summaryrefslogtreecommitdiff
path: root/src/lib/libssl/ssl_lib.c
diff options
context:
space:
mode:
authorcvs2svn <admin@example.com>2021-08-18 16:06:57 +0000
committercvs2svn <admin@example.com>2021-08-18 16:06:57 +0000
commitd56c8fa8260d226f98b26f017b45b9c2b135f38d (patch)
tree348178b41617813cc93787187984a734ef8379ca /src/lib/libssl/ssl_lib.c
parent18b9c1bcab7c37d8c5bd05b8e0d14d0c59d96650 (diff)
downloadopenbsd-tb_20210818.tar.gz
openbsd-tb_20210818.tar.bz2
openbsd-tb_20210818.zip
This commit was manufactured by cvs2git to create tag 'tb_20210818'.tb_20210818
Diffstat (limited to 'src/lib/libssl/ssl_lib.c')
-rw-r--r--src/lib/libssl/ssl_lib.c3081
1 files changed, 0 insertions, 3081 deletions
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
deleted file mode 100644
index bb4b700e0b..0000000000
--- a/src/lib/libssl/ssl_lib.c
+++ /dev/null
@@ -1,3081 +0,0 @@
1/* $OpenBSD: ssl_lib.c,v 1.262 2021/07/01 17:53:39 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111/* ====================================================================
112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113 * ECC cipher suite support in OpenSSL originally developed by
114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
115 */
116/* ====================================================================
117 * Copyright 2005 Nokia. All rights reserved.
118 *
119 * The portions of the attached software ("Contribution") is developed by
120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
121 * license.
122 *
123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
125 * support (see RFC 4279) to OpenSSL.
126 *
127 * No patent licenses or other rights except those expressly stated in
128 * the OpenSSL open source license shall be deemed granted or received
129 * expressly, by implication, estoppel, or otherwise.
130 *
131 * No assurances are provided by Nokia that the Contribution does not
132 * infringe the patent or other intellectual property rights of any third
133 * party or that the license provides you with all the necessary rights
134 * to make use of the Contribution.
135 *
136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
140 * OTHERWISE.
141 */
142
143#include <arpa/inet.h>
144#include <sys/socket.h>
145#include <netinet/in.h>
146
147#include <stdio.h>
148
149#include <openssl/bn.h>
150#include <openssl/dh.h>
151#include <openssl/lhash.h>
152#include <openssl/objects.h>
153#include <openssl/ocsp.h>
154#include <openssl/opensslconf.h>
155#include <openssl/x509v3.h>
156
157#ifndef OPENSSL_NO_ENGINE
158#include <openssl/engine.h>
159#endif
160
161#include "bytestring.h"
162#include "dtls_locl.h"
163#include "ssl_locl.h"
164#include "ssl_sigalgs.h"
165
166const char *SSL_version_str = OPENSSL_VERSION_TEXT;
167
168int
169SSL_clear(SSL *s)
170{
171 if (s->method == NULL) {
172 SSLerror(s, SSL_R_NO_METHOD_SPECIFIED);
173 return (0);
174 }
175
176 if (ssl_clear_bad_session(s)) {
177 SSL_SESSION_free(s->session);
178 s->session = NULL;
179 }
180
181 s->error = 0;
182 s->internal->hit = 0;
183 s->internal->shutdown = 0;
184
185 if (s->internal->renegotiate) {
186 SSLerror(s, ERR_R_INTERNAL_ERROR);
187 return (0);
188 }
189
190 s->version = s->method->version;
191 s->client_version = s->version;
192 s->internal->rwstate = SSL_NOTHING;
193 s->internal->rstate = SSL_ST_READ_HEADER;
194
195 tls13_ctx_free(s->internal->tls13);
196 s->internal->tls13 = NULL;
197
198 ssl3_release_init_buffer(s);
199
200 ssl_clear_cipher_state(s);
201
202 s->internal->first_packet = 0;
203
204 /*
205 * Check to see if we were changed into a different method, if
206 * so, revert back if we are not doing session-id reuse.
207 */
208 if (!s->internal->in_handshake && (s->session == NULL) &&
209 (s->method != s->ctx->method)) {
210 s->method->ssl_free(s);
211 s->method = s->ctx->method;
212 if (!s->method->ssl_new(s))
213 return (0);
214 } else
215 s->method->ssl_clear(s);
216
217 return (1);
218}
219
220/* Used to change an SSL_CTXs default SSL method type */
221int
222SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth)
223{
224 STACK_OF(SSL_CIPHER) *ciphers;
225
226 ctx->method = meth;
227
228 ciphers = ssl_create_cipher_list(ctx->method, &ctx->cipher_list,
229 ctx->internal->cipher_list_tls13, SSL_DEFAULT_CIPHER_LIST);
230 if (ciphers == NULL || sk_SSL_CIPHER_num(ciphers) <= 0) {
231 SSLerrorx(SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
232 return (0);
233 }
234 return (1);
235}
236
237SSL *
238SSL_new(SSL_CTX *ctx)
239{
240 SSL *s;
241
242 if (ctx == NULL) {
243 SSLerrorx(SSL_R_NULL_SSL_CTX);
244 return (NULL);
245 }
246 if (ctx->method == NULL) {
247 SSLerrorx(SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION);
248 return (NULL);
249 }
250
251 if ((s = calloc(1, sizeof(*s))) == NULL)
252 goto err;
253 if ((s->internal = calloc(1, sizeof(*s->internal))) == NULL)
254 goto err;
255
256 if ((s->internal->rl = tls12_record_layer_new()) == NULL)
257 goto err;
258
259 s->internal->min_tls_version = ctx->internal->min_tls_version;
260 s->internal->max_tls_version = ctx->internal->max_tls_version;
261 s->internal->min_proto_version = ctx->internal->min_proto_version;
262 s->internal->max_proto_version = ctx->internal->max_proto_version;
263
264 s->internal->options = ctx->internal->options;
265 s->internal->mode = ctx->internal->mode;
266 s->internal->max_cert_list = ctx->internal->max_cert_list;
267
268 if ((s->cert = ssl_cert_dup(ctx->internal->cert)) == NULL)
269 goto err;
270
271 s->internal->read_ahead = ctx->internal->read_ahead;
272 s->internal->msg_callback = ctx->internal->msg_callback;
273 s->internal->msg_callback_arg = ctx->internal->msg_callback_arg;
274 s->verify_mode = ctx->verify_mode;
275 s->sid_ctx_length = ctx->sid_ctx_length;
276 OPENSSL_assert(s->sid_ctx_length <= sizeof s->sid_ctx);
277 memcpy(&s->sid_ctx, &ctx->sid_ctx, sizeof(s->sid_ctx));
278 s->internal->verify_callback = ctx->internal->default_verify_callback;
279 s->internal->generate_session_id = ctx->internal->generate_session_id;
280
281 s->param = X509_VERIFY_PARAM_new();
282 if (!s->param)
283 goto err;
284 X509_VERIFY_PARAM_inherit(s->param, ctx->param);
285 s->internal->quiet_shutdown = ctx->internal->quiet_shutdown;
286 s->max_send_fragment = ctx->internal->max_send_fragment;
287
288 CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
289 s->ctx = ctx;
290 s->internal->tlsext_debug_cb = 0;
291 s->internal->tlsext_debug_arg = NULL;
292 s->internal->tlsext_ticket_expected = 0;
293 s->tlsext_status_type = -1;
294 s->internal->tlsext_status_expected = 0;
295 s->internal->tlsext_ocsp_ids = NULL;
296 s->internal->tlsext_ocsp_exts = NULL;
297 s->internal->tlsext_ocsp_resp = NULL;
298 s->internal->tlsext_ocsp_resp_len = 0;
299 CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
300 s->initial_ctx = ctx;
301
302 if (ctx->internal->tlsext_ecpointformatlist != NULL) {
303 s->internal->tlsext_ecpointformatlist =
304 calloc(ctx->internal->tlsext_ecpointformatlist_length,
305 sizeof(ctx->internal->tlsext_ecpointformatlist[0]));
306 if (s->internal->tlsext_ecpointformatlist == NULL)
307 goto err;
308 memcpy(s->internal->tlsext_ecpointformatlist,
309 ctx->internal->tlsext_ecpointformatlist,
310 ctx->internal->tlsext_ecpointformatlist_length *
311 sizeof(ctx->internal->tlsext_ecpointformatlist[0]));
312 s->internal->tlsext_ecpointformatlist_length =
313 ctx->internal->tlsext_ecpointformatlist_length;
314 }
315 if (ctx->internal->tlsext_supportedgroups != NULL) {
316 s->internal->tlsext_supportedgroups =
317 calloc(ctx->internal->tlsext_supportedgroups_length,
318 sizeof(ctx->internal->tlsext_supportedgroups[0]));
319 if (s->internal->tlsext_supportedgroups == NULL)
320 goto err;
321 memcpy(s->internal->tlsext_supportedgroups,
322 ctx->internal->tlsext_supportedgroups,
323 ctx->internal->tlsext_supportedgroups_length *
324 sizeof(ctx->internal->tlsext_supportedgroups[0]));
325 s->internal->tlsext_supportedgroups_length =
326 ctx->internal->tlsext_supportedgroups_length;
327 }
328
329 if (s->ctx->internal->alpn_client_proto_list != NULL) {
330 s->internal->alpn_client_proto_list =
331 malloc(s->ctx->internal->alpn_client_proto_list_len);
332 if (s->internal->alpn_client_proto_list == NULL)
333 goto err;
334 memcpy(s->internal->alpn_client_proto_list,
335 s->ctx->internal->alpn_client_proto_list,
336 s->ctx->internal->alpn_client_proto_list_len);
337 s->internal->alpn_client_proto_list_len =
338 s->ctx->internal->alpn_client_proto_list_len;
339 }
340
341 s->verify_result = X509_V_OK;
342
343 s->method = ctx->method;
344
345 if (!s->method->ssl_new(s))
346 goto err;
347
348 s->references = 1;
349 s->server = ctx->method->server;
350
351 SSL_clear(s);
352
353 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->internal->ex_data);
354
355 return (s);
356
357 err:
358 SSL_free(s);
359 SSLerrorx(ERR_R_MALLOC_FAILURE);
360 return (NULL);
361}
362
363int
364SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx,
365 unsigned int sid_ctx_len)
366{
367 if (sid_ctx_len > sizeof ctx->sid_ctx) {
368 SSLerrorx(SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
369 return (0);
370 }
371 ctx->sid_ctx_length = sid_ctx_len;
372 memcpy(ctx->sid_ctx, sid_ctx, sid_ctx_len);
373
374 return (1);
375}
376
377int
378SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx,
379 unsigned int sid_ctx_len)
380{
381 if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {
382 SSLerror(ssl, SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
383 return (0);
384 }
385 ssl->sid_ctx_length = sid_ctx_len;
386 memcpy(ssl->sid_ctx, sid_ctx, sid_ctx_len);
387
388 return (1);
389}
390
391int
392SSL_CTX_set_generate_session_id(SSL_CTX *ctx, GEN_SESSION_CB cb)
393{
394 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
395 ctx->internal->generate_session_id = cb;
396 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
397 return (1);
398}
399
400int
401SSL_set_generate_session_id(SSL *ssl, GEN_SESSION_CB cb)
402{
403 CRYPTO_w_lock(CRYPTO_LOCK_SSL);
404 ssl->internal->generate_session_id = cb;
405 CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
406 return (1);
407}
408
409int
410SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
411 unsigned int id_len)
412{
413 /*
414 * A quick examination of SSL_SESSION_hash and SSL_SESSION_cmp
415 * shows how we can "construct" a session to give us the desired
416 * check - ie. to find if there's a session in the hash table
417 * that would conflict with any new session built out of this
418 * id/id_len and the ssl_version in use by this SSL.
