Remove support for OPENSSL_SSL_TRACE_CRYPTO

author Matt Caswell <matt@openssl.org>

Mon, 8 May 2017 08:32:58 +0000 (09:32 +0100)

committer Matt Caswell <matt@openssl.org>

Tue, 9 May 2017 16:19:22 +0000 (17:19 +0100)
author Matt Caswell <matt@openssl.org>
Mon, 8 May 2017 08:32:58 +0000 (09:32 +0100)
committer Matt Caswell <matt@openssl.org>
Tue, 9 May 2017 16:19:22 +0000 (17:19 +0100)
diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c

index 093e527da1480db557df2fc85e7bc77d26dc1427..e08857df9b75a96c00a6a26216c4f1fa47e3fcf8 100644 (file)
--- a/ssl/s3_enc.c
+++ b/ssl/s3_enc.c
@@ -228,23 +228,6 @@ int ssl3_change_cipher_state(SSL *s, int which)
      if (!EVP_CipherInit_ex(dd, c, NULL, key, iv, (which & SSL3_CC_WRITE)))
          goto err2;
  
-#ifdef OPENSSL_SSL_TRACE_CRYPTO
-    if (s->msg_callback) {
-
-        int wh = which & SSL3_CC_WRITE ?
-            TLS1_RT_CRYPTO_WRITE : TLS1_RT_CRYPTO_READ;
-        s->msg_callback(2, s->version, wh | TLS1_RT_CRYPTO_MAC,
-                        mac_secret, EVP_MD_size(m), s, s->msg_callback_arg);
-        if (c->key_len)
-            s->msg_callback(2, s->version, wh | TLS1_RT_CRYPTO_KEY,
-                            key, c->key_len, s, s->msg_callback_arg);
-        if (k) {
-            s->msg_callback(2, s->version, wh | TLS1_RT_CRYPTO_IV,
-                            iv, k, s, s->msg_callback_arg);
-        }
-    }
-#endif
-
      OPENSSL_cleanse(exp_key, sizeof(exp_key));
      OPENSSL_cleanse(exp_iv, sizeof(exp_iv));
      return (1);
@@ -462,9 +445,6 @@ int ssl3_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
      EVP_MD_CTX *ctx = EVP_MD_CTX_new();
      int i, ret = 0;
      unsigned int n;
-#ifdef OPENSSL_SSL_TRACE_CRYPTO
-    unsigned char *tmpout = out;
-#endif
  
      if (ctx == NULL) {
          SSLerr(SSL_F_SSL3_GENERATE_MASTER_SECRET, ERR_R_MALLOC_FAILURE);
@@ -493,21 +473,6 @@ int ssl3_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
      }
      EVP_MD_CTX_free(ctx);
  
-#ifdef OPENSSL_SSL_TRACE_CRYPTO
-    if (ret > 0 && s->msg_callback) {
-        s->msg_callback(2, s->version, TLS1_RT_CRYPTO_PREMASTER,
-                        p, len, s, s->msg_callback_arg);
-        s->msg_callback(2, s->version, TLS1_RT_CRYPTO_CLIENT_RANDOM,
-                        s->s3->client_random, SSL3_RANDOM_SIZE,
-                        s, s->msg_callback_arg);
-        s->msg_callback(2, s->version, TLS1_RT_CRYPTO_SERVER_RANDOM,
-                        s->s3->server_random, SSL3_RANDOM_SIZE,
-                        s, s->msg_callback_arg);
-        s->msg_callback(2, s->version, TLS1_RT_CRYPTO_MASTER,
-                        tmpout, SSL3_MASTER_SECRET_SIZE,
-                        s, s->msg_callback_arg);
-    }
-#endif
      OPENSSL_cleanse(buf, sizeof(buf));
      return (ret);
  }
diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c

index 0fb88af249e1e6393fcd1e049231bbad6287085d..235c5e4bc8b2cebd47cc56a8c0da270e18531f49 100644 (file)
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -313,25 +313,6 @@ int tls1_change_cipher_state(SSL *s, int which)
          SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);
          goto err2;
      }
-#ifdef OPENSSL_SSL_TRACE_CRYPTO
-    if (s->msg_callback) {
-        int wh = which & SSL3_CC_WRITE ? TLS1_RT_CRYPTO_WRITE : 0;
-        if (*mac_secret_size)
-            s->msg_callback(2, s->version, wh | TLS1_RT_CRYPTO_MAC,
-                            mac_secret, *mac_secret_size,
-                            s, s->msg_callback_arg);
-        if (c->key_len)
-            s->msg_callback(2, s->version, wh | TLS1_RT_CRYPTO_KEY,
-                            key, c->key_len, s, s->msg_callback_arg);
-        if (k) {
-            if (EVP_CIPHER_mode(c) == EVP_CIPH_GCM_MODE)
-                wh |= TLS1_RT_CRYPTO_FIXED_IV;
-            else
-                wh |= TLS1_RT_CRYPTO_IV;
-            s->msg_callback(2, s->version, wh, iv, k, s, s->msg_callback_arg);
-        }
-    }
-#endif
  
