Remove support for opaque-prf

An expired IETF Internet-Draft (seven years old) that nobody
implements, and probably just as good as NSA DRBG work.

Reviewed-by: Richard Levitte <levitte@openssl.org>

diff --git a/apps/s_cb.c b/apps/s_cb.c
index 7227b19c424fd2e681a96d81aec1d590fc4fba94..eb8994952591be4470df9cbabd283cc0fdb9ade6 100644 (file)
--- a/apps/s_cb.c
+++ b/apps/s_cb.c
@@ -907,11 +907,6 @@ void tlsext_cb(SSL *s, int client_server, int type,
         extname = "renegotiation info";
         break;
 
-#ifdef TLSEXT_TYPE_opaque_prf_input
-    case TLSEXT_TYPE_opaque_prf_input:
-        extname = "opaque PRF input";
-        break;
-#endif
 #ifdef TLSEXT_TYPE_next_proto_neg
     case TLSEXT_TYPE_next_proto_neg:
         extname = "next protocol";

diff --git a/apps/s_client.c b/apps/s_client.c
index 512c2583aae020adce73b64622a0380088702e46..0fb4771108c2406d5501adfc1b97e395d2540908 100644 (file)
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -1409,12 +1409,6 @@ int MAIN(int argc, char **argv)
         kssl_ctx_setstring(kctx, KSSL_SERVER, host);
     }
 #endif                          /* OPENSSL_NO_KRB5 */
-/*      SSL_set_cipher_list(con,"RC4-MD5"); */
-#if 0
-# ifdef TLSEXT_TYPE_opaque_prf_input
-    SSL_set_tlsext_opaque_prf_input(con, "Test client", 11);
-# endif
-#endif
 
  re_start:
 #ifdef NO_SYS_UN_H

diff --git a/apps/s_server.c b/apps/s_server.c
index 48ac6b39897fc2dc4d825288d663dc4f54c65394..e6ea350baf6c6b86e486ebf4efea7e2e6ae910de 100644 (file)
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -2183,11 +2183,6 @@ static int sv_body(char *hostname, int s, int stype, unsigned char *context)
             SSL_set_session_id_context(con, context, strlen((char *)context));
     }
     SSL_clear(con);
-#if 0
-# ifdef TLSEXT_TYPE_opaque_prf_input
-    SSL_set_tlsext_opaque_prf_input(con, "Test server", 11);
-# endif
-#endif
 
     if (stype == SOCK_DGRAM) {
 

diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 3a1377ac7b08e15dd7e29d1d0111a8632c2d5745..b85d9bf8e35b97f151ff2329ebb2aa8c3d3ea725 100644 (file)
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -3244,13 +3244,6 @@ void ssl3_free(SSL *s)
     if (s == NULL)
         return;
 
-#ifdef TLSEXT_TYPE_opaque_prf_input
-    if (s->s3->client_opaque_prf_input != NULL)
-        OPENSSL_free(s->s3->client_opaque_prf_input);
-    if (s->s3->server_opaque_prf_input != NULL)
-        OPENSSL_free(s->s3->server_opaque_prf_input);
-#endif
-
     ssl3_cleanup_key_block(s);
     if (s->s3->rbuf.buf != NULL)
         ssl3_release_read_buffer(s);
@@ -3293,15 +3286,6 @@ void ssl3_clear(SSL *s)
     size_t rlen, wlen;
     int init_extra;
 
-#ifdef TLSEXT_TYPE_opaque_prf_input
-    if (s->s3->client_opaque_prf_input != NULL)
-        OPENSSL_free(s->s3->client_opaque_prf_input);
-    s->s3->client_opaque_prf_input = NULL;
-    if (s->s3->server_opaque_prf_input != NULL)
-        OPENSSL_free(s->s3->server_opaque_prf_input);
-    s->s3->server_opaque_prf_input = NULL;
-#endif
-
     ssl3_cleanup_key_block(s);
     if (s->s3->tmp.ca_names != NULL)
         sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
@@ -3554,30 +3538,6 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
         ret = 1;
         break;
 
