From 2ab1af323eb2251dedee9fcb3661f284ae62b640 Mon Sep 17 00:00:00 2001 From: jsing <> Date: Mon, 5 Nov 2018 05:45:15 +0000 Subject: Consolidate all of the SSL method structs/functions into a single file. Discussed with tb@ --- src/lib/libssl/Makefile | 8 +- src/lib/libssl/d1_clnt.c | 45 +-- src/lib/libssl/d1_meth.c | 109 ------- src/lib/libssl/d1_srvr.c | 45 +-- src/lib/libssl/ssl_methods.c | 666 +++++++++++++++++++++++++++++++++++++++++++ src/lib/libssl/t1_clnt.c | 223 --------------- src/lib/libssl/t1_meth.c | 223 --------------- src/lib/libssl/t1_srvr.c | 224 --------------- 8 files changed, 672 insertions(+), 871 deletions(-) delete mode 100644 src/lib/libssl/d1_meth.c create mode 100644 src/lib/libssl/ssl_methods.c delete mode 100644 src/lib/libssl/t1_clnt.c delete mode 100644 src/lib/libssl/t1_meth.c delete mode 100644 src/lib/libssl/t1_srvr.c (limited to 'src/lib') diff --git a/src/lib/libssl/Makefile b/src/lib/libssl/Makefile index 6a397a7df7..e912562a75 100644 --- a/src/lib/libssl/Makefile +++ b/src/lib/libssl/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.39 2018/03/17 16:20:01 beck Exp $ +# $OpenBSD: Makefile,v 1.40 2018/11/05 05:45:15 jsing Exp $ .include .ifndef NOMAN @@ -26,13 +26,13 @@ SYMBOL_LIST= ${.CURDIR}/Symbols.list SRCS= \ ssl_srvr.c ssl_clnt.c s3_lib.c ssl_pkt.c ssl_both.c \ - t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c t1_hash.c \ - d1_meth.c d1_srvr.c d1_clnt.c d1_lib.c d1_pkt.c \ + t1_lib.c t1_enc.c t1_hash.c \ + d1_srvr.c d1_clnt.c d1_lib.c d1_pkt.c \ d1_both.c d1_enc.c d1_srtp.c \ ssl_lib.c ssl_cert.c ssl_sess.c \ ssl_ciph.c ssl_stat.c ssl_rsa.c \ ssl_asn1.c ssl_txt.c ssl_algs.c \ - bio_ssl.c ssl_err.c \ + bio_ssl.c ssl_err.c ssl_methods.c \ ssl_packet.c ssl_tlsext.c ssl_versions.c pqueue.c ssl_init.c SRCS+= s3_cbc.c SRCS+= bs_ber.c bs_cbb.c bs_cbs.c diff --git a/src/lib/libssl/d1_clnt.c b/src/lib/libssl/d1_clnt.c index 8f60f4a8c4..ee21a1bebc 100644 --- a/src/lib/libssl/d1_clnt.c +++ b/src/lib/libssl/d1_clnt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: d1_clnt.c,v 1.81 2018/08/30 16:56:16 jsing Exp $ */ +/* $OpenBSD: d1_clnt.c,v 1.82 2018/11/05 05:45:15 jsing Exp $ */ /* * DTLS implementation written by Nagendra Modadugu * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. @@ -127,49 +127,6 @@ #include "bytestring.h" -static const SSL_METHOD_INTERNAL DTLSv1_client_method_internal_data = { - .version = DTLS1_VERSION, - .min_version = DTLS1_VERSION, - .max_version = DTLS1_VERSION, - .ssl_new = dtls1_new, - .ssl_clear = dtls1_clear, - .ssl_free = dtls1_free, - .ssl_accept = ssl_undefined_function, - .ssl_connect = ssl3_connect, - .get_ssl_method = dtls1_get_client_method, - .get_timeout = dtls1_default_timeout, - .ssl_version = ssl_undefined_void_function, - .ssl_renegotiate = ssl3_renegotiate, - .ssl_renegotiate_check = ssl3_renegotiate_check, - .ssl_get_message = dtls1_get_message, - .ssl_read_bytes = dtls1_read_bytes, - .ssl_write_bytes = dtls1_write_app_data_bytes, - .ssl3_enc = &DTLSv1_enc_data, -}; - -static const SSL_METHOD DTLSv1_client_method_data = { - .ssl_dispatch_alert = dtls1_dispatch_alert, - .num_ciphers = ssl3_num_ciphers, - .get_cipher = dtls1_get_cipher, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl3_put_cipher_by_char, - .internal = &DTLSv1_client_method_internal_data, -}; - -const SSL_METHOD * -DTLSv1_client_method(void) -{ - return &DTLSv1_client_method_data; -} - -const SSL_METHOD * -dtls1_get_client_method(int ver) -{ - if (ver == DTLS1_VERSION) - return (DTLSv1_client_method()); - return (NULL); -} - int dtls1_get_hello_verify(SSL *s) { diff --git a/src/lib/libssl/d1_meth.c b/src/lib/libssl/d1_meth.c deleted file mode 100644 index e157dc4d93..0000000000 --- a/src/lib/libssl/d1_meth.c +++ /dev/null @@ -1,109 +0,0 @@ -/* $OpenBSD: d1_meth.c,v 1.17 2018/08/30 16:56:16 jsing Exp $ */ -/* - * DTLS implementation written by Nagendra Modadugu - * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. - */ -/* ==================================================================== - * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include - -#include "ssl_locl.h" - -static const SSL_METHOD *dtls1_get_method(int ver); - -static const SSL_METHOD_INTERNAL DTLSv1_method_internal_data = { - .version = DTLS1_VERSION, - .min_version = DTLS1_VERSION, - .max_version = DTLS1_VERSION, - .ssl_new = dtls1_new, - .ssl_clear = dtls1_clear, - .ssl_free = dtls1_free, - .ssl_accept = ssl3_accept, - .ssl_connect = ssl3_connect, - .get_ssl_method = dtls1_get_method, - .get_timeout = dtls1_default_timeout, - .ssl_version = ssl_undefined_void_function, - .ssl_renegotiate = ssl3_renegotiate, - .ssl_renegotiate_check = ssl3_renegotiate_check, - .ssl_get_message = dtls1_get_message, - .ssl_read_bytes = dtls1_read_bytes, - .ssl_write_bytes = dtls1_write_app_data_bytes, - .ssl3_enc = &DTLSv1_enc_data, -}; - -static const SSL_METHOD DTLSv1_method_data = { - .ssl_dispatch_alert = dtls1_dispatch_alert, - .num_ciphers = ssl3_num_ciphers, - .get_cipher = dtls1_get_cipher, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl3_put_cipher_by_char, - .internal = &DTLSv1_method_internal_data, -}; - -const SSL_METHOD * -DTLSv1_method(void) -{ - return &DTLSv1_method_data; -} - -static const SSL_METHOD * -dtls1_get_method(int ver) -{ - if (ver == DTLS1_VERSION) - return (DTLSv1_method()); - return (NULL); -} diff --git a/src/lib/libssl/d1_srvr.c b/src/lib/libssl/d1_srvr.c index c0ee0d00aa..1a1ee5429e 100644 --- a/src/lib/libssl/d1_srvr.c +++ b/src/lib/libssl/d1_srvr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: d1_srvr.c,v 1.94 2018/08/30 16:56:16 jsing Exp $ */ +/* $OpenBSD: d1_srvr.c,v 1.95 2018/11/05 05:45:15 jsing Exp $ */ /* * DTLS implementation written by Nagendra Modadugu * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. @@ -125,49 +125,6 @@ #include #include -static const SSL_METHOD_INTERNAL DTLSv1_server_method_internal_data = { - .version = DTLS1_VERSION, - .min_version = DTLS1_VERSION, - .max_version = DTLS1_VERSION, - .ssl_new = dtls1_new, - .ssl_clear = dtls1_clear, - .ssl_free = dtls1_free, - .ssl_accept = ssl3_accept, - .ssl_connect = ssl_undefined_function, - .get_ssl_method = dtls1_get_server_method, - .get_timeout = dtls1_default_timeout, - .ssl_version = ssl_undefined_void_function, - .ssl_renegotiate = ssl3_renegotiate, - .ssl_renegotiate_check = ssl3_renegotiate_check, - .ssl_get_message = dtls1_get_message, - .ssl_read_bytes = dtls1_read_bytes, - .ssl_write_bytes = dtls1_write_app_data_bytes, - .ssl3_enc = &DTLSv1_enc_data, -}; - -static const SSL_METHOD DTLSv1_server_method_data = { - .ssl_dispatch_alert = dtls1_dispatch_alert, - .num_ciphers = ssl3_num_ciphers, - .get_cipher = dtls1_get_cipher, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl3_put_cipher_by_char, - .internal = &DTLSv1_server_method_internal_data, -}; - -const SSL_METHOD * -DTLSv1_server_method(void) -{ - return &DTLSv1_server_method_data; -} - -const SSL_METHOD * -dtls1_get_server_method(int ver) -{ - if (ver == DTLS1_VERSION) - return (DTLSv1_server_method()); - return (NULL); -} - int dtls1_send_hello_verify_request(SSL *s) { diff --git a/src/lib/libssl/ssl_methods.c b/src/lib/libssl/ssl_methods.c new file mode 100644 index 0000000000..3e9f18bc40 --- /dev/null +++ b/src/lib/libssl/ssl_methods.c @@ -0,0 +1,666 @@ +/* $OpenBSD: ssl_methods.c,v 1.1 2018/11/05 05:45:15 jsing Exp $ */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "ssl_locl.h" + +static const SSL_METHOD_INTERNAL DTLSv1_client_method_internal_data = { + .version = DTLS1_VERSION, + .min_version = DTLS1_VERSION, + .max_version = DTLS1_VERSION, + .ssl_new = dtls1_new, + .ssl_clear = dtls1_clear, + .ssl_free = dtls1_free, + .ssl_accept = ssl_undefined_function, + .ssl_connect = ssl3_connect, + .get_ssl_method = dtls1_get_client_method, + .get_timeout = dtls1_default_timeout, + .ssl_version = ssl_undefined_void_function, + .ssl_renegotiate = ssl3_renegotiate, + .ssl_renegotiate_check = ssl3_renegotiate_check, + .ssl_get_message = dtls1_get_message, + .ssl_read_bytes = dtls1_read_bytes, + .ssl_write_bytes = dtls1_write_app_data_bytes, + .ssl3_enc = &DTLSv1_enc_data, +}; + +static const SSL_METHOD DTLSv1_client_method_data = { + .ssl_dispatch_alert = dtls1_dispatch_alert, + .num_ciphers = ssl3_num_ciphers, + .get_cipher = dtls1_get_cipher, + .get_cipher_by_char = ssl3_get_cipher_by_char, + .put_cipher_by_char = ssl3_put_cipher_by_char, + .internal = &DTLSv1_client_method_internal_data, +}; + +const SSL_METHOD * +DTLSv1_client_method(void) +{ + return &DTLSv1_client_method_data; +} + +const SSL_METHOD * +dtls1_get_client_method(int ver) +{ + if (ver == DTLS1_VERSION) + return (DTLSv1_client_method()); + return (NULL); +} + +static const SSL_METHOD *dtls1_get_method(int ver); + +static const SSL_METHOD_INTERNAL DTLSv1_method_internal_data = { + .version = DTLS1_VERSION, + .min_version = DTLS1_VERSION, + .max_version = DTLS1_VERSION, + .ssl_new = dtls1_new, + .ssl_clear = dtls1_clear, + .ssl_free = dtls1_free, + .ssl_accept = ssl3_accept, + .ssl_connect = ssl3_connect, + .get_ssl_method = dtls1_get_method, + .get_timeout = dtls1_default_timeout, + .ssl_version = ssl_undefined_void_function, + .ssl_renegotiate = ssl3_renegotiate, + .ssl_renegotiate_check = ssl3_renegotiate_check, + .ssl_get_message = dtls1_get_message, + .ssl_read_bytes = dtls1_read_bytes, + .ssl_write_bytes = dtls1_write_app_data_bytes, + .ssl3_enc = &DTLSv1_enc_data, +}; + +static const SSL_METHOD DTLSv1_method_data = { + .ssl_dispatch_alert = dtls1_dispatch_alert, + .num_ciphers = ssl3_num_ciphers, + .get_cipher = dtls1_get_cipher, + .get_cipher_by_char = ssl3_get_cipher_by_char, + .put_cipher_by_char = ssl3_put_cipher_by_char, + .internal = &DTLSv1_method_internal_data, +}; + +const SSL_METHOD * +DTLSv1_method(void) +{ + return &DTLSv1_method_data; +} + +static const SSL_METHOD * +dtls1_get_method(int ver) +{ + if (ver == DTLS1_VERSION) + return (DTLSv1_method()); + return (NULL); +} + +static const SSL_METHOD_INTERNAL DTLSv1_server_method_internal_data = { + .version = DTLS1_VERSION, + .min_version = DTLS1_VERSION, + .max_version = DTLS1_VERSION, + .ssl_new = dtls1_new, + .ssl_clear = dtls1_clear, + .ssl_free = dtls1_free, + .ssl_accept = ssl3_accept, + .ssl_connect = ssl_undefined_function, + .get_ssl_method = dtls1_get_server_method, + .get_timeout = dtls1_default_timeout, + .ssl_version = ssl_undefined_void_function, + .ssl_renegotiate = ssl3_renegotiate, + .ssl_renegotiate_check = ssl3_renegotiate_check, + .ssl_get_message = dtls1_get_message, + .ssl_read_bytes = dtls1_read_bytes, + .ssl_write_bytes = dtls1_write_app_data_bytes, + .ssl3_enc = &DTLSv1_enc_data, +}; + +static const SSL_METHOD DTLSv1_server_method_data = { + .ssl_dispatch_alert = dtls1_dispatch_alert, + .num_ciphers = ssl3_num_ciphers, + .get_cipher = dtls1_get_cipher, + .get_cipher_by_char = ssl3_get_cipher_by_char, + .put_cipher_by_char = ssl3_put_cipher_by_char, + .internal = &DTLSv1_server_method_internal_data, +}; + +const SSL_METHOD * +DTLSv1_server_method(void) +{ + return &DTLSv1_server_method_data; +} + +const SSL_METHOD * +dtls1_get_server_method(int ver) +{ + if (ver == DTLS1_VERSION) + return (DTLSv1_server_method()); + return (NULL); +} + +static const SSL_METHOD_INTERNAL TLS_client_method_internal_data = { + .version = TLS1_2_VERSION, + .min_version = TLS1_VERSION, + .max_version = TLS1_2_VERSION, + .ssl_new = tls1_new, + .ssl_clear = tls1_clear, + .ssl_free = tls1_free, + .ssl_accept = ssl_undefined_function, + .ssl_connect = ssl3_connect, + .get_ssl_method = tls1_get_client_method, + .get_timeout = tls1_default_timeout, + .ssl_version = ssl_undefined_void_function, + .ssl_renegotiate = ssl_undefined_function, + .ssl_renegotiate_check = ssl_ok, + .ssl_get_message = ssl3_get_message, + .ssl_read_bytes = ssl3_read_bytes, + .ssl_write_bytes = ssl3_write_bytes, + .ssl3_enc = &TLSv1_2_enc_data, +}; + +static const SSL_METHOD TLS_client_method_data = { + .ssl_dispatch_alert = ssl3_dispatch_alert, + .num_ciphers = ssl3_num_ciphers, + .get_cipher = ssl3_get_cipher, + .get_cipher_by_char = ssl3_get_cipher_by_char, + .put_cipher_by_char = ssl3_put_cipher_by_char, + .internal = &TLS_client_method_internal_data, +}; + +static const SSL_METHOD_INTERNAL TLSv1_client_method_internal_data = { + .version = TLS1_VERSION, + .min_version = TLS1_VERSION, + .max_version = TLS1_VERSION, + .ssl_new = tls1_new, + .ssl_clear = tls1_clear, + .ssl_free = tls1_free, + .ssl_accept = ssl_undefined_function, + .ssl_connect = ssl3_connect, + .get_ssl_method = tls1_get_client_method, + .get_timeout = tls1_default_timeout, + .ssl_version = ssl_undefined_void_function, + .ssl_renegotiate = ssl3_renegotiate, + .ssl_renegotiate_check = ssl3_renegotiate_check, + .ssl_get_message = ssl3_get_message, + .ssl_read_bytes = ssl3_read_bytes, + .ssl_write_bytes = ssl3_write_bytes, + .ssl3_enc = &TLSv1_enc_data, +}; + +static const SSL_METHOD TLSv1_client_method_data = { + .ssl_dispatch_alert = ssl3_dispatch_alert, + .num_ciphers = ssl3_num_ciphers, + .get_cipher = ssl3_get_cipher, + .get_cipher_by_char = ssl3_get_cipher_by_char, + .put_cipher_by_char = ssl3_put_cipher_by_char, + .internal = &TLSv1_client_method_internal_data, +}; + +static const SSL_METHOD_INTERNAL TLSv1_1_client_method_internal_data = { + .version = TLS1_1_VERSION, + .min_version = TLS1_1_VERSION, + .max_version = TLS1_1_VERSION, + .ssl_new = tls1_new, + .ssl_clear = tls1_clear, + .ssl_free = tls1_free, + .ssl_accept = ssl_undefined_function, + .ssl_connect = ssl3_connect, + .get_ssl_method = tls1_get_client_method, + .get_timeout = tls1_default_timeout, + .ssl_version = ssl_undefined_void_function, + .ssl_renegotiate = ssl3_renegotiate, + .ssl_renegotiate_check = ssl3_renegotiate_check, + .ssl_get_message = ssl3_get_message, + .ssl_read_bytes = ssl3_read_bytes, + .ssl_write_bytes = ssl3_write_bytes, + .ssl3_enc = &TLSv1_1_enc_data, +}; + +static const SSL_METHOD TLSv1_1_client_method_data = { + .ssl_dispatch_alert = ssl3_dispatch_alert, + .num_ciphers = ssl3_num_ciphers, + .get_cipher = ssl3_get_cipher, + .get_cipher_by_char = ssl3_get_cipher_by_char, + .put_cipher_by_char = ssl3_put_cipher_by_char, + .internal = &TLSv1_1_client_method_internal_data, +}; + +static const SSL_METHOD_INTERNAL TLSv1_2_client_method_internal_data = { + .version = TLS1_2_VERSION, + .min_version = TLS1_2_VERSION, + .max_version = TLS1_2_VERSION, + .ssl_new = tls1_new, + .ssl_clear = tls1_clear, + .ssl_free = tls1_free, + .ssl_accept = ssl_undefined_function, + .ssl_connect = ssl3_connect, + .get_ssl_method = tls1_get_client_method, + .get_timeout = tls1_default_timeout, + .ssl_version = ssl_undefined_void_function, + .ssl_renegotiate = ssl3_renegotiate, + .ssl_renegotiate_check = ssl3_renegotiate_check, + .ssl_get_message = ssl3_get_message, + .ssl_read_bytes = ssl3_read_bytes, + .ssl_write_bytes = ssl3_write_bytes, + .ssl3_enc = &TLSv1_2_enc_data, +}; + +static const SSL_METHOD TLSv1_2_client_method_data = { + .ssl_dispatch_alert = ssl3_dispatch_alert, + .num_ciphers = ssl3_num_ciphers, + .get_cipher = ssl3_get_cipher, + .get_cipher_by_char = ssl3_get_cipher_by_char, + .put_cipher_by_char = ssl3_put_cipher_by_char, + .internal = &TLSv1_2_client_method_internal_data, +}; + +const SSL_METHOD * +tls1_get_client_method(int ver) +{ + if (ver == TLS1_2_VERSION) + return (TLSv1_2_client_method()); + if (ver == TLS1_1_VERSION) + return (TLSv1_1_client_method()); + if (ver == TLS1_VERSION) + return (TLSv1_client_method()); + return (NULL); +} + +const SSL_METHOD * +SSLv23_client_method(void) +{ + return (TLS_client_method()); +} + +const SSL_METHOD * +TLS_client_method(void) +{ + return (&TLS_client_method_data); +} + +const SSL_METHOD * +TLSv1_client_method(void) +{ + return (&TLSv1_client_method_data); +} + +const SSL_METHOD * +TLSv1_1_client_method(void) +{ + return (&TLSv1_1_client_method_data); +} + +const SSL_METHOD * +TLSv1_2_client_method(void) +{ + return (&TLSv1_2_client_method_data); +} + +static const SSL_METHOD *tls1_get_method(int ver); + +static const SSL_METHOD_INTERNAL TLS_method_internal_data = { + .version = TLS1_2_VERSION, + .min_version = TLS1_VERSION, + .max_version = TLS1_2_VERSION, + .ssl_new = tls1_new, + .ssl_clear = tls1_clear, + .ssl_free = tls1_free, + .ssl_accept = ssl3_accept, + .ssl_connect = ssl3_connect, + .get_ssl_method = tls1_get_method, + .get_timeout = tls1_default_timeout, + .ssl_version = ssl_undefined_void_function, + .ssl_renegotiate = ssl_undefined_function, + .ssl_renegotiate_check = ssl_ok, + .ssl_get_message = ssl3_get_message, + .ssl_read_bytes = ssl3_read_bytes, + .ssl_write_bytes = ssl3_write_bytes, + .ssl3_enc = &TLSv1_2_enc_data, +}; + +static const SSL_METHOD TLS_method_data = { + .ssl_dispatch_alert = ssl3_dispatch_alert, + .num_ciphers = ssl3_num_ciphers, + .get_cipher = ssl3_get_cipher, + .get_cipher_by_char = ssl3_get_cipher_by_char, + .put_cipher_by_char = ssl3_put_cipher_by_char, + .internal = &TLS_method_internal_data, +}; + +static const SSL_METHOD_INTERNAL TLSv1_method_internal_data = { + .version = TLS1_VERSION, + .min_version = TLS1_VERSION, + .max_version = TLS1_VERSION, + .ssl_new = tls1_new, + .ssl_clear = tls1_clear, + .ssl_free = tls1_free, + .ssl_accept = ssl3_accept, + .ssl_connect = ssl3_connect, + .get_ssl_method = tls1_get_method, + .get_timeout = tls1_default_timeout, + .ssl_version = ssl_undefined_void_function, + .ssl_renegotiate = ssl3_renegotiate, + .ssl_renegotiate_check = ssl3_renegotiate_check, + .ssl_get_message = ssl3_get_message, + .ssl_read_bytes = ssl3_read_bytes, + .ssl_write_bytes = ssl3_write_bytes, + .ssl3_enc = &TLSv1_enc_data, +}; + +static const SSL_METHOD TLSv1_method_data = { + .ssl_dispatch_alert = ssl3_dispatch_alert, + .num_ciphers = ssl3_num_ciphers, + .get_cipher = ssl3_get_cipher, + .get_cipher_by_char = ssl3_get_cipher_by_char, + .put_cipher_by_char = ssl3_put_cipher_by_char, + .internal = &TLSv1_method_internal_data, +}; + +static const SSL_METHOD_INTERNAL TLSv1_1_method_internal_data = { + .version = TLS1_1_VERSION, + .min_version = TLS1_1_VERSION, + .max_version = TLS1_1_VERSION, + .ssl_new = tls1_new, + .ssl_clear = tls1_clear, + .ssl_free = tls1_free, + .ssl_accept = ssl3_accept, + .ssl_connect = ssl3_connect, + .get_ssl_method = tls1_get_method, + .get_timeout = tls1_default_timeout, + .ssl_version = ssl_undefined_void_function, + .ssl_renegotiate = ssl3_renegotiate, + .ssl_renegotiate_check = ssl3_renegotiate_check, + .ssl_get_message = ssl3_get_message, + .ssl_read_bytes = ssl3_read_bytes, + .ssl_write_bytes = ssl3_write_bytes, + .ssl3_enc = &TLSv1_1_enc_data, +}; + +static const SSL_METHOD TLSv1_1_method_data = { + .ssl_dispatch_alert = ssl3_dispatch_alert, + .num_ciphers = ssl3_num_ciphers, + .get_cipher = ssl3_get_cipher, + .get_cipher_by_char = ssl3_get_cipher_by_char, + .put_cipher_by_char = ssl3_put_cipher_by_char, + .internal = &TLSv1_1_method_internal_data, +}; + +static const SSL_METHOD_INTERNAL TLSv1_2_method_internal_data = { + .version = TLS1_2_VERSION, + .min_version = TLS1_2_VERSION, + .max_version = TLS1_2_VERSION, + .ssl_new = tls1_new, + .ssl_clear = tls1_clear, + .ssl_free = tls1_free, + .ssl_accept = ssl3_accept, + .ssl_connect = ssl3_connect, + .get_ssl_method = tls1_get_method, + .get_timeout = tls1_default_timeout, + .ssl_version = ssl_undefined_void_function, + .ssl_renegotiate = ssl3_renegotiate, + .ssl_renegotiate_check = ssl3_renegotiate_check, + .ssl_get_message = ssl3_get_message, + .ssl_read_bytes = ssl3_read_bytes, + .ssl_write_bytes = ssl3_write_bytes, + .ssl3_enc = &TLSv1_2_enc_data, +}; + +static const SSL_METHOD TLSv1_2_method_data = { + .ssl_dispatch_alert = ssl3_dispatch_alert, + .num_ciphers = ssl3_num_ciphers, + .get_cipher = ssl3_get_cipher, + .get_cipher_by_char = ssl3_get_cipher_by_char, + .put_cipher_by_char = ssl3_put_cipher_by_char, + .internal = &TLSv1_2_method_internal_data, +}; + +static const SSL_METHOD * +tls1_get_method(int ver) +{ + if (ver == TLS1_2_VERSION) + return (TLSv1_2_method()); + if (ver == TLS1_1_VERSION) + return (TLSv1_1_method()); + if (ver == TLS1_VERSION) + return (TLSv1_method()); + return (NULL); +} + +const SSL_METHOD * +SSLv23_method(void) +{ + return (TLS_method()); +} + +const SSL_METHOD * +TLS_method(void) +{ + return &TLS_method_data; +} + +const SSL_METHOD * +TLSv1_method(void) +{ + return (&TLSv1_method_data); +} + +const SSL_METHOD * +TLSv1_1_method(void) +{ + return (&TLSv1_1_method_data); +} + +const SSL_METHOD * +TLSv1_2_method(void) +{ + return (&TLSv1_2_method_data); +} + +static const SSL_METHOD_INTERNAL TLS_server_method_internal_data = { + .version = TLS1_2_VERSION, + .min_version = TLS1_VERSION, + .max_version = TLS1_2_VERSION, + .ssl_new = tls1_new, + .ssl_clear = tls1_clear, + .ssl_free = tls1_free, + .ssl_accept = ssl3_accept, + .ssl_connect = ssl_undefined_function, + .get_ssl_method = tls1_get_server_method, + .get_timeout = tls1_default_timeout, + .ssl_version = ssl_undefined_void_function, + .ssl_renegotiate = ssl_undefined_function, + .ssl_renegotiate_check = ssl_ok, + .ssl_get_message = ssl3_get_message, + .ssl_read_bytes = ssl3_read_bytes, + .ssl_write_bytes = ssl3_write_bytes, + .ssl3_enc = &TLSv1_2_enc_data, +}; + +static const SSL_METHOD TLS_server_method_data = { + .ssl_dispatch_alert = ssl3_dispatch_alert, + .num_ciphers = ssl3_num_ciphers, + .get_cipher = ssl3_get_cipher, + .get_cipher_by_char = ssl3_get_cipher_by_char, + .put_cipher_by_char = ssl3_put_cipher_by_char, + .internal = &TLS_server_method_internal_data, +}; + +static const SSL_METHOD_INTERNAL TLSv1_server_method_internal_data = { + .version = TLS1_VERSION, + .min_version = TLS1_VERSION, + .max_version = TLS1_VERSION, + .ssl_new = tls1_new, + .ssl_clear = tls1_clear, + .ssl_free = tls1_free, + .ssl_accept = ssl3_accept, + .ssl_connect = ssl_undefined_function, + .get_ssl_method = tls1_get_server_method, + .get_timeout = tls1_default_timeout, + .ssl_version = ssl_undefined_void_function, + .ssl_renegotiate = ssl3_renegotiate, + .ssl_renegotiate_check = ssl3_renegotiate_check, + .ssl_get_message = ssl3_get_message, + .ssl_read_bytes = ssl3_read_bytes, + .ssl_write_bytes = ssl3_write_bytes, + .ssl3_enc = &TLSv1_enc_data, +}; + +static const SSL_METHOD TLSv1_server_method_data = { + .ssl_dispatch_alert = ssl3_dispatch_alert, + .num_ciphers = ssl3_num_ciphers, + .get_cipher = ssl3_get_cipher, + .get_cipher_by_char = ssl3_get_cipher_by_char, + .put_cipher_by_char = ssl3_put_cipher_by_char, + .internal = &TLSv1_server_method_internal_data, +}; + +static const SSL_METHOD_INTERNAL TLSv1_1_server_method_internal_data = { + .version = TLS1_1_VERSION, + .min_version = TLS1_1_VERSION, + .max_version = TLS1_1_VERSION, + .ssl_new = tls1_new, + .ssl_clear = tls1_clear, + .ssl_free = tls1_free, + .ssl_accept = ssl3_accept, + .ssl_connect = ssl_undefined_function, + .get_ssl_method = tls1_get_server_method, + .get_timeout = tls1_default_timeout, + .ssl_version = ssl_undefined_void_function, + .ssl_renegotiate = ssl3_renegotiate, + .ssl_renegotiate_check = ssl3_renegotiate_check, + .ssl_get_message = ssl3_get_message, + .ssl_read_bytes = ssl3_read_bytes, + .ssl_write_bytes = ssl3_write_bytes, + .ssl3_enc = &TLSv1_1_enc_data, +}; + +static const SSL_METHOD TLSv1_1_server_method_data = { + .ssl_dispatch_alert = ssl3_dispatch_alert, + .num_ciphers = ssl3_num_ciphers, + .get_cipher = ssl3_get_cipher, + .get_cipher_by_char = ssl3_get_cipher_by_char, + .put_cipher_by_char = ssl3_put_cipher_by_char, + .internal = &TLSv1_1_server_method_internal_data, +}; + +static const SSL_METHOD_INTERNAL TLSv1_2_server_method_internal_data = { + .version = TLS1_2_VERSION, + .min_version = TLS1_2_VERSION, + .max_version = TLS1_2_VERSION, + .ssl_new = tls1_new, + .ssl_clear = tls1_clear, + .ssl_free = tls1_free, + .ssl_accept = ssl3_accept, + .ssl_connect = ssl_undefined_function, + .get_ssl_method = tls1_get_server_method, + .get_timeout = tls1_default_timeout, + .ssl_version = ssl_undefined_void_function, + .ssl_renegotiate = ssl3_renegotiate, + .ssl_renegotiate_check = ssl3_renegotiate_check, + .ssl_get_message = ssl3_get_message, + .ssl_read_bytes = ssl3_read_bytes, + .ssl_write_bytes = ssl3_write_bytes, + .ssl3_enc = &TLSv1_2_enc_data, +}; + +static const SSL_METHOD TLSv1_2_server_method_data = { + .ssl_dispatch_alert = ssl3_dispatch_alert, + .num_ciphers = ssl3_num_ciphers, + .get_cipher = ssl3_get_cipher, + .get_cipher_by_char = ssl3_get_cipher_by_char, + .put_cipher_by_char = ssl3_put_cipher_by_char, + .internal = &TLSv1_2_server_method_internal_data, +}; + +const SSL_METHOD * +tls1_get_server_method(int ver) +{ + if (ver == TLS1_2_VERSION) + return (TLSv1_2_server_method()); + if (ver == TLS1_1_VERSION) + return (TLSv1_1_server_method()); + if (ver == TLS1_VERSION) + return (TLSv1_server_method()); + return (NULL); +} + +const SSL_METHOD * +SSLv23_server_method(void) +{ + return (TLS_server_method()); +} + +const SSL_METHOD * +TLS_server_method(void) +{ + return (&TLS_server_method_data); +} + +const SSL_METHOD * +TLSv1_server_method(void) +{ + return (&TLSv1_server_method_data); +} + +const SSL_METHOD * +TLSv1_1_server_method(void) +{ + return (&TLSv1_1_server_method_data); +} + +const SSL_METHOD * +TLSv1_2_server_method(void) +{ + return (&TLSv1_2_server_method_data); +} diff --git a/src/lib/libssl/t1_clnt.c b/src/lib/libssl/t1_clnt.c deleted file mode 100644 index 4e3b208743..0000000000 --- a/src/lib/libssl/t1_clnt.c +++ /dev/null @@ -1,223 +0,0 @@ -/* $OpenBSD: t1_clnt.c,v 1.26 2018/08/30 16:56:16 jsing Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include "ssl_locl.h" - -#include -#include -#include - -static const SSL_METHOD_INTERNAL TLS_client_method_internal_data = { - .version = TLS1_2_VERSION, - .min_version = TLS1_VERSION, - .max_version = TLS1_2_VERSION, - .ssl_new = tls1_new, - .ssl_clear = tls1_clear, - .ssl_free = tls1_free, - .ssl_accept = ssl_undefined_function, - .ssl_connect = ssl3_connect, - .get_ssl_method = tls1_get_client_method, - .get_timeout = tls1_default_timeout, - .ssl_version = ssl_undefined_void_function, - .ssl_renegotiate = ssl_undefined_function, - .ssl_renegotiate_check = ssl_ok, - .ssl_get_message = ssl3_get_message, - .ssl_read_bytes = ssl3_read_bytes, - .ssl_write_bytes = ssl3_write_bytes, - .ssl3_enc = &TLSv1_2_enc_data, -}; - -static const SSL_METHOD TLS_client_method_data = { - .ssl_dispatch_alert = ssl3_dispatch_alert, - .num_ciphers = ssl3_num_ciphers, - .get_cipher = ssl3_get_cipher, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl3_put_cipher_by_char, - .internal = &TLS_client_method_internal_data, -}; - -static const SSL_METHOD_INTERNAL TLSv1_client_method_internal_data = { - .version = TLS1_VERSION, - .min_version = TLS1_VERSION, - .max_version = TLS1_VERSION, - .ssl_new = tls1_new, - .ssl_clear = tls1_clear, - .ssl_free = tls1_free, - .ssl_accept = ssl_undefined_function, - .ssl_connect = ssl3_connect, - .get_ssl_method = tls1_get_client_method, - .get_timeout = tls1_default_timeout, - .ssl_version = ssl_undefined_void_function, - .ssl_renegotiate = ssl3_renegotiate, - .ssl_renegotiate_check = ssl3_renegotiate_check, - .ssl_get_message = ssl3_get_message, - .ssl_read_bytes = ssl3_read_bytes, - .ssl_write_bytes = ssl3_write_bytes, - .ssl3_enc = &TLSv1_enc_data, -}; - -static const SSL_METHOD TLSv1_client_method_data = { - .ssl_dispatch_alert = ssl3_dispatch_alert, - .num_ciphers = ssl3_num_ciphers, - .get_cipher = ssl3_get_cipher, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl3_put_cipher_by_char, - .internal = &TLSv1_client_method_internal_data, -}; - -static const SSL_METHOD_INTERNAL TLSv1_1_client_method_internal_data = { - .version = TLS1_1_VERSION, - .min_version = TLS1_1_VERSION, - .max_version = TLS1_1_VERSION, - .ssl_new = tls1_new, - .ssl_clear = tls1_clear, - .ssl_free = tls1_free, - .ssl_accept = ssl_undefined_function, - .ssl_connect = ssl3_connect, - .get_ssl_method = tls1_get_client_method, - .get_timeout = tls1_default_timeout, - .ssl_version = ssl_undefined_void_function, - .ssl_renegotiate = ssl3_renegotiate, - .ssl_renegotiate_check = ssl3_renegotiate_check, - .ssl_get_message = ssl3_get_message, - .ssl_read_bytes = ssl3_read_bytes, - .ssl_write_bytes = ssl3_write_bytes, - .ssl3_enc = &TLSv1_1_enc_data, -}; - -static const SSL_METHOD TLSv1_1_client_method_data = { - .ssl_dispatch_alert = ssl3_dispatch_alert, - .num_ciphers = ssl3_num_ciphers, - .get_cipher = ssl3_get_cipher, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl3_put_cipher_by_char, - .internal = &TLSv1_1_client_method_internal_data, -}; - -static const SSL_METHOD_INTERNAL TLSv1_2_client_method_internal_data = { - .version = TLS1_2_VERSION, - .min_version = TLS1_2_VERSION, - .max_version = TLS1_2_VERSION, - .ssl_new = tls1_new, - .ssl_clear = tls1_clear, - .ssl_free = tls1_free, - .ssl_accept = ssl_undefined_function, - .ssl_connect = ssl3_connect, - .get_ssl_method = tls1_get_client_method, - .get_timeout = tls1_default_timeout, - .ssl_version = ssl_undefined_void_function, - .ssl_renegotiate = ssl3_renegotiate, - .ssl_renegotiate_check = ssl3_renegotiate_check, - .ssl_get_message = ssl3_get_message, - .ssl_read_bytes = ssl3_read_bytes, - .ssl_write_bytes = ssl3_write_bytes, - .ssl3_enc = &TLSv1_2_enc_data, -}; - -static const SSL_METHOD TLSv1_2_client_method_data = { - .ssl_dispatch_alert = ssl3_dispatch_alert, - .num_ciphers = ssl3_num_ciphers, - .get_cipher = ssl3_get_cipher, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl3_put_cipher_by_char, - .internal = &TLSv1_2_client_method_internal_data, -}; - -const SSL_METHOD * -tls1_get_client_method(int ver) -{ - if (ver == TLS1_2_VERSION) - return (TLSv1_2_client_method()); - if (ver == TLS1_1_VERSION) - return (TLSv1_1_client_method()); - if (ver == TLS1_VERSION) - return (TLSv1_client_method()); - return (NULL); -} - -const SSL_METHOD * -SSLv23_client_method(void) -{ - return (TLS_client_method()); -} - -const SSL_METHOD * -TLS_client_method(void) -{ - return (&TLS_client_method_data); -} - -const SSL_METHOD * -TLSv1_client_method(void) -{ - return (&TLSv1_client_method_data); -} - -const