Mop up TLS1_PRF* defines.

These have not been used for a long time, however SSL_CIPHER was not opaque
at the time, hence they had to stick around. Now that SSL_CIPHER is opaque
we can simply mop them up.

ok tb@

diff --git a/lib/libssl/s3_lib.c b/lib/libssl/s3_lib.c
index 0eec6e9..1c1906d 100644 (file)
--- a/lib/libssl/s3_lib.c
+++ b/lib/libssl/s3_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_lib.c,v 1.252 2024/05/10 05:08:05 tb Exp $ */
+/* $OpenBSD: s3_lib.c,v 1.253 2024/07/15 14:45:15 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -183,7 +183,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_MD5,
                .algorithm_ssl = SSL_SSLV3,
                .algo_strength = SSL_STRONG_NONE,
-               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
                .strength_bits = 0,
                .alg_bits = 0,
        },
@@ -199,7 +199,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA1,
                .algorithm_ssl = SSL_SSLV3,
                .algo_strength = SSL_STRONG_NONE,
-               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
                .strength_bits = 0,
                .alg_bits = 0,
        },
@@ -215,7 +215,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_MD5,
                .algorithm_ssl = SSL_SSLV3,
                .algo_strength = SSL_LOW,
-               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
                .strength_bits = 128,
                .alg_bits = 128,
        },
@@ -231,7 +231,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA1,
                .algorithm_ssl = SSL_SSLV3,
                .algo_strength = SSL_LOW,
-               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
                .strength_bits = 128,
                .alg_bits = 128,
        },
@@ -247,7 +247,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA1,
                .algorithm_ssl = SSL_SSLV3,
                .algo_strength = SSL_MEDIUM,
-               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
                .strength_bits = 112,
                .alg_bits = 168,
        },
@@ -267,7 +267,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA1,
                .algorithm_ssl = SSL_SSLV3,
                .algo_strength = SSL_MEDIUM,
-               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
                .strength_bits = 112,
                .alg_bits = 168,
        },
@@ -283,7 +283,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_MD5,
                .algorithm_ssl = SSL_SSLV3,
                .algo_strength = SSL_LOW,
-               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
                .strength_bits = 128,
                .alg_bits = 128,
        },
@@ -299,7 +299,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA1,
                .algorithm_ssl = SSL_SSLV3,
                .algo_strength = SSL_MEDIUM,
-               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
                .strength_bits = 112,
                .alg_bits = 168,
        },
@@ -319,7 +319,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA1,
                .algorithm_ssl = SSL_TLSV1,
                .algo_strength = SSL_HIGH,
-               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
                .strength_bits = 128,
                .alg_bits = 128,
        },
@@ -335,7 +335,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA1,
                .algorithm_ssl = SSL_TLSV1,
                .algo_strength = SSL_HIGH,
-               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
                .strength_bits = 128,
                .alg_bits = 128,
        },
@@ -351,7 +351,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA1,
                .algorithm_ssl = SSL_TLSV1,
                .algo_strength = SSL_HIGH,
-               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
                .strength_bits = 128,
                .alg_bits = 128,
        },
@@ -367,7 +367,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA1,
                .algorithm_ssl = SSL_TLSV1,
                .algo_strength = SSL_HIGH,
-               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
                .strength_bits = 256,
                .alg_bits = 256,
        },
@@ -383,7 +383,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA1,
                .algorithm_ssl = SSL_TLSV1,
                .algo_strength = SSL_HIGH,
-               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
                .strength_bits = 256,
                .alg_bits = 256,
        },
@@ -399,7 +399,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA1,
                .algorithm_ssl = SSL_TLSV1,
                .algo_strength = SSL_HIGH,
-               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
                .strength_bits = 256,
                .alg_bits = 256,
        },
@@ -416,7 +416,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA256,
                .algorithm_ssl = SSL_TLSV1_2,
                .algo_strength = SSL_STRONG_NONE,
-               .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+               .algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
                .strength_bits = 0,
                .alg_bits = 0,
        },
@@ -432,7 +432,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA256,
                .algorithm_ssl = SSL_TLSV1_2,
                .algo_strength = SSL_HIGH,
-               .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+               .algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
                .strength_bits = 128,
                .alg_bits = 128,
        },
@@ -448,7 +448,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA256,
                .algorithm_ssl = SSL_TLSV1_2,
                .algo_strength = SSL_HIGH,
-               .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+               .algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
