[openssl-commits] [openssl] OpenSSL_1_1_0-stable update

Richard Levitte levitte at openssl.org
Tue Jan 24 17:48:21 UTC 2017 

The branch OpenSSL_1_1_0-stable has been updated
       via  f5eab25a7c03c5fb1d3fab55c506907f8fbd427e (commit)
      from  75249be2ce76a75953869f9d249ef0ec8f701d94 (commit)


- Log -----------------------------------------------------------------
commit f5eab25a7c03c5fb1d3fab55c506907f8fbd427e
Author: Todd Short <tshort at akamai.com>
Date:   Mon Jan 9 15:29:42 2017 -0500

    Cleanup EVP_CIPH/EP_CTRL duplicate defines
    
    Remove duplicate defines from EVP source files.
    Most of them were in evp.h, which is always included.
    Add new ones evp_int.h
    EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK is now always defined in evp.h, so
    remove conditionals on it
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/2201)
    (cherry picked from commit 9d6fcd4295fef7ebc4232aab85718a99d36cc50a)

-----------------------------------------------------------------------

Summary of changes:
 apps/speed.c                       |  2 --
 crypto/evp/e_aes_cbc_hmac_sha1.c   | 20 ++------------------
 crypto/evp/e_aes_cbc_hmac_sha256.c | 20 ++------------------
 crypto/evp/e_rc4.c                 |  3 ---
 crypto/evp/e_rc4_hmac_md5.c        |  9 ---------
 crypto/include/internal/evp_int.h  |  7 +++++++
 ssl/record/rec_layer_s3.c          |  4 ----
 7 files changed, 11 insertions(+), 54 deletions(-)

diff --git a/apps/speed.c b/apps/speed.c
index cdd0da1..df22422 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -2273,7 +2273,6 @@ int speed_main(int argc, char **argv)
 #endif
 
     if (doit[D_EVP]) {
-#ifdef EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK
         if (multiblock && evp_cipher) {
             if (!
                 (EVP_CIPHER_flags(evp_cipher) &
@@ -2290,7 +2289,6 @@ int speed_main(int argc, char **argv)
             ret = 0;
             goto end;
         }
-#endif
         for (testnum = 0; testnum < SIZE_NUM; testnum++) {
             if (evp_cipher) {
 
diff --git a/crypto/evp/e_aes_cbc_hmac_sha1.c b/crypto/evp/e_aes_cbc_hmac_sha1.c
index 0e1ad74..52c7c74 100644
--- a/crypto/evp/e_aes_cbc_hmac_sha1.c
+++ b/crypto/evp/e_aes_cbc_hmac_sha1.c
@@ -21,22 +21,6 @@
 #include "internal/evp_int.h"
 #include "internal/constant_time_locl.h"
 
-#ifndef EVP_CIPH_FLAG_AEAD_CIPHER
-# define EVP_CIPH_FLAG_AEAD_CIPHER       0x200000
-# define EVP_CTRL_AEAD_TLS1_AAD          0x16
-# define EVP_CTRL_AEAD_SET_MAC_KEY       0x17
-#endif
-
-#if !defined(EVP_CIPH_FLAG_DEFAULT_ASN1)
-# define EVP_CIPH_FLAG_DEFAULT_ASN1 0
-#endif
-
-#if !defined(EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)
-# define EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK 0
-#endif
-
-#define TLS1_1_VERSION 0x0302
-
 typedef struct {
     AES_KEY ks;
     SHA_CTX head, tail, md;
@@ -146,7 +130,7 @@ static void sha1_update(SHA_CTX *c, const void *data, size_t len)
 # endif
 # define SHA1_Update sha1_update
 
-# if !defined(OPENSSL_NO_MULTIBLOCK) && EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK
+# if !defined(OPENSSL_NO_MULTIBLOCK)
 
 typedef struct {
     unsigned int A[8], B[8], C[8], D[8], E[8];
@@ -842,7 +826,7 @@ static int aesni_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
                 return SHA_DIGEST_LENGTH;
             }
         }
-# if !defined(OPENSSL_NO_MULTIBLOCK) && EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK
+# if !defined(OPENSSL_NO_MULTIBLOCK)
     case EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE:
         return (int)(5 + 16 + ((arg + 20 + 16) & -16));
     case EVP_CTRL_TLS1_1_MULTIBLOCK_AAD:
diff --git a/crypto/evp/e_aes_cbc_hmac_sha256.c b/crypto/evp/e_aes_cbc_hmac_sha256.c
index 3b9cdf4..5a92e0b 100644
--- a/crypto/evp/e_aes_cbc_hmac_sha256.c
+++ b/crypto/evp/e_aes_cbc_hmac_sha256.c
@@ -22,22 +22,6 @@
 #include "internal/constant_time_locl.h"
 #include "internal/evp_int.h"
 