419 */
420 SSL_SESSION r, *p;
421
422 if (id_len > sizeof r.session_id)
423 return (0);
424
425 r.ssl_version = ssl->version;
426 r.session_id_length = id_len;
427 memcpy(r.session_id, id, id_len);
428
429 CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
430 p = lh_SSL_SESSION_retrieve(ssl->ctx->internal->sessions, &r);
431 CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
432 return (p != NULL);
433}
434
435int
436SSL_CTX_set_purpose(SSL_CTX *s, int purpose)
437{
438 return (X509_VERIFY_PARAM_set_purpose(s->param, purpose));
439}
440
441int
442SSL_set_purpose(SSL *s, int purpose)
443{
444 return (X509_VERIFY_PARAM_set_purpose(s->param, purpose));
445}
446
447int
448SSL_CTX_set_trust(SSL_CTX *s, int trust)
449{
450 return (X509_VERIFY_PARAM_set_trust(s->param, trust));
451}
452
453int
454SSL_set_trust(SSL *s, int trust)
455{
456 return (X509_VERIFY_PARAM_set_trust(s->param, trust));
457}
458
459int
460SSL_set1_host(SSL *s, const char *hostname)
461{
462 struct in_addr ina;
463 struct in6_addr in6a;
464
465 if (hostname != NULL && *hostname != '\0' &&
466 (inet_pton(AF_INET, hostname, &ina) == 1 ||
467 inet_pton(AF_INET6, hostname, &in6a) == 1))
468 return X509_VERIFY_PARAM_set1_ip_asc(s->param, hostname);
469 else
470 return X509_VERIFY_PARAM_set1_host(s->param, hostname, 0);
471}
472
473void
474SSL_set_hostflags(SSL *s, unsigned int flags)
475{
476 X509_VERIFY_PARAM_set_hostflags(s->param, flags);
477}
478
479const char *
480SSL_get0_peername(SSL *s)
481{
482 return X509_VERIFY_PARAM_get0_peername(s->param);
483}
484
485X509_VERIFY_PARAM *
486SSL_CTX_get0_param(SSL_CTX *ctx)
487{
488 return (ctx->param);
489}
490
491int
492SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm)
493{
494 return (X509_VERIFY_PARAM_set1(ctx->param, vpm));
495}
496
497X509_VERIFY_PARAM *
498SSL_get0_param(SSL *ssl)
499{
500 return (ssl->param);
501}
502
503int
504SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm)
505{
506 return (X509_VERIFY_PARAM_set1(ssl->param, vpm));
507}
508
509void
510SSL_free(SSL *s)
511{
512 int i;
513
514 if (s == NULL)
515 return;
516
517 i = CRYPTO_add(&s->references, -1, CRYPTO_LOCK_SSL);
518 if (i > 0)
519 return;
520
521 X509_VERIFY_PARAM_free(s->param);
522
523 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->internal->ex_data);
524
525 if (s->bbio != NULL) {
526 /* If the buffering BIO is in place, pop it off */
527 if (s->bbio == s->wbio) {
528 s->wbio = BIO_pop(s->wbio);
529 }
530 BIO_free(s->bbio);
531 s->bbio = NULL;
532 }
533
534 if (s->rbio != s->wbio)
535 BIO_free_all(s->rbio);
536 BIO_free_all(s->wbio);
537
538 tls13_ctx_free(s->internal->tls13);
539
540 ssl3_release_init_buffer(s);
541
542 sk_SSL_CIPHER_free(s->cipher_list);
543 sk_SSL_CIPHER_free(s->internal->cipher_list_tls13);
544
545 /* Make the next call work :-) */
546 if (s->session != NULL) {
547 ssl_clear_bad_session(s);
548 SSL_SESSION_free(s->session);
549 }
550
551 ssl_clear_cipher_state(s);
552
553 ssl_cert_free(s->cert);
554
555 free(s->tlsext_hostname);
556 SSL_CTX_free(s->initial_ctx);
557
558 free(s->internal->tlsext_ecpointformatlist);
559 free(s->internal->tlsext_supportedgroups);
560
561 sk_X509_EXTENSION_pop_free(s->internal->tlsext_ocsp_exts,
562 X509_EXTENSION_free);
563 sk_OCSP_RESPID_pop_free(s->internal->tlsext_ocsp_ids, OCSP_RESPID_free);
564 free(s->internal->tlsext_ocsp_resp);
565
566 sk_X509_NAME_pop_free(s->internal->client_CA, X509_NAME_free);
567
568 if (s->method != NULL)
569 s->method->ssl_free(s);
570
571 SSL_CTX_free(s->ctx);
572
573 free(s->internal->alpn_client_proto_list);
574
575#ifndef OPENSSL_NO_SRTP
576 sk_SRTP_PROTECTION_PROFILE_free(s->internal->srtp_profiles);
577#endif
578
579 tls12_record_layer_free(s->internal->rl);
580
581 free(s->internal);
582 free(s);
583}
584
585int
586SSL_up_ref(SSL *s)
587{
588 int refs = CRYPTO_add(&s->references, 1, CRYPTO_LOCK_SSL);
589 return (refs > 1) ? 1 : 0;
590}
591
592void
593SSL_set_bio(SSL *s, BIO *rbio, BIO *wbio)
594{
595 /* If the output buffering BIO is still in place, remove it */
596 if (s->bbio != NULL) {
597 if (s->wbio == s->bbio) {
598 s->wbio = s->wbio->next_bio;
599 s->bbio->next_bio = NULL;
600 }
601 }
602
603 if (s->rbio != rbio && s->rbio != s->wbio)
604 BIO_free_all(s->rbio);
605 if (s->wbio != wbio)
606 BIO_free_all(s->wbio);
607 s->rbio = rbio;
608 s->wbio = wbio;
609}
610
611BIO *
612SSL_get_rbio(const SSL *s)
613{
614 return (s->rbio);
615}
616
617BIO *
618SSL_get_wbio(const SSL *s)
619{
620 return (s->wbio);
621}
622
623int
624SSL_get_fd(const SSL *s)
625{
626 return (SSL_get_rfd(s));
627}
628
629int
630SSL_get_rfd(const SSL *s)
631{
632 int ret = -1;
633 BIO *b, *r;
634
635 b = SSL_get_rbio(s);
636 r = BIO_find_type(b, BIO_TYPE_DESCRIPTOR);
637 if (r != NULL)
638 BIO_get_fd(r, &ret);
639 return (ret);
640}
641
642int
643SSL_get_wfd(const SSL *s)
644{
645 int ret = -1;
646 BIO *b, *r;
647
648 b = SSL_get_wbio(s);
649 r = BIO_find_type(b, BIO_TYPE_DESCRIPTOR);
650 if (r != NULL)
651 BIO_get_fd(r, &ret);
652 return (ret);
653}
654
655int
656SSL_set_fd(SSL *s, int fd)
657{
658 int ret = 0;
659 BIO *bio = NULL;
660
661 bio = BIO_new(BIO_s_socket());
662
663 if (bio == NULL) {
664 SSLerror(s, ERR_R_BUF_LIB);
665 goto err;
666 }
667 BIO_set_fd(bio, fd, BIO_NOCLOSE);
668 SSL_set_bio(s, bio, bio);
669 ret = 1;
670 err:
671 return (ret);
672}
673
674int
675SSL_set_wfd(SSL *s, int fd)
676{
677 int ret = 0;
678 BIO *bio = NULL;
679
680 if ((s->rbio == NULL) || (BIO_method_type(s->rbio) != BIO_TYPE_SOCKET)
681 || ((int)BIO_get_fd(s->rbio, NULL) != fd)) {
682 bio = BIO_new(BIO_s_socket());
683
684 if (bio == NULL) {
685 SSLerror(s, ERR_R_BUF_LIB);
686 goto err;
687 }
688 BIO_set_fd(bio, fd, BIO_NOCLOSE);
689 SSL_set_bio(s, SSL_get_rbio(s), bio);
690 } else
691 SSL_set_bio(s, SSL_get_rbio(s), SSL_get_rbio(s));
692 ret = 1;
693 err:
694 return (ret);
695}
696
697int
698SSL_set_rfd(SSL *s, int fd)
699{
700 int ret = 0;
701 BIO *bio = NULL;
702
703 if ((s->wbio == NULL) || (BIO_method_type(s->wbio) != BIO_TYPE_SOCKET)
704 || ((int)BIO_get_fd(s->wbio, NULL) != fd)) {
705 bio = BIO_new(BIO_s_socket());
706
707 if (bio == NULL) {
708 SSLerror(s, ERR_R_BUF_LIB);
709 goto err;
710 }
711 BIO_set_fd(bio, fd, BIO_NOCLOSE);
712 SSL_set_bio(s, bio, SSL_get_wbio(s));
713 } else
714 SSL_set_bio(s, SSL_get_wbio(s), SSL_get_wbio(s));
715 ret = 1;
716 err:
717 return (ret);
718}
719
720
721/* return length of latest Finished message we sent, copy to 'buf' */
722size_t
723SSL_get_finished(const SSL *s, void *buf, size_t count)
724{
725 size_t ret;
726
727 ret = S3I(s)->hs.finished_len;
728 if (count > ret)
729 count = ret;
730 memcpy(buf, S3I(s)->hs.finished, count);
731 return (ret);
732}
733
734/* return length of latest Finished message we expected, copy to 'buf' */
735size_t
736SSL_get_peer_finished(const SSL *s, void *buf, size_t count)
737{
738 size_t ret;
739
740 ret = S3I(s)->hs.peer_finished_len;
741 if (count > ret)
742 count = ret;
743 memcpy(buf, S3I(s)->hs.peer_finished, count);
744 return (ret);
745}
746
747
748int
749SSL_get_verify_mode(const SSL *s)
750{
751 return (s->verify_mode);
752}
753
754int
755SSL_get_verify_depth(const SSL *s)
756{
757 return (X509_VERIFY_PARAM_get_depth(s->param));
758}
759
760int
761(*SSL_get_verify_callback(const SSL *s))(int, X509_STORE_CTX *)
762{
763 return (s->internal->verify_callback);
764}
765
766int
767SSL_CTX_get_verify_mode(const SSL_CTX *ctx)
768{
769 return (ctx->verify_mode);
770}
771
772int
773SSL_CTX_get_verify_depth(const SSL_CTX *ctx)
774{
775 return (X509_VERIFY_PARAM_get_depth(ctx->param));
776}
777
778int
779(*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))(int, X509_STORE_CTX *)
780{
781 return (ctx->internal->default_verify_callback);
782}
783
784void
785SSL_set_verify(SSL *s, int mode,
786 int (*callback)(int ok, X509_STORE_CTX *ctx))
787{
788 s->verify_mode = mode;
789 if (callback != NULL)
790 s->internal->verify_callback = callback;
791}
792
793void
794SSL_set_verify_depth(SSL *s, int depth)
795{
796 X509_VERIFY_PARAM_set_depth(s->param, depth);
797}
798
799void
800SSL_set_read_ahead(SSL *s, int yes)
801{
802 s->internal->read_ahead = yes;
803}
804
805int
806SSL_get_read_ahead(const SSL *s)
807{
808 return (s->internal->read_ahead);
809}
810
811int
812SSL_pending(const SSL *s)
813{
814 return (s->method->ssl_pending(s));
815}
816
817X509 *
818SSL_get_peer_certificate(const SSL *s)
819{
820 X509 *r;
821
822 if ((s == NULL) || (s->session == NULL))
823 r = NULL;
824 else
825 r = s->session->peer;
826
827 if (r == NULL)
828 return (r);
829
830 CRYPTO_add(&r->references, 1, CRYPTO_LOCK_X509);
831
832 return (r);
833}
834
835STACK_OF(X509) *
836SSL_get_peer_cert_chain(const SSL *s)
837{
838 STACK_OF(X509) *r;
839
840 if ((s == NULL) || (s->session == NULL) ||
841 (SSI(s)->sess_cert == NULL))
842 r = NULL;
843 else
844 r = SSI(s)->sess_cert->cert_chain;
845
846 /*
847 * If we are a client, cert_chain includes the peer's own
848 * certificate;
849 * if we are a server, it does not.
