diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2011-12-14 22:18:03 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2011-12-14 22:18:03 +0000 |
commit | b8a22c40e019c406f1023c0383bf8425c3f1d890 (patch) | |
tree | 56cee917db7d40ca74a2be1ba472893f492b43df /ssl | |
parent | 3918de9ad111a6456e43056f007a910c471ec855 (diff) |
PR: 1794
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
Reviewed by: steve
Remove unnecessary code for srp and to add some comments to
s_client.
- the callback to provide a user during client connect is
no longer necessary since rfc 5054 a connection attempt
with an srp cipher and no user is terminated when the
cipher is acceptable
- comments to indicate in s_client the (non-)usefulness of
th primalaty tests for non known group parameters.
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/s3_lib.c | 4 | ||||
-rw-r--r-- | ssl/ssl.h | 12 | ||||
-rw-r--r-- | ssl/ssltest.c | 11 | ||||
-rw-r--r-- | ssl/tls_srp.c | 23 |
4 files changed, 7 insertions, 43 deletions
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 04450f60d6..d3f636a095 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -3674,10 +3674,6 @@ long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void)) ctx->srp_ctx.srp_Mask|=SSL_kSRP; ctx->srp_ctx.SRP_give_srp_client_pwd_callback=(char *(*)(SSL *,void *))fp; break; - case SSL_CTRL_SET_TLS_EXT_SRP_MISSING_CLIENT_USERNAME_CB: - ctx->srp_ctx.srp_Mask|=SSL_kSRP; - ctx->srp_ctx.SRP_TLS_ext_missing_srp_client_username_callback=(char *(*)(SSL *,void *))fp; - break; #endif #endif default: @@ -692,8 +692,6 @@ typedef struct srp_ctx_st int (*SRP_verify_param_callback)(SSL *, void *); /* set SRP client passwd callback */ char *(*SRP_give_srp_client_pwd_callback)(SSL *, void *); - /* set SRP client username callback */ - char *(*SRP_TLS_ext_missing_srp_client_username_callback)(SSL *, void *); char *login; BIGNUM *N,*g,*s,*B,*A; @@ -1573,11 +1571,11 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION) #define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB 75 #define SSL_CTRL_SET_SRP_VERIFY_PARAM_CB 76 #define SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB 77 -#define SSL_CTRL_SET_TLS_EXT_SRP_MISSING_CLIENT_USERNAME_CB 78 -#define SSL_CTRL_SET_SRP_ARG 79 -#define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME 80 -#define SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH 81 -#define SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD 82 + +#define SSL_CTRL_SET_SRP_ARG 78 +#define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME 79 +#define SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH 80 +#define SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD 81 #endif #define DTLS_CTRL_GET_TIMEOUT 73 diff --git a/ssl/ssltest.c b/ssl/ssltest.c index 70950e1b49..0f8fd3902d 100644 --- a/ssl/ssltest.c +++ b/ssl/ssltest.c @@ -266,12 +266,6 @@ static char * MS_CALLBACK ssl_give_srp_client_pwd_cb(SSL *s, void *arg) return BUF_strdup((char *)srp_client_arg->srppassin); } -static char * MS_CALLBACK missing_srp_username_callback(SSL *s, void *arg) - { - SRP_CLIENT_ARG *srp_client_arg = (SRP_CLIENT_ARG *)arg; - return BUF_strdup(srp_client_arg->srplogin); - } - /* SRP server */ /* This is a context that we pass to SRP server callbacks */ typedef struct srp_server_arg_st @@ -537,7 +531,6 @@ int main(int argc, char *argv[]) #endif #ifndef OPENSSL_NO_SRP /* client */ - int srp_lateuser = 0; SRP_CLIENT_ARG srp_client_arg = {NULL,NULL}; /* server */ SRP_SERVER_ARG srp_server_arg = {NULL,NULL}; @@ -1053,9 +1046,7 @@ bad: #ifndef OPENSSL_NO_SRP if (srp_client_arg.srplogin) { - if (srp_lateuser) - SSL_CTX_set_srp_missing_srp_username_callback(c_ctx,missing_srp_username_callback); - else if (!SSL_CTX_set_srp_username(c_ctx, srp_client_arg.srplogin)) + if (!SSL_CTX_set_srp_username(c_ctx, srp_client_arg.srplogin)) { BIO_printf(bio_err,"Unable to set SRP username\n"); goto end; diff --git a/ssl/tls_srp.c b/ssl/tls_srp.c index 433d286d3d..8512c4daf6 100644 --- a/ssl/tls_srp.c +++ b/ssl/tls_srp.c @@ -4,7 +4,7 @@ * for the EdelKey project and contributed to the OpenSSL project 2004. */ /* ==================================================================== - * Copyright (c) 2004 The OpenSSL Project. All rights reserved. + * Copyright (c) 2004-2011 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -80,7 +80,6 @@ int SSL_CTX_SRP_CTX_free(struct ssl_ctx_st *ctx) ctx->srp_ctx.SRP_cb_arg = NULL; ctx->srp_ctx.SRP_verify_param_callback = NULL; ctx->srp_ctx.SRP_give_srp_client_pwd_callback = NULL; - ctx->srp_ctx.SRP_TLS_ext_missing_srp_client_username_callback = NULL; ctx->srp_ctx.N = NULL; ctx->srp_ctx.g = NULL; ctx->srp_ctx.s = NULL; @@ -113,7 +112,6 @@ int SSL_SRP_CTX_free(struct ssl_st *s) s->srp_ctx.SRP_cb_arg = NULL; s->srp_ctx.SRP_verify_param_callback = NULL; s->srp_ctx.SRP_give_srp_client_pwd_callback = NULL; - s->srp_ctx.SRP_TLS_ext_missing_srp_client_username_callback = NULL; s->srp_ctx.N = NULL; s->srp_ctx.g = NULL; s->srp_ctx.s = NULL; @@ -142,7 +140,6 @@ int SSL_SRP_CTX_init(struct ssl_st *s) s->srp_ctx.SRP_verify_param_callback = ctx->srp_ctx.SRP_verify_param_callback; /* set SRP client passwd callback */ s->srp_ctx.SRP_give_srp_client_pwd_callback = ctx->srp_ctx.SRP_give_srp_client_pwd_callback; - s->srp_ctx.SRP_TLS_ext_missing_srp_client_username_callback = ctx->srp_ctx.SRP_TLS_ext_missing_srp_client_username_callback; s->srp_ctx.N = NULL; s->srp_ctx.g = NULL; @@ -210,7 +207,6 @@ int SSL_CTX_SRP_CTX_init(struct ssl_ctx_st *ctx) ctx->srp_ctx.SRP_verify_param_callback = NULL; /* set SRP client passwd callback */ ctx->srp_ctx.SRP_give_srp_client_pwd_callback = NULL; - ctx->srp_ctx.SRP_TLS_ext_missing_srp_client_username_callback = NULL; ctx->srp_ctx.N = NULL; ctx->srp_ctx.g = NULL; @@ -436,16 +432,6 @@ int SRP_Calc_A_param(SSL *s) return 1; } -int SRP_have_to_put_srp_username(SSL *s) - { - if (s->srp_ctx.SRP_TLS_ext_missing_srp_client_username_callback == NULL) - return 0; - if ((s->srp_ctx.login = s->srp_ctx.SRP_TLS_ext_missing_srp_client_username_callback(s,s->srp_ctx.SRP_cb_arg)) == NULL) - return 0; - s->srp_ctx.srp_Mask|=SSL_kSRP; - return 1; - } - BIGNUM *SSL_get_srp_g(SSL *s) { if (s->srp_ctx.g != NULL) @@ -517,11 +503,4 @@ int SSL_CTX_set_srp_client_pwd_callback(SSL_CTX *ctx, char *(*cb)(SSL *,void *)) (void (*)(void))cb); } -int SSL_CTX_set_srp_missing_srp_username_callback(SSL_CTX *ctx, - char *(*cb)(SSL *,void *)) - { - return tls1_ctx_callback_ctrl(ctx, - SSL_CTRL_SET_TLS_EXT_SRP_MISSING_CLIENT_USERNAME_CB, - (void (*)(void))cb); - } #endif |