diff options
| -rw-r--r-- | src/lib/libssl/d1_lib.c | 10 | ||||
| -rw-r--r-- | src/lib/libssl/ssl_lib.c | 16 | ||||
| -rw-r--r-- | src/lib/libssl/ssl_locl.h | 7 | ||||
| -rw-r--r-- | src/lib/libssl/ssl_methods.c | 38 | ||||
| -rw-r--r-- | src/lib/libssl/t1_lib.c | 10 |
5 files changed, 17 insertions, 64 deletions
diff --git a/src/lib/libssl/d1_lib.c b/src/lib/libssl/d1_lib.c index b7ba6b1092..1f818307d1 100644 --- a/src/lib/libssl/d1_lib.c +++ b/src/lib/libssl/d1_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: d1_lib.c,v 1.45 2020/03/12 17:01:53 jsing Exp $ */ | 1 | /* $OpenBSD: d1_lib.c,v 1.46 2020/07/07 19:31:11 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * DTLS implementation written by Nagendra Modadugu | 3 | * DTLS implementation written by Nagendra Modadugu |
| 4 | * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. | 4 | * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. |
| @@ -76,14 +76,6 @@ SSL3_ENC_METHOD DTLSv1_enc_data = { | |||
| 76 | .enc_flags = SSL_ENC_FLAG_EXPLICIT_IV, | 76 | .enc_flags = SSL_ENC_FLAG_EXPLICIT_IV, |
| 77 | }; | 77 | }; |
| 78 | 78 | ||
| 79 | long | ||
| 80 | dtls1_default_timeout(void) | ||
| 81 | { | ||
| 82 | /* 2 hours, the 24 hours mentioned in the DTLSv1 spec | ||
| 83 | * is way too long for http, the cache would over fill */ | ||
| 84 | return (60*60*2); | ||
| 85 | } | ||
| 86 | |||
| 87 | int | 79 | int |
| 88 | dtls1_new(SSL *s) | 80 | dtls1_new(SSL *s) |
| 89 | { | 81 | { |
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c index 6ef2083f52..b93a851507 100644 --- a/src/lib/libssl/ssl_lib.c +++ b/src/lib/libssl/ssl_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_lib.c,v 1.217 2020/05/23 12:14:52 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_lib.c,v 1.218 2020/07/07 19:31:11 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -942,10 +942,20 @@ SSL_is_server(const SSL *s) | |||
| 942 | return s->server; | 942 | return s->server; |
| 943 | } | 943 | } |
| 944 | 944 | ||
| 945 | static long | ||
| 946 | ssl_get_default_timeout() | ||
| 947 | { | ||
| 948 | /* | ||
| 949 | * 2 hours, the 24 hours mentioned in the TLSv1 spec | ||
| 950 | * is way too long for http, the cache would over fill. | ||
| 951 | */ | ||
| 952 | return (2 * 60 * 60); | ||
| 953 | } | ||
| 954 | |||
| 945 | long | 955 | long |
| 946 | SSL_get_default_timeout(const SSL *s) | 956 | SSL_get_default_timeout(const SSL *s) |
| 947 | { | 957 | { |
| 948 | return (s->method->internal->get_timeout()); | 958 | return (ssl_get_default_timeout()); |
| 949 | } | 959 | } |
| 950 | 960 | ||
| 951 | int | 961 | int |
| @@ -1752,7 +1762,7 @@ SSL_CTX_new(const SSL_METHOD *meth) | |||
| 1752 | ret->internal->session_cache_tail = NULL; | 1762 | ret->internal->session_cache_tail = NULL; |
| 1753 | 1763 | ||
| 1754 | /* We take the system default */ | 1764 | /* We take the system default */ |