                .strength_bits = 256,
                .alg_bits = 256,
        },
@@ -467,7 +467,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA1,
                .algorithm_ssl = SSL_TLSV1,
                .algo_strength = SSL_HIGH,
-               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
                .strength_bits = 128,
                .alg_bits = 128,
        },
@@ -483,7 +483,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA1,
                .algorithm_ssl = SSL_TLSV1,
                .algo_strength = SSL_HIGH,
-               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
                .strength_bits = 128,
                .alg_bits = 128,
        },
@@ -499,7 +499,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA1,
                .algorithm_ssl = SSL_TLSV1,
                .algo_strength = SSL_HIGH,
-               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
                .strength_bits = 128,
                .alg_bits = 128,
        },
@@ -517,7 +517,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA256,
                .algorithm_ssl = SSL_TLSV1_2,
                .algo_strength = SSL_HIGH,
-               .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+               .algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
                .strength_bits = 128,
                .alg_bits = 128,
        },
@@ -533,7 +533,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA256,
                .algorithm_ssl = SSL_TLSV1_2,
                .algo_strength = SSL_HIGH,
-               .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+               .algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
                .strength_bits = 256,
                .alg_bits = 256,
        },
@@ -549,7 +549,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA256,
                .algorithm_ssl = SSL_TLSV1_2,
                .algo_strength = SSL_HIGH,
-               .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+               .algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
                .strength_bits = 128,
                .alg_bits = 128,
        },
@@ -565,7 +565,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA256,
                .algorithm_ssl = SSL_TLSV1_2,
                .algo_strength = SSL_HIGH,
-               .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+               .algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
                .strength_bits = 256,
                .alg_bits = 256,
        },
@@ -584,7 +584,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA1,
                .algorithm_ssl = SSL_TLSV1,
                .algo_strength = SSL_HIGH,
-               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
                .strength_bits = 256,
                .alg_bits = 256,
        },
@@ -600,7 +600,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA1,
                .algorithm_ssl = SSL_TLSV1,
                .algo_strength = SSL_HIGH,
-               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
                .strength_bits = 256,
                .alg_bits = 256,
        },
@@ -616,7 +616,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA1,
                .algorithm_ssl = SSL_TLSV1,
                .algo_strength = SSL_HIGH,
-               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
                .strength_bits = 256,
                .alg_bits = 256,
        },
@@ -637,7 +637,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_AEAD,
                .algorithm_ssl = SSL_TLSV1_2,
                .algo_strength = SSL_HIGH,
-               .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+               .algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
                .strength_bits = 128,
                .alg_bits = 128,
        },
@@ -653,7 +653,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_AEAD,
                .algorithm_ssl = SSL_TLSV1_2,
                .algo_strength = SSL_HIGH,
-               .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+               .algorithm2 = SSL_HANDSHAKE_MAC_SHA384,
                .strength_bits = 256,
                .alg_bits = 256,
        },
@@ -669,7 +669,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_AEAD,
                .algorithm_ssl = SSL_TLSV1_2,
                .algo_strength = SSL_HIGH,
-               .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+               .algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
                .strength_bits = 128,
                .alg_bits = 128,
        },
@@ -685,7 +685,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_AEAD,
                .algorithm_ssl = SSL_TLSV1_2,
                .algo_strength = SSL_HIGH,
-               .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+               .algorithm2 = SSL_HANDSHAKE_MAC_SHA384,
                .strength_bits = 256,
                .alg_bits = 256,
        },
@@ -701,7 +701,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_AEAD,
                .algorithm_ssl = SSL_TLSV1_2,
                .algo_strength = SSL_HIGH,
-               .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+               .algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
                .strength_bits = 128,
                .alg_bits = 128,
        },
@@ -717,7 +717,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_AEAD,
                .algorithm_ssl = SSL_TLSV1_2,
                .algo_strength = SSL_HIGH,
-               .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+               .algorithm2 = SSL_HANDSHAKE_MAC_SHA384,
                .strength_bits = 256,
                .alg_bits = 256,
        },
@@ -736,7 +736,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA256,
                .algorithm_ssl = SSL_TLSV1_2,
                .algo_strength = SSL_HIGH,
-               .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+               .algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
