Move a few more functions into *_method.c.
s3_lib.c is nearly gone. ssl_get_cipher_preferences will fall away once
we remove the version-specific cipher lists. ssl_get_algorithm_prf and
the PRF stuff in general needs some revising (it was the motivation for
all the SSL_HANDSHAKE business). I've left ssl3_new / ssl3_free alone
for now because we don't have a good separation between common TLS/DTLS
connection state and state internal to the TLS SSL_PROTOCOL_METHOD.
Leaving that alone for now as there's lower-hanging fruit.
Change-Id: Idf7989123a387938aa89b6a052161c9fff4cbfb3
Reviewed-on: https://boringssl-review.googlesource.com/12584
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c
index a63b8c9..cafb4c2 100644
--- a/ssl/d1_lib.c
+++ b/ssl/d1_lib.c
@@ -113,10 +113,6 @@
ssl->d1 = NULL;
}
-int dtls1_supports_cipher(const SSL_CIPHER *cipher) {
- return cipher->algorithm_enc != SSL_eNULL;
-}
-
void DTLSv1_set_initial_timeout_duration(SSL *ssl, unsigned int duration_ms) {
ssl->initial_timeout_duration_ms = duration_ms;
}
@@ -260,11 +256,3 @@
dtls1_start_timer(ssl);
return dtls1_retransmit_outgoing_messages(ssl);
}
-
-void dtls1_expect_flight(SSL *ssl) {
- dtls1_start_timer(ssl);
-}
-
-void dtls1_received_flight(SSL *ssl) {
- dtls1_stop_timer(ssl);
-}
diff --git a/ssl/dtls_method.c b/ssl/dtls_method.c
index 8e92cc9..89b5491 100644
--- a/ssl/dtls_method.c
+++ b/ssl/dtls_method.c
@@ -94,6 +94,14 @@
return 0;
}
+static int dtls1_supports_cipher(const SSL_CIPHER *cipher) {
+ return cipher->algorithm_enc != SSL_eNULL;
+}
+
+static void dtls1_expect_flight(SSL *ssl) { dtls1_start_timer(ssl); }
+
+static void dtls1_received_flight(SSL *ssl) { dtls1_stop_timer(ssl); }
+
static int dtls1_set_read_state(SSL *ssl, SSL_AEAD_CTX *aead_ctx) {
/* Cipher changes are illegal when there are buffered incoming messages. */
if (dtls_has_incoming_messages(ssl)) {
diff --git a/ssl/internal.h b/ssl/internal.h
index 252ed0f..f940eda 100644
--- a/ssl/internal.h
+++ b/ssl/internal.h
@@ -1735,7 +1735,6 @@
size_t *out_len, uint16_t signature_algorithm);
int ssl3_send_finished(SSL_HANDSHAKE *hs, int a, int b);
-int ssl3_supports_cipher(const SSL_CIPHER *cipher);
int ssl3_dispatch_alert(SSL *ssl);
int ssl3_read_app_data(SSL *ssl, int *out_got_handshake, uint8_t *buf, int len,
int peek);
@@ -1756,9 +1755,6 @@
int ssl3_queue_message(SSL *ssl, uint8_t *msg, size_t len);
int ssl3_write_message(SSL *ssl);
-void ssl3_expect_flight(SSL *ssl);
-void ssl3_received_flight(SSL *ssl);
-
int dtls1_init_message(SSL *ssl, CBB *cbb, CBB *body, uint8_t type);
int dtls1_finish_message(SSL *ssl, CBB *cbb, uint8_t **out_msg,
size_t *out_len);
@@ -1798,10 +1794,7 @@
CBS *out_body);
int dtls1_check_timeout_num(SSL *ssl);
int dtls1_handshake_write(SSL *ssl);
-void dtls1_expect_flight(SSL *ssl);
-void dtls1_received_flight(SSL *ssl);
-int dtls1_supports_cipher(const SSL_CIPHER *cipher);
void dtls1_start_timer(SSL *ssl);
void dtls1_stop_timer(SSL *ssl);
int dtls1_is_timer_expired(SSL *ssl);
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index b5006f6..1aad8e6 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -162,14 +162,6 @@
#include "internal.h"
-int ssl3_supports_cipher(const SSL_CIPHER *cipher) {
- return 1;
-}
-
-void ssl3_expect_flight(SSL *ssl) {}
-
-void ssl3_received_flight(SSL *ssl) {}
-
int ssl3_new(SSL *ssl) {
SSL3_STATE *s3;
diff --git a/ssl/tls_method.c b/ssl/tls_method.c
index ce42904..9effb36 100644
--- a/ssl/tls_method.c
+++ b/ssl/tls_method.c
@@ -97,6 +97,12 @@
return 0;
}
+static int ssl3_supports_cipher(const SSL_CIPHER *cipher) { return 1; }
+
+static void ssl3_expect_flight(SSL *ssl) {}
+
+static void ssl3_received_flight(SSL *ssl) {}
+
static int ssl3_set_read_state(SSL *ssl, SSL_AEAD_CTX *aead_ctx) {
if (ssl->s3->rrec.length != 0) {
/* There may not be unprocessed record data at a cipher change. */
