summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/lib/libssl/d1_clnt.c5
-rw-r--r--src/lib/libssl/ssl_both.c7
-rw-r--r--src/lib/libssl/ssl_clnt.c24
-rw-r--r--src/lib/libssl/ssl_locl.h4
-rw-r--r--src/lib/libssl/ssl_methods.c23
-rw-r--r--src/lib/libssl/ssl_srvr.c11
6 files changed, 27 insertions, 47 deletions
diff --git a/src/lib/libssl/d1_clnt.c b/src/lib/libssl/d1_clnt.c
index ee21a1bebc..b660589d06 100644
--- a/src/lib/libssl/d1_clnt.c
+++ b/src/lib/libssl/d1_clnt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: d1_clnt.c,v 1.82 2018/11/05 05:45:15 jsing Exp $ */ 1/* $OpenBSD: d1_clnt.c,v 1.83 2020/01/23 10:48:37 jsing Exp $ */
2/* 2/*
3 * DTLS implementation written by Nagendra Modadugu 3 * DTLS implementation written by Nagendra Modadugu
4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. 4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -136,9 +136,8 @@ dtls1_get_hello_verify(SSL *s)
136 uint16_t ssl_version; 136 uint16_t ssl_version;
137 CBS hello_verify_request, cookie; 137 CBS hello_verify_request, cookie;
138 138
139 n = s->method->internal->ssl_get_message(s, DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A, 139 n = ssl3_get_message(s, DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A,
140 DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B, -1, s->internal->max_cert_list, &ok); 140 DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B, -1, s->internal->max_cert_list, &ok);
141
142 if (!ok) 141 if (!ok)
143 return ((int)n); 142 return ((int)n);
144 143
diff --git a/src/lib/libssl/ssl_both.c b/src/lib/libssl/ssl_both.c
index 6bd5f08111..8ec94542c2 100644
--- a/src/lib/libssl/ssl_both.c
+++ b/src/lib/libssl/ssl_both.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_both.c,v 1.15 2019/03/25 16:35:48 jsing Exp $ */ 1/* $OpenBSD: ssl_both.c,v 1.16 2020/01/23 10:48:37 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -248,7 +248,7 @@ ssl3_get_finished(SSL *s, int a, int b)
248 CBS cbs; 248 CBS cbs;
249 249
250 /* should actually be 36+4 :-) */ 250 /* should actually be 36+4 :-) */
251 n = s->method->internal->ssl_get_message(s, a, b, SSL3_MT_FINISHED, 64, &ok); 251 n = ssl3_get_message(s, a, b, SSL3_MT_FINISHED, 64, &ok);
252 if (!ok) 252 if (!ok)
253 return ((int)n); 253 return ((int)n);
254 254
@@ -447,6 +447,9 @@ ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
447 CBS cbs; 447 CBS cbs;
448 uint8_t u8; 448 uint8_t u8;
449 449
450 if (SSL_IS_DTLS(s))
451 return (dtls1_get_message(s, st1, stn, mt, max, ok));
452
450 if (S3I(s)->tmp.reuse_message) { 453 if (S3I(s)->tmp.reuse_message) {
451 S3I(s)->tmp.reuse_message = 0; 454 S3I(s)->tmp.reuse_message = 0;
452 if ((mt >= 0) && (S3I(s)->tmp.message_type != mt)) { 455 if ((mt >= 0) && (S3I(s)->tmp.message_type != mt)) {
diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c
index 90aa80f522..22e02735c8 100644
