summaryrefslogtreecommitdiff
path: root/lib/libssl/ssl_lib.c
diff options
context:
space:
mode:
authorJoel Sing <jsing@cvs.openbsd.org>2022-02-05 14:54:11 +0000
committerJoel Sing <jsing@cvs.openbsd.org>2022-02-05 14:54:11 +0000
commitd735481d961055ec0391f4f3d7bd54bc317bc5c7 (patch)
tree52311171899accb038fae3f98d6fafc0f1235779 /lib/libssl/ssl_lib.c
parent1d66f92e8ab22d48aa6033e5ff3816ca3355b2e2 (diff)
Bye bye S3I.
S3I has served us well, however now that libssl is fully opaque it is time to say goodbye. Aside from removing the calloc/free/memset, the rest is mechanical sed. ok inoguchi@ tb@
Diffstat (limited to 'lib/libssl/ssl_lib.c')
-rw-r--r--lib/libssl/ssl_lib.c46
1 files changed, 23 insertions, 23 deletions
diff --git a/lib/libssl/ssl_lib.c b/lib/libssl/ssl_lib.c
index 91080e93608..ad7fe4d5752 100644
--- a/lib/libssl/ssl_lib.c
+++ b/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_lib.c,v 1.287 2022/01/14 09:10:11 tb Exp $ */
+/* $OpenBSD: ssl_lib.c,v 1.288 2022/02/05 14:54:10 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -732,10 +732,10 @@ SSL_get_finished(const SSL *s, void *buf, size_t count)
{
size_t ret;
- ret = S3I(s)->hs.finished_len;
+ ret = s->s3->hs.finished_len;
if (count > ret)
count = ret;
- memcpy(buf, S3I(s)->hs.finished, count);
+ memcpy(buf, s->s3->hs.finished, count);
return (ret);
}
@@ -745,10 +745,10 @@ SSL_get_peer_finished(const SSL *s, void *buf, size_t count)
{
size_t ret;
- ret = S3I(s)->hs.peer_finished_len;
+ ret = s->s3->hs.peer_finished_len;
if (count > ret)
count = ret;
- memcpy(buf, S3I(s)->hs.peer_finished, count);
+ memcpy(buf, s->s3->hs.peer_finished, count);
return (ret);
}
@@ -1294,7 +1294,7 @@ SSL_ctrl(SSL *s, int cmd, long larg, void *parg)
return (1);
case SSL_CTRL_GET_RI_SUPPORT:
if (s->s3)
- return (S3I(s)->send_connection_binding);
+ return (s->s3->send_connection_binding);
else return (0);
default:
if (SSL_is_dtls(s))
@@ -1837,8 +1837,8 @@ void
SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
unsigned int *len)
{
- *data = ssl->s3->internal->alpn_selected;
- *len = ssl->s3->internal->alpn_selected_len;
+ *data = ssl->s3->alpn_selected;
+ *len = ssl->s3->alpn_selected_len;
}
void
@@ -2224,8 +2224,8 @@ ssl_using_ecc_cipher(SSL *s)
{
unsigned long alg_a, alg_k;
- alg_a = S3I(s)->hs.cipher->algorithm_auth;
- alg_k = S3I(s)->hs.cipher->algorithm_mkey;
+ alg_a = s->s3->hs.cipher->algorithm_auth;
+ alg_k = s->s3->hs.cipher->algorithm_mkey;
return s->session->tlsext_ecpointformatlist != NULL &&
s->session->tlsext_ecpointformatlist_length > 0 &&
@@ -2235,7 +2235,7 @@ ssl_using_ecc_cipher(SSL *s)
int
ssl_check_srvr_ecc_cert_and_alg(SSL *s, X509 *x)
{
- const SSL_CIPHER *cs = S3I(s)->hs.cipher;
+ const SSL_CIPHER *cs = s->s3->hs.cipher;
unsigned long alg_a;
alg_a = cs->algorithm_auth;
