summaryrefslogtreecommitdiff
path: root/lib/libssl
diff options
context:
space:
mode:
authorBob Beck <beck@cvs.openbsd.org>2023-07-08 16:40:15 +0000
committerBob Beck <beck@cvs.openbsd.org>2023-07-08 16:40:15 +0000
commit681e06b16e6792b53f8d333b2624da24cce73613 (patch)
treea6fffeb925485b39dd8dfa16c372d9ea6f8b8536 /lib/libssl
parent8bc6f8c69eaa80c0b464b98b21821de1c0da1e11 (diff)
Hide all public symbols in libssl
With the guentherizer 9000 ok tb@
Diffstat (limited to 'lib/libssl')
-rw-r--r--lib/libssl/bio_ssl.c6
-rw-r--r--lib/libssl/d1_srtp.c6
-rw-r--r--lib/libssl/hidden/openssl/srtp.h33
-rw-r--r--lib/libssl/hidden/openssl/ssl.h366
-rw-r--r--lib/libssl/hidden/openssl/tls1.h32
-rw-r--r--lib/libssl/s3_lib.c18
-rw-r--r--lib/libssl/ssl_algs.c4
-rw-r--r--lib/libssl/ssl_asn1.c4
-rw-r--r--lib/libssl/ssl_cert.c13
-rw-r--r--lib/libssl/ssl_ciph.c39
-rw-r--r--lib/libssl/ssl_clnt.c6
-rw-r--r--lib/libssl/ssl_err.c4
-rw-r--r--lib/libssl/ssl_init.c3
-rw-r--r--lib/libssl/ssl_lib.c197
-rw-r--r--lib/libssl/ssl_methods.c26
-rw-r--r--lib/libssl/ssl_rsa.c23
-rw-r--r--lib/libssl/ssl_sess.c54
-rw-r--r--lib/libssl/ssl_srvr.c6
-rw-r--r--lib/libssl/ssl_stat.c10
-rw-r--r--lib/libssl/ssl_txt.c4
-rw-r--r--lib/libssl/tls12_record_layer.c7
21 files changed, 828 insertions, 33 deletions
diff --git a/lib/libssl/bio_ssl.c b/lib/libssl/bio_ssl.c
index 1a8cda84d65..08e47dbfac5 100644
--- a/lib/libssl/bio_ssl.c
+++ b/lib/libssl/bio_ssl.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bio_ssl.c,v 1.38 2023/02/16 08:38:17 tb Exp $ */
+/* $OpenBSD: bio_ssl.c,v 1.39 2023/07/08 16:40:13 beck Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -120,6 +120,7 @@ ssl_new(BIO *bi)
bi->flags = 0;
return (1);
}
+LSSL_ALIAS(BIO_f_ssl);
static int
ssl_free(BIO *a)
@@ -514,6 +515,7 @@ BIO_new_buffer_ssl_connect(SSL_CTX *ctx)
BIO_free(ssl);
return (NULL);
}
+LSSL_ALIAS(BIO_new_buffer_ssl_connect);
BIO *
BIO_new_ssl_connect(SSL_CTX *ctx)
@@ -575,6 +577,7 @@ BIO_ssl_copy_session_id(BIO *t, BIO *f)
return (0);
return (1);
}
+LSSL_ALIAS(BIO_new_ssl_connect);
void
BIO_ssl_shutdown(BIO *b)
@@ -590,3 +593,4 @@ BIO_ssl_shutdown(BIO *b)
b = b->next_bio;
}
}
+LSSL_ALIAS(BIO_ssl_shutdown);
diff --git a/lib/libssl/d1_srtp.c b/lib/libssl/d1_srtp.c
index 6073f0d2d46..67c4495a177 100644
--- a/lib/libssl/d1_srtp.c
+++ b/lib/libssl/d1_srtp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_srtp.c,v 1.32 2022/11/26 16:08:55 tb Exp $ */
+/* $OpenBSD: d1_srtp.c,v 1.33 2023/07/08 16:40:13 beck Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -229,12 +229,14 @@ SSL_CTX_set_tlsext_use_srtp(SSL_CTX *ctx, const char *profiles)
{
return ssl_ctx_make_profiles(profiles, &ctx->srtp_profiles);
}
+LSSL_ALIAS(SSL_CTX_set_tlsext_use_srtp);
int
SSL_set_tlsext_use_srtp(SSL *s, const char *profiles)
{
return ssl_ctx_make_profiles(profiles, &s->srtp_profiles);
}
+LSSL_ALIAS(SSL_set_tlsext_use_srtp);
STACK_OF(SRTP_PROTECTION_PROFILE) *
@@ -251,6 +253,7 @@ SSL_get_srtp_profiles(SSL *s)
return NULL;
}
+LSSL_ALIAS(SSL_get_srtp_profiles);
SRTP_PROTECTION_PROFILE *
SSL_get_selected_srtp_profile(SSL *s)
@@ -258,5 +261,6 @@ SSL_get_selected_srtp_profile(SSL *s)
/* XXX cast away the const */
return (SRTP_PROTECTION_PROFILE *)s->srtp_profile;
}
+LSSL_ALIAS(SSL_get_selected_srtp_profile);
#endif
diff --git a/lib/libssl/hidden/openssl/srtp.h b/lib/libssl/hidden/openssl/srtp.h
new file mode 100644
index 00000000000..2440fc93d9e
--- /dev/null
+++ b/lib/libssl/hidden/openssl/srtp.h
@@ -0,0 +1,33 @@
+/* $OpenBSD: srtp.h,v 1.1 2023/07/08 16:40:14 beck Exp $ */
+/*
+ * Copyright (c) 2023 Bob Beck <beck@openbsd.org>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#ifndef _LIBSSL_SRTP_H
+#define _LIBSSL_SRTP_H
+
+#ifndef _MSC_VER
+#include_next <openssl/srtp.h>
+#else
+#include "../include/openssl/srtp.h"
+#endif
+#include "ssl_namespace.h"
+
+LSSL_USED(SSL_CTX_set_tlsext_use_srtp);
+LSSL_USED(SSL_set_tlsext_use_srtp);
+LSSL_USED(SSL_get_srtp_profiles);
+LSSL_USED(SSL_get_selected_srtp_profile);
+
+#endif /* _LIBSSL_SRTP_H */
diff --git a/lib/libssl/hidden/openssl/ssl.h b/lib/libssl/hidden/openssl/ssl.h
index 3bd2eed748f..acc99fe1382 100644
--- a/lib/libssl/hidden/openssl/ssl.h
+++ b/lib/libssl/hidden/openssl/ssl.h
@@ -1,6 +1,6 @@
-/* $OpenBSD: ssl.h,v 1.2 2023/07/05 21:14:54 bcook Exp $ */
+/* $OpenBSD: ssl.h,v 1.3 2023/07/08 16:40:14 beck Exp $ */
/*
- * Copyright (c) 2022 Philip Guenther <guenther@openbsd.org>
+ * Copyright (c) 2023 Bob Beck <beck@openbsd.org>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@@ -15,8 +15,8 @@
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
-#ifndef _LIBSSL_SSL_H_
-#define _LIBSSL_SSL_H_
+#ifndef _LIBSSL_SSL_H
+#define _LIBSSL_SSL_H
#ifndef _MSC_VER
#include_next <openssl/ssl.h>
@@ -25,11 +25,361 @@
#endif
#include "ssl_namespace.h"
+LSSL_USED(SSL_CTX_set_msg_callback);
+LSSL_USED(SSL_set_msg_callback);
+LSSL_USED(SSL_CTX_set_keylog_callback);
+LSSL_USED(SSL_CTX_get_keylog_callback);
+LSSL_USED(SSL_set_num_tickets);
+LSSL_USED(SSL_get_num_tickets);
+LSSL_USED(SSL_CTX_set_num_tickets);
+LSSL_USED(SSL_CTX_get_num_tickets);
+LSSL_USED(SSL_get0_verified_chain);
+LSSL_USED(SSL_CTX_sessions);
+LSSL_USED(SSL_CTX_sess_set_new_cb);
+LSSL_USED(SSL_CTX_sess_get_new_cb);
+LSSL_USED(SSL_CTX_sess_set_remove_cb);
+LSSL_USED(SSL_CTX_sess_get_remove_cb);
+LSSL_USED(SSL_CTX_sess_set_get_cb);
+LSSL_USED(SSL_CTX_set_info_callback);
+LSSL_USED(SSL_CTX_get_info_callback);
+LSSL_USED(SSL_CTX_set_client_cert_cb);
+LSSL_USED(SSL_CTX_get_client_cert_cb);
+LSSL_USED(SSL_CTX_set_client_cert_engine);
+LSSL_USED(SSL_CTX_set_cookie_generate_cb);
+LSSL_USED(SSL_CTX_set_cookie_verify_cb);
+LSSL_USED(SSL_CTX_set_next_protos_advertised_cb);
+LSSL_USED(SSL_CTX_set_next_proto_select_cb);
+LSSL_USED(SSL_select_next_proto);
+LSSL_USED(SSL_get0_next_proto_negotiated);
+LSSL_USED(SSL_CTX_set_alpn_protos);
+LSSL_USED(SSL_set_alpn_protos);
+LSSL_USED(SSL_CTX_set_alpn_select_cb);
+LSSL_USED(SSL_get0_alpn_selected);
+LSSL_USED(SSL_set_psk_use_session_callback);
+LSSL_USED(SSL_get_finished);
+LSSL_USED(SSL_get_peer_finished);
+LSSL_USED(SSL_verify_client_post_handshake);
+LSSL_USED(SSL_CTX_set_post_handshake_auth);
+LSSL_USED(SSL_set_post_handshake_auth);
+LSSL_USED(PEM_read_bio_SSL_SESSION);
+LSSL_USED(PEM_read_SSL_SESSION);
+LSSL_USED(PEM_write_bio_SSL_SESSION);
+LSSL_USED(PEM_write_SSL_SESSION);
+LSSL_USED(SSL_CTX_set0_chain);
+LSSL_USED(SSL_CTX_set1_chain);
+LSSL_USED(SSL_CTX_add0_chain_cert);
+LSSL_USED(SSL_CTX_add1_chain_cert);
+LSSL_USED(SSL_CTX_get0_chain_certs);
+LSSL_USED(SSL_CTX_clear_chain_certs);
+LSSL_USED(SSL_set0_chain);
+LSSL_USED(SSL_set1_chain);
+LSSL_USED(SSL_add0_chain_cert);
+LSSL_USED(SSL_add1_chain_cert);
+LSSL_USED(SSL_get0_chain_certs);
+LSSL_USED(SSL_clear_chain_certs);
+LSSL_USED(SSL_CTX_set1_groups);
+LSSL_USED(SSL_CTX_set1_groups_list);
+LSSL_USED(SSL_set1_groups);
+LSSL_USED(SSL_set1_groups_list);
+LSSL_USED(SSL_CTX_get_min_proto_version);
+LSSL_USED(SSL_CTX_get_max_proto_version);
+LSSL_USED(SSL_CTX_set_min_proto_version);
+LSSL_USED(SSL_CTX_set_max_proto_version);
+LSSL_USED(SSL_get_min_proto_version);
+LSSL_USED(SSL_get_max_proto_version);
+LSSL_USED(SSL_set_min_proto_version);
+LSSL_USED(SSL_set_max_proto_version);
+LSSL_USED(SSL_CTX_get_ssl_method);
LSSL_USED(BIO_f_ssl);
LSSL_USED(BIO_new_ssl);
LSSL_USED(BIO_new_ssl_connect);
-LSSL_UNUSED(BIO_new_buffer_ssl_connect);
-LSSL_UNUSED(BIO_ssl_copy_session_id);
-LSSL_UNUSED(BIO_ssl_shutdown);
+LSSL_USED(BIO_new_buffer_ssl_connect);
+LSSL_USED(BIO_ssl_copy_session_id);
+LSSL_USED(BIO_ssl_shutdown);
+LSSL_USED(SSL_CTX_get_ciphers);
+LSSL_USED(SSL_CTX_set_cipher_list);
+LSSL_USED(SSL_CTX_set_ciphersuites);
+LSSL_USED(SSL_CTX_new);
+LSSL_USED(SSL_CTX_free);
+LSSL_USED(SSL_CTX_up_ref);
+LSSL_USED(SSL_CTX_set_timeout);
+LSSL_USED(SSL_CTX_get_timeout);
+LSSL_USED(SSL_CTX_get_cert_store);
+LSSL_USED(SSL_CTX_set_cert_store);
+LSSL_USED(SSL_CTX_get0_certificate);
+LSSL_USED(SSL_CTX_get0_privatekey);
+LSSL_USED(SSL_want);
+LSSL_USED(SSL_clear);
+LSSL_USED(SSL_CTX_flush_sessions);
+LSSL_USED(SSL_get_current_cipher);
+LSSL_USED(SSL_CIPHER_get_by_id);
+LSSL_USED(SSL_CIPHER_get_by_value);
+LSSL_USED(SSL_CIPHER_get_bits);
+LSSL_USED(SSL_CIPHER_get_version);
+LSSL_USED(SSL_CIPHER_get_name);
+LSSL_USED(SSL_CIPHER_get_id);
+LSSL_USED(SSL_CIPHER_get_value);
+LSSL_USED(SSL_CIPHER_find);
+LSSL_USED(SSL_CIPHER_get_cipher_nid);
+LSSL_USED(SSL_CIPHER_get_digest_nid);
+LSSL_USED(SSL_CIPHER_get_kx_nid);
+LSSL_USED(SSL_CIPHER_get_auth_nid);
+LSSL_USED(SSL_CIPHER_is_aead);
+LSSL_USED(SSL_get_fd);
+LSSL_USED(SSL_get_rfd);
+LSSL_USED(SSL_get_wfd);
+LSSL_USED(SSL_get_cipher_list);
+LSSL_USED(SSL_get_shared_ciphers);
+LSSL_USED(SSL_get_read_ahead);
+LSSL_USED(SSL_pending);
+LSSL_USED(SSL_set_fd);
+LSSL_USED(SSL_set_rfd);
+LSSL_USED(SSL_set_wfd);
+LSSL_USED(SSL_set_bio);
+LSSL_USED(SSL_get_rbio);
+LSSL_USED(SSL_set0_rbio);
+LSSL_USED(SSL_get_wbio);
+LSSL_USED(SSL_set_cipher_list);
+LSSL_USED(SSL_set_ciphersuites);
+LSSL_USED(SSL_set_read_ahead);
+LSSL_USED(SSL_get_verify_mode);
+LSSL_USED(SSL_get_verify_depth);
+LSSL_USED(SSL_get_verify_callback);
+LSSL_USED(SSL_set_verify);
+LSSL_USED(SSL_set_verify_depth);
+LSSL_USED(SSL_use_RSAPrivateKey);
+LSSL_USED(SSL_use_RSAPrivateKey_ASN1);
+LSSL_USED(SSL_use_PrivateKey);
+LSSL_USED(SSL_use_PrivateKey_ASN1);
+LSSL_USED(SSL_use_certificate);
+LSSL_USED(SSL_use_certificate_ASN1);
+LSSL_USED(SSL_use_RSAPrivateKey_file);
+LSSL_USED(SSL_use_PrivateKey_file);
+LSSL_USED(SSL_use_certificate_file);
+LSSL_USED(SSL_use_certificate_chain_file);
+LSSL_USED(SSL_CTX_use_RSAPrivateKey_file);
+LSSL_USED(SSL_CTX_use_PrivateKey_file);
+LSSL_USED(SSL_CTX_use_certificate_file);
+LSSL_USED(SSL_CTX_use_certificate_chain_file);
+LSSL_USED(SSL_CTX_use_certificate_chain_mem);
+LSSL_USED(SSL_load_client_CA_file);
+LSSL_USED(SSL_add_file_cert_subjects_to_stack);
+LSSL_USED(SSL_add_dir_cert_subjects_to_stack);
+LSSL_USED(SSL_load_error_strings);
+LSSL_USED(SSL_state_string);
+LSSL_USED(SSL_rstate_string);
+LSSL_USED(SSL_state_string_long);
+LSSL_USED(SSL_rstate_string_long);
+LSSL_USED(SSL_SESSION_get0_cipher);
+LSSL_USED(SSL_SESSION_get_master_key);
+LSSL_USED(SSL_SESSION_get_protocol_version);
+LSSL_USED(SSL_SESSION_get_time);
+LSSL_USED(SSL_SESSION_set_time);
+LSSL_USED(SSL_SESSION_get_timeout);
+LSSL_USED(SSL_SESSION_set_timeout);
+LSSL_USED(SSL_copy_session_id);
+LSSL_USED(SSL_SESSION_get0_peer);
+LSSL_USED(SSL_SESSION_set1_id);
+LSSL_USED(SSL_SESSION_set1_id_context);
+LSSL_USED(SSL_SESSION_is_resumable);
+LSSL_USED(SSL_SESSION_new);
+LSSL_USED(SSL_SESSION_free);
+LSSL_USED(SSL_SESSION_up_ref);
+LSSL_USED(SSL_SESSION_get_id);
+LSSL_USED(SSL_SESSION_get0_id_context);
+LSSL_USED(SSL_SESSION_get_max_early_data);
+LSSL_USED(SSL_SESSION_set_max_early_data);
+LSSL_USED(SSL_SESSION_get_ticket_lifetime_hint);
+LSSL_USED(SSL_SESSION_has_ticket);
+LSSL_USED(SSL_SESSION_get_compress_id);
+LSSL_USED(SSL_SESSION_print_fp);
+LSSL_USED(SSL_SESSION_print);
+LSSL_USED(i2d_SSL_SESSION);
+LSSL_USED(SSL_set_session);
+LSSL_USED(SSL_CTX_add_session);
+LSSL_USED(SSL_CTX_remove_session);
+LSSL_USED(SSL_CTX_set_generate_session_id);
+LSSL_USED(SSL_set_generate_session_id);
