kris
/
boringssl
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

Get rid of ssl_undefined_* 

The only place using it is export keying material which can do the
version check inline.

Change-Id: I1893966c130aa43fa97a6116d91bb8b04f80c6fb
Reviewed-on: https://boringssl-review.googlesource.com/4615
Reviewed-by: Adam Langley <agl@google.com>
kris/onging/CECPQ3_patch15
David Benjamin 9 years ago
committed by Adam Langley
parent
60da0cd7c6
commit
d6e95eefba
6 changed files with 7 additions and 29 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +0
    -3
      crypto/err/ssl.errordata
  2. +0
    -3
      include/openssl/ssl.h
  3. +0
    -3
      ssl/internal.h
  4. +1
    -2
      ssl/s3_lib.c
  5. +0
    -18
      ssl/ssl_lib.c
  6. +6
    -0
      ssl/t1_enc.c

+ 0
- 3
crypto/err/ssl.errordata View File

@@ -159,9 +159,6 @@ SSL,function,245,ssl_scan_serverhello_tlsext
SSL,function,246,ssl_sess_cert_new
SSL,function,247,ssl_set_cert
SSL,function,248,ssl_set_pkey
SSL,function,249,ssl_undefined_const_function
SSL,function,250,ssl_undefined_function
SSL,function,251,ssl_undefined_void_function
SSL,function,252,ssl_verify_cert_chain
SSL,function,253,tls12_check_peer_sigalg
SSL,function,254,tls1_aead_ctx_init


+ 0
- 3
include/openssl/ssl.h View File

@@ -2652,9 +2652,6 @@ OPENSSL_EXPORT const char *SSLeay_version(int unused);
#define SSL_F_ssl_sess_cert_new 246
#define SSL_F_ssl_set_cert 247
#define SSL_F_ssl_set_pkey 248
#define SSL_F_ssl_undefined_const_function 249
#define SSL_F_ssl_undefined_function 250
#define SSL_F_ssl_undefined_void_function 251
#define SSL_F_ssl_verify_cert_chain 252
#define SSL_F_tls12_check_peer_sigalg 253
#define SSL_F_tls1_aead_ctx_init 254


+ 0
- 3
ssl/internal.h View File

@@ -691,9 +691,6 @@ int ssl_verify_cert_chain(SSL *s, STACK_OF(X509) *sk);
int ssl_add_cert_chain(SSL *s, CERT_PKEY *cpk, unsigned long *l);
int ssl_build_cert_chain(CERT *c, X509_STORE *chain_store, int flags);
int ssl_cert_set_cert_store(CERT *c, X509_STORE *store, int chain, int ref);
int ssl_undefined_function(SSL *s);
int ssl_undefined_void_function(void);
int ssl_undefined_const_function(const SSL *s);
CERT_PKEY *ssl_get_server_send_pkey(const SSL *s);
EVP_PKEY *ssl_get_sign_pkey(SSL *s, const SSL_CIPHER *c);
int ssl_cert_type(EVP_PKEY *pkey);


+ 1
- 2
ssl/s3_lib.c View File

@@ -488,8 +488,7 @@ const SSL3_ENC_METHOD SSLv3_enc_data = {
SSL3_MD_CLIENT_FINISHED_CONST, 4,
SSL3_MD_SERVER_FINISHED_CONST, 4,
ssl3_alert_code,
(int (*)(SSL *, uint8_t *, size_t, const char *, size_t, const uint8_t *,
size_t, int use_context)) ssl_undefined_function,
tls1_export_keying_material,
0,
};



+ 0
- 18
ssl/ssl_lib.c View File

@@ -2155,24 +2155,6 @@ void SSL_set_connect_state(SSL *s) {
ssl_clear_cipher_ctx(s);
}

int ssl_undefined_function(SSL *s) {
OPENSSL_PUT_ERROR(SSL, ssl_undefined_function,
ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return 0;
}

int ssl_undefined_void_function(void) {
OPENSSL_PUT_ERROR(SSL, ssl_undefined_void_function,
ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return 0;
}

int ssl_undefined_const_function(const SSL *s) {
OPENSSL_PUT_ERROR(SSL, ssl_undefined_const_function,
ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return 0;
}

static const char *ssl_get_version(int version) {
switch (version) {
case TLS1_2_VERSION:


+ 6
- 0
ssl/t1_enc.c View File

@@ -866,6 +866,12 @@ int tls1_export_keying_material(SSL *s, uint8_t *out, size_t out_len,
const char *label, size_t label_len,
const uint8_t *context, size_t context_len,
int use_context) {
if (!s->s3->have_version || s->version == SSL3_VERSION) {
OPENSSL_PUT_ERROR(SSL, tls1_export_keying_material,
ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return 0;
}

size_t seed_len = 2 * SSL3_RANDOM_SIZE;
if (use_context) {
if (context_len >= 1u << 16) {


Write Preview
Loading…
Cancel
Save