Merge client/server SSL_METHODs into the generic one.

Supporting both schemes seems pointless. Now that s->server and s->state are set appropriately late and get_ssl_method is gone, the only difference is that the client/server ones have non-functional ssl_accept or ssl_connect hooks. We can't lose the generic ones, so let's unify on that. Note: this means a static linker will no longer drop the client or server handshake code if unused by a consumer linking statically. However, Chromium needs the server half anyway for DTLS and WebRTC, so that's probably a lost cause. Android also exposes server APIs. Change-Id: I290f5fb4ed558f59fadb5d1f84e9d9c405004c23 Reviewed-on: https://boringssl-review.googlesource.com/2440 Reviewed-by: Adam Langley <agl@google.com>
2014-11-23 15:47:20 -05:00 · 2014-11-23 15:47:20 -05:00 · cde8abae14
commit cde8abae14
parent f34a009834
10 changed files with 73 additions and 98 deletions
--- a/ssl/d1_clnt.c
+++ b/ssl/d1_clnt.c
@ -128,24 +128,6 @@

 static int dtls1_get_hello_verify(SSL *s);

-IMPLEMENT_dtls1_meth_func(DTLS1_VERSION,
-			DTLSv1_client_method,
-			ssl_undefined_function,
-			dtls1_connect,
-			DTLSv1_enc_data)
-
-IMPLEMENT_dtls1_meth_func(DTLS1_2_VERSION,
-			DTLSv1_2_client_method,
-			ssl_undefined_function,
-			dtls1_connect,
-			DTLSv1_2_enc_data)
-
-IMPLEMENT_dtls1_meth_func(DTLS_ANY_VERSION,
-			DTLS_client_method,
-			ssl_undefined_function,
-			dtls1_connect,
-			DTLSv1_2_enc_data)
-
 int dtls1_connect(SSL *s)
 	{
 	BUF_MEM *buf=NULL;
--- a/ssl/d1_meth.c
+++ b/ssl/d1_meth.c
@ -75,3 +75,33 @@ IMPLEMENT_dtls1_meth_func(DTLS_ANY_VERSION,
 			dtls1_accept,
 			dtls1_connect,
 			DTLSv1_2_enc_data)
+
+const SSL_METHOD *DTLSv1_2_server_method(void)
+	{
+	return DTLSv1_2_method();
+	}
+
+const SSL_METHOD *DTLSv1_server_method(void)
+	{
+	return DTLSv1_method();
+	}
+
+const SSL_METHOD *DTLS_server_method(void)
+	{
+	return DTLS_method();
+	}
+
+const SSL_METHOD *DTLSv1_2_client_method(void)
+	{
+	return DTLSv1_2_method();
+	}
+
+const SSL_METHOD *DTLSv1_client_method(void)
+	{
+	return DTLSv1_method();
+	}
+
+const SSL_METHOD *DTLS_client_method(void)
+	{
+	return DTLS_method();
+	}
--- a/ssl/d1_srvr.c
+++ b/ssl/d1_srvr.c
@ -128,24 +128,6 @@

 static int dtls1_send_hello_verify_request(SSL *s);

-IMPLEMENT_dtls1_meth_func(DTLS1_VERSION,
-			DTLSv1_server_method,
-			dtls1_accept,
-			ssl_undefined_function,
-			DTLSv1_enc_data)
-
-IMPLEMENT_dtls1_meth_func(DTLS1_2_VERSION,
-			DTLSv1_2_server_method,
-			dtls1_accept,
-			ssl_undefined_function,
-			DTLSv1_2_enc_data)
-
-IMPLEMENT_dtls1_meth_func(DTLS_ANY_VERSION,
-			DTLS_server_method,
-			dtls1_accept,
-			ssl_undefined_function,
-			DTLSv1_2_enc_data)
-
 int dtls1_accept(SSL *s)
 	{
 	BUF_MEM *buf;
--- a/ssl/s23_clnt.c
+++ b/ssl/s23_clnt.c
@ -120,7 +120,7 @@ static int ssl23_client_hello(SSL *s);
 static int ssl23_get_server_hello(SSL *s);

 IMPLEMENT_ssl23_meth_func(SSLv23_client_method,
-			ssl_undefined_function,
+			ssl23_accept,
 			ssl23_connect)

 int ssl23_connect(SSL *s)
--- a/ssl/s23_srvr.c
+++ b/ssl/s23_srvr.c
@ -137,7 +137,7 @@ static const SSL_METHOD *ssl23_get_server_method(int ver)

 IMPLEMENT_ssl23_meth_func(SSLv23_server_method,
 			ssl23_accept,
-			ssl_undefined_function)
+			ssl23_connect)

 int ssl23_accept(SSL *s)
 	{
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@ -166,26 +166,6 @@
 #include "ssl_locl.h"
 #include "../crypto/dh/internal.h"

