summaryrefslogtreecommitdiff
path: root/src/lib/libssl/ssl
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--src/lib/libssl/ssl.h2394
-rw-r--r--src/lib/libssl/ssl2.h153
-rw-r--r--src/lib/libssl/ssl23.h82
-rw-r--r--src/lib/libssl/ssl3.h636
-rw-r--r--src/lib/libssl/ssl_algs.c131
-rw-r--r--src/lib/libssl/ssl_asn1.c692
-rw-r--r--src/lib/libssl/ssl_cert.c737
-rw-r--r--src/lib/libssl/ssl_ciph.c1765
-rw-r--r--src/lib/libssl/ssl_err.c615
-rw-r--r--src/lib/libssl/ssl_err2.c72
-rw-r--r--src/lib/libssl/ssl_lib.c3121
-rw-r--r--src/lib/libssl/ssl_locl.h874
-rw-r--r--src/lib/libssl/ssl_rsa.c755
-rw-r--r--src/lib/libssl/ssl_sess.c1104
-rw-r--r--src/lib/libssl/ssl_stat.c801
-rw-r--r--src/lib/libssl/ssl_txt.c187
16 files changed, 0 insertions, 14119 deletions
diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h
deleted file mode 100644
index 73d007400f..0000000000
--- a/src/lib/libssl/ssl.h
+++ /dev/null
@@ -1,2394 +0,0 @@
1/* $OpenBSD: ssl.h,v 1.83 2015/02/22 15:54:27 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111/* ====================================================================
112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113 * ECC cipher suite support in OpenSSL originally developed by
114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
115 */
116/* ====================================================================
117 * Copyright 2005 Nokia. All rights reserved.
118 *
119 * The portions of the attached software ("Contribution") is developed by
120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
121 * license.
122 *
123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
125 * support (see RFC 4279) to OpenSSL.
126 *
127 * No patent licenses or other rights except those expressly stated in
128 * the OpenSSL open source license shall be deemed granted or received
129 * expressly, by implication, estoppel, or otherwise.
130 *
131 * No assurances are provided by Nokia that the Contribution does not
132 * infringe the patent or other intellectual property rights of any third
133 * party or that the license provides you with all the necessary rights
134 * to make use of the Contribution.
135 *
136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
140 * OTHERWISE.
141 */
142
143#ifndef HEADER_SSL_H
144#define HEADER_SSL_H
145
146#include <stdint.h>
147
148#include <openssl/opensslconf.h>
149#include <openssl/hmac.h>
150#include <openssl/pem.h>
151#include <openssl/safestack.h>
152
153#ifndef OPENSSL_NO_BIO
154#include <openssl/bio.h>
155#endif
156
157#ifndef OPENSSL_NO_DEPRECATED
158#include <openssl/buffer.h>
159#include <openssl/crypto.h>
160#include <openssl/lhash.h>
161
162#ifndef OPENSSL_NO_X509
163#include <openssl/x509.h>
164#endif
165#endif
166
167#ifdef __cplusplus
168extern "C" {
169#endif
170
171/* SSLeay version number for ASN.1 encoding of the session information */
172/* Version 0 - initial version
173 * Version 1 - added the optional peer certificate
174 */
175#define SSL_SESSION_ASN1_VERSION 0x0001
176
177/* text strings for the ciphers */
178#define SSL_TXT_NULL_WITH_MD5 SSL2_TXT_NULL_WITH_MD5
179#define SSL_TXT_RC4_128_WITH_MD5 SSL2_TXT_RC4_128_WITH_MD5
180#define SSL_TXT_RC4_128_EXPORT40_WITH_MD5 SSL2_TXT_RC4_128_EXPORT40_WITH_MD5
