1 files changed, 36 insertions, 36 deletions
diff --git a/src/lib/libssl/tls13_legacy.c b/src/lib/libssl/tls13_legacy.c
index 545f2cd978..57fb84cefb 100644
--- a/src/lib/libssl/tls13_legacy.c
+++ b/src/lib/libssl/tls13_legacy.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: tls13_legacy.c,v 1.38 2022/07/17 15:49:20 jsing Exp $ */
+/*      $OpenBSD: tls13_legacy.c,v 1.39 2022/10/02 16:36:42 jsing Exp $ */
 /*
 * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
 *
@@ -30,7 +30,7 @@ tls13_legacy_wire_read(SSL *ssl, uint8_t *buf, size_t len)
                return TLS13_IO_FAILURE;
        }
-        ssl->internal->rwstate = SSL_READING;
+        ssl->rwstate = SSL_READING;
        errno = 0;
        if ((n = BIO_read(ssl->rbio, buf, len)) <= 0) {
@@ -46,7 +46,7 @@ tls13_legacy_wire_read(SSL *ssl, uint8_t *buf, size_t len)
        }
        if (n == len)
-                ssl->internal->rwstate = SSL_NOTHING;
+                ssl->rwstate = SSL_NOTHING;
        return n;
 }
@@ -69,7 +69,7 @@ tls13_legacy_wire_write(SSL *ssl, const uint8_t *buf, size_t len)
                return TLS13_IO_FAILURE;
        }
-        ssl->internal->rwstate = SSL_WRITING;
+        ssl->rwstate = SSL_WRITING;
        errno = 0;
        if ((n = BIO_write(ssl->wbio, buf, len)) <= 0) {
@@ -83,7 +83,7 @@ tls13_legacy_wire_write(SSL *ssl, const uint8_t *buf, size_t len)
        }
        if (n == len)
-                ssl->internal->rwstate = SSL_NOTHING;
+                ssl->rwstate = SSL_NOTHING;
        return n;
 }
@@ -123,7 +123,7 @@ tls13_legacy_wire_flush_cb(void *arg)
 static void
 tls13_legacy_error(SSL *ssl)
 {
-        struct tls13_ctx *ctx = ssl->internal->tls13;
+        struct tls13_ctx *ctx = ssl->tls13;
        int reason = SSL_R_UNKNOWN;
        /* If we received a fatal alert we already put an error on the stack. */
@@ -171,7 +171,7 @@ tls13_legacy_return_code(SSL *ssl, ssize_t ret)
        if (ret > 0)
                return ret;
-        ssl->internal->rwstate = SSL_NOTHING;
+        ssl->rwstate = SSL_NOTHING;
        switch (ret) {
        case TLS13_IO_EOF:
@@ -187,12 +187,12 @@ tls13_legacy_return_code(SSL *ssl, ssize_t ret)
        case TLS13_IO_WANT_POLLIN:
                BIO_set_retry_read(ssl->rbio);
-                ssl->internal->rwstate = SSL_READING;
+                ssl->rwstate = SSL_READING;
                return -1;
        case TLS13_IO_WANT_POLLOUT:
                BIO_set_retry_write(ssl->wbio);
-                ssl->internal->rwstate = SSL_WRITING;
+                ssl->rwstate = SSL_WRITING;
                return -1;
        case TLS13_IO_WANT_RETRY:
@@ -207,7 +207,7 @@ tls13_legacy_return_code(SSL *ssl, ssize_t ret)
 int
 tls13_legacy_pending(const SSL *ssl)
 {
-        struct tls13_ctx *ctx = ssl->internal->tls13;
+        struct tls13_ctx *ctx = ssl->tls13;
        ssize_t ret;
        if (ctx == NULL)
@@ -223,11 +223,11 @@ tls13_legacy_pending(const SSL *ssl)
 int
 tls13_legacy_read_bytes(SSL *ssl, int type, unsigned char *buf, int len, int peek)
 {
-        struct tls13_ctx *ctx = ssl->internal->tls13;