| 1755 | ret->session_timeout = meth->internal->get_timeout(); | 1765 | ret->session_timeout = ssl_get_default_timeout(); |
| 1756 | 1766 | ||
| 1757 | ret->internal->new_session_cb = 0; | 1767 | ret->internal->new_session_cb = 0; |
| 1758 | ret->internal->remove_session_cb = 0; | 1768 | ret->internal->remove_session_cb = 0; |
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h index f7a8b0786d..4faf0f245f 100644 --- a/src/lib/libssl/ssl_locl.h +++ b/src/lib/libssl/ssl_locl.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_locl.h,v 1.281 2020/07/07 19:24:23 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_locl.h,v 1.282 2020/07/07 19:31:11 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -385,9 +385,6 @@ typedef struct ssl_method_internal_st { | |||
| 385 | 385 | ||
| 386 | const struct ssl_method_st *(*get_ssl_method)(int version); | 386 | const struct ssl_method_st *(*get_ssl_method)(int version); |
| 387 | 387 | ||
| 388 | long (*get_timeout)(void); | ||
| 389 | int (*ssl_version)(void); | ||
| 390 | |||
| 391 | struct ssl3_enc_method *ssl3_enc; /* Extra SSLv3/TLS stuff */ | 388 | struct ssl3_enc_method *ssl3_enc; /* Extra SSLv3/TLS stuff */ |
| 392 | } SSL_METHOD_INTERNAL; | 389 | } SSL_METHOD_INTERNAL; |
| 393 | 390 | ||
| @@ -1226,7 +1223,6 @@ int ssl3_record_write(SSL *s, int type); | |||
| 1226 | void tls1_record_sequence_increment(unsigned char *seq); | 1223 | void tls1_record_sequence_increment(unsigned char *seq); |
| 1227 | int ssl3_do_change_cipher_spec(SSL *ssl); | 1224 | int ssl3_do_change_cipher_spec(SSL *ssl); |
| 1228 | 1225 | ||
| 1229 | long tls1_default_timeout(void); | ||
| 1230 | int dtls1_do_write(SSL *s, int type); | 1226 | int dtls1_do_write(SSL *s, int type); |
| 1231 | int ssl3_packet_read(SSL *s, int plen); | 1227 | int ssl3_packet_read(SSL *s, int plen); |
| 1232 | int ssl3_packet_extend(SSL *s, int plen); | 1228 | int ssl3_packet_extend(SSL *s, int plen); |
| @@ -1256,7 +1252,6 @@ void dtls1_get_ccs_header(unsigned char *data, struct ccs_header_st *ccs_hdr); | |||
| 1256 | void dtls1_reset_seq_numbers(SSL *s, int rw); | 1252 | void dtls1_reset_seq_numbers(SSL *s, int rw); |
| 1257 | void dtls1_build_sequence_number(unsigned char *dst, unsigned char *seq, | 1253 | void dtls1_build_sequence_number(unsigned char *dst, unsigned char *seq, |
| 1258 | unsigned short epoch); | 1254 | unsigned short epoch); |
| 1259 | long dtls1_default_timeout(void); | ||
| 1260 | struct timeval* dtls1_get_timeout(SSL *s, struct timeval* timeleft); | 1255 | struct timeval* dtls1_get_timeout(SSL *s, struct timeval* timeleft); |
| 1261 | int dtls1_check_timeout_num(SSL *s); | 1256 | int dtls1_check_timeout_num(SSL *s); |
| 1262 | int dtls1_handle_timeout(SSL *s); | 1257 | int dtls1_handle_timeout(SSL *s); |
