Remove new_sym_enc and new_aead.

These can be replaced with accessors that allow this information to be
retrieved from the new record layer.

ok inoguchi@ tb@

diff --git a/lib/libssl/ssl_locl.h b/lib/libssl/ssl_locl.h
index f5287b2..86d1b6e 100644 (file)
--- a/lib/libssl/ssl_locl.h
+++ b/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.335 2021/04/19 17:03:39 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.336 2021/04/19 17:26:39 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -528,6 +528,8 @@ int tls12_record_layer_write_overhead(struct tls12_record_layer *rl,
     size_t *overhead);
 int tls12_record_layer_read_protected(struct tls12_record_layer *rl);
 int tls12_record_layer_write_protected(struct tls12_record_layer *rl);
+const EVP_AEAD *tls12_record_layer_aead(struct tls12_record_layer *rl);
+const EVP_CIPHER *tls12_record_layer_cipher(struct tls12_record_layer *rl);
 void tls12_record_layer_set_aead(struct tls12_record_layer *rl,
     const EVP_AEAD *aead);
 void tls12_record_layer_set_cipher_hash(struct tls12_record_layer *rl,
@@ -951,9 +953,6 @@ typedef struct ssl3_state_internal_st {
                char ctype[SSL3_CT_NUMBER];
                STACK_OF(X509_NAME) *ca_names;
 
-               const EVP_CIPHER *new_sym_enc;
-               const EVP_AEAD *new_aead;
-
                int cert_request;
        } tmp;
 

diff --git a/lib/libssl/t1_enc.c b/lib/libssl/t1_enc.c
index 613eb4c..6b3d40d 100644 (file)
--- a/lib/libssl/t1_enc.c
+++ b/lib/libssl/t1_enc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_enc.c,v 1.137 2021/04/19 17:03:39 jsing Exp $ */
+/* $OpenBSD: t1_enc.c,v 1.138 2021/04/19 17:26:39 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -312,8 +312,8 @@ tls1_change_cipher_state(SSL *s, int which)
        const EVP_AEAD *aead;
        char is_read, use_client_keys;
 
-       cipher = S3I(s)->tmp.new_sym_enc;
-       aead = S3I(s)->tmp.new_aead;
+       aead = tls12_record_layer_aead(s->internal->rl);
+       cipher = tls12_record_layer_cipher(s->internal->rl);
 
        /*
         * is_read is true if we have just read a ChangeCipherSpec message,
@@ -424,8 +424,6 @@ tls1_setup_key_block(SSL *s)
        if (!ssl_get_handshake_evp_md(s, &handshake_hash))
                return (0);
 
-       S3I(s)->tmp.new_aead = aead;
-       S3I(s)->tmp.new_sym_enc = cipher;
        S3I(s)->hs.tls12.mac_secret_size = mac_secret_size;
 
        tls12_record_layer_set_aead(s->internal->rl, aead);

diff --git a/lib/libssl/tls12_record_layer.c b/lib/libssl/tls12_record_layer.c
index 6cf8b31..7e29f4e 100644 (file)
--- a/lib/libssl/tls12_record_layer.c
+++ b/lib/libssl/tls12_record_layer.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls12_record_layer.c,v 1.25 2021/03/29 16:19:15 jsing Exp $ */
+/* $OpenBSD: tls12_record_layer.c,v 1.26 2021/04/19 17:26:39 jsing Exp $ */
 /*
  * Copyright (c) 2020 Joel Sing <jsing@openbsd.org>
  *
@@ -254,6 +254,18 @@ tls12_record_layer_write_protected(struct tls12_record_layer *rl)
        return tls12_record_protection_engaged(rl->write);
 }
 
+const EVP_AEAD *
+tls12_record_layer_aead(struct tls12_record_layer *rl)
+{
+       return rl->aead;
+}
+
+const EVP_CIPHER *
+tls12_record_layer_cipher(struct tls12_record_layer *rl)
+{
+       return rl->cipher;
+}
+
 void
 tls12_record_layer_set_aead(struct tls12_record_layer *rl, const EVP_AEAD *aead)
 {