181#define SSL_TXT_RC2_128_CBC_WITH_MD5 SSL2_TXT_RC2_128_CBC_WITH_MD5
182#define SSL_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5
183#define SSL_TXT_IDEA_128_CBC_WITH_MD5 SSL2_TXT_IDEA_128_CBC_WITH_MD5
184#define SSL_TXT_DES_64_CBC_WITH_MD5 SSL2_TXT_DES_64_CBC_WITH_MD5
185#define SSL_TXT_DES_64_CBC_WITH_SHA SSL2_TXT_DES_64_CBC_WITH_SHA
186#define SSL_TXT_DES_192_EDE3_CBC_WITH_MD5 SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5
187#define SSL_TXT_DES_192_EDE3_CBC_WITH_SHA SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA
188
189/* VRS Additional Kerberos5 entries
190 */
191#define SSL_TXT_KRB5_DES_64_CBC_SHA SSL3_TXT_KRB5_DES_64_CBC_SHA
192#define SSL_TXT_KRB5_DES_192_CBC3_SHA SSL3_TXT_KRB5_DES_192_CBC3_SHA
193#define SSL_TXT_KRB5_RC4_128_SHA SSL3_TXT_KRB5_RC4_128_SHA
194#define SSL_TXT_KRB5_IDEA_128_CBC_SHA SSL3_TXT_KRB5_IDEA_128_CBC_SHA
195#define SSL_TXT_KRB5_DES_64_CBC_MD5 SSL3_TXT_KRB5_DES_64_CBC_MD5
196#define SSL_TXT_KRB5_DES_192_CBC3_MD5 SSL3_TXT_KRB5_DES_192_CBC3_MD5
197#define SSL_TXT_KRB5_RC4_128_MD5 SSL3_TXT_KRB5_RC4_128_MD5
198#define SSL_TXT_KRB5_IDEA_128_CBC_MD5 SSL3_TXT_KRB5_IDEA_128_CBC_MD5
199
200#define SSL_TXT_KRB5_DES_40_CBC_SHA SSL3_TXT_KRB5_DES_40_CBC_SHA
201#define SSL_TXT_KRB5_RC2_40_CBC_SHA SSL3_TXT_KRB5_RC2_40_CBC_SHA
202#define SSL_TXT_KRB5_RC4_40_SHA SSL3_TXT_KRB5_RC4_40_SHA
203#define SSL_TXT_KRB5_DES_40_CBC_MD5 SSL3_TXT_KRB5_DES_40_CBC_MD5
204#define SSL_TXT_KRB5_RC2_40_CBC_MD5 SSL3_TXT_KRB5_RC2_40_CBC_MD5
205#define SSL_TXT_KRB5_RC4_40_MD5 SSL3_TXT_KRB5_RC4_40_MD5
206
207#define SSL_TXT_KRB5_DES_40_CBC_SHA SSL3_TXT_KRB5_DES_40_CBC_SHA
208#define SSL_TXT_KRB5_DES_40_CBC_MD5 SSL3_TXT_KRB5_DES_40_CBC_MD5
209#define SSL_TXT_KRB5_DES_64_CBC_SHA SSL3_TXT_KRB5_DES_64_CBC_SHA
210#define SSL_TXT_KRB5_DES_64_CBC_MD5 SSL3_TXT_KRB5_DES_64_CBC_MD5
211#define SSL_TXT_KRB5_DES_192_CBC3_SHA SSL3_TXT_KRB5_DES_192_CBC3_SHA
212#define SSL_TXT_KRB5_DES_192_CBC3_MD5 SSL3_TXT_KRB5_DES_192_CBC3_MD5
213#define SSL_MAX_KRB5_PRINCIPAL_LENGTH 256
214
215#define SSL_MAX_SSL_SESSION_ID_LENGTH 32
216#define SSL_MAX_SID_CTX_LENGTH 32
217
218#define SSL_MIN_RSA_MODULUS_LENGTH_IN_BYTES (512/8)
219#define SSL_MAX_KEY_ARG_LENGTH 8
220#define SSL_MAX_MASTER_KEY_LENGTH 48
221
222
223/* These are used to specify which ciphers to use and not to use */
224
225#define SSL_TXT_LOW "LOW"
226#define SSL_TXT_MEDIUM "MEDIUM"
227#define SSL_TXT_HIGH "HIGH"
228
229#define SSL_TXT_kFZA "kFZA" /* unused! */
230#define SSL_TXT_aFZA "aFZA" /* unused! */
231#define SSL_TXT_eFZA "eFZA" /* unused! */
232#define SSL_TXT_FZA "FZA" /* unused! */
233
234#define SSL_TXT_aNULL "aNULL"
235#define SSL_TXT_eNULL "eNULL"
236#define SSL_TXT_NULL "NULL"
237
238#define SSL_TXT_kRSA "kRSA"
239#define SSL_TXT_kDHr "kDHr" /* no such ciphersuites supported! */
240#define SSL_TXT_kDHd "kDHd" /* no such ciphersuites supported! */
241#define SSL_TXT_kDH "kDH" /* no such ciphersuites supported! */
242#define SSL_TXT_kEDH "kEDH"
243#define SSL_TXT_kKRB5 "kKRB5"
244#define SSL_TXT_kECDHr "kECDHr"
245#define SSL_TXT_kECDHe "kECDHe"
246#define SSL_TXT_kECDH "kECDH"
247#define SSL_TXT_kEECDH "kEECDH"
248#define SSL_TXT_kPSK "kPSK"
