Promote everything directly in SSL_ctrl.
BUG=404754
Change-Id: I0b0a1c35f3dc81e81deb34d409ae18a1d248669e
Reviewed-on: https://boringssl-review.googlesource.com/4561
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 88f76f0..8cbd51b 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -625,10 +625,13 @@
* modes enabled for |ssl|. */
OPENSSL_EXPORT uint32_t SSL_get_mode(const SSL *ssl);
-#define SSL_set_mtu(ssl, mtu) SSL_ctrl((ssl), SSL_CTRL_SET_MTU, (mtu), NULL)
+/* SSL_set_mtu sets the |ssl|'s MTU in DTLS to |mtu|. It returns one on success
+ * and zero on failure. */
+OPENSSL_EXPORT int SSL_set_mtu(SSL *ssl, unsigned mtu);
-#define SSL_get_secure_renegotiation_support(ssl) \
- SSL_ctrl((SSL *)(ssl), SSL_CTRL_GET_RI_SUPPORT, 0, NULL)
+/* SSL_get_secure_renegotiation_support returns one if the peer supports secure
+ * renegotiation (RFC 5746) and zero otherwise. */
+OPENSSL_EXPORT int SSL_get_secure_renegotiation_support(const SSL *ssl);
/* SSL_CTX_set_min_version sets the minimum protocol version for |ctx| to
* |version|. */
@@ -1595,8 +1598,6 @@
#define SSL_CTRL_GET_FLAGS 13
#define SSL_CTRL_EXTRA_CHAIN_CERT 14
-/* only applies to datagram connections */
-#define SSL_CTRL_SET_MTU 17
/* Stats */
#define SSL_CTRL_SESS_NUMBER 20
@@ -1616,8 +1617,6 @@
#define SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH 80
#define SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD 81
-#define SSL_CTRL_GET_RI_SUPPORT 76
-
#define SSL_CTRL_GET_EXTRA_CHAIN_CERTS 82
#define SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS 83
@@ -2392,6 +2391,7 @@
#define SSL_CTRL_SET_TMP_ECDH_CB doesnt_exist
#define SSL_CTRL_SET_MSG_CALLBACK doesnt_exist
#define SSL_CTRL_SET_MSG_CALLBACK_ARG doesnt_exist
+#define SSL_CTRL_SET_MTU doesnt_exist
#define SSL_CTRL_OPTIONS doesnt_exist
#define SSL_CTRL_MODE doesnt_exist
#define SSL_CTRL_GET_READ_AHEAD doesnt_exist
@@ -2403,11 +2403,13 @@
#define SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB doesnt_exist
#define DTLS_CTRL_GET_TIMEOUT doesnt_exist
#define DTLS_CTRL_HANDLE_TIMEOUT doesnt_exist
+#define SSL_CTRL_GET_RI_SUPPORT doesnt_exist
#define SSL_CTRL_CLEAR_OPTIONS doesnt_exist
#define SSL_CTRL_CLEAR_MODE doesnt_exist
#define SSL_CTX_set_msg_callback_arg SSL_CTX_set_msg_callback_arg
#define SSL_set_msg_callback_arg SSL_set_msg_callback_arg
+#define SSL_set_mtu SSL_set_mtu
#define SSL_CTX_get_options SSL_CTX_get_options
#define SSL_CTX_set_options SSL_CTX_set_options
#define SSL_get_options SSL_get_options
@@ -2429,6 +2431,8 @@
#define SSL_CTX_set_tlsext_ticket_key_cb SSL_CTX_set_tlsext_ticket_key_cb
#define DTLSv1_get_timeout DTLSv1_get_timeout
#define DTLSv1_handle_timeout DTLSv1_handle_timeout
+#define SSL_get_secure_renegotiation_support \
+ SSL_get_secure_renegotiation_support
#define SSL_CTX_clear_options SSL_CTX_clear_options
#define SSL_clear_options SSL_clear_options
#define SSL_CTX_clear_mode SSL_CTX_clear_mode
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 451cdc6..f8c865f 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1054,27 +1054,20 @@
ssl->max_send_fragment = (uint16_t)max_send_fragment;
}
-long SSL_ctrl(SSL *s, int cmd, long larg, void *parg) {
- switch (cmd) {
- case SSL_CTRL_SET_MTU:
- if (larg < (long)dtls1_min_mtu()) {
- return 0;
- }
- if (SSL_IS_DTLS(s)) {
- s->d1->mtu = larg;
- return larg;
- }
- return 0;
-
- case SSL_CTRL_GET_RI_SUPPORT:
- if (s->s3) {
- return s->s3->send_connection_binding;
- }
- return 0;
-
- default:
- return s->method->ssl_ctrl(s, cmd, larg, parg);
+int SSL_set_mtu(SSL *ssl, unsigned mtu) {
+ if (!SSL_IS_DTLS(ssl) || mtu < dtls1_min_mtu()) {
+ return 0;
}
+ ssl->d1->mtu = mtu;
+ return 1;
+}
+
+int SSL_get_secure_renegotiation_support(const SSL *ssl) {
+ return ssl->s3->send_connection_binding;
+}
+
+long SSL_ctrl(SSL *s, int cmd, long larg, void *parg) {
+ return s->method->ssl_ctrl(s, cmd, larg, parg);
}
LHASH_OF(SSL_SESSION) *SSL_CTX_sessions(SSL_CTX *ctx) { return ctx->sessions; }
