add back SRP. i was being too greedy.

author: tedu <> 2014-04-16 20:39:09 +0000
committer: tedu <> 2014-04-16 20:39:09 +0000
commit: e7892d59587f55067ca2e2bc6fa26cf4bcd6c084 (patch)
tree: 761d3461cd8f278c74120d2836c29dd21dc95be6 /src/lib/libssl/ssl.h
parent: 750d86a4fc04f53024575d65269281ea6c4e450c (diff)
download: openbsd-e7892d59587f55067ca2e2bc6fa26cf4bcd6c084.tar.gz
openbsd-e7892d59587f55067ca2e2bc6fa26cf4bcd6c084.tar.bz2
openbsd-e7892d59587f55067ca2e2bc6fa26cf4bcd6c084.zip
1 files changed, 63 insertions, 0 deletions
diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h
index 3f99de1616..d3e015e738 100644
--- a/src/lib/libssl/ssl.h
+++ b/src/lib/libssl/ssl.h
@@ -533,6 +533,9 @@ struct ssl_session_st {
        size_t tlsext_ticklen;          /* Session ticket length */
        long tlsext_tick_lifetime_hint; /* Session lifetime hint in seconds */
 #endif
+#ifndef OPENSSL_NO_SRP
+        char *srp_username;
+#endif
 };
 #endif
@@ -682,6 +685,42 @@ void SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version,
 #define SSL_CTX_set_msg_callback_arg(ctx, arg) SSL_CTX_ctrl((ctx), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
 #define SSL_set_msg_callback_arg(ssl, arg) SSL_ctrl((ssl), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
+#ifndef OPENSSL_NO_SRP
+#ifndef OPENSSL_NO_SSL_INTERN
+typedef struct srp_ctx_st {
+        /* param for all the callbacks */
+        void *SRP_cb_arg;
+        /* set client Hello login callback */
+        int (*TLS_ext_srp_username_callback)(SSL *, int *, void *);
+        /* set SRP N/g param callback for verification */
+        int (*SRP_verify_param_callback)(SSL *, void *);
+        /* set SRP client passwd callback */
+        char *(*SRP_give_srp_client_pwd_callback)(SSL *, void *);
+        char *login;
+        BIGNUM *N, *g, *s, *B, *A;
+        BIGNUM *a, *b, *v;
+        char *info;
+        int strength;
+        unsigned long srp_Mask;
+} SRP_CTX;
+#endif
+/* see tls_srp.c */
+int SSL_SRP_CTX_init(SSL *s);
+int SSL_CTX_SRP_CTX_init(SSL_CTX *ctx);
+int SSL_SRP_CTX_free(SSL *ctx);
+int SSL_CTX_SRP_CTX_free(SSL_CTX *ctx);
+int SSL_srp_server_param_with_username(SSL *s, int *ad);
+int SRP_generate_server_master_secret(SSL *s, unsigned char *master_key);
+int SRP_Calc_A_param(SSL *s);
+int SRP_generate_client_master_secret(SSL *s, unsigned char *master_key);
+#endif
 #define SSL_MAX_CERT_LIST_DEFAULT 1024*100 /* 100k max cert list :-) */
@@ -903,6 +942,9 @@ struct ssl_ctx_st {
        struct ssl3_buf_freelist_st *wbuf_freelist;
        struct ssl3_buf_freelist_st *rbuf_freelist;
 #endif
+#ifndef OPENSSL_NO_SRP
+        SRP_CTX srp_ctx; /* ctx for SRP authentication */
+#endif
 #ifndef OPENSSL_NO_TLSEXT
@@ -1306,6 +1348,9 @@ struct ssl_st {
                         * 2 if we are a server and are inside a handshake
                         * (i.e. not just sending a HelloRequest) */
+#ifndef OPENSSL_NO_SRP
+        SRP_CTX srp_ctx; /* ctx for SRP authentication */
+#endif
 };
 #endif
@@ -1754,6 +1799,24 @@ int SSL_set_trust(SSL *s, int trust);