+        struct tls13_ctx *ctx = ssl->tls13;
        ssize_t ret;
        if (ctx == NULL || !ctx->handshake_completed) {
-                if ((ret = ssl->internal->handshake_func(ssl)) <= 0)
+                if ((ret = ssl->handshake_func(ssl)) <= 0)
                        return ret;
                if (len == 0)
                        return 0;
@@ -235,7 +235,7 @@ tls13_legacy_read_bytes(SSL *ssl, int type, unsigned char *buf, int len, int pee
        }
        tls13_record_layer_set_retry_after_phh(ctx->rl,
-            (ctx->ssl->internal->mode & SSL_MODE_AUTO_RETRY) != 0);
+            (ctx->ssl->mode & SSL_MODE_AUTO_RETRY) != 0);
        if (type != SSL3_RT_APPLICATION_DATA) {
                SSLerror(ssl, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
@@ -257,13 +257,13 @@ tls13_legacy_read_bytes(SSL *ssl, int type, unsigned char *buf, int len, int pee
 int
 tls13_legacy_write_bytes(SSL *ssl, int type, const void *vbuf, int len)
 {
-        struct tls13_ctx *ctx = ssl->internal->tls13;
+        struct tls13_ctx *ctx = ssl->tls13;
        const uint8_t *buf = vbuf;
        size_t n, sent;
        ssize_t ret;
        if (ctx == NULL || !ctx->handshake_completed) {
-                if ((ret = ssl->internal->handshake_func(ssl)) <= 0)
+                if ((ret = ssl->handshake_func(ssl)) <= 0)
                        return ret;
                if (len == 0)
                        return 0;
@@ -283,7 +283,7 @@ tls13_legacy_write_bytes(SSL *ssl, int type, const void *vbuf, int len)
         * The TLSv1.3 record layer write behaviour is the same as
         * SSL_MODE_ENABLE_PARTIAL_WRITE.
         */
-        if (ssl->internal->mode & SSL_MODE_ENABLE_PARTIAL_WRITE) {
+        if (ssl->mode & SSL_MODE_ENABLE_PARTIAL_WRITE) {
                ret = tls13_write_application_data(ctx->rl, buf, len);
                return tls13_legacy_return_code(ssl, ret);
        }
@@ -352,18 +352,18 @@ tls13_use_legacy_stack(struct tls13_ctx *ctx)
                s->s3->rbuf.left = CBS_len(&cbs);
                s->s3->rrec.type = SSL3_RT_HANDSHAKE;
                s->s3->rrec.length = CBS_len(&cbs);
-                s->internal->rstate = SSL_ST_READ_BODY;
+                s->rstate = SSL_ST_READ_BODY;
-                s->internal->packet = s->s3->rbuf.buf;
+                s->packet = s->s3->rbuf.buf;
-                s->internal->packet_length = SSL3_RT_HEADER_LENGTH;
+                s->packet_length = SSL3_RT_HEADER_LENGTH;
-                s->internal->mac_packet = 1;
+                s->mac_packet = 1;
        }
        /* Stash the current handshake message. */
        tls13_handshake_msg_data(ctx->hs_msg, &cbs);
-        if (!BUF_MEM_grow_clean(s->internal->init_buf, CBS_len(&cbs)))
+        if (!BUF_MEM_grow_clean(s->init_buf, CBS_len(&cbs)))
                goto err;
-        if (!CBS_write_bytes(&cbs, s->internal->init_buf->data,
+        if (!CBS_write_bytes(&cbs, s->init_buf->data,
-            s->internal->init_buf->length, NULL))
+            s->init_buf->length, NULL))
