-/* $OpenBSD: bio_ssl.c,v 1.30 2021/06/11 11:13:53 jsing Exp $ */
+/* $OpenBSD: bio_ssl.c,v 1.31 2021/07/01 17:53:39 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
SSL_shutdown(ssl);
if (ssl->internal->handshake_func ==
- ssl->method->internal->ssl_connect)
+ ssl->method->ssl_connect)
SSL_set_connect_state(ssl);
else if (ssl->internal->handshake_func ==
- ssl->method->internal->ssl_accept)
+ ssl->method->ssl_accept)
SSL_set_accept_state(ssl);
SSL_clear(ssl);
-/* $OpenBSD: d1_both.c,v 1.75 2021/06/11 17:29:48 jsing Exp $ */
+/* $OpenBSD: d1_both.c,v 1.76 2021/07/01 17:53:39 jsing Exp $ */
/*
* DTLS implementation written by Nagendra Modadugu
* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
unsigned char devnull [256];
while (frag_len) {
- i = s->method->internal->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
+ i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
devnull, frag_len > sizeof(devnull) ?
sizeof(devnull) : frag_len, 0);
if (i <= 0)
}
/* read the body of the fragment (header has already been read */
- i = s->method->internal->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
+ i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
frag->fragment + msg_hdr->frag_off, frag_len, 0);
if (i <= 0 || (unsigned long)i != frag_len)
goto err;
unsigned char devnull [256];
while (frag_len) {
- i = s->method->internal->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
+ i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
devnull, frag_len > sizeof(devnull) ?
sizeof(devnull) : frag_len, 0);
if (i <= 0)
if (frag_len) {
/* read the body of the fragment (header has already been read */
- i = s->method->internal->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
+ i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
frag->fragment, frag_len, 0);
if (i <= 0 || (unsigned long)i != frag_len)
goto err;
}
/* read handshake message header */
- i = s->method->internal->ssl_read_bytes(s, SSL3_RT_HANDSHAKE, wire,
+ i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE, wire,
DTLS1_HM_HEADER_LENGTH, 0);
if (i <= 0) /* nbio, or an error */
{
if (frag_len > 0) {
unsigned char *p = (unsigned char *)s->internal->init_buf->data + DTLS1_HM_HEADER_LENGTH;
- i = s->method->internal->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
+ i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
&p[frag_off], frag_len, 0);
/* XDTLS: fix this--message fragments cannot span multiple packets */
if (i <= 0) {
-/* $OpenBSD: d1_lib.c,v 1.56 2021/06/19 16:52:47 jsing Exp $ */
+/* $OpenBSD: d1_lib.c,v 1.57 2021/07/01 17:53:39 jsing Exp $ */
/*
* DTLS implementation written by Nagendra Modadugu
* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
if (s->server)
s->d1->internal->cookie_len = sizeof(D1I(s)->cookie);
- s->method->internal->ssl_clear(s);
+ s->method->ssl_clear(s);
return (1);
err:
-/* $OpenBSD: s3_lib.c,v 1.211 2021/06/30 18:07:50 jsing Exp $ */
+/* $OpenBSD: s3_lib.c,v 1.212 2021/07/01 17:53:39 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
return (0);
}
- s->method->internal->ssl_clear(s);
+ s->method->ssl_clear(s);
return (1);
}
}
} else if (!(s->internal->shutdown & SSL_RECEIVED_SHUTDOWN)) {
/* If we are waiting for a close from our peer, we are closed */
- s->method->internal->ssl_read_bytes(s, 0, NULL, 0, 0);
+ s->method->ssl_read_bytes(s, 0, NULL, 0, 0);
if (!(s->internal->shutdown & SSL_RECEIVED_SHUTDOWN)) {
return(-1); /* return WANT_READ */
}
if (S3I(s)->renegotiate)
ssl3_renegotiate_check(s);
- return s->method->internal->ssl_write_bytes(s,
- SSL3_RT_APPLICATION_DATA, buf, len);
+ return s->method->ssl_write_bytes(s, SSL3_RT_APPLICATION_DATA,
+ buf, len);
}
static int
if (S3I(s)->renegotiate)
ssl3_renegotiate_check(s);
S3I(s)->in_read_app_data = 1;
- ret = s->method->internal->ssl_read_bytes(s,
- SSL3_RT_APPLICATION_DATA, buf, len, peek);
+
+ ret = s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len,
+ peek);
if ((ret == -1) && (S3I(s)->in_read_app_data == 2)) {
/*
* ssl3_read_bytes decided to call s->internal->handshake_func,
* handshake processing and try to read application data again.