SSL_METHOD * -TLSv1_1_client_method(void) -{ - return (&TLSv1_1_client_method_data); -} - -const SSL_METHOD * -TLSv1_2_client_method(void) -{ - return (&TLSv1_2_client_method_data); -} diff --git a/src/lib/libssl/t1_meth.c b/src/lib/libssl/t1_meth.c deleted file mode 100644 index 5ce8c9135b..0000000000 --- a/src/lib/libssl/t1_meth.c +++ /dev/null @@ -1,223 +0,0 @@ -/* $OpenBSD: t1_meth.c,v 1.25 2018/08/30 16:56:16 jsing Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include - -#include "ssl_locl.h" - -static const SSL_METHOD *tls1_get_method(int ver); - -static const SSL_METHOD_INTERNAL TLS_method_internal_data = { - .version = TLS1_2_VERSION, - .min_version = TLS1_VERSION, - .max_version = TLS1_2_VERSION, - .ssl_new = tls1_new, - .ssl_clear = tls1_clear, - .ssl_free = tls1_free, - .ssl_accept = ssl3_accept, - .ssl_connect = ssl3_connect, - .get_ssl_method = tls1_get_method, - .get_timeout = tls1_default_timeout, - .ssl_version = ssl_undefined_void_function, - .ssl_renegotiate = ssl_undefined_function, - .ssl_renegotiate_check = ssl_ok, - .ssl_get_message = ssl3_get_message, - .ssl_read_bytes = ssl3_read_bytes, - .ssl_write_bytes = ssl3_write_bytes, - .ssl3_enc = &TLSv1_2_enc_data, -}; - -static const SSL_METHOD TLS_method_data = { - .ssl_dispatch_alert = ssl3_dispatch_alert, - .num_ciphers = ssl3_num_ciphers, - .get_cipher = ssl3_get_cipher, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl3_put_cipher_by_char, - .internal = &TLS_method_internal_data, -}; - -static const SSL_METHOD_INTERNAL TLSv1_method_internal_data = { - .version = TLS1_VERSION, - .min_version = TLS1_VERSION, - .max_version = TLS1_VERSION, - .ssl_new = tls1_new, - .ssl_clear = tls1_clear, - .ssl_free = tls1_free, - .ssl_accept = ssl3_accept, - .ssl_connect = ssl3_connect, - .get_ssl_method = tls1_get_method, - .get_timeout = tls1_default_timeout, - .ssl_version = ssl_undefined_void_function, - .ssl_renegotiate = ssl3_renegotiate, - .ssl_renegotiate_check = ssl3_renegotiate_check, - .ssl_get_message = ssl3_get_message, - .ssl_read_bytes = ssl3_read_bytes, - .ssl_write_bytes = ssl3_write_bytes, - .ssl3_enc = &TLSv1_enc_data, -}; - -static const SSL_METHOD TLSv1_method_data = { - .ssl_dispatch_alert = ssl3_dispatch_alert, - .num_ciphers = ssl3_num_ciphers, - .get_cipher = ssl3_get_cipher, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl3_put_cipher_by_char, - .internal = &TLSv1_method_internal_data, -}; - -static const SSL_METHOD_INTERNAL TLSv1_1_method_internal_data = { - .version = TLS1_1_VERSION, - .min_version = TLS1_1_VERSION, - .max_version = TLS1_1_VERSION, - .ssl_new = tls1_new, - .ssl_clear = tls1_clear, - .ssl_free = tls1_free, - .ssl_accept = ssl3_accept, - .ssl_connect = ssl3_connect, - .get_ssl_method = tls1_get_method, - .get_timeout = tls1_default_timeout, - .ssl_version = ssl_undefined_void_function, - .ssl_renegotiate = ssl3_renegotiate, - .ssl_renegotiate_check = ssl3_renegotiate_check, - .ssl_get_message = ssl3_get_message, - .ssl_read_bytes = ssl3_read_bytes, - .ssl_write_bytes = ssl3_write_bytes, - .ssl3_enc = &TLSv1_1_enc_data, -}; - -static const SSL_METHOD TLSv1_1_method_data = { - .ssl_dispatch_alert = ssl3_dispatch_alert, - .num_ciphers = ssl3_num_ciphers, - .get_cipher = ssl3_get_cipher, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl3_put_cipher_by_char, - .internal = &TLSv1_1_method_internal_data, -}; - -static const SSL_METHOD_INTERNAL TLSv1_2_method_internal_data = { - .version = TLS1_2_VERSION, - .min_version = TLS1_2_VERSION, - .max_version = TLS1_2_VERSION, - .ssl_new = tls1_new, - .ssl_clear = tls1_clear, - .ssl_free = tls1_free, - .ssl_accept = ssl3_accept, - .ssl_connect = ssl3_connect, - .get_ssl_method = tls1_get_method, - .get_timeout = tls1_default_timeout, - .ssl_version = ssl_undefined_void_function, - .ssl_renegotiate = ssl3_renegotiate, - .ssl_renegotiate_check = ssl3_renegotiate_check, - .ssl_get_message = ssl3_get_message, - .ssl_read_bytes = ssl3_read_bytes, - .ssl_write_bytes = ssl3_write_bytes, - .ssl3_enc = &TLSv1_2_enc_data, -}; - -static const SSL_METHOD TLSv1_2_method_data = { - .ssl_dispatch_alert = ssl3_dispatch_alert, - .num_ciphers = ssl3_num_ciphers, - .get_cipher = ssl3_get_cipher, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl3_put_cipher_by_char, - .internal = &TLSv1_2_method_internal_data, -}; - -static const SSL_METHOD * -tls1_get_method(int ver) -{ - if (ver == TLS1_2_VERSION) - return (TLSv1_2_method()); - if (ver == TLS1_1_VERSION) - return (TLSv1_1_method()); - if (ver == TLS1_VERSION) - return (TLSv1_method()); - return (NULL); -} - -const SSL_METHOD * -SSLv23_method(void) -{ - return (TLS_method()); -} - -const SSL_METHOD * -TLS_method(void) -{ - return &TLS_method_data; -} - -const SSL_METHOD * -TLSv1_method(void) -{ - return (&TLSv1_method_data); -} - -const SSL_METHOD * -TLSv1_1_method(void) -{ - return (&TLSv1_1_method_data); -} - -const SSL_METHOD * -TLSv1_2_method(void) -{ - return (&TLSv1_2_method_data); -} diff --git