                goto err;
        s->s3->hs.tls12.reuse_message = 1;
@@ -386,7 +386,7 @@ tls13_use_legacy_client(struct tls13_ctx *ctx)
        if (!tls13_use_legacy_stack(ctx))
                return 0;
-        s->internal->handshake_func = s->method->ssl_connect;
+        s->handshake_func = s->method->ssl_connect;
        s->version = s->method->max_tls_version;
        return 1;
@@ -400,7 +400,7 @@ tls13_use_legacy_server(struct tls13_ctx *ctx)
        if (!tls13_use_legacy_stack(ctx))
                return 0;
-        s->internal->handshake_func = s->method->ssl_accept;
+        s->handshake_func = s->method->ssl_accept;
        s->version = s->method->max_tls_version;
        s->server = 1;
@@ -410,7 +410,7 @@ tls13_use_legacy_server(struct tls13_ctx *ctx)
 int
 tls13_legacy_accept(SSL *ssl)
 {
-        struct tls13_ctx *ctx = ssl->internal->tls13;
+        struct tls13_ctx *ctx = ssl->tls13;
        int ret;
        if (ctx == NULL) {
@@ -442,7 +442,7 @@ tls13_legacy_accept(SSL *ssl)
 int
 tls13_legacy_connect(SSL *ssl)
 {
-        struct tls13_ctx *ctx = ssl->internal->tls13;
+        struct tls13_ctx *ctx = ssl->tls13;
        int ret;
        if (ctx == NULL) {
@@ -474,7 +474,7 @@ tls13_legacy_connect(SSL *ssl)
 int
 tls13_legacy_shutdown(SSL *ssl)
 {
-        struct tls13_ctx *ctx = ssl->internal->tls13;
+        struct tls13_ctx *ctx = ssl->tls13;
        uint8_t buf[512]; /* XXX */
        ssize_t ret;
@@ -484,15 +484,15 @@ tls13_legacy_shutdown(SSL *ssl)
         * alerts. All other cases, including EOF, return -1 and set internal
         * state appropriately.
         */
-        if (ctx == NULL || ssl->internal->quiet_shutdown) {
+        if (ctx == NULL || ssl->quiet_shutdown) {
-                ssl->internal->shutdown = SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN;
+                ssl->shutdown = SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN;
                return 1;
        }
        if (!ctx->close_notify_sent) {
                /* Enqueue and send close notify. */
-                if (!(ssl->internal->shutdown & SSL_SENT_SHUTDOWN)) {
+                if (!(ssl->shutdown & SSL_SENT_SHUTDOWN)) {
-                        ssl->internal->shutdown |= SSL_SENT_SHUTDOWN;
+                        ssl->shutdown |= SSL_SENT_SHUTDOWN;
                        if ((ret = tls13_send_alert(ctx->rl,
                            TLS13_ALERT_CLOSE_NOTIFY)) < 0)
                                return tls13_legacy_return_code(ssl, ret);
@@ -533,13 +533,13 @@ tls13_legacy_servername_process(struct tls13_ctx *ctx, uint8_t *alert)
        SSL_CTX *ssl_ctx = ctx->ssl->ctx;
        SSL *s = ctx->ssl;
-        if (ssl_ctx->internal->tlsext_servername_callback == NULL)
+        if (ssl_ctx->tlsext_servername_callback == NULL)
                ssl_ctx = s->initial_ctx;
-        if (ssl_ctx->internal->tlsext_servername_callback == NULL)
+        if (ssl_ctx->tlsext_servername_callback == NULL)
                return 1;
-        ret = ssl_ctx->internal->tlsext_servername_callback(s, &legacy_alert,
