diff options
| author | Kurt Roeckx <kurt@roeckx.be> | 2016-03-02 22:39:40 +0100 |
|---|---|---|
| committer | Kurt Roeckx <kurt@roeckx.be> | 2016-03-09 19:45:05 +0100 |
| commit | 2b8fa1d56cd3a41d666994a1b2ed9df0f5e5d1ec (patch) | |
| tree | 6833e279789d6114ca0c1da5d750814349abfda1 /ssl | |
| parent | Use version flexible method instead of fixed version (diff) | |
| download | openssl-2b8fa1d56cd3a41d666994a1b2ed9df0f5e5d1ec.tar.xz openssl-2b8fa1d56cd3a41d666994a1b2ed9df0f5e5d1ec.zip | |
Deprecate the use of version-specific methods
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
MR: #1824
Diffstat (limited to 'ssl')
| -rw-r--r-- | ssl/methods.c | 181 | ||||
| -rw-r--r-- | ssl/ssl_lib.c | 2 | ||||
| -rw-r--r-- | ssl/ssl_locl.h | 20 | ||||
| -rw-r--r-- | ssl/statem/statem_lib.c | 12 |
4 files changed, 170 insertions, 45 deletions
diff --git a/ssl/methods.c b/ssl/methods.c index 6cd83dd5dd..d66edff988 100644 --- a/ssl/methods.c +++ b/ssl/methods.c @@ -107,7 +107,7 @@ * Hudson (tjh@cryptsoft.com). * */ - + #include <stdio.h> #include <openssl/objects.h> #include "ssl_locl.h" @@ -122,19 +122,19 @@ static const SSL_METHOD *tls1_get_method(int ver) return TLS_method(); #ifndef OPENSSL_NO_TLS1_2 if (ver == TLS1_2_VERSION) - return TLSv1_2_method(); + return tlsv1_2_method(); #endif #ifndef OPENSSL_NO_TLS1_1 if (ver == TLS1_1_VERSION) - return TLSv1_1_method(); + return tlsv1_1_method(); #endif #ifndef OPENSSL_NO_TLS1 if (ver == TLS1_VERSION) - return TLSv1_method(); + return tlsv1_method(); #endif #ifndef OPENSSL_NO_SSL3 if (ver == SSL3_VERSION) - return (SSLv3_method()); + return (sslv3_method()); else #endif return NULL; @@ -147,27 +147,27 @@ IMPLEMENT_tls_meth_func(TLS_ANY_VERSION, 0, 0, #ifndef OPENSSL_NO_TLS1_2_METHOD IMPLEMENT_tls_meth_func(TLS1_2_VERSION, 0, SSL_OP_NO_TLSv1_2, - TLSv1_2_method, + tlsv1_2_method, ossl_statem_accept, ossl_statem_connect, tls1_get_method, TLSv1_2_enc_data) #endif #ifndef OPENSSL_NO_TLS1_1_METHOD IMPLEMENT_tls_meth_func(TLS1_1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_TLSv1_1, - TLSv1_1_method, + tlsv1_1_method, ossl_statem_accept, ossl_statem_connect, tls1_get_method, TLSv1_1_enc_data) #endif #ifndef OPENSSL_NO_TLS1_METHOD IMPLEMENT_tls_meth_func(TLS1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_TLSv1, - TLSv1_method, + tlsv1_method, ossl_statem_accept, ossl_statem_connect, tls1_get_method, TLSv1_enc_data) #endif #ifndef OPENSSL_NO_SSL3_METHOD -IMPLEMENT_ssl3_meth_func(SSLv3_method, ossl_statem_accept, ossl_statem_connect, +IMPLEMENT_ssl3_meth_func(sslv3_method, ossl_statem_accept, ossl_statem_connect, tls1_get_method) #endif @@ -182,19 +182,19 @@ static const SSL_METHOD *tls1_get_server_method(int ver) return TLS_server_method(); #ifndef OPENSSL_NO_TLS1_2 if (ver == TLS1_2_VERSION) - return TLSv1_2_server_method(); + return tlsv1_2_server_method(); #endif #ifndef OPENSSL_NO_TLS1_1 if (ver == TLS1_1_VERSION) - return TLSv1_1_server_method(); + return