--- a/src/lib/libssl/ssl_clnt.c
+++ b/src/lib/libssl/ssl_clnt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_clnt.c,v 1.61 2019/03/31 15:49:03 jsing Exp $ */ 1/* $OpenBSD: ssl_clnt.c,v 1.62 2020/01/23 10:48:37 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -811,7 +811,7 @@ ssl3_get_server_hello(SSL *s)
811 long n; 811 long n;
812 812
813 s->internal->first_packet = 1; 813 s->internal->first_packet = 1;
814 n = s->method->internal->ssl_get_message(s, SSL3_ST_CR_SRVR_HELLO_A, 814 n = ssl3_get_message(s, SSL3_ST_CR_SRVR_HELLO_A,
815 SSL3_ST_CR_SRVR_HELLO_B, -1, 20000, /* ?? */ &ok); 815 SSL3_ST_CR_SRVR_HELLO_B, -1, 20000, /* ?? */ &ok);
816 if (!ok) 816 if (!ok)
817 return ((int)n); 817 return ((int)n);
@@ -1048,9 +1048,8 @@ ssl3_get_server_certificate(SSL *s)
1048 SESS_CERT *sc; 1048 SESS_CERT *sc;
1049 EVP_PKEY *pkey = NULL; 1049 EVP_PKEY *pkey = NULL;
1050 1050
1051 n = s->method->internal->ssl_get_message(s, SSL3_ST_CR_CERT_A, 1051 n = ssl3_get_message(s, SSL3_ST_CR_CERT_A,
1052 SSL3_ST_CR_CERT_B, -1, s->internal->max_cert_list, &ok); 1052 SSL3_ST_CR_CERT_B, -1, s->internal->max_cert_list, &ok);
1053
1054 if (!ok) 1053 if (!ok)
1055 return ((int)n); 1054 return ((int)n);
1056 1055
@@ -1443,7 +1442,7 @@ ssl3_get_server_key_exchange(SSL *s)
1443 * Use same message size as in ssl3_get_certificate_request() 1442 * Use same message size as in ssl3_get_certificate_request()
1444 * as ServerKeyExchange message may be skipped. 1443 * as ServerKeyExchange message may be skipped.
1445 */ 1444 */
1446 n = s->method->internal->ssl_get_message(s, SSL3_ST_CR_KEY_EXCH_A, 1445 n = ssl3_get_message(s, SSL3_ST_CR_KEY_EXCH_A,
1447 SSL3_ST_CR_KEY_EXCH_B, -1, s->internal->max_cert_list, &ok); 1446 SSL3_ST_CR_KEY_EXCH_B, -1, s->internal->max_cert_list, &ok);
1448 if (!ok) 1447 if (!ok)
1449 return ((int)n); 1448 return ((int)n);
@@ -1611,9 +1610,8 @@ ssl3_get_certificate_request(SSL *s)
1611 const unsigned char *q; 1610 const unsigned char *q;
1612 STACK_OF(X509_NAME) *ca_sk = NULL; 1611 STACK_OF(X509_NAME) *ca_sk = NULL;
1613 1612
1614 n = s->method->internal->ssl_get_message(s, SSL3_ST_CR_CERT_REQ_A, 1613 n = ssl3_get_message(s, SSL3_ST_CR_CERT_REQ_A,
1615 SSL3_ST_CR_CERT_REQ_B, -1, s->internal->max_cert_list, &ok); 1614 SSL3_ST_CR_CERT_REQ_B, -1, s->internal->max_cert_list, &ok);
1616
1617 if (!ok) 1615 if (!ok)
1618 return ((int)n); 1616 return ((int)n);
1619 1617
@@ -1765,7 +1763,7 @@ ssl3_get_new_session_ticket(SSL *s)
1765 long n; 1763 long n;
1766 CBS cbs, session_ticket; 1764 CBS cbs, session_ticket;
1767 1765
1768 n = s->method->internal->ssl_get_message(s, SSL3_ST_CR_SESSION_TICKET_A, 1766 n = ssl3_get_message(s, SSL3_ST_CR_SESSION_TICKET_A,
1769 SSL3_ST_CR_SESSION_TICKET_B, -1, 16384, &ok); 1767 SSL3_ST_CR_SESSION_TICKET_B, -1, 16384, &ok);
1770 if (!ok) 1768 if (!ok)
1771 return ((int)n); 1769 return ((int)n);