-# ifdef TLSEXT_TYPE_opaque_prf_input
-    case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT:
-        if (larg > 12288) {     /* actual internal limit is 2^16 for the
-                                 * complete hello message * (including the
-                                 * cert chain and everything) */
-            SSLerr(SSL_F_SSL3_CTRL, SSL_R_OPAQUE_PRF_INPUT_TOO_LONG);
-            break;
-        }
-        if (s->tlsext_opaque_prf_input != NULL)
-            OPENSSL_free(s->tlsext_opaque_prf_input);
-        if ((size_t)larg == 0)
-            s->tlsext_opaque_prf_input = OPENSSL_malloc(1); /* dummy byte
-                                                             * just to get
-                                                             * non-NULL */
-        else
-            s->tlsext_opaque_prf_input = BUF_memdup(parg, (size_t)larg);
-        if (s->tlsext_opaque_prf_input != NULL) {
-            s->tlsext_opaque_prf_input_len = (size_t)larg;
-            ret = 1;
-        } else
-            s->tlsext_opaque_prf_input_len = 0;
-        break;
-# endif
-
     case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE:
         s->tlsext_status_type = larg;
         ret = 1;
@@ -4071,12 +4031,6 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
             return 1;
         }
 
-# ifdef TLSEXT_TYPE_opaque_prf_input
-    case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG:
-        ctx->tlsext_opaque_prf_input_callback_arg = parg;
-        return 1;
-# endif
-
     case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG:
         ctx->tlsext_status_arg = parg;
         return 1;
@@ -4241,13 +4195,6 @@ long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void))
         ctx->tlsext_servername_callback = (int (*)(SSL *, int *, void *))fp;
         break;
 
-# ifdef TLSEXT_TYPE_opaque_prf_input
-    case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB:
-        ctx->tlsext_opaque_prf_input_callback =
-            (int (*)(SSL *, void *, size_t, void *))fp;
-        break;
-# endif
-
     case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB:
         ctx->tlsext_status_cb = (int (*)(SSL *, void *))fp;
         break;

diff --git a/ssl/ssl.h b/ssl/ssl.h
index 5622860483ee362b2d33ce3cd6408a4a1a07ee31..0a6f4dae39da6b144259d2c65bcc6747e332827b 100644 (file)
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -1054,11 +1054,6 @@ struct ssl_ctx_st {
     /* Callback for status request */
     int (*tlsext_status_cb) (SSL *ssl, void *arg);
     void *tlsext_status_arg;
-
-    /* draft-rescorla-tls-opaque-prf-input-00.txt information */
-    int (*tlsext_opaque_prf_input_callback) (SSL *, void *peerinput,
-                                             size_t len, void *arg);
-    void *tlsext_opaque_prf_input_callback_arg;
 #  endif
 
 #  ifndef OPENSSL_NO_PSK
@@ -1573,12 +1568,6 @@ struct ssl_st {
     /* our list */
     unsigned char *tlsext_ellipticcurvelist;
 #   endif                       /* OPENSSL_NO_EC */
-    /*
-     * draft-rescorla-tls-opaque-prf-input-00.txt information to be used for
-     * handshakes
-     */
-    void *tlsext_opaque_prf_input;
-    size_t tlsext_opaque_prf_input_len;
     /* TLS Session Ticket extension override */
     TLS_SESSION_TICKET_EXT *tlsext_session_ticket;
     /* TLS Session Ticket extension callback */
@@ -1861,9 +1850,9 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
 #  define SSL_CTRL_SET_TLSEXT_DEBUG_ARG           57
 #  define SSL_CTRL_GET_TLSEXT_TICKET_KEYS         58
 #  define SSL_CTRL_SET_TLSEXT_TICKET_KEYS         59
-#  define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT    60
-#  define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB 61
-#  define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG 62
+/*#  define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT    60 */
+/*#  define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB 61 */
+/*#  define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG 62 */
 #  define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB       63
 #  define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG   64
 #  define SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE     65

