!tlsext_extension_seen(ssl, TLSEXT_TYPE_pre_shared_key)) {
+        if (!tlsext_extension_seen(s, TLSEXT_TYPE_pre_shared_key)) {
-                if (!tlsext_extension_seen(ssl, TLSEXT_TYPE_signature_algorithms))
+                if (!tlsext_extension_seen(s, TLSEXT_TYPE_signature_algorithms))
                        return 0;
-                if (!tlsext_extension_seen(ssl, TLSEXT_TYPE_supported_groups))
+                if (!tlsext_extension_seen(s, TLSEXT_TYPE_supported_groups))
                        return 0;
        }
@@ -122,8 +122,8 @@ tls13_client_hello_required_extensions(struct tls13_ctx *ctx)
         * supported_groups and key_share must either both be present or
         * both be absent.
         */
-        if (tlsext_extension_seen(ssl, TLSEXT_TYPE_supported_groups) !=
+        if (tlsext_extension_seen(s, TLSEXT_TYPE_supported_groups) !=
-            tlsext_extension_seen(ssl, TLSEXT_TYPE_key_share))
+            tlsext_extension_seen(s, TLSEXT_TYPE_key_share))
                return 0;
        /*

diff --git a/src/lib/libssl/tls13_legacy.c b/src/lib/libssl/tls13_legacy.c index 8aa806aa45..bacd11b950 100644 --- a/src/lib/libssl/tls13_legacy.c +++ b/src/lib/libssl/tls13_legacy.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: tls13_legacy.c,v 1.20 2021/01/04 19:19:12 tb Exp $ */	1	/* $OpenBSD: tls13_legacy.c,v 1.21 2021/01/07 16:26:31 tb Exp $ */
2	/*	2	/*
3	* Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>	3	* Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
4	*	4	*
@@ -515,14 +515,14 @@ tls13_legacy_servername_process(struct tls13_ctx ctx, uint8_t alert)
515	int legacy_alert = SSL_AD_UNRECOGNIZED_NAME;	515	int legacy_alert = SSL_AD_UNRECOGNIZED_NAME;
516	int ret = SSL_TLSEXT_ERR_NOACK;	516	int ret = SSL_TLSEXT_ERR_NOACK;
517	SSL_CTX *ssl_ctx = ctx->ssl->ctx;	517	SSL_CTX *ssl_ctx = ctx->ssl->ctx;
518	SSL *ssl = ctx->ssl;	518	SSL *s = ctx->ssl;
519		519
520	if (ssl_ctx->internal->tlsext_servername_callback == NULL)	520	if (ssl_ctx->internal->tlsext_servername_callback == NULL)
521	ssl_ctx = ssl->initial_ctx;	521	ssl_ctx = s->initial_ctx;
522	if (ssl_ctx->internal->tlsext_servername_callback == NULL)	522	if (ssl_ctx->internal->tlsext_servername_callback == NULL)
523	return 1;	523	return 1;
524		524
525	ret = ssl_ctx->internal->tlsext_servername_callback(ssl, &legacy_alert,	525	ret = ssl_ctx->internal->tlsext_servername_callback(s, &legacy_alert,
526	ssl_ctx->internal->tlsext_servername_arg);	526	ssl_ctx->internal->tlsext_servername_arg);
527		527
528	if (ret == SSL_TLSEXT_ERR_ALERT_FATAL \|\|	528	if (ret == SSL_TLSEXT_ERR_ALERT_FATAL \|\|


diff --git a/src/lib/libssl/tls13_server.c b/src/lib/libssl/tls13_server.c index f929e132a8..2062d4956c 100644 --- a/src/lib/libssl/tls13_server.c +++ b/src/lib/libssl/tls13_server.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: tls13_server.c,v 1.67 2021/01/06 20:15:35 tb Exp $ */	1	/* $OpenBSD: tls13_server.c,v 1.68 2021/01/07 16:26:31 tb Exp $ */
2	/*	2	/*
3	* Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org>	3	* Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org>
4	* Copyright (c) 2020 Bob Beck <beck@openbsd.org>	4	* Copyright (c) 2020 Bob Beck <beck@openbsd.org>
@@ -99,7 +99,7 @@ tls13_client_hello_is_legacy(CBS *cbs)
99	int	99	int
100	tls13_client_hello_required_extensions(struct tls13_ctx *ctx)	100	tls13_client_hello_required_extensions(struct tls13_ctx *ctx)
101	{	101	{
102	SSL *ssl = ctx->ssl;	102	SSL *s = ctx->ssl;
103		103
104	/*	104	/*
105	* RFC 8446, section 9.2. If the ClientHello has supported_versions	105	* RFC 8446, section 9.2. If the ClientHello has supported_versions
@@ -111,10 +111,10 @@ tls13_client_hello_required_extensions(struct tls13_ctx *ctx)
111	* If we got no pre_shared_key, then signature_algorithms and	111	* If we got no pre_shared_key, then signature_algorithms and
112	* supported_groups must both be present.	112	* supported_groups must both be present.
113	*/	113	*/
114	if (!tlsext_extension_seen(ssl, TLSEXT_TYPE_pre_shared_key)) {	114	if (!tlsext_extension_seen(s, TLSEXT_TYPE_pre_shared_key)) {
115	if (!tlsext_extension_seen(ssl, TLSEXT_TYPE_signature_algorithms))	115	if (!tlsext_extension_seen(s, TLSEXT_TYPE_signature_algorithms))
116	return 0;	116	return 0;
117	if (!tlsext_extension_seen(ssl, TLSEXT_TYPE_supported_groups))	117	if (!tlsext_extension_seen(s, TLSEXT_TYPE_supported_groups))
118	return 0;	118	return 0;
119	}	119	}
120		120
@@ -122,8 +122,8 @@ tls13_client_hello_required_extensions(struct tls13_ctx *ctx)
122	* supported_groups and key_share must either both be present or	122	* supported_groups and key_share must either both be present or
123	* both be absent.	123	* both be absent.
124	*/	124	*/
125	if (tlsext_extension_seen(ssl, TLSEXT_TYPE_supported_groups) !=	125	if (tlsext_extension_seen(s, TLSEXT_TYPE_supported_groups) !=
126	tlsext_extension_seen(ssl, TLSEXT_TYPE_key_share))	126	tlsext_extension_seen(s, TLSEXT_TYPE_key_share))
127	return 0;	127	return 0;
128		128
129	/*	129	/*