@@ -1841,10 +1839,9 @@ ssl3_get_cert_status(SSL *s)
1841 long n; 1839 long n;
1842 uint8_t status_type; 1840 uint8_t status_type;
1843 1841
1844 n = s->method->internal->ssl_get_message(s, SSL3_ST_CR_CERT_STATUS_A, 1842 n = ssl3_get_message(s, SSL3_ST_CR_CERT_STATUS_A,
1845 SSL3_ST_CR_CERT_STATUS_B, SSL3_MT_CERTIFICATE_STATUS, 1843 SSL3_ST_CR_CERT_STATUS_B, SSL3_MT_CERTIFICATE_STATUS,
1846 16384, &ok); 1844 16384, &ok);
1847
1848 if (!ok) 1845 if (!ok)
1849 return ((int)n); 1846 return ((int)n);
1850 1847
@@ -1913,12 +1910,12 @@ ssl3_get_server_done(SSL *s)
1913 int ok, ret = 0; 1910 int ok, ret = 0;
1914 long n; 1911 long n;
1915 1912
1916 n = s->method->internal->ssl_get_message(s, SSL3_ST_CR_SRVR_DONE_A, 1913 n = ssl3_get_message(s, SSL3_ST_CR_SRVR_DONE_A,
1917 SSL3_ST_CR_SRVR_DONE_B, SSL3_MT_SERVER_DONE, 1914 SSL3_ST_CR_SRVR_DONE_B, SSL3_MT_SERVER_DONE,
1918 30, /* should be very small, like 0 :-) */ &ok); 1915 30, /* should be very small, like 0 :-) */ &ok);
1919
1920 if (!ok) 1916 if (!ok)
1921 return ((int)n); 1917 return ((int)n);
1918
1922 if (n > 0) { 1919 if (n > 0) {
1923 /* should contain no data */ 1920 /* should contain no data */
1924 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR); 1921 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
@@ -2796,10 +2793,11 @@ ssl3_check_finished(SSL *s)
2796 return (1); 2793 return (1);
2797 /* this function is called when we really expect a Certificate 2794 /* this function is called when we really expect a Certificate
2798 * message, so permit appropriate message length */ 2795 * message, so permit appropriate message length */
2799 n = s->method->internal->ssl_get_message(s, SSL3_ST_CR_CERT_A, 2796 n = ssl3_get_message(s, SSL3_ST_CR_CERT_A,
2800 SSL3_ST_CR_CERT_B, -1, s->internal->max_cert_list, &ok); 2797 SSL3_ST_CR_CERT_B, -1, s->internal->max_cert_list, &ok);
2801 if (!ok) 2798 if (!ok)
2802 return ((int)n); 2799 return ((int)n);
2800
2803 S3I(s)->tmp.reuse_message = 1; 2801 S3I(s)->tmp.reuse_message = 1;
2804 if ((S3I(s)->tmp.message_type == SSL3_MT_FINISHED) || 2802 if ((S3I(s)->tmp.message_type == SSL3_MT_FINISHED) ||
2805 (S3I(s)->tmp.message_type == SSL3_MT_NEWSESSION_TICKET)) 2803 (S3I(s)->tmp.message_type == SSL3_MT_NEWSESSION_TICKET))
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index 6703e8feee..cd6f13d127 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_locl.h,v 1.255 2020/01/23 10:40:59 jsing Exp $ */ 1/* $OpenBSD: ssl_locl.h,v 1.256 2020/01/23 10:48:37 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -393,8 +393,6 @@ typedef struct ssl_method_internal_st {
393 int (*ssl_renegotiate)(SSL *s); 393 int (*ssl_renegotiate)(SSL *s);
394 int (*ssl_renegotiate_check)(SSL *s); 394 int (*ssl_renegotiate_check)(SSL *s);
395 395
396 long (*ssl_get_message)(SSL *s, int st1, int stn, int mt,
397 long max, int *ok);
398 int (*ssl_pending)(const SSL *s); 396 int (*ssl_pending)(const SSL *s);