diff --git a/src/lib/libssl/ssl_methods.c b/src/lib/libssl/ssl_methods.c index d679e3242f..5866e30f67 100644 --- a/src/lib/libssl/ssl_methods.c +++ b/src/lib/libssl/ssl_methods.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_methods.c,v 1.13 2020/07/07 19:24:23 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_methods.c,v 1.14 2020/07/07 19:31:11 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -70,8 +70,6 @@ static const SSL_METHOD_INTERNAL DTLSv1_client_method_internal_data = { | |||
| 70 | .ssl_connect = ssl3_connect, | 70 | .ssl_connect = ssl3_connect, |
| 71 | .ssl_shutdown = ssl3_shutdown, | 71 | .ssl_shutdown = ssl3_shutdown, |
| 72 | .get_ssl_method = dtls1_get_client_method, | 72 | .get_ssl_method = dtls1_get_client_method, |
| 73 | .get_timeout = dtls1_default_timeout, | ||
| 74 | .ssl_version = ssl_undefined_void_function, | ||
| 75 | .ssl_renegotiate = ssl3_renegotiate, | 73 | .ssl_renegotiate = ssl3_renegotiate, |
| 76 | .ssl_renegotiate_check = ssl3_renegotiate_check, | 74 | .ssl_renegotiate_check = ssl3_renegotiate_check, |
| 77 | .ssl_pending = ssl3_pending, | 75 | .ssl_pending = ssl3_pending, |
| @@ -122,8 +120,6 @@ static const SSL_METHOD_INTERNAL DTLSv1_method_internal_data = { | |||
| 122 | .ssl_connect = ssl3_connect, | 120 | .ssl_connect = ssl3_connect, |
| 123 | .ssl_shutdown = ssl3_shutdown, | 121 | .ssl_shutdown = ssl3_shutdown, |
| 124 | .get_ssl_method = dtls1_get_method, | 122 | .get_ssl_method = dtls1_get_method, |
| 125 | .get_timeout = dtls1_default_timeout, | ||
| 126 | .ssl_version = ssl_undefined_void_function, | ||
| 127 | .ssl_renegotiate = ssl3_renegotiate, | 123 | .ssl_renegotiate = ssl3_renegotiate, |
| 128 | .ssl_renegotiate_check = ssl3_renegotiate_check, | 124 | .ssl_renegotiate_check = ssl3_renegotiate_check, |
| 129 | .ssl_pending = ssl3_pending, | 125 | .ssl_pending = ssl3_pending, |
| @@ -172,8 +168,6 @@ static const SSL_METHOD_INTERNAL DTLSv1_server_method_internal_data = { | |||
| 172 | .ssl_connect = ssl_undefined_function, | 168 | .ssl_connect = ssl_undefined_function, |
| 173 | .ssl_shutdown = ssl3_shutdown, | 169 | .ssl_shutdown = ssl3_shutdown, |
| 174 | .get_ssl_method = dtls1_get_server_method, | 170 | .get_ssl_method = dtls1_get_server_method, |
| 175 | .get_timeout = dtls1_default_timeout, | ||
| 176 | .ssl_version = ssl_undefined_void_function, | ||
| 177 | .ssl_renegotiate = ssl3_renegotiate, | 171 | .ssl_renegotiate = ssl3_renegotiate, |
| 178 | .ssl_renegotiate_check = ssl3_renegotiate_check, | 172 | .ssl_renegotiate_check = ssl3_renegotiate_check, |
| 179 | .ssl_pending = ssl3_pending, | 173 | .ssl_pending = ssl3_pending, |
| @@ -223,8 +217,6 @@ static const SSL_METHOD_INTERNAL TLS_client_method_internal_data = { | |||
| 223 | .ssl_connect = tls13_legacy_connect, | 217 | .ssl_connect = tls13_legacy_connect, |
| 224 | .ssl_shutdown = tls13_legacy_shutdown, | 218 | .ssl_shutdown = tls13_legacy_shutdown, |
| 225 | .get_ssl_method = tls1_get_client_method, | 219 | .get_ssl_method = tls1_get_client_method, |
| 226 | .get_timeout = tls1_default_timeout, | ||
| 227 | .ssl_version = ssl_undefined_void_function, | ||
