Djam/libressl
1
0
Fork 0
mirror of https://abf.rosa.ru/djam/libressl.git synced 2025-02-23 16:12:53 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
libressl/0084-ssl-drop-mac_flags-field.patch
Mikhail Novosyolov faac7d3eaa Add gost-new patches sponsored by ROSA Linux 
TODO: add tests
2020-08-05 12:58:06 +03:00

87 lines
3 KiB
Diff
Raw Blame History

From 1b42f56675b39ba4f1514b328a8dfb6c35b8cb4a Mon Sep 17 00:00:00 2001
From: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Fri, 17 Apr 2020 16:43:39 +0300
Subject: [PATCH 84/87] ssl: drop mac_flags field
Use s->session->cipher->algorithm2 instead.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
---
src/lib/libssl/ssl.h | 3 ---
src/lib/libssl/ssl_locl.h | 4 ----
src/lib/libssl/t1_enc.c | 16 +++-------------
3 files changed, 3 insertions(+), 20 deletions(-)
diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h
index 1f9095feb..1c5e174b8 100644
--- a/src/lib/libssl/ssl.h
+++ b/src/lib/libssl/ssl.h
@@ -796,9 +796,6 @@ void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
#define SSL_want_write(s) (SSL_want(s) == SSL_WRITING)
#define SSL_want_x509_lookup(s) (SSL_want(s) == SSL_X509_LOOKUP)
-#define SSL_MAC_FLAG_READ_MAC_STREAM 1
-#define SSL_MAC_FLAG_WRITE_MAC_STREAM 2
-
#ifndef OPENSSL_NO_SSL_INTERN
struct ssl_internal_st;
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index 2ef7e58f6..f4ad6b5ee 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -723,10 +723,6 @@ typedef struct ssl_internal_st {
/* crypto */
STACK_OF(SSL_CIPHER) *cipher_list_by_id;
- /* These are the ones being used, the ones in SSL_SESSION are
- * the ones to be 'copied' into these ones */
- int mac_flags;
-
SSL_AEAD_CTX *aead_read_ctx; /* AEAD context. If non-NULL, then
enc_read_ctx and read_hash are
ignored. */
diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c
index 05c45fc31..4c726f73f 100644
--- a/src/lib/libssl/t1_enc.c
+++ b/src/lib/libssl/t1_enc.c
@@ -418,11 +418,6 @@ tls1_change_cipher_state_cipher(SSL *s, char is_read,
mac_type = S3I(s)->tmp.new_mac_pkey_type;
if (is_read) {
- if (S3I(s)->hs.new_cipher->algorithm2 & TLS1_STREAM_MAC)
- s->internal->mac_flags |= SSL_MAC_FLAG_READ_MAC_STREAM;
- else
- s->internal->mac_flags &= ~SSL_MAC_FLAG_READ_MAC_STREAM;
-
ssl_clear_cipher_read_state(s);
if ((cipher_ctx = EVP_CIPHER_CTX_new()) == NULL)
@@ -432,11 +427,6 @@ tls1_change_cipher_state_cipher(SSL *s, char is_read,
goto err;
s->read_hash = mac_ctx;
} else {
- if (S3I(s)->hs.new_cipher->algorithm2 & TLS1_STREAM_MAC)
- s->internal->mac_flags |= SSL_MAC_FLAG_WRITE_MAC_STREAM;
- else
- s->internal->mac_flags &= ~SSL_MAC_FLAG_WRITE_MAC_STREAM;
-
/*
* DTLS fragments retain a pointer to the compression, cipher
* and hash contexts, so that it can restore state in order
@@ -958,9 +948,9 @@ tls1_mac(SSL *ssl, unsigned char *md, int send)
size_t md_size, orig_len;
EVP_MD_CTX hmac, *mac_ctx;
unsigned char header[13];
- int stream_mac = (send ?
- (ssl->internal->mac_flags & SSL_MAC_FLAG_WRITE_MAC_STREAM) :
- (ssl->internal->mac_flags & SSL_MAC_FLAG_READ_MAC_STREAM));
+ int stream_mac = ssl->session && ssl->session->cipher ?
+ ssl->session->cipher->algorithm2 & TLS1_STREAM_MAC :
+ 0;
int t;
if (send) {
--
2.17.1
Reference in a new issue View git blame Copy permalink