399 int (*ssl_read_bytes)(SSL *s, int type, unsigned char *buf, int len, 397 int (*ssl_read_bytes)(SSL *s, int type, unsigned char *buf, int len,
400 int peek); 398 int peek);
diff --git a/src/lib/libssl/ssl_methods.c b/src/lib/libssl/ssl_methods.c
index 8e4b678d3a..208de33c01 100644
--- a/src/lib/libssl/ssl_methods.c
+++ b/src/lib/libssl/ssl_methods.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_methods.c,v 1.10 2020/01/23 05:08:30 jsing Exp $ */ 1/* $OpenBSD: ssl_methods.c,v 1.11 2020/01/23 10:48:37 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -74,7 +74,6 @@ static const SSL_METHOD_INTERNAL DTLSv1_client_method_internal_data = {
74 .ssl_version = ssl_undefined_void_function, 74 .ssl_version = ssl_undefined_void_function,
75 .ssl_renegotiate = ssl3_renegotiate, 75 .ssl_renegotiate = ssl3_renegotiate,
76 .ssl_renegotiate_check = ssl3_renegotiate_check, 76 .ssl_renegotiate_check = ssl3_renegotiate_check,
77 .ssl_get_message = dtls1_get_message,
78 .ssl_pending = ssl3_pending, 77 .ssl_pending = ssl3_pending,
79 .ssl_read_bytes = dtls1_read_bytes, 78 .ssl_read_bytes = dtls1_read_bytes,
80 .ssl_write_bytes = dtls1_write_app_data_bytes, 79 .ssl_write_bytes = dtls1_write_app_data_bytes,
@@ -127,7 +126,6 @@ static const SSL_METHOD_INTERNAL DTLSv1_method_internal_data = {
127 .ssl_version = ssl_undefined_void_function, 126 .ssl_version = ssl_undefined_void_function,
128 .ssl_renegotiate = ssl3_renegotiate, 127 .ssl_renegotiate = ssl3_renegotiate,
129 .ssl_renegotiate_check = ssl3_renegotiate_check, 128 .ssl_renegotiate_check = ssl3_renegotiate_check,
130 .ssl_get_message = dtls1_get_message,
131 .ssl_pending = ssl3_pending, 129 .ssl_pending = ssl3_pending,
132 .ssl_read_bytes = dtls1_read_bytes, 130 .ssl_read_bytes = dtls1_read_bytes,
133 .ssl_write_bytes = dtls1_write_app_data_bytes, 131 .ssl_write_bytes = dtls1_write_app_data_bytes,
@@ -178,7 +176,6 @@ static const SSL_METHOD_INTERNAL DTLSv1_server_method_internal_data = {
178 .ssl_version = ssl_undefined_void_function, 176 .ssl_version = ssl_undefined_void_function,
179 .ssl_renegotiate = ssl3_renegotiate, 177 .ssl_renegotiate = ssl3_renegotiate,
180 .ssl_renegotiate_check = ssl3_renegotiate_check, 178 .ssl_renegotiate_check = ssl3_renegotiate_check,
181 .ssl_get_message = dtls1_get_message,
182 .ssl_pending = ssl3_pending, 179 .ssl_pending = ssl3_pending,
183 .ssl_read_bytes = dtls1_read_bytes, 180 .ssl_read_bytes = dtls1_read_bytes,
184 .ssl_write_bytes = dtls1_write_app_data_bytes, 181 .ssl_write_bytes = dtls1_write_app_data_bytes,
@@ -230,11 +227,10 @@ static const SSL_METHOD_INTERNAL TLS_client_method_internal_data = {
230 .ssl_version = ssl_undefined_void_function, 227 .ssl_version = ssl_undefined_void_function,
231 .ssl_renegotiate = ssl_undefined_function, 228 .ssl_renegotiate = ssl_undefined_function,
