From 3e6620b05005703104bc76bb7ab704a725e99897 Mon Sep 17 00:00:00 2001 From: jsing Date: Sun, 10 Aug 2014 14:42:55 +0000 Subject: [PATCH] Since we no longer need to support SSLv2-style cipher lists, start unravelling the maze of function pointers and callbacks by directly calling ssl3_{get,put}_cipher_by_char() and removing the ssl_{get,put}_cipher_by_char macros. Prompted by similar changes in boringssl. ok guenther. --- lib/libssl/d1_clnt.c | 6 ++---- lib/libssl/d1_meth.c | 4 +--- lib/libssl/d1_srvr.c | 4 +--- lib/libssl/s23_clnt.c | 7 ++----- lib/libssl/s23_lib.c | 17 +---------------- lib/libssl/s23_srvr.c | 4 +--- lib/libssl/s3_clnt.c | 12 +++++------- lib/libssl/s3_srvr.c | 4 +--- lib/libssl/src/ssl/d1_clnt.c | 6 ++---- lib/libssl/src/ssl/d1_meth.c | 4 +--- lib/libssl/src/ssl/d1_srvr.c | 4 +--- lib/libssl/src/ssl/s23_clnt.c | 7 ++----- lib/libssl/src/ssl/s23_lib.c | 17 +---------------- lib/libssl/src/ssl/s23_meth.c | 4 +--- lib/libssl/src/ssl/s23_srvr.c | 4 +--- lib/libssl/src/ssl/s3_clnt.c | 12 +++++------- lib/libssl/src/ssl/s3_meth.c | 4 +--- lib/libssl/src/ssl/s3_srvr.c | 4 +--- lib/libssl/src/ssl/ssl.h | 3 ++- lib/libssl/src/ssl/ssl_lib.c | 20 +++++++++----------- lib/libssl/src/ssl/ssl_locl.h | 10 ++-------- lib/libssl/src/ssl/ssl_sess.c | 6 +++--- lib/libssl/src/ssl/t1_clnt.c | 8 +------- lib/libssl/src/ssl/t1_meth.c | 8 +------- lib/libssl/src/ssl/t1_srvr.c | 8 +------- lib/libssl/ssl.h | 3 ++- lib/libssl/ssl_lib.c | 20 +++++++++----------- lib/libssl/ssl_locl.h | 10 ++-------- lib/libssl/ssl_sess.c | 6 +++--- lib/libssl/t1_clnt.c | 8 +------- lib/libssl/t1_meth.c | 8 +------- lib/libssl/t1_srvr.c | 8 +------- 32 files changed, 68 insertions(+), 182 deletions(-) diff --git a/lib/libssl/d1_clnt.c b/lib/libssl/d1_clnt.c index c9ec32173bd..471871ff465 100644 --- a/lib/libssl/d1_clnt.c +++ b/lib/libssl/d1_clnt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: d1_clnt.c,v 1.33 2014/08/07 20:02:23 miod Exp $ */ +/* $OpenBSD: d1_clnt.c,v 1.34 2014/08/10 14:42:55 jsing Exp $ */ /* * DTLS implementation written by Nagendra Modadugu * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. @@ -145,8 +145,6 @@ const SSL_METHOD DTLSv1_client_method_data = { .ssl_dispatch_alert = dtls1_dispatch_alert, .ssl_ctrl = dtls1_ctrl, .ssl_ctx_ctrl = ssl3_ctx_ctrl, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl3_put_cipher_by_char, .ssl_pending = ssl3_pending, .num_ciphers = ssl3_num_ciphers, .get_cipher = dtls1_get_cipher, @@ -820,7 +818,7 @@ dtls1_client_hello(SSL *s) p += s->d1->cookie_len; /* Ciphers supported */ - i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &(p[2]), 0); + i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &p[2]); if (i == 0) { SSLerr(SSL_F_DTLS1_CLIENT_HELLO, SSL_R_NO_CIPHERS_AVAILABLE); diff --git a/lib/libssl/d1_meth.c b/lib/libssl/d1_meth.c index 1afd3ef1b29..df4ec9fdf28 100644 --- a/lib/libssl/d1_meth.c +++ b/lib/libssl/d1_meth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: d1_meth.c,v 1.5 2014/06/12 15:49:31 deraadt Exp $ */ +/* $OpenBSD: d1_meth.c,v 1.6 2014/08/10 14:42:56 jsing Exp $ */ /* * DTLS implementation written by Nagendra Modadugu * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. @@ -82,8 +82,6 @@ const SSL_METHOD DTLSv1_method_data = { .ssl_dispatch_alert = dtls1_dispatch_alert, .ssl_ctrl = dtls1_ctrl, .ssl_ctx_ctrl = ssl3_ctx_ctrl, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl3_put_cipher_by_char, .ssl_pending = ssl3_pending, .num_ciphers = ssl3_num_ciphers, .get_cipher = dtls1_get_cipher, diff --git a/lib/libssl/d1_srvr.c b/lib/libssl/d1_srvr.c index 848bc0f0be2..9fdd025e2d8 100644 --- a/lib/libssl/d1_srvr.c +++ b/lib/libssl/d1_srvr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: d1_srvr.c,v 1.35 2014/08/06 20:11:09 miod Exp $ */ +/* $OpenBSD: d1_srvr.c,v 1.36 2014/08/10 14:42:56 jsing Exp $ */ /* * DTLS implementation written by Nagendra Modadugu * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. @@ -146,8 +146,6 @@ const SSL_METHOD DTLSv1_server_method_data = { .ssl_dispatch_alert = dtls1_dispatch_alert, .ssl_ctrl = dtls1_ctrl, .ssl_ctx_ctrl = ssl3_ctx_ctrl, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl3_put_cipher_by_char, .ssl_pending = ssl3_pending, .num_ciphers = ssl3_num_ciphers, .get_cipher = dtls1_get_cipher, diff --git a/lib/libssl/s23_clnt.c b/lib/libssl/s23_clnt.c index 3a72dd3316b..81683e59490 100644 --- a/lib/libssl/s23_clnt.c +++ b/lib/libssl/s23_clnt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s23_clnt.c,v 1.31 2014/07/11 08:17:36 miod Exp $ */ +/* $OpenBSD: s23_clnt.c,v 1.32 2014/08/10 14:42:56 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -139,8 +139,6 @@ const SSL_METHOD SSLv23_client_method_data = { .ssl_dispatch_alert = ssl3_dispatch_alert, .ssl_ctrl = ssl3_ctrl, .ssl_ctx_ctrl = ssl3_ctx_ctrl, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl23_put_cipher_by_char, .ssl_pending = ssl_undefined_const_function, .num_ciphers = ssl3_num_ciphers, .get_cipher = ssl3_get_cipher, @@ -360,8 +358,7 @@ ssl23_client_hello(SSL *s) *(p++) = 0; /* Ciphers supported (using SSL 3.0/TLS 1.0 format) */ - i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &(p[2]), - ssl3_put_cipher_by_char); + i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &p[2]); if (i == 0) { SSLerr(SSL_F_SSL23_CLIENT_HELLO, SSL_R_NO_CIPHERS_AVAILABLE); diff --git a/lib/libssl/s23_lib.c b/lib/libssl/s23_lib.c index 643910be697..3a6d1d598bc 100644 --- a/lib/libssl/s23_lib.c +++ b/lib/libssl/s23_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s23_lib.c,v 1.16 2014/07/11 08:17:36 miod Exp $ */ +/* $OpenBSD: s23_lib.c,v 1.17 2014/08/10 14:42:56 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -66,21 +66,6 @@ ssl23_default_timeout(void) return (300); } -int -ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p) -{ - long l; - - /* We can write SSLv2 and SSLv3 ciphers */ - if (p != NULL) { - l = c->id; - p[0] = ((unsigned char)(l >> 16L))&0xFF; - p[1] = ((unsigned char)(l >> 8L))&0xFF; - p[2] = ((unsigned char)(l ))&0xFF; - } - return (3); -} - int ssl23_read(SSL *s, void *buf, int len) { diff --git a/lib/libssl/s23_srvr.c b/lib/libssl/s23_srvr.c index 5f8ffa8eafa..4733fc40a58 100644 --- a/lib/libssl/s23_srvr.c +++ b/lib/libssl/s23_srvr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s23_srvr.c,v 1.33 2014/08/07 19:46:31 miod Exp $ */ +/* $OpenBSD: s23_srvr.c,v 1.34 2014/08/10 14:42:56 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -138,8 +138,6 @@ const SSL_METHOD SSLv23_server_method_data = { .ssl_dispatch_alert = ssl3_dispatch_alert, .ssl_ctrl = ssl3_ctrl, .ssl_ctx_ctrl = ssl3_ctx_ctrl, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl23_put_cipher_by_char, .ssl_pending = ssl_undefined_const_function, .num_ciphers = ssl3_num_ciphers, .get_cipher = ssl3_get_cipher, diff --git a/lib/libssl/s3_clnt.c b/lib/libssl/s3_clnt.c index af6c81dae5a..63e81351857 100644 --- a/lib/libssl/s3_clnt.c +++ b/lib/libssl/s3_clnt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_clnt.c,v 1.85 2014/08/07 01:24:10 deraadt Exp $ */ +/* $OpenBSD: s3_clnt.c,v 1.86 2014/08/10 14:42:56 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -183,8 +183,6 @@ const SSL_METHOD SSLv3_client_method_data = { .ssl_dispatch_alert = ssl3_dispatch_alert, .ssl_ctrl = ssl3_ctrl, .ssl_ctx_ctrl = ssl3_ctx_ctrl, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl3_put_cipher_by_char, .ssl_pending = ssl3_pending, .num_ciphers = ssl3_num_ciphers, .get_cipher = ssl3_get_cipher, @@ -719,7 +717,7 @@ ssl3_client_hello(SSL *s) } /* Ciphers supported */ - i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &(p[2]), 0); + i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &p[2]); if (i == 0) { SSLerr(SSL_F_SSL3_CLIENT_HELLO, SSL_R_NO_CIPHERS_AVAILABLE); @@ -856,7 +854,7 @@ ssl3_get_server_hello(SSL *s) &s->session->master_key_length, NULL, &pref_cipher, s->tls_session_secret_cb_arg)) { s->session->cipher = pref_cipher ? - pref_cipher : ssl_get_cipher_by_char(s, p + j); + pref_cipher : ssl3_get_cipher_by_char(p + j); s->s3->flags |= SSL3_FLAGS_CCS_OK; } } @@ -890,7 +888,7 @@ ssl3_get_server_hello(SSL *s) memcpy(s->session->session_id,p,j); /* j could be 0 */ } p += j; - c = ssl_get_cipher_by_char(s, p); + c = ssl3_get_cipher_by_char(p); if (c == NULL) { /* unknown cipher */ al = SSL_AD_ILLEGAL_PARAMETER; @@ -906,7 +904,7 @@ ssl3_get_server_hello(SSL *s) SSL_R_WRONG_CIPHER_RETURNED); goto f_err; } - p += ssl_put_cipher_by_char(s, NULL, NULL); + p += ssl3_put_cipher_by_char(NULL, NULL); sk = ssl_get_ciphers_by_id(s); i = sk_SSL_CIPHER_find(sk, c); diff --git a/lib/libssl/s3_srvr.c b/lib/libssl/s3_srvr.c index ed2aaf19b52..7b29ec41c83 100644 --- a/lib/libssl/s3_srvr.c +++ b/lib/libssl/s3_srvr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_srvr.c,v 1.79 2014/07/28 04:23:12 guenther Exp $ */ +/* $OpenBSD: s3_srvr.c,v 1.80 2014/08/10 14:42:56 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -184,8 +184,6 @@ const SSL_METHOD SSLv3_server_method_data = { .ssl_dispatch_alert = ssl3_dispatch_alert, .ssl_ctrl = ssl3_ctrl, .ssl_ctx_ctrl = ssl3_ctx_ctrl, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl3_put_cipher_by_char, .ssl_pending = ssl3_pending, .num_ciphers = ssl3_num_ciphers, .get_cipher = ssl3_get_cipher, diff --git a/lib/libssl/src/ssl/d1_clnt.c b/lib/libssl/src/ssl/d1_clnt.c