diff --git a/ssl/ssl3.h b/ssl/ssl3.h
index 6c7c4396824685140e5596c56bf19cf1c212d230..23eb156c04aa5249d427e37820a763210e690242 100644 (file)
--- a/ssl/ssl3.h
+++ b/ssl/ssl3.h
@@ -530,15 +530,6 @@ typedef struct ssl3_state_st {
     int total_renegotiations;
     int num_renegotiations;
     int in_read_app_data;
-    /*
-     * Opaque PRF input as used for the current handshake. These fields are
-     * used only if TLSEXT_TYPE_opaque_prf_input is defined (otherwise, they
-     * are merely present to improve binary compatibility)
-     */
-    void *client_opaque_prf_input;
-    size_t client_opaque_prf_input_len;
-    void *server_opaque_prf_input;
-    size_t server_opaque_prf_input_len;
     struct {
         /* actually only needs to be 16+20 */
         unsigned char cert_verify_md[EVP_MAX_MD_SIZE * 2];

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 59a871cc36dbbb0d95f82c782fe24f36f2086c6b..2a84ff248f7b5e3b68c2c06edc92d1932a48095e 100644 (file)
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -610,8 +610,6 @@ void SSL_free(SSL *s)
     if (s->tlsext_ellipticcurvelist)
         OPENSSL_free(s->tlsext_ellipticcurvelist);
 # endif                         /* OPENSSL_NO_EC */
-    if (s->tlsext_opaque_prf_input)
-        OPENSSL_free(s->tlsext_opaque_prf_input);
     if (s->tlsext_ocsp_exts)
         sk_X509_EXTENSION_pop_free(s->tlsext_ocsp_exts, X509_EXTENSION_free);
     if (s->tlsext_ocsp_ids)

diff --git a/ssl/ssltest.c b/ssl/ssltest.c
index 0b4df3ea15a25c2e9cd925dd89eb6af72df4efbf..b90f6fb28040ed47802124882e4a6d9eda214ec1 100644 (file)
--- a/ssl/ssltest.c
+++ b/ssl/ssltest.c
@@ -956,30 +956,6 @@ static void lock_dbg_cb(int mode, int type, const char *file, int line)
     }
 }
 
-#ifdef TLSEXT_TYPE_opaque_prf_input
-struct cb_info_st {
-    void *input;
-    size_t len;
-    int ret;
-};
-struct cb_info_st co1 = { "C", 1, 1 }; /* try to negotiate oqaque PRF input */
-struct cb_info_st co2 = { "C", 1, 2 }; /* insist on oqaque PRF input */
-struct cb_info_st so1 = { "S", 1, 1 }; /* try to negotiate oqaque PRF input */
-struct cb_info_st so2 = { "S", 1, 2 }; /* insist on oqaque PRF input */
-
-int opaque_prf_input_cb(SSL *ssl, void *peerinput, size_t len, void *arg_)
-{
-    struct cb_info_st *arg = arg_;
-
-    if (arg == NULL)
-        return 1;
-
-    if (!SSL_set_tlsext_opaque_prf_input(ssl, arg->input, arg->len))
-        return 0;
-    return arg->ret;
-}
-#endif
-
 int main(int argc, char *argv[])
 {
     char *CApath = NULL, *CAfile = NULL;
@@ -1534,15 +1510,6 @@ int main(int argc, char *argv[])
     SSL_CTX_set_tmp_rsa_callback(s_ctx, tmp_rsa_cb);
 #endif
 
-#ifdef TLSEXT_TYPE_opaque_prf_input
-    SSL_CTX_set_tlsext_opaque_prf_input_callback(c_ctx, opaque_prf_input_cb);
-    SSL_CTX_set_tlsext_opaque_prf_input_callback(s_ctx, opaque_prf_input_cb);
-    /* or &co2 or NULL */
-    SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(c_ctx, &co1);
-    /* or &so2 or NULL */
-    SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(s_ctx, &so1);
-#endif
-
     if (!SSL_CTX_use_certificate_file(s_ctx, server_cert, SSL_FILETYPE_PEM)) {
         ERR_print_errors(bio_err);
     } else if (!SSL_CTX_use_PrivateKey_file(s_ctx,

diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index 693a1b0feffc0d6057502727a96ba7dec01beaf3..3f4973e9ac51ed11585f2e724b54fd7a944f2bfe 100644 (file)
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -1099,22 +1099,6 @@ int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
             len);
 #endif                          /* KSSL_DEBUG */
 