                .strength_bits = 128,
                .alg_bits = 128,
        },
@@ -752,7 +752,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA256,
                .algorithm_ssl = SSL_TLSV1_2,
                .algo_strength = SSL_HIGH,
-               .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+               .algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
                .strength_bits = 128,
                .alg_bits = 128,
        },
@@ -768,7 +768,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA256,
                .algorithm_ssl = SSL_TLSV1_2,
                .algo_strength = SSL_HIGH,
-               .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+               .algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
                .strength_bits = 128,
                .alg_bits = 128,
        },
@@ -784,7 +784,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA256,
                .algorithm_ssl = SSL_TLSV1_2,
                .algo_strength = SSL_HIGH,
-               .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+               .algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
                .strength_bits = 256,
                .alg_bits = 256,
        },
@@ -800,7 +800,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA256,
                .algorithm_ssl = SSL_TLSV1_2,
                .algo_strength = SSL_HIGH,
-               .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+               .algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
                .strength_bits = 256,
                .alg_bits = 256,
        },
@@ -816,7 +816,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA256,
                .algorithm_ssl = SSL_TLSV1_2,
                .algo_strength = SSL_HIGH,
-               .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+               .algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
                .strength_bits = 256,
                .alg_bits = 256,
        },
@@ -887,7 +887,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA1,
                .algorithm_ssl = SSL_TLSV1,
                .algo_strength = SSL_STRONG_NONE,
-               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
                .strength_bits = 0,
                .alg_bits = 0,
        },
@@ -903,7 +903,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA1,
                .algorithm_ssl = SSL_TLSV1,
                .algo_strength = SSL_LOW,
-               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
                .strength_bits = 128,
                .alg_bits = 128,
        },
@@ -919,7 +919,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA1,
                .algorithm_ssl = SSL_TLSV1,
                .algo_strength = SSL_MEDIUM,
-               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
                .strength_bits = 112,
                .alg_bits = 168,
        },
@@ -935,7 +935,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA1,
                .algorithm_ssl = SSL_TLSV1,
                .algo_strength = SSL_HIGH,
-               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
                .strength_bits = 128,
                .alg_bits = 128,
        },
@@ -951,7 +951,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA1,
                .algorithm_ssl = SSL_TLSV1,
                .algo_strength = SSL_HIGH,
-               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
                .strength_bits = 256,
                .alg_bits = 256,
        },
@@ -967,7 +967,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA1,
                .algorithm_ssl = SSL_TLSV1,
                .algo_strength = SSL_STRONG_NONE,
-               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
                .strength_bits = 0,
                .alg_bits = 0,
        },
@@ -983,7 +983,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA1,
                .algorithm_ssl = SSL_TLSV1,
                .algo_strength = SSL_LOW,
-               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
                .strength_bits = 128,
                .alg_bits = 128,
        },
@@ -999,7 +999,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA1,
                .algorithm_ssl = SSL_TLSV1,
                .algo_strength = SSL_MEDIUM,
-               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
                .strength_bits = 112,
                .alg_bits = 168,
        },
@@ -1015,7 +1015,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA1,
                .algorithm_ssl = SSL_TLSV1,
                .algo_strength = SSL_HIGH,
-               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
                .strength_bits = 128,
                .alg_bits = 128,
        },
@@ -1031,7 +1031,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA1,
                .algorithm_ssl = SSL_TLSV1,
                .algo_strength = SSL_HIGH,
-               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
                .strength_bits = 256,
                .alg_bits = 256,
        },
@@ -1047,7 +1047,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA1,
                .algorithm_ssl = SSL_TLSV1,
                .algo_strength = SSL_STRONG_NONE,
-               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
                .strength_bits = 0,
                .alg_bits = 0,
        },
@@ -1063,7 +1063,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA1,
                .algorithm_ssl = SSL_TLSV1,
                .algo_strength = SSL_LOW,
-               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
                .strength_bits = 128,
                .alg_bits = 128,
        },
@@ -1079,7 +1079,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA1,
                .algorithm_ssl = SSL_TLSV1,
                .algo_strength = SSL_MEDIUM,
-               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