+        ret = ssl_ctx->tlsext_servername_callback(s, &legacy_alert,
-            ssl_ctx->internal->tlsext_servername_arg);
+            ssl_ctx->tlsext_servername_arg);
        /*
         * Ignore SSL_TLSEXT_ERR_ALERT_WARNING returns to match OpenSSL's

diff --git a/src/lib/libssl/tls13_legacy.c b/src/lib/libssl/tls13_legacy.c index 545f2cd978..57fb84cefb 100644 --- a/src/lib/libssl/tls13_legacy.c +++ b/src/lib/libssl/tls13_legacy.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: tls13_legacy.c,v 1.38 2022/07/17 15:49:20 jsing Exp $ */	1	/* $OpenBSD: tls13_legacy.c,v 1.39 2022/10/02 16:36:42 jsing Exp $ */
2	/*	2	/*
3	* Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>	3	* Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
4	*	4	*
@@ -30,7 +30,7 @@ tls13_legacy_wire_read(SSL ssl, uint8_t buf, size_t len)
30	return TLS13_IO_FAILURE;	30	return TLS13_IO_FAILURE;
31	}	31	}
32		32
33	ssl->internal->rwstate = SSL_READING;	33	ssl->rwstate = SSL_READING;
34	errno = 0;	34	errno = 0;
35		35
36	if ((n = BIO_read(ssl->rbio, buf, len)) <= 0) {	36	if ((n = BIO_read(ssl->rbio, buf, len)) <= 0) {
@@ -46,7 +46,7 @@ tls13_legacy_wire_read(SSL ssl, uint8_t buf, size_t len)
46	}	46	}
47		47
48	if (n == len)	48	if (n == len)
49	ssl->internal->rwstate = SSL_NOTHING;	49	ssl->rwstate = SSL_NOTHING;
50		50
51	return n;	51	return n;
52	}	52	}
@@ -69,7 +69,7 @@ tls13_legacy_wire_write(SSL ssl, const uint8_t buf, size_t len)
69	return TLS13_IO_FAILURE;	69	return TLS13_IO_FAILURE;
70	}	70	}
71		71
72	ssl->internal->rwstate = SSL_WRITING;	72	ssl->rwstate = SSL_WRITING;
73	errno = 0;	73	errno = 0;
74		74
75	if ((n = BIO_write(ssl->wbio, buf, len)) <= 0) {	75	if ((n = BIO_write(ssl->wbio, buf, len)) <= 0) {
@@ -83,7 +83,7 @@ tls13_legacy_wire_write(SSL ssl, const uint8_t buf, size_t len)
83	}	83	}
84		84
85	if (n == len)	85	if (n == len)
86	ssl->internal->rwstate = SSL_NOTHING;	86	ssl->rwstate = SSL_NOTHING;
87		87
88	return n;	88	return n;
89	}	89	}
@@ -123,7 +123,7 @@ tls13_legacy_wire_flush_cb(void *arg)
123	static void	123	static void
124	tls13_legacy_error(SSL *ssl)	124	tls13_legacy_error(SSL *ssl)
125	{	125	{
126	struct tls13_ctx *ctx = ssl->internal->tls13;	126	struct tls13_ctx *ctx = ssl->tls13;
127	int reason = SSL_R_UNKNOWN;	127	int reason = SSL_R_UNKNOWN;
128		128
129	/* If we received a fatal alert we already put an error on the stack. */	129	/* If we received a fatal alert we already put an error on the stack. */
@@ -171,7 +171,7 @@ tls13_legacy_return_code(SSL *ssl, ssize_t ret)
171	if (ret > 0)	171	if (ret > 0)
172	return ret;	172	return ret;
173		173
174	ssl->internal->rwstate = SSL_NOTHING;	174	ssl->rwstate = SSL_NOTHING;
175		175
176	switch (ret) {	176	switch (ret) {
177	case TLS13_IO_EOF:	177	case TLS13_IO_EOF:
@@ -187,12 +187,12 @@ tls13_legacy_return_code(SSL *ssl, ssize_t ret)
187		187
188	case TLS13_IO_WANT_POLLIN:	188	case TLS13_IO_WANT_POLLIN:
189	BIO_set_retry_read(ssl->rbio);	189	BIO_set_retry_read(ssl->rbio);
190	ssl->internal->rwstate = SSL_READING;	190	ssl->rwstate = SSL_READING;
191	return -1;	191	return -1;
