Now that SSLv3 is going away, TLS_* and SSLv23 are equivalent.

Remove the TLS method data and tls_any_* functions.  Point to SSLv23.

ok jsing@

4 files changed, 7 insertions, 166 deletions

diff --git a/lib/libssl/src/ssl/s23_clnt.c b/lib/libssl/src/ssl/s23_clnt.c
index a99a7691bd4..aa668a3ccff 100644
--- a/lib/libssl/src/ssl/s23_clnt.c
+++ b/lib/libssl/src/ssl/s23_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s23_clnt.c,v 1.41 2015/08/27 06:21:15 doug Exp $ */
+/* $OpenBSD: s23_clnt.c,v 1.42 2015/08/29 17:15:52 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -120,7 +120,6 @@
 static const SSL_METHOD *ssl23_get_client_method(int ver);
 static int ssl23_client_hello(SSL *s);
 static int ssl23_get_server_hello(SSL *s);
-static const SSL_METHOD *tls_any_get_client_method(int ver);
 
 const SSL_METHOD SSLv23_client_method_data = {
 	.version = TLS1_2_VERSION,
@@ -154,39 +153,6 @@ const SSL_METHOD SSLv23_client_method_data = {
 	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
 };
 
-const SSL_METHOD TLS_client_method_data = {
-	.version = TLS1_2_VERSION,
-	.ssl_new = tls1_new,
-	.ssl_clear = tls1_clear,
-	.ssl_free = tls1_free,
-	.ssl_accept = ssl_undefined_function,
-	.ssl_connect = tls_any_connect,
-	.ssl_read = ssl23_read,
-	.ssl_peek = ssl23_peek,
-	.ssl_write = ssl23_write,
-	.ssl_shutdown = ssl_undefined_function,
-	.ssl_renegotiate = ssl_undefined_function,
-	.ssl_renegotiate_check = ssl_ok,
-	.ssl_get_message = ssl3_get_message,
-	.ssl_read_bytes = ssl3_read_bytes,
-	.ssl_write_bytes = ssl3_write_bytes,
-	.ssl_dispatch_alert = ssl3_dispatch_alert,
-	.ssl_ctrl = ssl3_ctrl,
-	.ssl_ctx_ctrl = ssl3_ctx_ctrl,
-	.get_cipher_by_char = ssl3_get_cipher_by_char,
-	.put_cipher_by_char = ssl3_put_cipher_by_char,
-	.ssl_pending = ssl_undefined_const_function,
-	.num_ciphers = ssl3_num_ciphers,
-	.get_cipher = ssl3_get_cipher,
-	.get_ssl_method = tls_any_get_client_method,
-	.get_timeout = ssl23_default_timeout,
-	.ssl3_enc = &ssl3_undef_enc_method,
-	.ssl_version = ssl_undefined_void_function,
-	.ssl_callback_ctrl = ssl3_callback_ctrl,
-	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
-};
-
-
 const SSL_METHOD *
 SSLv23_client_method(void)
 {
@@ -570,29 +536,5 @@ err:
 const SSL_METHOD *
 TLS_client_method(void)
 {
-	return &TLS_client_method_data;
-}
-
-static const SSL_METHOD *
-tls_any_get_client_method(int ver)
-{
-	if (ver == SSL3_VERSION)
-		return (NULL);
-	else
-		return ssl23_get_client_method(ver);
-}
-
-int
-tls_any_connect(SSL *s)
-{
-	int ret;
-	unsigned long old_options;
-
-	old_options = s->options;
-
-	s->options |= SSL_OP_NO_SSLv3;
-	ret = ssl23_connect(s);
-	s->options = old_options;
-
-	return ret;
+	return &SSLv23_client_method_data;
 }
diff --git a/lib/libssl/src/ssl/s23_meth.c b/lib/libssl/src/ssl/s23_meth.c
index acc8315b911..dfccf1150d8 100644
--- a/lib/libssl/src/ssl/s23_meth.c
+++ b/lib/libssl/src/ssl/s23_meth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s23_meth.c,v 1.20 2015/08/27 06:21:15 doug Exp $ */
+/* $OpenBSD: s23_meth.c,v 1.21 2015/08/29 17:15:52 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -63,7 +63,6 @@
 #include "ssl_locl.h"
 
 static const SSL_METHOD *ssl23_get_method(int ver);
-static const SSL_METHOD *tls_any_get_method(int ver);
 
 const SSL_METHOD SSLv23_method_data = {
 	.version = TLS1_2_VERSION,
@@ -115,49 +114,8 @@ ssl23_get_method(int ver)
 	return (NULL);
 }
 
