From eaae66413ad2b6a728338460fadaf9b311f4e851 Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Wed, 7 Oct 2020 08:43:34 +0000
Subject: Mop up various things that are now unused with the new record layer.

ok inoguchi@ tb@
---
 src/lib/libssl/ssl_locl.h | 15 +--------------
 src/lib/libssl/t1_enc.c   | 15 +--------------
 src/lib/libssl/t1_lib.c   |  8 ++++----
 3 files changed, 6 insertions(+), 32 deletions(-)

(limited to 'src')

diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index 41b3c02724..b207dc65e9 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.298 2020/10/03 18:01:55 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.299 2020/10/07 08:43:34 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -317,10 +317,6 @@ __BEGIN_HIDDEN_DECLS
 #define SSL_IS_DTLS(s) \
 	(s->method->internal->version == DTLS1_VERSION)
 
-/* See if we need explicit IV. */
-#define SSL_USE_EXPLICIT_IV(s) \
-	(s->method->internal->ssl3_enc->enc_flags & SSL_ENC_FLAG_EXPLICIT_IV)
-
 /* See if we use signature algorithms extension. */
 #define SSL_USE_SIGALGS(s) \
 	(s->method->internal->ssl3_enc->enc_flags & SSL_ENC_FLAG_SIGALGS)
@@ -751,10 +747,6 @@ typedef struct ssl_internal_st {
 
 	STACK_OF(SSL_CIPHER) *cipher_list_tls13;
 
-	/* These are the ones being used, the ones in SSL_SESSION are
-	 * the ones to be 'copied' into these ones */
-	int mac_flags;
-
 	SSL_AEAD_CTX *aead_read_ctx;	/* AEAD context. If non-NULL, then
 					   enc_read_ctx and read_hash are
 					   ignored. */
@@ -842,8 +834,6 @@ typedef struct ssl3_state_internal_st {
 	int read_mac_secret_size;
 	unsigned char read_mac_secret[EVP_MAX_MD_SIZE];
 	unsigned char write_sequence[SSL3_SEQUENCE_SIZE];
-	int write_mac_secret_size;
-	unsigned char write_mac_secret[EVP_MAX_MD_SIZE];
 
 	SSL3_BUFFER_INTERNAL rbuf;	/* read IO goes into here */
 	SSL3_BUFFER_INTERNAL wbuf;	/* write IO goes into here */
@@ -1081,9 +1071,6 @@ typedef struct ssl3_enc_method {
  * Flag values for enc_flags.
  */
 
-/* Uses explicit IV. */
-#define SSL_ENC_FLAG_EXPLICIT_IV        (1 << 0)
-
 /* Uses signature algorithms extension. */
 #define SSL_ENC_FLAG_SIGALGS            (1 << 1)
 
diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c
index 7a71a08434..debbf286f6 100644
--- a/src/lib/libssl/t1_enc.c
+++ b/src/lib/libssl/t1_enc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_enc.c,v 1.124 2020/10/03 17:35:16 jsing Exp $ */
+/* $OpenBSD: t1_enc.c,v 1.125 2020/10/07 08:43:34 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -423,11 +423,6 @@ tls1_change_cipher_state_cipher(SSL *s, char is_read,
 	stream_mac = S3I(s)->hs.new_cipher->algorithm2 & TLS1_STREAM_MAC;
 
 	if (is_read) {
-		if (stream_mac)
-			s->internal->mac_flags |= SSL_MAC_FLAG_READ_MAC_STREAM;
-		else
-			s->internal->mac_flags &= ~SSL_MAC_FLAG_READ_MAC_STREAM;
-
 		ssl_clear_cipher_read_state(s);
 
 		if ((cipher_ctx = EVP_CIPHER_CTX_new()) == NULL)
@@ -445,11 +440,6 @@ tls1_change_cipher_state_cipher(SSL *s, char is_read,
 		    S3I(s)->read_mac_secret, mac_secret_size))
 			goto err;
 	} else {
-		if (stream_mac)
-			s->internal->mac_flags |= SSL_MAC_FLAG_WRITE_MAC_STREAM;
-		else
-			s->internal->mac_flags &= ~SSL_MAC_FLAG_WRITE_MAC_STREAM;
-
 		/*
 		 * DTLS fragments retain a pointer to the compression, cipher
 		 * and hash contexts, so that it can restore state in order
@@ -581,9 +571,6 @@ tls1_change_cipher_state(SSL *s, int which)
 	if (is_read) {
 		memcpy(S3I(s)->read_mac_secret, mac_secret, mac_secret_size);
 		S3I(s)->read_mac_secret_size = mac_secret_size;
-	} else {
-		memcpy(S3I(s)->write_mac_secret, mac_secret, mac_secret_size);
-		S3I(s)->write_mac_secret_size = mac_secret_size;
 	}
 
 	if (aead != NULL) {
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c
index f091dd001b..5635c8ff43 100644
--- a/src/lib/libssl/t1_lib.c
+++ b/src/lib/libssl/t1_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_lib.c,v 1.176 2020/09/12 17:25:11 tb Exp $ */
+/* $OpenBSD: t1_lib.c,v 1.177 2020/10/07 08:43:34 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -130,12 +130,12 @@ SSL3_ENC_METHOD TLSv1_enc_data = {
 };
 
 SSL3_ENC_METHOD TLSv1_1_enc_data = {
-	.enc_flags = SSL_ENC_FLAG_EXPLICIT_IV,
+	.enc_flags = 0,
 };
 
 SSL3_ENC_METHOD TLSv1_2_enc_data = {
-	.enc_flags = SSL_ENC_FLAG_EXPLICIT_IV|SSL_ENC_FLAG_SIGALGS|
-	    SSL_ENC_FLAG_SHA256_PRF|SSL_ENC_FLAG_TLS1_2_CIPHERS,
+	.enc_flags = SSL_ENC_FLAG_SIGALGS|SSL_ENC_FLAG_SHA256_PRF|
+	    SSL_ENC_FLAG_TLS1_2_CIPHERS,
 };
 
 int
-- 
cgit v1.2.3-55-g6feb