850 */
851 return (r);
852}
853
854/*
855 * Now in theory, since the calling process own 't' it should be safe to
856 * modify. We need to be able to read f without being hassled
857 */
858int
859SSL_copy_session_id(SSL *t, const SSL *f)
860{
861 CERT *tmp;
862
863 /* Do we need to do SSL locking? */
864 if (!SSL_set_session(t, SSL_get_session(f)))
865 return 0;
866
867 /* What if we are set up for one protocol but want to talk another? */
868 if (t->method != f->method) {
869 t->method->ssl_free(t);
870 t->method = f->method;
871 if (!t->method->ssl_new(t))
872 return 0;
873 }
874
875 tmp = t->cert;
876 if (f->cert != NULL) {
877 CRYPTO_add(&f->cert->references, 1, CRYPTO_LOCK_SSL_CERT);
878 t->cert = f->cert;
879 } else
880 t->cert = NULL;
881 ssl_cert_free(tmp);
882
883 if (!SSL_set_session_id_context(t, f->sid_ctx, f->sid_ctx_length))
884 return 0;
885
886 return 1;
887}
888
889/* Fix this so it checks all the valid key/cert options */
890int
891SSL_CTX_check_private_key(const SSL_CTX *ctx)
892{
893 if ((ctx == NULL) || (ctx->internal->cert == NULL) ||
894 (ctx->internal->cert->key->x509 == NULL)) {
895 SSLerrorx(SSL_R_NO_CERTIFICATE_ASSIGNED);
896 return (0);
897 }
898 if (ctx->internal->cert->key->privatekey == NULL) {
899 SSLerrorx(SSL_R_NO_PRIVATE_KEY_ASSIGNED);
900 return (0);
901 }
902 return (X509_check_private_key(ctx->internal->cert->key->x509,
903 ctx->internal->cert->key->privatekey));
904}
905
906/* Fix this function so that it takes an optional type parameter */
907int
908SSL_check_private_key(const SSL *ssl)
909{
910 if (ssl == NULL) {
911 SSLerrorx(ERR_R_PASSED_NULL_PARAMETER);
912 return (0);
913 }
914 if (ssl->cert == NULL) {
915 SSLerror(ssl, SSL_R_NO_CERTIFICATE_ASSIGNED);
916 return (0);
917 }
918 if (ssl->cert->key->x509 == NULL) {
919 SSLerror(ssl, SSL_R_NO_CERTIFICATE_ASSIGNED);
920 return (0);
921 }
922 if (ssl->cert->key->privatekey == NULL) {
923 SSLerror(ssl, SSL_R_NO_PRIVATE_KEY_ASSIGNED);
924 return (0);
925 }
926 return (X509_check_private_key(ssl->cert->key->x509,
927 ssl->cert->key->privatekey));
928}
929
930int
931SSL_accept(SSL *s)
932{
933 if (s->internal->handshake_func == NULL)
934 SSL_set_accept_state(s); /* Not properly initialized yet */
935
936 return (s->method->ssl_accept(s));
937}
938
939int
940SSL_connect(SSL *s)
941{
942 if (s->internal->handshake_func == NULL)
943 SSL_set_connect_state(s); /* Not properly initialized yet */
944
945 return (s->method->ssl_connect(s));
946}
947
948int
949SSL_is_dtls(const SSL *s)
950{
951 return s->method->dtls;
952}
953
954int
955SSL_is_server(const SSL *s)
956{
957 return s->server;
958}
959
960static long
961ssl_get_default_timeout()
962{
963 /*
964 * 2 hours, the 24 hours mentioned in the TLSv1 spec
965 * is way too long for http, the cache would over fill.
966 */
967 return (2 * 60 * 60);
968}
969
970long
971SSL_get_default_timeout(const SSL *s)
972{
973 return (ssl_get_default_timeout());
974}
975
976int
977SSL_read(SSL *s, void *buf, int num)
978{
979 if (s->internal->handshake_func == NULL) {
980 SSLerror(s, SSL_R_UNINITIALIZED);
981 return (-1);
982 }
983
984 if (s->internal->shutdown & SSL_RECEIVED_SHUTDOWN) {
985 s->internal->rwstate = SSL_NOTHING;
986 return (0);
987 }
988 return ssl3_read(s, buf, num);
989}
990
991int
992SSL_peek(SSL *s, void *buf, int num)
993{
994 if (s->internal->handshake_func == NULL) {
995 SSLerror(s, SSL_R_UNINITIALIZED);
996 return (-1);
997 }
998
999 if (s->internal->shutdown & SSL_RECEIVED_SHUTDOWN) {
1000 return (0);
1001 }
1002 return ssl3_peek(s, buf, num);
1003}
1004
1005int
1006SSL_write(SSL *s, const void *buf, int num)
1007{
1008 if (s->internal->handshake_func == NULL) {
1009 SSLerror(s, SSL_R_UNINITIALIZED);
1010 return (-1);
1011 }
1012
1013 if (s->internal->shutdown & SSL_SENT_SHUTDOWN) {
1014 s->internal->rwstate = SSL_NOTHING;
1015 SSLerror(s, SSL_R_PROTOCOL_IS_SHUTDOWN);
1016 return (-1);
1017 }
1018 return ssl3_write(s, buf, num);
1019}
1020
1021uint32_t
1022SSL_CTX_get_max_early_data(const SSL_CTX *ctx)
1023{
1024 return 0;
1025}
1026
1027int
1028SSL_CTX_set_max_early_data(SSL_CTX *ctx, uint32_t max_early_data)
1029{
1030 return 1;
1031}
1032
1033uint32_t
1034SSL_get_max_early_data(const SSL *s)
1035{
1036 return 0;
1037}
1038
1039int
1040SSL_set_max_early_data(SSL *s, uint32_t max_early_data)
1041{
1042 return 1;
1043}
1044
1045int
1046SSL_get_early_data_status(const SSL *s)
1047{
1048 return SSL_EARLY_DATA_REJECTED;
1049}
1050
1051int
1052SSL_read_early_data(SSL *s, void *buf, size_t num, size_t *readbytes)
1053{
1054 *readbytes = 0;
1055
1056 if (!s->server) {
1057 SSLerror(s, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1058 return SSL_READ_EARLY_DATA_ERROR;
1059 }
1060
1061 return SSL_READ_EARLY_DATA_FINISH;
1062}
1063
1064int
1065SSL_write_early_data(SSL *s, const void *buf, size_t num, size_t *written)
1066{
1067 *written = 0;
1068 SSLerror(s, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1069 return 0;
1070}
1071
1072int
1073SSL_shutdown(SSL *s)
1074{
1075 /*
1076 * Note that this function behaves differently from what one might
1077 * expect. Return values are 0 for no success (yet),
1078 * 1 for success; but calling it once is usually not enough,
1079 * even if blocking I/O is used (see ssl3_shutdown).
1080 */
1081
1082 if (s->internal->handshake_func == NULL) {
1083 SSLerror(s, SSL_R_UNINITIALIZED);
1084 return (-1);
1085 }
1086
1087 if (s != NULL && !SSL_in_init(s))
1088 return (s->method->ssl_shutdown(s));
1089
1090 return (1);
1091}
1092
1093int
1094SSL_renegotiate(SSL *s)
1095{
1096 if (s->internal->renegotiate == 0)
1097 s->internal->renegotiate = 1;
1098
1099 s->internal->new_session = 1;
1100
1101 return (s->method->ssl_renegotiate(s));
1102}
1103
1104int
1105SSL_renegotiate_abbreviated(SSL *s)
1106{
1107 if (s->internal->renegotiate == 0)
1108 s->internal->renegotiate = 1;
1109
1110 s->internal->new_session = 0;
1111
1112 return (s->method->ssl_renegotiate(s));
1113}
1114
1115int
1116SSL_renegotiate_pending(SSL *s)
1117{
1118 /*
1119 * Becomes true when negotiation is requested;
1120 * false again once a handshake has finished.
1121 */
1122 return (s->internal->renegotiate != 0);
1123}
1124
1125long
1126SSL_ctrl(SSL *s, int cmd, long larg, void *parg)
1127{
1128 long l;
1129
1130 switch (cmd) {
1131 case SSL_CTRL_GET_READ_AHEAD:
1132 return (s->internal->read_ahead);
1133 case SSL_CTRL_SET_READ_AHEAD:
1134 l = s->internal->read_ahead;
1135 s->internal->read_ahead = larg;
1136 return (l);
1137
1138 case SSL_CTRL_SET_MSG_CALLBACK_ARG:
1139 s->internal->msg_callback_arg = parg;
1140 return (1);
1141
1142 case SSL_CTRL_OPTIONS:
1143 return (s->internal->options|=larg);
1144 case SSL_CTRL_CLEAR_OPTIONS:
1145 return (s->internal->options&=~larg);
1146 case SSL_CTRL_MODE:
1147 return (s->internal->mode|=larg);
1148 case SSL_CTRL_CLEAR_MODE:
1149 return (s->internal->mode &=~larg);
1150 case SSL_CTRL_GET_MAX_CERT_LIST:
1151 return (s->internal->max_cert_list);
1152 case SSL_CTRL_SET_MAX_CERT_LIST:
1153 l = s->internal->max_cert_list;
1154 s->internal->max_cert_list = larg;
1155 return (l);
1156 case SSL_CTRL_SET_MTU:
1157#ifndef OPENSSL_NO_DTLS1
1158 if (larg < (long)dtls1_min_mtu())
1159 return (0);
1160#endif
1161 if (SSL_is_dtls(s)) {
1162 D1I(s)->mtu = larg;
1163 return (larg);
1164 }
1165 return (0);
1166 case SSL_CTRL_SET_MAX_SEND_FRAGMENT:
1167 if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH)
1168 return (0);
1169 s->max_send_fragment = larg;
1170 return (1);
1171 case SSL_CTRL_GET_RI_SUPPORT:
1172 if (s->s3)
1173 return (S3I(s)->send_connection_binding);
1174 else return (0);
1175 default:
1176 if (SSL_is_dtls(s))
1177 return dtls1_ctrl(s, cmd, larg, parg);
1178 return ssl3_ctrl(s, cmd, larg, parg);
1179 }
1180}
1181
1182long
1183SSL_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
1184{
1185 switch (cmd) {
1186 case SSL_CTRL_SET_MSG_CALLBACK:
1187 s->internal->msg_callback = (void (*)(int write_p, int version,
1188 int content_type, const void *buf, size_t len,
1189 SSL *ssl, void *arg))(fp);
1190 return (1);
1191
1192 default:
1193 return (ssl3_callback_ctrl(s, cmd, fp));
1194 }
1195}
1196
1197struct lhash_st_SSL_SESSION *
1198SSL_CTX_sessions(SSL_CTX *ctx)
1199{
1200 return (ctx->internal->sessions);
1201}
1202
1203long
1204SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
1205{
1206 long l;
1207
1208 switch (cmd) {
1209 case SSL_CTRL_GET_READ_AHEAD:
1210 return (ctx->internal->read_ahead);
1211 case SSL_CTRL_SET_READ_AHEAD:
1212 l = ctx->internal->read_ahead;
1213 ctx->internal->read_ahead = larg;
1214 return (l);
1215
1216 case SSL_CTRL_SET_MSG_CALLBACK_ARG:
1217 ctx->internal->msg_callback_arg = parg;
1218 return (1);
1219
1220 case SSL_CTRL_GET_MAX_CERT_LIST:
1221 return (ctx->internal->max_cert_list);
1222 case SSL_CTRL_SET_MAX_CERT_LIST:
1223 l = ctx->internal->max_cert_list;
1224 ctx->internal->max_cert_list = larg;
1225 return (l);
1226
1227 case SSL_CTRL_SET_SESS_CACHE_SIZE:
1228 l = ctx->internal->session_cache_size;
1229 ctx->internal->session_cache_size = larg;
1230 return (l);
1231 case SSL_CTRL_GET_SESS_CACHE_SIZE:
1232 return (ctx->internal->session_cache_size);
1233 case SSL_CTRL_SET_SESS_CACHE_MODE:
1234 l = ctx->internal->session_cache_mode;
1235 ctx->internal->session_cache_mode = larg;
1236 return (l);
1237 case SSL_CTRL_GET_SESS_CACHE_MODE:
1238 return (ctx->internal->session_cache_mode);
1239
1240 case SSL_CTRL_SESS_NUMBER:
1241 return (lh_SSL_SESSION_num_items(ctx->internal->sessions));
1242 case SSL_CTRL_SESS_CONNECT:
1243 return (ctx->internal->stats.sess_connect);
1244 case SSL_CTRL_SESS_CONNECT_GOOD:
1245 return (ctx->internal->stats.sess_connect_good);
1246 case SSL_CTRL_SESS_CONNECT_RENEGOTIATE:
1247 return (ctx->internal->stats.sess_connect_renegotiate);
1248 case SSL_CTRL_SESS_ACCEPT:
1249 return (ctx->internal->stats.sess_accept);
1250 case SSL_CTRL_SESS_ACCEPT_GOOD:
1251 return (ctx->internal->stats.sess_accept_good);
1252 case SSL_CTRL_SESS_ACCEPT_RENEGOTIATE:
1253 return (ctx->internal->stats.sess_accept_renegotiate);
1254 case SSL_CTRL_SESS_HIT:
1255 return (ctx->internal->stats.sess_hit);
1256 case SSL_CTRL_SESS_CB_HIT:
1257 return (ctx->internal->stats.sess_cb_hit);
1258 case SSL_CTRL_SESS_MISSES:
1259 return (ctx->internal->stats.sess_miss);
1260 case SSL_CTRL_SESS_TIMEOUTS:
1261 return (ctx->internal->stats.sess_timeout);
1262 case SSL_CTRL_SESS_CACHE_FULL:
1263 return (ctx->internal->stats.sess_cache_full);
1264 case SSL_CTRL_OPTIONS:
1265 return (ctx->internal->options|=larg);
1266 case SSL_CTRL_CLEAR_OPTIONS:
1267 return (ctx->internal->options&=~larg);
1268 case SSL_CTRL_MODE:
1269 return (ctx->internal->mode|=larg);
1270 case SSL_CTRL_CLEAR_MODE:
1271 return (ctx->internal->mode&=~larg);
1272 case SSL_CTRL_SET_MAX_SEND_FRAGMENT:
1273 if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH)
1274 return (0);
1275 ctx->internal->max_send_fragment = larg;
1276 return (1);
1277 default:
1278 return (ssl3_ctx_ctrl(ctx, cmd, larg, parg));
1279 }
1280}
1281
1282long
1283SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
1284{
1285 switch (cmd) {
1286 case SSL_CTRL_SET_MSG_CALLBACK:
1287 ctx->internal->msg_callback = (void (*)(int write_p, int version,
1288 int content_type, const void *buf, size_t len, SSL *ssl,
1289 void *arg))(fp);
1290 return (1);
1291
1292 default:
1293 return (ssl3_ctx_callback_ctrl(ctx, cmd, fp));
1294 }
1295}
1296
1297int
1298ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b)
1299{
1300 long l;
1301
1302 l = a->id - b->id;
1303 if (l == 0L)
1304 return (0);
1305 else
1306 return ((l > 0) ? 1:-1);
1307}
1308
1309STACK_OF(SSL_CIPHER) *
1310SSL_get_ciphers(const SSL *s)
1311{
1312 if (s == NULL)
1313 return (NULL);
1314 if (s->cipher_list != NULL)
1315 return (s->cipher_list);
1316
1317 return (s->ctx->cipher_list);
1318}
1319
1320STACK_OF(SSL_CIPHER) *
1321SSL_get_client_ciphers(const SSL *s)
1322{
1323 if (s == NULL || s->session == NULL || !s->server)
1324 return NULL;
1325 return s->session->ciphers;
1326}
1327
1328STACK_OF(SSL_CIPHER) *
1329SSL_get1_supported_ciphers(SSL *s)
1330{
1331 STACK_OF(SSL_CIPHER) *supported_ciphers = NULL, *ciphers;
1332 const SSL_CIPHER *cipher;
1333 uint16_t min_vers, max_vers;
1334 int i;
1335
1336 if (s == NULL)
1337 return NULL;
1338 if (!ssl_supported_tls_version_range(s, &min_vers, &max_vers))
1339 return NULL;
1340 if ((ciphers = SSL_get_ciphers(s)) == NULL)
1341 return NULL;
1342 if ((supported_ciphers = sk_SSL_CIPHER_new_null()) == NULL)
1343 return NULL;
1344
1345 for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
1346 if ((cipher = sk_SSL_CIPHER_value(ciphers, i)) == NULL)
1347 goto err;
1348 if (!ssl_cipher_allowed_in_tls_version_range(cipher, min_vers,
1349 max_vers))
1350 continue;
1351 if (!sk_SSL_CIPHER_push(supported_ciphers, cipher))
1352 goto err;
1353 }
1354
1355 if (sk_SSL_CIPHER_num(supported_ciphers) > 0)
1356 return supported_ciphers;
1357
1358 err:
1359 sk_SSL_CIPHER_free(supported_ciphers);
1360 return NULL;
1361}
1362
1363/* See if we have any ECC cipher suites. */
1364int
1365ssl_has_ecc_ciphers(SSL *s)
1366{
1367 STACK_OF(SSL_CIPHER) *ciphers;
1368 unsigned long alg_k, alg_a;
1369 SSL_CIPHER *cipher;
1370 int i;
1371
1372 if ((ciphers = SSL_get_ciphers(s)) == NULL)
1373 return 0;
1374
1375 for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
1376 cipher = sk_SSL_CIPHER_value(ciphers, i);
1377
1378 alg_k = cipher->algorithm_mkey;
1379 alg_a = cipher->algorithm_auth;
1380
1381 if ((alg_k & SSL_kECDHE) || (alg_a & SSL_aECDSA))
1382 return 1;
1383 }
1384
1385 return 0;
1386}
1387
1388/* The old interface to get the same thing as SSL_get_ciphers(). */
1389const char *
1390SSL_get_cipher_list(const SSL *s, int n)
1391{
1392 STACK_OF(SSL_CIPHER) *ciphers;
1393 const SSL_CIPHER *cipher;
1394
1395 if ((ciphers = SSL_get_ciphers(s)) == NULL)
1396 return (NULL);
1397 if ((cipher = sk_SSL_CIPHER_value(ciphers, n)) == NULL)
1398 return (NULL);
1399
1400 return (cipher->name);
1401}
1402
1403STACK_OF(SSL_CIPHER) *
1404SSL_CTX_get_ciphers(const SSL_CTX *ctx)
1405{
1406 if (ctx == NULL)
1407 return NULL;
1408 return ctx->cipher_list;
1409}
1410
1411/* Specify the ciphers to be used by default by the SSL_CTX. */
1412int
1413SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str)
1414{
1415 STACK_OF(SSL_CIPHER) *ciphers;
1416
1417 /*
1418 * ssl_create_cipher_list may return an empty stack if it was unable to
1419 * find a cipher matching the given rule string (for example if the
1420 * rule string specifies a cipher which has been disabled). This is not
1421 * an error as far as ssl_create_cipher_list is concerned, and hence
1422 * ctx->cipher_list has been updated.
1423 */
1424 ciphers = ssl_create_cipher_list(ctx->method, &ctx->cipher_list,
1425 ctx->internal->cipher_list_tls13, str);
1426 if (ciphers == NULL) {
1427 return (0);
1428 } else if (sk_SSL_CIPHER_num(ciphers) == 0) {
1429 SSLerrorx(SSL_R_NO_CIPHER_MATCH);
1430 return (0);
1431 }
1432 return (1);
1433}
1434
1435int
1436SSL_CTX_set_ciphersuites(SSL_CTX *ctx, const char *str)
1437{
1438 if (!ssl_parse_ciphersuites(&ctx->internal->cipher_list_tls13, str)) {
1439 SSLerrorx(SSL_R_NO_CIPHER_MATCH);
1440 return 0;
1441 }
1442 if (!ssl_merge_cipherlists(ctx->cipher_list,
1443 ctx->internal->cipher_list_tls13, &ctx->cipher_list))
1444 return 0;
1445
1446 return 1;
1447}
1448
1449/* Specify the ciphers to be used by the SSL. */
1450int
1451SSL_set_cipher_list(SSL *s, const char *str)
1452{
1453 STACK_OF(SSL_CIPHER) *ciphers, *ciphers_tls13;
1454
1455 if ((ciphers_tls13 = s->internal->cipher_list_tls13) == NULL)
1456 ciphers_tls13 = s->ctx->internal->cipher_list_tls13;
1457
1458 /* See comment in SSL_CTX_set_cipher_list. */
1459 ciphers = ssl_create_cipher_list(s->ctx->method, &s->cipher_list,
1460 ciphers_tls13, str);
1461 if (ciphers == NULL) {
1462 return (0);
1463 } else if (sk_SSL_CIPHER_num(ciphers) == 0) {
1464 SSLerror(s, SSL_R_NO_CIPHER_MATCH);
1465 return (0);
1466 }
1467 return (1);
1468}
1469
1470int
1471SSL_set_ciphersuites(SSL *s, const char *str)
1472{
1473 STACK_OF(SSL_CIPHER) *ciphers;
1474
1475 if ((ciphers = s->cipher_list) == NULL)
1476 ciphers = s->ctx->cipher_list;
1477
1478 if (!ssl_parse_ciphersuites(&s->internal->cipher_list_tls13, str)) {
1479 SSLerrorx(SSL_R_NO_CIPHER_MATCH);
1480 return (0);
1481 }
1482 if (!ssl_merge_cipherlists(ciphers, s->internal->cipher_list_tls13,
1483 &s->cipher_list))
1484 return 0;
1485
1486 return 1;
1487}
1488
1489char *
1490SSL_get_shared_ciphers(const SSL *s, char *buf, int len)
1491{
1492 STACK_OF(SSL_CIPHER) *client_ciphers, *server_ciphers;
1493 const SSL_CIPHER *cipher;
1494 size_t curlen = 0;
1495 char *end;
1496 int i;
1497
1498 if (!s->server || s->session == NULL || len < 2)
1499 return NULL;
1500
1501 if ((client_ciphers = s->session->ciphers) == NULL)
1502 return NULL;
1503 if ((server_ciphers = SSL_get_ciphers(s)) == NULL)
1504 return NULL;
1505 if (sk_SSL_CIPHER_num(client_ciphers) == 0 ||
1506 sk_SSL_CIPHER_num(server_ciphers) == 0)
1507 return NULL;
1508
1509 buf[0] = '\0';
1510 for (i = 0; i < sk_SSL_CIPHER_num(client_ciphers); i++) {
1511 cipher = sk_SSL_CIPHER_value(client_ciphers, i);
1512
1513 if (sk_SSL_CIPHER_find(server_ciphers, cipher) < 0)
1514 continue;
1515
1516 end = buf + curlen;
1517 if (strlcat(buf, cipher->name, len) >= len ||
1518 (curlen = strlcat(buf, ":", len)) >= len) {
1519 /* remove truncated cipher from list */
1520 *end = '\0';
1521 break;
1522 }
1523 }
1524 /* remove trailing colon */
1525 if ((end = strrchr(buf, ':')) != NULL)
1526 *end = '\0';
1527 return buf;
1528}
1529
1530/*
1531 * Return a servername extension value if provided in Client Hello, or NULL.
1532 * So far, only host_name types are defined (RFC 3546).
1533 */
1534const char *
1535SSL_get_servername(const SSL *s, const int type)
1536{
1537 if (type != TLSEXT_NAMETYPE_host_name)
1538 return (NULL);
1539
1540 return (s->session && !s->tlsext_hostname ?
1541 s->session->tlsext_hostname :
1542 s->tlsext_hostname);
1543}
1544
1545int
1546SSL_get_servername_type(const SSL *s)
1547{
1548 if (s->session &&
1549 (!s->tlsext_hostname ?
1550 s->session->tlsext_hostname : s->tlsext_hostname))
1551 return (TLSEXT_NAMETYPE_host_name);
1552 return (-1);
1553}
1554
1555/*
1556 * SSL_select_next_proto implements standard protocol selection. It is
1557 * expected that this function is called from the callback set by
1558 * SSL_CTX_set_alpn_select_cb.
1559 *
1560 * The protocol data is assumed to be a vector of 8-bit, length prefixed byte
1561 * strings. The length byte itself is not included in the length. A byte
1562 * string of length 0 is invalid. No byte string may be truncated.
1563 *
1564 * It returns either:
1565 * OPENSSL_NPN_NEGOTIATED if a common protocol was found, or
1566 * OPENSSL_NPN_NO_OVERLAP if the fallback case was reached.
1567 */
1568int
1569SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
1570 const unsigned char *server, unsigned int server_len,
1571 const unsigned char *client, unsigned int client_len)
1572{
1573 unsigned int i, j;
1574 const unsigned char *result;
1575 int status = OPENSSL_NPN_UNSUPPORTED;
1576
1577 /*
1578 * For each protocol in server preference order,
1579 * see if we support it.
1580 */
1581 for (i = 0; i < server_len; ) {
1582 for (j = 0; j < client_len; ) {
1583 if (server[i] == client[j] &&
1584 memcmp(&server[i + 1],
1585 &client[j + 1], server[i]) == 0) {
1586 /* We found a match */
1587 result = &server[i];
1588 status = OPENSSL_NPN_NEGOTIATED;
1589 goto found;
1590 }
1591 j += client[j];
1592 j++;
1593 }
1594 i += server[i];
1595 i++;
1596 }
1597
1598 /* There's no overlap between our protocols and the server's list. */
1599 result = client;
1600 status = OPENSSL_NPN_NO_OVERLAP;
1601
1602 found:
1603 *out = (unsigned char *) result + 1;
1604 *outlen = result[0];
1605 return (status);
1606}
1607
1608/* SSL_get0_next_proto_negotiated is deprecated. */
1609void
1610SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data,
1611 unsigned int *len)
1612{
1613 *data = NULL;
1614 *len = 0;
1615}
1616
1617/* SSL_CTX_set_next_protos_advertised_cb is deprecated. */
1618void
1619SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *ctx, int (*cb) (SSL *ssl,
1620 const unsigned char **out, unsigned int *outlen, void *arg), void *arg)
1621{
1622}
1623
1624/* SSL_CTX_set_next_proto_select_cb is deprecated. */
1625void
1626SSL_CTX_set_next_proto_select_cb(SSL_CTX *ctx, int (*cb) (SSL *s,
1627 unsigned char **out, unsigned char *outlen, const unsigned char *in,
1628 unsigned int inlen, void *arg), void *arg)
1629{
1630}
1631
1632/*
1633 * SSL_CTX_set_alpn_protos sets the ALPN protocol list to the specified
1634 * protocols, which must be in wire-format (i.e. a series of non-empty,
1635 * 8-bit length-prefixed strings). Returns 0 on success.