-#ifdef TLSEXT_TYPE_opaque_prf_input
-    if (s->s3->client_opaque_prf_input != NULL
-        && s->s3->server_opaque_prf_input != NULL
-        && s->s3->client_opaque_prf_input_len > 0
-        && s->s3->client_opaque_prf_input_len ==
-        s->s3->server_opaque_prf_input_len) {
-        co = s->s3->client_opaque_prf_input;
-        col = s->s3->server_opaque_prf_input_len;
-        so = s->s3->server_opaque_prf_input;
-        /*
-         * must be same as col (see
-         * draft-resc-00.txts-opaque-prf-input-00.txt, section 3.1)
-         */
-        sol = s->s3->client_opaque_prf_input_len;
-    }
-#endif
 
     tls1_PRF(ssl_get_algorithm2(s),
              TLS_MD_MASTER_SECRET_CONST, TLS_MD_MASTER_SECRET_CONST_SIZE,

diff --git a/ssl/t1_ext.c b/ssl/t1_ext.c
index 724ddf76acb3df61dc1de476ea398f72375660f0..ce54f4fa15148258ce2506c70783c569262f027a 100644 (file)
--- a/ssl/t1_ext.c
+++ b/ssl/t1_ext.c
@@ -284,9 +284,6 @@ int SSL_extension_supported(unsigned int ext_type)
     case TLSEXT_TYPE_srp:
     case TLSEXT_TYPE_status_request:
     case TLSEXT_TYPE_use_srtp:
-# ifdef TLSEXT_TYPE_opaque_prf_input
-    case TLSEXT_TYPE_opaque_prf_input:
-# endif
 # ifdef TLSEXT_TYPE_encrypt_then_mac
     case TLSEXT_TYPE_encrypt_then_mac:
 # endif

diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 6a1ed6a7427f72396e72ec9a395958e18cd14ae9..9be7347b56392a6c5d3f16e2aa40f9ecc5e554e6 100644 (file)
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -1335,22 +1335,6 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf,
         s2n(salglen, etmp);
         ret += salglen;
     }
-# ifdef TLSEXT_TYPE_opaque_prf_input
-    if (s->s3->client_opaque_prf_input != NULL) {
-        size_t col = s->s3->client_opaque_prf_input_len;
-
-        if ((long)(limit - ret - 6 - col) < 0)
-            return NULL;
-        if (col > 0xFFFD)       /* can't happen */
-            return NULL;
-
-        s2n(TLSEXT_TYPE_opaque_prf_input, ret);
-        s2n(col + 2, ret);
-        s2n(col, ret);
-        memcpy(ret, s->s3->client_opaque_prf_input, col);
-        ret += col;
-    }
-# endif
 
     if (s->tlsext_status_type == TLSEXT_STATUSTYPE_ocsp) {
         int i;
@@ -1601,22 +1585,6 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *buf,
         s2n(TLSEXT_TYPE_status_request, ret);
         s2n(0, ret);
     }
-# ifdef TLSEXT_TYPE_opaque_prf_input
-    if (s->s3->server_opaque_prf_input != NULL) {
-        size_t sol = s->s3->server_opaque_prf_input_len;
-
-        if ((long)(limit - ret - 6 - sol) < 0)
-            return NULL;
-        if (sol > 0xFFFD)       /* can't happen */
-            return NULL;
-
-        s2n(TLSEXT_TYPE_opaque_prf_input, ret);
-        s2n(sol + 2, ret);
-        s2n(sol, ret);
-        memcpy(ret, s->s3->server_opaque_prf_input, sol);
-        ret += sol;
-    }
-# endif
 