*/
s->internal->in_handshake++;
- ret = s->method->internal->ssl_read_bytes(s,
- SSL3_RT_APPLICATION_DATA, buf, len, peek);
+ ret = s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA,
+ buf, len, peek);
s->internal->in_handshake--;
} else
S3I(s)->in_read_app_data = 0;
-/* $OpenBSD: ssl_both.c,v 1.32 2021/06/11 11:13:53 jsing Exp $ */
+/* $OpenBSD: ssl_both.c,v 1.33 2021/07/01 17:53:39 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
do {
while (s->internal->init_num < 4) {
- i = s->method->internal->ssl_read_bytes(s,
+ i = s->method->ssl_read_bytes(s,
SSL3_RT_HANDSHAKE, &p[s->internal->init_num],
4 - s->internal->init_num, 0);
if (i <= 0) {
p = s->internal->init_msg;
n = S3I(s)->hs.tls12.message_size - s->internal->init_num;
while (n > 0) {
- i = s->method->internal->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
+ i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
&p[s->internal->init_num], n, 0);
if (i <= 0) {
s->internal->rwstate = SSL_READING;
-/* $OpenBSD: ssl_lib.c,v 1.261 2021/06/19 16:52:47 jsing Exp $ */
+/* $OpenBSD: ssl_lib.c,v 1.262 2021/07/01 17:53:39 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
return (0);
}
- s->version = s->method->internal->version;
+ s->version = s->method->version;
s->client_version = s->version;
s->internal->rwstate = SSL_NOTHING;
s->internal->rstate = SSL_ST_READ_HEADER;
*/
if (!s->internal->in_handshake && (s->session == NULL) &&
(s->method != s->ctx->method)) {
- s->method->internal->ssl_free(s);
+ s->method->ssl_free(s);
s->method = s->ctx->method;
- if (!s->method->internal->ssl_new(s))
+ if (!s->method->ssl_new(s))
return (0);
} else
- s->method->internal->ssl_clear(s);
+ s->method->ssl_clear(s);
return (1);
}
s->method = ctx->method;
- if (!s->method->internal->ssl_new(s))
+ if (!s->method->ssl_new(s))
goto err;
s->references = 1;
- s->server = ctx->method->internal->server;
+ s->server = ctx->method->server;
SSL_clear(s);
sk_X509_NAME_pop_free(s->internal->client_CA, X509_NAME_free);
if (s->method != NULL)
- s->method->internal->ssl_free(s);
+ s->method->ssl_free(s);
SSL_CTX_free(s->ctx);
int
SSL_pending(const SSL *s)
{
- return (s->method->internal->ssl_pending(s));
+ return (s->method->ssl_pending(s));
}
X509 *
/* What if we are set up for one protocol but want to talk another? */
if (t->method != f->method) {
- t->method->internal->ssl_free(t);
+ t->method->ssl_free(t);
t->method = f->method;
- if (!t->method->internal->ssl_new(t))
+ if (!t->method->ssl_new(t))
return 0;
}
if (s->internal->handshake_func == NULL)
SSL_set_accept_state(s); /* Not properly initialized yet */
- return (s->method->internal->ssl_accept(s));
+ return (s->method->ssl_accept(s));
}
int
if (s->internal->handshake_func == NULL)
SSL_set_connect_state(s); /* Not properly initialized yet */
- return (s->method->internal->ssl_connect(s));
+ return (s->method->ssl_connect(s));
}
int
SSL_is_dtls(const SSL *s)
{
- return s->method->internal->dtls;
+ return s->method->dtls;
}
int
}
if (s != NULL && !SSL_in_init(s))
- return (s->method->internal->ssl_shutdown(s));
+ return (s->method->ssl_shutdown(s));
return (1);
}
s->internal->new_session = 1;
- return (s->method->internal->ssl_renegotiate(s));
+ return (s->method->ssl_renegotiate(s));
}
int
s->internal->new_session = 0;
- return (s->method->internal->ssl_renegotiate(s));
+ return (s->method->ssl_renegotiate(s));
}
int
}
ret->method = meth;
- ret->internal->min_tls_version = meth->internal->min_tls_version;