 int SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm);
 int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm);
+#ifndef OPENSSL_NO_SRP
+int SSL_CTX_set_srp_username(SSL_CTX *ctx, char *name);
+int SSL_CTX_set_srp_password(SSL_CTX *ctx, char *password);
+int SSL_CTX_set_srp_strength(SSL_CTX *ctx, int strength);
+int SSL_CTX_set_srp_client_pwd_callback(SSL_CTX *ctx, char *(*cb)(SSL *, void *));
+int SSL_CTX_set_srp_verify_param_callback(SSL_CTX *ctx, int (*cb)(SSL *, void *));
+int SSL_CTX_set_srp_username_callback(SSL_CTX *ctx, int (*cb)(SSL *, int *, void *));
+int SSL_CTX_set_srp_cb_arg(SSL_CTX *ctx, void *arg);
+int SSL_set_srp_server_param(SSL *s, const BIGNUM *N, const BIGNUM *g, BIGNUM *sa, BIGNUM *v, char *info);
+int SSL_set_srp_server_param_pw(SSL *s, const char *user, const char *pass, const char *grp);
+BIGNUM *SSL_get_srp_g(SSL *s);
+BIGNUM *SSL_get_srp_N(SSL *s);
+char *SSL_get_srp_username(SSL *s);
+char *SSL_get_srp_userinfo(SSL *s);
+#endif
 void    SSL_free(SSL *ssl);
 int     SSL_accept(SSL *ssl);
author	tedu <>	2014-04-16 20:39:09 +0000
committer	tedu <>	2014-04-16 20:39:09 +0000
commit	e7892d59587f55067ca2e2bc6fa26cf4bcd6c084 (patch)
tree	761d3461cd8f278c74120d2836c29dd21dc95be6 /src/lib/libssl/ssl.h
parent	750d86a4fc04f53024575d65269281ea6c4e450c (diff)
download	openbsd-e7892d59587f55067ca2e2bc6fa26cf4bcd6c084.tar.gz openbsd-e7892d59587f55067ca2e2bc6fa26cf4bcd6c084.tar.bz2 openbsd-e7892d59587f55067ca2e2bc6fa26cf4bcd6c084.zip

diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h index 3f99de1616..d3e015e738 100644 --- a/src/lib/libssl/ssl.h +++ b/src/lib/libssl/ssl.h
@@ -533,6 +533,9 @@ struct ssl_session_st {
533	size_t tlsext_ticklen; /* Session ticket length */	533	size_t tlsext_ticklen; /* Session ticket length */
534	long tlsext_tick_lifetime_hint; /* Session lifetime hint in seconds */	534	long tlsext_tick_lifetime_hint; /* Session lifetime hint in seconds */
535	#endif	535	#endif
		536	#ifndef OPENSSL_NO_SRP
		537	char *srp_username;
		538	#endif
536	};	539	};
537		540
538	#endif	541	#endif
@@ -682,6 +685,42 @@ void SSL_set_msg_callback(SSL ssl, void (cb)(int write_p, int version,
682	#define SSL_CTX_set_msg_callback_arg(ctx, arg) SSL_CTX_ctrl((ctx), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))	685	#define SSL_CTX_set_msg_callback_arg(ctx, arg) SSL_CTX_ctrl((ctx), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
683	#define SSL_set_msg_callback_arg(ssl, arg) SSL_ctrl((ssl), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))	686	#define SSL_set_msg_callback_arg(ssl, arg) SSL_ctrl((ssl), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
684		687
		688	#ifndef OPENSSL_NO_SRP
		689
		690	#ifndef OPENSSL_NO_SSL_INTERN
		691
		692	typedef struct srp_ctx_st {
		693	/* param for all the callbacks */
		694	void *SRP_cb_arg;
		695	/* set client Hello login callback */
		696	int (TLS_ext_srp_username_callback)(SSL , int , void );
		697	/* set SRP N/g param callback for verification */
		698	int (SRP_verify_param_callback)(SSL , void *);
		699	/* set SRP client passwd callback */