| 228 | .ssl_renegotiate = ssl_undefined_function, | 220 | .ssl_renegotiate = ssl_undefined_function, |
| 229 | .ssl_renegotiate_check = ssl_ok, | 221 | .ssl_renegotiate_check = ssl_ok, |
| 230 | .ssl_pending = tls13_legacy_pending, | 222 | .ssl_pending = tls13_legacy_pending, |
| @@ -254,8 +246,6 @@ static const SSL_METHOD_INTERNAL TLS_legacy_client_method_internal_data = { | |||
| 254 | .ssl_connect = ssl3_connect, | 246 | .ssl_connect = ssl3_connect, |
| 255 | .ssl_shutdown = ssl3_shutdown, | 247 | .ssl_shutdown = ssl3_shutdown, |
| 256 | .get_ssl_method = tls1_get_client_method, | 248 | .get_ssl_method = tls1_get_client_method, |
| 257 | .get_timeout = tls1_default_timeout, | ||
| 258 | .ssl_version = ssl_undefined_void_function, | ||
| 259 | .ssl_renegotiate = ssl_undefined_function, | 249 | .ssl_renegotiate = ssl_undefined_function, |
| 260 | .ssl_renegotiate_check = ssl_ok, | 250 | .ssl_renegotiate_check = ssl_ok, |
| 261 | .ssl_pending = ssl3_pending, | 251 | .ssl_pending = ssl3_pending, |
| @@ -284,8 +274,6 @@ static const SSL_METHOD_INTERNAL TLSv1_client_method_internal_data = { | |||
| 284 | .ssl_connect = ssl3_connect, | 274 | .ssl_connect = ssl3_connect, |
| 285 | .ssl_shutdown = ssl3_shutdown, | 275 | .ssl_shutdown = ssl3_shutdown, |
| 286 | .get_ssl_method = tls1_get_client_method, | 276 | .get_ssl_method = tls1_get_client_method, |
| 287 | .get_timeout = tls1_default_timeout, | ||
| 288 | .ssl_version = ssl_undefined_void_function, | ||
| 289 | .ssl_renegotiate = ssl3_renegotiate, | 277 | .ssl_renegotiate = ssl3_renegotiate, |
| 290 | .ssl_renegotiate_check = ssl3_renegotiate_check, | 278 | .ssl_renegotiate_check = ssl3_renegotiate_check, |
| 291 | .ssl_pending = ssl3_pending, | 279 | .ssl_pending = ssl3_pending, |
| @@ -314,8 +302,6 @@ static const SSL_METHOD_INTERNAL TLSv1_1_client_method_internal_data = { | |||
| 314 | .ssl_connect = ssl3_connect, | 302 | .ssl_connect = ssl3_connect, |
| 315 | .ssl_shutdown = ssl3_shutdown, | 303 | .ssl_shutdown = ssl3_shutdown, |
| 316 | .get_ssl_method = tls1_get_client_method, | 304 | .get_ssl_method = tls1_get_client_method, |
| 317 | .get_timeout = tls1_default_timeout, | ||
| 318 | .ssl_version = ssl_undefined_void_function, | ||
| 319 | .ssl_renegotiate = ssl3_renegotiate, | 305 | .ssl_renegotiate = ssl3_renegotiate, |
| 320 | .ssl_renegotiate_check = ssl3_renegotiate_check, | 306 | .ssl_renegotiate_check = ssl3_renegotiate_check, |
| 321 | .ssl_pending = ssl3_pending, | 307 | .ssl_pending = ssl3_pending, |
| @@ -344,8 +330,6 @@ static const SSL_METHOD_INTERNAL TLSv1_2_client_method_internal_data = { | |||
| 344 | .ssl_connect = ssl3_connect, | 330 | .ssl_connect = ssl3_connect, |
| 345 | .ssl_shutdown = ssl3_shutdown, | 331 | .ssl_shutdown = ssl3_shutdown, |
| 346 | .get_ssl_method = tls1_get_client_method, | 332 | .get_ssl_method = tls1_get_client_method, |
| 347 | .get_timeout = tls1_default_timeout, | ||