+LSSL_USED(SSL_has_matching_session_id);
+LSSL_USED(d2i_SSL_SESSION);
+LSSL_USED(SSL_get_peer_cert_chain);
+LSSL_USED(SSL_CTX_get_verify_mode);
+LSSL_USED(SSL_CTX_get_verify_depth);
+LSSL_USED(SSL_CTX_get_verify_callback);
+LSSL_USED(SSL_CTX_set_verify);
+LSSL_USED(SSL_CTX_set_verify_depth);
+LSSL_USED(SSL_CTX_set_cert_verify_callback);
+LSSL_USED(SSL_CTX_use_RSAPrivateKey);
+LSSL_USED(SSL_CTX_use_RSAPrivateKey_ASN1);
+LSSL_USED(SSL_CTX_use_PrivateKey);
+LSSL_USED(SSL_CTX_use_PrivateKey_ASN1);
+LSSL_USED(SSL_CTX_use_certificate);
+LSSL_USED(SSL_CTX_use_certificate_ASN1);
+LSSL_USED(SSL_CTX_get_default_passwd_cb);
+LSSL_USED(SSL_CTX_set_default_passwd_cb);
+LSSL_USED(SSL_CTX_get_default_passwd_cb_userdata);
+LSSL_USED(SSL_CTX_set_default_passwd_cb_userdata);
+LSSL_USED(SSL_CTX_check_private_key);
+LSSL_USED(SSL_check_private_key);
+LSSL_USED(SSL_CTX_set_session_id_context);
+LSSL_USED(SSL_set_session_id_context);
+LSSL_USED(SSL_CTX_set_purpose);
+LSSL_USED(SSL_set_purpose);
+LSSL_USED(SSL_CTX_set_trust);
+LSSL_USED(SSL_set_trust);
+LSSL_USED(SSL_set1_host);
+LSSL_USED(SSL_set_hostflags);
+LSSL_USED(SSL_get0_peername);
+LSSL_USED(SSL_CTX_get0_param);
+LSSL_USED(SSL_CTX_set1_param);
+LSSL_USED(SSL_get0_param);
+LSSL_USED(SSL_set1_param);
+LSSL_USED(SSL_new);
+LSSL_USED(SSL_free);
+LSSL_USED(SSL_up_ref);
+LSSL_USED(SSL_accept);
+LSSL_USED(SSL_connect);
+LSSL_USED(SSL_is_dtls);
+LSSL_USED(SSL_is_server);
+LSSL_USED(SSL_read);
+LSSL_USED(SSL_peek);
+LSSL_USED(SSL_write);
+LSSL_USED(SSL_read_ex);
+LSSL_USED(SSL_peek_ex);
+LSSL_USED(SSL_write_ex);
+LSSL_USED(SSL_CTX_get_max_early_data);
+LSSL_USED(SSL_CTX_set_max_early_data);
+LSSL_USED(SSL_get_max_early_data);
+LSSL_USED(SSL_set_max_early_data);
+LSSL_USED(SSL_get_early_data_status);
+LSSL_USED(SSL_read_early_data);
+LSSL_USED(SSL_write_early_data);
+LSSL_USED(SSL_ctrl);
+LSSL_USED(SSL_callback_ctrl);
+LSSL_USED(SSL_CTX_ctrl);
+LSSL_USED(SSL_CTX_callback_ctrl);
+LSSL_USED(SSL_get_error);
+LSSL_USED(SSL_get_version);
+LSSL_USED(SSL_CTX_set_ssl_version);
+LSSL_USED(SSLv23_method);
+LSSL_USED(SSLv23_server_method);
+LSSL_USED(SSLv23_client_method);
+LSSL_USED(TLSv1_method);
+LSSL_USED(TLSv1_server_method);
+LSSL_USED(TLSv1_client_method);
+LSSL_USED(TLSv1_1_method);
+LSSL_USED(TLSv1_1_server_method);
+LSSL_USED(TLSv1_1_client_method);
+LSSL_USED(TLSv1_2_method);
+LSSL_USED(TLSv1_2_server_method);
+LSSL_USED(TLSv1_2_client_method);
+LSSL_USED(TLS_method);
+LSSL_USED(TLS_server_method);
+LSSL_USED(TLS_client_method);
+LSSL_USED(DTLSv1_method);
+LSSL_USED(DTLSv1_server_method);
+LSSL_USED(DTLSv1_client_method);
+LSSL_USED(DTLSv1_2_method);
+LSSL_USED(DTLSv1_2_server_method);
+LSSL_USED(DTLSv1_2_client_method);
+LSSL_USED(DTLS_method);
+LSSL_USED(DTLS_server_method);
+LSSL_USED(DTLS_client_method);
+LSSL_USED(SSL_get_ciphers);
+LSSL_USED(SSL_get_client_ciphers);
+LSSL_USED(SSL_get1_supported_ciphers);
+LSSL_USED(SSL_do_handshake);
+LSSL_USED(SSL_renegotiate);
+LSSL_USED(SSL_renegotiate_abbreviated);
+LSSL_USED(SSL_renegotiate_pending);
+LSSL_USED(SSL_shutdown);
+LSSL_USED(SSL_get_ssl_method);
+LSSL_USED(SSL_set_ssl_method);
+LSSL_USED(SSL_alert_type_string_long);
+LSSL_USED(SSL_alert_type_string);
+LSSL_USED(SSL_alert_desc_string_long);
+LSSL_USED(SSL_alert_desc_string);
+LSSL_USED(SSL_set_client_CA_list);
+LSSL_USED(SSL_CTX_set_client_CA_list);
+LSSL_USED(SSL_get_client_CA_list);
+LSSL_USED(SSL_CTX_get_client_CA_list);
+LSSL_USED(SSL_add_client_CA);
+LSSL_USED(SSL_CTX_add_client_CA);
+LSSL_USED(SSL_set_connect_state);
+LSSL_USED(SSL_set_accept_state);
+LSSL_USED(SSL_get_default_timeout);
+LSSL_USED(SSL_library_init);
+LSSL_USED(SSL_CIPHER_description);
+LSSL_USED(SSL_dup_CA_list);
+LSSL_USED(SSL_dup);
+LSSL_USED(SSL_get_certificate);
+LSSL_USED(SSL_get_privatekey);
+LSSL_USED(SSL_CTX_set_quiet_shutdown);
+LSSL_USED(SSL_CTX_get_quiet_shutdown);
+LSSL_USED(SSL_set_quiet_shutdown);
+LSSL_USED(SSL_get_quiet_shutdown);
+LSSL_USED(SSL_set_shutdown);
+LSSL_USED(SSL_get_shutdown);
+LSSL_USED(SSL_version);
+LSSL_USED(SSL_CTX_set_default_verify_paths);
+LSSL_USED(SSL_CTX_load_verify_locations);
+LSSL_USED(SSL_CTX_load_verify_mem);
+LSSL_USED(SSL_get_session);
+LSSL_USED(SSL_get1_session);
+LSSL_USED(SSL_get_SSL_CTX);
+LSSL_USED(SSL_set_SSL_CTX);
+LSSL_USED(SSL_set_info_callback);
+LSSL_USED(SSL_get_info_callback);
+LSSL_USED(SSL_state);
+LSSL_USED(SSL_set_state);
+LSSL_USED(SSL_set_verify_result);
+LSSL_USED(SSL_get_verify_result);
+LSSL_USED(SSL_set_ex_data);
+LSSL_USED(SSL_get_ex_data);
+LSSL_USED(SSL_get_ex_new_index);
+LSSL_USED(SSL_SESSION_set_ex_data);
+LSSL_USED(SSL_SESSION_get_ex_data);
+LSSL_USED(SSL_SESSION_get_ex_new_index);
+LSSL_USED(SSL_CTX_set_ex_data);
+LSSL_USED(SSL_CTX_get_ex_data);
+LSSL_USED(SSL_CTX_get_ex_new_index);
+LSSL_USED(SSL_get_ex_data_X509_STORE_CTX_idx);
+LSSL_USED(SSL_CTX_set_tmp_rsa_callback);
+LSSL_USED(SSL_set_tmp_rsa_callback);
+LSSL_USED(SSL_CTX_set_tmp_dh_callback);
+LSSL_USED(SSL_set_tmp_dh_callback);
+LSSL_USED(SSL_CTX_set_tmp_ecdh_callback);
+LSSL_USED(SSL_set_tmp_ecdh_callback);
+LSSL_USED(SSL_get_client_random);
+LSSL_USED(SSL_get_server_random);
+LSSL_USED(SSL_get_current_compression);
+LSSL_USED(SSL_get_current_expansion);
+LSSL_USED(SSL_get_peer_certificate);
+LSSL_USED(SSL_COMP_get_name);
+LSSL_USED(SSL_COMP_get_compression_methods);
+LSSL_USED(SSL_COMP_add_compression_method);
+LSSL_USED(SSL_set_session_ticket_ext);
+LSSL_USED(SSL_set_session_ticket_ext_cb);
+LSSL_USED(SSL_set_session_secret_cb);
+LSSL_USED(SSL_set_debug);
+LSSL_USED(SSL_cache_hit);
+LSSL_USED(SSL_set_security_level);
+LSSL_USED(SSL_get_security_level);
+LSSL_USED(SSL_CTX_set_security_level);
+LSSL_USED(SSL_CTX_get_security_level);
+LSSL_USED(SSL_CTX_set_quic_method);
+LSSL_USED(SSL_CTX_sess_get_get_cb);
+LSSL_USED(SSL_set_quic_method);
+LSSL_USED(SSL_is_quic);
+LSSL_USED(SSL_quic_max_handshake_flight_len);
+LSSL_USED(SSL_quic_read_level);
+LSSL_USED(SSL_quic_write_level);
+LSSL_USED(SSL_provide_quic_data);
+LSSL_USED(SSL_process_quic_post_handshake);
+LSSL_USED(SSL_set_quic_transport_params);
+LSSL_USED(SSL_get_peer_quic_transport_params);
+LSSL_USED(SSL_set_quic_use_legacy_codepoint);
+LSSL_USED(ERR_load_SSL_strings);
+LSSL_USED(OPENSSL_init_ssl);
-#endif /* _LIBSSL_SSL_H_ */
+#endif /* _LIBSSL_SSL_H */
diff --git a/lib/libssl/hidden/openssl/tls1.h b/lib/libssl/hidden/openssl/tls1.h
new file mode 100644
index 00000000000..de93f9aa2e4
--- /dev/null
+++ b/lib/libssl/hidden/openssl/tls1.h
@@ -0,0 +1,32 @@
+/* $OpenBSD: tls1.h,v 1.1 2023/07/08 16:40:14 beck Exp $ */
+/*
+ * Copyright (c) 2023 Bob Beck <beck@openbsd.org>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#ifndef _LIBSSL_TLS1_H
+#define _LIBSSL_TLS1_H
+
+#ifndef _MSC_VER
+#include_next <openssl/tls1.h>
+#else
+#include "../include/openssl/tls1.h"
+#endif
+#include "ssl_namespace.h"
+
+LSSL_USED(SSL_get_servername);
+LSSL_USED(SSL_get_servername_type);
+LSSL_USED(SSL_export_keying_material);
+
+#endif /* _LIBSSL_TLS1_H */
diff --git a/lib/libssl/s3_lib.c b/lib/libssl/s3_lib.c
index 7561060120c..7ab6880131d 100644
--- a/lib/libssl/s3_lib.c
+++ b/lib/libssl/s3_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_lib.c,v 1.245 2023/07/02 17:21:32 beck Exp $ */
+/* $OpenBSD: s3_lib.c,v 1.246 2023/07/08 16:40:13 beck Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -1931,24 +1931,28 @@ SSL_set0_chain(SSL *ssl, STACK_OF(X509) *chain)
{
return ssl_cert_set0_chain(NULL, ssl, chain);
}
+LSSL_ALIAS(SSL_set0_chain);
int
SSL_set1_chain(SSL *ssl, STACK_OF(X509) *chain)
{
return ssl_cert_set1_chain(NULL, ssl, chain);
}
+LSSL_ALIAS(SSL_set1_chain);
int
SSL_add0_chain_cert(SSL *ssl, X509 *x509)
{
return ssl_cert_add0_chain_cert(NULL, ssl, x509);
}
+LSSL_ALIAS(SSL_add0_chain_cert);
int
SSL_add1_chain_cert(SSL *ssl, X509 *x509)
{
return ssl_cert_add1_chain_cert(NULL, ssl, x509);
}
+LSSL_ALIAS(SSL_add1_chain_cert);
int
SSL_get0_chain_certs(const SSL *ssl, STACK_OF(X509) **out_chain)
@@ -1960,12 +1964,14 @@ SSL_get0_chain_certs(const SSL *ssl, STACK_OF(X509) **out_chain)
return 1;
}
+LSSL_ALIAS(SSL_get0_chain_certs);
int
SSL_clear_chain_certs(SSL *ssl)
{
return ssl_cert_set0_chain(NULL, ssl, NULL);
}
+LSSL_ALIAS(SSL_clear_chain_certs);
int
SSL_set1_groups(SSL *s, const int *groups, size_t groups_len)
@@ -1973,6 +1979,7 @@ SSL_set1_groups(SSL *s, const int *groups, size_t groups_len)
return tls1_set_groups(&s->tlsext_supportedgroups,
&s->tlsext_supportedgroups_length, groups, groups_len);
}
+LSSL_ALIAS(SSL_set1_groups);
int
SSL_set1_groups_list(SSL *s, const char *groups)
@@ -1980,6 +1987,7 @@ SSL_set1_groups_list(SSL *s, const char *groups)
return tls1_set_group_list(&s->tlsext_supportedgroups,
&s->tlsext_supportedgroups_length, groups);
}
+LSSL_ALIAS(SSL_set1_groups_list);
static int
_SSL_get_signature_nid(SSL *s, int *nid)
@@ -2322,24 +2330,28 @@ SSL_CTX_set0_chain(SSL_CTX *ctx, STACK_OF(X509) *chain)
{
return ssl_cert_set0_chain(ctx, NULL, chain);
}
+LSSL_ALIAS(SSL_CTX_set0_chain);
int
SSL_CTX_set1_chain(SSL_CTX *ctx, STACK_OF(X509) *chain)
{
return ssl_cert_set1_chain(ctx, NULL, chain);
}
+LSSL_ALIAS(SSL_CTX_set1_chain);
int
SSL_CTX_add0_chain_cert(SSL_CTX *ctx, X509 *x509)
{
return ssl_cert_add0_chain_cert(ctx, NULL, x509);
}
+LSSL_ALIAS(SSL_CTX_add0_chain_cert);
int
SSL_CTX_add1_chain_cert(SSL_CTX *ctx, X509 *x509)
{
return ssl_cert_add1_chain_cert(ctx, NULL, x509);
}
+LSSL_ALIAS(SSL_CTX_add1_chain_cert);
int
SSL_CTX_get0_chain_certs(const SSL_CTX *ctx, STACK_OF(X509) **out_chain)
@@ -2351,12 +2363,14 @@ SSL_CTX_get0_chain_certs(const SSL_CTX *ctx, STACK_OF(X509) **out_chain)
return 1;
}
+LSSL_ALIAS(SSL_CTX_get0_chain_certs);
int
SSL_CTX_clear_chain_certs(SSL_CTX *ctx)
{
return ssl_cert_set0_chain(ctx, NULL, NULL);
}
+LSSL_ALIAS(SSL_CTX_clear_chain_certs);
static int
_SSL_CTX_add_extra_chain_cert(SSL_CTX *ctx, X509 *cert)
@@ -2402,6 +2416,7 @@ SSL_CTX_set1_groups(SSL_CTX *ctx, const int *groups, size_t groups_len)
return tls1_set_groups(&ctx->tlsext_supportedgroups,
&ctx->tlsext_supportedgroups_length, groups, groups_len);
}
+LSSL_ALIAS(SSL_CTX_set1_groups);
int
SSL_CTX_set1_groups_list(SSL_CTX *ctx, const char *groups)
@@ -2409,6 +2424,7 @@ SSL_CTX_set1_groups_list(SSL_CTX *ctx, const char *groups)
return tls1_set_group_list(&ctx->tlsext_supportedgroups,
&ctx->tlsext_supportedgroups_length, groups);
}
+LSSL_ALIAS(SSL_CTX_set1_groups_list);
long
ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
diff --git a/lib/libssl/ssl_algs.c b/lib/libssl/ssl_algs.c
index ab23f4bc453..684697df516 100644
--- a/lib/libssl/ssl_algs.c
+++ b/lib/libssl/ssl_algs.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_algs.c,v 1.31 2022/11/26 16:08:55 tb Exp $ */
+/* $OpenBSD: ssl_algs.c,v 1.32 2023/07/08 16:40:13 beck Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -122,4 +122,4 @@ SSL_library_init(void)
return (1);
}
-
+LSSL_ALIAS(SSL_library_init);
diff --git a/lib/libssl/ssl_asn1.c b/lib/libssl/ssl_asn1.c
index 7684602129d..f4552f1c945 100644
--- a/lib/libssl/ssl_asn1.c
+++ b/lib/libssl/ssl_asn1.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_asn1.c,v 1.66 2022/11/26 16:08:55 tb Exp $ */
+/* $OpenBSD: ssl_asn1.c,v 1.67 2023/07/08 16:40:13 beck Exp $ */
/*