		700	char (SRP_give_srp_client_pwd_callback)(SSL , void );
		701
		702	char *login;
		703	BIGNUM N, g, s, B, *A;
		704	BIGNUM a, b, *v;
		705	char *info;
		706	int strength;
		707
		708	unsigned long srp_Mask;
		709	} SRP_CTX;
		710
		711	#endif
		712
		713	/* see tls_srp.c */
		714	int SSL_SRP_CTX_init(SSL *s);
		715	int SSL_CTX_SRP_CTX_init(SSL_CTX *ctx);
		716	int SSL_SRP_CTX_free(SSL *ctx);
		717	int SSL_CTX_SRP_CTX_free(SSL_CTX *ctx);
		718	int SSL_srp_server_param_with_username(SSL s, int ad);
		719	int SRP_generate_server_master_secret(SSL s, unsigned char master_key);
		720	int SRP_Calc_A_param(SSL *s);
		721	int SRP_generate_client_master_secret(SSL s, unsigned char master_key);
		722
		723	#endif
685		724
686	#define SSL_MAX_CERT_LIST_DEFAULT 1024100 / 100k max cert list :-) */	725	#define SSL_MAX_CERT_LIST_DEFAULT 1024100 / 100k max cert list :-) */
687		726
@@ -903,6 +942,9 @@ struct ssl_ctx_st {
903	struct ssl3_buf_freelist_st *wbuf_freelist;	942	struct ssl3_buf_freelist_st *wbuf_freelist;
904	struct ssl3_buf_freelist_st *rbuf_freelist;	943	struct ssl3_buf_freelist_st *rbuf_freelist;
905	#endif	944	#endif
		945	#ifndef OPENSSL_NO_SRP
		946	SRP_CTX srp_ctx; /* ctx for SRP authentication */
		947	#endif
906		948
907	#ifndef OPENSSL_NO_TLSEXT	949	#ifndef OPENSSL_NO_TLSEXT
908		950
@@ -1306,6 +1348,9 @@ struct ssl_st {
1306	* 2 if we are a server and are inside a handshake	1348	* 2 if we are a server and are inside a handshake
1307	* (i.e. not just sending a HelloRequest) */	1349	* (i.e. not just sending a HelloRequest) */
1308		1350
		1351	#ifndef OPENSSL_NO_SRP
		1352	SRP_CTX srp_ctx; /* ctx for SRP authentication */
		1353	#endif
1309	};	1354	};
1310		1355
1311	#endif	1356	#endif
@@ -1754,6 +1799,24 @@ int SSL_set_trust(SSL *s, int trust);
1754	int SSL_CTX_set1_param(SSL_CTX ctx, X509_VERIFY_PARAM vpm);	1799	int SSL_CTX_set1_param(SSL_CTX ctx, X509_VERIFY_PARAM vpm);
1755	int SSL_set1_param(SSL ssl, X509_VERIFY_PARAM vpm);	1800	int SSL_set1_param(SSL ssl, X509_VERIFY_PARAM vpm);
1756		1801
		1802	#ifndef OPENSSL_NO_SRP
		1803	int SSL_CTX_set_srp_username(SSL_CTX ctx, char name);
		1804	int SSL_CTX_set_srp_password(SSL_CTX ctx, char password);
		1805	int SSL_CTX_set_srp_strength(SSL_CTX *ctx, int strength);
		1806	int SSL_CTX_set_srp_client_pwd_callback(SSL_CTX ctx, char (cb)(SSL , void *));
		1807	int SSL_CTX_set_srp_verify_param_callback(SSL_CTX ctx, int (cb)(SSL , void ));
		1808	int SSL_CTX_set_srp_username_callback(SSL_CTX ctx, int (cb)(SSL , int , void *));
		1809	int SSL_CTX_set_srp_cb_arg(SSL_CTX ctx, void arg);
		1810
		1811	int SSL_set_srp_server_param(SSL s, const BIGNUM N, const BIGNUM g, BIGNUM sa, BIGNUM v, char info);
		1812	int SSL_set_srp_server_param_pw(SSL s, const char user, const char pass, const char grp);
		1813
		1814	BIGNUM SSL_get_srp_g(SSL s);
		1815	BIGNUM SSL_get_srp_N(SSL s);
		1816
		1817	char SSL_get_srp_username(SSL s);
		1818	char SSL_get_srp_userinfo(SSL s);
		1819	#endif
1757		1820
1758	void SSL_free(SSL *ssl);	1821	void SSL_free(SSL *ssl);
1759	int SSL_accept(SSL *ssl);	1822	int SSL_accept(SSL *ssl);