1 files changed, 11 insertions, 11 deletions
diff --git a/src/lib/libssl/ssl_pkt.c b/src/lib/libssl/ssl_pkt.c
index 2ab264f33f..ef5b5737aa 100644
--- a/src/lib/libssl/ssl_pkt.c
+++ b/src/lib/libssl/ssl_pkt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_pkt.c,v 1.1 2017/01/26 05:51:54 jsing Exp $ */
+/* $OpenBSD: ssl_pkt.c,v 1.2 2017/01/26 06:32:58 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -475,7 +475,7 @@ again:
                        mac = &rr->data[rr->length];
                }
-                i = s->method->internal->ssl3_enc->mac(s,md,0 /* not send */);
+                i = tls1_mac(s,md,0 /* not send */);
                if (i < 0 || mac == NULL ||
                    timingsafe_memcmp(md, mac, (size_t)mac_size) != 0)
                        enc_err = -1;
@@ -747,7 +747,7 @@ do_ssl3_write(SSL *s, int type, const unsigned char *buf,
         * wr->data still points in the wb->buf */
        if (mac_size != 0) {
-                if (s->method->internal->ssl3_enc->mac(s,
+                if (tls1_mac(s,
                    &(p[wr->length + eivlen]), 1) < 0)
                        goto err;
                wr->length += mac_size;
@@ -1360,25 +1360,25 @@ ssl3_do_change_cipher_spec(SSL *s)
                }
                s->session->cipher = S3I(s)->tmp.new_cipher;
-                if (!s->method->internal->ssl3_enc->setup_key_block(s))
+                if (!tls1_setup_key_block(s))
                        return (0);
        }
-        if (!s->method->internal->ssl3_enc->change_cipher_state(s, i))
+        if (!tls1_change_cipher_state(s, i))
                return (0);
        /* we have to record the message digest at
         * this point so we can get it before we read
         * the finished message */
        if (s->internal->state & SSL_ST_CONNECT) {
-                sender = s->method->internal->ssl3_enc->server_finished_label;
+                sender = TLS_MD_SERVER_FINISH_CONST;
-                slen = s->method->internal->ssl3_enc->server_finished_label_len;
+                slen = TLS_MD_SERVER_FINISH_CONST_SIZE;
        } else {
-                sender = s->method->internal->ssl3_enc->client_finished_label;
+                sender = TLS_MD_CLIENT_FINISH_CONST;
-                slen = s->method->internal->ssl3_enc->client_finished_label_len;
+                slen = TLS_MD_CLIENT_FINISH_CONST_SIZE;
        }
-        i = s->method->internal->ssl3_enc->final_finish_mac(s, sender, slen,
+        i = tls1_final_finish_mac(s, sender, slen,
            S3I(s)->tmp.peer_finish_md);
        if (i == 0) {
                SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC, ERR_R_INTERNAL_ERROR);
@@ -1393,7 +1393,7 @@ int
 ssl3_send_alert(SSL *s, int level, int desc)
 {
        /* Map tls/ssl alert value to correct one */
-        desc = s->method->internal->ssl3_enc->alert_value(desc);
+        desc = tls1_alert_code(desc);
        if (desc < 0)
                return -1;
        /* If a fatal one, remove from cache */

diff --git a/src/lib/libssl/ssl_pkt.c b/src/lib/libssl/ssl_pkt.c index 2ab264f33f..ef5b5737aa 100644 --- a/src/lib/libssl/ssl_pkt.c +++ b/src/lib/libssl/ssl_pkt.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_pkt.c,v 1.1 2017/01/26 05:51:54 jsing Exp $ */	1	/* $OpenBSD: ssl_pkt.c,v 1.2 2017/01/26 06:32:58 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -475,7 +475,7 @@ again:
475	mac = &rr->data[rr->length];	475	mac = &rr->data[rr->length];
476	}	476	}
477		477
478	i = s->method->internal->ssl3_enc->mac(s,md,0 /* not send */);	478	i = tls1_mac(s,md,0 /* not send */);
479	if (i < 0 \|\| mac == NULL \|\|	479	if (i < 0 \|\| mac == NULL \|\|
480	timingsafe_memcmp(md, mac, (size_t)mac_size) != 0)	480	timingsafe_memcmp(md, mac, (size_t)mac_size) != 0)
481	enc_err = -1;	481	enc_err = -1;
@@ -747,7 +747,7 @@ do_ssl3_write(SSL s, int type, const unsigned char buf,
747	* wr->data still points in the wb->buf */	747	* wr->data still points in the wb->buf */
748		748
749	if (mac_size != 0) {	749	if (mac_size != 0) {
750	if (s->method->internal->ssl3_enc->mac(s,	750	if (tls1_mac(s,
751	&(p[wr->length + eivlen]), 1) < 0)	751	&(p[wr->length + eivlen]), 1) < 0)
752	goto err;	752	goto err;
753	wr->length += mac_size;	753	wr->length += mac_size;
@@ -1360,25 +1360,25 @@ ssl3_do_change_cipher_spec(SSL *s)
1360	}	1360	}
1361		1361
1362	s->session->cipher = S3I(s)->tmp.new_cipher;	1362	s->session->cipher = S3I(s)->tmp.new_cipher;
1363	if (!s->method->internal->ssl3_enc->setup_key_block(s))	1363	if (!tls1_setup_key_block(s))
1364	return (0);	1364	return (0);
1365	}	1365	}
1366		1366
1367	if (!s->method->internal->ssl3_enc->change_cipher_state(s, i))	1367	if (!tls1_change_cipher_state(s, i))
1368	return (0);	1368	return (0);
1369		1369
1370	/* we have to record the message digest at	1370	/* we have to record the message digest at
1371	* this point so we can get it before we read	1371	* this point so we can get it before we read
1372	* the finished message */	1372	* the finished message */
1373	if (s->internal->state & SSL_ST_CONNECT) {	1373	if (s->internal->state & SSL_ST_CONNECT) {
1374	sender = s->method->internal->ssl3_enc->server_finished_label;	1374	sender = TLS_MD_SERVER_FINISH_CONST;
1375	slen = s->method->internal->ssl3_enc->server_finished_label_len;	1375	slen = TLS_MD_SERVER_FINISH_CONST_SIZE;
1376	} else {	1376	} else {
1377	sender = s->method->internal->ssl3_enc->client_finished_label;	1377	sender = TLS_MD_CLIENT_FINISH_CONST;
1378	slen = s->method->internal->ssl3_enc->client_finished_label_len;	1378	slen = TLS_MD_CLIENT_FINISH_CONST_SIZE;
1379	}	1379	}
1380		1380
1381	i = s->method->internal->ssl3_enc->final_finish_mac(s, sender, slen,	1381	i = tls1_final_finish_mac(s, sender, slen,
1382	S3I(s)->tmp.peer_finish_md);	1382	S3I(s)->tmp.peer_finish_md);
1383	if (i == 0) {	1383	if (i == 0) {
1384	SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC, ERR_R_INTERNAL_ERROR);	1384	SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC, ERR_R_INTERNAL_ERROR);
@@ -1393,7 +1393,7 @@ int
1393	ssl3_send_alert(SSL *s, int level, int desc)	1393	ssl3_send_alert(SSL *s, int level, int desc)
1394	{	1394	{
1395	/* Map tls/ssl alert value to correct one */	1395	/* Map tls/ssl alert value to correct one */
1396	desc = s->method->internal->ssl3_enc->alert_value(desc);	1396	desc = tls1_alert_code(desc);
1397	if (desc < 0)	1397	if (desc < 0)
1398	return -1;	1398	return -1;
1399	/* If a fatal one, remove from cache */	1399	/* If a fatal one, remove from cache */