1636 */
1637int
1638SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos,
1639 unsigned int protos_len)
1640{
1641 int failed = 1;
1642
1643 if (protos == NULL || protos_len == 0)
1644 goto err;
1645
1646 free(ctx->internal->alpn_client_proto_list);
1647 ctx->internal->alpn_client_proto_list = NULL;
1648 ctx->internal->alpn_client_proto_list_len = 0;
1649
1650 if ((ctx->internal->alpn_client_proto_list = malloc(protos_len))
1651 == NULL)
1652 goto err;
1653 ctx->internal->alpn_client_proto_list_len = protos_len;
1654
1655 memcpy(ctx->internal->alpn_client_proto_list, protos, protos_len);
1656
1657 failed = 0;
1658
1659 err:
1660 /* NOTE: Return values are the reverse of what you expect. */
1661 return (failed);
1662}
1663
1664/*
1665 * SSL_set_alpn_protos sets the ALPN protocol list to the specified
1666 * protocols, which must be in wire-format (i.e. a series of non-empty,
1667 * 8-bit length-prefixed strings). Returns 0 on success.
1668 */
1669int
1670SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos,
1671 unsigned int protos_len)
1672{
1673 int failed = 1;
1674
1675 if (protos == NULL || protos_len == 0)
1676 goto err;
1677
1678 free(ssl->internal->alpn_client_proto_list);
1679 ssl->internal->alpn_client_proto_list = NULL;
1680 ssl->internal->alpn_client_proto_list_len = 0;
1681
1682 if ((ssl->internal->alpn_client_proto_list = malloc(protos_len))
1683 == NULL)
1684 goto err;
1685 ssl->internal->alpn_client_proto_list_len = protos_len;
1686
1687 memcpy(ssl->internal->alpn_client_proto_list, protos, protos_len);
1688
1689 failed = 0;
1690
1691 err:
1692 /* NOTE: Return values are the reverse of what you expect. */
1693 return (failed);
1694}
1695
1696/*
1697 * SSL_CTX_set_alpn_select_cb sets a callback function that is called during
1698 * ClientHello processing in order to select an ALPN protocol from the
1699 * client's list of offered protocols.
1700 */
1701void
1702SSL_CTX_set_alpn_select_cb(SSL_CTX* ctx,
1703 int (*cb) (SSL *ssl, const unsigned char **out, unsigned char *outlen,
1704 const unsigned char *in, unsigned int inlen, void *arg), void *arg)
1705{
1706 ctx->internal->alpn_select_cb = cb;
1707 ctx->internal->alpn_select_cb_arg = arg;
1708}
1709
1710/*
1711 * SSL_get0_alpn_selected gets the selected ALPN protocol (if any). On return
1712 * it sets data to point to len bytes of protocol name (not including the
1713 * leading length-prefix byte). If the server didn't respond with* a negotiated
1714 * protocol then len will be zero.
1715 */
1716void
1717SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
1718 unsigned int *len)
1719{
1720 *data = ssl->s3->internal->alpn_selected;
1721 *len = ssl->s3->internal->alpn_selected_len;
1722}
1723
1724int
1725SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
1726 const char *label, size_t llen, const unsigned char *p, size_t plen,
1727 int use_context)
1728{
1729 if (s->internal->tls13 != NULL && s->version == TLS1_3_VERSION) {
1730 if (!use_context) {
1731 p = NULL;
1732 plen = 0;
1733 }
1734 return tls13_exporter(s->internal->tls13, label, llen, p, plen,
1735 out, olen);
1736 }
1737
1738 return (tls1_export_keying_material(s, out, olen, label, llen, p, plen,
1739 use_context));
1740}
1741
1742static unsigned long
1743ssl_session_hash(const SSL_SESSION *a)
1744{
1745 unsigned long l;
1746
1747 l = (unsigned long)
1748 ((unsigned int) a->session_id[0] )|
1749 ((unsigned int) a->session_id[1]<< 8L)|
1750 ((unsigned long)a->session_id[2]<<16L)|
1751 ((unsigned long)a->session_id[3]<<24L);
1752 return (l);
1753}
1754
1755/*
1756 * NB: If this function (or indeed the hash function which uses a sort of
1757 * coarser function than this one) is changed, ensure
1758 * SSL_CTX_has_matching_session_id() is checked accordingly. It relies on being
1759 * able to construct an SSL_SESSION that will collide with any existing session
1760 * with a matching session ID.
1761 */
1762static int
1763ssl_session_cmp(const SSL_SESSION *a, const SSL_SESSION *b)
1764{
1765 if (a->ssl_version != b->ssl_version)
1766 return (1);
1767 if (a->session_id_length != b->session_id_length)
1768 return (1);
1769 if (timingsafe_memcmp(a->session_id, b->session_id, a->session_id_length) != 0)
1770 return (1);
1771 return (0);
1772}
1773
1774/*
1775 * These wrapper functions should remain rather than redeclaring
1776 * SSL_SESSION_hash and SSL_SESSION_cmp for void* types and casting each
1777 * variable. The reason is that the functions aren't static, they're exposed via
1778 * ssl.h.
1779 */
1780static unsigned long
1781ssl_session_LHASH_HASH(const void *arg)
1782{
1783 const SSL_SESSION *a = arg;
1784
1785 return ssl_session_hash(a);
1786}
1787
1788static int
1789ssl_session_LHASH_COMP(const void *arg1, const void *arg2)
1790{
1791 const SSL_SESSION *a = arg1;
1792 const SSL_SESSION *b = arg2;
1793
1794 return ssl_session_cmp(a, b);
1795}
1796
1797SSL_CTX *
1798SSL_CTX_new(const SSL_METHOD *meth)
1799{
1800 SSL_CTX *ret;
1801
1802 if (!OPENSSL_init_ssl(0, NULL)) {
1803 SSLerrorx(SSL_R_LIBRARY_BUG);
1804 return (NULL);
1805 }
1806
1807 if (meth == NULL) {
1808 SSLerrorx(SSL_R_NULL_SSL_METHOD_PASSED);
1809 return (NULL);
1810 }
1811
1812 if ((ret = calloc(1, sizeof(*ret))) == NULL) {
1813 SSLerrorx(ERR_R_MALLOC_FAILURE);
1814 return (NULL);
1815 }
1816 if ((ret->internal = calloc(1, sizeof(*ret->internal))) == NULL) {
1817 free(ret);
1818 SSLerrorx(ERR_R_MALLOC_FAILURE);
1819 return (NULL);
1820 }
1821
1822 if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0) {
1823 SSLerrorx(SSL_R_X509_VERIFICATION_SETUP_PROBLEMS);
1824 goto err;
1825 }
1826
1827 ret->method = meth;
1828 ret->internal->min_tls_version = meth->min_tls_version;
1829 ret->internal->max_tls_version = meth->max_tls_version;
1830 ret->internal->min_proto_version = 0;
1831 ret->internal->max_proto_version = 0;
1832 ret->internal->mode = SSL_MODE_AUTO_RETRY;
1833
1834 ret->cert_store = NULL;
1835 ret->internal->session_cache_mode = SSL_SESS_CACHE_SERVER;
1836 ret->internal->session_cache_size = SSL_SESSION_CACHE_MAX_SIZE_DEFAULT;
1837 ret->internal->session_cache_head = NULL;
1838 ret->internal->session_cache_tail = NULL;
1839
1840 /* We take the system default */
1841 ret->session_timeout = ssl_get_default_timeout();
1842
1843 ret->internal->new_session_cb = 0;
1844 ret->internal->remove_session_cb = 0;
1845 ret->internal->get_session_cb = 0;
1846 ret->internal->generate_session_id = 0;
1847
1848 memset((char *)&ret->internal->stats, 0, sizeof(ret->internal->stats));
1849
1850 ret->references = 1;
1851 ret->internal->quiet_shutdown = 0;
1852
1853 ret->internal->info_callback = NULL;
1854
1855 ret->internal->app_verify_callback = 0;
1856 ret->internal->app_verify_arg = NULL;
1857
1858 ret->internal->max_cert_list = SSL_MAX_CERT_LIST_DEFAULT;
1859 ret->internal->read_ahead = 0;
1860 ret->internal->msg_callback = 0;
1861 ret->internal->msg_callback_arg = NULL;
1862 ret->verify_mode = SSL_VERIFY_NONE;
1863 ret->sid_ctx_length = 0;
1864 ret->internal->default_verify_callback = NULL;
1865
1866 if ((ret->internal->cert = ssl_cert_new()) == NULL)
1867 goto err;
1868
1869 ret->default_passwd_callback = 0;
1870 ret->default_passwd_callback_userdata = NULL;
1871 ret->internal->client_cert_cb = 0;
1872 ret->internal->app_gen_cookie_cb = 0;
1873 ret->internal->app_verify_cookie_cb = 0;
1874
1875 ret->internal->sessions = lh_SSL_SESSION_new();
1876 if (ret->internal->sessions == NULL)
1877 goto err;
1878 ret->cert_store = X509_STORE_new();
1879 if (ret->cert_store == NULL)
1880 goto err;
1881
1882 ssl_create_cipher_list(ret->method, &ret->cipher_list,
1883 NULL, SSL_DEFAULT_CIPHER_LIST);
1884 if (ret->cipher_list == NULL ||
1885 sk_SSL_CIPHER_num(ret->cipher_list) <= 0) {
1886 SSLerrorx(SSL_R_LIBRARY_HAS_NO_CIPHERS);
1887 goto err2;
1888 }
1889
1890 ret->param = X509_VERIFY_PARAM_new();
1891 if (!ret->param)
1892 goto err;
1893
1894 if ((ret->internal->client_CA = sk_X509_NAME_new_null()) == NULL)
1895 goto err;
1896
1897 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ret, &ret->internal->ex_data);
1898
1899 ret->extra_certs = NULL;
1900
1901 ret->internal->max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH;
1902
1903 ret->internal->tlsext_servername_callback = 0;
1904 ret->internal->tlsext_servername_arg = NULL;
1905
1906 /* Setup RFC4507 ticket keys */
1907 arc4random_buf(ret->internal->tlsext_tick_key_name, 16);
1908 arc4random_buf(ret->internal->tlsext_tick_hmac_key, 16);
1909 arc4random_buf(ret->internal->tlsext_tick_aes_key, 16);
1910
1911 ret->internal->tlsext_status_cb = 0;
1912 ret->internal->tlsext_status_arg = NULL;
1913
1914#ifndef OPENSSL_NO_ENGINE
1915 ret->internal->client_cert_engine = NULL;
1916#ifdef OPENSSL_SSL_CLIENT_ENGINE_AUTO
1917#define eng_strx(x) #x
1918#define eng_str(x) eng_strx(x)
1919 /* Use specific client engine automatically... ignore errors */
1920 {
1921 ENGINE *eng;
1922 eng = ENGINE_by_id(eng_str(OPENSSL_SSL_CLIENT_ENGINE_AUTO));
1923 if (!eng) {
1924 ERR_clear_error();
1925 ENGINE_load_builtin_engines();
1926 eng = ENGINE_by_id(eng_str(
1927 OPENSSL_SSL_CLIENT_ENGINE_AUTO));
1928 }
1929 if (!eng || !SSL_CTX_set_client_cert_engine(ret, eng))
1930 ERR_clear_error();
1931 }
1932#endif
1933#endif
1934 /*
1935 * Default is to connect to non-RI servers. When RI is more widely
1936 * deployed might change this.
1937 */
1938 ret->internal->options |= SSL_OP_LEGACY_SERVER_CONNECT;
1939
1940 return (ret);
1941 err:
1942 SSLerrorx(ERR_R_MALLOC_FAILURE);
1943 err2:
1944 SSL_CTX_free(ret);
1945 return (NULL);
1946}
1947
1948void
1949SSL_CTX_free(SSL_CTX *ctx)
1950{
1951 int i;
1952
1953 if (ctx == NULL)
1954 return;
1955
1956 i = CRYPTO_add(&ctx->references, -1, CRYPTO_LOCK_SSL_CTX);
1957 if (i > 0)
1958 return;
1959
1960 X509_VERIFY_PARAM_free(ctx->param);
1961
1962 /*
1963 * Free internal session cache. However: the remove_cb() may reference
1964 * the ex_data of SSL_CTX, thus the ex_data store can only be removed
1965 * after the sessions were flushed.