- ret->internal->max_tls_version = meth->internal->max_tls_version;
+ ret->internal->min_tls_version = meth->min_tls_version;
+ ret->internal->max_tls_version = meth->max_tls_version;
ret->internal->min_proto_version = 0;
ret->internal->max_proto_version = 0;
ret->internal->mode = SSL_MODE_AUTO_RETRY;
if (s->method == method)
return (ret);
- if (s->internal->handshake_func == s->method->internal->ssl_connect)
- handshake_func = method->internal->ssl_connect;
- else if (s->internal->handshake_func == s->method->internal->ssl_accept)
- handshake_func = method->internal->ssl_accept;
+ if (s->internal->handshake_func == s->method->ssl_connect)
+ handshake_func = method->ssl_connect;
+ else if (s->internal->handshake_func == s->method->ssl_accept)
+ handshake_func = method->ssl_accept;
- if (s->method->internal->version == method->internal->version) {
+ if (s->method->version == method->version) {
s->method = method;
} else {
- s->method->internal->ssl_free(s);
+ s->method->ssl_free(s);
s->method = method;
- ret = s->method->internal->ssl_new(s);
+ ret = s->method->ssl_new(s);
}
s->internal->handshake_func = handshake_func;
return (-1);
}
- s->method->internal->ssl_renegotiate_check(s);
+ s->method->ssl_renegotiate_check(s);
if (SSL_in_init(s) || SSL_in_before(s)) {
ret = s->internal->handshake_func(s);
s->server = 1;
s->internal->shutdown = 0;
S3I(s)->hs.state = SSL_ST_ACCEPT|SSL_ST_BEFORE;
- s->internal->handshake_func = s->method->internal->ssl_accept;
+ s->internal->handshake_func = s->method->ssl_accept;
ssl_clear_cipher_state(s);
}
s->server = 0;
s->internal->shutdown = 0;
S3I(s)->hs.state = SSL_ST_CONNECT|SSL_ST_BEFORE;
- s->internal->handshake_func = s->method->internal->ssl_connect;
+ s->internal->handshake_func = s->method->ssl_connect;
ssl_clear_cipher_state(s);
}
* and thus we can't use SSL_copy_session_id.
*/
- ret->method->internal->ssl_free(ret);
+ ret->method->ssl_free(ret);
ret->method = s->method;
- ret->method->internal->ssl_new(ret);
+ ret->method->ssl_new(ret);
ssl_cert_free(ret->cert);
if ((ret->cert = ssl_cert_dup(s->cert)) == NULL)
-/* $OpenBSD: ssl_locl.h,v 1.353 2021/06/30 18:04:06 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.354 2021/07/01 17:53:39 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
/* See if we use signature algorithms extension. */
#define SSL_USE_SIGALGS(s) \
- (s->method->internal->enc_flags & SSL_ENC_FLAG_SIGALGS)
+ (s->method->enc_flags & SSL_ENC_FLAG_SIGALGS)
/* See if we use SHA256 default PRF. */
#define SSL_USE_SHA256_PRF(s) \
- (s->method->internal->enc_flags & SSL_ENC_FLAG_SHA256_PRF)
+ (s->method->enc_flags & SSL_ENC_FLAG_SHA256_PRF)
/* Allow TLS 1.2 ciphersuites: applies to DTLS 1.2 as well as TLS 1.2. */
#define SSL_USE_TLS1_2_CIPHERS(s) \
- (s->method->internal->enc_flags & SSL_ENC_FLAG_TLS1_2_CIPHERS)
+ (s->method->enc_flags & SSL_ENC_FLAG_TLS1_2_CIPHERS)
/* Allow TLS 1.3 ciphersuites only. */
#define SSL_USE_TLS1_3_CIPHERS(s) \
- (s->method->internal->enc_flags & SSL_ENC_FLAG_TLS1_3_CIPHERS)
+ (s->method->enc_flags & SSL_ENC_FLAG_TLS1_3_CIPHERS)
#define SSL_PKEY_RSA 0
#define SSL_PKEY_ECC 1
int alg_bits; /* Number of bits for algorithm */
};
-typedef struct ssl_method_internal_st {
+struct ssl_method_st {
int dtls;
int server;
int version;
int peek);
int (*ssl_write_bytes)(SSL *s, int type, const void *buf_, int len);
- unsigned int enc_flags; /* SSL_ENC_FLAG_* */
-} SSL_METHOD_INTERNAL;
-