-const SSL_METHOD TLS_method_data = {
-	.version = TLS1_2_VERSION,
-	.ssl_new = tls1_new,
-	.ssl_clear = tls1_clear,
-	.ssl_free = tls1_free,
-	.ssl_accept = tls_any_accept,
-	.ssl_connect = tls_any_connect,
-	.ssl_read = ssl23_read,
-	.ssl_peek = ssl23_peek,
-	.ssl_write = ssl23_write,
-	.ssl_shutdown = ssl_undefined_function,
-	.ssl_renegotiate = ssl_undefined_function,
-	.ssl_renegotiate_check = ssl_ok,
-	.ssl_get_message = ssl3_get_message,
-	.ssl_read_bytes = ssl3_read_bytes,
-	.ssl_write_bytes = ssl3_write_bytes,
-	.ssl_dispatch_alert = ssl3_dispatch_alert,
-	.ssl_ctrl = ssl3_ctrl,
-	.ssl_ctx_ctrl = ssl3_ctx_ctrl,
-	.get_cipher_by_char = ssl3_get_cipher_by_char,
-	.put_cipher_by_char = ssl3_put_cipher_by_char,
-	.ssl_pending = ssl_undefined_const_function,
-	.num_ciphers = ssl3_num_ciphers,
-	.get_cipher = ssl3_get_cipher,
-	.get_ssl_method = tls_any_get_method,
-	.get_timeout = ssl23_default_timeout,
-	.ssl3_enc = &ssl3_undef_enc_method,
-	.ssl_version = ssl_undefined_void_function,
-	.ssl_callback_ctrl = ssl3_callback_ctrl,
-	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
-};
-
 const SSL_METHOD *
 TLS_method(void)
 {
-	return &TLS_method_data;
-}
-
-static const SSL_METHOD *
-tls_any_get_method(int ver)
-{
-	if (ver == SSL3_VERSION)
-		return (NULL);
-	else
-		return ssl23_get_method(ver);
+	return &SSLv23_method_data;
 }
diff --git a/lib/libssl/src/ssl/s23_srvr.c b/lib/libssl/src/ssl/s23_srvr.c
index 7b2107680e7..d4ca586c2d4 100644
--- a/lib/libssl/src/ssl/s23_srvr.c
+++ b/lib/libssl/src/ssl/s23_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s23_srvr.c,v 1.42 2015/08/27 06:21:15 doug Exp $ */
+/* $OpenBSD: s23_srvr.c,v 1.43 2015/08/29 17:15:52 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -119,7 +119,6 @@
 
 static const SSL_METHOD *ssl23_get_server_method(int ver);
 int ssl23_get_client_hello(SSL *s);
-static const SSL_METHOD *tls_any_get_server_method(int ver);
 
 const SSL_METHOD SSLv23_server_method_data = {
 	.version = TLS1_2_VERSION,
@@ -153,38 +152,6 @@ const SSL_METHOD SSLv23_server_method_data = {
 	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
 };
 
-const SSL_METHOD TLS_server_method_data = {
-	.version = TLS1_2_VERSION,
-	.ssl_new = tls1_new,
-	.ssl_clear = tls1_clear,
-	.ssl_free = tls1_free,
-	.ssl_accept = tls_any_accept,
-	.ssl_connect = ssl_undefined_function,
-	.ssl_read = ssl23_read,
-	.ssl_peek = ssl23_peek,
-	.ssl_write = ssl23_write,
-	.ssl_shutdown = ssl_undefined_function,
-	.ssl_renegotiate = ssl_undefined_function,
-	.ssl_renegotiate_check = ssl_ok,
-	.ssl_get_message = ssl3_get_message,
-	.ssl_read_bytes = ssl3_read_bytes,
-	.ssl_write_bytes = ssl3_write_bytes,
-	.ssl_dispatch_alert = ssl3_dispatch_alert,
-	.ssl_ctrl = ssl3_ctrl,
-	.ssl_ctx_ctrl = ssl3_ctx_ctrl,
-	.get_cipher_by_char = ssl3_get_cipher_by_char,
-	.put_cipher_by_char = ssl3_put_cipher_by_char,
-	.ssl_pending = ssl_undefined_const_function,
-	.num_ciphers = ssl3_num_ciphers,
-	.get_cipher = ssl3_get_cipher,
-	.get_ssl_method = tls_any_get_server_method,
-	.get_timeout = ssl23_default_timeout,
-	.ssl3_enc = &ssl3_undef_enc_method,
-	.ssl_version = ssl_undefined_void_function,
-	.ssl_callback_ctrl = ssl3_callback_ctrl,
-	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
-};
-
 const SSL_METHOD *
 SSLv23_server_method(void)
 {
@@ -592,29 +559,5 @@ ssl23_get_client_hello(SSL *s)
 const SSL_METHOD *
 TLS_server_method(void)
 {
-	return &TLS_server_method_data;
-}
-
-static const SSL_METHOD *
-tls_any_get_server_method(int ver)
-{
-	if (ver == SSL3_VERSION)
-		return (NULL);
-	else
-		return ssl23_get_server_method(ver);
-}
-
-int
-tls_any_accept(SSL *s)
-{
-	int ret;
-	unsigned long old_options;
-
-	old_options = s->options;
-
-	s->options |= SSL_OP_NO_SSLv3;
-	ret = ssl23_accept(s);
-	s->options = old_options;
-
-	return ret;
+	return &SSLv23_server_method_data;
 }
diff --git a/lib/libssl/src/ssl/ssl_locl.h b/lib/libssl/src/ssl/ssl_locl.h
index 74b699a48c9..098065f3bc0 100644
--- a/lib/libssl/src/ssl/ssl_locl.h
+++ b/lib/libssl/src/ssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.100 2015/07/24 07:57:48 doug Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.101 2015/08/29 17:15:52 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -757,8 +757,6 @@ int ssl23_accept(SSL *s);
 int ssl23_connect(SSL *s);
 int ssl23_read_bytes(SSL *s, int n);
 int ssl23_write_bytes(SSL *s);
-int tls_any_accept(SSL *s);
-int tls_any_connect(SSL *s);
 
 int tls1_new(SSL *s);
 void tls1_free(SSL *s);