summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
Diffstat (limited to 'lib')
-rw-r--r--lib/libssl/d1_enc.c31
-rw-r--r--lib/libssl/s3_clnt.c7
-rw-r--r--lib/libssl/s3_lib.c3
-rw-r--r--lib/libssl/ssl_ciph.c14
-rw-r--r--lib/libssl/t1_enc.c83
5 files changed, 0 insertions, 138 deletions
diff --git a/lib/libssl/d1_enc.c b/lib/libssl/d1_enc.c
index 1967e7a95e5..24b34b1e871 100644
--- a/lib/libssl/d1_enc.c
+++ b/lib/libssl/d1_enc.c
@@ -122,9 +122,6 @@
#include <openssl/hmac.h>
#include <openssl/md5.h>
#include <openssl/rand.h>
-#ifdef KSSL_DEBUG
-#include <openssl/des.h>
-#endif
/* dtls1_enc encrypts/decrypts the record in |s->wrec| / |s->rrec|, respectively.
*
@@ -177,9 +174,6 @@ dtls1_enc(SSL *s, int send)
enc = EVP_CIPHER_CTX_cipher(s->enc_read_ctx);
}
-#ifdef KSSL_DEBUG
- printf("dtls1_enc(%d)\n", send);
-#endif /* KSSL_DEBUG */
if ((s->session == NULL) || (ds == NULL) || (enc == NULL)) {
memmove(rec->data, rec->input, rec->length);
@@ -205,23 +199,6 @@ dtls1_enc(SSL *s, int send)
rec->length += i;
}
-#ifdef KSSL_DEBUG
- {
- unsigned long ui;
- printf("EVP_Cipher(ds=%p, rec->data=%p, rec->input=%p, l=%ld) ==>\n",
- ds, rec->data, rec->input, l);
- printf("\tEVP_CIPHER_CTX: %d buf_len, %d key_len [%d %d], %d iv_len\n",
- ds->buf_len, ds->cipher->key_len,
- DES_KEY_SZ, DES_SCHEDULE_SZ,
- ds->cipher->iv_len);
- printf("\t\tIV: ");
- for (i = 0; i<ds->cipher->iv_len; i++) printf("%02X", ds->iv[i]);
- printf("\n");
- printf("\trec->input=");
- for (ui = 0; ui<l; ui++) printf(" %02x", rec->input[ui]);
- printf("\n");
- }
-#endif /* KSSL_DEBUG */
if (!send) {
if (l == 0 || l % bs != 0)
@@ -230,14 +207,6 @@ dtls1_enc(SSL *s, int send)
EVP_Cipher(ds, rec->data, rec->input, l);
-#ifdef KSSL_DEBUG
- {
- unsigned long i;
- printf("\trec->data=");
- for (i = 0; i < l; i++)
- printf(" %02x", rec->data[i]); printf("\n");
- }
-#endif /* KSSL_DEBUG */
if ((bs != 1) && !send)
return tls1_cbc_remove_padding(s, rec, bs, mac_size);
diff --git a/lib/libssl/s3_clnt.c b/lib/libssl/s3_clnt.c
index 68817cd33a8..67e4d069c7a 100644
--- a/lib/libssl/s3_clnt.c
+++ b/lib/libssl/s3_clnt.c
@@ -1159,13 +1159,6 @@ ssl3_get_server_certificate(SSL *s)
(s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5))
? 0 : 1;
-#ifdef KSSL_DEBUG
- printf("pkey, x = %p, %p\n", pkey, x);
- printf("ssl_cert_type(x, pkey) = %d\n", ssl_cert_type(x, pkey));
- printf("cipher, alg, nc = %s, %lx, %lx, %d\n",
- s->s3->tmp.new_cipher->name, s->s3->tmp.new_cipher->algorithm_mkey,
- s->s3->tmp.new_cipher->algorithm_auth, need_cert);
-#endif /* KSSL_DEBUG */
if (need_cert && ((pkey == NULL) ||
EVP_PKEY_missing_parameters(pkey))) {
diff --git a/lib/libssl/s3_lib.c b/lib/libssl/s3_lib.c
index 293866afee3..7cdd1e2d89c 100644
--- a/lib/libssl/s3_lib.c
+++ b/lib/libssl/s3_lib.c
@@ -3081,9 +3081,6 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
emask_k = cert->export_mask_k;
emask_a = cert->export_mask_a;
-#ifdef KSSL_DEBUG
-/* printf("ssl3_choose_cipher %d alg= %lx\n", i,c->algorithms);*/
-#endif /* KSSL_DEBUG */
alg_k = c->algorithm_mkey;
alg_a = c->algorithm_auth;
diff --git a/lib/libssl/ssl_ciph.c b/lib/libssl/ssl_ciph.c
index a1523524a1e..77d8a3c79f3 100644
--- a/lib/libssl/ssl_ciph.c
+++ b/lib/libssl/ssl_ciph.c
@@ -792,9 +792,6 @@ CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p)
co_list[co_list_num].prev = NULL;
co_list[co_list_num].active = 0;
co_list_num++;
-#ifdef KSSL_DEBUG
- printf("\t%d: %s %lx %lx %lx\n", i, c->name, c->id, c->algorithm_mkey, c->algorithm_auth);
-#endif /* KSSL_DEBUG */
/*
if (!sk_push(ca_list,(char *)c)) goto err;
*/
@@ -1321,9 +1318,6 @@ ssl_create_cipher_list(const SSL_METHOD *ssl_method,
* it is used for allocation.
