From 410ab527b38ea99e1d897cc60c45aad0d9bac913 Mon Sep 17 00:00:00 2001
From: Matt Caswell <matt@openssl.org>
Date: Mon, 8 May 2017 09:32:58 +0100
Subject: Remove support for OPENSSL_SSL_TRACE_CRYPTO

This trace option does not appear in Configure as a separate option and is
undocumented. It can be switched on using "-DOPENSSL_SSL_TRACE_CRYPTO",
however this does not compile in master or in any 1.1.0 released version.

(cherry picked from commit eee2750bd3d25265bb44d029877434d2cc80970c)

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3413)
---
 ssl/t1_enc.c | 35 -----------------------------------
 1 file changed, 35 deletions(-)

(limited to 'ssl/t1_enc.c')

diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index 0fb88af249..235c5e4bc8 100644
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -313,25 +313,6 @@ int tls1_change_cipher_state(SSL *s, int which)
         SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);
         goto err2;
     }
-#ifdef OPENSSL_SSL_TRACE_CRYPTO
-    if (s->msg_callback) {
-        int wh = which & SSL3_CC_WRITE ? TLS1_RT_CRYPTO_WRITE : 0;
-        if (*mac_secret_size)
-            s->msg_callback(2, s->version, wh | TLS1_RT_CRYPTO_MAC,
-                            mac_secret, *mac_secret_size,
-                            s, s->msg_callback_arg);
-        if (c->key_len)
-            s->msg_callback(2, s->version, wh | TLS1_RT_CRYPTO_KEY,
-                            key, c->key_len, s, s->msg_callback_arg);
-        if (k) {
-            if (EVP_CIPHER_mode(c) == EVP_CIPH_GCM_MODE)
-                wh |= TLS1_RT_CRYPTO_FIXED_IV;
-            else
-                wh |= TLS1_RT_CRYPTO_IV;
-            s->msg_callback(2, s->version, wh, iv, k, s, s->msg_callback_arg);
-        }
-    }
-#endif
 
 #ifdef SSL_DEBUG
     printf("which = %04X\nkey=", which);
@@ -528,22 +509,6 @@ int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
                 SSL3_MASTER_SECRET_SIZE);
 #endif
 
-#ifdef OPENSSL_SSL_TRACE_CRYPTO
-    if (s->msg_callback) {
-        s->msg_callback(2, s->version, TLS1_RT_CRYPTO_PREMASTER,
-                        p, len, s, s->msg_callback_arg);
-        s->msg_callback(2, s->version, TLS1_RT_CRYPTO_CLIENT_RANDOM,
-                        s->s3->client_random, SSL3_RANDOM_SIZE,
-                        s, s->msg_callback_arg);
-        s->msg_callback(2, s->version, TLS1_RT_CRYPTO_SERVER_RANDOM,
-                        s->s3->server_random, SSL3_RANDOM_SIZE,
-                        s, s->msg_callback_arg);
-        s->msg_callback(2, s->version, TLS1_RT_CRYPTO_MASTER,
-                        s->session->master_key,
-                        SSL3_MASTER_SECRET_SIZE, s, s->msg_callback_arg);
-    }
-#endif
-
     return (SSL3_MASTER_SECRET_SIZE);
 }
 
-- 
cgit v1.2.3