1 files changed, 3 insertions, 29 deletions
diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h
index 2d6a0e757d..4080af8999 100644
--- a/src/lib/libssl/ssl.h
+++ b/src/lib/libssl/ssl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl.h,v 1.110 2017/01/23 04:15:28 jsing Exp $ */
+/* $OpenBSD: ssl.h,v 1.111 2017/01/23 04:55:27 beck Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -908,10 +908,6 @@ struct ssl_st {
         * in SSL_accept or SSL_connect */
        int rwstate;
-        /* true when we are actually in SSL_accept() or SSL_connect() */
-        int in_handshake;
-        int (*handshake_func)(SSL *);
        /* Imagine that here's a boolean member "init" that is
         * switched as soon as SSL_set_{accept/connect}_state
         * is called for the first time, so that "state" and
@@ -947,11 +943,6 @@ struct ssl_st {
        int read_ahead;         /* Read as many input bytes as possible
                                 * (for non-blocking reads) */
-        /* callback that allows applications to peek at protocol messages */
-        void (*msg_callback)(int write_p, int version, int content_type,
-            const void *buf, size_t len, SSL *ssl, void *arg);
-        void *msg_callback_arg;
        int hit;                /* reusing a previous session */
        X509_VERIFY_PARAM *param;
@@ -992,16 +983,9 @@ struct ssl_st {
        /* This can also be in the session once a session is established */
        SSL_SESSION *session;
-        /* Default generate session ID callback. */
-        GEN_SESSION_CB generate_session_id;
        /* Used in SSL2 and SSL3 */
        int verify_mode;        /* 0 don't care about verify failure.
                                 * 1 fail if verify fails */
-        int (*verify_callback)(int ok,X509_STORE_CTX *ctx); /* fail if callback returns 0 */
-        void (*info_callback)(const SSL *ssl,int type,int val); /* optional informational callback */
        int error;              /* error bytes to be written */
        int error_code;         /* actual code */
@@ -1028,11 +1012,9 @@ struct ssl_st {
        int client_version;     /* what was passed, used for
                                 * SSLv3/TLS rollback check */
        unsigned int max_send_fragment;
-        /* TLS extension debug callback */
-        void (*tlsext_debug_cb)(SSL *s, int client_server, int type,
-            unsigned char *data, int len, void *arg);
-        void *tlsext_debug_arg;
        char *tlsext_hostname;
        int servername_done;    /* no further mod of servername
                                   0 : call the servername extension callback.
                                   1 : prepare 2, allow last ack just after in server callback.
@@ -1060,14 +1042,6 @@ struct ssl_st {
        /* TLS Session Ticket extension override */
        TLS_SESSION_TICKET_EXT *tlsext_session_ticket;
-        /* TLS Session Ticket extension callback */
-        tls_session_ticket_ext_cb_fn tls_session_ticket_ext_cb;
-        void *tls_session_ticket_ext_cb_arg;
-        /* TLS pre-shared secret session resumption */
-        tls_session_secret_cb_fn tls_session_secret_cb;
-        void *tls_session_secret_cb_arg;
        SSL_CTX * initial_ctx; /* initial ctx, used to store sessions */
 #define session_ctx initial_ctx

diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h index 2d6a0e757d..4080af8999 100644 --- a/src/lib/libssl/ssl.h +++ b/src/lib/libssl/ssl.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl.h,v 1.110 2017/01/23 04:15:28 jsing Exp $ */	1	/* $OpenBSD: ssl.h,v 1.111 2017/01/23 04:55:27 beck Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -908,10 +908,6 @@ struct ssl_st {
908	* in SSL_accept or SSL_connect */	908	* in SSL_accept or SSL_connect */