232 .ssl_renegotiate_check = ssl_ok, 229 .ssl_renegotiate_check = ssl_ok,
233 .ssl_get_message = ssl3_get_message,
234 .ssl_pending = tls13_legacy_pending, 230 .ssl_pending = tls13_legacy_pending,
235 .ssl_read_bytes = tls13_legacy_read_bytes, 231 .ssl_read_bytes = tls13_legacy_read_bytes,
236 .ssl_write_bytes = tls13_legacy_write_bytes, 232 .ssl_write_bytes = tls13_legacy_write_bytes,
237 .ssl3_enc = &TLSv1_2_enc_data, 233 .ssl3_enc = &TLSv1_3_enc_data,
238}; 234};
239 235
240static const SSL_METHOD TLS_client_method_data = { 236static const SSL_METHOD TLS_client_method_data = {
@@ -262,7 +258,6 @@ static const SSL_METHOD_INTERNAL TLS_legacy_client_method_internal_data = {
262 .ssl_version = ssl_undefined_void_function, 258 .ssl_version = ssl_undefined_void_function,
263 .ssl_renegotiate = ssl_undefined_function, 259 .ssl_renegotiate = ssl_undefined_function,
264 .ssl_renegotiate_check = ssl_ok, 260 .ssl_renegotiate_check = ssl_ok,
265 .ssl_get_message = ssl3_get_message,
266 .ssl_pending = ssl3_pending, 261 .ssl_pending = ssl3_pending,
267 .ssl_read_bytes = ssl3_read_bytes, 262 .ssl_read_bytes = ssl3_read_bytes,
268 .ssl_write_bytes = ssl3_write_bytes, 263 .ssl_write_bytes = ssl3_write_bytes,
@@ -293,7 +288,6 @@ static const SSL_METHOD_INTERNAL TLSv1_client_method_internal_data = {
293 .ssl_version = ssl_undefined_void_function, 288 .ssl_version = ssl_undefined_void_function,
294 .ssl_renegotiate = ssl3_renegotiate, 289 .ssl_renegotiate = ssl3_renegotiate,
295 .ssl_renegotiate_check = ssl3_renegotiate_check, 290 .ssl_renegotiate_check = ssl3_renegotiate_check,
296 .ssl_get_message = ssl3_get_message,
297 .ssl_pending = ssl3_pending, 291 .ssl_pending = ssl3_pending,
298 .ssl_read_bytes = ssl3_read_bytes, 292 .ssl_read_bytes = ssl3_read_bytes,
299 .ssl_write_bytes = ssl3_write_bytes, 293 .ssl_write_bytes = ssl3_write_bytes,
@@ -324,7 +318,6 @@ static const SSL_METHOD_INTERNAL TLSv1_1_client_method_internal_data = {
324 .ssl_version = ssl_undefined_void_function, 318 .ssl_version = ssl_undefined_void_function,
325 .ssl_renegotiate = ssl3_renegotiate, 319 .ssl_renegotiate = ssl3_renegotiate,
326 .ssl_renegotiate_check = ssl3_renegotiate_check, 320 .ssl_renegotiate_check = ssl3_renegotiate_check,
327 .ssl_get_message = ssl3_get_message,
328 .ssl_pending = ssl3_pending, 321 .ssl_pending = ssl3_pending,
329 .ssl_read_bytes = ssl3_read_bytes, 322 .ssl_read_bytes = ssl3_read_bytes,
330 .ssl_write_bytes = ssl3_write_bytes, 323 .ssl_write_bytes = ssl3_write_bytes,
@@ -355,7 +348,6 @@ static const SSL_METHOD_INTERNAL TLSv1_2_client_method_internal_data = {
355 .ssl_version = ssl_undefined_void_function, 348 .ssl_version = ssl_undefined_void_function,
356 .ssl_renegotiate = ssl3_renegotiate, 349 .ssl_renegotiate = ssl3_renegotiate,
357 .ssl_renegotiate_check = ssl3_renegotiate_check, 350 .ssl_renegotiate_check = ssl3_renegotiate_check,
358 .ssl_get_message = ssl3_get_message,
