diff options
| author | beck <> | 2021-10-23 15:30:44 +0000 |
|---|---|---|
| committer | beck <> | 2021-10-23 15:30:44 +0000 |
| commit | 6b1657056640ac293989fdefcc3bff240446339e (patch) | |
| tree | ae005e0b88cc9d4353aaae813c596ee3bccabf75 /src | |
| parent | 8a4205600da6d322fe39cf30885466efc776f5b8 (diff) | |
| download | openbsd-6b1657056640ac293989fdefcc3bff240446339e.tar.gz openbsd-6b1657056640ac293989fdefcc3bff240446339e.tar.bz2 openbsd-6b1657056640ac293989fdefcc3bff240446339e.zip | |
Add new OpenSSL api SSL_write_ex, SSL_read_ex and SSL_peek_ex
As these still meet the usual expectations for special, I will leave
it up to ingo to decide to either document separately or in one man
page like OpenSSL did.
Will also need Symbols.list additions by tb@ when he starts the rapture
ok tb@ jsing@
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libssl/ssl.h | 7 | ||||
| -rw-r--r-- | src/lib/libssl/ssl_lib.c | 81 |
2 files changed, 86 insertions, 2 deletions
diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h index 09d68beb0b..1a0403c72b 100644 --- a/src/lib/libssl/ssl.h +++ b/src/lib/libssl/ssl.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl.h,v 1.211 2021/10/23 11:41:51 beck Exp $ */ | 1 | /* $OpenBSD: ssl.h,v 1.212 2021/10/23 15:30:44 beck Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -1289,6 +1289,11 @@ int SSL_is_server(const SSL *s); | |||
| 1289 | int SSL_read(SSL *ssl, void *buf, int num); | 1289 | int SSL_read(SSL *ssl, void *buf, int num); |
| 1290 | int SSL_peek(SSL *ssl, void *buf, int num); | 1290 | int SSL_peek(SSL *ssl, void *buf, int num); |
| 1291 | int SSL_write(SSL *ssl, const void *buf, int num); | 1291 | int SSL_write(SSL *ssl, const void *buf, int num); |
| 1292 | #if defined(LIBRESSL_NEW_API) | ||
| 1293 | int SSL_read_ex(SSL *ssl, void *buf, size_t num, size_t *bytes_read); | ||
| 1294 | int SSL_peek_ex(SSL *ssl, void *buf, size_t num, size_t *bytes_peeked); | ||
| 1295 | int SSL_write_ex(SSL *ssl, const void *buf, size_t num, size_t *bytes_written); | ||
| 1296 | #endif | ||
| 1292 | 1297 | ||
| 1293 | #if defined(LIBRESSL_HAS_TLS1_3) || defined(LIBRESSL_INTERNAL) | 1298 | #if defined(LIBRESSL_HAS_TLS1_3) || defined(LIBRESSL_INTERNAL) |
| 1294 | uint32_t SSL_CTX_get_max_early_data(const SSL_CTX *ctx); | 1299 | uint32_t SSL_CTX_get_max_early_data(const SSL_CTX *ctx); |
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c index c029b3716c..1363cd64fd 100644 --- a/src/lib/libssl/ssl_lib.c +++ b/src/lib/libssl/ssl_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_lib.c,v 1.271 2021/10/23 15:02:27 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_lib.c,v 1.272 2021/10/23 15:30:44 beck Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -141,6 +141,7 @@ | |||
| 141 | */ | 141 | */ |
| 142 | 142 | ||
| 143 | #include <arpa/inet.h> | 143 | #include <arpa/inet.h> |
| 144 | #include <sys/limits.h> | ||
| 144 | #include <sys/socket.h> | 145 | #include <sys/socket.h> |
| 145 | #include <netinet/in.h> | 146 | #include <netinet/in.h> |
| 146 | 147 | ||
| @@ -995,6 +996,11 @@ SSL_get_default_timeout(const SSL *s) | |||
| 995 | int | 996 | int |
| 996 | SSL_read(SSL *s, void *buf, int num) | 997 | SSL_read(SSL *s, void *buf, int num) |
| 997 | { | 998 | { |
| 999 | if (num < 0) { | ||
| 1000 | SSLerror(s, SSL_R_BAD_LENGTH); | ||
| 1001 | return -1; | ||
| 1002 | } | ||
| 1003 | |||
| 998 | if (s->internal->handshake_func == NULL) { | 1004 | if (s->internal->handshake_func == NULL) { |
| 999 | SSLerror(s, SSL_R_UNINITIALIZED); | 1005 | SSLerror(s, SSL_R_UNINITIALIZED); |