* Copyright (c) 2016 Joel Sing <jsing@openbsd.org>
*
@@ -238,6 +238,7 @@ i2d_SSL_SESSION(SSL_SESSION *ss, unsigned char **pp)
return rv;
}
+LSSL_ALIAS(i2d_SSL_SESSION);
SSL_SESSION *
d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length)
@@ -416,3 +417,4 @@ d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length)
return (NULL);
}
+LSSL_ALIAS(d2i_SSL_SESSION);
diff --git a/lib/libssl/ssl_cert.c b/lib/libssl/ssl_cert.c
index 8a333b42789..a288050269c 100644
--- a/lib/libssl/ssl_cert.c
+++ b/lib/libssl/ssl_cert.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_cert.c,v 1.106 2023/05/26 13:44:05 tb Exp $ */
+/* $OpenBSD: ssl_cert.c,v 1.107 2023/07/08 16:40:13 beck Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -157,6 +157,7 @@ SSL_get_ex_data_X509_STORE_CTX_idx(void)
return ssl_x509_store_ctx_idx;
}
+LSSL_ALIAS(SSL_get_ex_data_X509_STORE_CTX_idx);
SSL_CERT *
ssl_cert_new(void)
@@ -487,24 +488,28 @@ SSL_dup_CA_list(const STACK_OF(X509_NAME) *sk)
sk_X509_NAME_pop_free(ret, X509_NAME_free);
return NULL;
}
+LSSL_ALIAS(SSL_dup_CA_list);
void
SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *name_list)
{
set_client_CA_list(&(s->client_CA), name_list);
}
+LSSL_ALIAS(SSL_set_client_CA_list);
void
SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *name_list)
{
set_client_CA_list(&(ctx->client_CA), name_list);
}
+LSSL_ALIAS(SSL_CTX_set_client_CA_list);
STACK_OF(X509_NAME) *
SSL_CTX_get_client_CA_list(const SSL_CTX *ctx)
{
return (ctx->client_CA);
}
+LSSL_ALIAS(SSL_CTX_get_client_CA_list);
STACK_OF(X509_NAME) *
SSL_get_client_CA_list(const SSL *s)
@@ -522,6 +527,7 @@ SSL_get_client_CA_list(const SSL *s)
return (s->ctx->client_CA);
}
}
+LSSL_ALIAS(SSL_get_client_CA_list);
static int
add_client_CA(STACK_OF(X509_NAME) **sk, X509 *x)
@@ -548,12 +554,14 @@ SSL_add_client_CA(SSL *ssl, X509 *x)
{
return (add_client_CA(&(ssl->client_CA), x));
}
+LSSL_ALIAS(SSL_add_client_CA);
int
SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x)
{
return (add_client_CA(&(ctx->client_CA), x));
}
+LSSL_ALIAS(SSL_CTX_add_client_CA);
static int
xname_cmp(const X509_NAME * const *a, const X509_NAME * const *b)
@@ -628,6 +636,7 @@ SSL_load_client_CA_file(const char *file)
return (ret);
}
+LSSL_ALIAS(SSL_load_client_CA_file);
/*!
* Add a file of certs to a stack.
@@ -688,6 +697,7 @@ SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
return ret;
}
+LSSL_ALIAS(SSL_add_file_cert_subjects_to_stack);
/*!
* Add a directory of certs to a stack.
@@ -728,3 +738,4 @@ SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, const char *dir)
}
return ret;
}
+LSSL_ALIAS(SSL_add_dir_cert_subjects_to_stack);
diff --git a/lib/libssl/ssl_ciph.c b/lib/libssl/ssl_ciph.c
index a71c5042c7d..b735cd7b30e 100644
--- a/lib/libssl/ssl_ciph.c
+++ b/lib/libssl/ssl_ciph.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_ciph.c,v 1.135 2022/11/26 16:08:55 tb Exp $ */
+/* $OpenBSD: ssl_ciph.c,v 1.136 2023/07/08 16:40:13 beck Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -475,9 +475,11 @@ ssl_cipher_get_evp(const SSL_SESSION *ss, const EVP_CIPHER **enc,
case SSL_CAMELLIA256:
*enc = EVP_camellia_256_cbc();
break;
+#ifndef OPENSSL_NO_GOST
case SSL_eGOST2814789CNT:
*enc = EVP_gost2814789_cnt();
break;
+#endif
}
switch (ss->cipher->algorithm_mac) {
@@ -493,6 +495,7 @@ ssl_cipher_get_evp(const SSL_SESSION *ss, const EVP_CIPHER **enc,
case SSL_SHA384:
*md = EVP_sha384();
break;
+#ifndef OPENSSL_NO_GOST
case SSL_GOST89MAC:
*md = EVP_gost2814789imit();
break;
@@ -502,8 +505,8 @@ ssl_cipher_get_evp(const SSL_SESSION *ss, const EVP_CIPHER **enc,
case SSL_STREEBOG256:
*md = EVP_streebog256();
break;
+#endif
}
-
if (*enc == NULL || *md == NULL)
return 0;
@@ -515,15 +518,18 @@ ssl_cipher_get_evp(const SSL_SESSION *ss, const EVP_CIPHER **enc,
return 0;
if (EVP_CIPHER_mode(*enc) == EVP_CIPH_GCM_MODE)
return 0;
-
+#ifndef OPENSSL_NO_GOST
+ /* XXX JFC. die in fire already */
if (ss->cipher->algorithm_mac == SSL_GOST89MAC) {
*mac_pkey_type = EVP_PKEY_GOSTIMIT;
*mac_secret_size = 32; /* XXX */
} else {
+#endif
*mac_pkey_type = EVP_PKEY_HMAC;
*mac_secret_size = EVP_MD_size(*md);
+#ifndef OPENSSL_NO_GOST
}
-
+#endif
return 1;
}
@@ -578,18 +584,20 @@ ssl_get_handshake_evp_md(SSL *s, const EVP_MD **md)
case SSL_HANDSHAKE_MAC_DEFAULT:
*md = EVP_md5_sha1();
return 1;
+#ifndef OPENSSL_NO_GOST
case SSL_HANDSHAKE_MAC_GOST94:
*md = EVP_gostr341194();
return 1;
+ case SSL_HANDSHAKE_MAC_STREEBOG256:
+ *md = EVP_streebog256();
+ return 1;
+#endif
case SSL_HANDSHAKE_MAC_SHA256:
*md = EVP_sha256();
return 1;
case SSL_HANDSHAKE_MAC_SHA384:
*md = EVP_sha384();
return 1;
- case SSL_HANDSHAKE_MAC_STREEBOG256:
- *md = EVP_streebog256();
- return 1;
default:
break;
}
@@ -1406,12 +1414,14 @@ SSL_CIPHER_get_by_id(unsigned int id)
{
return ssl3_get_cipher_by_id(id);
}
+LSSL_ALIAS(SSL_CIPHER_get_by_id);
const SSL_CIPHER *
SSL_CIPHER_get_by_value(uint16_t value)
{
return ssl3_get_cipher_by_value(value);
}
+LSSL_ALIAS(SSL_CIPHER_get_by_value);
char *
SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
@@ -1565,6 +1575,7 @@ SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
return (ret);
}
+LSSL_ALIAS(SSL_CIPHER_description);
const char *
SSL_CIPHER_get_version(const SSL_CIPHER *c)
@@ -1576,6 +1587,7 @@ SSL_CIPHER_get_version(const SSL_CIPHER *c)
else
return("unknown");
}
+LSSL_ALIAS(SSL_CIPHER_get_version);
/* return the actual cipher being used */
const char *
@@ -1585,6 +1597,7 @@ SSL_CIPHER_get_name(const SSL_CIPHER *c)
return (c->name);
return("(NONE)");
}
+LSSL_ALIAS(SSL_CIPHER_get_name);
/* number of bits for symmetric cipher */
int
@@ -1599,18 +1612,21 @@ SSL_CIPHER_get_bits(const SSL_CIPHER *c, int *alg_bits)
}
return (ret);
}
+LSSL_ALIAS(SSL_CIPHER_get_bits);
unsigned long
SSL_CIPHER_get_id(const SSL_CIPHER *c)
{
return c->id;
}
+LSSL_ALIAS(SSL_CIPHER_get_id);
uint16_t
SSL_CIPHER_get_value(const SSL_CIPHER *c)
{
return ssl3_cipher_get_value(c);
}
+LSSL_ALIAS(SSL_CIPHER_get_value);
const SSL_CIPHER *
SSL_CIPHER_find(SSL *ssl, const unsigned char *ptr)
@@ -1625,6 +1641,7 @@ SSL_CIPHER_find(SSL *ssl, const unsigned char *ptr)
return ssl3_get_cipher_by_value(cipher_value);
}
+LSSL_ALIAS(SSL_CIPHER_find);
int
SSL_CIPHER_get_cipher_nid(const SSL_CIPHER *c)
@@ -1658,6 +1675,7 @@ SSL_CIPHER_get_cipher_nid(const SSL_CIPHER *c)
return NID_undef;
}
}
+LSSL_ALIAS(SSL_CIPHER_get_cipher_nid);
int
SSL_CIPHER_get_digest_nid(const SSL_CIPHER *c)
@@ -1683,6 +1701,7 @@ SSL_CIPHER_get_digest_nid(const SSL_CIPHER *c)
return NID_undef;
}
}
+LSSL_ALIAS(SSL_CIPHER_get_digest_nid);
int
SSL_CIPHER_get_kx_nid(const SSL_CIPHER *c)
@@ -1700,6 +1719,7 @@ SSL_CIPHER_get_kx_nid(const SSL_CIPHER *c)
return NID_undef;
}
}
+LSSL_ALIAS(SSL_CIPHER_get_kx_nid);
int
SSL_CIPHER_get_auth_nid(const SSL_CIPHER *c)
@@ -1717,27 +1737,32 @@ SSL_CIPHER_get_auth_nid(const SSL_CIPHER *c)
return NID_undef;
}
}
+LSSL_ALIAS(SSL_CIPHER_get_auth_nid);
int
SSL_CIPHER_is_aead(const SSL_CIPHER *c)
{
return (c->algorithm_mac & SSL_AEAD) == SSL_AEAD;
}
+LSSL_ALIAS(SSL_CIPHER_is_aead);
void *
SSL_COMP_get_compression_methods(void)
{
return NULL;
}
+LSSL_ALIAS(SSL_COMP_get_compression_methods);
int
SSL_COMP_add_compression_method(int id, void *cm)
{
return 1;
}
+LSSL_ALIAS(SSL_COMP_add_compression_method);
const char *
SSL_COMP_get_name(const void *comp)
{
return NULL;
}
+LSSL_ALIAS(SSL_COMP_get_name);
diff --git a/lib/libssl/ssl_clnt.c b/lib/libssl/ssl_clnt.c
index 6aea5901324..441da643fd5 100644
--- a/lib/libssl/ssl_clnt.c
+++ b/lib/libssl/ssl_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_clnt.c,v 1.160 2023/06/11 19:01:01 tb Exp $ */
+/* $OpenBSD: ssl_clnt.c,v 1.161 2023/07/08 16:40:13 beck Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -2123,12 +2123,14 @@ ssl3_send_client_verify_sigalgs(SSL *s, EVP_PKEY *pkey,
SSLerror(s, ERR_R_EVP_LIB);
goto err;
}
+#ifndef OPENSSL_NO_GOST
if (sigalg->key_type == EVP_PKEY_GOSTR01 &&
EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN,
EVP_PKEY_CTRL_GOST_SIG_FORMAT, GOST_SIG_FORMAT_RS_LE, NULL) <= 0) {
SSLerror(s, ERR_R_EVP_LIB);
goto err;
}
+#endif
if ((sigalg->flags & SIGALG_FLAG_RSA_PSS) &&
(!EVP_PKEY_CTX_set_rsa_padding(pctx, RSA_PKCS1_PSS_PADDING) ||
!EVP_PKEY_CTX_set_rsa_pss_saltlen(pctx, -1))) {
@@ -2267,11 +2269,13 @@ ssl3_send_client_verify_gost(SSL *s, EVP_PKEY *pkey, CBB *cert_verify)
SSLerror(s, ERR_R_EVP_LIB);
goto err;
}
+#ifndef OPENSSL_NO_GOST
if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN,
EVP_PKEY_CTRL_GOST_SIG_FORMAT, GOST_SIG_FORMAT_RS_LE, NULL) <= 0) {
SSLerror(s, ERR_R_EVP_LIB);
goto err;
}
+#endif
if (!EVP_DigestSign(mctx, NULL, &signature_len, hdata, hdata_len)) {
SSLerror(s, ERR_R_EVP_LIB);
goto err;
diff --git a/lib/libssl/ssl_err.c b/lib/libssl/ssl_err.c
index 59d8119e10b..28097ea70a9 100644
--- a/lib/libssl/ssl_err.c
+++ b/lib/libssl/ssl_err.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_err.c,v 1.45 2022/11/26 16:08:55 tb Exp $ */
+/* $OpenBSD: ssl_err.c,v 1.46 2023/07/08 16:40:13 beck Exp $ */
/* ====================================================================
* Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
*
@@ -482,6 +482,7 @@ ERR_load_SSL_strings(void)
}
#endif
}
+LSSL_ALIAS(ERR_load_SSL_strings);
void
SSL_load_error_strings(void)
@@ -491,6 +492,7 @@ SSL_load_error_strings(void)
ERR_load_SSL_strings();
#endif
}
+LSSL_ALIAS(SSL_load_error_strings);
int
SSL_state_func_code(int state) {
diff --git a/lib/libssl/ssl_init.c b/lib/libssl/ssl_init.c
index 65f38e25db6..a8646cc092a 100644
--- a/lib/libssl/ssl_init.c
+++ b/lib/libssl/ssl_init.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_init.c,v 1.3 2022/11/26 16:08:55 tb Exp $ */
+/* $OpenBSD: ssl_init.c,v 1.4 2023/07/08 16:40:13 beck Exp $ */
/*
* Copyright (c) 2018 Bob Beck <beck@openbsd.org>
*
@@ -49,3 +49,4 @@ OPENSSL_init_ssl(uint64_t opts, const void *settings)
return 1;
}
+LSSL_ALIAS(OPENSSL_init_ssl);
diff --git a/lib/libssl/ssl_lib.c b/lib/libssl/ssl_lib.c
index f6c94061391..b1169b02425 100644
--- a/lib/libssl/ssl_lib.c
+++ b/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_lib.c,v 1.310 2023/05/26 13:44:05 tb Exp $ */
+/* $OpenBSD: ssl_lib.c,v 1.311 2023/07/08 16:40:13 beck Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -218,6 +218,7 @@ SSL_clear(SSL *s)
return (1);
}
+LSSL_ALIAS(SSL_clear);
/* Used to change an SSL_CTXs default SSL method type */
int
@@ -236,6 +237,7 @@ SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth)
}
return (1);
}
+LSSL_ALIAS(SSL_CTX_set_ssl_version);
SSL *
SSL_new(SSL_CTX *ctx)
@@ -360,6 +362,7 @@ SSL_new(SSL_CTX *ctx)
SSLerrorx(ERR_R_MALLOC_FAILURE);
return (NULL);
}
+LSSL_ALIAS(SSL_new);
int
SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx,
@@ -374,6 +377,7 @@ SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx,
return (1);
}
+LSSL_ALIAS(SSL_CTX_set_session_id_context);
int
SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx,
@@ -388,6 +392,7 @@ SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx,
return (1);
}
+LSSL_ALIAS(SSL_set_session_id_context);
int
SSL_CTX_set_generate_session_id(SSL_CTX *ctx, GEN_SESSION_CB cb)
@@ -397,6 +402,7 @@ SSL_CTX_set_generate_session_id(SSL_CTX *ctx, GEN_SESSION_CB cb)
CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
return (1);
}
+LSSL_ALIAS(SSL_CTX_set_generate_session_id);
int
SSL_set_generate_session_id(SSL *ssl, GEN_SESSION_CB cb)
@@ -406,6 +412,7 @@ SSL_set_generate_session_id(SSL *ssl, GEN_SESSION_CB cb)
CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
return (1);
}
+LSSL_ALIAS(SSL_set_generate_session_id);
int
SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
@@ -432,30 +439,35 @@ SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
return (p != NULL);
}
+LSSL_ALIAS(SSL_has_matching_session_id);
int
SSL_CTX_set_purpose(SSL_CTX *s, int purpose)
{
return (X509_VERIFY_PARAM_set_purpose(s->param, purpose));
}
+LSSL_ALIAS(SSL_CTX_set_purpose);
int
SSL_set_purpose(SSL *s, int purpose)
{
return (X509_VERIFY_PARAM_set_purpose(s->param, purpose));
}
+LSSL_ALIAS(SSL_set_purpose);
int
SSL_CTX_set_trust(SSL_CTX *s, int trust)
{
return (X509_VERIFY_PARAM_set_trust(s->param, trust));
}
+LSSL_ALIAS(SSL_CTX_set_trust);
int
SSL_set_trust(SSL *s, int trust)
{
return (X509_VERIFY_PARAM_set_trust(s->param, trust));
}
+LSSL_ALIAS(SSL_set_trust);
int
SSL_set1_host(SSL *s, const char *hostname)
@@ -470,42 +482,49 @@ SSL_set1_host(SSL *s, const char *hostname)
else
return X509_VERIFY_PARAM_set1_host(s->param, hostname, 0);
}
+LSSL_ALIAS(SSL_set1_host);
void
SSL_set_hostflags(SSL *s, unsigned int flags)
{
X509_VERIFY_PARAM_set_hostflags(s->param, flags);
}
+LSSL_ALIAS(SSL_set_hostflags);
const char *
SSL_get0_peername(SSL *s)
{
return X509_VERIFY_PARAM_get0_peername(s->param);
}
+LSSL_ALIAS(SSL_get0_peername);
X509_VERIFY_PARAM *
SSL_CTX_get0_param(SSL_CTX *ctx)
{
return (ctx->param);
}
+LSSL_ALIAS(SSL_CTX_get0_param);
int
SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm)
{
return (X509_VERIFY_PARAM_set1(ctx->param, vpm));
}
+LSSL_ALIAS(SSL_CTX_set1_param);
X509_VERIFY_PARAM *
SSL_get0_param(SSL *ssl)
{
return (ssl->param);
}
+LSSL_ALIAS(SSL_get0_param);
int
SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm)
{
return (X509_VERIFY_PARAM_set1(ssl->param, vpm));
}
+LSSL_ALIAS(SSL_set1_param);
void
SSL_free(SSL *s)
@@ -585,6 +604,7 @@ SSL_free(SSL *s)
free(s);
}
+LSSL_ALIAS(SSL_free);
int
SSL_up_ref(SSL *s)
@@ -592,6 +612,7 @@ SSL_up_ref(SSL *s)
int refs = CRYPTO_add(&s->references, 1, CRYPTO_LOCK_SSL);
return (refs > 1) ? 1 : 0;
}
+LSSL_ALIAS(SSL_up_ref);
void
SSL_set_bio(SSL *s, BIO *rbio, BIO *wbio)
@@ -611,12 +632,14 @@ SSL_set_bio(SSL *s, BIO *rbio, BIO *wbio)
s->rbio = rbio;
s->wbio = wbio;
}
+LSSL_ALIAS(SSL_set_bio);
BIO *
SSL_get_rbio(const SSL *s)
{
return (s->rbio);
}
+LSSL_ALIAS(SSL_get_rbio);
void
SSL_set0_rbio(SSL *s, BIO *rbio)
@@ -624,18 +647,21 @@ SSL_set0_rbio(SSL *s, BIO *rbio)
BIO_free_all(s->rbio);
s->rbio = rbio;
}
+LSSL_ALIAS(SSL_set0_rbio);
BIO *
SSL_get_wbio(const SSL *s)
{
return (s->wbio);
}
+LSSL_ALIAS(SSL_get_wbio);
int
SSL_get_fd(const SSL *s)
{
return (SSL_get_rfd(s));
}
+LSSL_ALIAS(SSL_get_fd);
int
SSL_get_rfd(const SSL *s)
@@ -649,6 +675,7 @@ SSL_get_rfd(const SSL *s)
BIO_get_fd(r, &ret);
return (ret);
}
+LSSL_ALIAS(SSL_get_rfd);
int
SSL_get_wfd(const SSL *s)
@@ -662,6 +689,7 @@ SSL_get_wfd(const SSL *s)
BIO_get_fd(r, &ret);
return (ret);
}
+LSSL_ALIAS(SSL_get_wfd);
int
SSL_set_fd(SSL *s, int fd)
@@ -681,6 +709,7 @@ SSL_set_fd(SSL *s, int fd)
err:
return (ret);
}
+LSSL_ALIAS(SSL_set_fd);
int
SSL_set_wfd(SSL *s, int fd)
@@ -704,6 +733,7 @@ SSL_set_wfd(SSL *s, int fd)
err:
return (ret);
}
+LSSL_ALIAS(SSL_set_wfd);
int
SSL_set_rfd(SSL *s, int fd)
@@ -727,6 +757,7 @@ SSL_set_rfd(SSL *s, int fd)
err:
return (ret);
}
+LSSL_ALIAS(SSL_set_rfd);
/* return length of latest Finished message we sent, copy to 'buf' */
@@ -741,6 +772,7 @@ SSL_get_finished(const SSL *s, void *buf, size_t count)
memcpy(buf, s->s3->hs.finished, count);
return (ret);
}
+LSSL_ALIAS(SSL_get_finished);
/* return length of latest Finished message we expected, copy to 'buf' */
size_t
@@ -754,6 +786,7 @@ SSL_get_peer_finished(const SSL *s, void *buf, size_t count)
memcpy(buf, s->s3->hs.peer_finished, count);
return (ret);
}
+LSSL_ALIAS(SSL_get_peer_finished);
int
@@ -761,30 +794,35 @@ SSL_get_verify_mode(const SSL *s)
{
return (s->verify_mode);
}
+LSSL_ALIAS(SSL_get_verify_mode);
int
SSL_get_verify_depth(const SSL *s)
{
return (X509_VERIFY_PARAM_get_depth(s->param));
}
+LSSL_ALIAS(SSL_get_verify_depth);
int
(*SSL_get_verify_callback(const SSL *s))(int, X509_STORE_CTX *)
{
return (s->verify_callback);
}
+LSSL_ALIAS(SSL_get_verify_callback);
void
SSL_CTX_set_keylog_callback(SSL_CTX *ctx, SSL_CTX_keylog_cb_func cb)
{
ctx->keylog_callback = cb;
}
+LSSL_ALIAS(SSL_CTX_set_keylog_callback);
SSL_CTX_keylog_cb_func
SSL_CTX_get_keylog_callback(const SSL_CTX *ctx)
{
return (ctx->keylog_callback);
}
+LSSL_ALIAS(SSL_CTX_get_keylog_callback);
int
SSL_set_num_tickets(SSL *s, size_t num_tickets)
@@ -793,12 +831,14 @@ SSL_set_num_tickets(SSL *s, size_t num_tickets)
return 1;
}
+LSSL_ALIAS(SSL_set_num_tickets);
size_t
SSL_get_num_tickets(const SSL *s)
{
return s->num_tickets;
}
+LSSL_ALIAS(SSL_get_num_tickets);
int
SSL_CTX_set_num_tickets(SSL_CTX *ctx, size_t num_tickets)
@@ -807,30 +847,35 @@ SSL_CTX_set_num_tickets(SSL_CTX *ctx, size_t num_tickets)
return 1;
}
+LSSL_ALIAS(SSL_CTX_set_num_tickets);
size_t
SSL_CTX_get_num_tickets(const SSL_CTX *ctx)
{
return ctx->num_tickets;
}
+LSSL_ALIAS(SSL_CTX_get_num_tickets);
int
SSL_CTX_get_verify_mode(const SSL_CTX *ctx)
{
return (ctx->verify_mode);
}
+LSSL_ALIAS(SSL_CTX_get_verify_mode);
int
SSL_CTX_get_verify_depth(const SSL_CTX *ctx)
{
return (X509_VERIFY_PARAM_get_depth(ctx->param));
}
+LSSL_ALIAS(SSL_CTX_get_verify_depth);
int
(*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))(int, X509_STORE_CTX *)
{
return (ctx->default_verify_callback);
}
+LSSL_ALIAS(SSL_CTX_get_verify_callback);
void
SSL_set_verify(SSL *s, int mode,
@@ -840,30 +885,35 @@ SSL_set_verify(SSL *s, int mode,
if (callback != NULL)
s->verify_callback = callback;
}
+LSSL_ALIAS(SSL_set_verify);
void
SSL_set_verify_depth(SSL *s, int depth)
{
X509_VERIFY_PARAM_set_depth(s->param, depth);
}
+LSSL_ALIAS(SSL_set_verify_depth);
void
SSL_set_read_ahead(SSL *s, int yes)
{
s->read_ahead = yes;
}
+LSSL_ALIAS(SSL_set_read_ahead);
int
SSL_get_read_ahead(const SSL *s)
{
return (s->read_ahead);
}
+LSSL_ALIAS(SSL_get_read_ahead);
int
SSL_pending(const SSL *s)
{
return (s->method->ssl_pending(s));
}
+LSSL_ALIAS(SSL_pending);
X509 *
SSL_get_peer_certificate(const SSL *s)
@@ -880,6 +930,7 @@ SSL_get_peer_certificate(const SSL *s)
return cert;
}
+LSSL_ALIAS(SSL_get_peer_certificate);
STACK_OF(X509) *
SSL_get_peer_cert_chain(const SSL *s)
@@ -896,6 +947,7 @@ SSL_get_peer_cert_chain(const SSL *s)
return s->s3->hs.peer_certs_no_leaf;
}
+LSSL_ALIAS(SSL_get_peer_cert_chain);
STACK_OF(X509) *
SSL_get0_verified_chain(const SSL *s)
@@ -904,6 +956,7 @@ SSL_get0_verified_chain(const SSL *s)
return NULL;
return s->s3->hs.verified_chain;
}
+LSSL_ALIAS(SSL_get0_verified_chain);
/*
* Now in theory, since the calling process own 't' it should be safe to
@@ -939,6 +992,7 @@ SSL_copy_session_id(SSL *t, const SSL *f)
return 1;
}
+LSSL_ALIAS(SSL_copy_session_id);
/* Fix this so it checks all the valid key/cert options */
int
@@ -956,6 +1010,7 @@ SSL_CTX_check_private_key(const SSL_CTX *ctx)
return (X509_check_private_key(ctx->cert->key->x509,
ctx->cert->key->privatekey));
}
+LSSL_ALIAS(SSL_CTX_check_private_key);
/* Fix this function so that it takes an optional type parameter */
int
@@ -980,6 +1035,7 @@ SSL_check_private_key(const SSL *ssl)
return (X509_check_private_key(ssl->cert->key->x509,
ssl->cert->key->privatekey));
}
+LSSL_ALIAS(SSL_check_private_key);
int
SSL_accept(SSL *s)
@@ -989,6 +1045,7 @@ SSL_accept(SSL *s)
return (s->method->ssl_accept(s));
}
+LSSL_ALIAS(SSL_accept);
int
SSL_connect(SSL *s)
@@ -998,18 +1055,21 @@ SSL_connect(SSL *s)
return (s->method->ssl_connect(s));
}
+LSSL_ALIAS(SSL_connect);
int
SSL_is_dtls(const SSL *s)
{
return s->method->dtls;
}
+LSSL_ALIAS(SSL_is_dtls);
int
SSL_is_server(const SSL *s)
{
return s->server;
}
+LSSL_ALIAS(SSL_is_server);
static long
ssl_get_default_timeout()
@@ -1026,6 +1086,7 @@ SSL_get_default_timeout(const SSL *s)
{
return (ssl_get_default_timeout());
}
+LSSL_ALIAS(SSL_get_default_timeout);
int
SSL_read(SSL *s, void *buf, int num)
@@ -1051,6 +1112,7 @@ SSL_read(SSL *s, void *buf, int num)
}
return ssl3_read(s, buf, num);
}
+LSSL_ALIAS(SSL_read);
int
SSL_read_ex(SSL *s, void *buf, size_t num, size_t *bytes_read)
@@ -1070,6 +1132,7 @@ SSL_read_ex(SSL *s, void *buf, size_t num, size_t *bytes_read)
return ret > 0;
}
+LSSL_ALIAS(SSL_read_ex);
int
SSL_peek(SSL *s, void *buf, int num)
@@ -1094,6 +1157,7 @@ SSL_peek(SSL *s, void *buf, int num)
}
return ssl3_peek(s, buf, num);
}
+LSSL_ALIAS(SSL_peek);
int
SSL_peek_ex(SSL *s, void *buf, size_t num, size_t *bytes_peeked)
@@ -1113,6 +1177,7 @@ SSL_peek_ex(SSL *s, void *buf, size_t num, size_t *bytes_peeked)
return ret > 0;
}
+LSSL_ALIAS(SSL_peek_ex);
int
SSL_write(SSL *s, const void *buf, int num)
@@ -1139,6 +1204,7 @@ SSL_write(SSL *s, const void *buf, int num)
}
return ssl3_write(s, buf, num);
}
+LSSL_ALIAS(SSL_write);
int
SSL_write_ex(SSL *s, const void *buf, size_t num, size_t *bytes_written)
@@ -1164,36 +1230,42 @@ SSL_write_ex(SSL *s, const void *buf, size_t num, size_t *bytes_written)
return ret > 0;
}
+LSSL_ALIAS(SSL_write_ex);
uint32_t
SSL_CTX_get_max_early_data(const SSL_CTX *ctx)
{
return 0;
}
+LSSL_ALIAS(SSL_CTX_get_max_early_data);
int
SSL_CTX_set_max_early_data(SSL_CTX *ctx, uint32_t max_early_data)
{
return 1;
}
+LSSL_ALIAS(SSL_CTX_set_max_early_data);
uint32_t
SSL_get_max_early_data(const SSL *s)
{
return 0;
}
+LSSL_ALIAS(SSL_get_max_early_data);
int
SSL_set_max_early_data(SSL *s, uint32_t max_early_data)
{
return 1;
}
+LSSL_ALIAS(SSL_set_max_early_data);
int
SSL_get_early_data_status(const SSL *s)
{
return SSL_EARLY_DATA_REJECTED;
}
+LSSL_ALIAS(SSL_get_early_data_status);
int
SSL_read_early_data(SSL *s, void *buf, size_t num, size_t *readbytes)
@@ -1207,6 +1279,7 @@ SSL_read_early_data(SSL *s, void *buf, size_t num, size_t *readbytes)
return SSL_READ_EARLY_DATA_FINISH;
}
+LSSL_ALIAS(SSL_read_early_data);
int
SSL_write_early_data(SSL *s, const void *buf, size_t num, size_t *written)
@@ -1215,6 +1288,7 @@ SSL_write_early_data(SSL *s, const void *buf, size_t num, size_t *written)
SSLerror(s, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return 0;
}
+LSSL_ALIAS(SSL_write_early_data);
int
SSL_shutdown(SSL *s)
@@ -1236,6 +1310,7 @@ SSL_shutdown(SSL *s)
return (1);
}
+LSSL_ALIAS(SSL_shutdown);
int
SSL_renegotiate(SSL *s)
@@ -1247,6 +1322,7 @@ SSL_renegotiate(SSL *s)
return (s->method->ssl_renegotiate(s));
}
+LSSL_ALIAS(SSL_renegotiate);
int
SSL_renegotiate_abbreviated(SSL *s)
@@ -1258,6 +1334,7 @@ SSL_renegotiate_abbreviated(SSL *s)
return (s->method->ssl_renegotiate(s));
}
+LSSL_ALIAS(SSL_renegotiate_abbreviated);
int
SSL_renegotiate_pending(SSL *s)
@@ -1268,6 +1345,7 @@ SSL_renegotiate_pending(SSL *s)
*/
return (s->renegotiate != 0);
}
+LSSL_ALIAS(SSL_renegotiate_pending);
long
SSL_ctrl(SSL *s, int cmd, long larg, void *parg)
@@ -1325,6 +1403,7 @@ SSL_ctrl(SSL *s, int cmd, long larg, void *parg)
return ssl3_ctrl(s, cmd, larg, parg);
}
}