@@ -2259,9 +2259,9 @@ ssl_get_server_send_pkey(const SSL *s)
int i;
c = s->cert;
- ssl_set_cert_masks(c, S3I(s)->hs.cipher);
+ ssl_set_cert_masks(c, s->s3->hs.cipher);
- alg_a = S3I(s)->hs.cipher->algorithm_auth;
+ alg_a = s->s3->hs.cipher->algorithm_auth;
if (alg_a & SSL_aECDSA) {
i = SSL_PKEY_ECC;
@@ -2319,9 +2319,9 @@ ssl_dhe_params_auto_key_bits(SSL *s)
if (s->cert->dhe_params_auto == 2) {
key_bits = 1024;
- } else if (S3I(s)->hs.cipher->algorithm_auth & SSL_aNULL) {
+ } else if (s->s3->hs.cipher->algorithm_auth & SSL_aNULL) {
key_bits = 1024;
- if (S3I(s)->hs.cipher->strength_bits == 256)
+ if (s->s3->hs.cipher->strength_bits == 256)
key_bits = 3072;
} else {
if ((cpk = ssl_get_server_send_pkey(s)) == NULL)
@@ -2352,7 +2352,7 @@ ssl_should_update_external_cache(SSL *s, int mode)
return 1;
/* If it's TLS 1.3, do it to match OpenSSL */
- if (S3I(s)->hs.negotiated_tls_version >= TLS1_3_VERSION)
+ if (s->s3->hs.negotiated_tls_version >= TLS1_3_VERSION)
return 1;
return 0;
@@ -2377,7 +2377,7 @@ ssl_should_update_internal_cache(SSL *s, int mode)
return 0;
/* If we are lesser than TLS 1.3, Cache it. */
- if (S3I(s)->hs.negotiated_tls_version < TLS1_3_VERSION)
+ if (s->s3->hs.negotiated_tls_version < TLS1_3_VERSION)
return 1;
/* Below this we consider TLS 1.3 or later */
@@ -2556,7 +2556,7 @@ SSL_get_error(const SSL *s, int i)
if (i == 0) {
if ((s->internal->shutdown & SSL_RECEIVED_SHUTDOWN) &&
- (S3I(s)->warn_alert == SSL_AD_CLOSE_NOTIFY))
+ (s->s3->warn_alert == SSL_AD_CLOSE_NOTIFY))
return (SSL_ERROR_ZERO_RETURN);
}
return (SSL_ERROR_SYSCALL);
@@ -2589,7 +2589,7 @@ SSL_set_accept_state(SSL *s)
{
s->server = 1;
s->internal->shutdown = 0;
- S3I(s)->hs.state = SSL_ST_ACCEPT|SSL_ST_BEFORE;
+ s->s3->hs.state = SSL_ST_ACCEPT|SSL_ST_BEFORE;
s->internal->handshake_func = s->method->ssl_accept;
ssl_clear_cipher_state(s);
}
@@ -2599,7 +2599,7 @@ SSL_set_connect_state(SSL *s)
{
s->server = 0;
s->internal->shutdown = 0;
- S3I(s)->hs.state = SSL_ST_CONNECT|SSL_ST_BEFORE;
+ s->s3->hs.state = SSL_ST_CONNECT|SSL_ST_BEFORE;
s->internal->handshake_func = s->method->ssl_connect;
ssl_clear_cipher_state(s);
}
@@ -2731,7 +2731,7 @@ SSL_dup(SSL *s)
ret->internal->quiet_shutdown = s->internal->quiet_shutdown;
ret->internal->shutdown = s->internal->shutdown;
/* SSL_dup does not really work at any state, though */
- S3I(ret)->hs.state = S3I(s)->hs.state;
+ ret->s3->hs.state = s->s3->hs.state;
ret->internal->rstate = s->internal->rstate;
/*
@@ -3018,13 +3018,13 @@ void (*SSL_get_info_callback(const SSL *ssl))(const SSL *ssl, int type, int val)
int
SSL_state(const SSL *ssl)
{
- return (S3I(ssl)->hs.state);
+ return (ssl->s3->hs.state);
}
void
SSL_set_state(SSL *ssl, int state)
{
- S3I(ssl)->hs.state = state;
+ ssl->s3->hs.state = state;
}
void