diff options
| author | jsing <> | 2017-08-09 16:47:18 +0000 |
|---|---|---|
| committer | jsing <> | 2017-08-09 16:47:18 +0000 |
| commit | 37e8b9de52f84a8098f11fd24456d2ff2e8c56f3 (patch) | |
| tree | a52150986179345a659419f19f7505c03ce685f5 /src/lib | |
| parent | 2e73556f60f82f8dd63b25cecc8a45638e40ae96 (diff) | |
| download | openbsd-37e8b9de52f84a8098f11fd24456d2ff2e8c56f3.tar.gz openbsd-37e8b9de52f84a8098f11fd24456d2ff2e8c56f3.tar.bz2 openbsd-37e8b9de52f84a8098f11fd24456d2ff2e8c56f3.zip | |
Split out the remaining SSL controls into individual functions.
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/libssl/s3_lib.c | 139 |
1 files changed, 93 insertions, 46 deletions
diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c index f9364a4e02..b9e2d8d97d 100644 --- a/src/lib/libssl/s3_lib.c +++ b/src/lib/libssl/s3_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_lib.c,v 1.149 2017/08/09 15:52:27 jsing Exp $ */ | 1 | /* $OpenBSD: s3_lib.c,v 1.150 2017/08/09 16:47:18 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -1874,6 +1874,86 @@ _SSL_set_ecdh_auto(SSL *s, int state) | |||
| 1874 | return 1; | 1874 | return 1; |
| 1875 | } | 1875 | } |
| 1876 | 1876 | ||
| 1877 | static int | ||
| 1878 | _SSL_set_tlsext_host_name(SSL *s, const char *name) | ||
| 1879 | { | ||
| 1880 | free(s->tlsext_hostname); | ||
| 1881 | s->tlsext_hostname = NULL; | ||
| 1882 | |||
| 1883 | if (name == NULL) | ||
| 1884 | return 1; | ||
| 1885 | |||
| 1886 | if (strlen(name) > TLSEXT_MAXLEN_host_name) { | ||
| 1887 | SSLerror(s, SSL_R_SSL3_EXT_INVALID_SERVERNAME); | ||
| 1888 | return 0; | ||
| 1889 | } | ||
| 1890 | |||
| 1891 | if ((s->tlsext_hostname = strdup(name)) == NULL) { | ||
| 1892 | SSLerror(s, ERR_R_INTERNAL_ERROR); | ||
| 1893 | return 0; | ||
| 1894 | } | ||
| 1895 | |||
| 1896 | return 1; | ||
| 1897 | } | ||
| 1898 | |||
| 1899 | static int | ||
| 1900 | _SSL_set_tlsext_debug_arg(SSL *s, void *arg) | ||
| 1901 | { | ||
| 1902 | s->internal->tlsext_debug_arg = arg; | ||
| 1903 | return 1; | ||
| 1904 | } | ||
| 1905 | |||
| 1906 | static int | ||
| 1907 | _SSL_set_tlsext_status_type(SSL *s, int type) | ||
| 1908 | { | ||
| 1909 | s->tlsext_status_type = type; | ||
| 1910 | return 1; | ||
| 1911 | } | ||
| 1912 | |||
| 1913 | static int | ||
| 1914 | _SSL_get_tlsext_status_exts(SSL *s, STACK_OF(X509_EXTENSION) **exts) | ||
| 1915 | { | ||
| 1916 | *exts = s->internal->tlsext_ocsp_exts; | ||
| 1917 | return 1; | ||
| 1918 | } | ||
| 1919 | |||
| 1920 | static int | ||
| 1921 | _SSL_set_tlsext_status_exts(SSL *s, STACK_OF(X509_EXTENSION) *exts) | ||
| 1922 | { | ||
| 1923 | s->internal->tlsext_ocsp_exts = exts; | ||
| 1924 | return 1; | ||
| 1925 | } | ||
| 1926 | |||
| 1927 | static int | ||
| 1928 | _SSL_get_tlsext_status_ids(SSL *s, STACK_OF(OCSP_RESPID) **ids) | ||
| 1929 | { | ||
| 1930 | *ids = s->internal->tlsext_ocsp_ids; | ||
| 1931 | return 1; | ||
| 1932 | } | ||
| 1933 | |||
| 1934 | static int | ||
| 1935 | _SSL_set_tlsext_status_ids(SSL *s, STACK_OF(OCSP_RESPID) *ids) | ||
| 1936 | { | ||