index c9ec32173bd..471871ff465 100644 --- a/lib/libssl/src/ssl/d1_clnt.c +++ b/lib/libssl/src/ssl/d1_clnt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: d1_clnt.c,v 1.33 2014/08/07 20:02:23 miod Exp $ */ +/* $OpenBSD: d1_clnt.c,v 1.34 2014/08/10 14:42:55 jsing Exp $ */ /* * DTLS implementation written by Nagendra Modadugu * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. @@ -145,8 +145,6 @@ const SSL_METHOD DTLSv1_client_method_data = { .ssl_dispatch_alert = dtls1_dispatch_alert, .ssl_ctrl = dtls1_ctrl, .ssl_ctx_ctrl = ssl3_ctx_ctrl, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl3_put_cipher_by_char, .ssl_pending = ssl3_pending, .num_ciphers = ssl3_num_ciphers, .get_cipher = dtls1_get_cipher, @@ -820,7 +818,7 @@ dtls1_client_hello(SSL *s) p += s->d1->cookie_len; /* Ciphers supported */ - i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &(p[2]), 0); + i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &p[2]); if (i == 0) { SSLerr(SSL_F_DTLS1_CLIENT_HELLO, SSL_R_NO_CIPHERS_AVAILABLE); diff --git a/lib/libssl/src/ssl/d1_meth.c b/lib/libssl/src/ssl/d1_meth.c index 1afd3ef1b29..df4ec9fdf28 100644 --- a/lib/libssl/src/ssl/d1_meth.c +++ b/lib/libssl/src/ssl/d1_meth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: d1_meth.c,v 1.5 2014/06/12 15:49:31 deraadt Exp $ */ +/* $OpenBSD: d1_meth.c,v 1.6 2014/08/10 14:42:56 jsing Exp $ */ /* * DTLS implementation written by Nagendra Modadugu * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. @@ -82,8 +82,6 @@ const SSL_METHOD DTLSv1_method_data = { .ssl_dispatch_alert = dtls1_dispatch_alert, .ssl_ctrl = dtls1_ctrl, .ssl_ctx_ctrl = ssl3_ctx_ctrl, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl3_put_cipher_by_char, .ssl_pending = ssl3_pending, .num_ciphers = ssl3_num_ciphers, .get_cipher = dtls1_get_cipher, diff --git a/lib/libssl/src/ssl/d1_srvr.c b/lib/libssl/src/ssl/d1_srvr.c index 848bc0f0be2..9fdd025e2d8 100644 --- a/lib/libssl/src/ssl/d1_srvr.c +++ b/lib/libssl/src/ssl/d1_srvr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: d1_srvr.c,v 1.35 2014/08/06 20:11:09 miod Exp $ */ +/* $OpenBSD: d1_srvr.c,v 1.36 2014/08/10 14:42:56 jsing Exp $ */ /* * DTLS implementation written by Nagendra Modadugu * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. @@ -146,8 +146,6 @@ const SSL_METHOD DTLSv1_server_method_data = { .ssl_dispatch_alert = dtls1_dispatch_alert, .ssl_ctrl = dtls1_ctrl, .ssl_ctx_ctrl = ssl3_ctx_ctrl, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl3_put_cipher_by_char, .ssl_pending = ssl3_pending, .num_ciphers = ssl3_num_ciphers, .get_cipher = dtls1_get_cipher, diff --git a/lib/libssl/src/ssl/s23_clnt.c b/lib/libssl/src/ssl/s23_clnt.c index 3a72dd3316b..81683e59490 100644 --- a/lib/libssl/src/ssl/s23_clnt.c +++ b/lib/libssl/src/ssl/s23_clnt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s23_clnt.c,v 1.31 2014/07/11 08:17:36 miod Exp $ */ +/* $OpenBSD: s23_clnt.c,v 1.32 2014/08/10 14:42:56 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -139,8 +139,6 @@ const SSL_METHOD SSLv23_client_method_data = { .ssl_dispatch_alert = ssl3_dispatch_alert, .ssl_ctrl = ssl3_ctrl, .ssl_ctx_ctrl = ssl3_ctx_ctrl, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl23_put_cipher_by_char, .ssl_pending = ssl_undefined_const_function, .num_ciphers = ssl3_num_ciphers, .get_cipher = ssl3_get_cipher, @@ -360,8 +358,7 @@ ssl23_client_hello(SSL *s) *(p++) = 0; /* Ciphers supported (using SSL 3.0/TLS 1.0 format) */ - i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &(p[2]), - ssl3_put_cipher_by_char); + i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &p[2]); if (i == 0) { SSLerr(SSL_F_SSL23_CLIENT_HELLO, SSL_R_NO_CIPHERS_AVAILABLE); diff --git a/lib/libssl/src/ssl/s23_lib.c b/lib/libssl/src/ssl/s23_lib.c index 643910be697..3a6d1d598bc 100644 --- a/lib/libssl/src/ssl/s23_lib.c +++ b/lib/libssl/src/ssl/s23_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s23_lib.c,v 1.16 2014/07/11 08:17:36 miod Exp $ */ +/* $OpenBSD: s23_lib.c,v 1.17 2014/08/10 14:42:56 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -66,21 +66,6 @@ ssl23_default_timeout(void) return (300); } -int -ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p) -{ - long l; - - /* We can write SSLv2 and SSLv3 ciphers */ - if (p != NULL) { - l = c->id; - p[0] = ((unsigned char)(l >> 16L))&0xFF; - p[1] = ((unsigned char)(l >> 8L))&0xFF; - p[2] = ((unsigned char)(l ))&0xFF; - } - return (3); -} - int ssl23_read(SSL *s, void *buf, int len) { diff --git a/lib/libssl/src/ssl/s23_meth.c b/lib/libssl/src/ssl/s23_meth.c index b7f6551f643..768c526802b 100644 --- a/lib/libssl/src/ssl/s23_meth.c +++ b/lib/libssl/src/ssl/s23_meth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s23_meth.c,v 1.14 2014/07/11 08:17:36 miod Exp $ */ +/* $OpenBSD: s23_meth.c,v 1.15 2014/08/10 14:42:56 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -81,8 +81,6 @@ const SSL_METHOD SSLv23_method_data = { .ssl_dispatch_alert = ssl3_dispatch_alert, .ssl_ctrl = ssl3_ctrl, .ssl_ctx_ctrl = ssl3_ctx_ctrl, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl23_put_cipher_by_char, .ssl_pending = ssl_undefined_const_function, .num_ciphers = ssl3_num_ciphers, .get_cipher = ssl3_get_cipher, diff --git a/lib/libssl/src/ssl/s23_srvr.c b/lib/libssl/src/ssl/s23_srvr.c index 5f8ffa8eafa..4733fc40a58 100644 --- a/lib/libssl/src/ssl/s23_srvr.c +++ b/lib/libssl/src/ssl/s23_srvr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s23_srvr.c,v 1.33 2014/08/07 19:46:31 miod Exp $ */ +/* $OpenBSD: s23_srvr.c,v 1.34 2014/08/10 14:42:56 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -138,8 +138,6 @@ const SSL_METHOD SSLv23_server_method_data = { .ssl_dispatch_alert = ssl3_dispatch_alert, .ssl_ctrl = ssl3_ctrl, .ssl_ctx_ctrl = ssl3_ctx_ctrl, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl23_put_cipher_by_char, .ssl_pending = ssl_undefined_const_function, .num_ciphers = ssl3_num_ciphers, .get_cipher = ssl3_get_cipher, diff --git a/lib/libssl/src/ssl/s3_clnt.c b/lib/libssl/src/ssl/s3_clnt.c index af6c81dae5a..63e81351857 100644 --- a/lib/libssl/src/ssl/s3_clnt.c +++ b/lib/libssl/src/ssl/s3_clnt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_clnt.c,v 1.85 2014/08/07 01:24:10 deraadt Exp $ */ +/* $OpenBSD: s3_clnt.c,v 1.86 2014/08/10 14:42:56 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -183,8 +183,6 @@ const SSL_METHOD SSLv3_client_method_data = { .ssl_dispatch_alert = ssl3_dispatch_alert, .ssl_ctrl = ssl3_ctrl, .ssl_ctx_ctrl = ssl3_ctx_ctrl, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl3_put_cipher_by_char, .ssl_pending = ssl3_pending, .num_ciphers = ssl3_num_ciphers, .get_cipher = ssl3_get_cipher, @@ -719,7 +717,7 @@ ssl3_client_hello(SSL *s) } /* Ciphers supported */ - i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &(p[2]), 0); + i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &p[2]); if (i == 0) { SSLerr(SSL_F_SSL3_CLIENT_HELLO, SSL_R_NO_CIPHERS_AVAILABLE); @@ -856,7 +854,7 @@ ssl3_get_server_hello(SSL *s) &s->session->master_key_length, NULL, &pref_cipher, s->tls_session_secret_cb_arg)) { s->session->cipher = pref_cipher ? - pref_cipher : ssl_get_cipher_by_char(s, p + j); + pref_cipher : ssl3_get_cipher_by_char(p + j); s->s3->flags |= SSL3_FLAGS_CCS_OK; } } @@ -890,7 +888,7 @@ ssl3_get_server_hello(SSL *s) memcpy(s->session->session_id,p,j); /* j could be 0 */ } p += j; - c = ssl_get_cipher_by_char(s, p); + c = ssl3_get_cipher_by_char(p); if (c == NULL) { /* unknown cipher */ al = SSL_AD_ILLEGAL_PARAMETER; @@ -906,7 +904,7 @@ ssl3_get_server_hello(SSL *s) SSL_R_WRONG_CIPHER_RETURNED); goto f_err; } - p += ssl_put_cipher_by_char(s, NULL, NULL); + p += ssl3_put_cipher_by_char(NULL, NULL); sk = ssl_get_ciphers_by_id(s); i = sk_SSL_CIPHER_find(sk, c); diff --git a/lib/libssl/src/ssl/s3_meth.c b/lib/libssl/src/ssl/s3_meth.c index bab67996cbc..a5a63265f32 100644 --- a/lib/libssl/src/ssl/s3_meth.c +++ b/lib/libssl/src/ssl/s3_meth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_meth.c,v 1.9 2014/06/12 15:49:31 deraadt Exp $ */ +/* $OpenBSD: s3_meth.c,v 1.10 2014/08/10 14:42:56 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -81,8 +81,6 @@ const SSL_METHOD SSLv3_method_data = { .ssl_dispatch_alert = ssl3_dispatch_alert, .ssl_ctrl = ssl3_ctrl, .ssl_ctx_ctrl = ssl3_ctx_ctrl, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl3_put_cipher_by_char, .ssl_pending = ssl3_pending, .num_ciphers = ssl3_num_ciphers, .get_cipher = ssl3_get_cipher, diff --git a/lib/libssl/src/ssl/s3_srvr.c b/lib/libssl/src/ssl/s3_srvr.c index ed2aaf19b52..7b29ec41c83 100644 --- a/lib/libssl/src/ssl/s3_srvr.c +++ b/lib/libssl/src/ssl/s3_srvr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_srvr.c,v 1.79 2014/07/28 04:23:12 guenther Exp $ */ +/* $OpenBSD: s3_srvr.c,v 1.80 2014/08/10 14:42:56 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -184,8 +184,6 @@ const SSL_METHOD SSLv3_server_method_data = { .ssl_dispatch_alert = ssl3_dispatch_alert, .ssl_ctrl = ssl3_ctrl, .ssl_ctx_ctrl = ssl3_ctx_ctrl, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl3_put_cipher_by_char, .ssl_pending = ssl3_pending, .num_ciphers = ssl3_num_ciphers, .get_cipher = ssl3_get_cipher, diff --git a/lib/libssl/src/ssl/ssl.h b/lib/libssl/src/ssl/ssl.h index 7547d05aa64..857709f7c51 100644 --- a/lib/libssl/src/ssl/ssl.h +++ b/lib/libssl/src/ssl/ssl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl.h,v 1.62 2014/07/12 19:45:53 jsing Exp $ */ +/* $OpenBSD: ssl.h,v 1.63 2014/08/10 14:42:56 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -410,6 +410,7 @@ struct ssl_method_st { int (*ssl_dispatch_alert)(SSL *s); long (*ssl_ctrl)(SSL *s, int cmd, long larg, void *parg); long (*ssl_ctx_ctrl)(SSL_CTX *ctx, int cmd, long larg, void *parg); + /* XXX - remove get_cipher_by_char and put_cipher_by_char. */ const SSL_CIPHER *(*get_cipher_by_char)(const unsigned char *ptr); int (*put_cipher_by_char)(const SSL_CIPHER *cipher, unsigned char *ptr); int (*ssl_pending)(const SSL *s); diff --git a/lib/libssl/src/ssl/ssl_lib.c b/lib/libssl/src/ssl/ssl_lib.c index 6b62713bca5..bf94321eeab 100644 --- a/lib/libssl/src/ssl/ssl_lib.c +++ b/lib/libssl/src/ssl/ssl_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_lib.c,v 1.78 2014/07/12 22:33:39 jsing Exp $ */ +/* $OpenBSD: ssl_lib.c,v 1.79 2014/08/10 14:42:56 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1367,10 +1367,9 @@ SSL_get_shared_ciphers(const SSL *s, char *buf, int len) } int -ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, unsigned char *p, - int (*put_cb)(const SSL_CIPHER *, unsigned char *)) +ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, unsigned char *p) { - int i, j = 0; + int i; SSL_CIPHER *c; unsigned char *q; @@ -1380,13 +1379,14 @@ ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, unsigned char *p, for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) { c = sk_SSL_CIPHER_value(sk, i); + /* Skip TLS v1.2 only ciphersuites if lower than v1.2 */ if ((c->algorithm_ssl & SSL_TLSV1_2) && (TLS1_get_client_version(s) < TLS1_2_VERSION)) continue; - j = put_cb ? put_cb(c, p) : ssl_put_cipher_by_char(s, c, p); - p += j; + p += ssl3_put_cipher_by_char(c, p); } + /* * If p == q, no ciphers and caller indicates an error. Otherwise * add SCSV if not renegotiating. @@ -1395,9 +1395,7 @@ ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, unsigned char *p, static SSL_CIPHER scsv = { 0, NULL, SSL3_CK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0 }; - j = put_cb ? put_cb(&scsv, p) : - ssl_put_cipher_by_char(s, &scsv, p); - p += j; + p += ssl3_put_cipher_by_char(&scsv, p); } return (p - q); @@ -1414,7 +1412,7 @@ ssl_bytes_to_cipher_list(SSL *s, unsigned char *p, int num, if (s->s3) s->s3->send_connection_binding = 0; - n = ssl_put_cipher_by_char(s, NULL, NULL); + n = ssl3_put_cipher_by_char(NULL, NULL); if ((num % n) != 0) { SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST); @@ -1446,7 +1444,7 @@ ssl_bytes_to_cipher_list(SSL *s, unsigned char *p, int num, continue; } - c = ssl_get_cipher_by_char(s, p); + c = ssl3_get_cipher_by_char(p); p += n; if (c != NULL) { if (!sk_SSL_CIPHER_push(sk, c)) { diff --git a/lib/libssl/src/ssl/ssl_locl.h b/lib/libssl/src/ssl/ssl_locl.h index 3c1c444cb07..7961c4c06e6 100644 --- a/lib/libssl/src/ssl/ssl_locl.h +++ b/lib/libssl/src/ssl/ssl_locl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_locl.h,v 1.63 2014/07/28 04:23:12 guenther Exp $ */ +/* $OpenBSD: ssl_locl.h,v 1.64 2014/08/10 14:42:56 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -475,11 +475,6 @@ typedef struct sess_cert_st { /*#define SSL_DEBUG */ /*#define RSA_DEBUG */ -#define ssl_put_cipher_by_char(ssl,ciph,ptr) \ - ((ssl)->method->put_cipher_by_char((ciph),(ptr))) -#define ssl_get_cipher_by_char(ssl,ptr) \ - ((ssl)->method->get_cipher_by_char(ptr)) - /* This is for the SSLv3/TLSv1.0 differences in crypto/hash stuff * It is a bit of a mess of functions, but hell, think of it as * an opaque structure :-) */ @@ -576,7 +571,7 @@ int ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap, STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, unsigned char *p, int num, STACK_OF(SSL_CIPHER) **skp); int ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, - unsigned char *p, int (*put_cb)(const SSL_CIPHER *, unsigned char *)); + unsigned char *p); STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *meth, STACK_OF(SSL_CIPHER) **pref, STACK_OF(SSL_CIPHER) **sorted, const char *rule_str); @@ -664,7 +659,6 @@ long ssl3_default_timeout(void); int ssl23_read(SSL *s, void *buf, int len); int ssl23_peek(SSL *s, void *buf, int len); int ssl23_write(SSL *s, const void *buf, int len); -int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p); long ssl23_default_timeout(void); long tls1_default_timeout(void); diff --git a/lib/libssl/src/ssl/ssl_sess.c b/lib/libssl/src/ssl/ssl_sess.c index d1cd4186016..d4fa5a618f9 100644 --- a/lib/libssl/src/ssl/ssl_sess.c +++ b/lib/libssl/src/ssl/ssl_sess.