359 .ssl_pending = ssl3_pending, 351 .ssl_pending = ssl3_pending,
360 .ssl_read_bytes = ssl3_read_bytes, 352 .ssl_read_bytes = ssl3_read_bytes,
361 .ssl_write_bytes = ssl3_write_bytes, 353 .ssl_write_bytes = ssl3_write_bytes,
@@ -440,7 +432,6 @@ static const SSL_METHOD_INTERNAL TLS_method_internal_data = {
440 .ssl_version = ssl_undefined_void_function, 432 .ssl_version = ssl_undefined_void_function,
441 .ssl_renegotiate = ssl_undefined_function, 433 .ssl_renegotiate = ssl_undefined_function,
442 .ssl_renegotiate_check = ssl_ok, 434 .ssl_renegotiate_check = ssl_ok,
443 .ssl_get_message = ssl3_get_message,
444 .ssl_pending = ssl3_pending, 435 .ssl_pending = ssl3_pending,
445 .ssl_read_bytes = ssl3_read_bytes, 436 .ssl_read_bytes = ssl3_read_bytes,
446 .ssl_write_bytes = ssl3_write_bytes, 437 .ssl_write_bytes = ssl3_write_bytes,
@@ -471,7 +462,6 @@ static const SSL_METHOD_INTERNAL TLSv1_method_internal_data = {
471 .ssl_version = ssl_undefined_void_function, 462 .ssl_version = ssl_undefined_void_function,
472 .ssl_renegotiate = ssl3_renegotiate, 463 .ssl_renegotiate = ssl3_renegotiate,
473 .ssl_renegotiate_check = ssl3_renegotiate_check, 464 .ssl_renegotiate_check = ssl3_renegotiate_check,
474 .ssl_get_message = ssl3_get_message,
475 .ssl_pending = ssl3_pending, 465 .ssl_pending = ssl3_pending,
476 .ssl_read_bytes = ssl3_read_bytes, 466 .ssl_read_bytes = ssl3_read_bytes,
477 .ssl_write_bytes = ssl3_write_bytes, 467 .ssl_write_bytes = ssl3_write_bytes,
@@ -502,7 +492,6 @@ static const SSL_METHOD_INTERNAL TLSv1_1_method_internal_data = {
502 .ssl_version = ssl_undefined_void_function, 492 .ssl_version = ssl_undefined_void_function,
503 .ssl_renegotiate = ssl3_renegotiate, 493 .ssl_renegotiate = ssl3_renegotiate,
504 .ssl_renegotiate_check = ssl3_renegotiate_check, 494 .ssl_renegotiate_check = ssl3_renegotiate_check,
505 .ssl_get_message = ssl3_get_message,
506 .ssl_pending = ssl3_pending, 495 .ssl_pending = ssl3_pending,
507 .ssl_read_bytes = ssl3_read_bytes, 496 .ssl_read_bytes = ssl3_read_bytes,
508 .ssl_write_bytes = ssl3_write_bytes, 497 .ssl_write_bytes = ssl3_write_bytes,
@@ -533,7 +522,6 @@ static const SSL_METHOD_INTERNAL TLSv1_2_method_internal_data = {
533 .ssl_version = ssl_undefined_void_function, 522 .ssl_version = ssl_undefined_void_function,
534 .ssl_renegotiate = ssl3_renegotiate, 523 .ssl_renegotiate = ssl3_renegotiate,
535 .ssl_renegotiate_check = ssl3_renegotiate_check, 524 .ssl_renegotiate_check = ssl3_renegotiate_check,
536 .ssl_get_message = ssl3_get_message,
537 .ssl_pending = ssl3_pending, 525 .ssl_pending = ssl3_pending,
538 .ssl_read_bytes = ssl3_read_bytes, 526 .ssl_read_bytes = ssl3_read_bytes,
539 .ssl_write_bytes = ssl3_write_bytes, 527 .ssl_write_bytes = ssl3_write_bytes,
@@ -607,11 +595,10 @@ static const SSL_METHOD_INTERNAL TLS_server_method_internal_data = {