1966 * As the ex_data handling routines might also touch the session cache,
1967 * the most secure solution seems to be: empty (flush) the cache, then
1968 * free ex_data, then finally free the cache.
1969 * (See ticket [openssl.org #212].)
1970 */
1971 if (ctx->internal->sessions != NULL)
1972 SSL_CTX_flush_sessions(ctx, 0);
1973
1974 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ctx, &ctx->internal->ex_data);
1975
1976 lh_SSL_SESSION_free(ctx->internal->sessions);
1977
1978 X509_STORE_free(ctx->cert_store);
1979 sk_SSL_CIPHER_free(ctx->cipher_list);
1980 sk_SSL_CIPHER_free(ctx->internal->cipher_list_tls13);
1981 ssl_cert_free(ctx->internal->cert);
1982 sk_X509_NAME_pop_free(ctx->internal->client_CA, X509_NAME_free);
1983 sk_X509_pop_free(ctx->extra_certs, X509_free);
1984
1985#ifndef OPENSSL_NO_SRTP
1986 if (ctx->internal->srtp_profiles)
1987 sk_SRTP_PROTECTION_PROFILE_free(ctx->internal->srtp_profiles);
1988#endif
1989
1990#ifndef OPENSSL_NO_ENGINE
1991 ENGINE_finish(ctx->internal->client_cert_engine);
1992#endif
1993
1994 free(ctx->internal->tlsext_ecpointformatlist);
1995 free(ctx->internal->tlsext_supportedgroups);
1996
1997 free(ctx->internal->alpn_client_proto_list);
1998
1999 free(ctx->internal);
2000 free(ctx);
2001}
2002
2003int
2004SSL_CTX_up_ref(SSL_CTX *ctx)
2005{
2006 int refs = CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
2007 return ((refs > 1) ? 1 : 0);
2008}
2009
2010pem_password_cb *
2011SSL_CTX_get_default_passwd_cb(SSL_CTX *ctx)
2012{
2013 return (ctx->default_passwd_callback);
2014}
2015
2016void
2017SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb)
2018{
2019 ctx->default_passwd_callback = cb;
2020}
2021
2022void *
2023SSL_CTX_get_default_passwd_cb_userdata(SSL_CTX *ctx)
2024{
2025 return ctx->default_passwd_callback_userdata;
2026}
2027
2028void
2029SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u)
2030{
2031 ctx->default_passwd_callback_userdata = u;
2032}
2033
2034void
2035SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx,
2036 int (*cb)(X509_STORE_CTX *, void *), void *arg)
2037{
2038 ctx->internal->app_verify_callback = cb;
2039 ctx->internal->app_verify_arg = arg;
2040}
2041
2042void
2043SSL_CTX_set_verify(SSL_CTX *ctx, int mode, int (*cb)(int, X509_STORE_CTX *))
2044{
2045 ctx->verify_mode = mode;
2046 ctx->internal->default_verify_callback = cb;
2047}
2048
2049void
2050SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth)
2051{
2052 X509_VERIFY_PARAM_set_depth(ctx->param, depth);
2053}
2054
2055static int
2056ssl_cert_can_sign(X509 *x)
2057{
2058 /* This call populates extension flags (ex_flags). */
2059 X509_check_purpose(x, -1, 0);
2060
2061 /* Key usage, if present, must allow signing. */
2062 return ((x->ex_flags & EXFLAG_KUSAGE) == 0 ||
2063 (x->ex_kusage & X509v3_KU_DIGITAL_SIGNATURE));
2064}
2065
2066void
2067ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
2068{
2069 unsigned long mask_a, mask_k;
2070 CERT_PKEY *cpk;
2071
2072 if (c == NULL)
2073 return;
2074
2075 mask_a = SSL_aNULL | SSL_aTLS1_3;
2076 mask_k = SSL_kECDHE | SSL_kTLS1_3;
2077
2078 if (c->dh_tmp != NULL || c->dh_tmp_cb != NULL || c->dh_tmp_auto != 0)
2079 mask_k |= SSL_kDHE;
2080
2081 cpk = &(c->pkeys[SSL_PKEY_ECC]);
2082 if (cpk->x509 != NULL && cpk->privatekey != NULL) {
2083 if (ssl_cert_can_sign(cpk->x509))
2084 mask_a |= SSL_aECDSA;
2085 }
2086
2087 cpk = &(c->pkeys[SSL_PKEY_GOST01]);
2088 if (cpk->x509 != NULL && cpk->privatekey != NULL) {
2089 mask_k |= SSL_kGOST;
2090 mask_a |= SSL_aGOST01;
2091 }
2092
2093 cpk = &(c->pkeys[SSL_PKEY_RSA]);
2094 if (cpk->x509 != NULL && cpk->privatekey != NULL) {
2095 mask_a |= SSL_aRSA;
2096 mask_k |= SSL_kRSA;
2097 }
2098
2099 c->mask_k = mask_k;
2100 c->mask_a = mask_a;
2101 c->valid = 1;
2102}
2103
2104/* See if this handshake is using an ECC cipher suite. */
2105int
2106ssl_using_ecc_cipher(SSL *s)
2107{
2108 unsigned long alg_a, alg_k;
2109
2110 alg_a = S3I(s)->hs.cipher->algorithm_auth;
2111 alg_k = S3I(s)->hs.cipher->algorithm_mkey;
2112
2113 return SSI(s)->tlsext_ecpointformatlist != NULL &&
2114 SSI(s)->tlsext_ecpointformatlist_length > 0 &&
2115 ((alg_k & SSL_kECDHE) || (alg_a & SSL_aECDSA));
2116}
2117
2118int
2119ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
2120{
2121 const SSL_CIPHER *cs = S3I(s)->hs.cipher;
2122 unsigned long alg_a;
2123
2124 alg_a = cs->algorithm_auth;
2125
2126 if (alg_a & SSL_aECDSA) {
2127 /* This call populates extension flags (ex_flags). */
2128 X509_check_purpose(x, -1, 0);
2129
2130 /* Key usage, if present, must allow signing. */
2131 if ((x->ex_flags & EXFLAG_KUSAGE) &&
2132 ((x->ex_kusage & X509v3_KU_DIGITAL_SIGNATURE) == 0)) {
2133 SSLerror(s, SSL_R_ECC_CERT_NOT_FOR_SIGNING);
2134 return (0);
2135 }
2136 }
2137
2138 return (1);
2139}
2140
2141CERT_PKEY *
2142ssl_get_server_send_pkey(const SSL *s)
2143{
2144 unsigned long alg_a;
2145 CERT *c;
2146 int i;
2147
2148 c = s->cert;
2149 ssl_set_cert_masks(c, S3I(s)->hs.cipher);
2150
2151 alg_a = S3I(s)->hs.cipher->algorithm_auth;
2152
2153 if (alg_a & SSL_aECDSA) {
2154 i = SSL_PKEY_ECC;
2155 } else if (alg_a & SSL_aRSA) {
2156 i = SSL_PKEY_RSA;
2157 } else if (alg_a & SSL_aGOST01) {
2158 i = SSL_PKEY_GOST01;
2159 } else { /* if (alg_a & SSL_aNULL) */
2160 SSLerror(s, ERR_R_INTERNAL_ERROR);
2161 return (NULL);
2162 }
2163
2164 return (c->pkeys + i);
2165}
2166
2167EVP_PKEY *
2168ssl_get_sign_pkey(SSL *s, const SSL_CIPHER *cipher, const EVP_MD **pmd,
2169 const struct ssl_sigalg **sap)
2170{
2171 const struct ssl_sigalg *sigalg = NULL;
2172 EVP_PKEY *pkey = NULL;
2173 unsigned long alg_a;
2174 CERT *c;
2175 int idx = -1;
2176
2177 alg_a = cipher->algorithm_auth;
2178 c = s->cert;
2179
2180 if (alg_a & SSL_aRSA) {
2181 idx = SSL_PKEY_RSA;
2182 } else if ((alg_a & SSL_aECDSA) &&
2183 (c->pkeys[SSL_PKEY_ECC].privatekey != NULL))
2184 idx = SSL_PKEY_ECC;
2185 if (idx == -1) {
2186 SSLerror(s, ERR_R_INTERNAL_ERROR);
2187 return (NULL);
2188 }
2189
2190 pkey = c->pkeys[idx].privatekey;
2191 if ((sigalg = ssl_sigalg_select(s, pkey)) == NULL) {
2192 SSLerror(s, SSL_R_SIGNATURE_ALGORITHMS_ERROR);
2193 return (NULL);
2194 }
2195 *pmd = sigalg->md();
2196 *sap = sigalg;
2197
2198 return (pkey);
2199}
2200
2201DH *
2202ssl_get_auto_dh(SSL *s)
2203{
2204 CERT_PKEY *cpk;
2205 int keylen;
2206 DH *dhp;
2207
2208 if (s->cert->dh_tmp_auto == 2) {
2209 keylen = 1024;
2210 } else if (S3I(s)->hs.cipher->algorithm_auth & SSL_aNULL) {
2211 keylen = 1024;
2212 if (S3I(s)->hs.cipher->strength_bits == 256)
2213 keylen = 3072;
2214 } else {
2215 if ((cpk = ssl_get_server_send_pkey(s)) == NULL)
2216 return (NULL);
2217 if (cpk->privatekey == NULL || cpk->privatekey->pkey.dh == NULL)
2218 return (NULL);
2219 keylen = EVP_PKEY_bits(cpk->privatekey);
2220 }
2221
2222 if ((dhp = DH_new()) == NULL)
2223 return (NULL);
2224
2225 dhp->g = BN_new();
2226 if (dhp->g != NULL)
2227 BN_set_word(dhp->g, 2);
2228
2229 if (keylen >= 8192)
2230 dhp->p = get_rfc3526_prime_8192(NULL);
2231 else if (keylen >= 4096)
2232 dhp->p = get_rfc3526_prime_4096(NULL);
2233 else if (keylen >= 3072)
2234 dhp->p = get_rfc3526_prime_3072(NULL);
2235 else if (keylen >= 2048)
2236 dhp->p = get_rfc3526_prime_2048(NULL);
2237 else if (keylen >= 1536)
2238 dhp->p = get_rfc3526_prime_1536(NULL);
2239 else
2240 dhp->p = get_rfc2409_prime_1024(NULL);
2241
2242 if (dhp->p == NULL || dhp->g == NULL) {
2243 DH_free(dhp);
2244 return (NULL);
2245 }
2246 return (dhp);
2247}
2248
2249void
2250ssl_update_cache(SSL *s, int mode)
2251{
2252 int i;
2253
2254 /*
2255 * If the session_id_length is 0, we are not supposed to cache it,
2256 * and it would be rather hard to do anyway :-)
2257 */
2258 if (s->session->session_id_length == 0)
2259 return;
2260
2261 i = s->session_ctx->internal->session_cache_mode;
2262 if ((i & mode) && (!s->internal->hit) && ((i & SSL_SESS_CACHE_NO_INTERNAL_STORE)
2263 || SSL_CTX_add_session(s->session_ctx, s->session))
2264 && (s->session_ctx->internal->new_session_cb != NULL)) {
2265 CRYPTO_add(&s->session->references, 1, CRYPTO_LOCK_SSL_SESSION);
2266 if (!s->session_ctx->internal->new_session_cb(s, s->session))
2267 SSL_SESSION_free(s->session);
2268 }
2269
2270 /* auto flush every 255 connections */
2271 if ((!(i & SSL_SESS_CACHE_NO_AUTO_CLEAR)) &&
2272 ((i & mode) == mode)) {
2273 if ((((mode & SSL_SESS_CACHE_CLIENT) ?
