From 4cd732736397d49387e0c26304d9107f6a739624 Mon Sep 17 00:00:00 2001
From: tb <tb@openbsd.org>
Date: Sun, 2 May 2021 18:10:32 +0000
Subject: [PATCH] Prevent future internal use of some #defines

After jsing's recent commits, SSL3_CC_{READ,WRITE,CLIENT,SERVER}
and the derived SSL3_CHANGE_CIPHER_{CLIENT,SERVER}_{READ,WRITE}
are no longer used by LibreSSL and should never be used again.

discussed with jsing
---
 lib/libssl/ssl3.h | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/lib/libssl/ssl3.h b/lib/libssl/ssl3.h
index a102d114340..fc40c20d6ce 100644
--- a/lib/libssl/ssl3.h
+++ b/lib/libssl/ssl3.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl3.h,v 1.51 2020/06/05 18:14:05 jsing Exp $ */
+/* $OpenBSD: ssl3.h,v 1.52 2021/05/02 18:10:32 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -475,6 +475,7 @@ typedef struct ssl3_state_st {
 
 #define SSL3_MT_CCS				1
 
+#ifndef LIBRESSL_INTERNAL
 /* These are used when changing over to a new cipher */
 #define SSL3_CC_READ		0x01
 #define SSL3_CC_WRITE		0x02
@@ -484,6 +485,7 @@ typedef struct ssl3_state_st {
 #define SSL3_CHANGE_CIPHER_SERVER_READ		(SSL3_CC_SERVER|SSL3_CC_READ)
 #define SSL3_CHANGE_CIPHER_CLIENT_READ		(SSL3_CC_CLIENT|SSL3_CC_READ)
 #define SSL3_CHANGE_CIPHER_SERVER_WRITE		(SSL3_CC_SERVER|SSL3_CC_WRITE)
+#endif
 
 #ifdef  __cplusplus
 }
-- 
2.20.1