Gitiles
Code Review Sign In
gerrit-public.fairphone.software / fp2-dev / platform / external / openssl / 221304ee937bc0910948a8be1320cb8cc4eb6d36^! / . / ssl / d1_lib.c
commit221304ee937bc0910948a8be1320cb8cc4eb6d36[log] [tgz]
authorBrian Carlstrom <bdc@google.com>Thu Apr 15 14:22:36 2010 -0700
committerBrian Carlstrom <bdc@google.com>Mon Apr 19 13:53:12 2010 -0700
tree4be2cd9834a3a910da7a37c7f28b940d808e64e4
parent068012174ace0b90f5ef78b89e6d7a673cbf9158 [diff] [blame]
openssl-1.0.0 upgrade

external/openssl

    Updated version to 1.0.0
	openssl.version

    Updated small records patch for 1.0.0. This is probably the most significant change.
	patches/small_records.patch

    Removed bad_version.patch since fix is included in 0.9.8n and beyond
	patches/README
	patches/bad_version.patch
	openssl.config

    Changed import_openssl.sh to generate armv4 asm with the 1.0.0
    scripts, not our backported 0.9.9-dev backported version in
    patches/arm-asm.patch.
	import_openssl.sh
	openssl.config
	patches/README
	patches/arm-asm.patch

    Added -DOPENSSL_NO_STORE to match ./Configure output
    Added -DOPENSSL_NO_WHIRLPOOL (no-whrlpool) to skip new optional cipher
	android-config.mk
	openssl.config

    Fixed import to remove include directory during import like other
    imported directories (apps, ssl, crypto)
	import_openssl.sh

    Updated UNNEEDED_SOURCES. Pruned Makefiles which we don't use.
	openssl.config

    Updated to build newly required files
	patches/apps_Android.mk
	patches/crypto_Android.mk

    Disable some new openssl tools
	patches/progs.patch

    Updated upgrade testing notes to include running BigInteger tests
	README.android

    Automatically imported
	android.testssl/
	apps/
	crypto/
	e_os.h
	e_os2.h
	include/
	ssl/

dalvik

   Change makeCipherList to skip SSLv2 ciphers that 1.0.0 now returns
   so there are not duplicate ciphersuite names in getEnabledCipherSuites.
	libcore/x-net/src/main/native/org_apache_harmony_xnet_provider_jsse_NativeCrypto.cpp

   Updated OpenSSLSocketImpl_cipherauthenticationmethod for new
   SSL_CIPHER algorithms -> algorithm_auth (and const-ness)
	libcore/x-net/src/main/native/org_apache_harmony_xnet_provider_jsse_NativeCrypto.cpp

   Update to const SSL_CIPHER in OpenSSLSessionImpl_getCipherSuite (and cipherauthenticationmethod)
	libcore/x-net/src/main/native/org_apache_harmony_xnet_provider_jsse_NativeCrypto.cpp

   test_EnabledCipherSuites on both SSLSocketTest and
   SSLServerSocketTest caught the makeCipherList problem. However the
   asserts where a bit out of sync and didn't give good messages
   because they didn't actually show what was going on. As part of
   debugging the issue they found, I tried to make align the asserts
   and improve their output for the future.

	libcore/x-net/src/test/java/tests/api/javax/net/ssl/SSLServerSocketTest.java
	libcore/x-net/src/test/java/tests/api/javax/net/ssl/SSLSocketTest.java

vendor/google

    Add const to X509V3_EXT_METHOD* for 1.0.0 compatibility
	libraries/libjingle/talk/base/openssladapter.cc

Change-Id: I90fb1566dede6034eebc96d2b0dcf4533d9643bf

diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c
index 63bfbac..eeffce3 100644
--- a/ssl/d1_lib.c
+++ b/ssl/d1_lib.c

@@ -91,11 +91,6 @@
 	return(60*60*2);
 	}
 
-IMPLEMENT_dtls1_meth_func(dtlsv1_base_method,
-			ssl_undefined_function,
-			ssl_undefined_function,
-			ssl_bad_method)
-
 int dtls1_new(SSL *s)
 	{
 	DTLS1_STATE *d1;
@@ -105,17 +100,6 @@
 	memset(d1,0, sizeof *d1);
 
 	/* d1->handshake_epoch=0; */
-#if defined(OPENSSL_SYS_VMS) || defined(VMS_TEST)
-	d1->bitmap.length=64;
-#else
-	d1->bitmap.length=sizeof(d1->bitmap.map) * 8;
-#endif
-	pq_64bit_init(&(d1->bitmap.map));
-	pq_64bit_init(&(d1->bitmap.max_seq_num));
-	
-	d1->next_bitmap.length = d1->bitmap.length;
-	pq_64bit_init(&(d1->next_bitmap.map));
-	pq_64bit_init(&(d1->next_bitmap.max_seq_num));
 
 	d1->unprocessed_rcds.q=pqueue_new();
 	d1->processed_rcds.q=pqueue_new();
@@ -185,19 +169,13 @@
 	pqueue_free(s->d1->sent_messages);
 
 	while ( (item = pqueue_pop(s->d1->buffered_app_data.q)) != NULL)
-	{
+		{
 		frag = (hm_fragment *)item->data;
 		OPENSSL_free(frag->fragment);
 		OPENSSL_free(frag);
 		pitem_free(item);
-	}
+		}
 	pqueue_free(s->d1->buffered_app_data.q);
-	
-	pq_64bit_free(&(s->d1->bitmap.map));
-	pq_64bit_free(&(s->d1->bitmap.max_seq_num));
-
-	pq_64bit_free(&(s->d1->next_bitmap.map));
-	pq_64bit_free(&(s->d1->next_bitmap.max_seq_num));
 
 	OPENSSL_free(s->d1);
 	}
@@ -244,13 +222,13 @@
  * to explicitly list their SSL_* codes. Currently RC4 is the only one
  * available, but if new ones emerge, they will have to be added...
  */
-SSL_CIPHER *dtls1_get_cipher(unsigned int u)
+const SSL_CIPHER *dtls1_get_cipher(unsigned int u)
 	{
-	SSL_CIPHER *ciph = ssl3_get_cipher(u);
+	const SSL_CIPHER *ciph = ssl3_get_cipher(u);
 
 	if (ciph != NULL)
 		{
-		if ((ciph->algorithms&SSL_ENC_MASK) == SSL_RC4)
+		if (ciph->algorithm_enc == SSL_RC4)
 			return NULL;
 		}