+LSSL_ALIAS(SSL_ctrl);
long
SSL_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
@@ -1338,12 +1417,14 @@ SSL_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
return (ssl3_callback_ctrl(s, cmd, fp));
}
}
+LSSL_ALIAS(SSL_callback_ctrl);
struct lhash_st_SSL_SESSION *
SSL_CTX_sessions(SSL_CTX *ctx)
{
return (ctx->sessions);
}
+LSSL_ALIAS(SSL_CTX_sessions);
long
SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
@@ -1423,6 +1504,7 @@ SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
return (ssl3_ctx_ctrl(ctx, cmd, larg, parg));
}
}
+LSSL_ALIAS(SSL_CTX_ctrl);
long
SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
@@ -1436,6 +1518,7 @@ SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
return (ssl3_ctx_callback_ctrl(ctx, cmd, fp));
}
}
+LSSL_ALIAS(SSL_CTX_callback_ctrl);
int
ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b)
@@ -1459,6 +1542,7 @@ SSL_get_ciphers(const SSL *s)
return (s->ctx->cipher_list);
}
+LSSL_ALIAS(SSL_get_ciphers);
STACK_OF(SSL_CIPHER) *
SSL_get_client_ciphers(const SSL *s)
@@ -1467,6 +1551,7 @@ SSL_get_client_ciphers(const SSL *s)
return NULL;
return s->session->ciphers;
}
+LSSL_ALIAS(SSL_get_client_ciphers);
STACK_OF(SSL_CIPHER) *
SSL_get1_supported_ciphers(SSL *s)
@@ -1504,6 +1589,7 @@ SSL_get1_supported_ciphers(SSL *s)
sk_SSL_CIPHER_free(supported_ciphers);
return NULL;
}
+LSSL_ALIAS(SSL_get1_supported_ciphers);
/* See if we have any ECC cipher suites. */
int
@@ -1544,6 +1630,7 @@ SSL_get_cipher_list(const SSL *s, int n)
return (cipher->name);
}
+LSSL_ALIAS(SSL_get_cipher_list);
STACK_OF(SSL_CIPHER) *
SSL_CTX_get_ciphers(const SSL_CTX *ctx)
@@ -1552,6 +1639,7 @@ SSL_CTX_get_ciphers(const SSL_CTX *ctx)
return NULL;
return ctx->cipher_list;
}
+LSSL_ALIAS(SSL_CTX_get_ciphers);
/* Specify the ciphers to be used by default by the SSL_CTX. */
int
@@ -1576,6 +1664,7 @@ SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str)
}
return (1);
}
+LSSL_ALIAS(SSL_CTX_set_cipher_list);
int
SSL_CTX_set_ciphersuites(SSL_CTX *ctx, const char *str)
@@ -1590,6 +1679,7 @@ SSL_CTX_set_ciphersuites(SSL_CTX *ctx, const char *str)
return 1;
}
+LSSL_ALIAS(SSL_CTX_set_ciphersuites);
/* Specify the ciphers to be used by the SSL. */
int
@@ -1611,6 +1701,7 @@ SSL_set_cipher_list(SSL *s, const char *str)
}
return (1);
}
+LSSL_ALIAS(SSL_set_cipher_list);
int
SSL_set_ciphersuites(SSL *s, const char *str)
@@ -1630,6 +1721,7 @@ SSL_set_ciphersuites(SSL *s, const char *str)
return 1;
}
+LSSL_ALIAS(SSL_set_ciphersuites);
char *
SSL_get_shared_ciphers(const SSL *s, char *buf, int len)
@@ -1671,6 +1763,7 @@ SSL_get_shared_ciphers(const SSL *s, char *buf, int len)
*end = '\0';
return buf;
}
+LSSL_ALIAS(SSL_get_shared_ciphers);
/*
* Return a servername extension value if provided in Client Hello, or NULL.
@@ -1686,6 +1779,7 @@ SSL_get_servername(const SSL *s, const int type)
s->session->tlsext_hostname :
s->tlsext_hostname);
}
+LSSL_ALIAS(SSL_get_servername);
int
SSL_get_servername_type(const SSL *s)
@@ -1696,6 +1790,7 @@ SSL_get_servername_type(const SSL *s)
return (TLSEXT_NAMETYPE_host_name);
return (-1);
}
+LSSL_ALIAS(SSL_get_servername_type);
/*
* SSL_select_next_proto implements standard protocol selection. It is
@@ -1749,6 +1844,7 @@ SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
*outlen = result[0];
return (status);
}
+LSSL_ALIAS(SSL_select_next_proto);
/* SSL_get0_next_proto_negotiated is deprecated. */
void
@@ -1758,6 +1854,7 @@ SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data,
*data = NULL;
*len = 0;
}
+LSSL_ALIAS(SSL_get0_next_proto_negotiated);
/* SSL_CTX_set_next_protos_advertised_cb is deprecated. */
void
@@ -1765,6 +1862,7 @@ SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *ctx, int (*cb) (SSL *ssl,
const unsigned char **out, unsigned int *outlen, void *arg), void *arg)
{
}
+LSSL_ALIAS(SSL_CTX_set_next_protos_advertised_cb);
/* SSL_CTX_set_next_proto_select_cb is deprecated. */
void
@@ -1773,6 +1871,7 @@ SSL_CTX_set_next_proto_select_cb(SSL_CTX *ctx, int (*cb) (SSL *s,
unsigned int inlen, void *arg), void *arg)
{
}
+LSSL_ALIAS(SSL_CTX_set_next_proto_select_cb);
/*
* SSL_CTX_set_alpn_protos sets the ALPN protocol list to the specified
@@ -1806,6 +1905,7 @@ SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos,
/* NOTE: Return values are the reverse of what you expect. */
return failed;
}
+LSSL_ALIAS(SSL_CTX_set_alpn_protos);
/*
* SSL_set_alpn_protos sets the ALPN protocol list to the specified
@@ -1839,6 +1939,7 @@ SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos,
/* NOTE: Return values are the reverse of what you expect. */
return failed;
}
+LSSL_ALIAS(SSL_set_alpn_protos);
/*
* SSL_CTX_set_alpn_select_cb sets a callback function that is called during
@@ -1853,6 +1954,7 @@ SSL_CTX_set_alpn_select_cb(SSL_CTX* ctx,
ctx->alpn_select_cb = cb;
ctx->alpn_select_cb_arg = arg;
}
+LSSL_ALIAS(SSL_CTX_set_alpn_select_cb);
/*
* SSL_get0_alpn_selected gets the selected ALPN protocol (if any). On return
@@ -1867,12 +1969,14 @@ SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
*data = ssl->s3->alpn_selected;
*len = ssl->s3->alpn_selected_len;
}
+LSSL_ALIAS(SSL_get0_alpn_selected);
void
SSL_set_psk_use_session_callback(SSL *s, SSL_psk_use_session_cb_func cb)
{
return;
}
+LSSL_ALIAS(SSL_set_psk_use_session_callback);
int
SSL_export_keying_material(SSL *s, unsigned char *out, size_t out_len,
@@ -1891,6 +1995,7 @@ SSL_export_keying_material(SSL *s, unsigned char *out, size_t out_len,
return tls12_exporter(s, label, label_len, context, context_len,
use_context, out, out_len);
}
+LSSL_ALIAS(SSL_export_keying_material);
static unsigned long
ssl_session_hash(const SSL_SESSION *a)
@@ -2092,6 +2197,7 @@ SSL_CTX_new(const SSL_METHOD *meth)
SSL_CTX_free(ret);
return (NULL);
}
+LSSL_ALIAS(SSL_CTX_new);
void
SSL_CTX_free(SSL_CTX *ctx)
@@ -2146,6 +2252,7 @@ SSL_CTX_free(SSL_CTX *ctx)
free(ctx);
}
+LSSL_ALIAS(SSL_CTX_free);
int
SSL_CTX_up_ref(SSL_CTX *ctx)
@@ -2153,30 +2260,35 @@ SSL_CTX_up_ref(SSL_CTX *ctx)
int refs = CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
return ((refs > 1) ? 1 : 0);
}
+LSSL_ALIAS(SSL_CTX_up_ref);
pem_password_cb *
SSL_CTX_get_default_passwd_cb(SSL_CTX *ctx)
{
return (ctx->default_passwd_callback);
}
+LSSL_ALIAS(SSL_CTX_get_default_passwd_cb);
void
SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb)
{
ctx->default_passwd_callback = cb;
}
+LSSL_ALIAS(SSL_CTX_set_default_passwd_cb);
void *
SSL_CTX_get_default_passwd_cb_userdata(SSL_CTX *ctx)
{
return ctx->default_passwd_callback_userdata;
}
+LSSL_ALIAS(SSL_CTX_get_default_passwd_cb_userdata);
void
SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u)
{
ctx->default_passwd_callback_userdata = u;
}
+LSSL_ALIAS(SSL_CTX_set_default_passwd_cb_userdata);
void
SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx,
@@ -2185,6 +2297,7 @@ SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx,
ctx->app_verify_callback = cb;
ctx->app_verify_arg = arg;
}
+LSSL_ALIAS(SSL_CTX_set_cert_verify_callback);
void
SSL_CTX_set_verify(SSL_CTX *ctx, int mode, int (*cb)(int, X509_STORE_CTX *))
@@ -2192,12 +2305,14 @@ SSL_CTX_set_verify(SSL_CTX *ctx, int mode, int (*cb)(int, X509_STORE_CTX *))
ctx->verify_mode = mode;
ctx->default_verify_callback = cb;
}
+LSSL_ALIAS(SSL_CTX_set_verify);
void
SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth)
{
X509_VERIFY_PARAM_set_depth(ctx->param, depth);
}
+LSSL_ALIAS(SSL_CTX_set_verify_depth);
void
ssl_set_cert_masks(SSL_CERT *c, const SSL_CIPHER *cipher)
@@ -2478,6 +2593,7 @@ SSL_get_ssl_method(SSL *s)
{
return (s->method);
}
+LSSL_ALIAS(SSL_get_ssl_method);
int
SSL_set_ssl_method(SSL *s, const SSL_METHOD *method)
@@ -2504,6 +2620,7 @@ SSL_set_ssl_method(SSL *s, const SSL_METHOD *method)
return (ret);
}
+LSSL_ALIAS(SSL_set_ssl_method);
int
SSL_get_error(const SSL *s, int i)
@@ -2583,6 +2700,7 @@ SSL_get_error(const SSL *s, int i)
return (SSL_ERROR_SYSCALL);
}
+LSSL_ALIAS(SSL_get_error);
int
SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method)
@@ -2594,6 +2712,7 @@ SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method)
return 1;
}
+LSSL_ALIAS(SSL_CTX_set_quic_method);
int
SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method)
@@ -2605,6 +2724,7 @@ SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method)
return 1;
}
+LSSL_ALIAS(SSL_set_quic_method);
size_t
SSL_quic_max_handshake_flight_len(const SSL *ssl,
@@ -2652,18 +2772,21 @@ SSL_quic_max_handshake_flight_len(const SSL *ssl,
return 0;
}
+LSSL_ALIAS(SSL_quic_max_handshake_flight_len);
enum ssl_encryption_level_t
SSL_quic_read_level(const SSL *ssl)
{
return ssl->s3->hs.tls13.quic_read_level;
}
+LSSL_ALIAS(SSL_quic_read_level);
enum ssl_encryption_level_t
SSL_quic_write_level(const SSL *ssl)
{
return ssl->s3->hs.tls13.quic_write_level;
}
+LSSL_ALIAS(SSL_quic_write_level);
int
SSL_provide_quic_data(SSL *ssl, enum ssl_encryption_level_t level,
@@ -2697,6 +2820,7 @@ SSL_provide_quic_data(SSL *ssl, enum ssl_encryption_level_t level,
*/
return tls_buffer_append(ssl->s3->hs.tls13.quic_read_buffer, data, len);
}
+LSSL_ALIAS(SSL_provide_quic_data);
int
SSL_process_quic_post_handshake(SSL *ssl)
@@ -2704,6 +2828,7 @@ SSL_process_quic_post_handshake(SSL *ssl)
/* XXX - this needs to run PHH received. */
return 1;
}
+LSSL_ALIAS(SSL_process_quic_post_handshake);
int
SSL_do_handshake(SSL *s)
@@ -2720,6 +2845,7 @@ SSL_do_handshake(SSL *s)
return s->handshake_func(s);
}
+LSSL_ALIAS(SSL_do_handshake);
/*
* For the next 2 functions, SSL_clear() sets shutdown and so
@@ -2734,6 +2860,7 @@ SSL_set_accept_state(SSL *s)
s->handshake_func = s->method->ssl_accept;
ssl_clear_cipher_state(s);
}
+LSSL_ALIAS(SSL_set_accept_state);
void
SSL_set_connect_state(SSL *s)
@@ -2744,6 +2871,7 @@ SSL_set_connect_state(SSL *s)
s->handshake_func = s->method->ssl_connect;
ssl_clear_cipher_state(s);
}
+LSSL_ALIAS(SSL_set_connect_state);
int
ssl_undefined_function(SSL *s)
@@ -2792,6 +2920,7 @@ SSL_get_version(const SSL *s)
{
return ssl_version_string(s->version);
}
+LSSL_ALIAS(SSL_get_version);
SSL *
SSL_dup(SSL *s)
@@ -2915,6 +3044,7 @@ SSL_dup(SSL *s)
SSL_free(ret);
return NULL;
}
+LSSL_ALIAS(SSL_dup);
void
ssl_clear_cipher_state(SSL *s)
@@ -2957,6 +3087,7 @@ SSL_get_certificate(const SSL *s)
{
return (s->cert->key->x509);
}
+LSSL_ALIAS(SSL_get_certificate);
/* Fix this function so that it takes an optional type parameter */
EVP_PKEY *
@@ -2964,6 +3095,7 @@ SSL_get_privatekey(const SSL *s)
{
return (s->cert->key->privatekey);
}
+LSSL_ALIAS(SSL_get_privatekey);
const SSL_CIPHER *
SSL_get_current_cipher(const SSL *s)
@@ -2972,17 +3104,20 @@ SSL_get_current_cipher(const SSL *s)
return (s->session->cipher);
return (NULL);
}
+LSSL_ALIAS(SSL_get_current_cipher);
const void *
SSL_get_current_compression(SSL *s)
{
return (NULL);
}
+LSSL_ALIAS(SSL_get_current_compression);
const void *
SSL_get_current_expansion(SSL *s)
{
return (NULL);
}
+LSSL_ALIAS(SSL_get_current_expansion);
size_t
SSL_get_client_random(const SSL *s, unsigned char *out, size_t max_out)
@@ -2999,6 +3134,7 @@ SSL_get_client_random(const SSL *s, unsigned char *out, size_t max_out)
return len;
}
+LSSL_ALIAS(SSL_get_client_random);
size_t
SSL_get_server_random(const SSL *s, unsigned char *out, size_t max_out)