a/src/lib/libssl/t1_srvr.c b/src/lib/libssl/t1_srvr.c deleted file mode 100644 index 02c5cf46ae..0000000000 --- a/src/lib/libssl/t1_srvr.c +++ /dev/null @@ -1,224 +0,0 @@ -/* $OpenBSD: t1_srvr.c,v 1.27 2018/08/30 16:56:16 jsing Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include "ssl_locl.h" - -#include -#include -#include -#include - -static const SSL_METHOD_INTERNAL TLS_server_method_internal_data = { - .version = TLS1_2_VERSION, - .min_version = TLS1_VERSION, - .max_version = TLS1_2_VERSION, - .ssl_new = tls1_new, - .ssl_clear = tls1_clear, - .ssl_free = tls1_free, - .ssl_accept = ssl3_accept, - .ssl_connect = ssl_undefined_function, - .get_ssl_method = tls1_get_server_method, - .get_timeout = tls1_default_timeout, - .ssl_version = ssl_undefined_void_function, - .ssl_renegotiate = ssl_undefined_function, - .ssl_renegotiate_check = ssl_ok, - .ssl_get_message = ssl3_get_message, - .ssl_read_bytes = ssl3_read_bytes, - .ssl_write_bytes = ssl3_write_bytes, - .ssl3_enc = &TLSv1_2_enc_data, -}; - -static const SSL_METHOD TLS_server_method_data = { - .ssl_dispatch_alert = ssl3_dispatch_alert, - .num_ciphers = ssl3_num_ciphers, - .get_cipher = ssl3_get_cipher, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl3_put_cipher_by_char, - .internal = &TLS_server_method_internal_data, -}; - -static const SSL_METHOD_INTERNAL TLSv1_server_method_internal_data = { - .version = TLS1_VERSION, - .min_version = TLS1_VERSION, - .max_version = TLS1_VERSION, - .ssl_new = tls1_new, - .ssl_clear = tls1_clear, - .ssl_free = tls1_free, - .ssl_accept = ssl3_accept, - .ssl_connect = ssl_undefined_function, - .get_ssl_method = tls1_get_server_method, - .get_timeout = tls1_default_timeout, - .ssl_version = ssl_undefined_void_function, - .ssl_renegotiate = ssl3_renegotiate, - .ssl_renegotiate_check = ssl3_renegotiate_check, - .ssl_get_message = ssl3_get_message, - .ssl_read_bytes = ssl3_read_bytes, - .ssl_write_bytes = ssl3_write_bytes, - .ssl3_enc = &TLSv1_enc_data, -}; - -static const SSL_METHOD TLSv1_server_method_data = { - .ssl_dispatch_alert = ssl3_dispatch_alert, - .num_ciphers = ssl3_num_ciphers, - .get_cipher = ssl3_get_cipher, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl3_put_cipher_by_char, - .internal = &TLSv1_server_method_internal_data, -}; - -static const SSL_METHOD_INTERNAL TLSv1_1_server_method_internal_data = { - .version = TLS1_1_VERSION, - .min_version = TLS1_1_VERSION, - .max_version = TLS1_1_VERSION, - .ssl_new = tls1_new, - .ssl_clear = tls1_clear, - .ssl_free = tls1_free, - .ssl_accept = ssl3_accept, - .ssl_connect = ssl_undefined_function, - .get_ssl_method = tls1_get_server_method, - .get_timeout = tls1_default_timeout, - .ssl_version = ssl_undefined_void_function, - .ssl_renegotiate = ssl3_renegotiate, - .ssl_renegotiate_check = ssl3_renegotiate_check, - .ssl_get_message = ssl3_get_message, - .ssl_read_bytes = ssl3_read_bytes, - .ssl_write_bytes = ssl3_write_bytes, - .ssl3_enc = &TLSv1_1_enc_data, -}; - -static const SSL_METHOD TLSv1_1_server_method_data = { - .ssl_dispatch_alert = ssl3_dispatch_alert, - .num_ciphers = ssl3_num_ciphers, - .get_cipher = ssl3_get_cipher, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl3_put_cipher_by_char, - .internal = &TLSv1_1_server_method_internal_data, -}; - -static const SSL_METHOD_INTERNAL TLSv1_2_server_method_internal_data = { - .version = TLS1_2_VERSION, - .min_version = TLS1_2_VERSION, - .max_version = TLS1_2_VERSION, - .ssl_new = tls1_new, - .ssl_clear = tls1_clear, - .ssl_free = tls1_free, - .ssl_accept = ssl3_accept, - .ssl_connect = ssl_undefined_function, - .get_ssl_method = tls1_get_server_method, - .get_timeout = tls1_default_timeout, - .ssl_version = ssl_undefined_void_function, - .ssl_renegotiate = ssl3_renegotiate, - .ssl_renegotiate_check = ssl3_renegotiate_check, - .ssl_get_message = ssl3_get_message, - .ssl_read_bytes = ssl3_read_bytes, - .ssl_write_bytes = ssl3_write_bytes, - .ssl3_enc = &TLSv1_2_enc_data, -}; - -static const SSL_METHOD TLSv1_2_server_method_data = { - .ssl_dispatch_alert = ssl3_dispatch_alert, - .num_ciphers = ssl3_num_ciphers, - .get_cipher = ssl3_get_cipher, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl3_put_cipher_by_char, - .internal = &TLSv1_2_server_method_internal_data, -}; - -const SSL_METHOD * -tls1_get_server_method(int ver) -{ - if (ver == TLS1_2_VERSION) - return (TLSv1_2_server_method()); - if (ver == TLS1_1_VERSION) - return (TLSv1_1_server_method()); - if (ver == TLS1_VERSION) - return (TLSv1_server_method()); - return (NULL); -} - -const SSL_METHOD * -SSLv23_server_method(void) -{ - return (TLS_server_method()); -} - -const SSL_METHOD * -TLS_server_method(void) -{ - return (&TLS_server_method_data); -} - -const SSL_METHOD * -TLSv1_server_method(void) -{ - return (&TLSv1_server_method_data); -} - -const SSL_METHOD * -TLSv1_1_server_method(void) -{ - return (&TLSv1_1_server_method_data); -} - -const SSL_METHOD * -TLSv1_2_server_method(void) -{ - return (&TLSv1_2_server_method_data); -} -- cgit v1.2.3-55-g6feb