| 348 | .ssl_version = ssl_undefined_void_function, | ||
| 349 | .ssl_renegotiate = ssl3_renegotiate, | 333 | .ssl_renegotiate = ssl3_renegotiate, |
| 350 | .ssl_renegotiate_check = ssl3_renegotiate_check, | 334 | .ssl_renegotiate_check = ssl3_renegotiate_check, |
| 351 | .ssl_pending = ssl3_pending, | 335 | .ssl_pending = ssl3_pending, |
| @@ -433,8 +417,6 @@ static const SSL_METHOD_INTERNAL TLS_method_internal_data = { | |||
| 433 | .ssl_connect = tls13_legacy_connect, | 417 | .ssl_connect = tls13_legacy_connect, |
| 434 | .ssl_shutdown = tls13_legacy_shutdown, | 418 | .ssl_shutdown = tls13_legacy_shutdown, |
| 435 | .get_ssl_method = tls1_get_client_method, | 419 | .get_ssl_method = tls1_get_client_method, |
| 436 | .get_timeout = tls1_default_timeout, | ||
| 437 | .ssl_version = ssl_undefined_void_function, | ||
| 438 | .ssl_renegotiate = ssl_undefined_function, | 420 | .ssl_renegotiate = ssl_undefined_function, |
| 439 | .ssl_renegotiate_check = ssl_ok, | 421 | .ssl_renegotiate_check = ssl_ok, |
| 440 | .ssl_pending = tls13_legacy_pending, | 422 | .ssl_pending = tls13_legacy_pending, |
| @@ -464,8 +446,6 @@ static const SSL_METHOD_INTERNAL TLS_legacy_method_internal_data = { | |||
| 464 | .ssl_connect = ssl3_connect, | 446 | .ssl_connect = ssl3_connect, |
| 465 | .ssl_shutdown = ssl3_shutdown, | 447 | .ssl_shutdown = ssl3_shutdown, |
| 466 | .get_ssl_method = tls1_get_method, | 448 | .get_ssl_method = tls1_get_method, |
| 467 | .get_timeout = tls1_default_timeout, | ||
| 468 | .ssl_version = ssl_undefined_void_function, | ||
| 469 | .ssl_renegotiate = ssl_undefined_function, | 449 | .ssl_renegotiate = ssl_undefined_function, |
| 470 | .ssl_renegotiate_check = ssl_ok, | 450 | .ssl_renegotiate_check = ssl_ok, |
| 471 | .ssl_pending = ssl3_pending, | 451 | .ssl_pending = ssl3_pending, |
| @@ -494,8 +474,6 @@ static const SSL_METHOD_INTERNAL TLSv1_method_internal_data = { | |||
| 494 | .ssl_connect = ssl3_connect, | 474 | .ssl_connect = ssl3_connect, |
| 495 | .ssl_shutdown = ssl3_shutdown, | 475 | .ssl_shutdown = ssl3_shutdown, |
| 496 | .get_ssl_method = tls1_get_method, | 476 | .get_ssl_method = tls1_get_method, |
| 497 | .get_timeout = tls1_default_timeout, | ||
| 498 | .ssl_version = ssl_undefined_void_function, | ||
| 499 | .ssl_renegotiate = ssl3_renegotiate, | 477 | .ssl_renegotiate = ssl3_renegotiate, |
| 500 | .ssl_renegotiate_check = ssl3_renegotiate_check, | 478 | .ssl_renegotiate_check = ssl3_renegotiate_check, |
| 501 | .ssl_pending = ssl3_pending, | 479 | .ssl_pending = ssl3_pending, |
| @@ -524,8 +502,6 @@ static const SSL_METHOD_INTERNAL TLSv1_1_method_internal_data = { | |||
| 524 | .ssl_connect = ssl3_connect, | 502 | .ssl_connect = ssl3_connect, |
| 525 | .ssl_shutdown = ssl3_shutdown, | 503 | .ssl_shutdown = ssl3_shutdown, |
| 526 | .get_ssl_method = tls1_get_method, | 504 | .get_ssl_method = tls1_get_method, |
| 527 | .get_timeout = tls1_default_timeout, | ||
