From b577fd0b81562ab97cf992bfffbdaf531e0d1d8c Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Mon, 8 Feb 2016 16:18:26 +0000 Subject: [PATCH] Deprecate undocumented SSL_cache_hit(). Deprecate undocumented SSL_cache_hit(). Make SSL_session_reused() into a real function. Reviewed-by: Richard Levitte --- apps/s_client.c | 2 +- apps/s_server.c | 4 ++-- include/openssl/ssl.h | 8 ++++---- ssl/s3_lib.c | 3 --- ssl/ssl_lib.c | 2 +- util/ssleay.num | 2 +- 6 files changed, 9 insertions(+), 12 deletions(-) diff --git a/apps/s_client.c b/apps/s_client.c index d6797f5066..39e3e48288 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -2537,7 +2537,7 @@ static void print_stuff(BIO *bio, SSL *s, int full) if (SSL_get_verify_result(s) == X509_V_OK && (peername = SSL_get0_peername(s)) != NULL) BIO_printf(bio, "Verified peername: %s\n", peername); - BIO_printf(bio, (SSL_cache_hit(s) ? "---\nReused, " : "---\nNew, ")); + BIO_printf(bio, (SSL_session_reused(s) ? "---\nReused, " : "---\nNew, ")); c = SSL_get_current_cipher(s); BIO_printf(bio, "%s, Cipher is %s\n", SSL_CIPHER_get_version(c), SSL_CIPHER_get_name(c)); diff --git a/apps/s_server.c b/apps/s_server.c index 45e9227f07..f07c8f61a9 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -2612,7 +2612,7 @@ static int init_ssl_connection(SSL *con) srtp_profile->name); } #endif - if (SSL_cache_hit(con)) + if (SSL_session_reused(con)) BIO_printf(bio_s_out, "Reused session-id\n"); BIO_printf(bio_s_out, "Secure Renegotiation IS%s supported\n", SSL_get_secure_renegotiation_support(con) ? "" : " NOT"); @@ -2882,7 +2882,7 @@ static int www_body(const char *hostname, int s, int stype, #ifndef OPENSSL_NO_EC ssl_print_curves(io, con, 0); #endif - BIO_printf(io, (SSL_cache_hit(con) + BIO_printf(io, (SSL_session_reused(con) ? "---\nReused, " : "---\nNew, ")); c = SSL_get_current_cipher(con); BIO_printf(io, "%s, Cipher is %s\n", diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h index cffd199550..7bc46c5f78 100644 --- a/include/openssl/ssl.h +++ b/include/openssl/ssl.h @@ -1115,7 +1115,6 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION) # define SSL_CTRL_SET_TMP_DH 3 # define SSL_CTRL_SET_TMP_ECDH 4 # define SSL_CTRL_SET_TMP_DH_CB 6 -# define SSL_CTRL_GET_SESSION_REUSED 8 # define SSL_CTRL_GET_CLIENT_CERT_REQUEST 9 # define SSL_CTRL_GET_NUM_RENEGOTIATIONS 10 # define SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS 11 @@ -1226,8 +1225,6 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION) SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg) # define DTLSv1_handle_timeout(ssl) \ SSL_ctrl(ssl,DTLS_CTRL_HANDLE_TIMEOUT,0, NULL) -# define SSL_session_reused(ssl) \ - SSL_ctrl((ssl),SSL_CTRL_GET_SESSION_REUSED,0,NULL) # define SSL_num_renegotiations(ssl) \ SSL_ctrl((ssl),SSL_CTRL_GET_NUM_RENEGOTIATIONS,0,NULL) # define SSL_clear_num_renegotiations(ssl) \ @@ -1812,8 +1809,11 @@ void SSL_set_not_resumable_session_callback(SSL *ssl, int (*cb) (SSL *ssl, int is_forward_secure)); +# if OPENSSL_API_COMPAT < 0x10100000L +# define SSL_cache_hit(s) SSL_session_reused(s) +# endif -__owur int SSL_cache_hit(SSL *s); +__owur int SSL_session_reused(SSL *s); __owur int SSL_is_server(SSL *s); __owur __owur SSL_CONF_CTX *SSL_CONF_CTX_new(void); diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 1121b8b5b9..8e2d7c4ff7 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -3455,9 +3455,6 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) int ret = 0; switch (cmd) { - case SSL_CTRL_GET_SESSION_REUSED: - ret = s->hit; - break; case SSL_CTRL_GET_CLIENT_CERT_REQUEST: break; case SSL_CTRL_GET_NUM_RENEGOTIATIONS: diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 23391327cb..aac23926ca 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -3706,7 +3706,7 @@ int ssl_handshake_hash(SSL *s, unsigned char *out, int outlen) return ret; } -int SSL_cache_hit(SSL *s) +int SSL_session_reused(SSL *s) { return s->hit; } diff --git a/util/ssleay.num b/util/ssleay.num index 67fd4ab4f5..d320e3bbd4 100755 --- a/util/ssleay.num +++ b/util/ssleay.num @@ -300,7 +300,7 @@ SSL_SESSION_get0_peer 340 1_1_0 EXIST::FUNCTION: TLSv1_2_client_method 341 1_1_0 EXIST::FUNCTION: SSL_SESSION_set1_id_context 342 1_1_0 EXIST::FUNCTION: TLSv1_2_server_method 343 1_1_0 EXIST::FUNCTION: -SSL_cache_hit 344 1_1_0 EXIST::FUNCTION: +SSL_session_reused 344 1_1_0 EXIST::FUNCTION: SSL_get0_kssl_ctx 345 1_1_0 NOEXIST::FUNCTION: SSL_set0_kssl_ctx 346 1_1_0 NOEXIST::FUNCTION: SSL_SESSION_get0_id 347 1_1_0 NOEXIST::FUNCTION: -- 2.25.1