2274 s->session_ctx->internal->stats.sess_connect_good :
2275 s->session_ctx->internal->stats.sess_accept_good) & 0xff) == 0xff) {
2276 SSL_CTX_flush_sessions(s->session_ctx, time(NULL));
2277 }
2278 }
2279}
2280
2281const SSL_METHOD *
2282SSL_get_ssl_method(SSL *s)
2283{
2284 return (s->method);
2285}
2286
2287int
2288SSL_set_ssl_method(SSL *s, const SSL_METHOD *method)
2289{
2290 int (*handshake_func)(SSL *) = NULL;
2291 int ret = 1;
2292
2293 if (s->method == method)
2294 return (ret);
2295
2296 if (s->internal->handshake_func == s->method->ssl_connect)
2297 handshake_func = method->ssl_connect;
2298 else if (s->internal->handshake_func == s->method->ssl_accept)
2299 handshake_func = method->ssl_accept;
2300
2301 if (s->method->version == method->version) {
2302 s->method = method;
2303 } else {
2304 s->method->ssl_free(s);
2305 s->method = method;
2306 ret = s->method->ssl_new(s);
2307 }
2308 s->internal->handshake_func = handshake_func;
2309
2310 return (ret);
2311}
2312
2313int
2314SSL_get_error(const SSL *s, int i)
2315{
2316 int reason;
2317 unsigned long l;
2318 BIO *bio;
2319
2320 if (i > 0)
2321 return (SSL_ERROR_NONE);
2322
2323 /* Make things return SSL_ERROR_SYSCALL when doing SSL_do_handshake
2324 * etc, where we do encode the error */
2325 if ((l = ERR_peek_error()) != 0) {
2326 if (ERR_GET_LIB(l) == ERR_LIB_SYS)
2327 return (SSL_ERROR_SYSCALL);
2328 else
2329 return (SSL_ERROR_SSL);
2330 }
2331
2332 if ((i < 0) && SSL_want_read(s)) {
2333 bio = SSL_get_rbio(s);
2334 if (BIO_should_read(bio)) {
2335 return (SSL_ERROR_WANT_READ);
2336 } else if (BIO_should_write(bio)) {
2337 /*
2338 * This one doesn't make too much sense... We never
2339 * try to write to the rbio, and an application
2340 * program where rbio and wbio are separate couldn't
2341 * even know what it should wait for. However if we
2342 * ever set s->internal->rwstate incorrectly (so that we have
2343 * SSL_want_read(s) instead of SSL_want_write(s))
2344 * and rbio and wbio *are* the same, this test works
2345 * around that bug; so it might be safer to keep it.
2346 */
2347 return (SSL_ERROR_WANT_WRITE);
2348 } else if (BIO_should_io_special(bio)) {
2349 reason = BIO_get_retry_reason(bio);
2350 if (reason == BIO_RR_CONNECT)
2351 return (SSL_ERROR_WANT_CONNECT);
2352 else if (reason == BIO_RR_ACCEPT)
2353 return (SSL_ERROR_WANT_ACCEPT);
2354 else
2355 return (SSL_ERROR_SYSCALL); /* unknown */
2356 }
2357 }
2358
2359 if ((i < 0) && SSL_want_write(s)) {
2360 bio = SSL_get_wbio(s);
2361 if (BIO_should_write(bio)) {
2362 return (SSL_ERROR_WANT_WRITE);
2363 } else if (BIO_should_read(bio)) {
2364 /*
2365 * See above (SSL_want_read(s) with
2366 * BIO_should_write(bio))
2367 */
2368 return (SSL_ERROR_WANT_READ);
2369 } else if (BIO_should_io_special(bio)) {
2370 reason = BIO_get_retry_reason(bio);
2371 if (reason == BIO_RR_CONNECT)
2372 return (SSL_ERROR_WANT_CONNECT);
2373 else if (reason == BIO_RR_ACCEPT)
2374 return (SSL_ERROR_WANT_ACCEPT);
2375 else
2376 return (SSL_ERROR_SYSCALL);
2377 }
2378 }
2379 if ((i < 0) && SSL_want_x509_lookup(s)) {
2380 return (SSL_ERROR_WANT_X509_LOOKUP);
2381 }
2382
2383 if (i == 0) {
2384 if ((s->internal->shutdown & SSL_RECEIVED_SHUTDOWN) &&
2385 (S3I(s)->warn_alert == SSL_AD_CLOSE_NOTIFY))
2386 return (SSL_ERROR_ZERO_RETURN);
2387 }
2388 return (SSL_ERROR_SYSCALL);
2389}
2390
2391int
2392SSL_do_handshake(SSL *s)
2393{
2394 int ret = 1;
2395
2396 if (s->internal->handshake_func == NULL) {
2397 SSLerror(s, SSL_R_CONNECTION_TYPE_NOT_SET);
2398 return (-1);
2399 }
2400
2401 s->method->ssl_renegotiate_check(s);
2402
2403 if (SSL_in_init(s) || SSL_in_before(s)) {
2404 ret = s->internal->handshake_func(s);
2405 }
2406 return (ret);
2407}
2408
2409/*
2410 * For the next 2 functions, SSL_clear() sets shutdown and so
2411 * one of these calls will reset it
2412 */
2413void
2414SSL_set_accept_state(SSL *s)
2415{
2416 s->server = 1;
2417 s->internal->shutdown = 0;
2418 S3I(s)->hs.state = SSL_ST_ACCEPT|SSL_ST_BEFORE;
2419 s->internal->handshake_func = s->method->ssl_accept;
2420 ssl_clear_cipher_state(s);
2421}
2422
2423void
2424SSL_set_connect_state(SSL *s)
2425{
2426 s->server = 0;
2427 s->internal->shutdown = 0;
2428 S3I(s)->hs.state = SSL_ST_CONNECT|SSL_ST_BEFORE;
2429 s->internal->handshake_func = s->method->ssl_connect;
2430 ssl_clear_cipher_state(s);
2431}
2432
2433int
2434ssl_undefined_function(SSL *s)
2435{
2436 SSLerror(s, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2437 return (0);
2438}
2439
2440int
2441ssl_undefined_void_function(void)
2442{
2443 SSLerrorx(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2444 return (0);
2445}
2446
2447int
2448ssl_undefined_const_function(const SSL *s)
2449{
2450 SSLerror(s, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2451 return (0);
2452}
2453
2454const char *
2455ssl_version_string(int ver)
2456{
2457 switch (ver) {
2458 case TLS1_VERSION:
2459 return (SSL_TXT_TLSV1);
2460 case TLS1_1_VERSION:
2461 return (SSL_TXT_TLSV1_1);
2462 case TLS1_2_VERSION:
2463 return (SSL_TXT_TLSV1_2);
2464 case TLS1_3_VERSION:
2465 return (SSL_TXT_TLSV1_3);
2466 case DTLS1_VERSION:
2467 return (SSL_TXT_DTLS1);
2468 case DTLS1_2_VERSION:
2469 return (SSL_TXT_DTLS1_2);
2470 default:
2471 return ("unknown");
2472 }
2473}
2474
2475const char *
2476SSL_get_version(const SSL *s)
2477{
2478 return ssl_version_string(s->version);
2479}
2480
2481SSL *
2482SSL_dup(SSL *s)
2483{
2484 STACK_OF(X509_NAME) *sk;
2485 X509_NAME *xn;
2486 SSL *ret;
2487 int i;
2488
2489 if ((ret = SSL_new(SSL_get_SSL_CTX(s))) == NULL)
2490 goto err;
2491
2492 ret->version = s->version;
2493 ret->method = s->method;
2494
2495 if (s->session != NULL) {
2496 if (!SSL_copy_session_id(ret, s))
2497 goto err;
2498 } else {
2499 /*
2500 * No session has been established yet, so we have to expect
2501 * that s->cert or ret->cert will be changed later --
2502 * they should not both point to the same object,
2503 * and thus we can't use SSL_copy_session_id.
2504 */
2505
2506 ret->method->ssl_free(ret);
2507 ret->method = s->method;
2508 ret->method->ssl_new(ret);
2509
2510 ssl_cert_free(ret->cert);
2511 if ((ret->cert = ssl_cert_dup(s->cert)) == NULL)
2512 goto err;
2513
2514 if (!SSL_set_session_id_context(ret, s->sid_ctx,
2515 s->sid_ctx_length))
2516 goto err;
2517 }
2518
2519 ret->internal->options = s->internal->options;
2520 ret->internal->mode = s->internal->mode;
2521 SSL_set_max_cert_list(ret, SSL_get_max_cert_list(s));
2522 SSL_set_read_ahead(ret, SSL_get_read_ahead(s));
2523 ret->internal->msg_callback = s->internal->msg_callback;
2524 ret->internal->msg_callback_arg = s->internal->msg_callback_arg;
2525 SSL_set_verify(ret, SSL_get_verify_mode(s),
2526 SSL_get_verify_callback(s));
2527 SSL_set_verify_depth(ret, SSL_get_verify_depth(s));
2528 ret->internal->generate_session_id = s->internal->generate_session_id;
2529
2530 SSL_set_info_callback(ret, SSL_get_info_callback(s));
2531
2532 ret->internal->debug = s->internal->debug;
2533
2534 /* copy app data, a little dangerous perhaps */
2535 if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL,
2536 &ret->internal->ex_data, &s->internal->ex_data))
2537 goto err;
2538
2539 /* setup rbio, and wbio */
2540 if (s->rbio != NULL) {
2541 if (!BIO_dup_state(s->rbio,(char *)&ret->rbio))
2542 goto err;
2543 }
2544 if (s->wbio != NULL) {
2545 if (s->wbio != s->rbio) {
2546 if (!BIO_dup_state(s->wbio,(char *)&ret->wbio))
2547 goto err;
2548 } else
2549 ret->wbio = ret->rbio;
2550 }
2551 ret->internal->rwstate = s->internal->rwstate;
2552 ret->internal->in_handshake = s->internal->in_handshake;
2553 ret->internal->handshake_func = s->internal->handshake_func;
2554 ret->server = s->server;
2555 ret->internal->renegotiate = s->internal->renegotiate;
2556 ret->internal->new_session = s->internal->new_session;
2557 ret->internal->quiet_shutdown = s->internal->quiet_shutdown;
2558 ret->internal->shutdown = s->internal->shutdown;
2559 /* SSL_dup does not really work at any state, though */
2560 S3I(ret)->hs.state = S3I(s)->hs.state;
2561 ret->internal->rstate = s->internal->rstate;
2562
2563 /*
2564 * Would have to copy ret->init_buf, ret->init_msg, ret->init_num,
2565 * ret->init_off
2566 */
2567 ret->internal->init_num = 0;
2568
2569 ret->internal->hit = s->internal->hit;
2570
2571 X509_VERIFY_PARAM_inherit(ret->param, s->param);
2572
2573 if (s->cipher_list != NULL) {
2574 if ((ret->cipher_list =
2575 sk_SSL_CIPHER_dup(s->cipher_list)) == NULL)
2576 goto err;
2577 }
2578 if (s->internal->cipher_list_tls13 != NULL) {
2579 if ((ret->internal->cipher_list_tls13 =
2580 sk_SSL_CIPHER_dup(s->internal->cipher_list_tls13)) == NULL)
2581 goto err;
2582 }
2583
2584 /* Dup the client_CA list */
2585 if (s->internal->client_CA != NULL) {
2586 if ((sk = sk_X509_NAME_dup(s->internal->client_CA)) == NULL) goto err;
2587 ret->internal->client_CA = sk;
2588 for (i = 0; i < sk_X509_NAME_num(sk); i++) {
2589 xn = sk_X509_NAME_value(sk, i);
2590 if (sk_X509_NAME_set(sk, i,
2591 X509_NAME_dup(xn)) == NULL) {
2592 X509_NAME_free(xn);
2593 goto err;
2594 }
2595 }
2596 }
2597
2598 return ret;
2599 err:
2600 SSL_free(ret);
2601 return NULL;
2602}
2603
2604void
2605ssl_clear_cipher_state(SSL *s)
2606{
2607 ssl_clear_cipher_read_state(s);
2608 ssl_clear_cipher_write_state(s);
2609}
2610
2611void
2612ssl_clear_cipher_read_state(SSL *s)
2613{
2614 tls12_record_layer_clear_read_state(s->internal->rl);
2615 tls12_record_layer_read_cipher_hash(s->internal->rl,
2616 &s->enc_read_ctx, &s->read_hash);
2617}
2618
2619void
2620ssl_clear_cipher_write_state(SSL *s)
2621{
2622 tls12_record_layer_clear_write_state(s->internal->rl);
2623}
2624
2625/* Fix this function so that it takes an optional type parameter */
2626X509 *
2627SSL_get_certificate(const SSL *s)
2628{
2629 return (s->cert->key->x509);
2630}
2631
2632/* Fix this function so that it takes an optional type parameter */
2633EVP_PKEY *
2634SSL_get_privatekey(const SSL *s)
2635{
2636 return (s->cert->key->privatekey);
2637}
2638
2639const SSL_CIPHER *
2640SSL_get_current_cipher(const SSL *s)
2641{
2642 if ((s->session != NULL) && (s->session->cipher != NULL))
2643 return (s->session->cipher);