 # ifndef OPENSSL_NO_SRTP
     if (SSL_IS_DTLS(s) && s->srtp_profile) {
@@ -2154,37 +2122,6 @@ static int ssl_scan_clienthello_tlsext(SSL *s, unsigned char **p,
 #  endif
         }
 # endif                         /* OPENSSL_NO_EC */
-# ifdef TLSEXT_TYPE_opaque_prf_input
-        else if (type == TLSEXT_TYPE_opaque_prf_input) {
-            unsigned char *sdata = data;
-
-            if (size < 2) {
-                *al = SSL_AD_DECODE_ERROR;
-                return 0;
-            }
-            n2s(sdata, s->s3->client_opaque_prf_input_len);
-            if (s->s3->client_opaque_prf_input_len != size - 2) {
-                *al = SSL_AD_DECODE_ERROR;
-                return 0;
-            }
-
-            if (s->s3->client_opaque_prf_input != NULL) {
-                /* shouldn't really happen */
-                OPENSSL_free(s->s3->client_opaque_prf_input);
-            }
-
-            /* dummy byte just to get non-NULL */
-            if (s->s3->client_opaque_prf_input_len == 0)
-                s->s3->client_opaque_prf_input = OPENSSL_malloc(1);
-            else
-                s->s3->client_opaque_prf_input =
-                    BUF_memdup(sdata, s->s3->client_opaque_prf_input_len);
-            if (s->s3->client_opaque_prf_input == NULL) {
-                *al = TLS1_AD_INTERNAL_ERROR;
-                return 0;
-            }
-        }
-# endif
         else if (type == TLSEXT_TYPE_session_ticket) {
             if (s->tls_session_ticket_ext_cb &&
                 !s->tls_session_ticket_ext_cb(s, data, size,
@@ -2540,38 +2477,6 @@ static int ssl_scan_serverhello_tlsext(SSL *s, unsigned char **p,
             }
             s->tlsext_ticket_expected = 1;
         }
-# ifdef TLSEXT_TYPE_opaque_prf_input
-        else if (type == TLSEXT_TYPE_opaque_prf_input) {
-            unsigned char *sdata = data;
-
-            if (size < 2) {
-                *al = SSL_AD_DECODE_ERROR;
-                return 0;
-            }
-            n2s(sdata, s->s3->server_opaque_prf_input_len);
-            if (s->s3->server_opaque_prf_input_len != size - 2) {
-                *al = SSL_AD_DECODE_ERROR;
-                return 0;
-            }
-
-            if (s->s3->server_opaque_prf_input != NULL) {
-                /* shouldn't really happen */
-                OPENSSL_free(s->s3->server_opaque_prf_input);
-            }
-            if (s->s3->server_opaque_prf_input_len == 0) {
-                /* dummy byte just to get non-NULL */
-                s->s3->server_opaque_prf_input = OPENSSL_malloc(1);
-            } else {
-                s->s3->server_opaque_prf_input =
-                    BUF_memdup(sdata, s->s3->server_opaque_prf_input_len);
-            }
-
-            if (s->s3->server_opaque_prf_input == NULL) {
-                *al = TLS1_AD_INTERNAL_ERROR;
-                return 0;
-            }
-        }
-# endif
         else if (type == TLSEXT_TYPE_status_request) {
             /*
              * MUST be empty and only sent if we've requested a status
@@ -2745,51 +2650,6 @@ static int ssl_scan_serverhello_tlsext(SSL *s, unsigned char **p,
 int ssl_prepare_clienthello_tlsext(SSL *s)
 {
 