909	int rwstate;	909	int rwstate;
910		910
911	/* true when we are actually in SSL_accept() or SSL_connect() */
912	int in_handshake;
913	int (handshake_func)(SSL );
914
915	/* Imagine that here's a boolean member "init" that is	911	/* Imagine that here's a boolean member "init" that is
916	* switched as soon as SSL_set_{accept/connect}_state	912	* switched as soon as SSL_set_{accept/connect}_state
917	* is called for the first time, so that "state" and	913	* is called for the first time, so that "state" and
@@ -947,11 +943,6 @@ struct ssl_st {
947	int read_ahead; /* Read as many input bytes as possible	943	int read_ahead; /* Read as many input bytes as possible
948	* (for non-blocking reads) */	944	* (for non-blocking reads) */
949		945
950	/* callback that allows applications to peek at protocol messages */
951	void (*msg_callback)(int write_p, int version, int content_type,
952	const void buf, size_t len, SSL ssl, void *arg);
953	void *msg_callback_arg;
954
955	int hit; /* reusing a previous session */	946	int hit; /* reusing a previous session */
956		947
957	X509_VERIFY_PARAM *param;	948	X509_VERIFY_PARAM *param;
@@ -992,16 +983,9 @@ struct ssl_st {
992	/* This can also be in the session once a session is established */	983	/* This can also be in the session once a session is established */
993	SSL_SESSION *session;	984	SSL_SESSION *session;
994		985
995	/* Default generate session ID callback. */
996	GEN_SESSION_CB generate_session_id;
997
998	/* Used in SSL2 and SSL3 */	986	/* Used in SSL2 and SSL3 */
999	int verify_mode; /* 0 don't care about verify failure.	987	int verify_mode; /* 0 don't care about verify failure.
1000	* 1 fail if verify fails */	988	* 1 fail if verify fails */
1001	int (verify_callback)(int ok,X509_STORE_CTX ctx); /* fail if callback returns 0 */
1002
1003	void (info_callback)(const SSL ssl,int type,int val); /* optional informational callback */
1004
1005	int error; /* error bytes to be written */	989	int error; /* error bytes to be written */
1006	int error_code; /* actual code */	990	int error_code; /* actual code */
1007		991
@@ -1028,11 +1012,9 @@ struct ssl_st {
1028	int client_version; /* what was passed, used for	1012	int client_version; /* what was passed, used for
1029	* SSLv3/TLS rollback check */	1013	* SSLv3/TLS rollback check */
1030	unsigned int max_send_fragment;	1014	unsigned int max_send_fragment;
1031	/* TLS extension debug callback */	1015
1032	void (tlsext_debug_cb)(SSL s, int client_server, int type,
1033	unsigned char data, int len, void arg);
1034	void *tlsext_debug_arg;
1035	char *tlsext_hostname;	1016	char *tlsext_hostname;
		1017
1036	int servername_done; /* no further mod of servername	1018	int servername_done; /* no further mod of servername
1037	0 : call the servername extension callback.	1019	0 : call the servername extension callback.
1038	1 : prepare 2, allow last ack just after in server callback.	1020	1 : prepare 2, allow last ack just after in server callback.
@@ -1060,14 +1042,6 @@ struct ssl_st {
1060	/* TLS Session Ticket extension override */	1042	/* TLS Session Ticket extension override */
1061	TLS_SESSION_TICKET_EXT *tlsext_session_ticket;	1043	TLS_SESSION_TICKET_EXT *tlsext_session_ticket;
1062		1044
1063	/* TLS Session Ticket extension callback */
1064	tls_session_ticket_ext_cb_fn tls_session_ticket_ext_cb;
1065	void *tls_session_ticket_ext_cb_arg;
1066
1067	/* TLS pre-shared secret session resumption */
1068	tls_session_secret_cb_fn tls_session_secret_cb;
1069	void *tls_session_secret_cb_arg;
1070
1071	SSL_CTX * initial_ctx; /* initial ctx, used to store sessions */	1045	SSL_CTX * initial_ctx; /* initial ctx, used to store sessions */
1072	#define session_ctx initial_ctx	1046	#define session_ctx initial_ctx
1073		1047