| 1000 | return (-1); | 1006 | return (-1); |
| @@ -1008,8 +1014,32 @@ SSL_read(SSL *s, void *buf, int num) | |||
| 1008 | } | 1014 | } |
| 1009 | 1015 | ||
| 1010 | int | 1016 | int |
| 1017 | SSL_read_ex(SSL *s, void *buf, size_t num, size_t *bytes_read) | ||
| 1018 | { | ||
| 1019 | int ret; | ||
| 1020 | |||
| 1021 | /* We simply don't bother supporting enormous reads */ | ||
| 1022 | if (num > INT_MAX) { | ||
| 1023 | SSLerror(s, SSL_R_BAD_LENGTH); | ||
| 1024 | return 0; | ||
| 1025 | } | ||
| 1026 | |||
| 1027 | ret = SSL_read(s, buf, (int)num); | ||
| 1028 | if (ret < 0) | ||
| 1029 | ret = 0; | ||
| 1030 | *bytes_read = ret; | ||
| 1031 | |||
| 1032 | return ret > 0; | ||
| 1033 | } | ||
| 1034 | |||
| 1035 | int | ||
| 1011 | SSL_peek(SSL *s, void *buf, int num) | 1036 | SSL_peek(SSL *s, void *buf, int num) |
| 1012 | { | 1037 | { |
| 1038 | if (num < 0) { | ||
| 1039 | SSLerror(s, SSL_R_BAD_LENGTH); | ||
| 1040 | return -1; | ||
| 1041 | } | ||
| 1042 | |||
| 1013 | if (s->internal->handshake_func == NULL) { | 1043 | if (s->internal->handshake_func == NULL) { |
| 1014 | SSLerror(s, SSL_R_UNINITIALIZED); | 1044 | SSLerror(s, SSL_R_UNINITIALIZED); |
| 1015 | return (-1); | 1045 | return (-1); |
| @@ -1022,8 +1052,32 @@ SSL_peek(SSL *s, void *buf, int num) | |||
| 1022 | } | 1052 | } |
| 1023 | 1053 | ||
| 1024 | int | 1054 | int |
| 1055 | SSL_peek_ex(SSL *s, void *buf, size_t num, size_t *bytes_peeked) | ||
| 1056 | { | ||
| 1057 | int ret; | ||
| 1058 | |||
| 1059 | /* We simply don't bother supporting enormous peeks */ | ||
| 1060 | if (num > INT_MAX) { | ||
| 1061 | SSLerror(s, SSL_R_BAD_LENGTH); | ||
| 1062 | return 0; | ||
| 1063 | } | ||
| 1064 | |||
| 1065 | ret = SSL_peek(s, buf, (int)num); | ||
| 1066 | if (ret < 0) | ||
| 1067 | ret = 0; | ||
| 1068 | *bytes_peeked = ret; | ||
| 1069 | |||
| 1070 | return ret > 0; | ||
| 1071 | } | ||
| 1072 | |||
| 1073 | int | ||
| 1025 | SSL_write(SSL *s, const void *buf, int num) | 1074 | SSL_write(SSL *s, const void *buf, int num) |
| 1026 | { | 1075 | { |
| 1076 | if (num < 0) { | ||
| 1077 | SSLerror(s, SSL_R_BAD_LENGTH); | ||
| 1078 | return -1; | ||
| 1079 | } | ||
| 1080 | |||
| 1027 | if (s->internal->handshake_func == NULL) { | 1081 | if (s->internal->handshake_func == NULL) { |
| 1028 | SSLerror(s, SSL_R_UNINITIALIZED); | 1082 | SSLerror(s, SSL_R_UNINITIALIZED); |
| 1029 | return (-1); | 1083 | return (-1); |
| @@ -1037,6 +1091,31 @@ SSL_write(SSL *s, const void *buf, int num) | |||
| 1037 | return ssl3_write(s, buf, num); | 1091 | return ssl3_write(s, buf, num); |
| 1038 | } | 1092 | } |
| 1039 | 1093 | ||
| 1094 | int | ||
| 1095 | SSL_write_ex(SSL *s, const void *buf, size_t num, size_t *bytes_written) | ||
| 1096 | { | ||
| 1097 | int ret; | ||
| 1098 | |||
| 1099 | /* We simply don't bother supporting enormous writes */ | ||
| 1100 | if (num > INT_MAX) { | ||
| 1101 | SSLerror(s, SSL_R_BAD_LENGTH); | ||
| 1102 | return 0; | ||
| 1103 | } | ||
| 1104 | |||
| 1105 | if (num == 0) { | ||
| 1106 | /* This API is special */ | ||
| 1107 | bytes_written = 0; | ||
| 1108 | return 1; | ||
| 1109 | } | ||
| 1110 | |||
| 1111 | ret = SSL_write(s, buf, (int)num); | ||
| 1112 | if (ret < 0) | ||
| 1113 | ret = 0; | ||
| 1114 | *bytes_written = ret; | ||
| 1115 | |||
| 1116 | return ret > 0; | ||
| 1117 | } | ||
| 1118 | |||
| 1040 | uint32_t | 1119 | uint32_t |
| 1041 | SSL_CTX_get_max_early_data(const SSL_CTX *ctx) | 1120 | SSL_CTX_get_max_early_data(const SSL_CTX *ctx) |
| 1042 | { | 1121 | { |