tlsv1_1_server_method(); #endif #ifndef OPENSSL_NO_TLS1 if (ver == TLS1_VERSION) - return TLSv1_server_method(); + return tlsv1_server_method(); #endif #ifndef OPENSSL_NO_SSL3 if (ver == SSL3_VERSION) - return (SSLv3_server_method()); + return (sslv3_server_method()); #endif return NULL; } @@ -207,7 +207,7 @@ IMPLEMENT_tls_meth_func(TLS_ANY_VERSION, 0, 0, #ifndef OPENSSL_NO_TLS1_2_METHOD IMPLEMENT_tls_meth_func(TLS1_2_VERSION, 0, SSL_OP_NO_TLSv1_2, - TLSv1_2_server_method, + tlsv1_2_server_method, ossl_statem_accept, ssl_undefined_function, tls1_get_server_method, TLSv1_2_enc_data) @@ -215,7 +215,7 @@ IMPLEMENT_tls_meth_func(TLS1_2_VERSION, 0, SSL_OP_NO_TLSv1_2, #ifndef OPENSSL_NO_TLS1_1_METHOD IMPLEMENT_tls_meth_func(TLS1_1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_TLSv1_1, - TLSv1_1_server_method, + tlsv1_1_server_method, ossl_statem_accept, ssl_undefined_function, tls1_get_server_method, TLSv1_1_enc_data) @@ -223,14 +223,14 @@ IMPLEMENT_tls_meth_func(TLS1_1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_TLSv1_1, #ifndef OPENSSL_NO_TLS1_METHOD IMPLEMENT_tls_meth_func(TLS1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_TLSv1, - TLSv1_server_method, + tlsv1_server_method, ossl_statem_accept, ssl_undefined_function, tls1_get_server_method, TLSv1_enc_data) #endif #ifndef OPENSSL_NO_SSL3_METHOD -IMPLEMENT_ssl3_meth_func(SSLv3_server_method, +IMPLEMENT_ssl3_meth_func(sslv3_server_method, ossl_statem_accept, ssl_undefined_function, tls1_get_server_method) #endif @@ -246,19 +246,19 @@ static const SSL_METHOD *tls1_get_client_method(int ver) return TLS_client_method(); #ifndef OPENSSL_NO_TLS1_2 if (ver == TLS1_2_VERSION) - return TLSv1_2_client_method(); + return tlsv1_2_client_method(); #endif #ifndef OPENSSL_NO_TLS1_1 if (ver == TLS1_1_VERSION) - return TLSv1_1_client_method(); + return tlsv1_1_client_method(); #endif #ifndef OPENSSL_NO_TLS1 if (ver == TLS1_VERSION) - return TLSv1_client_method(); + return tlsv1_client_method(); #endif #ifndef OPENSSL_NO_SSL3 if (ver == SSL3_VERSION) - return (SSLv3_client_method()); + return (sslv3_client_method()); #endif return NULL; } @@ -271,7 +271,7 @@ IMPLEMENT_tls_meth_func(TLS_ANY_VERSION, 0, 0, #ifndef OPENSSL_NO_TLS1_2_METHOD IMPLEMENT_tls_meth_func(TLS1_2_VERSION, 0, SSL_OP_NO_TLSv1_2, - TLSv1_2_client_method, + tlsv1_2_client_method, ssl_undefined_function, ossl_statem_connect, tls1_get_client_method, TLSv1_2_enc_data) @@ -279,7 +279,7 @@ IMPLEMENT_tls_meth_func(TLS1_2_VERSION, 0, SSL_OP_NO_TLSv1_2, #ifndef OPENSSL_NO_TLS1_1_METHOD IMPLEMENT_tls_meth_func(TLS1_1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_TLSv1_1, - TLSv1_1_client_method, + tlsv1_1_client_method, ssl_undefined_function, ossl_statem_connect, tls1_get_client_method, TLSv1_1_enc_data) @@ -287,14 +287,14 @@ IMPLEMENT_tls_meth_func(TLS1_1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_TLSv1_1, #ifndef OPENSSL_NO_TLS1_METHOD