192		192
193	case TLS13_IO_WANT_POLLOUT:	193	case TLS13_IO_WANT_POLLOUT:
194	BIO_set_retry_write(ssl->wbio);	194	BIO_set_retry_write(ssl->wbio);
195	ssl->internal->rwstate = SSL_WRITING;	195	ssl->rwstate = SSL_WRITING;
196	return -1;	196	return -1;
197		197
198	case TLS13_IO_WANT_RETRY:	198	case TLS13_IO_WANT_RETRY:
@@ -207,7 +207,7 @@ tls13_legacy_return_code(SSL *ssl, ssize_t ret)
207	int	207	int
208	tls13_legacy_pending(const SSL *ssl)	208	tls13_legacy_pending(const SSL *ssl)
209	{	209	{
210	struct tls13_ctx *ctx = ssl->internal->tls13;	210	struct tls13_ctx *ctx = ssl->tls13;
211	ssize_t ret;	211	ssize_t ret;
212		212
213	if (ctx == NULL)	213	if (ctx == NULL)
@@ -223,11 +223,11 @@ tls13_legacy_pending(const SSL *ssl)
223	int	223	int
224	tls13_legacy_read_bytes(SSL ssl, int type, unsigned char buf, int len, int peek)	224	tls13_legacy_read_bytes(SSL ssl, int type, unsigned char buf, int len, int peek)
225	{	225	{
226	struct tls13_ctx *ctx = ssl->internal->tls13;	226	struct tls13_ctx *ctx = ssl->tls13;
227	ssize_t ret;	227	ssize_t ret;
228		228
229	if (ctx == NULL \|\| !ctx->handshake_completed) {	229	if (ctx == NULL \|\| !ctx->handshake_completed) {
230	if ((ret = ssl->internal->handshake_func(ssl)) <= 0)	230	if ((ret = ssl->handshake_func(ssl)) <= 0)
231	return ret;	231	return ret;
232	if (len == 0)	232	if (len == 0)
233	return 0;	233	return 0;
@@ -235,7 +235,7 @@ tls13_legacy_read_bytes(SSL ssl, int type, unsigned char buf, int len, int pee
235	}	235	}
236		236
237	tls13_record_layer_set_retry_after_phh(ctx->rl,	237	tls13_record_layer_set_retry_after_phh(ctx->rl,
238	(ctx->ssl->internal->mode & SSL_MODE_AUTO_RETRY) != 0);	238	(ctx->ssl->mode & SSL_MODE_AUTO_RETRY) != 0);
239		239
240	if (type != SSL3_RT_APPLICATION_DATA) {	240	if (type != SSL3_RT_APPLICATION_DATA) {
241	SSLerror(ssl, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);	241	SSLerror(ssl, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
@@ -257,13 +257,13 @@ tls13_legacy_read_bytes(SSL ssl, int type, unsigned char buf, int len, int pee
257	int	257	int
258	tls13_legacy_write_bytes(SSL ssl, int type, const void vbuf, int len)	258	tls13_legacy_write_bytes(SSL ssl, int type, const void vbuf, int len)
259	{	259	{
260	struct tls13_ctx *ctx = ssl->internal->tls13;	260	struct tls13_ctx *ctx = ssl->tls13;
261	const uint8_t *buf = vbuf;	261	const uint8_t *buf = vbuf;
262	size_t n, sent;	262	size_t n, sent;
263	ssize_t ret;	263	ssize_t ret;
264		264
265	if (ctx == NULL \|\| !ctx->handshake_completed) {	265	if (ctx == NULL \|\| !ctx->handshake_completed) {
266	if ((ret = ssl->internal->handshake_func(ssl)) <= 0)	266	if ((ret = ssl->handshake_func(ssl)) <= 0)
267	return ret;	267	return ret;
268	if (len == 0)	268	if (len == 0)
269	return 0;	269	return 0;
@@ -283,7 +283,7 @@ tls13_legacy_write_bytes(SSL ssl, int type, const void vbuf, int len)
283	* The TLSv1.3 record layer write behaviour is the same as	283	* The TLSv1.3 record layer write behaviour is the same as
284	* SSL_MODE_ENABLE_PARTIAL_WRITE.	284	* SSL_MODE_ENABLE_PARTIAL_WRITE.