| 528 | .ssl_version = ssl_undefined_void_function, | ||
| 529 | .ssl_renegotiate = ssl3_renegotiate, | 505 | .ssl_renegotiate = ssl3_renegotiate, |
| 530 | .ssl_renegotiate_check = ssl3_renegotiate_check, | 506 | .ssl_renegotiate_check = ssl3_renegotiate_check, |
| 531 | .ssl_pending = ssl3_pending, | 507 | .ssl_pending = ssl3_pending, |
| @@ -554,8 +530,6 @@ static const SSL_METHOD_INTERNAL TLSv1_2_method_internal_data = { | |||
| 554 | .ssl_connect = ssl3_connect, | 530 | .ssl_connect = ssl3_connect, |
| 555 | .ssl_shutdown = ssl3_shutdown, | 531 | .ssl_shutdown = ssl3_shutdown, |
| 556 | .get_ssl_method = tls1_get_method, | 532 | .get_ssl_method = tls1_get_method, |
| 557 | .get_timeout = tls1_default_timeout, | ||
| 558 | .ssl_version = ssl_undefined_void_function, | ||
| 559 | .ssl_renegotiate = ssl3_renegotiate, | 533 | .ssl_renegotiate = ssl3_renegotiate, |
| 560 | .ssl_renegotiate_check = ssl3_renegotiate_check, | 534 | .ssl_renegotiate_check = ssl3_renegotiate_check, |
| 561 | .ssl_pending = ssl3_pending, | 535 | .ssl_pending = ssl3_pending, |
| @@ -641,8 +615,6 @@ static const SSL_METHOD_INTERNAL TLS_server_method_internal_data = { | |||
| 641 | .ssl_connect = ssl_undefined_function, | 615 | .ssl_connect = ssl_undefined_function, |
| 642 | .ssl_shutdown = tls13_legacy_shutdown, | 616 | .ssl_shutdown = tls13_legacy_shutdown, |
| 643 | .get_ssl_method = tls1_get_server_method, | 617 | .get_ssl_method = tls1_get_server_method, |
| 644 | .get_timeout = tls1_default_timeout, | ||
| 645 | .ssl_version = ssl_undefined_void_function, | ||
| 646 | .ssl_renegotiate = ssl_undefined_function, | 618 | .ssl_renegotiate = ssl_undefined_function, |
| 647 | .ssl_renegotiate_check = ssl_ok, | 619 | .ssl_renegotiate_check = ssl_ok, |
| 648 | .ssl_pending = tls13_legacy_pending, | 620 | .ssl_pending = tls13_legacy_pending, |
| @@ -672,8 +644,6 @@ static const SSL_METHOD_INTERNAL TLS_legacy_server_method_internal_data = { | |||
| 672 | .ssl_connect = ssl_undefined_function, | 644 | .ssl_connect = ssl_undefined_function, |
| 673 | .ssl_shutdown = ssl3_shutdown, | 645 | .ssl_shutdown = ssl3_shutdown, |
| 674 | .get_ssl_method = tls1_get_server_method, | 646 | .get_ssl_method = tls1_get_server_method, |
| 675 | .get_timeout = tls1_default_timeout, | ||
| 676 | .ssl_version = ssl_undefined_void_function, | ||
| 677 | .ssl_renegotiate = ssl_undefined_function, | 647 | .ssl_renegotiate = ssl_undefined_function, |
| 678 | .ssl_renegotiate_check = ssl_ok, | 648 | .ssl_renegotiate_check = ssl_ok, |
| 679 | .ssl_pending = ssl3_pending, | 649 | .ssl_pending = ssl3_pending, |
| @@ -702,8 +672,6 @@ static const SSL_METHOD_INTERNAL TLSv1_server_method_internal_data = { | |||
| 702 | .ssl_connect = ssl_undefined_function, | 672 | .ssl_connect = ssl_undefined_function, |
| 703 | .ssl_shutdown = ssl3_shutdown, | 673 | .ssl_shutdown = ssl3_shutdown, |
| 704 | .get_ssl_method = tls1_get_server_method, | 674 | .get_ssl_method = tls1_get_server_method, |