IMPLEMENT_tls_meth_func(TLS1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_TLSv1, - TLSv1_client_method, + tlsv1_client_method, ssl_undefined_function, ossl_statem_connect, tls1_get_client_method, TLSv1_enc_data) #endif #ifndef OPENSSL_NO_SSL3_METHOD -IMPLEMENT_ssl3_meth_func(SSLv3_client_method, +IMPLEMENT_ssl3_meth_func(sslv3_client_method, ssl_undefined_function, ossl_statem_connect, tls1_get_client_method) #endif @@ -309,11 +309,11 @@ static const SSL_METHOD *dtls1_get_method(int ver) return DTLS_method(); #ifndef OPENSSL_NO_DTLS1 else if (ver == DTLS1_VERSION) - return DTLSv1_method(); + return dtlsv1_method(); #endif #ifndef OPENSSL_NO_DTLS1_2 else if (ver == DTLS1_2_VERSION) - return DTLSv1_2_method(); + return dtlsv1_2_method(); #endif else return NULL; @@ -321,7 +321,7 @@ static const SSL_METHOD *dtls1_get_method(int ver) #ifndef OPENSSL_NO_DTLS1_METHOD IMPLEMENT_dtls1_meth_func(DTLS1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_DTLSv1, - DTLSv1_method, + dtlsv1_method, ossl_statem_accept, ossl_statem_connect, dtls1_get_method, DTLSv1_enc_data) @@ -329,7 +329,7 @@ IMPLEMENT_dtls1_meth_func(DTLS1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_DTLSv1, #ifndef OPENSSL_NO_DTLS1_2_METHOD IMPLEMENT_dtls1_meth_func(DTLS1_2_VERSION, 0, SSL_OP_NO_DTLSv1_2, - DTLSv1_2_method, + dtlsv1_2_method, ossl_statem_accept, ossl_statem_connect, dtls1_get_method, DTLSv1_2_enc_data) @@ -351,11 +351,11 @@ static const SSL_METHOD *dtls1_get_server_method(int ver) return DTLS_server_method(); #ifndef OPENSSL_NO_DTLS1 else if (ver == DTLS1_VERSION) - return DTLSv1_server_method(); + return dtlsv1_server_method(); #endif #ifndef OPENSSL_NO_DTLS1_2 else if (ver == DTLS1_2_VERSION) - return DTLSv1_2_server_method(); + return dtlsv1_2_server_method(); #endif else return NULL; @@ -363,7 +363,7 @@ static const SSL_METHOD *dtls1_get_server_method(int ver) #ifndef OPENSSL_NO_DTLS1_METHOD IMPLEMENT_dtls1_meth_func(DTLS1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_DTLSv1, - DTLSv1_server_method, + dtlsv1_server_method, ossl_statem_accept, ssl_undefined_function, dtls1_get_server_method, DTLSv1_enc_data) @@ -371,7 +371,7 @@ IMPLEMENT_dtls1_meth_func(DTLS1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_DTLSv1, #ifndef OPENSSL_NO_DTLS1_2_METHOD IMPLEMENT_dtls1_meth_func(DTLS1_2_VERSION, 0, SSL_OP_NO_DTLSv1_2, - DTLSv1_2_server_method, + dtlsv1_2_server_method, ossl_statem_accept, ssl_undefined_function, dtls1_get_server_method, DTLSv1_2_enc_data) @@ -394,11 +394,11 @@ static const SSL_METHOD *dtls1_get_client_method(int ver) return DTLS_client_method(); #ifndef OPENSSL_NO_DTLS1 else if (ver == DTLS1_VERSION || ver == DTLS1_BAD_VER) - return DTLSv1_client_method(); + return dtlsv1_client_method(); #endif #ifndef OPENSSL_NO_DTLS1_2 else if (ver == DTLS1_2_VERSION) - return DTLSv1_2_client_method(); + return dtlsv1_2_client_method(); #endif else return NULL; @@ -406,7 +406,7 @@ static const SSL_METHOD *dtls1_get_client_method(int