-#ifndef EVP_CIPH_FLAG_AEAD_CIPHER
-# define EVP_CIPH_FLAG_AEAD_CIPHER       0x200000
-# define EVP_CTRL_AEAD_TLS1_AAD          0x16
-# define EVP_CTRL_AEAD_SET_MAC_KEY       0x17
-#endif
-
-#if !defined(EVP_CIPH_FLAG_DEFAULT_ASN1)
-# define EVP_CIPH_FLAG_DEFAULT_ASN1 0
-#endif
-
-#if !defined(EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)
-# define EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK 0
-#endif
-
-#define TLS1_1_VERSION 0x0302
-
 typedef struct {
     AES_KEY ks;
     SHA256_CTX head, tail, md;
@@ -142,7 +126,7 @@ static void sha256_update(SHA256_CTX *c, const void *data, size_t len)
 # endif
 # define SHA256_Update sha256_update
 
-# if !defined(OPENSSL_NO_MULTIBLOCK) && EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK
+# if !defined(OPENSSL_NO_MULTIBLOCK)
 
 typedef struct {
     unsigned int A[8], B[8], C[8], D[8], E[8], F[8], G[8], H[8];
@@ -819,7 +803,7 @@ static int aesni_cbc_hmac_sha256_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
                 return SHA256_DIGEST_LENGTH;
             }
         }
-# if !defined(OPENSSL_NO_MULTIBLOCK) && EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK
+# if !defined(OPENSSL_NO_MULTIBLOCK)
     case EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE:
         return (int)(5 + 16 + ((arg + 32 + 16) & -16));
     case EVP_CTRL_TLS1_1_MULTIBLOCK_AAD:
diff --git a/crypto/evp/e_rc4.c b/crypto/evp/e_rc4.c
index 1a2895f..ea95dea 100644
--- a/crypto/evp/e_rc4.c
+++ b/crypto/evp/e_rc4.c
@@ -18,9 +18,6 @@
 
 # include "internal/evp_int.h"
 
-/* FIXME: surely this is available elsewhere? */
-# define EVP_RC4_KEY_SIZE                16
-
 typedef struct {
     RC4_KEY ks;                 /* working key */
 } EVP_RC4_KEY;
diff --git a/crypto/evp/e_rc4_hmac_md5.c b/crypto/evp/e_rc4_hmac_md5.c
index e7aa1f8..828ed64 100644
--- a/crypto/evp/e_rc4_hmac_md5.c
+++ b/crypto/evp/e_rc4_hmac_md5.c
@@ -21,15 +21,6 @@
 # include <openssl/md5.h>
 # include "internal/evp_int.h"
 
-# ifndef EVP_CIPH_FLAG_AEAD_CIPHER
-#  define EVP_CIPH_FLAG_AEAD_CIPHER       0x200000
-#  define EVP_CTRL_AEAD_TLS1_AAD          0x16
-#  define EVP_CTRL_AEAD_SET_MAC_KEY       0x17
-# endif
-
-/* FIXME: surely this is available elsewhere? */
-# define EVP_RC4_KEY_SIZE                16
-
 typedef struct {
     RC4_KEY ks;
     MD5_CTX head, tail, md;
diff --git a/crypto/include/internal/evp_int.h b/crypto/include/internal/evp_int.h
index d1e607e..c9ef582 100644
--- a/crypto/include/internal/evp_int.h
+++ b/crypto/include/internal/evp_int.h
@@ -380,3 +380,10 @@ struct evp_pkey_st {
 void openssl_add_all_ciphers_int(void);
 void openssl_add_all_digests_int(void);
 void evp_cleanup_int(void);
+
+/* Pulling defines out of C soure files */
+
+#define EVP_RC4_KEY_SIZE 16
+#ifndef TLS1_1_VERSION
+# define TLS1_1_VERSION   0x0302
+#endif
diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c
index fdc8190..00379ea 100644
--- a/ssl/record/rec_layer_s3.c
+++ b/ssl/record/rec_layer_s3.c
@@ -17,10 +17,6 @@
 #include <openssl/rand.h>
 #include "record_locl.h"
 
-#ifndef  EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK
-# define EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK 0
-#endif
-
 #if     defined(OPENSSL_SMALL_FOOTPRINT) || \
         !(      defined(AES_ASM) &&     ( \
                 defined(__x86_64)       || defined(__x86_64__)  || \

More information about the openssl-commits mailing list