From 2c1045770ff31e9c42c93f720b2dd8dcd289e017 Mon Sep 17 00:00:00 2001 From: beck Date: Thu, 6 Jul 2023 07:56:32 +0000 Subject: [PATCH] unifdef the LIBRESSL_HAS_TLS1_3_[CLIENT|SERVER] goo And remove the tendrils. This was useful for transition but we are now well past this. --- lib/libssl/Makefile | 6 +----- lib/libssl/ssl_local.h | 14 +------------- lib/libssl/ssl_methods.c | 37 +------------------------------------ 3 files changed, 3 insertions(+), 54 deletions(-) diff --git a/lib/libssl/Makefile b/lib/libssl/Makefile index b5b4ff4d318..9783885cd70 100644 --- a/lib/libssl/Makefile +++ b/lib/libssl/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.79 2023/05/05 21:23:02 tb Exp $ +# $OpenBSD: Makefile,v 1.80 2023/07/06 07:56:32 beck Exp $ .include .ifndef NOMAN @@ -19,10 +19,6 @@ CFLAGS+= -DLIBRESSL_INTERNAL .ifdef NAMESPACE CFLAGS+= -DLIBRESSL_NAMESPACE .endif -.ifdef TLS1_3 -CFLAGS+= -DLIBRESSL_HAS_TLS1_3_CLIENT -CFLAGS+= -DLIBRESSL_HAS_TLS1_3_SERVER -.endif .ifdef TLS1_3_DEBUG CFLAGS+= -DTLS13_DEBUG .endif diff --git a/lib/libssl/ssl_local.h b/lib/libssl/ssl_local.h index cb38e5f91c1..9666f3882a6 100644 --- a/lib/libssl/ssl_local.h +++ b/lib/libssl/ssl_local.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_local.h,v 1.6 2023/05/26 13:44:05 tb Exp $ */ +/* $OpenBSD: ssl_local.h,v 1.7 2023/07/06 07:56:32 beck Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -174,18 +174,6 @@ __BEGIN_HIDDEN_DECLS #define LIBRESSL_HAS_DTLS1_2 #endif -#ifndef LIBRESSL_HAS_TLS1_3_CLIENT -#define LIBRESSL_HAS_TLS1_3_CLIENT -#endif - -#ifndef LIBRESSL_HAS_TLS1_3_SERVER -#define LIBRESSL_HAS_TLS1_3_SERVER -#endif - -#if defined(LIBRESSL_HAS_TLS1_3_CLIENT) || defined(LIBRESSL_HAS_TLS1_3_SERVER) -#define LIBRESSL_HAS_TLS1_3 -#endif - /* LOCAL STUFF */ #define SSL_DECRYPT 0 diff --git a/lib/libssl/ssl_methods.c b/lib/libssl/ssl_methods.c index dac28011f41..8e89ef632e2 100644 --- a/lib/libssl/ssl_methods.c +++ b/lib/libssl/ssl_methods.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_methods.c,v 1.29 2022/11/26 16:08:56 tb Exp $ */ +/* $OpenBSD: ssl_methods.c,v 1.30 2023/07/06 07:56:32 beck Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -240,7 +240,6 @@ DTLS_server_method(void) return &DTLS_method_data; } -#if defined(LIBRESSL_HAS_TLS1_3_CLIENT) && defined(LIBRESSL_HAS_TLS1_3_SERVER) static const SSL_METHOD TLS_method_data = { .dtls = 0, .server = 1, @@ -261,7 +260,6 @@ static const SSL_METHOD TLS_method_data = { .get_cipher = ssl3_get_cipher, .enc_flags = TLSV1_3_ENC_FLAGS, }; -#endif static const SSL_METHOD TLS_legacy_method_data = { .dtls = 0, @@ -284,7 +282,6 @@ static const SSL_METHOD TLS_legacy_method_data = { .enc_flags = TLSV1_2_ENC_FLAGS, }; -#if defined(LIBRESSL_HAS_TLS1_3_CLIENT) static const SSL_METHOD TLS_client_method_data = { .dtls = 0, .server = 0, @@ -306,30 +303,6 @@ static const SSL_METHOD TLS_client_method_data = { .enc_flags = TLSV1_3_ENC_FLAGS, }; -#else - -static const SSL_METHOD TLS_legacy_client_method_data = { - .dtls = 0, - .server = 0, - .version = TLS1_2_VERSION, - .min_tls_version = TLS1_VERSION, - .max_tls_version = TLS1_2_VERSION, - .ssl_new = tls1_new, - .ssl_clear = tls1_clear, - .ssl_free = tls1_free, - .ssl_accept = ssl3_accept, - .ssl_connect = ssl3_connect, - .ssl_shutdown = ssl3_shutdown, - .ssl_renegotiate = ssl_undefined_function, - .ssl_renegotiate_check = ssl_ok, - .ssl_pending = ssl3_pending, - .ssl_read_bytes = ssl3_read_bytes, - .ssl_write_bytes = ssl3_write_bytes, - .get_cipher = ssl3_get_cipher, - .enc_flags = TLSV1_2_ENC_FLAGS, -}; -#endif - static const SSL_METHOD TLSv1_method_data = { .dtls = 0, .server = 1, @@ -459,21 +432,13 @@ static const SSL_METHOD TLSv1_2_client_method_data = { const SSL_METHOD * TLS_client_method(void) { -#if defined(LIBRESSL_HAS_TLS1_3_CLIENT) return (&TLS_client_method_data); -#else - return (&TLS_legacy_client_method_data); -#endif } const SSL_METHOD * TLS_method(void) { -#if defined(LIBRESSL_HAS_TLS1_3_CLIENT) && defined(LIBRESSL_HAS_TLS1_3_SERVER) return (&TLS_method_data); -#else - return tls_legacy_method(); -#endif } const SSL_METHOD * -- 2.20.1