mirror of
https://abf.rosa.ru/djam/libressl.git
synced 2025-02-23 16:12:53 +00:00
88 lines
3 KiB
Diff
88 lines
3 KiB
Diff
|
From 1b42f56675b39ba4f1514b328a8dfb6c35b8cb4a Mon Sep 17 00:00:00 2001
|
||
|
|
From: Dmitry Baryshkov <dbaryshkov@gmail.com>
|
||
|
|
Date: Fri, 17 Apr 2020 16:43:39 +0300
|
||
|
|
Subject: [PATCH 84/87] ssl: drop mac_flags field
|
||
|
|
|
||
|
|
Use s->session->cipher->algorithm2 instead.
|
||
|
|
|
||
|
|
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
|
||
|
|
---
|
||
|
|
src/lib/libssl/ssl.h | 3 ---
|
||
|
|
src/lib/libssl/ssl_locl.h | 4 ----
|
||
|
|
src/lib/libssl/t1_enc.c | 16 +++-------------
|
||
|
|
3 files changed, 3 insertions(+), 20 deletions(-)
|
||
|
|
|
||
|
|
diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h
|
||
|
|
index 1f9095feb..1c5e174b8 100644
|
||
|
|
--- a/src/lib/libssl/ssl.h
|
||
|
|
+++ b/src/lib/libssl/ssl.h
|
||
|
|
@@ -796,9 +796,6 @@ void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
|
||
|
|
#define SSL_want_write(s) (SSL_want(s) == SSL_WRITING)
|
||
|
|
#define SSL_want_x509_lookup(s) (SSL_want(s) == SSL_X509_LOOKUP)
|
||
|
|
|
||
|
|
-#define SSL_MAC_FLAG_READ_MAC_STREAM 1
|
||
|
|
-#define SSL_MAC_FLAG_WRITE_MAC_STREAM 2
|
||
|
|
-
|
||
|
|
#ifndef OPENSSL_NO_SSL_INTERN
|
||
|
|
struct ssl_internal_st;
|
||
|
|
|
||
|
|
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
|
||
|
|
index 2ef7e58f6..f4ad6b5ee 100644
|
||
|
|
--- a/src/lib/libssl/ssl_locl.h
|
||
|
|
+++ b/src/lib/libssl/ssl_locl.h
|
||
|
|
@@ -723,10 +723,6 @@ typedef struct ssl_internal_st {
|
||
|
|
/* crypto */
|
||
|
|
STACK_OF(SSL_CIPHER) *cipher_list_by_id;
|
||
|
|
|
||
|
|
- /* These are the ones being used, the ones in SSL_SESSION are
|
||
|
|
- * the ones to be 'copied' into these ones */
|
||
|
|
- int mac_flags;
|
||
|
|
-
|
||
|
|
SSL_AEAD_CTX *aead_read_ctx; /* AEAD context. If non-NULL, then
|
||
|
|
enc_read_ctx and read_hash are
|
||
|
|
ignored. */
|
||
|
|
diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c
|
||
|
|
index 05c45fc31..4c726f73f 100644
|
||
|
|
--- a/src/lib/libssl/t1_enc.c
|
||
|
|
+++ b/src/lib/libssl/t1_enc.c
|
||
|
|
@@ -418,11 +418,6 @@ tls1_change_cipher_state_cipher(SSL *s, char is_read,
|
||
|
|
mac_type = S3I(s)->tmp.new_mac_pkey_type;
|
||
|
|
|
||
|
|
if (is_read) {
|
||
|
|
- if (S3I(s)->hs.new_cipher->algorithm2 & TLS1_STREAM_MAC)
|
||
|
|
- s->internal->mac_flags |= SSL_MAC_FLAG_READ_MAC_STREAM;
|
||
|
|
- else
|
||
|
|
- s->internal->mac_flags &= ~SSL_MAC_FLAG_READ_MAC_STREAM;
|
||
|
|
-
|
||
|
|
ssl_clear_cipher_read_state(s);
|
||
|
|
|
||
|
|
if ((cipher_ctx = EVP_CIPHER_CTX_new()) == NULL)
|
||
|
|
@@ -432,11 +427,6 @@ tls1_change_cipher_state_cipher(SSL *s, char is_read,
|
||
|
|
goto err;
|
||
|
|
s->read_hash = mac_ctx;
|
||
|
|
} else {
|
||
|
|
- if (S3I(s)->hs.new_cipher->algorithm2 & TLS1_STREAM_MAC)
|
||
|
|
- s->internal->mac_flags |= SSL_MAC_FLAG_WRITE_MAC_STREAM;
|
||
|
|
- else
|
||
|
|
- s->internal->mac_flags &= ~SSL_MAC_FLAG_WRITE_MAC_STREAM;
|
||
|
|
-
|
||
|
|
/*
|
||
|
|
* DTLS fragments retain a pointer to the compression, cipher
|
||
|
|
* and hash contexts, so that it can restore state in order
|
||
|
|
@@ -958,9 +948,9 @@ tls1_mac(SSL *ssl, unsigned char *md, int send)
|
||
|
|
size_t md_size, orig_len;
|
||
|
|
EVP_MD_CTX hmac, *mac_ctx;
|
||
|
|
unsigned char header[13];
|
||
|
|
- int stream_mac = (send ?
|
||
|
|
- (ssl->internal->mac_flags & SSL_MAC_FLAG_WRITE_MAC_STREAM) :
|
||
|
|
- (ssl->internal->mac_flags & SSL_MAC_FLAG_READ_MAC_STREAM));
|
||
|
|
+ int stream_mac = ssl->session && ssl->session->cipher ?
|
||
|
|
+ ssl->session->cipher->algorithm2 & TLS1_STREAM_MAC :
|
||
|
|
+ 0;
|
||
|
|
int t;
|
||
|
|
|
||
|
|
if (send) {
|
||
|
|
--
|
||
|
|
2.17.1
|
||
|
|
|