*/
num_of_ciphers = ssl_method->num_ciphers();
-#ifdef KSSL_DEBUG
- printf("ssl_create_cipher_list() for %d ciphers\n", num_of_ciphers);
-#endif /* KSSL_DEBUG */
co_list = reallocarray(NULL, num_of_ciphers, sizeof(CIPHER_ORDER));
if (co_list == NULL) {
SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
@@ -1468,11 +1462,7 @@ SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
const char *ver, *exp_str;
const char *kx, *au, *enc, *mac;
unsigned long alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl, alg2;
-#ifdef KSSL_DEBUG
- static const char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s AL=%lx/%lx/%lx/%lx/%lx\n";
-#else
static const char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s\n";
-#endif /* KSSL_DEBUG */
alg_mkey = cipher->algorithm_mkey;
alg_auth = cipher->algorithm_auth;
@@ -1636,11 +1626,7 @@ SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
} else if (len < 128)
return("Buffer too small");
-#ifdef KSSL_DEBUG
- l = snprintf(buf, len, format, cipher->name, ver, kx, au, enc, mac, exp_str, alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl);
-#else
l = snprintf(buf, len, format, cipher->name, ver, kx, au, enc, mac, exp_str);
-#endif /* KSSL_DEBUG */
if (l >= len || l == -1)
return("Buffer too small");
else
diff --git a/lib/libssl/t1_enc.c b/lib/libssl/t1_enc.c
index 2480fecd7ee..5a95fd27443 100644
--- a/lib/libssl/t1_enc.c
+++ b/lib/libssl/t1_enc.c
@@ -144,9 +144,6 @@
#include <openssl/hmac.h>
#include <openssl/md5.h>
#include <openssl/rand.h>
-#ifdef KSSL_DEBUG
-#include <openssl/des.h>
-#endif
/* seed1 through seed5 are virtually concatenated */
static int
@@ -297,17 +294,6 @@ tls1_generate_key_block(SSL *s, unsigned char *km, unsigned char *tmp, int num)
NULL, 0, NULL, 0,
s->session->master_key, s->session->master_key_length,
km, tmp, num);
-#ifdef KSSL_DEBUG
- printf("tls1_generate_key_block() ==> %d byte master_key =\n\t",
- s->session->master_key_length);
- {
- int i;
- for (i = 0; i < s->session->master_key_length; i++) {
- printf("%02X", s->session->master_key[i]);
- }
- printf("\n");
- }
-#endif /* KSSL_DEBUG */
return ret;
}
@@ -344,22 +330,6 @@ tls1_change_cipher_state(SSL *s, int which)
comp = s->s3->tmp.new_compression;
#endif
-#ifdef KSSL_DEBUG
- printf("tls1_change_cipher_state(which= %d) w/\n", which);
- printf("\talg= %ld/%ld, comp= %p\n",
- s->s3->tmp.new_cipher->algorithm_mkey,
- s->s3->tmp.new_cipher->algorithm_auth,
- comp);
- printf("\tevp_cipher == %p ==? &d_cbc_ede_cipher3\n", c);
- printf("\tevp_cipher: nid, blksz= %d, %d, keylen=%d, ivlen=%d\n",
- c->nid, c->block_size, c->key_len, c->iv_len);
- printf("\tkey_block: len= %d, data= ", s->s3->tmp.key_block_length);
- {
- int i;
- for (i = 0; i < s->s3->tmp.key_block_length; i++)
- printf("%02x", s->s3->tmp.key_block[i]); printf("\n");
- }
-#endif /* KSSL_DEBUG */
if (which & SSL3_CC_READ) {
if (s->s3->tmp.new_cipher->algorithm2 & TLS1_STREAM_MAC)
@@ -519,16 +489,6 @@ tls1_change_cipher_state(SSL *s, int which)
}
}
-#ifdef KSSL_DEBUG
- {
- int i;
- printf("EVP_CipherInit_ex(dd, c, key=, iv=, which)\n");