-struct ssl_method_st {
int (*ssl_dispatch_alert)(SSL *s);
int (*num_ciphers)(void);
const SSL_CIPHER *(*get_cipher)(unsigned int ncipher);
const SSL_CIPHER *(*get_cipher_by_char)(const unsigned char *ptr);
int (*put_cipher_by_char)(const SSL_CIPHER *cipher, unsigned char *ptr);
- const struct ssl_method_internal_st *internal;
+ unsigned int enc_flags; /* SSL_ENC_FLAG_* */
};
typedef struct ssl_session_internal_st {
-/* $OpenBSD: ssl_methods.c,v 1.25 2021/05/16 13:56:31 jsing Exp $ */
+/* $OpenBSD: ssl_methods.c,v 1.26 2021/07/01 17:53:39 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include "ssl_locl.h"
#include "tls13_internal.h"
-static const SSL_METHOD_INTERNAL DTLS_method_internal_data = {
+static const SSL_METHOD DTLS_method_data = {
.dtls = 1,
.server = 1,
.version = DTLS1_2_VERSION,
.ssl_pending = ssl3_pending,
.ssl_read_bytes = dtls1_read_bytes,
.ssl_write_bytes = dtls1_write_app_data_bytes,
- .enc_flags = TLSV1_2_ENC_FLAGS,
-};
-
-static const SSL_METHOD DTLS_method_data = {
.ssl_dispatch_alert = dtls1_dispatch_alert,
.num_ciphers = ssl3_num_ciphers,
.get_cipher = dtls1_get_cipher,
.get_cipher_by_char = ssl3_get_cipher_by_char,
.put_cipher_by_char = ssl3_put_cipher_by_char,
- .internal = &DTLS_method_internal_data,
+ .enc_flags = TLSV1_2_ENC_FLAGS,
};
-static const SSL_METHOD_INTERNAL DTLS_client_method_internal_data = {
+static const SSL_METHOD DTLS_client_method_data = {
.dtls = 1,
.server = 0,
.version = DTLS1_2_VERSION,
.ssl_pending = ssl3_pending,
.ssl_read_bytes = dtls1_read_bytes,
.ssl_write_bytes = dtls1_write_app_data_bytes,
- .enc_flags = TLSV1_2_ENC_FLAGS,
-};
-
-static const SSL_METHOD DTLS_client_method_data = {
.ssl_dispatch_alert = dtls1_dispatch_alert,
.num_ciphers = ssl3_num_ciphers,
.get_cipher = dtls1_get_cipher,
.get_cipher_by_char = ssl3_get_cipher_by_char,
.put_cipher_by_char = ssl3_put_cipher_by_char,
- .internal = &DTLS_client_method_internal_data,
+ .enc_flags = TLSV1_2_ENC_FLAGS,
};
-static const SSL_METHOD_INTERNAL DTLSv1_method_internal_data = {
+static const SSL_METHOD DTLSv1_method_data = {
.dtls = 1,
.server = 1,
.version = DTLS1_VERSION,
.ssl_pending = ssl3_pending,
.ssl_read_bytes = dtls1_read_bytes,
.ssl_write_bytes = dtls1_write_app_data_bytes,
- .enc_flags = TLSV1_1_ENC_FLAGS,
-};
-
-static const SSL_METHOD DTLSv1_method_data = {
.ssl_dispatch_alert = dtls1_dispatch_alert,
.num_ciphers = ssl3_num_ciphers,
.get_cipher = dtls1_get_cipher,
.get_cipher_by_char = ssl3_get_cipher_by_char,
.put_cipher_by_char = ssl3_put_cipher_by_char,
- .internal = &DTLSv1_method_internal_data,
+ .enc_flags = TLSV1_1_ENC_FLAGS,
};
-static const SSL_METHOD_INTERNAL DTLSv1_client_method_internal_data = {
+static const SSL_METHOD DTLSv1_client_method_data = {
.dtls = 1,
.server = 0,
.version = DTLS1_VERSION,
.ssl_pending = ssl3_pending,
.ssl_read_bytes = dtls1_read_bytes,
.ssl_write_bytes = dtls1_write_app_data_bytes,
- .enc_flags = TLSV1_1_ENC_FLAGS,
-};
-
-static const SSL_METHOD DTLSv1_client_method_data = {
.ssl_dispatch_alert = dtls1_dispatch_alert,
.num_ciphers = ssl3_num_ciphers,
.get_cipher = dtls1_get_cipher,
.get_cipher_by_char = ssl3_get_cipher_by_char,
.put_cipher_by_char = ssl3_put_cipher_by_char,
- .internal = &DTLSv1_client_method_internal_data,
+ .enc_flags = TLSV1_1_ENC_FLAGS,
};
-static const SSL_METHOD_INTERNAL DTLSv1_2_method_internal_data = {
+static const SSL_METHOD DTLSv1_2_method_data = {
.dtls = 1,
.server = 1,
.version = DTLS1_2_VERSION,