  #ifdef SSL_DEBUG
      printf("which = %04X\nkey=", which);
@@ -528,22 +509,6 @@ int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
                  SSL3_MASTER_SECRET_SIZE);
  #endif
  
-#ifdef OPENSSL_SSL_TRACE_CRYPTO
-    if (s->msg_callback) {
-        s->msg_callback(2, s->version, TLS1_RT_CRYPTO_PREMASTER,
-                        p, len, s, s->msg_callback_arg);
-        s->msg_callback(2, s->version, TLS1_RT_CRYPTO_CLIENT_RANDOM,
-                        s->s3->client_random, SSL3_RANDOM_SIZE,
-                        s, s->msg_callback_arg);
-        s->msg_callback(2, s->version, TLS1_RT_CRYPTO_SERVER_RANDOM,
-                        s->s3->server_random, SSL3_RANDOM_SIZE,
-                        s, s->msg_callback_arg);
-        s->msg_callback(2, s->version, TLS1_RT_CRYPTO_MASTER,
-                        s->session->master_key,
-                        SSL3_MASTER_SECRET_SIZE, s, s->msg_callback_arg);
-    }
-#endif
-
      return (SSL3_MASTER_SECRET_SIZE);
  }
  
diff --git a/ssl/t1_trce.c b/ssl/t1_trce.c

index 4577f038a36fd41bc83217a49d7118e1250a3a29..52d3611565bdd1e4dc191a0a402652e85988da90 100644 (file)
--- a/ssl/t1_trce.c
+++ b/ssl/t1_trce.c
@@ -547,21 +547,6 @@ static ssl_trace_tbl ssl_ctype_tbl[] = {
      {66, "ecdsa_fixed_ecdh"}
  };
  
-static ssl_trace_tbl ssl_crypto_tbl[] = {
-    {TLS1_RT_CRYPTO_PREMASTER, "Premaster Secret"},
-    {TLS1_RT_CRYPTO_CLIENT_RANDOM, "Client Random"},
-    {TLS1_RT_CRYPTO_SERVER_RANDOM, "Server Random"},
-    {TLS1_RT_CRYPTO_MASTER, "Master Secret"},
-    {TLS1_RT_CRYPTO_MAC | TLS1_RT_CRYPTO_WRITE, "Write Mac Secret"},
-    {TLS1_RT_CRYPTO_MAC | TLS1_RT_CRYPTO_READ, "Read Mac Secret"},
-    {TLS1_RT_CRYPTO_KEY | TLS1_RT_CRYPTO_WRITE, "Write Key"},
-    {TLS1_RT_CRYPTO_KEY | TLS1_RT_CRYPTO_READ, "Read Key"},
-    {TLS1_RT_CRYPTO_IV | TLS1_RT_CRYPTO_WRITE, "Write IV"},
-    {TLS1_RT_CRYPTO_IV | TLS1_RT_CRYPTO_READ, "Read IV"},
-    {TLS1_RT_CRYPTO_FIXED_IV | TLS1_RT_CRYPTO_WRITE, "Write IV (fixed part)"},
-    {TLS1_RT_CRYPTO_FIXED_IV | TLS1_RT_CRYPTO_READ, "Read IV (fixed part)"}
-};
-
  static void ssl_print_hex(BIO *bio, int indent, const char *name,
                            const unsigned char *msg, size_t msglen)
  {
@@ -1283,12 +1268,6 @@ void SSL_trace(int write_p, int version, int content_type,
      const unsigned char *msg = buf;
      BIO *bio = arg;
  
-    if (write_p == 2) {
-        BIO_puts(bio, "Session ");
-        ssl_print_hex(bio, 0,
-                      ssl_trace_str(content_type, ssl_crypto_tbl), msg, msglen);
-        return;
-    }
      switch (content_type) {
      case SSL3_RT_HEADER:
          {
author	Matt Caswell <matt@openssl.org>
	Mon, 8 May 2017 08:32:58 +0000 (09:32 +0100)
committer	Matt Caswell <matt@openssl.org>
	Tue, 9 May 2017 16:19:22 +0000 (17:19 +0100)
ssl/s3_enc.c		patch \| blob \| history
ssl/t1_enc.c		patch \| blob \| history
ssl/t1_trce.c		patch \| blob \| history