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_sess.c,v 1.38 2014/07/13 16:03:10 beck Exp $ */ +/* $OpenBSD: ssl_sess.c,v 1.39 2014/08/10 14:42:56 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -566,9 +566,9 @@ ssl_get_prev_session(SSL *s, unsigned char *session_id, int len, l2n(l, p); if ((ret->ssl_version >> 8) >= SSL3_VERSION_MAJOR) - ret->cipher = ssl_get_cipher_by_char(s, &(buf[2])); + ret->cipher = ssl3_get_cipher_by_char(&buf[2]); else - ret->cipher = ssl_get_cipher_by_char(s, &(buf[1])); + ret->cipher = ssl3_get_cipher_by_char(&buf[1]); if (ret->cipher == NULL) goto err; diff --git a/lib/libssl/src/ssl/t1_clnt.c b/lib/libssl/src/ssl/t1_clnt.c index 15ff91a8c4f..3781063eb66 100644 --- a/lib/libssl/src/ssl/t1_clnt.c +++ b/lib/libssl/src/ssl/t1_clnt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: t1_clnt.c,v 1.13 2014/06/12 15:49:31 deraadt Exp $ */ +/* $OpenBSD: t1_clnt.c,v 1.14 2014/08/10 14:42:56 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -84,8 +84,6 @@ const SSL_METHOD TLSv1_client_method_data = { .ssl_dispatch_alert = ssl3_dispatch_alert, .ssl_ctrl = ssl3_ctrl, .ssl_ctx_ctrl = ssl3_ctx_ctrl, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl3_put_cipher_by_char, .ssl_pending = ssl3_pending, .num_ciphers = ssl3_num_ciphers, .get_cipher = ssl3_get_cipher, @@ -116,8 +114,6 @@ const SSL_METHOD TLSv1_1_client_method_data = { .ssl_dispatch_alert = ssl3_dispatch_alert, .ssl_ctrl = ssl3_ctrl, .ssl_ctx_ctrl = ssl3_ctx_ctrl, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl3_put_cipher_by_char, .ssl_pending = ssl3_pending, .num_ciphers = ssl3_num_ciphers, .get_cipher = ssl3_get_cipher, @@ -148,8 +144,6 @@ const SSL_METHOD TLSv1_2_client_method_data = { .ssl_dispatch_alert = ssl3_dispatch_alert, .ssl_ctrl = ssl3_ctrl, .ssl_ctx_ctrl = ssl3_ctx_ctrl, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl3_put_cipher_by_char, .ssl_pending = ssl3_pending, .num_ciphers = ssl3_num_ciphers, .get_cipher = ssl3_get_cipher, diff --git a/lib/libssl/src/ssl/t1_meth.c b/lib/libssl/src/ssl/t1_meth.c index 71ddc101e10..de066322f46 100644 --- a/lib/libssl/src/ssl/t1_meth.c +++ b/lib/libssl/src/ssl/t1_meth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: t1_meth.c,v 1.12 2014/06/12 15:49:31 deraadt Exp $ */ +/* $OpenBSD: t1_meth.c,v 1.13 2014/08/10 14:42:56 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -81,8 +81,6 @@ const SSL_METHOD TLSv1_method_data = { .ssl_dispatch_alert = ssl3_dispatch_alert, .ssl_ctrl = ssl3_ctrl, .ssl_ctx_ctrl = ssl3_ctx_ctrl, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl3_put_cipher_by_char, .ssl_pending = ssl3_pending, .num_ciphers = ssl3_num_ciphers, .get_cipher = ssl3_get_cipher, @@ -113,8 +111,6 @@ const SSL_METHOD TLSv1_1_method_data = { .ssl_dispatch_alert = ssl3_dispatch_alert, .ssl_ctrl = ssl3_ctrl, .ssl_ctx_ctrl = ssl3_ctx_ctrl, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl3_put_cipher_by_char, .ssl_pending = ssl3_pending, .num_ciphers = ssl3_num_ciphers, .get_cipher = ssl3_get_cipher, @@ -145,8 +141,6 @@ const SSL_METHOD TLSv1_2_method_data = { .ssl_dispatch_alert = ssl3_dispatch_alert, .ssl_ctrl = ssl3_ctrl, .ssl_ctx_ctrl = ssl3_ctx_ctrl, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl3_put_cipher_by_char, .ssl_pending = ssl3_pending, .num_ciphers = ssl3_num_ciphers, .get_cipher = ssl3_get_cipher, diff --git a/lib/libssl/src/ssl/t1_srvr.c b/lib/libssl/src/ssl/t1_srvr.c index 0986f96ca9f..99712b6fb69 100644 --- a/lib/libssl/src/ssl/t1_srvr.c +++ b/lib/libssl/src/ssl/t1_srvr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: t1_srvr.c,v 1.13 2014/06/12 15:49:31 deraadt Exp $ */ +/* $OpenBSD: t1_srvr.c,v 1.14 2014/08/10 14:42:56 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -85,8 +85,6 @@ const SSL_METHOD TLSv1_server_method_data = { .ssl_dispatch_alert = ssl3_dispatch_alert, .ssl_ctrl = ssl3_ctrl, .ssl_ctx_ctrl = ssl3_ctx_ctrl, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl3_put_cipher_by_char, .ssl_pending = ssl3_pending, .num_ciphers = ssl3_num_ciphers, .get_cipher = ssl3_get_cipher, @@ -117,8 +115,6 @@ const SSL_METHOD TLSv1_1_server_method_data = { .ssl_dispatch_alert = ssl3_dispatch_alert, .ssl_ctrl = ssl3_ctrl, .ssl_ctx_ctrl = ssl3_ctx_ctrl, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl3_put_cipher_by_char, .ssl_pending = ssl3_pending, .num_ciphers = ssl3_num_ciphers, .get_cipher = ssl3_get_cipher, @@ -149,8 +145,6 @@ const SSL_METHOD TLSv1_2_server_method_data = { .ssl_dispatch_alert = ssl3_dispatch_alert, .ssl_ctrl = ssl3_ctrl, .ssl_ctx_ctrl = ssl3_ctx_ctrl, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl3_put_cipher_by_char, .ssl_pending = ssl3_pending, .num_ciphers = ssl3_num_ciphers, .get_cipher = ssl3_get_cipher, diff --git a/lib/libssl/ssl.h b/lib/libssl/ssl.h index 7547d05aa64..857709f7c51 100644 --- a/lib/libssl/ssl.h +++ b/lib/libssl/ssl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl.h,v 1.62 2014/07/12 19:45:53 jsing Exp $ */ +/* $OpenBSD: ssl.h,v 1.63 2014/08/10 14:42:56 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -410,6 +410,7 @@ struct ssl_method_st { int (*ssl_dispatch_alert)(SSL *s); long (*ssl_ctrl)(SSL *s, int cmd, long larg, void *parg); long (*ssl_ctx_ctrl)(SSL_CTX *ctx, int cmd, long larg, void *parg); + /* XXX - remove get_cipher_by_char and put_cipher_by_char. */ const SSL_CIPHER *(*get_cipher_by_char)(const unsigned char *ptr); int (*put_cipher_by_char)(const SSL_CIPHER *cipher, unsigned char *ptr); int (*ssl_pending)(const SSL *s); diff --git a/lib/libssl/ssl_lib.c b/lib/libssl/ssl_lib.c index 6b62713bca5..bf94321eeab 100644 --- a/lib/libssl/ssl_lib.c +++ b/lib/libssl/ssl_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_lib.c,v 1.78 2014/07/12 22:33:39 jsing Exp $ */ +/* $OpenBSD: ssl_lib.c,v 1.79 2014/08/10 14:42:56 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1367,10 +1367,9 @@ SSL_get_shared_ciphers(const SSL *s, char *buf, int len) } int -ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, unsigned char *p, - int (*put_cb)(const SSL_CIPHER *, unsigned char *)) +ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, unsigned char *p) { - int i, j = 0; + int i; SSL_CIPHER *c; unsigned char *q; @@ -1380,13 +1379,14 @@ ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, unsigned char *p, for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) { c = sk_SSL_CIPHER_value(sk, i); + /* Skip TLS v1.2 only ciphersuites if lower than v1.2 */ if ((c->algorithm_ssl & SSL_TLSV1_2) && (TLS1_get_client_version(s) < TLS1_2_VERSION)) continue; - j = put_cb ? put_cb(c, p) : ssl_put_cipher_by_char(s, c, p); - p += j; + p += ssl3_put_cipher_by_char(c, p); } + /* * If p == q, no ciphers and caller indicates an error. Otherwise * add SCSV if not renegotiating. @@ -1395,9 +1395,7 @@ ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, unsigned char *p, static SSL_CIPHER scsv = { 0, NULL, SSL3_CK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0 }; - j = put_cb ? put_cb(&scsv, p) : - ssl_put_cipher_by_char(s, &scsv, p); - p += j; + p += ssl3_put_cipher_by_char(&scsv, p); } return (p - q); @@ -1414,7 +1412,7 @@ ssl_bytes_to_cipher_list(SSL *s, unsigned char *p, int num, if (s->s3) s->s3->send_connection_binding = 0; - n = ssl_put_cipher_by_char(s, NULL, NULL); + n = ssl3_put_cipher_by_char(NULL, NULL); if ((num % n) != 0) { SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST); @@ -1446,7 +1444,7 @@ ssl_bytes_to_cipher_list(SSL *s, unsigned char *p, int num, continue; } - c = ssl_get_cipher_by_char(s, p); + c = ssl3_get_cipher_by_char(p); p += n; if (c != NULL) { if (!sk_SSL_CIPHER_push(sk, c)) { diff --git a/lib/libssl/ssl_locl.h b/lib/libssl/ssl_locl.h index 3c1c444cb07..7961c4c06e6 100644 --- a/lib/libssl/ssl_locl.h +++ b/lib/libssl/ssl_locl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_locl.h,v 1.63 2014/07/28 04:23:12 guenther Exp $ */ +/* $OpenBSD: ssl_locl.h,v 1.64 2014/08/10 14:42:56 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -475,11 +475,6 @@ typedef struct sess_cert_st { /*#define SSL_DEBUG */ /*#define RSA_DEBUG */ -#define ssl_put_cipher_by_char(ssl,ciph,ptr) \ - ((ssl)->method->put_cipher_by_char((ciph),(ptr))) -#define ssl_get_cipher_by_char(ssl,ptr) \ - ((ssl)->method->get_cipher_by_char(ptr)) - /* This is for the SSLv3/TLSv1.0 differences in crypto/hash stuff * It is a bit of a mess of functions, but hell, think of it as * an opaque structure :-) */ @@ -576,7 +571,7 @@ int ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap, STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, unsigned char *p, int num, STACK_OF(SSL_CIPHER) **skp); int ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, - unsigned char *p, int (*put_cb)(const SSL_CIPHER *, unsigned char *)); + unsigned char *p); STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *meth, STACK_OF(SSL_CIPHER) **pref, STACK_OF(SSL_CIPHER) **sorted, const char *rule_str); @@ -664,7 +659,6 @@ long ssl3_default_timeout(void); int ssl23_read(SSL *s, void *buf, int len); int ssl23_peek(SSL *s, void *buf, int len); int ssl23_write(SSL *s, const void *buf, int len); -int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p); long ssl23_default_timeout(void); long tls1_default_timeout(void); diff --git a/lib/libssl/ssl_sess.c b/lib/libssl/ssl_sess.c index d1cd4186016..d4fa5a618f9 100644 --- a/lib/libssl/ssl_sess.c +++ b/lib/libssl/ssl_sess.