ver) #ifndef OPENSSL_NO_DTLS1_METHOD IMPLEMENT_dtls1_meth_func(DTLS1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_DTLSv1, - DTLSv1_client_method, + dtlsv1_client_method, ssl_undefined_function, ossl_statem_connect, dtls1_get_client_method, DTLSv1_enc_data) @@ -414,7 +414,7 @@ IMPLEMENT_dtls1_meth_func(DTLS1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_DTLSv1, #ifndef OPENSSL_NO_DTLS1_2_METHOD IMPLEMENT_dtls1_meth_func(DTLS1_2_VERSION, 0, SSL_OP_NO_DTLSv1_2, - DTLSv1_2_client_method, + dtlsv1_2_client_method, ssl_undefined_function, ossl_statem_connect, dtls1_get_client_method, DTLSv1_2_enc_data) @@ -425,3 +425,110 @@ IMPLEMENT_dtls1_meth_func(DTLS_ANY_VERSION, 0, 0, ssl_undefined_function, ossl_statem_connect, dtls1_get_client_method, DTLSv1_2_enc_data) + +#if OPENSSL_API_COMPAT < 0x10100000L + +# ifndef OPENSSL_NO_TLS1_2_METHOD +const SSL_METHOD *TLSv1_2_method(void) +{ + return tlsv1_2_method(); +} + +const SSL_METHOD *TLSv1_2_server_method(void) +{ + return tlsv1_2_server_method(); +} + +const SSL_METHOD *TLSv1_2_client_method(void) +{ + return tlsv1_2_client_method(); +} +# endif + +# ifndef OPENSSL_NO_TLS1_1_METHOD +const SSL_METHOD *TLSv1_1_method(void) +{ + return tlsv1_1_method(); +} + +const SSL_METHOD *TLSv1_1_server_method(void) +{ + return tlsv1_1_server_method(); +} + +const SSL_METHOD *TLSv1_1_client_method(void) +{ + return tlsv1_1_client_method(); +} +# endif + +# ifndef OPENSSL_NO_TLS1_METHOD +const SSL_METHOD *TLSv1_method(void) +{ + return tlsv1_method(); +} + +const SSL_METHOD *TLSv1_server_method(void) +{ + return tlsv1_server_method(); +} + +const SSL_METHOD *TLSv1_client_method(void) +{ + return tlsv1_client_method(); +} +# endif + +# ifndef OPENSSL_NO_SSL3_METHOD +const SSL_METHOD *SSLv3_method(void) +{ + return sslv3_method(); +} + +const SSL_METHOD *SSLv3_server_method(void) +{ + return sslv3_server_method(); +} + +const SSL_METHOD *SSLv3_client_method(void) +{ + return sslv3_client_method(); +} +# endif + +# ifndef OPENSSL_NO_DTLS1_2_METHOD +const SSL_METHOD *DTLSv1_2_method(void) +{ + return dtlsv1_2_method(); +} + +const SSL_METHOD *DTLSv1_2_server_method(void) +{ + return dtlsv1_2_server_method(); +} + +const SSL_METHOD *DTLSv1_2_client_method(void) +{ + return dtlsv1_2_client_method(); +} +# endif + +# ifndef OPENSSL_NO_DTLS1_METHOD +const SSL_METHOD *DTLSv1_method(void) +{ + return dtlsv1_method(); +} + +const SSL_METHOD *DTLSv1_server_method(void) +{ + return dtlsv1_server_method(); +} + +const SSL_METHOD *DTLSv1_client_method(void) +{ + return dtlsv1_client_method(); +} +# endif + +#endif + diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index ef8f6c0012..dd39654386 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -3054,7 +3054,7 @@ int ssl_undefined_const_function(const SSL *s) return (0); } -SSL_METHOD *ssl_bad_method(int ver) +const SSL_METHOD *ssl_bad_method(int ver) { SSLerr(SSL_F_SSL_BAD_METHOD, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return (NULL); diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index adce5ad34a..d01fb5415b 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -1734,7 +1734,25 @@ typedef struct ssl3_comp_st { extern SSL3_ENC_METHOD ssl3_undef_enc_method; -SSL_METHOD *ssl_bad_method(int ver); +__owur const SSL_METHOD *ssl_bad_method(int ver); +__owur const SSL_METHOD *sslv3_method(void); +__owur const SSL_METHOD *sslv3_server_method(void); +__owur const SSL_METHOD *sslv3_client_method(void); +__owur const SSL_METHOD *tlsv1_method(void); +__owur const SSL_METHOD *tlsv1_server_method(void); +__owur const SSL_METHOD *tlsv1_client_method(void); +__owur const SSL_METHOD *tlsv1_1_method(void); +__owur const SSL_METHOD *tlsv1_1_server_method(void); +__owur const SSL_METHOD *tlsv1_1_client_method(void); +__owur const SSL_METHOD *tlsv1_2_method(void); +__owur const SSL_METHOD *tlsv1_2_server_method(void); +__owur const SSL_METHOD *tlsv1_2_client_method(void); +__owur const SSL_METHOD *dtlsv1_method(void); +__owur const SSL_METHOD *dtlsv1_server_method(void); +__owur const SSL_METHOD *dtlsv1_client_method(void); +__owur const SSL_METHOD *dtlsv1_2_method(void); +__owur const SSL_METHOD *dtlsv1_2_server_method(void); +__owur const SSL_METHOD *dtlsv1_2_client_method(void); extern const SSL3_ENC_METHOD TLSv1_enc_data; extern const SSL3_ENC_METHOD TLSv1_1_enc_data; diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c index 6be6e1d8a0..a24060e47f 100644 --- a/ssl/statem/statem_lib.c +++ b/ssl/statem/statem_lib.c @@ -716,22 +716,22 @@ typedef struct { static const version_info tls_version_table[] = { #ifndef OPENSSL_NO_TLS1_2 - { TLS1_2_VERSION, TLSv1_2_client_method, TLSv1_2_server_method }, + { TLS1_2_VERSION, tlsv1_2_client_method, tlsv1_2_server_method }, #else { TLS1_2_VERSION, NULL, NULL }, #endif #ifndef OPENSSL_NO_TLS1_1 - { TLS1_1_VERSION, TLSv1_1_client_method, TLSv1_1_server_method }, + { TLS1_1_VERSION, tlsv1_1_client_method, tlsv1_1_server_method }, #else { TLS1_1_VERSION, NULL, NULL }, #endif #ifndef OPENSSL_NO_TLS1 - { TLS1_VERSION, TLSv1_client_method, TLSv1_server_method }, + { TLS1_VERSION, tlsv1_client_method, tlsv1_server_method }, #else { TLS1_VERSION, NULL, NULL }, #endif #ifndef OPENSSL_NO_SSL3 - { SSL3_VERSION, SSLv3_client_method, SSLv3_server_method }, + { SSL3_VERSION, sslv3_client_method, sslv3_server_method }, #else { SSL3_VERSION, NULL, NULL }, #endif @@ -744,12 +744,12 @@ static const version_info tls_version_table[] = { static const version_info dtls_version_table[] = { #ifndef OPENSSL_NO_DTLS1_2 - { DTLS1_2_VERSION, DTLSv1_2_client_method, DTLSv1_2_server_method }, + { DTLS1_2_VERSION, dtlsv1_2_client_method, dtlsv1_2_server_method }, #else { DTLS1_2_VERSION, NULL, NULL }, #endif #ifndef OPENSSL_NO_DTLS1 - { DTLS1_VERSION, DTLSv1_client_method, DTLSv1_server_method }, + { DTLS1_VERSION, dtlsv1_client_method, dtlsv1_server_method }, #else { DTLS1_VERSION, NULL, NULL }, #endif |