.ssl_pending = ssl3_pending,
.ssl_read_bytes = dtls1_read_bytes,
.ssl_write_bytes = dtls1_write_app_data_bytes,
- .enc_flags = TLSV1_2_ENC_FLAGS,
-};
-
-static const SSL_METHOD DTLSv1_2_method_data = {
.ssl_dispatch_alert = dtls1_dispatch_alert,
.num_ciphers = ssl3_num_ciphers,
.get_cipher = dtls1_get_cipher,
.get_cipher_by_char = ssl3_get_cipher_by_char,
.put_cipher_by_char = ssl3_put_cipher_by_char,
- .internal = &DTLSv1_2_method_internal_data,
+ .enc_flags = TLSV1_2_ENC_FLAGS,
};
-static const SSL_METHOD_INTERNAL DTLSv1_2_client_method_internal_data = {
+static const SSL_METHOD DTLSv1_2_client_method_data = {
.dtls = 1,
.server = 0,
.version = DTLS1_2_VERSION,
.ssl_pending = ssl3_pending,
.ssl_read_bytes = dtls1_read_bytes,
.ssl_write_bytes = dtls1_write_app_data_bytes,
- .enc_flags = TLSV1_2_ENC_FLAGS,
-};
-
-static const SSL_METHOD DTLSv1_2_client_method_data = {
.ssl_dispatch_alert = dtls1_dispatch_alert,
.num_ciphers = ssl3_num_ciphers,
.get_cipher = dtls1_get_cipher,
.get_cipher_by_char = ssl3_get_cipher_by_char,
.put_cipher_by_char = ssl3_put_cipher_by_char,
- .internal = &DTLSv1_2_client_method_internal_data,
+ .enc_flags = TLSV1_2_ENC_FLAGS,
};
const SSL_METHOD *
}
#if defined(LIBRESSL_HAS_TLS1_3_CLIENT) && defined(LIBRESSL_HAS_TLS1_3_SERVER)
-static const SSL_METHOD_INTERNAL TLS_method_internal_data = {
+static const SSL_METHOD TLS_method_data = {
.dtls = 0,
.server = 1,
.version = TLS1_3_VERSION,
.ssl_pending = tls13_legacy_pending,
.ssl_read_bytes = tls13_legacy_read_bytes,
.ssl_write_bytes = tls13_legacy_write_bytes,
- .enc_flags = TLSV1_3_ENC_FLAGS,
-};
-
-static const SSL_METHOD TLS_method_data = {
.ssl_dispatch_alert = ssl3_dispatch_alert,
.num_ciphers = ssl3_num_ciphers,
.get_cipher = ssl3_get_cipher,
.get_cipher_by_char = ssl3_get_cipher_by_char,
.put_cipher_by_char = ssl3_put_cipher_by_char,
- .internal = &TLS_method_internal_data,
+ .enc_flags = TLSV1_3_ENC_FLAGS,
};
#endif
-static const SSL_METHOD_INTERNAL TLS_legacy_method_internal_data = {
+static const SSL_METHOD TLS_legacy_method_data = {
.dtls = 0,
.server = 1,
.version = TLS1_2_VERSION,
.ssl_pending = ssl3_pending,
.ssl_read_bytes = ssl3_read_bytes,
.ssl_write_bytes = ssl3_write_bytes,
- .enc_flags = TLSV1_2_ENC_FLAGS,
-};
-
-static const SSL_METHOD TLS_legacy_method_data = {
.ssl_dispatch_alert = ssl3_dispatch_alert,
.num_ciphers = ssl3_num_ciphers,
.get_cipher = ssl3_get_cipher,
.get_cipher_by_char = ssl3_get_cipher_by_char,
.put_cipher_by_char = ssl3_put_cipher_by_char,
- .internal = &TLS_legacy_method_internal_data,
+ .enc_flags = TLSV1_2_ENC_FLAGS,
};
#if defined(LIBRESSL_HAS_TLS1_3_CLIENT)
-static const SSL_METHOD_INTERNAL TLS_client_method_internal_data = {
+static const SSL_METHOD TLS_client_method_data = {
.dtls = 0,
.server = 0,
.version = TLS1_3_VERSION,
.ssl_pending = tls13_legacy_pending,
.ssl_read_bytes = tls13_legacy_read_bytes,
.ssl_write_bytes = tls13_legacy_write_bytes,
- .enc_flags = TLSV1_3_ENC_FLAGS,
-};
-
-static const SSL_METHOD TLS_client_method_data = {
.ssl_dispatch_alert = ssl3_dispatch_alert,
.num_ciphers = ssl3_num_ciphers,
.get_cipher = ssl3_get_cipher,
.get_cipher_by_char = ssl3_get_cipher_by_char,
.put_cipher_by_char = ssl3_put_cipher_by_char,
- .internal = &TLS_client_method_internal_data,
+ .enc_flags = TLSV1_3_ENC_FLAGS,
};
#else
-static const SSL_METHOD_INTERNAL TLS_legacy_client_method_internal_data = {
+static const SSL_METHOD TLS_legacy_client_method_data = {
