1 files changed, 65 insertions, 1 deletions
diff --git a/src/lib/libssl/s23_clnt.c b/src/lib/libssl/s23_clnt.c
index 30d97683a7..00954777fc 100644
--- a/src/lib/libssl/s23_clnt.c
+++ b/src/lib/libssl/s23_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s23_clnt.c,v 1.38 2015/03/31 13:17:48 jsing Exp $ */
+/* $OpenBSD: s23_clnt.c,v 1.39 2015/07/19 06:31:32 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -120,6 +120,7 @@
 static const SSL_METHOD *ssl23_get_client_method(int ver);
 static int ssl23_client_hello(SSL *s);
 static int ssl23_get_server_hello(SSL *s);
+static const SSL_METHOD *tls_get_client_method(int ver);
 const SSL_METHOD SSLv23_client_method_data = {
        .version = TLS1_2_VERSION,
@@ -153,6 +154,39 @@ const SSL_METHOD SSLv23_client_method_data = {
        .ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
 };
+const SSL_METHOD TLS_client_method_data = {
+        .version = TLS1_2_VERSION,
+        .ssl_new = tls1_new,
+        .ssl_clear = tls1_clear,
+        .ssl_free = tls1_free,
+        .ssl_accept = ssl_undefined_function,
+        .ssl_connect = tls_connect,
+        .ssl_read = ssl23_read,
+        .ssl_peek = ssl23_peek,
+        .ssl_write = ssl23_write,
+        .ssl_shutdown = ssl_undefined_function,
+        .ssl_renegotiate = ssl_undefined_function,
+        .ssl_renegotiate_check = ssl_ok,
+        .ssl_get_message = ssl3_get_message,
+        .ssl_read_bytes = ssl3_read_bytes,
+        .ssl_write_bytes = ssl3_write_bytes,
+        .ssl_dispatch_alert = ssl3_dispatch_alert,
+        .ssl_ctrl = ssl3_ctrl,
+        .ssl_ctx_ctrl = ssl3_ctx_ctrl,
+        .get_cipher_by_char = ssl3_get_cipher_by_char,
+        .put_cipher_by_char = ssl3_put_cipher_by_char,
+        .ssl_pending = ssl_undefined_const_function,
+        .num_ciphers = ssl3_num_ciphers,
+        .get_cipher = ssl3_get_cipher,
+        .get_ssl_method = tls_get_client_method,
+        .get_timeout = ssl23_default_timeout,
+        .ssl3_enc = &ssl3_undef_enc_method,
+        .ssl_version = ssl_undefined_void_function,
+        .ssl_callback_ctrl = ssl3_callback_ctrl,
+        .ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
+};
 const SSL_METHOD *
 SSLv23_client_method(void)
 {
@@ -544,3 +578,33 @@ ssl23_get_server_hello(SSL *s)
 err:
        return (-1);
 }
+const SSL_METHOD *
+TLS_client_method(void)
+{
+        return &TLS_client_method_data;
+}
+static const SSL_METHOD *
+tls_get_client_method(int ver)
+{
+        if (ver == SSL3_VERSION)
+                return (NULL);
+        else
+                return ssl23_get_client_method(ver);
+}
+int
+tls_connect(SSL *s)
+{
+        int ret;
+        unsigned long old_options;
+        old_options = s->options;
+        s->options |= SSL_OP_NO_SSLv3;
+        ret = ssl23_connect(s);
+        s->options = old_options;
+        return ret;
+}

diff --git a/src/lib/libssl/s23_clnt.c b/src/lib/libssl/s23_clnt.c index 30d97683a7..00954777fc 100644 --- a/src/lib/libssl/s23_clnt.c +++ b/src/lib/libssl/s23_clnt.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: s23_clnt.c,v 1.38 2015/03/31 13:17:48 jsing Exp $ */	1	/* $OpenBSD: s23_clnt.c,v 1.39 2015/07/19 06:31:32 doug Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -120,6 +120,7 @@
120	static const SSL_METHOD *ssl23_get_client_method(int ver);	120	static const SSL_METHOD *ssl23_get_client_method(int ver);
121	static int ssl23_client_hello(SSL *s);	121	static int ssl23_client_hello(SSL *s);
122	static int ssl23_get_server_hello(SSL *s);	122	static int ssl23_get_server_hello(SSL *s);
		123	static const SSL_METHOD *tls_get_client_method(int ver);
123		124
124	const SSL_METHOD SSLv23_client_method_data = {	125	const SSL_METHOD SSLv23_client_method_data = {
125	.version = TLS1_2_VERSION,	126	.version = TLS1_2_VERSION,
@@ -153,6 +154,39 @@ const SSL_METHOD SSLv23_client_method_data = {
153	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,	154	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
154	};	155	};
155		156
		157	const SSL_METHOD TLS_client_method_data = {
		158	.version = TLS1_2_VERSION,
		159	.ssl_new = tls1_new,
		160	.ssl_clear = tls1_clear,
		161	.ssl_free = tls1_free,
		162	.ssl_accept = ssl_undefined_function,
		163	.ssl_connect = tls_connect,
		164	.ssl_read = ssl23_read,
		165	.ssl_peek = ssl23_peek,
		166	.ssl_write = ssl23_write,
		167	.ssl_shutdown = ssl_undefined_function,
		168	.ssl_renegotiate = ssl_undefined_function,
		169	.ssl_renegotiate_check = ssl_ok,
		170	.ssl_get_message = ssl3_get_message,
		171	.ssl_read_bytes = ssl3_read_bytes,
		172	.ssl_write_bytes = ssl3_write_bytes,
		173	.ssl_dispatch_alert = ssl3_dispatch_alert,
		174	.ssl_ctrl = ssl3_ctrl,
		175	.ssl_ctx_ctrl = ssl3_ctx_ctrl,
		176	.get_cipher_by_char = ssl3_get_cipher_by_char,
		177	.put_cipher_by_char = ssl3_put_cipher_by_char,
		178	.ssl_pending = ssl_undefined_const_function,
		179	.num_ciphers = ssl3_num_ciphers,
		180	.get_cipher = ssl3_get_cipher,
		181	.get_ssl_method = tls_get_client_method,
		182	.get_timeout = ssl23_default_timeout,
		183	.ssl3_enc = &ssl3_undef_enc_method,
		184	.ssl_version = ssl_undefined_void_function,
		185	.ssl_callback_ctrl = ssl3_callback_ctrl,
		186	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
		187	};
		188
		189
156	const SSL_METHOD *	190	const SSL_METHOD *
157	SSLv23_client_method(void)	191	SSLv23_client_method(void)
158	{	192	{
@@ -544,3 +578,33 @@ ssl23_get_server_hello(SSL *s)
544	err:	578	err:
545	return (-1);	579	return (-1);
546	}	580	}
		581
		582	const SSL_METHOD *
		583	TLS_client_method(void)
		584	{
		585	return &TLS_client_method_data;
		586	}
		587
		588	static const SSL_METHOD *
		589	tls_get_client_method(int ver)
		590	{
		591	if (ver == SSL3_VERSION)
		592	return (NULL);
		593	else
		594	return ssl23_get_client_method(ver);
		595	}
		596
		597	int
		598	tls_connect(SSL *s)
		599	{
		600	int ret;
		601	unsigned long old_options;
		602
		603	old_options = s->options;
		604
		605	s->options \|= SSL_OP_NO_SSLv3;
		606	ret = ssl23_connect(s);
		607	s->options = old_options;
		608
		609	return ret;
		610	}