| 705 | .get_timeout = tls1_default_timeout, | ||
| 706 | .ssl_version = ssl_undefined_void_function, | ||
| 707 | .ssl_renegotiate = ssl3_renegotiate, | 675 | .ssl_renegotiate = ssl3_renegotiate, |
| 708 | .ssl_renegotiate_check = ssl3_renegotiate_check, | 676 | .ssl_renegotiate_check = ssl3_renegotiate_check, |
| 709 | .ssl_pending = ssl3_pending, | 677 | .ssl_pending = ssl3_pending, |
| @@ -732,8 +700,6 @@ static const SSL_METHOD_INTERNAL TLSv1_1_server_method_internal_data = { | |||
| 732 | .ssl_connect = ssl_undefined_function, | 700 | .ssl_connect = ssl_undefined_function, |
| 733 | .ssl_shutdown = ssl3_shutdown, | 701 | .ssl_shutdown = ssl3_shutdown, |
| 734 | .get_ssl_method = tls1_get_server_method, | 702 | .get_ssl_method = tls1_get_server_method, |
| 735 | .get_timeout = tls1_default_timeout, | ||
| 736 | .ssl_version = ssl_undefined_void_function, | ||
| 737 | .ssl_renegotiate = ssl3_renegotiate, | 703 | .ssl_renegotiate = ssl3_renegotiate, |
| 738 | .ssl_renegotiate_check = ssl3_renegotiate_check, | 704 | .ssl_renegotiate_check = ssl3_renegotiate_check, |
| 739 | .ssl_pending = ssl3_pending, | 705 | .ssl_pending = ssl3_pending, |
| @@ -762,8 +728,6 @@ static const SSL_METHOD_INTERNAL TLSv1_2_server_method_internal_data = { | |||
| 762 | .ssl_connect = ssl_undefined_function, | 728 | .ssl_connect = ssl_undefined_function, |
| 763 | .ssl_shutdown = ssl3_shutdown, | 729 | .ssl_shutdown = ssl3_shutdown, |
| 764 | .get_ssl_method = tls1_get_server_method, | 730 | .get_ssl_method = tls1_get_server_method, |
| 765 | .get_timeout = tls1_default_timeout, | ||
| 766 | .ssl_version = ssl_undefined_void_function, | ||
| 767 | .ssl_renegotiate = ssl3_renegotiate, | 731 | .ssl_renegotiate = ssl3_renegotiate, |
| 768 | .ssl_renegotiate_check = ssl3_renegotiate_check, | 732 | .ssl_renegotiate_check = ssl3_renegotiate_check, |
| 769 | .ssl_pending = ssl3_pending, | 733 | .ssl_pending = ssl3_pending, |
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c index 580ae4b19b..6a2b082d02 100644 --- a/src/lib/libssl/t1_lib.c +++ b/src/lib/libssl/t1_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: t1_lib.c,v 1.167 2020/05/29 17:39:42 jsing Exp $ */ | 1 | /* $OpenBSD: t1_lib.c,v 1.168 2020/07/07 19:31:11 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -138,14 +138,6 @@ SSL3_ENC_METHOD TLSv1_2_enc_data = { | |||
| 138 | SSL_ENC_FLAG_SHA256_PRF|SSL_ENC_FLAG_TLS1_2_CIPHERS, | 138 | SSL_ENC_FLAG_SHA256_PRF|SSL_ENC_FLAG_TLS1_2_CIPHERS, |
| 139 | }; | 139 | }; |
| 140 | 140 | ||
| 141 | long | ||
| 142 | tls1_default_timeout(void) | ||
| 143 | { | ||
| 144 | /* 2 hours, the 24 hours mentioned in the TLSv1 spec | ||
| 145 | * is way too long for http, the cache would over fill */ | ||
| 146 | return (60 * 60 * 2); | ||
| 147 | } | ||
| 148 | |||
| 149 | int | 141 | int |
| 150 | tls1_new(SSL *s) | 142 | tls1_new(SSL *s) |
| 151 | { | 143 | { |