.dtls = 0,
.server = 0,
.version = TLS1_2_VERSION,
.ssl_pending = ssl3_pending,
.ssl_read_bytes = ssl3_read_bytes,
.ssl_write_bytes = ssl3_write_bytes,
- .enc_flags = TLSV1_2_ENC_FLAGS,
-};
-
-static const SSL_METHOD TLS_legacy_client_method_data = {
.ssl_dispatch_alert = ssl3_dispatch_alert,
.num_ciphers = ssl3_num_ciphers,
.get_cipher = ssl3_get_cipher,
.get_cipher_by_char = ssl3_get_cipher_by_char,
.put_cipher_by_char = ssl3_put_cipher_by_char,
- .internal = &TLS_legacy_client_method_internal_data,
+ .enc_flags = TLSV1_2_ENC_FLAGS,
};
#endif
-static const SSL_METHOD_INTERNAL TLSv1_method_internal_data = {
+static const SSL_METHOD TLSv1_method_data = {
.dtls = 0,
.server = 1,
.version = TLS1_VERSION,
.ssl_pending = ssl3_pending,
.ssl_read_bytes = ssl3_read_bytes,
.ssl_write_bytes = ssl3_write_bytes,
- .enc_flags = TLSV1_ENC_FLAGS,
-};
-
-static const SSL_METHOD TLSv1_method_data = {
.ssl_dispatch_alert = ssl3_dispatch_alert,
.num_ciphers = ssl3_num_ciphers,
.get_cipher = ssl3_get_cipher,
.get_cipher_by_char = ssl3_get_cipher_by_char,
.put_cipher_by_char = ssl3_put_cipher_by_char,
- .internal = &TLSv1_method_internal_data,
+ .enc_flags = TLSV1_ENC_FLAGS,
};
-static const SSL_METHOD_INTERNAL TLSv1_client_method_internal_data = {
+static const SSL_METHOD TLSv1_client_method_data = {
.dtls = 0,
.server = 0,
.version = TLS1_VERSION,
.ssl_pending = ssl3_pending,
.ssl_read_bytes = ssl3_read_bytes,
.ssl_write_bytes = ssl3_write_bytes,
- .enc_flags = TLSV1_ENC_FLAGS,
-};
-
-static const SSL_METHOD TLSv1_client_method_data = {
.ssl_dispatch_alert = ssl3_dispatch_alert,
.num_ciphers = ssl3_num_ciphers,
.get_cipher = ssl3_get_cipher,
.get_cipher_by_char = ssl3_get_cipher_by_char,
.put_cipher_by_char = ssl3_put_cipher_by_char,
- .internal = &TLSv1_client_method_internal_data,
+ .enc_flags = TLSV1_ENC_FLAGS,
};
-static const SSL_METHOD_INTERNAL TLSv1_1_method_internal_data = {
+static const SSL_METHOD TLSv1_1_method_data = {
.dtls = 0,
.server = 1,
.version = TLS1_1_VERSION,
.ssl_pending = ssl3_pending,
.ssl_read_bytes = ssl3_read_bytes,
.ssl_write_bytes = ssl3_write_bytes,
- .enc_flags = TLSV1_1_ENC_FLAGS,
-};
-
-static const SSL_METHOD TLSv1_1_method_data = {
.ssl_dispatch_alert = ssl3_dispatch_alert,
.num_ciphers = ssl3_num_ciphers,
.get_cipher = ssl3_get_cipher,
.get_cipher_by_char = ssl3_get_cipher_by_char,
.put_cipher_by_char = ssl3_put_cipher_by_char,
- .internal = &TLSv1_1_method_internal_data,
+ .enc_flags = TLSV1_1_ENC_FLAGS,
};
-static const SSL_METHOD_INTERNAL TLSv1_1_client_method_internal_data = {
+static const SSL_METHOD TLSv1_1_client_method_data = {
.dtls = 0,
.server = 0,
.version = TLS1_1_VERSION,
.ssl_pending = ssl3_pending,
.ssl_read_bytes = ssl3_read_bytes,
.ssl_write_bytes = ssl3_write_bytes,
- .enc_flags = TLSV1_1_ENC_FLAGS,
-};
-
-static const SSL_METHOD TLSv1_1_client_method_data = {
.ssl_dispatch_alert = ssl3_dispatch_alert,
.num_ciphers = ssl3_num_ciphers,
.get_cipher = ssl3_get_cipher,
.get_cipher_by_char = ssl3_get_cipher_by_char,
.put_cipher_by_char = ssl3_put_cipher_by_char,
- .internal = &TLSv1_1_client_method_internal_data,
+ .enc_flags = TLSV1_1_ENC_FLAGS,
};
-static const SSL_METHOD_INTERNAL TLSv1_2_method_internal_data = {
+static const SSL_METHOD TLSv1_2_method_data = {
.dtls = 0,
.server = 1,
.version = TLS1_2_VERSION,
.ssl_pending = ssl3_pending,
.ssl_read_bytes = ssl3_read_bytes,
.ssl_write_bytes = ssl3_write_bytes,
- .enc_flags = TLSV1_2_ENC_FLAGS,
