PR: 1794

Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr> Reviewed by: steve Remove unnecessary code for srp and to add some comments to s_client. - the callback to provide a user during client connect is no longer necessary since rfc 5054 a connection attempt with an srp cipher and no user is terminated when the cipher is acceptable - comments to indicate in s_client the (non-)usefulness of th primalaty tests for non known group parameters.
author: Dr. Stephen Henson <steve@openssl.org> 2011-12-14 22:18:03 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2011-12-14 22:18:03 +0000
commit: b8a22c40e019c406f1023c0383bf8425c3f1d890 (patch)
tree: 56cee917db7d40ca74a2be1ba472893f492b43df /ssl
parent: 3918de9ad111a6456e43056f007a910c471ec855 (diff)
4 files changed, 7 insertions, 43 deletions
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 04450f60d6..d3f636a095 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -3674,10 +3674,6 @@ long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
 		ctx->srp_ctx.srp_Mask|=SSL_kSRP;
 		ctx->srp_ctx.SRP_give_srp_client_pwd_callback=(char *(*)(SSL *,void *))fp;
 		break;
-	case SSL_CTRL_SET_TLS_EXT_SRP_MISSING_CLIENT_USERNAME_CB:
-		ctx->srp_ctx.srp_Mask|=SSL_kSRP;
-		ctx->srp_ctx.SRP_TLS_ext_missing_srp_client_username_callback=(char *(*)(SSL *,void *))fp;
-		break;
 #endif
 #endif
 	default:
diff --git a/ssl/ssl.h b/ssl/ssl.h
index a46d833a4c..5f4fb6bd42 100644
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -692,8 +692,6 @@ typedef struct srp_ctx_st
 	int (*SRP_verify_param_callback)(SSL *, void *);
 	/* set SRP client passwd callback */
 	char *(*SRP_give_srp_client_pwd_callback)(SSL *, void *);
-	/* set SRP client username callback */
-	char *(*SRP_TLS_ext_missing_srp_client_username_callback)(SSL *, void *);
 
 	char *login;
 	BIGNUM *N,*g,*s,*B,*A;
@@ -1573,11 +1571,11 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
 #define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB	75
 #define SSL_CTRL_SET_SRP_VERIFY_PARAM_CB		76
 #define SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB		77
-#define SSL_CTRL_SET_TLS_EXT_SRP_MISSING_CLIENT_USERNAME_CB		78
-#define SSL_CTRL_SET_SRP_ARG		79
-#define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME		80
-#define SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH		81
-#define SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD		82
+
+#define SSL_CTRL_SET_SRP_ARG		78
+#define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME		79
+#define SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH		80
+#define SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD		81
 #endif
 
 #define DTLS_CTRL_GET_TIMEOUT		73
diff --git a/ssl/ssltest.c b/ssl/ssltest.c
index 70950e1b49..0f8fd3902d 100644
--- a/ssl/ssltest.c
+++ b/ssl/ssltest.c
@@ -266,12 +266,6 @@ static char * MS_CALLBACK ssl_give_srp_client_pwd_cb(SSL *s, void *arg)
 	return BUF_strdup((char *)srp_client_arg->srppassin);
 	}
 