@@ -3015,6 +3151,7 @@ SSL_get_server_random(const SSL *s, unsigned char *out, size_t max_out)
return len;
}
+LSSL_ALIAS(SSL_get_server_random);
int
ssl_init_wbio_buffer(SSL *s, int push)
@@ -3069,48 +3206,56 @@ SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode)
{
ctx->quiet_shutdown = mode;
}
+LSSL_ALIAS(SSL_CTX_set_quiet_shutdown);
int
SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx)
{
return (ctx->quiet_shutdown);
}
+LSSL_ALIAS(SSL_CTX_get_quiet_shutdown);
void
SSL_set_quiet_shutdown(SSL *s, int mode)
{
s->quiet_shutdown = mode;
}
+LSSL_ALIAS(SSL_set_quiet_shutdown);
int
SSL_get_quiet_shutdown(const SSL *s)
{
return (s->quiet_shutdown);
}
+LSSL_ALIAS(SSL_get_quiet_shutdown);
void
SSL_set_shutdown(SSL *s, int mode)
{
s->shutdown = mode;
}
+LSSL_ALIAS(SSL_set_shutdown);
int
SSL_get_shutdown(const SSL *s)
{
return (s->shutdown);
}
+LSSL_ALIAS(SSL_get_shutdown);
int
SSL_version(const SSL *s)
{
return (s->version);
}
+LSSL_ALIAS(SSL_version);
SSL_CTX *
SSL_get_SSL_CTX(const SSL *ssl)
{
return (ssl->ctx);
}
+LSSL_ALIAS(SSL_get_SSL_CTX);
SSL_CTX *
SSL_set_SSL_CTX(SSL *ssl, SSL_CTX* ctx)
@@ -3133,12 +3278,14 @@ SSL_set_SSL_CTX(SSL *ssl, SSL_CTX* ctx)
return (ssl->ctx);
}
+LSSL_ALIAS(SSL_set_SSL_CTX);
int
SSL_CTX_set_default_verify_paths(SSL_CTX *ctx)
{
return (X509_STORE_set_default_paths(ctx->cert_store));
}
+LSSL_ALIAS(SSL_CTX_set_default_verify_paths);
int
SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
@@ -3146,18 +3293,21 @@ SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
{
return (X509_STORE_load_locations(ctx->cert_store, CAfile, CApath));
}
+LSSL_ALIAS(SSL_CTX_load_verify_locations);
int
SSL_CTX_load_verify_mem(SSL_CTX *ctx, void *buf, int len)
{
return (X509_STORE_load_mem(ctx->cert_store, buf, len));
}
+LSSL_ALIAS(SSL_CTX_load_verify_mem);
void
SSL_set_info_callback(SSL *ssl, void (*cb)(const SSL *ssl, int type, int val))
{
ssl->info_callback = cb;
}
+LSSL_ALIAS(SSL_set_info_callback);
void (*SSL_get_info_callback(const SSL *ssl))(const SSL *ssl, int type, int val)
{
@@ -3169,42 +3319,49 @@ SSL_state(const SSL *ssl)
{
return (ssl->s3->hs.state);
}
+LSSL_ALIAS(SSL_state);
void
SSL_set_state(SSL *ssl, int state)
{
ssl->s3->hs.state = state;
}
+LSSL_ALIAS(SSL_set_state);
void
SSL_set_verify_result(SSL *ssl, long arg)
{
ssl->verify_result = arg;
}
+LSSL_ALIAS(SSL_set_verify_result);
long
SSL_get_verify_result(const SSL *ssl)
{
return (ssl->verify_result);
}
+LSSL_ALIAS(SSL_get_verify_result);
int
SSL_verify_client_post_handshake(SSL *ssl)
{
return 0;
}
+LSSL_ALIAS(SSL_verify_client_post_handshake);
void
SSL_CTX_set_post_handshake_auth(SSL_CTX *ctx, int val)
{
return;
}
+LSSL_ALIAS(SSL_CTX_set_post_handshake_auth);
void
SSL_set_post_handshake_auth(SSL *ssl, int val)
{
return;
}
+LSSL_ALIAS(SSL_set_post_handshake_auth);
int
SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
@@ -3213,18 +3370,21 @@ SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
return (CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL, argl, argp,
new_func, dup_func, free_func));
}
+LSSL_ALIAS(SSL_get_ex_new_index);
int
SSL_set_ex_data(SSL *s, int idx, void *arg)
{
return (CRYPTO_set_ex_data(&s->ex_data, idx, arg));
}
+LSSL_ALIAS(SSL_set_ex_data);
void *
SSL_get_ex_data(const SSL *s, int idx)
{
return (CRYPTO_get_ex_data(&s->ex_data, idx));
}
+LSSL_ALIAS(SSL_get_ex_data);
int
SSL_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
@@ -3233,18 +3393,21 @@ SSL_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
return (CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX, argl, argp,
new_func, dup_func, free_func));
}
+LSSL_ALIAS(SSL_CTX_get_ex_new_index);
int
SSL_CTX_set_ex_data(SSL_CTX *s, int idx, void *arg)
{
return (CRYPTO_set_ex_data(&s->ex_data, idx, arg));
}
+LSSL_ALIAS(SSL_CTX_set_ex_data);
void *
SSL_CTX_get_ex_data(const SSL_CTX *s, int idx)
{
return (CRYPTO_get_ex_data(&s->ex_data, idx));
}
+LSSL_ALIAS(SSL_CTX_get_ex_data);
int
ssl_ok(SSL *s)
@@ -3257,6 +3420,7 @@ SSL_CTX_get_cert_store(const SSL_CTX *ctx)
{
return (ctx->cert_store);
}
+LSSL_ALIAS(SSL_CTX_get_cert_store);
void
SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *store)
@@ -3264,6 +3428,7 @@ SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *store)
X509_STORE_free(ctx->cert_store);
ctx->cert_store = store;
}
+LSSL_ALIAS(SSL_CTX_set_cert_store);
X509 *
SSL_CTX_get0_certificate(const SSL_CTX *ctx)
@@ -3273,6 +3438,7 @@ SSL_CTX_get0_certificate(const SSL_CTX *ctx)
return ctx->cert->key->x509;
}
+LSSL_ALIAS(SSL_CTX_get0_certificate);
EVP_PKEY *
SSL_CTX_get0_privatekey(const SSL_CTX *ctx)
@@ -3282,12 +3448,14 @@ SSL_CTX_get0_privatekey(const SSL_CTX *ctx)
return ctx->cert->key->privatekey;
}
+LSSL_ALIAS(SSL_CTX_get0_privatekey);
int
SSL_want(const SSL *s)
{
return (s->rwstate);
}
+LSSL_ALIAS(SSL_want);
void
SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx, RSA *(*cb)(SSL *ssl, int is_export,
@@ -3295,6 +3463,7 @@ SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx, RSA *(*cb)(SSL *ssl, int is_export,
{
SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_RSA_CB,(void (*)(void))cb);
}
+LSSL_ALIAS(SSL_CTX_set_tmp_rsa_callback);
void
SSL_set_tmp_rsa_callback(SSL *ssl, RSA *(*cb)(SSL *ssl, int is_export,
@@ -3302,6 +3471,7 @@ SSL_set_tmp_rsa_callback(SSL *ssl, RSA *(*cb)(SSL *ssl, int is_export,
{
SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_RSA_CB,(void (*)(void))cb);
}
+LSSL_ALIAS(SSL_set_tmp_rsa_callback);
void
SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx, DH *(*dh)(SSL *ssl, int is_export,
@@ -3309,6 +3479,7 @@ SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx, DH *(*dh)(SSL *ssl, int is_export,
{
SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_DH_CB,(void (*)(void))dh);
}
+LSSL_ALIAS(SSL_CTX_set_tmp_dh_callback);
void
SSL_set_tmp_dh_callback(SSL *ssl, DH *(*dh)(SSL *ssl, int is_export,
@@ -3316,6 +3487,7 @@ SSL_set_tmp_dh_callback(SSL *ssl, DH *(*dh)(SSL *ssl, int is_export,
{
SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_DH_CB,(void (*)(void))dh);
}
+LSSL_ALIAS(SSL_set_tmp_dh_callback);
void
SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx, EC_KEY *(*ecdh)(SSL *ssl,
@@ -3324,6 +3496,7 @@ SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx, EC_KEY *(*ecdh)(SSL *ssl,
SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_ECDH_CB,
(void (*)(void))ecdh);
}
+LSSL_ALIAS(SSL_CTX_set_tmp_ecdh_callback);
void
SSL_set_tmp_ecdh_callback(SSL *ssl, EC_KEY *(*ecdh)(SSL *ssl, int is_export,
@@ -3331,6 +3504,7 @@ SSL_set_tmp_ecdh_callback(SSL *ssl, EC_KEY *(*ecdh)(SSL *ssl, int is_export,
{
SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_ECDH_CB,(void (*)(void))ecdh);
}
+LSSL_ALIAS(SSL_set_tmp_ecdh_callback);
void
@@ -3340,6 +3514,7 @@ SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int version,
SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_MSG_CALLBACK,
(void (*)(void))cb);
}
+LSSL_ALIAS(SSL_CTX_set_msg_callback);
void
SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version,
@@ -3347,24 +3522,28 @@ SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version,
{
SSL_callback_ctrl(ssl, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb);
}
+LSSL_ALIAS(SSL_set_msg_callback);
void
SSL_set_debug(SSL *s, int debug)
{
s->debug = debug;
}
+LSSL_ALIAS(SSL_set_debug);
int
SSL_cache_hit(SSL *s)
{
return (s->hit);
}
+LSSL_ALIAS(SSL_cache_hit);
int
SSL_CTX_get_min_proto_version(SSL_CTX *ctx)
{
return ctx->min_proto_version;
}
+LSSL_ALIAS(SSL_CTX_get_min_proto_version);
int
SSL_CTX_set_min_proto_version(SSL_CTX *ctx, uint16_t version)
@@ -3373,12 +3552,14 @@ SSL_CTX_set_min_proto_version(SSL_CTX *ctx, uint16_t version)
ctx->max_tls_version, &ctx->min_tls_version,
&ctx->min_proto_version);
}
+LSSL_ALIAS(SSL_CTX_set_min_proto_version);
int
SSL_CTX_get_max_proto_version(SSL_CTX *ctx)
{
return ctx->max_proto_version;
}
+LSSL_ALIAS(SSL_CTX_get_max_proto_version);
int
SSL_CTX_set_max_proto_version(SSL_CTX *ctx, uint16_t version)
@@ -3387,12 +3568,14 @@ SSL_CTX_set_max_proto_version(SSL_CTX *ctx, uint16_t version)
ctx->min_tls_version, &ctx->max_tls_version,
&ctx->max_proto_version);
}
+LSSL_ALIAS(SSL_CTX_set_max_proto_version);
int
SSL_get_min_proto_version(SSL *ssl)
{
return ssl->min_proto_version;
}
+LSSL_ALIAS(SSL_get_min_proto_version);
int
SSL_set_min_proto_version(SSL *ssl, uint16_t version)
@@ -3401,11 +3584,13 @@ SSL_set_min_proto_version(SSL *ssl, uint16_t version)
ssl->max_tls_version, &ssl->min_tls_version,
&ssl->min_proto_version);
}
+LSSL_ALIAS(SSL_set_min_proto_version);
int
SSL_get_max_proto_version(SSL *ssl)
{
return ssl->max_proto_version;
}
+LSSL_ALIAS(SSL_get_max_proto_version);
int
SSL_set_max_proto_version(SSL *ssl, uint16_t version)
@@ -3414,42 +3599,49 @@ SSL_set_max_proto_version(SSL *ssl, uint16_t version)
ssl->min_tls_version, &ssl->max_tls_version,
&ssl->max_proto_version);
}
+LSSL_ALIAS(SSL_set_max_proto_version);
const SSL_METHOD *
SSL_CTX_get_ssl_method(const SSL_CTX *ctx)
{
return ctx->method;
}
+LSSL_ALIAS(SSL_CTX_get_ssl_method);
int
SSL_CTX_get_security_level(const SSL_CTX *ctx)
{
return ctx->cert->security_level;
}
+LSSL_ALIAS(SSL_CTX_get_security_level);
void
SSL_CTX_set_security_level(SSL_CTX *ctx, int level)
{
ctx->cert->security_level = level;
}
+LSSL_ALIAS(SSL_CTX_set_security_level);
int
SSL_get_security_level(const SSL *ssl)
{
return ssl->cert->security_level;
}
+LSSL_ALIAS(SSL_get_security_level);
void
SSL_set_security_level(SSL *ssl, int level)
{
ssl->cert->security_level = level;
}
+LSSL_ALIAS(SSL_set_security_level);
int
SSL_is_quic(const SSL *ssl)
{
return ssl->quic_method != NULL;
}
+LSSL_ALIAS(SSL_is_quic);
int
SSL_set_quic_transport_params(SSL *ssl, const uint8_t *params,
@@ -3468,6 +3660,7 @@ SSL_set_quic_transport_params(SSL *ssl, const uint8_t *params,
return 1;
}
+LSSL_ALIAS(SSL_set_quic_transport_params);
void
SSL_get_peer_quic_transport_params(const SSL *ssl, const uint8_t **out_params,
@@ -3476,12 +3669,14 @@ SSL_get_peer_quic_transport_params(const SSL *ssl, const uint8_t **out_params,
*out_params = ssl->s3->peer_quic_transport_params;
*out_params_len = ssl->s3->peer_quic_transport_params_len;
}
+LSSL_ALIAS(SSL_get_peer_quic_transport_params);
void
SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy)
{
/* Not supported. */
}
+LSSL_ALIAS(SSL_set_quic_use_legacy_codepoint);
static int
ssl_cipher_id_cmp_BSEARCH_CMP_FN(const void *a_, const void *b_)
diff --git a/lib/libssl/ssl_methods.c b/lib/libssl/ssl_methods.c
index 8e89ef632e2..ca80da62fda 100644
--- a/lib/libssl/ssl_methods.c
+++ b/lib/libssl/ssl_methods.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_methods.c,v 1.30 2023/07/06 07:56:32 beck Exp $ */
+/* $OpenBSD: ssl_methods.c,v 1.31 2023/07/08 16:40:13 beck Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -191,54 +191,63 @@ DTLSv1_client_method(void)
{
return &DTLSv1_client_method_data;
}
+LSSL_ALIAS(DTLSv1_client_method);
const SSL_METHOD *
DTLSv1_method(void)
{
return &DTLSv1_method_data;
}
+LSSL_ALIAS(DTLSv1_method);
const SSL_METHOD *
DTLSv1_server_method(void)
{
return &DTLSv1_method_data;
}
+LSSL_ALIAS(DTLSv1_server_method);
const SSL_METHOD *
DTLSv1_2_client_method(void)
{