-};
-
-static const SSL_METHOD TLSv1_2_method_data = {
.ssl_dispatch_alert = ssl3_dispatch_alert,
.num_ciphers = ssl3_num_ciphers,
.get_cipher = ssl3_get_cipher,
.get_cipher_by_char = ssl3_get_cipher_by_char,
.put_cipher_by_char = ssl3_put_cipher_by_char,
- .internal = &TLSv1_2_method_internal_data,
+ .enc_flags = TLSV1_2_ENC_FLAGS,
};
-static const SSL_METHOD_INTERNAL TLSv1_2_client_method_internal_data = {
+static const SSL_METHOD TLSv1_2_client_method_data = {
.dtls = 0,
.server = 0,
.version = TLS1_2_VERSION,
.ssl_pending = ssl3_pending,
.ssl_read_bytes = ssl3_read_bytes,
.ssl_write_bytes = ssl3_write_bytes,
- .enc_flags = TLSV1_2_ENC_FLAGS,
-};
-
-static const SSL_METHOD TLSv1_2_client_method_data = {
.ssl_dispatch_alert = ssl3_dispatch_alert,
.num_ciphers = ssl3_num_ciphers,
.get_cipher = ssl3_get_cipher,
.get_cipher_by_char = ssl3_get_cipher_by_char,
.put_cipher_by_char = ssl3_put_cipher_by_char,
- .internal = &TLSv1_2_client_method_internal_data,
+ .enc_flags = TLSV1_2_ENC_FLAGS,
};
const SSL_METHOD *
-/* $OpenBSD: ssl_packet.c,v 1.11 2021/05/16 14:10:43 jsing Exp $ */
+/* $OpenBSD: ssl_packet.c,v 1.12 2021/07/01 17:53:39 jsing Exp $ */
/*
* Copyright (c) 2016, 2017 Joel Sing <jsing@openbsd.org>
*
return 1;
/* Only continue if this is not a version locked method. */
- if (s->method->internal->min_tls_version ==
- s->method->internal->max_tls_version)
+ if (s->method->min_tls_version == s->method->max_tls_version)
return 1;
if (ssl_is_sslv2_client_hello(&header) == 1) {
-/* $OpenBSD: ssl_versions.c,v 1.19 2021/06/27 16:54:14 jsing Exp $ */
+/* $OpenBSD: ssl_versions.c,v 1.20 2021/07/01 17:53:39 jsing Exp $ */
/*
* Copyright (c) 2016, 2017 Joel Sing <jsing@openbsd.org>
*
uint16_t min_proto, min_version, max_version;
if (proto_ver == 0) {
- *out_tls_ver = meth->internal->min_tls_version;
+ *out_tls_ver = meth->min_tls_version;
*out_proto_ver = 0;
return 1;
}
min_version = proto_ver;
max_version = max_tls_ver;
- if (meth->internal->dtls) {
+ if (meth->dtls) {
if ((min_version = ssl_dtls_to_tls_version(proto_ver)) == 0)
return 0;
}
if (!ssl_clamp_tls_version_range(&min_version, &max_version,
- meth->internal->min_tls_version, meth->internal->max_tls_version))
+ meth->min_tls_version, meth->max_tls_version))
return 0;
min_proto = min_version;
- if (meth->internal->dtls) {
+ if (meth->dtls) {
if ((min_proto = ssl_tls_to_dtls_version(min_version)) == 0)
return 0;
}
uint16_t max_proto, min_version, max_version;
if (proto_ver == 0) {
- *out_tls_ver = meth->internal->max_tls_version;
+ *out_tls_ver = meth->max_tls_version;
*out_proto_ver = 0;
return 1;
}
min_version = min_tls_ver;
max_version = proto_ver;
- if (meth->internal->dtls) {
+ if (meth->dtls) {
if ((max_version = ssl_dtls_to_tls_version(proto_ver)) == 0)
return 0;
}
if (!ssl_clamp_tls_version_range(&min_version, &max_version,
- meth->internal->min_tls_version, meth->internal->max_tls_version))
+ meth->min_tls_version, meth->max_tls_version))
return 0;
max_proto = max_version;
- if (meth->internal->dtls) {
+ if (meth->dtls) {
if ((max_proto = ssl_tls_to_dtls_version(max_version)) == 0)
return 0;
}
/* Limit to the versions supported by this method. */
if (!ssl_clamp_tls_version_range(&min_version, &max_version,
- s->method->internal->min_tls_version,
- s->method->internal->max_tls_version))
+ s->method->min_tls_version, s->method->max_tls_version))
return 0;
if (min_ver != NULL)
-/* $OpenBSD: t1_enc.c,v 1.150 2021/06/13 15:34:41 jsing Exp $ */