-# ifdef TLSEXT_TYPE_opaque_prf_input
-    {
-        int r = 1;
-
-        if (s->ctx->tlsext_opaque_prf_input_callback != 0) {
-            r = s->ctx->tlsext_opaque_prf_input_callback(s, NULL, 0,
-                                                         s->
-                                                         ctx->tlsext_opaque_prf_input_callback_arg);
-            if (!r)
-                return -1;
-        }
-
-        if (s->tlsext_opaque_prf_input != NULL) {
-            if (s->s3->client_opaque_prf_input != NULL) {
-                /* shouldn't really happen */
-                OPENSSL_free(s->s3->client_opaque_prf_input);
-            }
-
-            if (s->tlsext_opaque_prf_input_len == 0) {
-                /* dummy byte just to get non-NULL */
-                s->s3->client_opaque_prf_input = OPENSSL_malloc(1);
-            } else {
-                s->s3->client_opaque_prf_input =
-                    BUF_memdup(s->tlsext_opaque_prf_input,
-                               s->tlsext_opaque_prf_input_len);
-            }
-            if (s->s3->client_opaque_prf_input == NULL) {
-                SSLerr(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT,
-                       ERR_R_MALLOC_FAILURE);
-                return -1;
-            }
-            s->s3->client_opaque_prf_input_len =
-                s->tlsext_opaque_prf_input_len;
-        }
-
-        if (r == 2)
-            /*
-             * at callback's request, insist on receiving an appropriate
-             * server opaque PRF input
-             */
-            s->s3->server_opaque_prf_input_len =
-                s->tlsext_opaque_prf_input_len;
-    }
-# endif
-
     return 1;
 }
 
@@ -2825,73 +2685,6 @@ static int ssl_check_clienthello_tlsext_early(SSL *s)
                                                        s->
                                                        initial_ctx->tlsext_servername_arg);
 
-# ifdef TLSEXT_TYPE_opaque_prf_input
-    {
-        /*
-         * This sort of belongs into ssl_prepare_serverhello_tlsext(), but we
-         * might be sending an alert in response to the client hello, so this
-         * has to happen here in ssl_check_clienthello_tlsext_early().
-         */
-
-        int r = 1;
-
-        if (s->ctx->tlsext_opaque_prf_input_callback != 0) {
-            r = s->ctx->tlsext_opaque_prf_input_callback(s, NULL, 0,
-                                                         s->
-                                                         ctx->tlsext_opaque_prf_input_callback_arg);
-            if (!r) {
-                ret = SSL_TLSEXT_ERR_ALERT_FATAL;
-                al = SSL_AD_INTERNAL_ERROR;
-                goto err;
-            }
-        }
-
-        if (s->s3->server_opaque_prf_input != NULL) {
-            /* shouldn't really happen */
-            OPENSSL_free(s->s3->server_opaque_prf_input);
-        }
-        s->s3->server_opaque_prf_input = NULL;
-
-        if (s->tlsext_opaque_prf_input != NULL) {
-            if (s->s3->client_opaque_prf_input != NULL &&
-                s->s3->client_opaque_prf_input_len ==
-                s->tlsext_opaque_prf_input_len) {
-                /*
-                 * can only use this extension if we have a server opaque PRF
-                 * input of the same length as the client opaque PRF input!
-                 */
-
-                if (s->tlsext_opaque_prf_input_len == 0) {
-                    /* dummy byte just to get non-NULL */
-                    s->s3->server_opaque_prf_input = OPENSSL_malloc(1);
-                } else {
-                    s->s3->server_opaque_prf_input =
-                        BUF_memdup(s->tlsext_opaque_prf_input,
-                                   s->tlsext_opaque_prf_input_len);
-                }
-                if (s->s3->server_opaque_prf_input == NULL) {
-                    ret = SSL_TLSEXT_ERR_ALERT_FATAL;
-                    al = SSL_AD_INTERNAL_ERROR;
-                    goto err;
-                }
-                s->s3->server_opaque_prf_input_len =
-                    s->tlsext_opaque_prf_input_len;
-            }
-        }
-
-        if (r == 2 && s->s3->server_opaque_prf_input == NULL) {
-            /*
-             * The callback wants to enforce use of the extension, but we
-             * can't do that with the client opaque PRF input; abort the
-             * handshake.
-             */
-            ret = SSL_TLSEXT_ERR_ALERT_FATAL;
-            al = SSL_AD_HANDSHAKE_FAILURE;
-        }
-    }
-
- err:
-# endif
     switch (ret) {
     case SSL_TLSEXT_ERR_ALERT_FATAL:
         ssl3_send_alert(s, SSL3_AL_FATAL, al);
@@ -3057,32 +2850,6 @@ int ssl_check_serverhello_tlsext(SSL *s)
                                                        s->
                                                        initial_ctx->tlsext_servername_arg);
 