                .strength_bits = 112,
                .alg_bits = 168,
        },
@@ -1095,7 +1095,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA1,
                .algorithm_ssl = SSL_TLSV1,
                .algo_strength = SSL_HIGH,
-               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
                .strength_bits = 128,
                .alg_bits = 128,
        },
@@ -1111,7 +1111,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA1,
                .algorithm_ssl = SSL_TLSV1,
                .algo_strength = SSL_HIGH,
-               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+               .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
                .strength_bits = 256,
                .alg_bits = 256,
        },
@@ -1130,7 +1130,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA256,
                .algorithm_ssl = SSL_TLSV1_2,
                .algo_strength = SSL_HIGH,
-               .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+               .algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
                .strength_bits = 128,
                .alg_bits = 128,
        },
@@ -1146,7 +1146,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA384,
                .algorithm_ssl = SSL_TLSV1_2,
                .algo_strength = SSL_HIGH,
-               .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+               .algorithm2 = SSL_HANDSHAKE_MAC_SHA384,
                .strength_bits = 256,
                .alg_bits = 256,
        },
@@ -1162,7 +1162,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA256,
                .algorithm_ssl = SSL_TLSV1_2,
                .algo_strength = SSL_HIGH,
-               .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+               .algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
                .strength_bits = 128,
                .alg_bits = 128,
        },
@@ -1178,7 +1178,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_SHA384,
                .algorithm_ssl = SSL_TLSV1_2,
                .algo_strength = SSL_HIGH,
-               .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+               .algorithm2 = SSL_HANDSHAKE_MAC_SHA384,
                .strength_bits = 256,
                .alg_bits = 256,
        },
@@ -1196,7 +1196,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_AEAD,
                .algorithm_ssl = SSL_TLSV1_2,
                .algo_strength = SSL_HIGH,
-               .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+               .algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
                .strength_bits = 128,
                .alg_bits = 128,
        },
@@ -1212,7 +1212,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_AEAD,
                .algorithm_ssl = SSL_TLSV1_2,
                .algo_strength = SSL_HIGH,
-               .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+               .algorithm2 = SSL_HANDSHAKE_MAC_SHA384,
                .strength_bits = 256,
                .alg_bits = 256,
        },
@@ -1228,7 +1228,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_AEAD,
                .algorithm_ssl = SSL_TLSV1_2,
                .algo_strength = SSL_HIGH,
-               .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+               .algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
                .strength_bits = 128,
                .alg_bits = 128,
        },
@@ -1244,7 +1244,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_AEAD,
                .algorithm_ssl = SSL_TLSV1_2,
                .algo_strength = SSL_HIGH,
-               .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+               .algorithm2 = SSL_HANDSHAKE_MAC_SHA384,
                .strength_bits = 256,
                .alg_bits = 256,
        },
@@ -1260,7 +1260,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_AEAD,
                .algorithm_ssl = SSL_TLSV1_2,
                .algo_strength = SSL_HIGH,
-               .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+               .algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
                .strength_bits = 256,
                .alg_bits = 256,
        },
@@ -1276,7 +1276,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_AEAD,
                .algorithm_ssl = SSL_TLSV1_2,
                .algo_strength = SSL_HIGH,
-               .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+               .algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
                .strength_bits = 256,
                .alg_bits = 256,
        },
@@ -1292,7 +1292,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_mac = SSL_AEAD,
                .algorithm_ssl = SSL_TLSV1_2,
                .algo_strength = SSL_HIGH,
-               .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+               .algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
                .strength_bits = 256,
                .alg_bits = 256,
        },

diff --git a/lib/libssl/ssl_local.h b/lib/libssl/ssl_local.h
index db10221..74c6ad3 100644 (file)
--- a/lib/libssl/ssl_local.h
+++ b/lib/libssl/ssl_local.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_local.h,v 1.17 2024/06/25 14:10:45 jsing Exp $ */
+/* $OpenBSD: ssl_local.h,v 1.18 2024/07/15 14:45:15 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -255,15 +255,6 @@ __BEGIN_HIDDEN_DECLS
 #define SSL3_CK_ID             0x03000000
 #define SSL3_CK_VALUE_MASK     0x0000ffff
 
-#define TLS1_PRF_DGST_MASK     (0xff << TLS1_PRF_DGST_SHIFT)
-
-#define TLS1_PRF_DGST_SHIFT 10
-#define TLS1_PRF_MD5 (SSL_HANDSHAKE_MAC_MD5 << TLS1_PRF_DGST_SHIFT)
-#define TLS1_PRF_SHA1 (SSL_HANDSHAKE_MAC_SHA << TLS1_PRF_DGST_SHIFT)
-#define TLS1_PRF_SHA256 (SSL_HANDSHAKE_MAC_SHA256 << TLS1_PRF_DGST_SHIFT)
-#define TLS1_PRF_SHA384 (SSL_HANDSHAKE_MAC_SHA384 << TLS1_PRF_DGST_SHIFT)
-#define TLS1_PRF (TLS1_PRF_MD5 | TLS1_PRF_SHA1)
-
 /*
  * Cipher strength information.
  */