Commit 4574e1b3cb for openssl.org
commit 4574e1b3cb20e95cfad9a72d2fac3ac8ed2d2a14
Author: Andrew Dinh <andrewd@openssl.org>
Date: Thu Sep 11 00:17:35 2025 +1000
Remove unused SSLv3 specific error codes
Also remove the SSL_TXT_SSLV3 name.
Reviewed-by: Saša NedvÄ›dický <sashan@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Saša NedvÄ›dický <sashan@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29338)
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index 922cecbaa5..1c160cecb5 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -1298,7 +1298,6 @@ RSA_R_RANDOMNESS_SOURCE_STRENGTH_INSUFFICIENT:180:\
RSA_R_RSA_OPERATIONS_NOT_SUPPORTED:130:rsa operations not supported
RSA_R_SLEN_CHECK_FAILED:136:salt length check failed
RSA_R_SLEN_RECOVERY_FAILED:135:salt length recovery failed
-RSA_R_SSLV3_ROLLBACK_ATTACK:115:sslv3 rollback attack
RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD:116:\
the asn1 object identifier is not known for this md
RSA_R_UNKNOWN_ALGORITHM_TYPE:117:unknown algorithm type
@@ -1656,8 +1655,6 @@ SSL_R_TOO_MUCH_EARLY_DATA:164:too much early data
SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS:314:unable to find ecdh parameters
SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS:239:\
unable to find public key parameters
-SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES:242:unable to load ssl3 md5 routines
-SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES:243:unable to load ssl3 sha1 routines
SSL_R_UNEXPECTED_CCS_MESSAGE:262:unexpected ccs message
SSL_R_UNEXPECTED_END_OF_EARLY_DATA:178:unexpected end of early data
SSL_R_UNEXPECTED_EOF_WHILE_READING:294:unexpected eof while reading
diff --git a/crypto/rsa/rsa_err.c b/crypto/rsa/rsa_err.c
index 8f20f68efe..aced712b1d 100644
--- a/crypto/rsa/rsa_err.c
+++ b/crypto/rsa/rsa_err.c
@@ -127,8 +127,6 @@ static const ERR_STRING_DATA RSA_str_reasons[] = {
"salt length check failed" },
{ ERR_PACK(ERR_LIB_RSA, 0, RSA_R_SLEN_RECOVERY_FAILED),
"salt length recovery failed" },
- { ERR_PACK(ERR_LIB_RSA, 0, RSA_R_SSLV3_ROLLBACK_ATTACK),
- "sslv3 rollback attack" },
{ ERR_PACK(ERR_LIB_RSA, 0, RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD),
"the asn1 object identifier is not known for this md" },
{ ERR_PACK(ERR_LIB_RSA, 0, RSA_R_UNKNOWN_ALGORITHM_TYPE),
diff --git a/crypto/ssl_err.c b/crypto/ssl_err.c
index 6b88675200..c8963522a3 100644
--- a/crypto/ssl_err.c
+++ b/crypto/ssl_err.c
@@ -544,10 +544,6 @@ static const ERR_STRING_DATA SSL_str_reasons[] = {
"unable to find ecdh parameters" },
{ ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS),
"unable to find public key parameters" },
- { ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES),
- "unable to load ssl3 md5 routines" },
- { ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES),
- "unable to load ssl3 sha1 routines" },
{ ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNEXPECTED_CCS_MESSAGE),
"unexpected ccs message" },
{ ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNEXPECTED_END_OF_EARLY_DATA),
diff --git a/include/openssl/rsaerr.h b/include/openssl/rsaerr.h
index 8432f5f655..781e333132 100644
--- a/include/openssl/rsaerr.h
+++ b/include/openssl/rsaerr.h
@@ -88,7 +88,6 @@
#define RSA_R_RSA_OPERATIONS_NOT_SUPPORTED 130
#define RSA_R_SLEN_CHECK_FAILED 136
#define RSA_R_SLEN_RECOVERY_FAILED 135
-#define RSA_R_SSLV3_ROLLBACK_ATTACK 115
#define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116
#define RSA_R_UNKNOWN_ALGORITHM_TYPE 117
#define RSA_R_UNKNOWN_DIGEST 166
diff --git a/include/openssl/ssl.h.in b/include/openssl/ssl.h.in
index 6b7d8c0d16..61e7ce67ef 100644
--- a/include/openssl/ssl.h.in
+++ b/include/openssl/ssl.h.in
@@ -163,7 +163,6 @@ extern "C" {
#define SSL_TXT_SHA256 "SHA256"
#define SSL_TXT_SHA384 "SHA384"
-#define SSL_TXT_SSLV3 "SSLv3"
#define SSL_TXT_TLSV1 "TLSv1"
#define SSL_TXT_TLSV1_1 "TLSv1.1"
#define SSL_TXT_TLSV1_2 "TLSv1.2"
diff --git a/include/openssl/sslerr.h b/include/openssl/sslerr.h
index 6993255b19..3f0568f285 100644
--- a/include/openssl/sslerr.h
+++ b/include/openssl/sslerr.h
@@ -330,8 +330,6 @@
#define SSL_R_TOO_MUCH_EARLY_DATA 164
#define SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS 314
#define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS 239
-#define SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES 242
-#define SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES 243
#define SSL_R_UNEXPECTED_CCS_MESSAGE 262
#define SSL_R_UNEXPECTED_END_OF_EARLY_DATA 178
#define SSL_R_UNEXPECTED_EOF_WHILE_READING 294
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
index d6f1dd16dc..5c694ca6b8 100644
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -254,7 +254,6 @@ static const SSL_CIPHER cipher_aliases[] = {
{ 0, SSL_TXT_GOST12, NULL, 0, 0, 0, 0, SSL_GOST12_256 },
/* protocol version aliases */
- { 0, SSL_TXT_SSLV3, NULL, 0, 0, 0, 0, 0, SSL3_VERSION },
{ 0, SSL_TXT_TLSV1, NULL, 0, 0, 0, 0, 0, TLS1_VERSION },
{ 0, "TLSv1.0", NULL, 0, 0, 0, 0, 0, TLS1_VERSION },
{ 0, SSL_TXT_TLSV1_2, NULL, 0, 0, 0, 0, 0, TLS1_2_VERSION },