-# ifdef TLSEXT_TYPE_opaque_prf_input
-    if (s->s3->server_opaque_prf_input_len > 0) {
-        /*
-         * This case may indicate that we, as a client, want to insist on
-         * using opaque PRF inputs. So first verify that we really have a
-         * value from the server too.
-         */
-
-        if (s->s3->server_opaque_prf_input == NULL) {
-            ret = SSL_TLSEXT_ERR_ALERT_FATAL;
-            al = SSL_AD_HANDSHAKE_FAILURE;
-        }
-
-        /*
-         * Anytime the server *has* sent an opaque PRF input, we need to
-         * check that we have a client opaque PRF input of the same size.
-         */
-        if (s->s3->client_opaque_prf_input == NULL ||
-            s->s3->client_opaque_prf_input_len !=
-            s->s3->server_opaque_prf_input_len) {
-            ret = SSL_TLSEXT_ERR_ALERT_FATAL;
-            al = SSL_AD_ILLEGAL_PARAMETER;
-        }
-    }
-# endif
-
     /*
      * If we've requested certificate status and we wont get one tell the
      * callback

diff --git a/ssl/t1_trce.c b/ssl/t1_trce.c
index 49b767fd9b872799280919ecb2a31a77e895468a..26160ed09bed437da5a0bebf6ebf5fe51a498f5d 100644 (file)
--- a/ssl/t1_trce.c
+++ b/ssl/t1_trce.c
@@ -361,9 +361,6 @@ static ssl_trace_tbl ssl_exts_tbl[] = {
     {TLSEXT_TYPE_use_srtp, "use_srtp"},
     {TLSEXT_TYPE_heartbeat, "heartbeat"},
     {TLSEXT_TYPE_session_ticket, "session_ticket"},
-# ifdef TLSEXT_TYPE_opaque_prf_input
-    {TLSEXT_TYPE_opaque_prf_input, "opaque_prf_input"},
-# endif
     {TLSEXT_TYPE_renegotiate, "renegotiate"},
     {TLSEXT_TYPE_next_proto_neg, "next_proto_neg"},
     {TLSEXT_TYPE_padding, "padding"}

diff --git a/ssl/tls1.h b/ssl/tls1.h
index 91c2cce7a2b7a069d490ca930d81fe82030fae43..1f756a45137c9b35ee67b91dad71b1a098f2173f 100644 (file)
--- a/ssl/tls1.h
+++ b/ssl/tls1.h
@@ -254,16 +254,6 @@ extern "C" {
 /* ExtensionType value from RFC4507 */
 # define TLSEXT_TYPE_session_ticket              35
 
-/* ExtensionType value from draft-rescorla-tls-opaque-prf-input-00.txt */
-# if 0
-/*
- * will have to be provided externally for now ,
- * i.e. build with -DTLSEXT_TYPE_opaque_prf_input=38183
- * using whatever extension number you'd like to try
- */
-#  define TLSEXT_TYPE_opaque_prf_input           ??
-# endif
-
 /* Temporary extension type */
 # define TLSEXT_TYPE_renegotiate                 0xff01
 
@@ -394,13 +384,6 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB,(void (*)(void))cb)
 #  define SSL_CTX_set_tlsext_status_arg(ssl, arg) \
 SSL_CTX_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG,0, (void *)arg)
 
-#  define SSL_set_tlsext_opaque_prf_input(s, src, len) \
-SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT, len, src)
-#  define SSL_CTX_set_tlsext_opaque_prf_input_callback(ctx, cb) \
-SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB, (void (*)(void))cb)
-#  define SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(ctx, arg) \
-SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG, 0, arg)
-
 #  define SSL_CTX_set_tlsext_ticket_key_cb(ssl, cb) \
 SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)