return &DTLSv1_2_client_method_data;
}
+LSSL_ALIAS(DTLSv1_2_client_method);
const SSL_METHOD *
DTLSv1_2_method(void)
{
return &DTLSv1_2_method_data;
}
+LSSL_ALIAS(DTLSv1_2_method);
const SSL_METHOD *
DTLSv1_2_server_method(void)
{
return &DTLSv1_2_method_data;
}
+LSSL_ALIAS(DTLSv1_2_server_method);
const SSL_METHOD *
DTLS_client_method(void)
{
return &DTLS_client_method_data;
}
+LSSL_ALIAS(DTLS_client_method);
const SSL_METHOD *
DTLS_method(void)
{
return &DTLS_method_data;
}
+LSSL_ALIAS(DTLS_method);
const SSL_METHOD *
DTLS_server_method(void)
{
return &DTLS_method_data;
}
+LSSL_ALIAS(DTLS_server_method);
static const SSL_METHOD TLS_method_data = {
.dtls = 0,
@@ -434,18 +443,21 @@ TLS_client_method(void)
{
return (&TLS_client_method_data);
}
+LSSL_ALIAS(TLS_client_method);
const SSL_METHOD *
TLS_method(void)
{
return (&TLS_method_data);
}
+LSSL_ALIAS(TLS_method);
const SSL_METHOD *
TLS_server_method(void)
{
return TLS_method();
}
+LSSL_ALIAS(TLS_server_method);
const SSL_METHOD *
tls_legacy_method(void)
@@ -458,72 +470,84 @@ SSLv23_client_method(void)
{
return TLS_client_method();
}
+LSSL_ALIAS(SSLv23_client_method);
const SSL_METHOD *
SSLv23_method(void)
{
return TLS_method();
}
+LSSL_ALIAS(SSLv23_method);
const SSL_METHOD *
SSLv23_server_method(void)
{
return TLS_method();
}
+LSSL_ALIAS(SSLv23_server_method);
const SSL_METHOD *
TLSv1_client_method(void)
{
return (&TLSv1_client_method_data);
}
+LSSL_ALIAS(TLSv1_client_method);
const SSL_METHOD *
TLSv1_method(void)
{
return (&TLSv1_method_data);
}
+LSSL_ALIAS(TLSv1_method);
const SSL_METHOD *
TLSv1_server_method(void)
{
return (&TLSv1_method_data);
}
+LSSL_ALIAS(TLSv1_server_method);
const SSL_METHOD *
TLSv1_1_client_method(void)
{
return (&TLSv1_1_client_method_data);
}
+LSSL_ALIAS(TLSv1_1_client_method);
const SSL_METHOD *
TLSv1_1_method(void)
{
return (&TLSv1_1_method_data);
}
+LSSL_ALIAS(TLSv1_1_method);
const SSL_METHOD *
TLSv1_1_server_method(void)
{
return (&TLSv1_1_method_data);
}
+LSSL_ALIAS(TLSv1_1_server_method);
const SSL_METHOD *
TLSv1_2_client_method(void)
{
return (&TLSv1_2_client_method_data);
}
+LSSL_ALIAS(TLSv1_2_client_method);
const SSL_METHOD *
TLSv1_2_method(void)
{
return (&TLSv1_2_method_data);
}
+LSSL_ALIAS(TLSv1_2_method);
const SSL_METHOD *
TLSv1_2_server_method(void)
{
return (&TLSv1_2_method_data);
}
+LSSL_ALIAS(TLSv1_2_server_method);
const SSL_METHOD *
ssl_get_method(uint16_t version)
diff --git a/lib/libssl/ssl_rsa.c b/lib/libssl/ssl_rsa.c
index f84315ba3e1..68137bc5fb5 100644
--- a/lib/libssl/ssl_rsa.c
+++ b/lib/libssl/ssl_rsa.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_rsa.c,v 1.49 2022/11/26 16:08:56 tb Exp $ */
+/* $OpenBSD: ssl_rsa.c,v 1.50 2023/07/08 16:40:13 beck Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -83,6 +83,7 @@ SSL_use_certificate(SSL *ssl, X509 *x)
}
return ssl_set_cert(NULL, ssl, x);
}
+LSSL_ALIAS(SSL_use_certificate);
int
SSL_use_certificate_file(SSL *ssl, const char *file, int type)
@@ -126,6 +127,7 @@ SSL_use_certificate_file(SSL *ssl, const char *file, int type)
BIO_free(in);
return (ret);
}
+LSSL_ALIAS(SSL_use_certificate_file);
int
SSL_use_certificate_ASN1(SSL *ssl, const unsigned char *d, int len)
@@ -143,6 +145,7 @@ SSL_use_certificate_ASN1(SSL *ssl, const unsigned char *d, int len)
X509_free(x);
return (ret);
}
+LSSL_ALIAS(SSL_use_certificate_ASN1);
int
SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa)
@@ -166,6 +169,7 @@ SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa)
EVP_PKEY_free(pkey);
return (ret);
}
+LSSL_ALIAS(SSL_use_RSAPrivateKey);
static int
ssl_set_pkey(SSL_CTX *ctx, SSL *ssl, EVP_PKEY *pkey)
@@ -259,6 +263,7 @@ SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type)
BIO_free(in);
return (ret);
}
+LSSL_ALIAS(SSL_use_RSAPrivateKey_file);
int
SSL_use_RSAPrivateKey_ASN1(SSL *ssl, const unsigned char *d, long len)
@@ -275,6 +280,7 @@ SSL_use_RSAPrivateKey_ASN1(SSL *ssl, const unsigned char *d, long len)
RSA_free(rsa);
return (ret);
}
+LSSL_ALIAS(SSL_use_RSAPrivateKey_ASN1);
int
SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey)
@@ -288,6 +294,7 @@ SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey)
ret = ssl_set_pkey(NULL, ssl, pkey);
return (ret);
}
+LSSL_ALIAS(SSL_use_PrivateKey);
int
SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type)
@@ -328,6 +335,7 @@ SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type)
BIO_free(in);
return (ret);
}
+LSSL_ALIAS(SSL_use_PrivateKey_file);
int
SSL_use_PrivateKey_ASN1(int type, SSL *ssl, const unsigned char *d, long len)
@@ -344,6 +352,7 @@ SSL_use_PrivateKey_ASN1(int type, SSL *ssl, const unsigned char *d, long len)
EVP_PKEY_free(pkey);
return (ret);
}
+LSSL_ALIAS(SSL_use_PrivateKey_ASN1);
int
SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x)
@@ -354,6 +363,7 @@ SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x)
}
return ssl_set_cert(ctx, NULL, x);
}
+LSSL_ALIAS(SSL_CTX_use_certificate);
static int
ssl_get_password_cb_and_arg(SSL_CTX *ctx, SSL *ssl,
@@ -475,6 +485,7 @@ SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type)
BIO_free(in);
return (ret);
}
+LSSL_ALIAS(SSL_CTX_use_certificate_file);
int
SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, const unsigned char *d)
@@ -492,6 +503,7 @@ SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, const unsigned char *d)
X509_free(x);
return (ret);
}
+LSSL_ALIAS(SSL_CTX_use_certificate_ASN1);
int
SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa)
@@ -515,6 +527,7 @@ SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa)
EVP_PKEY_free(pkey);
return (ret);
}
+LSSL_ALIAS(SSL_CTX_use_RSAPrivateKey);
int
SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type)
@@ -555,6 +568,7 @@ SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type)
BIO_free(in);
return (ret);
}
+LSSL_ALIAS(SSL_CTX_use_RSAPrivateKey_file);
int
SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, const unsigned char *d, long len)
@@ -571,6 +585,7 @@ SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, const unsigned char *d, long len)
RSA_free(rsa);
return (ret);
}
+LSSL_ALIAS(SSL_CTX_use_RSAPrivateKey_ASN1);
int
SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey)
@@ -581,6 +596,7 @@ SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey)
}
return ssl_set_pkey(ctx, NULL, pkey);
}
+LSSL_ALIAS(SSL_CTX_use_PrivateKey);
int
SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type)
@@ -621,6 +637,7 @@ SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type)
BIO_free(in);
return (ret);
}
+LSSL_ALIAS(SSL_CTX_use_PrivateKey_file);
int
SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx, const unsigned char *d,
@@ -638,6 +655,7 @@ SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx, const unsigned char *d,
EVP_PKEY_free(pkey);
return (ret);
}
+LSSL_ALIAS(SSL_CTX_use_PrivateKey_ASN1);
/*
@@ -721,12 +739,14 @@ SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file)
{
return ssl_use_certificate_chain_file(ctx, NULL, file);
}
+LSSL_ALIAS(SSL_CTX_use_certificate_chain_file);
int
SSL_use_certificate_chain_file(SSL *ssl, const char *file)
{
return ssl_use_certificate_chain_file(NULL, ssl, file);
}
+LSSL_ALIAS(SSL_use_certificate_chain_file);
int
SSL_CTX_use_certificate_chain_mem(SSL_CTX *ctx, void *buf, int len)
@@ -746,3 +766,4 @@ SSL_CTX_use_certificate_chain_mem(SSL_CTX *ctx, void *buf, int len)
BIO_free(in);
return (ret);
}
+LSSL_ALIAS(SSL_CTX_use_certificate_chain_mem);
diff --git a/lib/libssl/ssl_sess.c b/lib/libssl/ssl_sess.c
index 5847a43dcd7..aa6b08eae65 100644
--- a/lib/libssl/ssl_sess.c
+++ b/lib/libssl/ssl_sess.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_sess.c,v 1.121 2022/11/26 16:08:56 tb Exp $ */
+/* $OpenBSD: ssl_sess.c,v 1.122 2023/07/08 16:40:13 beck Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -154,6 +154,7 @@ SSL_get_session(const SSL *ssl)
{
return (ssl->session);
}
+LSSL_ALIAS(SSL_get_session);
/* variant of SSL_get_session: caller really gets something */
SSL_SESSION *
@@ -174,6 +175,7 @@ SSL_get1_session(SSL *ssl)
return (sess);
}
+LSSL_ALIAS(SSL_get1_session);
int
SSL_SESSION_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
@@ -182,30 +184,35 @@ SSL_SESSION_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_SESSION,
argl, argp, new_func, dup_func, free_func);
}
+LSSL_ALIAS(SSL_SESSION_get_ex_new_index);
int
SSL_SESSION_set_ex_data(SSL_SESSION *s, int idx, void *arg)
{
return (CRYPTO_set_ex_data(&s->ex_data, idx, arg));
}
+LSSL_ALIAS(SSL_SESSION_set_ex_data);
void *
SSL_SESSION_get_ex_data(const SSL_SESSION *s, int idx)
{
return (CRYPTO_get_ex_data(&s->ex_data, idx));
}
+LSSL_ALIAS(SSL_SESSION_get_ex_data);
uint32_t
SSL_SESSION_get_max_early_data(const SSL_SESSION *s)
{
return 0;
}
+LSSL_ALIAS(SSL_SESSION_get_max_early_data);
int
SSL_SESSION_set_max_early_data(SSL_SESSION *s, uint32_t max_early_data)
{
return 1;
}
+LSSL_ALIAS(SSL_SESSION_set_max_early_data);
SSL_SESSION *
SSL_SESSION_new(void)
@@ -241,6 +248,7 @@ SSL_SESSION_new(void)
return (ss);
}
+LSSL_ALIAS(SSL_SESSION_new);
SSL_SESSION *
ssl_session_dup(SSL_SESSION *sess, int include_ticket)
@@ -354,6 +362,7 @@ SSL_SESSION_get_id(const SSL_SESSION *ss, unsigned int *len)
*len = (unsigned int)ss->session_id_length;
return ss->session_id;
}
+LSSL_ALIAS(SSL_SESSION_get_id);
const unsigned char *
SSL_SESSION_get0_id_context(const SSL_SESSION *ss, unsigned int *len)
@@ -362,24 +371,28 @@ SSL_SESSION_get0_id_context(const SSL_SESSION *ss, unsigned int *len)
*len = (unsigned int)ss->sid_ctx_length;
return ss->sid_ctx;
}
+LSSL_ALIAS(SSL_SESSION_get0_id_context);
unsigned int
SSL_SESSION_get_compress_id(const SSL_SESSION *ss)
{
return 0;
}
+LSSL_ALIAS(SSL_SESSION_get_compress_id);
unsigned long
SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION *s)
{
return s->tlsext_tick_lifetime_hint;
}
+LSSL_ALIAS(SSL_SESSION_get_ticket_lifetime_hint);
int
SSL_SESSION_has_ticket(const SSL_SESSION *s)
{
return (s->tlsext_ticklen > 0) ? 1 : 0;
}
+LSSL_ALIAS(SSL_SESSION_has_ticket);
/*
* SSLv3/TLSv1 has 32 bytes (256 bits) of session ID space. As such, filling
@@ -815,12 +828,14 @@ SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c)
CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
return (ret);
}
+LSSL_ALIAS(SSL_CTX_add_session);
int
SSL_CTX_remove_session(SSL_CTX *ctx, SSL_SESSION *c)
{
return remove_session_lock(ctx, c, 1);
}
+LSSL_ALIAS(SSL_CTX_remove_session);
static int
remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck)
@@ -881,6 +896,7 @@ SSL_SESSION_free(SSL_SESSION *ss)
freezero(ss, sizeof(*ss));
}
+LSSL_ALIAS(SSL_SESSION_free);
int
SSL_SESSION_up_ref(SSL_SESSION *ss)
@@ -888,6 +904,7 @@ SSL_SESSION_up_ref(SSL_SESSION *ss)
int refs = CRYPTO_add(&ss->references, 1, CRYPTO_LOCK_SSL_SESSION);
return (refs > 1) ? 1 : 0;
}
+LSSL_ALIAS(SSL_SESSION_up_ref);
int
SSL_set_session(SSL *s, SSL_SESSION *session)
@@ -916,6 +933,7 @@ SSL_set_session(SSL *s, SSL_SESSION *session)
return (1);
}
+LSSL_ALIAS(SSL_set_session);
size_t
SSL_SESSION_get_master_key(const SSL_SESSION *ss, unsigned char *out,
@@ -933,6 +951,7 @@ SSL_SESSION_get_master_key(const SSL_SESSION *ss, unsigned char *out,
return len;
}
+LSSL_ALIAS(SSL_SESSION_get_master_key);
long
