src - OpenBSD base system

diff options


context:
space:
mode:

author	Joel Sing <jsing@cvs.openbsd.org>	2015-09-11 16:28:38 +0000
committer	Joel Sing <jsing@cvs.openbsd.org>	2015-09-11 16:28:38 +0000
commit	acc35fa184ff317e0553b2541554c78b23514920 (patch)
tree	e41db2d6b31739193c7b77acb1f0016842771dc1 /lib
parent	dfe7e5662dabc0340b21e01c2945741b18abecac (diff)

Replace dtls1_send_finished() with ssl3_send_finished() - they're now

both essentially the same (in fact DTLS benefits from improvements previously made to the ssl3_send_finished() function). ok beck@

Diffstat (limited to 'lib')

-rw-r--r--

lib/libssl/src/ssl/d1_both.c

-rw-r--r--

lib/libssl/src/ssl/d1_clnt.c

-rw-r--r--

lib/libssl/src/ssl/d1_srvr.c

-rw-r--r--

lib/libssl/src/ssl/ssl_locl.h

4 files changed, 6 insertions, 48 deletions

diff --git a/lib/libssl/src/ssl/d1_both.c b/lib/libssl/src/ssl/d1_both.c
index 4d2827a2c0b..dd67028a38d 100644
--- a/lib/libssl/src/ssl/d1_both.c
+++ b/lib/libssl/src/ssl/d1_both.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: d1_both.c,v 1.36 2015/09/11 15:59:21 jsing Exp $ */

+/* $OpenBSD: d1_both.c,v 1.37 2015/09/11 16:28:37 jsing Exp $ */

* DTLS implementation written by Nagendra Modadugu

* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.

@@ -902,47 +902,6 @@ f_err:

return (-1);

}

-int

-dtls1_send_finished(SSL *s, int a, int b, const char *sender, int slen)

- unsigned char *p;

- int i;

- unsigned long l;

- if (s->state == a) {

- p = ssl3_handshake_msg_start(s, SSL3_MT_FINISHED);

- i = s->method->ssl3_enc->final_finish_mac(s, sender, slen,

- s->s3->tmp.finish_md);

- s->s3->tmp.finish_md_len = i;

- memcpy(p, s->s3->tmp.finish_md, i);

- p += i;

- l = i;

- /*

- * Copy the finished so we can use it for

- * renegotiation checks

- */

- if (s->type == SSL_ST_CONNECT) {

- OPENSSL_assert(i <= EVP_MAX_MD_SIZE);

- memcpy(s->s3->previous_client_finished,

- s->s3->tmp.finish_md, i);

- s->s3->previous_client_finished_len = i;

- } else {

- OPENSSL_assert(i <= EVP_MAX_MD_SIZE);

- memcpy(s->s3->previous_server_finished,

- s->s3->tmp.finish_md, i);

- s->s3->previous_server_finished_len = i;

- }

- ssl3_handshake_msg_finish(s, l);

- s->state = b;

- }

- return (ssl3_handshake_write(s));

* for these 2 messages, we need to

* ssl->enc_read_ctx re-init

diff --git a/lib/libssl/src/ssl/d1_clnt.c b/lib/libssl/src/ssl/d1_clnt.c
index 5a755c3bbef..f5745b1e7d6 100644
--- a/lib/libssl/src/ssl/d1_clnt.c
+++ b/lib/libssl/src/ssl/d1_clnt.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: d1_clnt.c,v 1.50 2015/09/10 17:57:50 jsing Exp $ */

+/* $OpenBSD: d1_clnt.c,v 1.51 2015/09/11 16:28:37 jsing Exp $ */

* DTLS implementation written by Nagendra Modadugu

* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.

@@ -457,7 +457,7 @@ dtls1_connect(SSL *s)

case SSL3_ST_CW_FINISHED_B:

if (!s->hit)

dtls1_start_timer(s);

- ret = dtls1_send_finished(s,

+ ret = ssl3_send_finished(s,

SSL3_ST_CW_FINISHED_A, SSL3_ST_CW_FINISHED_B,

s->method->ssl3_enc->client_finished_label,

s->method->ssl3_enc->client_finished_label_len);

diff --git a/lib/libssl/src/ssl/d1_srvr.c b/lib/libssl/src/ssl/d1_srvr.c
index e41c119b9c5..66f79c39536 100644
--- a/lib/libssl/src/ssl/d1_srvr.c
+++ b/lib/libssl/src/ssl/d1_srvr.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: d1_srvr.c,v 1.56 2015/09/10 17:57:50 jsing Exp $ */

+/* $OpenBSD: d1_srvr.c,v 1.57 2015/09/11 16:28:37 jsing Exp $ */

* DTLS implementation written by Nagendra Modadugu

* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.

@@ -584,7 +584,7 @@ dtls1_accept(SSL *s)

case SSL3_ST_SW_FINISHED_A:

case SSL3_ST_SW_FINISHED_B:

- ret = dtls1_send_finished(s,

+ ret = ssl3_send_finished(s,

SSL3_ST_SW_FINISHED_A, SSL3_ST_SW_FINISHED_B,

s->method->ssl3_enc->server_finished_label,

s->method->ssl3_enc->server_finished_label_len);

diff --git a/lib/libssl/src/ssl/ssl_locl.h b/lib/libssl/src/ssl/ssl_locl.h
index 8c8dec77b68..ea14ae03989 100644
--- a/lib/libssl/src/ssl/ssl_locl.h
+++ b/lib/libssl/src/ssl/ssl_locl.h

@@ -1,4 +1,4 @@

-/* $OpenBSD: ssl_locl.h,v 1.103 2015/09/02 17:59:15 jsing Exp $ */

+/* $OpenBSD: ssl_locl.h,v 1.104 2015/09/11 16:28:37 jsing Exp $ */

@@ -685,7 +685,6 @@ int dtls1_write_app_data_bytes(SSL *s, int type, const void *buf, int len);

int dtls1_write_bytes(SSL *s, int type, const void *buf, int len);

int dtls1_send_change_cipher_spec(SSL *s, int a, int b);

-int dtls1_send_finished(SSL *s, int a, int b, const char *sender, int slen);

unsigned long dtls1_output_cert_chain(SSL *s, X509 *x);

int dtls1_read_failed(SSL *s, int code);

int dtls1_buffer_message(SSL *s, int ccs);