- printf("\tkey= "); for (i = 0; i<c->key_len; i++) printf("%02x", key[i]);
- printf("\n");
- printf("\t iv= "); for (i = 0; i<c->iv_len; i++) printf("%02x", iv[i]);
- printf("\n");
- }
-#endif /* KSSL_DEBUG */
if (EVP_CIPHER_mode(c) == EVP_CIPH_GCM_MODE) {
EVP_CipherInit_ex(dd, c, NULL, key, NULL, (which & SSL3_CC_WRITE));
@@ -572,9 +532,6 @@ tls1_setup_key_block(SSL *s)
int mac_type = NID_undef, mac_secret_size = 0;
int ret = 0;
-#ifdef KSSL_DEBUG
- printf ("tls1_setup_key_block()\n");
-#endif /* KSSL_DEBUG */
if (s->s3->tmp.key_block_length != 0)
return (1);
@@ -709,9 +666,6 @@ tls1_enc(SSL *s, int send)
enc = EVP_CIPHER_CTX_cipher(s->enc_read_ctx);
}
-#ifdef KSSL_DEBUG
- printf("tls1_enc(%d)\n", send);
-#endif /* KSSL_DEBUG */
if ((s->session == NULL) || (ds == NULL) || (enc == NULL)) {
memmove(rec->data, rec->input, rec->length);
@@ -768,23 +722,6 @@ tls1_enc(SSL *s, int send)
rec->length += i;
}
-#ifdef KSSL_DEBUG
- {
- unsigned long ui;
- printf("EVP_Cipher(ds=%p, rec->data=%p, rec->input=%p, l=%ld) ==>\n",
- ds, rec->data, rec->input, l);
- printf("\tEVP_CIPHER_CTX: %d buf_len, %d key_len [%d %d], %d iv_len\n",
- ds->buf_len, ds->cipher->key_len,
- DES_KEY_SZ, DES_SCHEDULE_SZ,
- ds->cipher->iv_len);
- printf("\t\tIV: ");
- for (i = 0; i<ds->cipher->iv_len; i++) printf("%02X", ds->iv[i]);
- printf("\n");
- printf("\trec->input=");
- for (ui = 0; ui<l; ui++) printf(" %02x", rec->input[ui]);
- printf("\n");
- }
-#endif /* KSSL_DEBUG */
if (!send) {
if (l == 0 || l % bs != 0)
@@ -801,14 +738,6 @@ tls1_enc(SSL *s, int send)
rec->length -= EVP_GCM_TLS_EXPLICIT_IV_LEN;
}
-#ifdef KSSL_DEBUG
- {
- unsigned long i;
- printf("\trec->data=");
- for (i = 0; i < l; i++)
- printf(" %02x", rec->data[i]); printf("\n");
- }
-#endif /* KSSL_DEBUG */
ret = 1;
if (EVP_MD_CTX_md(s->read_hash) != NULL)
@@ -1017,9 +946,6 @@ tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
int col = 0, sol = 0;
-#ifdef KSSL_DEBUG
- printf ("tls1_generate_master_secret(%p,%p, %p, %d)\n", s, out, p, len);
-#endif /* KSSL_DEBUG */
#ifdef TLSEXT_TYPE_opaque_prf_input
if (s->s3->client_opaque_prf_input != NULL && s->s3->server_opaque_prf_input != NULL &&
@@ -1051,9 +977,6 @@ tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
BIO_dump_fp(stderr, (char *)s->session->master_key, SSL3_MASTER_SECRET_SIZE);
#endif
-#ifdef KSSL_DEBUG
- printf ("tls1_generate_master_secret() complete\n");
-#endif /* KSSL_DEBUG */
return (SSL3_MASTER_SECRET_SIZE);
}
@@ -1067,9 +990,6 @@ tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen,
size_t vallen, currentvalpos;
int rv;
-#ifdef KSSL_DEBUG
- printf ("tls1_export_keying_material(%p,%p,%d,%s,%d,%p,%d)\n", s, out, olen, label, llen, p, plen);
-#endif /* KSSL_DEBUG */
buff = malloc(olen);
if (buff == NULL)
@@ -1129,9 +1049,6 @@ tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen,
s->session->master_key, s->session->master_key_length,
out, buff, olen);
-#ifdef KSSL_DEBUG
- printf ("tls1_export_keying_material() complete\n");
-#endif /* KSSL_DEBUG */
goto ret;
err1:
SSLerr(SSL_F_TLS1_EXPORT_KEYING_MATERIAL, SSL_R_TLS_ILLEGAL_EXPORTER_LABEL);