diff options
| author | Joel Sing <jsing@cvs.openbsd.org> | 2014-05-20 16:59:06 +0000 |
|---|---|---|
| committer | Joel Sing <jsing@cvs.openbsd.org> | 2014-05-20 16:59:06 +0000 |
| commit | 3878e234cb968723f8cc253980d3aec3c4b8bfdc (patch) | |
| tree | 6f6eb68fc9ce36ddb796f4af2271685a5f86a3e6 | |
| parent | 6528dae50ba093f4181f4a89208c682ee5a13724 (diff) | |
KSSL is dead... nuke KSSL_DEBUG from orbit.
ok beck@ miod@
| -rw-r--r-- | lib/libssl/d1_enc.c | 31 | ||||
| -rw-r--r-- | lib/libssl/s3_clnt.c | 7 | ||||
| -rw-r--r-- | lib/libssl/s3_lib.c | 3 | ||||
| -rw-r--r-- | lib/libssl/ssl_ciph.c | 14 | ||||
| -rw-r--r-- | lib/libssl/t1_enc.c | 83 |
5 files changed, 0 insertions, 138 deletions
diff --git a/lib/libssl/d1_enc.c b/lib/libssl/d1_enc.c index 1967e7a95e5..24b34b1e871 100644 --- a/lib/libssl/d1_enc.c +++ b/lib/libssl/d1_enc.c @@ -122,9 +122,6 @@ #include <openssl/hmac.h> #include <openssl/md5.h> #include <openssl/rand.h> -#ifdef KSSL_DEBUG -#include <openssl/des.h> -#endif /* dtls1_enc encrypts/decrypts the record in |s->wrec| / |s->rrec|, respectively. * @@ -177,9 +174,6 @@ dtls1_enc(SSL *s, int send) enc = EVP_CIPHER_CTX_cipher(s->enc_read_ctx); } -#ifdef KSSL_DEBUG - printf("dtls1_enc(%d)\n", send); -#endif /* KSSL_DEBUG */ if ((s->session == NULL) || (ds == NULL) || (enc == NULL)) { memmove(rec->data, rec->input, rec->length); @@ -205,23 +199,6 @@ dtls1_enc(SSL *s, int send) rec->length += i; } -#ifdef KSSL_DEBUG - { - unsigned long ui; - printf("EVP_Cipher(ds=%p, rec->data=%p, rec->input=%p, l=%ld) ==>\n", - ds, rec->data, rec->input, l); - printf("\tEVP_CIPHER_CTX: %d buf_len, %d key_len [%d %d], %d iv_len\n", - ds->buf_len, ds->cipher->key_len, - DES_KEY_SZ, DES_SCHEDULE_SZ, - ds->cipher->iv_len); - printf("\t\tIV: "); - for (i = 0; i<ds->cipher->iv_len; i++) printf("%02X", ds->iv[i]); - printf("\n"); - printf("\trec->input="); - for (ui = 0; ui<l; ui++) printf(" %02x", rec->input[ui]); - printf("\n"); - } -#endif /* KSSL_DEBUG */ if (!send) { if (l == 0 || l % bs != 0) @@ -230,14 +207,6 @@ dtls1_enc(SSL *s, int send) EVP_Cipher(ds, rec->data, rec->input, l); -#ifdef KSSL_DEBUG - { - unsigned long i; - printf("\trec->data="); - for (i = 0; i < l; i++) - printf(" %02x", rec->data[i]); printf("\n"); - } -#endif /* KSSL_DEBUG */ if ((bs != 1) && !send) return tls1_cbc_remove_padding(s, rec, bs, mac_size); diff --git a/lib/libssl/s3_clnt.c b/lib/libssl/s3_clnt.c index 68817cd33a8..67e4d069c7a 100644 --- a/lib/libssl/s3_clnt.c +++ b/lib/libssl/s3_clnt.c @@ -1159,13 +1159,6 @@ ssl3_get_server_certificate(SSL *s) (s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5)) ? 0 : 1; -#ifdef KSSL_DEBUG - printf("pkey, x = %p, %p\n", pkey, x); - printf("ssl_cert_type(x, pkey) = %d\n", ssl_cert_type(x, pkey)); - printf("cipher, alg, nc = %s, %lx, %lx, %d\n", - s->s3->tmp.new_cipher->name, s->s3->tmp.new_cipher->algorithm_mkey, - s->s3->tmp.new_cipher->algorithm_auth, need_cert); -#endif /* KSSL_DEBUG */ if (need_cert && ((pkey == NULL) || EVP_PKEY_missing_parameters(pkey))) { diff --git a/lib/libssl/s3_lib.c b/lib/libssl/s3_lib.c index 293866afee3..7cdd1e2d89c 100644 --- a/lib/libssl/s3_lib.c +++ b/lib/libssl/s3_lib.c @@ -3081,9 +3081,6 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt, emask_k = cert->export_mask_k; emask_a = cert->export_mask_a; -#ifdef KSSL_DEBUG -/* printf("ssl3_choose_cipher %d alg= %lx\n", i,c->algorithms);*/ -#endif /* KSSL_DEBUG */ alg_k = c->algorithm_mkey; alg_a = c->algorithm_auth; diff --git a/lib/libssl/ssl_ciph.c b/lib/libssl/ssl_ciph.c index a1523524a1e..77d8a3c79f3 100644 --- a/lib/libssl/ssl_ciph.c +++ b/lib/libssl/ssl_ciph.c @@ -792,9 +792,6 @@ CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p) co_list[co_list_num].prev = NULL; co_list[co_list_num].active = 0; co_list_num++; -#ifdef KSSL_DEBUG - printf("\t%d: %s %lx %lx %lx\n", i, c->name, c->id, c->algorithm_mkey, c->algorithm_auth); -#endif /* KSSL_DEBUG */ /* if (!sk_push(ca_list,(char *)c)) goto err; */ @@ -1321,9 +1318,6 @@ ssl_create_cipher_list(const SSL_METHOD *ssl_method, * it is used for allocation. */ num_of_ciphers = ssl_method->num_ciphers(); -#ifdef KSSL_DEBUG - printf("ssl_create_cipher_list() for %d ciphers\n", num_of_ciphers); -#endif /* KSSL_DEBUG */ co_list = reallocarray(NULL, num_of_ciphers, sizeof(CIPHER_ORDER)); if (co_list == NULL) { SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST, ERR_R_MALLOC_FAILURE); @@ -1468,11 +1462,7 @@ SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len) const char *ver, *exp_str; const char *kx, *au, *enc, *mac; unsigned long alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl, alg2; -#ifdef KSSL_DEBUG - static const char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s AL=%lx/%lx/%lx/%lx/%lx\n"; -#else static const char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s\n"; -#endif /* KSSL_DEBUG */ alg_mkey = cipher->algorithm_mkey; alg_auth = cipher->algorithm_auth; @@ -1636,11 +1626,7 @@ SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len) } else if (len < 128) return("Buffer too small"); -#ifdef KSSL_DEBUG - l = snprintf(buf, len, format, cipher->name, ver, kx, au, enc, mac, exp_str, alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl); -#else l = snprintf(buf, len, format, cipher->name, ver, kx, au, enc, mac, exp_str); -#endif /* KSSL_DEBUG */ if (l >= len || l == -1) return("Buffer too small"); else diff --git a/lib/libssl/t1_enc.c b/lib/libssl/t1_enc.c index 2480fecd7ee..5a95fd27443 100644 --- a/lib/libssl/t1_enc.c +++ b/lib/libssl/t1_enc.c @@ -144,9 +144,6 @@ #include <openssl/hmac.h> #include <openssl/md5.h> #include <openssl/rand.h> -#ifdef KSSL_DEBUG -#include <openssl/des.h> -#endif /* seed1 through seed5 are virtually concatenated */ static int @@ -297,17 +294,6 @@ tls1_generate_key_block(SSL *s, unsigned char *km, unsigned char *tmp, int num) NULL, 0, NULL, 0, s->session->master_key, s->session->master_key_length, km, tmp, num); -#ifdef KSSL_DEBUG - printf("tls1_generate_key_block() ==> %d byte master_key =\n\t", - s->session->master_key_length); - { - int i; - for (i = 0; i < s->session->master_key_length; i++) { - printf("%02X", s->session->master_key[i]); - } - printf("\n"); - } -#endif /* KSSL_DEBUG */ return ret; } @@ -344,22 +330,6 @@ tls1_change_cipher_state(SSL *s, int which) comp = s->s3->tmp.new_compression; #endif -#ifdef KSSL_DEBUG - printf("tls1_change_cipher_state(which= %d) w/\n", which); - printf("\talg= %ld/%ld, comp= %p\n", - s->s3->tmp.new_cipher->algorithm_mkey, - s->s3->tmp.new_cipher->algorithm_auth, - comp); - printf("\tevp_cipher == %p ==? &d_cbc_ede_cipher3\n", c); - printf("\tevp_cipher: nid, blksz= %d, %d, keylen=%d, ivlen=%d\n", - c->nid, c->block_size, c->key_len, c->iv_len); - printf("\tkey_block: len= %d, data= ", s->s3->tmp.key_block_length); - { - int i; - for (i = 0; i < s->s3->tmp.key_block_length; i++) - printf("%02x", s->s3->tmp.key_block[i]); printf("\n"); - } -#endif /* KSSL_DEBUG */ if (which & SSL3_CC_READ) { if (s->s3->tmp.new_cipher->algorithm2 & TLS1_STREAM_MAC) @@ -519,16 +489,6 @@ tls1_change_cipher_state(SSL *s, int which) } } -#ifdef KSSL_DEBUG - { - int i; - printf("EVP_CipherInit_ex(dd, c, key=, iv=, which)\n"); - printf("\tkey= "); for (i = 0; i<c->key_len; i++) printf("%02x", key[i]); - printf("\n"); - printf("\t iv= "); for (i = 0; i<c->iv_len; i++) printf("%02x", iv[i]); - printf("\n"); - } -#endif /* KSSL_DEBUG */ if (EVP_CIPHER_mode(c) == EVP_CIPH_GCM_MODE) { EVP_CipherInit_ex(dd, c, NULL, key, NULL, (which & SSL3_CC_WRITE)); @@ -572,9 +532,6 @@ tls1_setup_key_block(SSL *s) int mac_type = NID_undef, mac_secret_size = 0; int ret = 0; -#ifdef KSSL_DEBUG - printf ("tls1_setup_key_block()\n"); -#endif /* KSSL_DEBUG */ if (s->s3->tmp.key_block_length != 0) return (1); @@ -709,9 +666,6 @@ tls1_enc(SSL *s, int send) enc = EVP_CIPHER_CTX_cipher(s->enc_read_ctx); } -#ifdef KSSL_DEBUG - printf("tls1_enc(%d)\n", send); -#endif /* KSSL_DEBUG */ if ((s->session == NULL) || (ds == NULL) || (enc == NULL)) { memmove(rec->data, rec->input, rec->length); @@ -768,23 +722,6 @@ tls1_enc(SSL *s, int send) rec->length += i; } -#ifdef KSSL_DEBUG - { - unsigned long ui; - printf("EVP_Cipher(ds=%p, rec->data=%p, rec->input=%p, l=%ld) ==>\n", - ds, rec->data, rec->input, l); - printf("\tEVP_CIPHER_CTX: %d buf_len, %d key_len [%d %d], %d iv_len\n", - ds->buf_len, ds->cipher->key_len, - DES_KEY_SZ, DES_SCHEDULE_SZ, - ds->cipher->iv_len); - printf("\t\tIV: "); - for (i = 0; i<ds->cipher->iv_len; i++) printf("%02X", ds->iv[i]); - printf("\n"); - printf("\trec->input="); - for (ui = 0; ui<l; ui++) printf(" %02x", rec->input[ui]); - printf("\n"); - } -#endif /* KSSL_DEBUG */ if (!send) { if (l == 0 || l % bs != 0) @@ -801,14 +738,6 @@ tls1_enc(SSL *s, int send) rec->length -= EVP_GCM_TLS_EXPLICIT_IV_LEN; } -#ifdef KSSL_DEBUG - { - unsigned long i; - printf("\trec->data="); - for (i = 0; i < l; i++) - printf(" %02x", rec->data[i]); printf("\n"); - } -#endif /* KSSL_DEBUG */ ret = 1; if (EVP_MD_CTX_md(s->read_hash) != NULL) @@ -1017,9 +946,6 @@ tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p, int col = 0, sol = 0; -#ifdef KSSL_DEBUG - printf ("tls1_generate_master_secret(%p,%p, %p, %d)\n", s, out, p, len); -#endif /* KSSL_DEBUG */ #ifdef TLSEXT_TYPE_opaque_prf_input if (s->s3->client_opaque_prf_input != NULL && s->s3->server_opaque_prf_input != NULL && @@ -1051,9 +977,6 @@ tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p, BIO_dump_fp(stderr, (char *)s->session->master_key, SSL3_MASTER_SECRET_SIZE); #endif -#ifdef KSSL_DEBUG - printf ("tls1_generate_master_secret() complete\n"); -#endif /* KSSL_DEBUG */ return (SSL3_MASTER_SECRET_SIZE); } @@ -1067,9 +990,6 @@ tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen, size_t vallen, currentvalpos; int rv; -#ifdef KSSL_DEBUG - printf ("tls1_export_keying_material(%p,%p,%d,%s,%d,%p,%d)\n", s, out, olen, label, llen, p, plen); -#endif /* KSSL_DEBUG */ buff = malloc(olen); if (buff == NULL) @@ -1129,9 +1049,6 @@ tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen, s->session->master_key, s->session->master_key_length, out, buff, olen); -#ifdef KSSL_DEBUG - printf ("tls1_export_keying_material() complete\n"); -#endif /* KSSL_DEBUG */ goto ret; err1: SSLerr(SSL_F_TLS1_EXPORT_KEYING_MATERIAL, SSL_R_TLS_ILLEGAL_EXPORTER_LABEL); |