diff options
| author | Joel Sing <jsing@cvs.openbsd.org> | 2021-10-23 15:02:28 +0000 |
|---|---|---|
| committer | Joel Sing <jsing@cvs.openbsd.org> | 2021-10-23 15:02:28 +0000 |
| commit | 6820d0ea1d43b7cad46159e3751990e1b747a217 (patch) | |
| tree | cd679a0a8cd2e7b905946f637d8dc0ee720c90d7 /lib/libssl | |
| parent | 82cbbff1b38bc87997dfc510da8296c77908cda1 (diff) | |
Mop up enc_read_ctx and read_hash.
These are no longer public, so we can mop them up along with the machinery
needed to set/clear them.
ok beck@ tb@
Diffstat (limited to 'lib/libssl')
| -rw-r--r-- | lib/libssl/ssl_lib.c | 16 | ||||
| -rw-r--r-- | lib/libssl/ssl_locl.h | 14 | ||||
| -rw-r--r-- | lib/libssl/t1_enc.c | 4 | ||||
| -rw-r--r-- | lib/libssl/tls12_record_layer.c | 10 |
4 files changed, 4 insertions, 40 deletions
diff --git a/lib/libssl/ssl_lib.c b/lib/libssl/ssl_lib.c index df025997397..c029b3716c2 100644 --- a/lib/libssl/ssl_lib.c +++ b/lib/libssl/ssl_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_lib.c,v 1.270 2021/10/23 13:36:03 jsing Exp $ */ +/* $OpenBSD: ssl_lib.c,v 1.271 2021/10/23 15:02:27 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -2709,21 +2709,7 @@ SSL_dup(SSL *s) void ssl_clear_cipher_state(SSL *s) { - ssl_clear_cipher_read_state(s); - ssl_clear_cipher_write_state(s); -} - -void -ssl_clear_cipher_read_state(SSL *s) -{ tls12_record_layer_clear_read_state(s->internal->rl); - tls12_record_layer_read_cipher_hash(s->internal->rl, - &s->enc_read_ctx, &s->read_hash); -} - -void -ssl_clear_cipher_write_state(SSL *s) -{ tls12_record_layer_clear_write_state(s->internal->rl); } diff --git a/lib/libssl/ssl_locl.h b/lib/libssl/ssl_locl.h index 3c58e5ac212..ea1ee084a08 100644 --- a/lib/libssl/ssl_locl.h +++ b/lib/libssl/ssl_locl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_locl.h,v 1.363 2021/10/23 14:40:54 jsing Exp $ */ +/* $OpenBSD: ssl_locl.h,v 1.364 2021/10/23 15:02:27 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -670,8 +670,6 @@ void tls12_record_layer_write_epoch_done(struct tls12_record_layer *rl, void tls12_record_layer_clear_read_state(struct tls12_record_layer *rl); void tls12_record_layer_clear_write_state(struct tls12_record_layer *rl); void tls12_record_layer_reflect_seq_num(struct tls12_record_layer *rl); -void tls12_record_layer_read_cipher_hash(struct tls12_record_layer *rl, - EVP_CIPHER_CTX **cipher, EVP_MD_CTX **hash); int tls12_record_layer_change_read_cipher_state(struct tls12_record_layer *rl, CBS *mac_key, CBS *key, CBS *iv); int tls12_record_layer_change_write_cipher_state(struct tls12_record_layer *rl, @@ -1095,14 +1093,6 @@ struct ssl_st { SSL_CTX * initial_ctx; /* initial ctx, used to store sessions */ #define session_ctx initial_ctx - /* - * XXX really should be internal, but is - * touched unnaturally by wpa-supplicant - * and freeradius and other perversions - */ - EVP_CIPHER_CTX *enc_read_ctx; /* cryptographic state */ - EVP_MD_CTX *read_hash; /* used for mac generation */ - struct ssl_internal_st *internal; }; @@ -1310,8 +1300,6 @@ const SSL_METHOD *tls_legacy_method(void); const SSL_METHOD *ssl_get_method(uint16_t version); void ssl_clear_cipher_state(SSL *s); -void ssl_clear_cipher_read_state(SSL *s); -void ssl_clear_cipher_write_state(SSL *s); int ssl_clear_bad_session(SSL *s); void ssl_info_callback(const SSL *s, int type, int value); diff --git a/lib/libssl/t1_enc.c b/lib/libssl/t1_enc.c index 65e20633988..65abcbdcaf7 100644 --- a/lib/libssl/t1_enc.c +++ b/lib/libssl/t1_enc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: t1_enc.c,v 1.151 2021/07/01 17:53:39 jsing Exp $ */ +/* $OpenBSD: t1_enc.c,v 1.152 2021/10/23 15:02:27 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -315,8 +315,6 @@ tls1_change_cipher_state(SSL *s, int is_write) goto err; if (SSL_is_dtls(s)) dtls1_reset_read_seq_numbers(s); - tls12_record_layer_read_cipher_hash(s->internal->rl, - &s->enc_read_ctx, &s->read_hash); } else { if (!tls12_record_layer_change_write_cipher_state(s->internal->rl, &mac_key, &key, &iv)) diff --git a/lib/libssl/tls12_record_layer.c b/lib/libssl/tls12_record_layer.c index 6d7d8696eb8..f7264a17c50 100644 --- a/lib/libssl/tls12_record_layer.c +++ b/lib/libssl/tls12_record_layer.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls12_record_layer.c,v 1.34 2021/08/30 19:12:25 jsing Exp $ */ +/* $OpenBSD: tls12_record_layer.c,v 1.35 2021/10/23 15:02:27 jsing Exp $ */ /* * Copyright (c) 2020 Joel Sing <jsing@openbsd.org> * @@ -356,14 +356,6 @@ tls12_record_layer_clear_write_state(struct tls12_record_layer *rl) } void -tls12_record_layer_read_cipher_hash(struct tls12_record_layer *rl, - EVP_CIPHER_CTX **cipher, EVP_MD_CTX **hash) -{ - *cipher = rl->read->cipher_ctx; - *hash = rl->read->hash_ctx; -} - -void tls12_record_layer_reflect_seq_num(struct tls12_record_layer *rl) { memcpy(rl->write->seq_num, rl->read->seq_num, |