+/* $OpenBSD: t1_enc.c,v 1.151 2021/07/01 17:53:39 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
key_block = NULL;
if (!(s->internal->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS) &&
- s->method->internal->version <= TLS1_VERSION) {
+ s->method->version <= TLS1_VERSION) {
/*
* Enable vulnerability countermeasure for CBC ciphers with
* known-IV problem (http://www.openssl.org/~bodo/tls-cbc.txt)
-/* $OpenBSD: t1_lib.c,v 1.181 2021/06/11 11:13:53 jsing Exp $ */
+/* $OpenBSD: t1_lib.c,v 1.182 2021/07/01 17:53:39 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
{
if (!ssl3_new(s))
return (0);
- s->method->internal->ssl_clear(s);
+ s->method->ssl_clear(s);
return (1);
}
tls1_clear(SSL *s)
{
ssl3_clear(s);
- s->version = s->method->internal->version;
+ s->version = s->method->version;
}
static const int nid_list[] = {
-/* $OpenBSD: tls13_handshake.c,v 1.68 2021/06/28 18:48:56 tb Exp $ */
+/* $OpenBSD: tls13_handshake.c,v 1.69 2021/07/01 17:53:39 jsing Exp $ */
/*
* Copyright (c) 2018-2021 Theo Buehler <tb@openbsd.org>
* Copyright (c) 2019 Joel Sing <jsing@openbsd.org>
tls13_handshake_msg_free(ctx->hs_msg);
ctx->hs_msg = NULL;
- if (ctx->ssl->method->internal->version < TLS1_3_VERSION)
+ if (ctx->ssl->method->version < TLS1_3_VERSION)
return TLS13_IO_USE_LEGACY;
return ret;
-/* $OpenBSD: tls13_legacy.c,v 1.25 2021/06/28 15:36:51 tb Exp $ */
+/* $OpenBSD: tls13_legacy.c,v 1.26 2021/07/01 17:53:39 jsing Exp $ */
/*
* Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
*
if (!tls13_use_legacy_stack(ctx))
return 0;
- s->internal->handshake_func = s->method->internal->ssl_connect;
- s->client_version = s->version = s->method->internal->max_tls_version;
+ s->internal->handshake_func = s->method->ssl_connect;
+ s->client_version = s->version = s->method->max_tls_version;
return 1;
}
if (!tls13_use_legacy_stack(ctx))
return 0;
- s->internal->handshake_func = s->method->internal->ssl_accept;
- s->client_version = s->version = s->method->internal->max_tls_version;
+ s->internal->handshake_func = s->method->ssl_accept;
+ s->client_version = s->version = s->method->max_tls_version;
s->server = 1;
return 1;
ret = tls13_server_accept(ctx);
if (ret == TLS13_IO_USE_LEGACY)
- return ssl->method->internal->ssl_accept(ssl);
+ return ssl->method->ssl_accept(ssl);
return tls13_legacy_return_code(ssl, ret);
}
/* XXX drop back to legacy for client auth for now */
if (ssl->cert->key->privatekey != NULL) {
ssl->method = tls_legacy_client_method();
- return ssl->method->internal->ssl_connect(ssl);
+ return ssl->method->ssl_connect(ssl);
}
#endif
ret = tls13_client_connect(ctx);
if (ret == TLS13_IO_USE_LEGACY)
- return ssl->method->internal->ssl_connect(ssl);
+ return ssl->method->ssl_connect(ssl);
return tls13_legacy_return_code(ssl, ret);
}
-/* $OpenBSD: tls13_server.c,v 1.83 2021/06/29 19:20:39 jsing Exp $ */
+/* $OpenBSD: tls13_server.c,v 1.84 2021/07/01 17:53:39 jsing Exp $ */
/*
* Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org>
* Copyright (c) 2020 Bob Beck <beck@openbsd.org>
goto err;
/* See if we switched back to the legacy client method. */
- if (s->method->internal->version < TLS1_3_VERSION)
+ if (s->method->version < TLS1_3_VERSION)
return 1;
/*
return 0;
/* XXX - need further checks. */
- if (s->method->internal->version < TLS1_3_VERSION)
+ if (s->method->version < TLS1_3_VERSION)
return 0;
ctx->hs->tls13.hrr = 0;
projects / openbsd / commitdiff