Move handshake method hooks to SSL_PROTOCOL_METHOD. None of these are version-specific. SSL_PROTOCOL_METHOD's interface will change later, but this gets us closer to folding away SSL3_ENC_METHOD. Change-Id: Ib427cdff32d0701a18fe42a52cdbf798f82ba956 Reviewed-on: https://boringssl-review.googlesource.com/3769 Reviewed-by: Adam Langley <agl@google.com>
diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c index fd92fae..48cc81f 100644 --- a/ssl/d1_lib.c +++ b/ssl/d1_lib.c
@@ -82,8 +82,6 @@ static void get_current_time(SSL *ssl, OPENSSL_timeval *out_clock); static OPENSSL_timeval *dtls1_get_timeout(SSL *s, OPENSSL_timeval *timeleft); -static int dtls1_set_handshake_header(SSL *s, int type, unsigned long len); -static int dtls1_handshake_write(SSL *s); const SSL3_ENC_METHOD DTLSv1_enc_data = { tls1_enc, @@ -98,9 +96,6 @@ tls1_alert_code, tls1_export_keying_material, SSL_ENC_FLAG_DTLS|SSL_ENC_FLAG_EXPLICIT_IV, - DTLS1_HM_HEADER_LENGTH, - dtls1_set_handshake_header, - dtls1_handshake_write, }; const SSL3_ENC_METHOD DTLSv1_2_enc_data = { @@ -117,9 +112,6 @@ tls1_export_keying_material, SSL_ENC_FLAG_DTLS | SSL_ENC_FLAG_EXPLICIT_IV | SSL_ENC_FLAG_SIGALGS | SSL_ENC_FLAG_SHA256_PRF | SSL_ENC_FLAG_TLS1_2_CIPHERS, - DTLS1_HM_HEADER_LENGTH, - dtls1_set_handshake_header, - dtls1_handshake_write, }; int dtls1_new(SSL *s) { @@ -413,7 +405,7 @@ #endif } -static int dtls1_set_handshake_header(SSL *s, int htype, unsigned long len) { +int dtls1_set_handshake_header(SSL *s, int htype, unsigned long len) { uint8_t *message = (uint8_t *)s->init_buf->data; const struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr; uint8_t serialised_header[DTLS1_HM_HEADER_LENGTH]; @@ -440,6 +432,6 @@ ssl3_finish_mac(s, message + DTLS1_HM_HEADER_LENGTH, len); } -static int dtls1_handshake_write(SSL *s) { +int dtls1_handshake_write(SSL *s) { return dtls1_do_write(s, SSL3_RT_HANDSHAKE); }
diff --git a/ssl/d1_meth.c b/ssl/d1_meth.c index a894222..34a2098 100644 --- a/ssl/d1_meth.c +++ b/ssl/d1_meth.c
@@ -81,6 +81,9 @@ ssl_undefined_void_function, ssl3_callback_ctrl, ssl3_ctx_callback_ctrl, + DTLS1_HM_HEADER_LENGTH, + dtls1_set_handshake_header, + dtls1_handshake_write, }; const SSL_METHOD *DTLS_method(void) {
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index 129a128..910a051 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c
@@ -2019,7 +2019,7 @@ } /* SSL3_ST_CW_KEY_EXCH_B */ - return s->enc_method->do_write(s); + return s->method->do_write(s); err: BN_CTX_free(bn_ctx);
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 1b342c0..3ad526c 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c
@@ -570,9 +570,6 @@ (int (*)(SSL *, uint8_t *, size_t, const char *, size_t, const uint8_t *, size_t, int use_context)) ssl_undefined_function, 0, - SSL3_HM_HEADER_LENGTH, - ssl3_set_handshake_header, - ssl3_handshake_write, }; int ssl3_num_ciphers(void) { return SSL3_NUM_CIPHERS; }
diff --git a/ssl/s3_meth.c b/ssl/s3_meth.c index 5a25d7b..f8375a1 100644 --- a/ssl/s3_meth.c +++ b/ssl/s3_meth.c
@@ -80,6 +80,9 @@ ssl_undefined_void_function, ssl3_callback_ctrl, ssl3_ctx_callback_ctrl, + SSL3_HM_HEADER_LENGTH, + ssl3_set_handshake_header, + ssl3_handshake_write, }; const SSL_METHOD *TLS_method(void) {
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index 9986bd3..59180f6 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h
@@ -559,6 +559,12 @@ int (*ssl_version)(void); long (*ssl_callback_ctrl)(SSL *s, int cb_id, void (*fp)(void)); long (*ssl_ctx_callback_ctrl)(SSL_CTX *s, int cb_id, void (*fp)(void)); + /* Handshake header length */ + unsigned int hhlen; + /* Set the handshake header */ + int (*set_handshake_header)(SSL *s, int type, unsigned long len); + /* Write out handshake message */ + int (*do_write)(SSL *s); }; /* This is for the SSLv3/TLSv1.0 differences in crypto/hash stuff It is a bit @@ -581,20 +587,14 @@ const uint8_t *, size_t, int use_context); /* Various flags indicating protocol version requirements */ unsigned int enc_flags; - /* Handshake header length */ - unsigned int hhlen; - /* Set the handshake header */ - int (*set_handshake_header)(SSL *s, int type, unsigned long len); - /* Write out handshake message */ - int (*do_write)(SSL *s); }; -#define SSL_HM_HEADER_LENGTH(s) s->enc_method->hhlen +#define SSL_HM_HEADER_LENGTH(s) s->method->hhlen #define ssl_handshake_start(s) \ - (((uint8_t *)s->init_buf->data) + s->enc_method->hhlen) + (((uint8_t *)s->init_buf->data) + s->method->hhlen) #define ssl_set_handshake_header(s, htype, len) \ - s->enc_method->set_handshake_header(s, htype, len) -#define ssl_do_write(s) s->enc_method->do_write(s) + s->method->set_handshake_header(s, htype, len) +#define ssl_do_write(s) s->method->do_write(s) /* Values for enc_flags */ @@ -817,6 +817,9 @@ void dtls1_reset_seq_numbers(SSL *s, int rw); int dtls1_check_timeout_num(SSL *s); int dtls1_handle_timeout(SSL *s); +int dtls1_set_handshake_header(SSL *s, int type, unsigned long len); +int dtls1_handshake_write(SSL *s); + const SSL_CIPHER *dtls1_get_cipher(unsigned int u); void dtls1_start_timer(SSL *s); void dtls1_stop_timer(SSL *s);
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 20b8c99..dae9a07 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c
@@ -139,9 +139,6 @@ tls1_alert_code, tls1_export_keying_material, 0, - SSL3_HM_HEADER_LENGTH, - ssl3_set_handshake_header, - ssl3_handshake_write, }; const SSL3_ENC_METHOD TLSv1_1_enc_data = { @@ -157,9 +154,6 @@ tls1_alert_code, tls1_export_keying_material, SSL_ENC_FLAG_EXPLICIT_IV, - SSL3_HM_HEADER_LENGTH, - ssl3_set_handshake_header, - ssl3_handshake_write, }; const SSL3_ENC_METHOD TLSv1_2_enc_data = { @@ -176,9 +170,6 @@ tls1_export_keying_material, SSL_ENC_FLAG_EXPLICIT_IV|SSL_ENC_FLAG_SIGALGS|SSL_ENC_FLAG_SHA256_PRF |SSL_ENC_FLAG_TLS1_2_CIPHERS, - SSL3_HM_HEADER_LENGTH, - ssl3_set_handshake_header, - ssl3_handshake_write, }; static int compare_uint16_t(const void *p1, const void *p2) {