| 1937 | s->internal->tlsext_ocsp_ids = ids; | ||
| 1938 | return 1; | ||
| 1939 | } | ||
| 1940 | |||
| 1941 | static int | ||
| 1942 | _SSL_get_tlsext_status_ocsp_resp(SSL *s, unsigned char **resp) | ||
| 1943 | { | ||
| 1944 | *resp = s->internal->tlsext_ocsp_resp; | ||
| 1945 | return s->internal->tlsext_ocsp_resplen; | ||
| 1946 | } | ||
| 1947 | |||
| 1948 | static int | ||
| 1949 | _SSL_set_tlsext_status_ocsp_resp(SSL *s, unsigned char *resp, int resp_len) | ||
| 1950 | { | ||
| 1951 | free(s->internal->tlsext_ocsp_resp); | ||
| 1952 | s->internal->tlsext_ocsp_resp = resp; | ||
| 1953 | s->internal->tlsext_ocsp_resplen = resp_len; | ||
| 1954 | return 1; | ||
| 1955 | } | ||
| 1956 | |||
| 1877 | int | 1957 | int |
| 1878 | SSL_set1_groups(SSL *s, const int *groups, size_t groups_len) | 1958 | SSL_set1_groups(SSL *s, const int *groups, size_t groups_len) |
| 1879 | { | 1959 | { |
| @@ -1907,7 +1987,7 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) | |||
| 1907 | return _SSL_total_renegotiations(s); | 1987 | return _SSL_total_renegotiations(s); |
| 1908 | 1988 | ||
| 1909 | case SSL_CTRL_SET_TMP_DH: | 1989 | case SSL_CTRL_SET_TMP_DH: |
| 1910 | return _SSL_set_tmp_dh(s, (DH *)parg); | 1990 | return _SSL_set_tmp_dh(s, parg); |
| 1911 | 1991 | ||
| 1912 | case SSL_CTRL_SET_TMP_DH_CB: | 1992 | case SSL_CTRL_SET_TMP_DH_CB: |
| 1913 | SSLerror(s, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); | 1993 | SSLerror(s, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); |
| @@ -1917,7 +1997,7 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) | |||
| 1917 | return _SSL_set_dh_auto(s, larg); | 1997 | return _SSL_set_dh_auto(s, larg); |
| 1918 | 1998 | ||
| 1919 | case SSL_CTRL_SET_TMP_ECDH: | 1999 | case SSL_CTRL_SET_TMP_ECDH: |
| 1920 | return _SSL_set_tmp_ecdh(s, (EC_KEY *)parg); | 2000 | return _SSL_set_tmp_ecdh(s, parg); |
| 1921 | 2001 | ||
| 1922 | case SSL_CTRL_SET_TMP_ECDH_CB: | 2002 | case SSL_CTRL_SET_TMP_ECDH_CB: |
| 1923 | SSLerror(s, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); | 2003 | SSLerror(s, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); |
| @@ -1927,68 +2007,35 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) | |||
| 1927 | return _SSL_set_ecdh_auto(s, larg); | 2007 | return _SSL_set_ecdh_auto(s, larg); |
| 1928 | 2008 | ||
| 1929 | case SSL_CTRL_SET_TLSEXT_HOSTNAME: | 2009 | case SSL_CTRL_SET_TLSEXT_HOSTNAME: |
| 1930 | if (larg == TLSEXT_NAMETYPE_host_name) { | 2010 | if (larg != TLSEXT_NAMETYPE_host_name) { |
| 1931 | free(s->tlsext_hostname); | ||
| 1932 | s->tlsext_hostname = NULL; | ||
| 1933 | |||
| 1934 | ret = 1; | ||
| 1935 | if (parg == NULL) | ||
| 1936 | break; | ||
| 1937 | if (strlen((char *)parg) > TLSEXT_MAXLEN_host_name) { | ||
| 1938 | SSLerror(s, SSL_R_SSL3_EXT_INVALID_SERVERNAME); | ||
| 1939 | return 0; | ||
| 1940 | } | ||
| 1941 | if ((s->tlsext_hostname = strdup((char *)parg)) | ||
| 1942 | == NULL) { | ||
| 1943 | SSLerror(s, ERR_R_INTERNAL_ERROR); | ||
| 1944 | return 0; | ||
| 1945 | } | ||
| 1946 | } else { | ||