607 .ssl_version = ssl_undefined_void_function, 595 .ssl_version = ssl_undefined_void_function,
608 .ssl_renegotiate = ssl_undefined_function, 596 .ssl_renegotiate = ssl_undefined_function,
609 .ssl_renegotiate_check = ssl_ok, 597 .ssl_renegotiate_check = ssl_ok,
610 .ssl_get_message = ssl3_get_message,
611 .ssl_pending = tls13_legacy_pending, 598 .ssl_pending = tls13_legacy_pending,
612 .ssl_read_bytes = tls13_legacy_read_bytes, 599 .ssl_read_bytes = tls13_legacy_read_bytes,
613 .ssl_write_bytes = tls13_legacy_write_bytes, 600 .ssl_write_bytes = tls13_legacy_write_bytes,
614 .ssl3_enc = &TLSv1_2_enc_data, 601 .ssl3_enc = &TLSv1_3_enc_data,
615}; 602};
616 603
617static const SSL_METHOD TLS_server_method_data = { 604static const SSL_METHOD TLS_server_method_data = {
@@ -639,7 +626,6 @@ static const SSL_METHOD_INTERNAL TLS_legacy_server_method_internal_data = {
639 .ssl_version = ssl_undefined_void_function, 626 .ssl_version = ssl_undefined_void_function,
640 .ssl_renegotiate = ssl_undefined_function, 627 .ssl_renegotiate = ssl_undefined_function,
641 .ssl_renegotiate_check = ssl_ok, 628 .ssl_renegotiate_check = ssl_ok,
642 .ssl_get_message = ssl3_get_message,
643 .ssl_pending = ssl3_pending, 629 .ssl_pending = ssl3_pending,
644 .ssl_read_bytes = ssl3_read_bytes, 630 .ssl_read_bytes = ssl3_read_bytes,
645 .ssl_write_bytes = ssl3_write_bytes, 631 .ssl_write_bytes = ssl3_write_bytes,
@@ -670,7 +656,6 @@ static const SSL_METHOD_INTERNAL TLSv1_server_method_internal_data = {
670 .ssl_version = ssl_undefined_void_function, 656 .ssl_version = ssl_undefined_void_function,
671 .ssl_renegotiate = ssl3_renegotiate, 657 .ssl_renegotiate = ssl3_renegotiate,
672 .ssl_renegotiate_check = ssl3_renegotiate_check, 658 .ssl_renegotiate_check = ssl3_renegotiate_check,
673 .ssl_get_message = ssl3_get_message,
674 .ssl_pending = ssl3_pending, 659 .ssl_pending = ssl3_pending,
675 .ssl_read_bytes = ssl3_read_bytes, 660 .ssl_read_bytes = ssl3_read_bytes,
676 .ssl_write_bytes = ssl3_write_bytes, 661 .ssl_write_bytes = ssl3_write_bytes,
@@ -701,7 +686,6 @@ static const SSL_METHOD_INTERNAL TLSv1_1_server_method_internal_data = {
701 .ssl_version = ssl_undefined_void_function, 686 .ssl_version = ssl_undefined_void_function,
702 .ssl_renegotiate = ssl3_renegotiate, 687 .ssl_renegotiate = ssl3_renegotiate,
703 .ssl_renegotiate_check = ssl3_renegotiate_check, 688 .ssl_renegotiate_check = ssl3_renegotiate_check,
704 .ssl_get_message = ssl3_get_message,
705 .ssl_pending = ssl3_pending, 689 .ssl_pending = ssl3_pending,
706 .ssl_read_bytes = ssl3_read_bytes, 690 .ssl_read_bytes = ssl3_read_bytes,
707 .ssl_write_bytes = ssl3_write_bytes, 691 .ssl_write_bytes = ssl3_write_bytes,
@@ -732,7 +716,6 @@ static const SSL_METHOD_INTERNAL TLSv1_2_server_method_internal_data = {
732 .ssl_version = ssl_undefined_void_function, 716 .ssl_version = ssl_undefined_void_function,