-IMPLEMENT_tls_meth_func(TLS1_2_VERSION, TLSv1_2_client_method,
-			ssl_undefined_function,
-			ssl3_connect,
-			TLSv1_2_enc_data)
-
-IMPLEMENT_tls_meth_func(TLS1_1_VERSION, TLSv1_1_client_method,
-			ssl_undefined_function,
-			ssl3_connect,
-			TLSv1_1_enc_data)
-
-IMPLEMENT_tls_meth_func(TLS1_VERSION, TLSv1_client_method,
-			ssl_undefined_function,
-			ssl3_connect,
-			TLSv1_enc_data)
-
-IMPLEMENT_tls_meth_func(SSL3_VERSION, SSLv3_client_method,
-			ssl_undefined_function,
-			ssl3_connect,
-			SSLv3_enc_data)
-
 int ssl3_connect(SSL *s)
 	{
 	BUF_MEM *buf=NULL;
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@ -1412,8 +1412,6 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
 		break;

 	case SSL_CTRL_GET_CHANNEL_ID:
-		if (!s->server)
-			break;
 		if (!s->s3->tlsext_channel_id_valid)
 			break;
 		memcpy(parg, s->s3->tlsext_channel_id, larg < 64 ? larg : 64);
@ -1666,9 +1664,6 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
 		return ssl_cert_select_current(ctx->cert, (X509 *)parg);

 	case SSL_CTRL_CHANNEL_ID:
-		/* must be called on a server */
-		if (ctx->method->ssl_accept == ssl_undefined_function)
-			return 0;
 		ctx->tlsext_channel_id_enabled=1;
 		return 1;

--- a/ssl/s3_meth.c
+++ b/ssl/s3_meth.c
@ -77,3 +77,43 @@ IMPLEMENT_tls_meth_func(SSL3_VERSION, SSLv3_method,
 			ssl3_accept,
 			ssl3_connect,
 			SSLv3_enc_data)
+
+const SSL_METHOD *TLSv1_2_server_method(void)
+	{
+	return TLSv1_2_method();
+	}
+
+const SSL_METHOD *TLSv1_1_server_method(void)
+	{
+	return TLSv1_1_method();
+	}
+
+const SSL_METHOD *TLSv1_server_method(void)
+	{
+	return TLSv1_method();
+	}
+
+const SSL_METHOD *SSLv3_server_method(void)
+	{
+	return SSLv3_method();
+	}
+
+const SSL_METHOD *TLSv1_2_client_method(void)
+	{
+	return TLSv1_2_method();
+	}
+
+const SSL_METHOD *TLSv1_1_client_method(void)
+	{
+	return TLSv1_1_method();
+	}
+
+const SSL_METHOD *TLSv1_client_method(void)
+	{
+	return TLSv1_method();
+	}
+
+const SSL_METHOD *SSLv3_client_method(void)
+	{
+	return SSLv3_method();
+	}
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@ -172,26 +172,6 @@
 #include "../crypto/internal.h"
 #include "../crypto/dh/internal.h"

-IMPLEMENT_tls_meth_func(TLS1_2_VERSION, TLSv1_2_server_method,
-			ssl3_accept,
-			ssl_undefined_function,
-			TLSv1_2_enc_data)
-
-IMPLEMENT_tls_meth_func(TLS1_1_VERSION, TLSv1_1_server_method,
-			ssl3_accept,
-			ssl_undefined_function,
-			TLSv1_1_enc_data)
-
-IMPLEMENT_tls_meth_func(TLS1_VERSION, TLSv1_server_method,
-			ssl3_accept,
-			ssl_undefined_function,
-			TLSv1_enc_data)
-
-IMPLEMENT_tls_meth_func(SSL3_VERSION, SSLv3_server_method,
-			ssl3_accept,
-			ssl_undefined_function,
-			SSLv3_enc_data)
-
 int ssl3_accept(SSL *s)
 	{
 	BUF_MEM *buf;
--- a/ssl/test/bssl_shim.cc
+++ b/ssl/test/bssl_shim.cc
@ -231,21 +231,7 @@ static SSL_CTX *setup_ctx(const TestConfig *config) {
  SSL_CTX *ssl_ctx = NULL;
  DH *dh = NULL;

-  const SSL_METHOD *method;
-  if (config->is_dtls) {
-    if (config->is_server) {
-      method = DTLS_server_method();
-    } else {
-      method = DTLS_client_method();
-    }
-  } else {
-    if (config->is_server) {
-      method = SSLv23_server_method();
-    } else {
-      method = SSLv23_client_method();
-    }
-  }
-  ssl_ctx = SSL_CTX_new(method);
+  ssl_ctx = SSL_CTX_new(config->is_dtls ? DTLS_method() : SSLv23_method());
  if (ssl_ctx == NULL) {
    goto err;
  }