| 1947 | SSLerror(s, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE); | 2011 | SSLerror(s, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE); |
| 1948 | return 0; | 2012 | return 0; |
| 1949 | } | 2013 | } |
| 1950 | break; | 2014 | return _SSL_set_tlsext_host_name(s, parg); |
| 1951 | 2015 | ||
| 1952 | case SSL_CTRL_SET_TLSEXT_DEBUG_ARG: | 2016 | case SSL_CTRL_SET_TLSEXT_DEBUG_ARG: |
| 1953 | s->internal->tlsext_debug_arg = parg; | 2017 | return _SSL_set_tlsext_debug_arg(s, parg); |
| 1954 | ret = 1; | ||
| 1955 | break; | ||
| 1956 | 2018 | ||
| 1957 | case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE: | 2019 | case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE: |
| 1958 | s->tlsext_status_type = larg; | 2020 | return _SSL_set_tlsext_status_type(s, larg); |
| 1959 | ret = 1; | ||
| 1960 | break; | ||
| 1961 | 2021 | ||
| 1962 | case SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS: | 2022 | case SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS: |
| 1963 | *(STACK_OF(X509_EXTENSION) **)parg = s->internal->tlsext_ocsp_exts; | 2023 | return _SSL_get_tlsext_status_exts(s, parg); |
| 1964 | ret = 1; | ||
| 1965 | break; | ||
| 1966 | 2024 | ||
| 1967 | case SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS: | 2025 | case SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS: |
| 1968 | s->internal->tlsext_ocsp_exts = parg; | 2026 | return _SSL_set_tlsext_status_exts(s, parg); |
| 1969 | ret = 1; | ||
| 1970 | break; | ||
| 1971 | 2027 | ||
| 1972 | case SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS: | 2028 | case SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS: |
| 1973 | *(STACK_OF(OCSP_RESPID) **)parg = s->internal->tlsext_ocsp_ids; | 2029 | return _SSL_get_tlsext_status_ids(s, parg); |
| 1974 | ret = 1; | ||
| 1975 | break; | ||
| 1976 | 2030 | ||
| 1977 | case SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS: | 2031 | case SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS: |
| 1978 | s->internal->tlsext_ocsp_ids = parg; | 2032 | return _SSL_set_tlsext_status_ids(s, parg); |
| 1979 | ret = 1; | ||
| 1980 | break; | ||
| 1981 | 2033 | ||
| 1982 | case SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP: | 2034 | case SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP: |
| 1983 | *(unsigned char **)parg = s->internal->tlsext_ocsp_resp; | 2035 | return _SSL_get_tlsext_status_ocsp_resp(s, parg); |
| 1984 | return s->internal->tlsext_ocsp_resplen; | ||
| 1985 | 2036 | ||
| 1986 | case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP: | 2037 | case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP: |
| 1987 | free(s->internal->tlsext_ocsp_resp); | 2038 | return _SSL_set_tlsext_status_ocsp_resp(s, parg, larg); |
| 1988 | s->internal->tlsext_ocsp_resp = parg; | ||
| 1989 | s->internal->tlsext_ocsp_resplen = larg; | ||
| 1990 | ret = 1; | ||
| 1991 | break; | ||
| 1992 | 2039 | ||
| 1993 | case SSL_CTRL_SET_GROUPS: | 2040 | case SSL_CTRL_SET_GROUPS: |
| 1994 | return SSL_set1_groups(s, parg, larg); | 2041 | return SSL_set1_groups(s, parg, larg); |