733 .ssl_renegotiate = ssl3_renegotiate, 717 .ssl_renegotiate = ssl3_renegotiate,
734 .ssl_renegotiate_check = ssl3_renegotiate_check, 718 .ssl_renegotiate_check = ssl3_renegotiate_check,
735 .ssl_get_message = ssl3_get_message,
736 .ssl_pending = ssl3_pending, 719 .ssl_pending = ssl3_pending,
737 .ssl_read_bytes = ssl3_read_bytes, 720 .ssl_read_bytes = ssl3_read_bytes,
738 .ssl_write_bytes = ssl3_write_bytes, 721 .ssl_write_bytes = ssl3_write_bytes,
diff --git a/src/lib/libssl/ssl_srvr.c b/src/lib/libssl/ssl_srvr.c
index 26b24f4f22..6b49afe6a8 100644
--- a/src/lib/libssl/ssl_srvr.c
+++ b/src/lib/libssl/ssl_srvr.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_srvr.c,v 1.69 2020/01/23 08:04:50 beck Exp $ */ 1/* $OpenBSD: ssl_srvr.c,v 1.70 2020/01/23 10:48:37 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -815,7 +815,7 @@ ssl3_get_client_hello(SSL *s)
815 } 815 }
816 816
817 s->internal->first_packet = 1; 817 s->internal->first_packet = 1;
818 n = s->method->internal->ssl_get_message(s, SSL3_ST_SR_CLNT_HELLO_B, 818 n = ssl3_get_message(s, SSL3_ST_SR_CLNT_HELLO_B,
819 SSL3_ST_SR_CLNT_HELLO_C, SSL3_MT_CLIENT_HELLO, 819 SSL3_ST_SR_CLNT_HELLO_C, SSL3_MT_CLIENT_HELLO,
820 SSL3_RT_MAX_PLAIN_LENGTH, &ok); 820 SSL3_RT_MAX_PLAIN_LENGTH, &ok);
821 if (!ok) 821 if (!ok)
@@ -2060,7 +2060,7 @@ ssl3_get_client_key_exchange(SSL *s)
2060 long n; 2060 long n;
2061 2061
2062 /* 2048 maxlen is a guess. How long a key does that permit? */ 2062 /* 2048 maxlen is a guess. How long a key does that permit? */
2063 n = s->method->internal->ssl_get_message(s, SSL3_ST_SR_KEY_EXCH_A, 2063 n = ssl3_get_message(s, SSL3_ST_SR_KEY_EXCH_A,
2064 SSL3_ST_SR_KEY_EXCH_B, SSL3_MT_CLIENT_KEY_EXCHANGE, 2048, &ok); 2064 SSL3_ST_SR_KEY_EXCH_B, SSL3_MT_CLIENT_KEY_EXCHANGE, 2048, &ok);
2065 if (!ok) 2065 if (!ok)
2066 return ((int)n); 2066 return ((int)n);
@@ -2122,7 +2122,7 @@ ssl3_get_cert_verify(SSL *s)
2122 2122
2123 EVP_MD_CTX_init(&mctx); 2123 EVP_MD_CTX_init(&mctx);
2124 2124
2125 n = s->method->internal->ssl_get_message(s, SSL3_ST_SR_CERT_VRFY_A, 2125 n = ssl3_get_message(s, SSL3_ST_SR_CERT_VRFY_A,
2126 SSL3_ST_SR_CERT_VRFY_B, -1, SSL3_RT_MAX_PLAIN_LENGTH, &ok); 2126 SSL3_ST_SR_CERT_VRFY_B, -1, SSL3_RT_MAX_PLAIN_LENGTH, &ok);
2127 if (!ok) 2127 if (!ok)
2128 return ((int)n); 2128 return ((int)n);
@@ -2345,9 +2345,8 @@ ssl3_get_client_certificate(SSL *s)
2345 const unsigned char *q; 2345 const unsigned char *q;
2346 STACK_OF(X509) *sk = NULL; 2346 STACK_OF(X509) *sk = NULL;
2347 2347
2348 n = s->method->internal->ssl_get_message(s, SSL3_ST_SR_CERT_A, SSL3_ST_SR_CERT_B, 2348 n = ssl3_get_message(s, SSL3_ST_SR_CERT_A, SSL3_ST_SR_CERT_B,
2349 -1, s->internal->max_cert_list, &ok); 2349 -1, s->internal->max_cert_list, &ok);
2350
2351 if (!ok) 2350 if (!ok)
2352 return ((int)n); 2351 return ((int)n);
2353 2352
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-11-16 16:19:53 +0000