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_sess.c,v 1.38 2014/07/13 16:03:10 beck Exp $ */ +/* $OpenBSD: ssl_sess.c,v 1.39 2014/08/10 14:42:56 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -566,9 +566,9 @@ ssl_get_prev_session(SSL *s, unsigned char *session_id, int len, l2n(l, p); if ((ret->ssl_version >> 8) >= SSL3_VERSION_MAJOR) - ret->cipher = ssl_get_cipher_by_char(s, &(buf[2])); + ret->cipher = ssl3_get_cipher_by_char(&buf[2]); else - ret->cipher = ssl_get_cipher_by_char(s, &(buf[1])); + ret->cipher = ssl3_get_cipher_by_char(&buf[1]); if (ret->cipher == NULL) goto err; diff --git a/lib/libssl/t1_clnt.c b/lib/libssl/t1_clnt.c index 15ff91a8c4f..3781063eb66 100644 --- a/lib/libssl/t1_clnt.c +++ b/lib/libssl/t1_clnt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: t1_clnt.c,v 1.13 2014/06/12 15:49:31 deraadt Exp $ */ +/* $OpenBSD: t1_clnt.c,v 1.14 2014/08/10 14:42:56 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -84,8 +84,6 @@ const SSL_METHOD TLSv1_client_method_data = { .ssl_dispatch_alert = ssl3_dispatch_alert, .ssl_ctrl = ssl3_ctrl, .ssl_ctx_ctrl = ssl3_ctx_ctrl, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl3_put_cipher_by_char, .ssl_pending = ssl3_pending, .num_ciphers = ssl3_num_ciphers, .get_cipher = ssl3_get_cipher, @@ -116,8 +114,6 @@ const SSL_METHOD TLSv1_1_client_method_data = { .ssl_dispatch_alert = ssl3_dispatch_alert, .ssl_ctrl = ssl3_ctrl, .ssl_ctx_ctrl = ssl3_ctx_ctrl, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl3_put_cipher_by_char, .ssl_pending = ssl3_pending, .num_ciphers = ssl3_num_ciphers, .get_cipher = ssl3_get_cipher, @@ -148,8 +144,6 @@ const SSL_METHOD TLSv1_2_client_method_data = { .ssl_dispatch_alert = ssl3_dispatch_alert, .ssl_ctrl = ssl3_ctrl, .ssl_ctx_ctrl = ssl3_ctx_ctrl, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl3_put_cipher_by_char, .ssl_pending = ssl3_pending, .num_ciphers = ssl3_num_ciphers, .get_cipher = ssl3_get_cipher, diff --git a/lib/libssl/t1_meth.c b/lib/libssl/t1_meth.c index 71ddc101e10..de066322f46 100644 --- a/lib/libssl/t1_meth.c +++ b/lib/libssl/t1_meth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: t1_meth.c,v 1.12 2014/06/12 15:49:31 deraadt Exp $ */ +/* $OpenBSD: t1_meth.c,v 1.13 2014/08/10 14:42:56 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -81,8 +81,6 @@ const SSL_METHOD TLSv1_method_data = { .ssl_dispatch_alert = ssl3_dispatch_alert, .ssl_ctrl = ssl3_ctrl, .ssl_ctx_ctrl = ssl3_ctx_ctrl, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl3_put_cipher_by_char, .ssl_pending = ssl3_pending, .num_ciphers = ssl3_num_ciphers, .get_cipher = ssl3_get_cipher, @@ -113,8 +111,6 @@ const SSL_METHOD TLSv1_1_method_data = { .ssl_dispatch_alert = ssl3_dispatch_alert, .ssl_ctrl = ssl3_ctrl, .ssl_ctx_ctrl = ssl3_ctx_ctrl, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl3_put_cipher_by_char, .ssl_pending = ssl3_pending, .num_ciphers = ssl3_num_ciphers, .get_cipher = ssl3_get_cipher, @@ -145,8 +141,6 @@ const SSL_METHOD TLSv1_2_method_data = { .ssl_dispatch_alert = ssl3_dispatch_alert, .ssl_ctrl = ssl3_ctrl, .ssl_ctx_ctrl = ssl3_ctx_ctrl, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl3_put_cipher_by_char, .ssl_pending = ssl3_pending, .num_ciphers = ssl3_num_ciphers, .get_cipher = ssl3_get_cipher, diff --git a/lib/libssl/t1_srvr.c b/lib/libssl/t1_srvr.c index 0986f96ca9f..99712b6fb69 100644 --- a/lib/libssl/t1_srvr.c +++ b/lib/libssl/t1_srvr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: t1_srvr.c,v 1.13 2014/06/12 15:49:31 deraadt Exp $ */ +/* $OpenBSD: t1_srvr.c,v 1.14 2014/08/10 14:42:56 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -85,8 +85,6 @@ const SSL_METHOD TLSv1_server_method_data = { .ssl_dispatch_alert = ssl3_dispatch_alert, .ssl_ctrl = ssl3_ctrl, .ssl_ctx_ctrl = ssl3_ctx_ctrl, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl3_put_cipher_by_char, .ssl_pending = ssl3_pending, .num_ciphers = ssl3_num_ciphers, .get_cipher = ssl3_get_cipher, @@ -117,8 +115,6 @@ const SSL_METHOD TLSv1_1_server_method_data = { .ssl_dispatch_alert = ssl3_dispatch_alert, .ssl_ctrl = ssl3_ctrl, .ssl_ctx_ctrl = ssl3_ctx_ctrl, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl3_put_cipher_by_char, .ssl_pending = ssl3_pending, .num_ciphers = ssl3_num_ciphers, .get_cipher = ssl3_get_cipher, @@ -149,8 +145,6 @@ const SSL_METHOD TLSv1_2_server_method_data = { .ssl_dispatch_alert = ssl3_dispatch_alert, .ssl_ctrl = ssl3_ctrl, .ssl_ctx_ctrl = ssl3_ctx_ctrl, - .get_cipher_by_char = ssl3_get_cipher_by_char, - .put_cipher_by_char = ssl3_put_cipher_by_char, .ssl_pending = ssl3_pending, .num_ciphers = ssl3_num_ciphers, .get_cipher = ssl3_get_cipher, -- 2.20.1