-static char * MS_CALLBACK missing_srp_username_callback(SSL *s, void *arg)
-	{
-	SRP_CLIENT_ARG *srp_client_arg = (SRP_CLIENT_ARG *)arg;
-	return BUF_strdup(srp_client_arg->srplogin);
-	}
-
 /* SRP server */
 /* This is a context that we pass to SRP server callbacks */
 typedef struct srp_server_arg_st
@@ -537,7 +531,6 @@ int main(int argc, char *argv[])
 #endif
 #ifndef OPENSSL_NO_SRP
 	/* client */
-	int srp_lateuser = 0;
 	SRP_CLIENT_ARG srp_client_arg = {NULL,NULL};
 	/* server */
 	SRP_SERVER_ARG srp_server_arg = {NULL,NULL};
@@ -1053,9 +1046,7 @@ bad:
 #ifndef OPENSSL_NO_SRP
         if (srp_client_arg.srplogin)
 		{
-		if (srp_lateuser) 
-			SSL_CTX_set_srp_missing_srp_username_callback(c_ctx,missing_srp_username_callback);
-		else if (!SSL_CTX_set_srp_username(c_ctx, srp_client_arg.srplogin))
+		if (!SSL_CTX_set_srp_username(c_ctx, srp_client_arg.srplogin))
 			{
 			BIO_printf(bio_err,"Unable to set SRP username\n");
 			goto end;
diff --git a/ssl/tls_srp.c b/ssl/tls_srp.c
index 433d286d3d..8512c4daf6 100644
--- a/ssl/tls_srp.c
+++ b/ssl/tls_srp.c
@@ -4,7 +4,7 @@
  * for the EdelKey project and contributed to the OpenSSL project 2004.
  */
 /* ====================================================================
- * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 2004-2011 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -80,7 +80,6 @@ int SSL_CTX_SRP_CTX_free(struct ssl_ctx_st *ctx)
 	ctx->srp_ctx.SRP_cb_arg = NULL;
 	ctx->srp_ctx.SRP_verify_param_callback = NULL;
 	ctx->srp_ctx.SRP_give_srp_client_pwd_callback = NULL;
-	ctx->srp_ctx.SRP_TLS_ext_missing_srp_client_username_callback = NULL;
 	ctx->srp_ctx.N = NULL;
 	ctx->srp_ctx.g = NULL;
 	ctx->srp_ctx.s = NULL;
@@ -113,7 +112,6 @@ int SSL_SRP_CTX_free(struct ssl_st *s)
 	s->srp_ctx.SRP_cb_arg = NULL;
 	s->srp_ctx.SRP_verify_param_callback = NULL;
 	s->srp_ctx.SRP_give_srp_client_pwd_callback = NULL;
-	s->srp_ctx.SRP_TLS_ext_missing_srp_client_username_callback = NULL;
 	s->srp_ctx.N = NULL;
 	s->srp_ctx.g = NULL;
 	s->srp_ctx.s = NULL;
@@ -142,7 +140,6 @@ int SSL_SRP_CTX_init(struct ssl_st *s)
 	s->srp_ctx.SRP_verify_param_callback = ctx->srp_ctx.SRP_verify_param_callback;
 	/* set SRP client passwd callback */
 	s->srp_ctx.SRP_give_srp_client_pwd_callback = ctx->srp_ctx.SRP_give_srp_client_pwd_callback;
-	s->srp_ctx.SRP_TLS_ext_missing_srp_client_username_callback = ctx->srp_ctx.SRP_TLS_ext_missing_srp_client_username_callback;
 
 	s->srp_ctx.N = NULL;
 	s->srp_ctx.g = NULL;
@@ -210,7 +207,6 @@ int SSL_CTX_SRP_CTX_init(struct ssl_ctx_st *ctx)
 	ctx->srp_ctx.SRP_verify_param_callback = NULL;
 	/* set SRP client passwd callback */
 	ctx->srp_ctx.SRP_give_srp_client_pwd_callback = NULL;
-	ctx->srp_ctx.SRP_TLS_ext_missing_srp_client_username_callback = NULL;
 
 	ctx->srp_ctx.N = NULL;
 	ctx->srp_ctx.g = NULL;
@@ -436,16 +432,6 @@ int SRP_Calc_A_param(SSL *s)
 	return 1;
 	}
 
-int SRP_have_to_put_srp_username(SSL *s)
-	{
-	if (s->srp_ctx.SRP_TLS_ext_missing_srp_client_username_callback == NULL)
-		return 0;
-	if ((s->srp_ctx.login = s->srp_ctx.SRP_TLS_ext_missing_srp_client_username_callback(s,s->srp_ctx.SRP_cb_arg)) == NULL)
-		return 0;
-	s->srp_ctx.srp_Mask|=SSL_kSRP;
-	return 1;
-	}
-
 BIGNUM *SSL_get_srp_g(SSL *s)
 	{
 	if (s->srp_ctx.g != NULL)
@@ -517,11 +503,4 @@ int SSL_CTX_set_srp_client_pwd_callback(SSL_CTX *ctx, char *(*cb)(SSL *,void *))
 				      (void (*)(void))cb);
 	}
 
-int SSL_CTX_set_srp_missing_srp_username_callback(SSL_CTX *ctx,
-						  char *(*cb)(SSL *,void *))
-	{
-	return tls1_ctx_callback_ctrl(ctx,
-			    SSL_CTRL_SET_TLS_EXT_SRP_MISSING_CLIENT_USERNAME_CB,
-				      (void (*)(void))cb);
-	}
 #endif
author	Dr. Stephen Henson <steve@openssl.org>	2011-12-14 22:18:03 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2011-12-14 22:18:03 +0000
commit	b8a22c40e019c406f1023c0383bf8425c3f1d890 (patch)
tree	56cee917db7d40ca74a2be1ba472893f492b43df /ssl
parent	3918de9ad111a6456e43056f007a910c471ec855 (diff)