285	*/	285	*/
286	if (ssl->internal->mode & SSL_MODE_ENABLE_PARTIAL_WRITE) {	286	if (ssl->mode & SSL_MODE_ENABLE_PARTIAL_WRITE) {
287	ret = tls13_write_application_data(ctx->rl, buf, len);	287	ret = tls13_write_application_data(ctx->rl, buf, len);
288	return tls13_legacy_return_code(ssl, ret);	288	return tls13_legacy_return_code(ssl, ret);
289	}	289	}
@@ -352,18 +352,18 @@ tls13_use_legacy_stack(struct tls13_ctx *ctx)
352	s->s3->rbuf.left = CBS_len(&cbs);	352	s->s3->rbuf.left = CBS_len(&cbs);
353	s->s3->rrec.type = SSL3_RT_HANDSHAKE;	353	s->s3->rrec.type = SSL3_RT_HANDSHAKE;
354	s->s3->rrec.length = CBS_len(&cbs);	354	s->s3->rrec.length = CBS_len(&cbs);
355	s->internal->rstate = SSL_ST_READ_BODY;	355	s->rstate = SSL_ST_READ_BODY;
356	s->internal->packet = s->s3->rbuf.buf;	356	s->packet = s->s3->rbuf.buf;
357	s->internal->packet_length = SSL3_RT_HEADER_LENGTH;	357	s->packet_length = SSL3_RT_HEADER_LENGTH;
358	s->internal->mac_packet = 1;	358	s->mac_packet = 1;
359	}	359	}
360		360
361	/* Stash the current handshake message. */	361	/* Stash the current handshake message. */
362	tls13_handshake_msg_data(ctx->hs_msg, &cbs);	362	tls13_handshake_msg_data(ctx->hs_msg, &cbs);
363	if (!BUF_MEM_grow_clean(s->internal->init_buf, CBS_len(&cbs)))	363	if (!BUF_MEM_grow_clean(s->init_buf, CBS_len(&cbs)))
364	goto err;	364	goto err;
365	if (!CBS_write_bytes(&cbs, s->internal->init_buf->data,	365	if (!CBS_write_bytes(&cbs, s->init_buf->data,
366	s->internal->init_buf->length, NULL))	366	s->init_buf->length, NULL))
367	goto err;	367	goto err;
368		368
369	s->s3->hs.tls12.reuse_message = 1;	369	s->s3->hs.tls12.reuse_message = 1;
@@ -386,7 +386,7 @@ tls13_use_legacy_client(struct tls13_ctx *ctx)
386	if (!tls13_use_legacy_stack(ctx))	386	if (!tls13_use_legacy_stack(ctx))
387	return 0;	387	return 0;
388		388
389	s->internal->handshake_func = s->method->ssl_connect;	389	s->handshake_func = s->method->ssl_connect;
390	s->version = s->method->max_tls_version;	390	s->version = s->method->max_tls_version;
391		391
392	return 1;	392	return 1;
@@ -400,7 +400,7 @@ tls13_use_legacy_server(struct tls13_ctx *ctx)
400	if (!tls13_use_legacy_stack(ctx))	400	if (!tls13_use_legacy_stack(ctx))
401	return 0;	401	return 0;
402		402
403	s->internal->handshake_func = s->method->ssl_accept;	403	s->handshake_func = s->method->ssl_accept;
404	s->version = s->method->max_tls_version;	404	s->version = s->method->max_tls_version;
405	s->server = 1;	405	s->server = 1;
406		406
@@ -410,7 +410,7 @@ tls13_use_legacy_server(struct tls13_ctx *ctx)
410	int	410	int
411	tls13_legacy_accept(SSL *ssl)	411	tls13_legacy_accept(SSL *ssl)
412	{	412	{
413	struct tls13_ctx *ctx = ssl->internal->tls13;	413	struct tls13_ctx *ctx = ssl->tls13;
414	int ret;	414	int ret;
415		415
416	if (ctx == NULL) {	416	if (ctx == NULL) {
@@ -442,7 +442,7 @@ tls13_legacy_accept(SSL *ssl)
442	int	442	int
443	tls13_legacy_connect(SSL *ssl)	443	tls13_legacy_connect(SSL *ssl)
444	{	444	{
445	struct tls13_ctx *ctx = ssl->internal->tls13;	445	struct tls13_ctx *ctx = ssl->tls13;
446	int ret;	446	int ret;
447		447
448	if (ctx == NULL) {	448	if (ctx == NULL) {
@@ -474,7 +474,7 @@ tls13_legacy_connect(SSL *ssl)
474	int	474	int
475	tls13_legacy_shutdown(SSL *ssl)	475	tls13_legacy_shutdown(SSL *ssl)
476	{	476	{
477	struct tls13_ctx *ctx = ssl->internal->tls13;	477	struct tls13_ctx *ctx = ssl->tls13;
478	uint8_t buf[512]; /* XXX */	478	uint8_t buf[512]; /* XXX */
479	ssize_t ret;	479	ssize_t ret;
480		480
@@ -484,15 +484,15 @@ tls13_legacy_shutdown(SSL *ssl)
484	* alerts. All other cases, including EOF, return -1 and set internal	484	* alerts. All other cases, including EOF, return -1 and set internal
485	* state appropriately.	485	* state appropriately.