2644 return (NULL);
2645}
2646const void *
2647SSL_get_current_compression(SSL *s)
2648{
2649 return (NULL);
2650}
2651
2652const void *
2653SSL_get_current_expansion(SSL *s)
2654{
2655 return (NULL);
2656}
2657
2658size_t
2659SSL_get_client_random(const SSL *s, unsigned char *out, size_t max_out)
2660{
2661 size_t len = sizeof(s->s3->client_random);
2662
2663 if (out == NULL)
2664 return len;
2665
2666 if (len > max_out)
2667 len = max_out;
2668
2669 memcpy(out, s->s3->client_random, len);
2670
2671 return len;
2672}
2673
2674size_t
2675SSL_get_server_random(const SSL *s, unsigned char *out, size_t max_out)
2676{
2677 size_t len = sizeof(s->s3->server_random);
2678
2679 if (out == NULL)
2680 return len;
2681
2682 if (len > max_out)
2683 len = max_out;
2684
2685 memcpy(out, s->s3->server_random, len);
2686
2687 return len;
2688}
2689
2690int
2691ssl_init_wbio_buffer(SSL *s, int push)
2692{
2693 BIO *bbio;
2694
2695 if (s->bbio == NULL) {
2696 bbio = BIO_new(BIO_f_buffer());
2697 if (bbio == NULL)
2698 return (0);
2699 s->bbio = bbio;
2700 } else {
2701 bbio = s->bbio;
2702 if (s->bbio == s->wbio)
2703 s->wbio = BIO_pop(s->wbio);
2704 }
2705 (void)BIO_reset(bbio);
2706/* if (!BIO_set_write_buffer_size(bbio,16*1024)) */
2707 if (!BIO_set_read_buffer_size(bbio, 1)) {
2708 SSLerror(s, ERR_R_BUF_LIB);
2709 return (0);
2710 }
2711 if (push) {
2712 if (s->wbio != bbio)
2713 s->wbio = BIO_push(bbio, s->wbio);
2714 } else {
2715 if (s->wbio == bbio)
2716 s->wbio = BIO_pop(bbio);
2717 }
2718 return (1);
2719}
2720
2721void
2722ssl_free_wbio_buffer(SSL *s)
2723{
2724 if (s == NULL)
2725 return;
2726
2727 if (s->bbio == NULL)
2728 return;
2729
2730 if (s->bbio == s->wbio) {
2731 /* remove buffering */
2732 s->wbio = BIO_pop(s->wbio);
2733 }
2734 BIO_free(s->bbio);
2735 s->bbio = NULL;
2736}
2737
2738void
2739SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode)
2740{
2741 ctx->internal->quiet_shutdown = mode;
2742}
2743
2744int
2745SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx)
2746{
2747 return (ctx->internal->quiet_shutdown);
2748}
2749
2750void
2751SSL_set_quiet_shutdown(SSL *s, int mode)
2752{
2753 s->internal->quiet_shutdown = mode;
2754}
2755
2756int
2757SSL_get_quiet_shutdown(const SSL *s)
2758{
2759 return (s->internal->quiet_shutdown);
2760}
2761
2762void
2763SSL_set_shutdown(SSL *s, int mode)
2764{
2765 s->internal->shutdown = mode;
2766}
2767
2768int
2769SSL_get_shutdown(const SSL *s)
2770{
2771 return (s->internal->shutdown);
2772}
2773
2774int
2775SSL_version(const SSL *s)
2776{
2777 return (s->version);
2778}
2779
2780SSL_CTX *
2781SSL_get_SSL_CTX(const SSL *ssl)
2782{
2783 return (ssl->ctx);
2784}
2785
2786SSL_CTX *
2787SSL_set_SSL_CTX(SSL *ssl, SSL_CTX* ctx)
2788{
2789 CERT *new_cert;
2790
2791 if (ctx == NULL)
2792 ctx = ssl->initial_ctx;
2793 if (ssl->ctx == ctx)
2794 return (ssl->ctx);
2795
2796 if ((new_cert = ssl_cert_dup(ctx->internal->cert)) == NULL)
2797 return NULL;
2798 ssl_cert_free(ssl->cert);
2799 ssl->cert = new_cert;
2800
2801 SSL_CTX_up_ref(ctx);
2802 SSL_CTX_free(ssl->ctx); /* decrement reference count */
2803 ssl->ctx = ctx;
2804
2805 return (ssl->ctx);
2806}
2807
2808int
2809SSL_CTX_set_default_verify_paths(SSL_CTX *ctx)
2810{
2811 return (X509_STORE_set_default_paths(ctx->cert_store));
2812}
2813
2814int
2815SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
2816 const char *CApath)
2817{
2818 return (X509_STORE_load_locations(ctx->cert_store, CAfile, CApath));
2819}
2820
2821int
2822SSL_CTX_load_verify_mem(SSL_CTX *ctx, void *buf, int len)
2823{
2824 return (X509_STORE_load_mem(ctx->cert_store, buf, len));
2825}
2826
2827void
2828SSL_set_info_callback(SSL *ssl, void (*cb)(const SSL *ssl, int type, int val))
2829{
2830 ssl->internal->info_callback = cb;
2831}
2832
2833void (*SSL_get_info_callback(const SSL *ssl))(const SSL *ssl, int type, int val)
2834{
2835 return (ssl->internal->info_callback);
2836}
2837
2838int
2839SSL_state(const SSL *ssl)
2840{
2841 return (S3I(ssl)->hs.state);
2842}
2843
2844void
2845SSL_set_state(SSL *ssl, int state)
2846{
2847 S3I(ssl)->hs.state = state;
2848}
2849
2850void
2851SSL_set_verify_result(SSL *ssl, long arg)
2852{
2853 ssl->verify_result = arg;
2854}
2855
2856long
2857SSL_get_verify_result(const SSL *ssl)
2858{
2859 return (ssl->verify_result);
2860}
2861
2862int
2863SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
2864 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
2865{
2866 return (CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL, argl, argp,
2867 new_func, dup_func, free_func));
2868}
2869
2870int
2871SSL_set_ex_data(SSL *s, int idx, void *arg)
2872{
2873 return (CRYPTO_set_ex_data(&s->internal->ex_data, idx, arg));
2874}
2875
2876void *
2877SSL_get_ex_data(const SSL *s, int idx)
2878{
2879 return (CRYPTO_get_ex_data(&s->internal->ex_data, idx));
2880}
2881
2882int
2883SSL_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
2884 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
2885{
2886 return (CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX, argl, argp,
2887 new_func, dup_func, free_func));
2888}
2889
2890int
2891SSL_CTX_set_ex_data(SSL_CTX *s, int idx, void *arg)
2892{
2893 return (CRYPTO_set_ex_data(&s->internal->ex_data, idx, arg));
2894}
2895
2896void *
2897SSL_CTX_get_ex_data(const SSL_CTX *s, int idx)
2898{
2899 return (CRYPTO_get_ex_data(&s->internal->ex_data, idx));
2900}
2901
2902int
2903ssl_ok(SSL *s)
2904{
2905 return (1);
2906}
2907
2908X509_STORE *
2909SSL_CTX_get_cert_store(const SSL_CTX *ctx)
2910{
2911 return (ctx->cert_store);
2912}
2913
2914void
2915SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *store)
2916{
2917 X509_STORE_free(ctx->cert_store);
2918 ctx->cert_store = store;
2919}
2920
2921X509 *
2922SSL_CTX_get0_certificate(const SSL_CTX *ctx)
2923{
2924 if (ctx->internal->cert == NULL)
2925 return NULL;
2926
2927 return ctx->internal->cert->key->x509;
2928}
2929
2930int
2931SSL_want(const SSL *s)
2932{
2933 return (s->internal->rwstate);
2934}
2935
2936void
2937SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx, RSA *(*cb)(SSL *ssl, int is_export,
2938 int keylength))
2939{
2940 SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_RSA_CB,(void (*)(void))cb);
2941}
2942
2943void
2944SSL_set_tmp_rsa_callback(SSL *ssl, RSA *(*cb)(SSL *ssl, int is_export,
2945 int keylength))
2946{
2947 SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_RSA_CB,(void (*)(void))cb);
2948}
2949
2950void
2951SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx, DH *(*dh)(SSL *ssl, int is_export,
2952 int keylength))
2953{
2954 SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_DH_CB,(void (*)(void))dh);
2955}
2956
2957void
2958SSL_set_tmp_dh_callback(SSL *ssl, DH *(*dh)(SSL *ssl, int is_export,
2959 int keylength))
2960{
2961 SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_DH_CB,(void (*)(void))dh);
2962}
2963
2964void
2965SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx, EC_KEY *(*ecdh)(SSL *ssl,
2966 int is_export, int keylength))
2967{
2968 SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_ECDH_CB,
2969 (void (*)(void))ecdh);
2970}
2971
2972void
2973SSL_set_tmp_ecdh_callback(SSL *ssl, EC_KEY *(*ecdh)(SSL *ssl, int is_export,
2974 int keylength))
2975{
2976 SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_ECDH_CB,(void (*)(void))ecdh);
2977}
2978
2979
2980void
2981SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int version,
2982 int content_type, const void *buf, size_t len, SSL *ssl, void *arg))
2983{
2984 SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_MSG_CALLBACK,
2985 (void (*)(void))cb);
2986}
2987
2988void
2989SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version,
2990 int content_type, const void *buf, size_t len, SSL *ssl, void *arg))
2991{
2992 SSL_callback_ctrl(ssl, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb);
2993}
2994
2995void
2996SSL_set_debug(SSL *s, int debug)
2997{
2998 s->internal->debug = debug;
2999}
3000
3001int
3002SSL_cache_hit(SSL *s)
3003{
3004 return (s->internal->hit);
3005}
3006
3007int
3008SSL_CTX_get_min_proto_version(SSL_CTX *ctx)
3009{
3010 return ctx->internal->min_proto_version;
3011}
3012
3013int
3014SSL_CTX_set_min_proto_version(SSL_CTX *ctx, uint16_t version)
3015{
3016 return ssl_version_set_min(ctx->method, version,
3017 ctx->internal->max_tls_version, &ctx->internal->min_tls_version,
3018 &ctx->internal->min_proto_version);
3019}
3020
3021int
3022SSL_CTX_get_max_proto_version(SSL_CTX *ctx)
3023{
3024 return ctx->internal->max_proto_version;
3025}
3026
3027int
3028SSL_CTX_set_max_proto_version(SSL_CTX *ctx, uint16_t version)
3029{
3030 return ssl_version_set_max(ctx->method, version,
3031 ctx->internal->min_tls_version, &ctx->internal->max_tls_version,
3032 &ctx->internal->max_proto_version);
3033}
3034
3035int
3036SSL_get_min_proto_version(SSL *ssl)
3037{
3038 return ssl->internal->min_proto_version;
3039}
3040
3041int
3042SSL_set_min_proto_version(SSL *ssl, uint16_t version)
3043{
3044 return ssl_version_set_min(ssl->method, version,
3045 ssl->internal->max_tls_version, &ssl->internal->min_tls_version,
3046 &ssl->internal->min_proto_version);
3047}
3048int
3049SSL_get_max_proto_version(SSL *ssl)
3050{
3051 return ssl->internal->max_proto_version;
3052}
3053
3054int
3055SSL_set_max_proto_version(SSL *ssl, uint16_t version)
3056{
3057 return ssl_version_set_max(ssl->method, version,
3058 ssl->internal->min_tls_version, &ssl->internal->max_tls_version,
3059 &ssl->internal->max_proto_version);
3060}
3061
3062const SSL_METHOD *
3063SSL_CTX_get_ssl_method(const SSL_CTX *ctx)
3064{
3065 return ctx->method;
3066}
3067
3068static int
3069ssl_cipher_id_cmp_BSEARCH_CMP_FN(const void *a_, const void *b_)
3070{
3071 SSL_CIPHER const *a = a_;
3072 SSL_CIPHER const *b = b_;
3073 return ssl_cipher_id_cmp(a, b);
3074}
3075
3076SSL_CIPHER *
3077OBJ_bsearch_ssl_cipher_id(SSL_CIPHER *key, SSL_CIPHER const *base, int num)
3078{
3079 return (SSL_CIPHER *)OBJ_bsearch_(key, base, num, sizeof(SSL_CIPHER),
3080 ssl_cipher_id_cmp_BSEARCH_CMP_FN);
3081}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2026-02-12 22:29:40 +0000