SSL_SESSION_set_timeout(SSL_SESSION *s, long t)
@@ -942,6 +961,7 @@ SSL_SESSION_set_timeout(SSL_SESSION *s, long t)
s->timeout = t;
return (1);
}
+LSSL_ALIAS(SSL_SESSION_set_timeout);
long
SSL_SESSION_get_timeout(const SSL_SESSION *s)
@@ -950,6 +970,7 @@ SSL_SESSION_get_timeout(const SSL_SESSION *s)
return (0);
return (s->timeout);
}
+LSSL_ALIAS(SSL_SESSION_get_timeout);
/* XXX 2038 */
long
@@ -959,6 +980,7 @@ SSL_SESSION_get_time(const SSL_SESSION *s)
return (0);
return (s->time);
}
+LSSL_ALIAS(SSL_SESSION_get_time);
/* XXX 2038 */
long
@@ -969,24 +991,28 @@ SSL_SESSION_set_time(SSL_SESSION *s, long t)
s->time = t;
return (t);
}
+LSSL_ALIAS(SSL_SESSION_set_time);
int
SSL_SESSION_get_protocol_version(const SSL_SESSION *s)
{
return s->ssl_version;
}
+LSSL_ALIAS(SSL_SESSION_get_protocol_version);
const SSL_CIPHER *
SSL_SESSION_get0_cipher(const SSL_SESSION *s)
{
return s->cipher;
}
+LSSL_ALIAS(SSL_SESSION_get0_cipher);
X509 *
SSL_SESSION_get0_peer(SSL_SESSION *s)
{
return s->peer_cert;
}
+LSSL_ALIAS(SSL_SESSION_get0_peer);
int
SSL_SESSION_set1_id(SSL_SESSION *s, const unsigned char *sid,
@@ -1000,6 +1026,7 @@ SSL_SESSION_set1_id(SSL_SESSION *s, const unsigned char *sid,
memmove(s->session_id, sid, sid_len);
return 1;
}
+LSSL_ALIAS(SSL_SESSION_set1_id);
int
SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx,
@@ -1014,12 +1041,14 @@ SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx,
return 1;
}
+LSSL_ALIAS(SSL_SESSION_set1_id_context);
int
SSL_SESSION_is_resumable(const SSL_SESSION *s)
{
return 0;
}
+LSSL_ALIAS(SSL_SESSION_is_resumable);
long
SSL_CTX_set_timeout(SSL_CTX *s, long t)
@@ -1033,6 +1062,7 @@ SSL_CTX_set_timeout(SSL_CTX *s, long t)
return (l);
}
+LSSL_ALIAS(SSL_CTX_set_timeout);
long
SSL_CTX_get_timeout(const SSL_CTX *s)
@@ -1041,6 +1071,7 @@ SSL_CTX_get_timeout(const SSL_CTX *s)
return (0);
return (s->session_timeout);
}
+LSSL_ALIAS(SSL_CTX_get_timeout);
int
SSL_set_session_secret_cb(SSL *s, int (*tls_session_secret_cb)(SSL *s,
@@ -1053,6 +1084,7 @@ SSL_set_session_secret_cb(SSL *s, int (*tls_session_secret_cb)(SSL *s,
s->tls_session_secret_cb_arg = arg;
return (1);
}
+LSSL_ALIAS(SSL_set_session_secret_cb);
int
SSL_set_session_ticket_ext_cb(SSL *s, tls_session_ticket_ext_cb_fn cb,
@@ -1064,6 +1096,7 @@ SSL_set_session_ticket_ext_cb(SSL *s, tls_session_ticket_ext_cb_fn cb,
s->tls_session_ticket_ext_cb_arg = arg;
return (1);
}
+LSSL_ALIAS(SSL_set_session_ticket_ext_cb);
int
SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len)
@@ -1093,6 +1126,7 @@ SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len)
return 0;
}
+LSSL_ALIAS(SSL_set_session_ticket_ext);
typedef struct timeout_param_st {
SSL_CTX *ctx;
@@ -1145,6 +1179,7 @@ SSL_CTX_flush_sessions(SSL_CTX *s, long t)
CHECKED_LHASH_OF(SSL_SESSION, tp.cache)->down_load = i;
CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
}
+LSSL_ALIAS(SSL_CTX_flush_sessions);
int
ssl_clear_bad_session(SSL *s)
@@ -1214,12 +1249,14 @@ SSL_CTX_sess_set_new_cb(SSL_CTX *ctx,
int (*cb)(struct ssl_st *ssl, SSL_SESSION *sess)) {
ctx->new_session_cb = cb;
}
+LSSL_ALIAS(SSL_CTX_sess_set_new_cb);
int
(*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx))(SSL *ssl, SSL_SESSION *sess)
{
return ctx->new_session_cb;
}
+LSSL_ALIAS(SSL_CTX_sess_get_new_cb);
void
SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx,
@@ -1227,12 +1264,14 @@ SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx,
{
ctx->remove_session_cb = cb;
}
+LSSL_ALIAS(SSL_CTX_sess_set_remove_cb);
void
(*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx))(SSL_CTX * ctx, SSL_SESSION *sess)
{
return ctx->remove_session_cb;
}
+LSSL_ALIAS(SSL_CTX_sess_get_remove_cb);
void
SSL_CTX_sess_set_get_cb(SSL_CTX *ctx, SSL_SESSION *(*cb)(struct ssl_st *ssl,
@@ -1240,6 +1279,7 @@ SSL_CTX_sess_set_get_cb(SSL_CTX *ctx, SSL_SESSION *(*cb)(struct ssl_st *ssl,
{
ctx->get_session_cb = cb;
}
+LSSL_ALIAS(SSL_CTX_sess_set_get_cb);
SSL_SESSION *
(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx))(SSL *ssl, const unsigned char *data,
@@ -1247,6 +1287,7 @@ SSL_SESSION *
{
return ctx->get_session_cb;
}
+LSSL_ALIAS(SSL_CTX_sess_get_get_cb);
void
SSL_CTX_set_info_callback(SSL_CTX *ctx,
@@ -1254,12 +1295,14 @@ SSL_CTX_set_info_callback(SSL_CTX *ctx,
{
ctx->info_callback = cb;
}
+LSSL_ALIAS(SSL_CTX_set_info_callback);
void
(*SSL_CTX_get_info_callback(SSL_CTX *ctx))(const SSL *ssl, int type, int val)
{
return ctx->info_callback;
}
+LSSL_ALIAS(SSL_CTX_get_info_callback);
void
SSL_CTX_set_client_cert_cb(SSL_CTX *ctx,
@@ -1267,6 +1310,7 @@ SSL_CTX_set_client_cert_cb(SSL_CTX *ctx,
{
ctx->client_cert_cb = cb;
}
+LSSL_ALIAS(SSL_CTX_set_client_cert_cb);
int
(*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx))(SSL * ssl, X509 ** x509,
@@ -1274,6 +1318,7 @@ int
{
return ctx->client_cert_cb;
}
+LSSL_ALIAS(SSL_CTX_get_client_cert_cb);
#ifndef OPENSSL_NO_ENGINE
int
@@ -1291,6 +1336,7 @@ SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e)
ctx->client_cert_engine = e;
return 1;
}
+LSSL_ALIAS(SSL_CTX_set_client_cert_engine);
#endif
void
@@ -1299,6 +1345,7 @@ SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx,
{
ctx->app_gen_cookie_cb = cb;
}
+LSSL_ALIAS(SSL_CTX_set_cookie_generate_cb);
void
SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx,
@@ -1306,6 +1353,7 @@ SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx,
{
ctx->app_verify_cookie_cb = cb;
}
+LSSL_ALIAS(SSL_CTX_set_cookie_verify_cb);
int
PEM_write_SSL_SESSION(FILE *fp, SSL_SESSION *x)
@@ -1313,6 +1361,7 @@ PEM_write_SSL_SESSION(FILE *fp, SSL_SESSION *x)
return PEM_ASN1_write((i2d_of_void *)i2d_SSL_SESSION,
PEM_STRING_SSL_SESSION, fp, x, NULL, NULL, 0, NULL, NULL);
}
+LSSL_ALIAS(PEM_write_SSL_SESSION);
SSL_SESSION *
PEM_read_SSL_SESSION(FILE *fp, SSL_SESSION **x, pem_password_cb *cb, void *u)
@@ -1320,6 +1369,7 @@ PEM_read_SSL_SESSION(FILE *fp, SSL_SESSION **x, pem_password_cb *cb, void *u)
return PEM_ASN1_read((d2i_of_void *)d2i_SSL_SESSION,
PEM_STRING_SSL_SESSION, fp, (void **)x, cb, u);
}
+LSSL_ALIAS(PEM_read_SSL_SESSION);
SSL_SESSION *
PEM_read_bio_SSL_SESSION(BIO *bp, SSL_SESSION **x, pem_password_cb *cb, void *u)
@@ -1327,6 +1377,7 @@ PEM_read_bio_SSL_SESSION(BIO *bp, SSL_SESSION **x, pem_password_cb *cb, void *u)
return PEM_ASN1_read_bio((d2i_of_void *)d2i_SSL_SESSION,
PEM_STRING_SSL_SESSION, bp, (void **)x, cb, u);
}
+LSSL_ALIAS(PEM_read_bio_SSL_SESSION);
int
PEM_write_bio_SSL_SESSION(BIO *bp, SSL_SESSION *x)
@@ -1334,3 +1385,4 @@ PEM_write_bio_SSL_SESSION(BIO *bp, SSL_SESSION *x)
return PEM_ASN1_write_bio((i2d_of_void *)i2d_SSL_SESSION,
PEM_STRING_SSL_SESSION, bp, x, NULL, NULL, 0, NULL, NULL);
}
+LSSL_ALIAS(PEM_write_bio_SSL_SESSION);
diff --git a/lib/libssl/ssl_srvr.c b/lib/libssl/ssl_srvr.c
index 8edbf77156e..a518e1ac919 100644
--- a/lib/libssl/ssl_srvr.c
+++ b/lib/libssl/ssl_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_srvr.c,v 1.155 2023/06/11 19:01:01 tb Exp $ */
+/* $OpenBSD: ssl_srvr.c,v 1.156 2023/07/08 16:40:13 beck Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -1832,8 +1832,10 @@ ssl3_get_client_kex_gost(SSL *s, CBS *cbs)
CBS gostblob;
/* Get our certificate private key*/
+#ifndef OPENSSL_NO_GOST
if ((s->s3->hs.cipher->algorithm_auth & SSL_aGOST01) != 0)
pkey = s->cert->pkeys[SSL_PKEY_GOST01].privatekey;
+#endif
if ((pkey_ctx = EVP_PKEY_CTX_new(pkey, NULL)) == NULL)
goto err;
@@ -2047,6 +2049,7 @@ ssl3_get_cert_verify(SSL *s)
al = SSL_AD_INTERNAL_ERROR;
goto fatal_err;
}
+#ifndef OPENSSL_NO_GOST
if (sigalg->key_type == EVP_PKEY_GOSTR01 &&
EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_VERIFY,
EVP_PKEY_CTRL_GOST_SIG_FORMAT, GOST_SIG_FORMAT_RS_LE,
@@ -2054,6 +2057,7 @@ ssl3_get_cert_verify(SSL *s)
al = SSL_AD_INTERNAL_ERROR;
goto fatal_err;
}
+#endif
if (EVP_DigestVerify(mctx, CBS_data(&signature),
CBS_len(&signature), hdata, hdatalen) <= 0) {
SSLerror(s, ERR_R_EVP_LIB);
diff --git a/lib/libssl/ssl_stat.c b/lib/libssl/ssl_stat.c
index b423033e43d..803b83bb9f7 100644
--- a/lib/libssl/ssl_stat.c
+++ b/lib/libssl/ssl_stat.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_stat.c,v 1.20 2022/11/26 16:08:56 tb Exp $ */
+/* $OpenBSD: ssl_stat.c,v 1.21 2023/07/08 16:40:13 beck Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -319,6 +319,7 @@ SSL_state_string_long(const SSL *s)
}
return (str);
}
+LSSL_ALIAS(SSL_state_string_long);
const char *
SSL_rstate_string_long(const SSL *s)
@@ -341,6 +342,7 @@ SSL_rstate_string_long(const SSL *s)
}
return (str);
}
+LSSL_ALIAS(SSL_rstate_string_long);
const char *
SSL_state_string(const SSL *s)
@@ -547,6 +549,7 @@ SSL_state_string(const SSL *s)
}
return (str);
}
+LSSL_ALIAS(SSL_state_string);
const char *
SSL_alert_type_string_long(int value)
@@ -559,6 +562,7 @@ SSL_alert_type_string_long(int value)
else
return ("unknown");
}
+LSSL_ALIAS(SSL_alert_type_string_long);
const char *
SSL_alert_type_string(int value)
@@ -571,6 +575,7 @@ SSL_alert_type_string(int value)
else
return ("U");
}
+LSSL_ALIAS(SSL_alert_type_string);
const char *
SSL_alert_desc_string(int value)
@@ -668,6 +673,7 @@ SSL_alert_desc_string(int value)
}
return (str);
}
+LSSL_ALIAS(SSL_alert_desc_string);
const char *
SSL_alert_desc_string_long(int value)
@@ -765,6 +771,7 @@ SSL_alert_desc_string_long(int value)
}
return (str);
}
+LSSL_ALIAS(SSL_alert_desc_string_long);
const char *
SSL_rstate_string(const SSL *s)
@@ -787,3 +794,4 @@ SSL_rstate_string(const SSL *s)
}
return (str);
}
+LSSL_ALIAS(SSL_rstate_string);
diff --git a/lib/libssl/ssl_txt.c b/lib/libssl/ssl_txt.c
index 270e60a3891..ee3d218d68a 100644
--- a/lib/libssl/ssl_txt.c
+++ b/lib/libssl/ssl_txt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_txt.c,v 1.36 2022/11/26 16:08:56 tb Exp $ */
+/* $OpenBSD: ssl_txt.c,v 1.37 2023/07/08 16:40:13 beck Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -103,6 +103,7 @@ SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *x)
BIO_free(b);
return ret;
}
+LSSL_ALIAS(SSL_SESSION_print_fp);
int
SSL_SESSION_print(BIO *bp, const SSL_SESSION *x)
@@ -197,3 +198,4 @@ SSL_SESSION_print(BIO *bp, const SSL_SESSION *x)
err:
return ret;
}
+LSSL_ALIAS(SSL_SESSION_print);
diff --git a/lib/libssl/tls12_record_layer.c b/lib/libssl/tls12_record_layer.c
index 59f5d324522..e0601363f6b 100644
--- a/lib/libssl/tls12_record_layer.c
+++ b/lib/libssl/tls12_record_layer.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls12_record_layer.c,v 1.38 2022/11/26 16:08:56 tb Exp $ */
+/* $OpenBSD: tls12_record_layer.c,v 1.39 2023/07/08 16:40:13 beck Exp $ */
/*
* Copyright (c) 2020 Joel Sing <jsing@openbsd.org>
*
@@ -485,6 +485,8 @@ tls12_record_layer_ccs_cipher(struct tls12_record_layer *rl,
if (EVP_CIPHER_key_length(rl->cipher) != CBS_len(key))
goto err;
+#ifndef OPENSSL_NO_GOST
+ /* XXX die die die
/* Special handling for GOST... */
if (EVP_MD_type(rl->mac_hash) == NID_id_Gost28147_89_MAC) {
if (CBS_len(mac_key) != 32)
@@ -492,11 +494,14 @@ tls12_record_layer_ccs_cipher(struct tls12_record_layer *rl,
mac_type = EVP_PKEY_GOSTIMIT;
rp->stream_mac = 1;
} else {
+#endif
if (CBS_len(mac_key) > INT_MAX)
goto err;
if (EVP_MD_size(rl->mac_hash) != CBS_len(mac_key))
goto err;
+#ifndef OPENSSL_NO_GOST
}
+#endif
if ((rp->cipher_ctx = EVP_CIPHER_CTX_new()) == NULL)
goto err;