486	*/	486	*/
487	if (ctx == NULL \|\| ssl->internal->quiet_shutdown) {	487	if (ctx == NULL \|\| ssl->quiet_shutdown) {
488	ssl->internal->shutdown = SSL_SENT_SHUTDOWN \| SSL_RECEIVED_SHUTDOWN;	488	ssl->shutdown = SSL_SENT_SHUTDOWN \| SSL_RECEIVED_SHUTDOWN;
489	return 1;	489	return 1;
490	}	490	}
491		491
492	if (!ctx->close_notify_sent) {	492	if (!ctx->close_notify_sent) {
493	/* Enqueue and send close notify. */	493	/* Enqueue and send close notify. */
494	if (!(ssl->internal->shutdown & SSL_SENT_SHUTDOWN)) {	494	if (!(ssl->shutdown & SSL_SENT_SHUTDOWN)) {
495	ssl->internal->shutdown \|= SSL_SENT_SHUTDOWN;	495	ssl->shutdown \|= SSL_SENT_SHUTDOWN;
496	if ((ret = tls13_send_alert(ctx->rl,	496	if ((ret = tls13_send_alert(ctx->rl,
497	TLS13_ALERT_CLOSE_NOTIFY)) < 0)	497	TLS13_ALERT_CLOSE_NOTIFY)) < 0)
498	return tls13_legacy_return_code(ssl, ret);	498	return tls13_legacy_return_code(ssl, ret);
@@ -533,13 +533,13 @@ tls13_legacy_servername_process(struct tls13_ctx ctx, uint8_t alert)
533	SSL_CTX *ssl_ctx = ctx->ssl->ctx;	533	SSL_CTX *ssl_ctx = ctx->ssl->ctx;
534	SSL *s = ctx->ssl;	534	SSL *s = ctx->ssl;
535		535
536	if (ssl_ctx->internal->tlsext_servername_callback == NULL)	536	if (ssl_ctx->tlsext_servername_callback == NULL)
537	ssl_ctx = s->initial_ctx;	537	ssl_ctx = s->initial_ctx;
538	if (ssl_ctx->internal->tlsext_servername_callback == NULL)	538	if (ssl_ctx->tlsext_servername_callback == NULL)
539	return 1;	539	return 1;
540		540
541	ret = ssl_ctx->internal->tlsext_servername_callback(s, &legacy_alert,	541	ret = ssl_ctx->tlsext_servername_callback(s, &legacy_alert,
542	ssl_ctx->internal->tlsext_servername_arg);	542	ssl_ctx->tlsext_servername_arg);
543		543
544	/*	544	/*
545	* Ignore SSL_TLSEXT_ERR_ALERT_WARNING returns to match OpenSSL's	545	* Ignore SSL_TLSEXT_ERR_ALERT_WARNING returns to match OpenSSL's