From 2fc4169a1040fb41912043d6a402741eceda793f Mon Sep 17 00:00:00 2001 From: jsing <> Date: Tue, 10 Mar 2020 17:02:21 +0000 Subject: Remove the enc function pointers. The enc function pointers do not serve any purpose these days - remove a layer of indirection and call dtls1_enc()/tls1_enc() directly. ok inoguchi@ tb@ --- src/lib/libssl/d1_lib.c | 3 +-- src/lib/libssl/d1_pkt.c | 10 ++++------ src/lib/libssl/ssl_locl.h | 3 +-- src/lib/libssl/ssl_pkt.c | 10 ++++------ src/lib/libssl/t1_lib.c | 5 +---- src/lib/libssl/tls13_legacy.c | 3 +-- 6 files changed, 12 insertions(+), 22 deletions(-) (limited to 'src/lib') diff --git a/src/lib/libssl/d1_lib.c b/src/lib/libssl/d1_lib.c index 45bbd9b45d..6171035d23 100644 --- a/src/lib/libssl/d1_lib.c +++ b/src/lib/libssl/d1_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: d1_lib.c,v 1.43 2020/02/21 16:12:18 jsing Exp $ */ +/* $OpenBSD: d1_lib.c,v 1.44 2020/03/10 17:02:21 jsing Exp $ */ /* * DTLS implementation written by Nagendra Modadugu * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. @@ -73,7 +73,6 @@ static int dtls1_listen(SSL *s, struct sockaddr *client); SSL3_ENC_METHOD DTLSv1_enc_data = { - .enc = dtls1_enc, .enc_flags = SSL_ENC_FLAG_EXPLICIT_IV, }; diff --git a/src/lib/libssl/d1_pkt.c b/src/lib/libssl/d1_pkt.c index 2cb2d089c8..101017449c 100644 --- a/src/lib/libssl/d1_pkt.c +++ b/src/lib/libssl/d1_pkt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: d1_pkt.c,v 1.69 2020/02/21 16:15:56 jsing Exp $ */ +/* $OpenBSD: d1_pkt.c,v 1.70 2020/03/10 17:02:21 jsing Exp $ */ /* * DTLS implementation written by Nagendra Modadugu * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. @@ -361,19 +361,17 @@ dtls1_process_record(SSL *s) /* decrypt in place in 'rr->input' */ rr->data = rr->input; - enc_err = s->method->internal->ssl3_enc->enc(s, 0); /* enc_err is: * 0: (in non-constant time) if the record is publically invalid. * 1: if the padding is valid * -1: if the padding is invalid */ - if (enc_err == 0) { + if ((enc_err = dtls1_enc(s, 0)) == 0) { /* For DTLS we simply ignore bad packets. */ rr->length = 0; s->internal->packet_length = 0; goto err; } - /* r->length is now the compressed data plus mac */ if ((sess != NULL) && (s->enc_read_ctx != NULL) && (EVP_MD_CTX_md(s->read_hash) != NULL)) { @@ -1286,8 +1284,8 @@ do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len) wr->length += bs; } - /* ssl3_enc can only have an error on read */ - s->method->internal->ssl3_enc->enc(s, 1); + /* dtls1_enc can only have an error on read */ + dtls1_enc(s, 1); if (!CBB_add_u16(&cbb, wr->length)) goto err; diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h index b254ee59a8..77c1a51798 100644 --- a/src/lib/libssl/ssl_locl.h +++ b/src/lib/libssl/ssl_locl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_locl.h,v 1.266 2020/02/21 16:18:52 jsing Exp $ */ +/* $OpenBSD: ssl_locl.h,v 1.267 2020/03/10 17:02:21 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1013,7 +1013,6 @@ typedef struct sess_cert_st { /*#define RSA_DEBUG */ typedef struct ssl3_enc_method { - int (*enc)(SSL *, int); unsigned int enc_flags; } SSL3_ENC_METHOD; diff --git a/src/lib/libssl/ssl_pkt.c b/src/lib/libssl/ssl_pkt.c index c6ec67545d..8126c42d1d 100644 --- a/src/lib/libssl/ssl_pkt.c +++ b/src/lib/libssl/ssl_pkt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_pkt.c,v 1.20 2020/02/23 17:59:03 tb Exp $ */ +/* $OpenBSD: ssl_pkt.c,v 1.21 2020/03/10 17:02:21 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -431,18 +431,16 @@ ssl3_get_record(SSL *s) /* decrypt in place in 'rr->input' */ rr->data = rr->input; - enc_err = s->method->internal->ssl3_enc->enc(s, 0); /* enc_err is: * 0: (in non-constant time) if the record is publically invalid. * 1: if the padding is valid * -1: if the padding is invalid */ - if (enc_err == 0) { + if ((enc_err = tls1_enc(s, 0)) == 0) { al = SSL_AD_BAD_RECORD_MAC; SSLerror(s, SSL_R_BLOCK_CIPHER_PAD_IS_WRONG); goto f_err; } - /* r->length is now the compressed data plus mac */ if ((sess != NULL) && (s->enc_read_ctx != NULL) && (EVP_MD_CTX_md(s->read_hash) != NULL)) { @@ -705,8 +703,8 @@ ssl3_create_record(SSL *s, unsigned char *p, int type, const unsigned char *buf, wr->length += eivlen; } - /* ssl3_enc can only have an error on read */ - s->method->internal->ssl3_enc->enc(s, 1); + /* tls1_enc can only have an error on read */ + tls1_enc(s, 1); /* record length after mac and block padding */ if (!CBB_add_u16(&cbb, wr->length)) diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c index 162cfe5ebb..b265ea089f 100644 --- a/src/lib/libssl/t1_lib.c +++ b/src/lib/libssl/t1_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: t1_lib.c,v 1.164 2019/04/25 04:57:36 jsing Exp $ */ +/* $OpenBSD: t1_lib.c,v 1.165 2020/03/10 17:02:21 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -126,17 +126,14 @@ static int tls_decrypt_ticket(SSL *s, CBS *session_id, CBS *ticket, SSL_SESSION **psess); SSL3_ENC_METHOD TLSv1_enc_data = { - .enc = tls1_enc, .enc_flags = 0, }; SSL3_ENC_METHOD TLSv1_1_enc_data = { - .enc = tls1_enc, .enc_flags = SSL_ENC_FLAG_EXPLICIT_IV, }; SSL3_ENC_METHOD TLSv1_2_enc_data = { - .enc = tls1_enc, .enc_flags = SSL_ENC_FLAG_EXPLICIT_IV|SSL_ENC_FLAG_SIGALGS| SSL_ENC_FLAG_SHA256_PRF|SSL_ENC_FLAG_TLS1_2_CIPHERS, }; diff --git a/src/lib/libssl/tls13_legacy.c b/src/lib/libssl/tls13_legacy.c index 642374af92..747bdc2728 100644 --- a/src/lib/libssl/tls13_legacy.c +++ b/src/lib/libssl/tls13_legacy.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_legacy.c,v 1.1 2020/02/15 14:40:38 jsing Exp $ */ +/* $OpenBSD: tls13_legacy.c,v 1.2 2020/03/10 17:02:21 jsing Exp $ */ /* * Copyright (c) 2018, 2019 Joel Sing * @@ -21,7 +21,6 @@ #include "tls13_internal.h" SSL3_ENC_METHOD TLSv1_3_enc_data = { - .enc = NULL, .enc_flags = SSL_ENC_FLAG_SIGALGS|SSL_ENC_FLAG_TLS1_3_CIPHERS, }; -- cgit v1.2.3-55-g6feb