249#define SSL_TXT_kGOST "kGOST"
250#define SSL_TXT_kSRP "kSRP"
251
252#define SSL_TXT_aRSA "aRSA"
253#define SSL_TXT_aDSS "aDSS"
254#define SSL_TXT_aDH "aDH" /* no such ciphersuites supported! */
255#define SSL_TXT_aECDH "aECDH"
256#define SSL_TXT_aKRB5 "aKRB5"
257#define SSL_TXT_aECDSA "aECDSA"
258#define SSL_TXT_aPSK "aPSK"
259#define SSL_TXT_aGOST94 "aGOST94"
260#define SSL_TXT_aGOST01 "aGOST01"
261#define SSL_TXT_aGOST "aGOST"
262
263#define SSL_TXT_DSS "DSS"
264#define SSL_TXT_DH "DH"
265#define SSL_TXT_DHE "DHE" /* same as "kDHE:-ADH" */
266#define SSL_TXT_EDH "EDH" /* previous name for DHE */
267#define SSL_TXT_ADH "ADH"
268#define SSL_TXT_RSA "RSA"
269#define SSL_TXT_ECDH "ECDH"
270#define SSL_TXT_ECDHE "ECDHE" /* same as "kECDHE:-AECDH" */
271#define SSL_TXT_EECDH "EECDH" /* previous name for ECDHE */
272#define SSL_TXT_AECDH "AECDH"
273#define SSL_TXT_ECDSA "ECDSA"
274#define SSL_TXT_KRB5 "KRB5"
275#define SSL_TXT_PSK "PSK"
276#define SSL_TXT_SRP "SRP"
277
278#define SSL_TXT_DES "DES"
279#define SSL_TXT_3DES "3DES"
280#define SSL_TXT_RC4 "RC4"
281#define SSL_TXT_RC2 "RC2"
282#define SSL_TXT_IDEA "IDEA"
283#define SSL_TXT_SEED "SEED"
284#define SSL_TXT_AES128 "AES128"
285#define SSL_TXT_AES256 "AES256"
286#define SSL_TXT_AES "AES"
287#define SSL_TXT_AES_GCM "AESGCM"
288#define SSL_TXT_CAMELLIA128 "CAMELLIA128"
289#define SSL_TXT_CAMELLIA256 "CAMELLIA256"
290#define SSL_TXT_CAMELLIA "CAMELLIA"
291#define SSL_TXT_CHACHA20 "CHACHA20"
292
293#define SSL_TXT_AEAD "AEAD"
294#define SSL_TXT_MD5 "MD5"
295#define SSL_TXT_SHA1 "SHA1"
296#define SSL_TXT_SHA "SHA" /* same as "SHA1" */
297#define SSL_TXT_GOST94 "GOST94"
298#define SSL_TXT_GOST89MAC "GOST89MAC"
299#define SSL_TXT_SHA256 "SHA256"
300#define SSL_TXT_SHA384 "SHA384"
301#define SSL_TXT_STREEBOG256 "STREEBOG256"
302#define SSL_TXT_STREEBOG512 "STREEBOG512"
303
304#define SSL_TXT_DTLS1 "DTLSv1"
305#define SSL_TXT_DTLS1_BAD "DTLSv1-bad"
306#define SSL_TXT_SSLV2 "SSLv2"
307#define SSL_TXT_SSLV3 "SSLv3"
308#define SSL_TXT_TLSV1 "TLSv1"
309#define SSL_TXT_TLSV1_1 "TLSv1.1"
310#define SSL_TXT_TLSV1_2 "TLSv1.2"
311
312#define SSL_TXT_EXP "EXP"
313#define SSL_TXT_EXPORT "EXPORT"
314
315#define SSL_TXT_ALL "ALL"
316
317/*
318 * COMPLEMENTOF* definitions. These identifiers are used to (de-select)
319 * ciphers normally not being used.
320 * Example: "RC4" will activate all ciphers using RC4 including ciphers
321 * without authentication, which would normally disabled by DEFAULT (due
322 * the "!ADH" being part of default). Therefore "RC4:!COMPLEMENTOFDEFAULT"
323 * will make sure that it is also disabled in the specific selection.
324 * COMPLEMENTOF* identifiers are portable between version, as adjustments
325 * to the default cipher setup will also be included here.
326 *
327 * COMPLEMENTOFDEFAULT does not experience the same special treatment that
328 * DEFAULT gets, as only selection is being done and no sorting as needed
329 * for DEFAULT.
330 */
331#define SSL_TXT_CMPALL "COMPLEMENTOFALL"
332#define SSL_TXT_CMPDEF "COMPLEMENTOFDEFAULT"
333
334/* The following cipher list is used by default.
335 * It also is substituted when an application-defined cipher list string
336 * starts with 'DEFAULT'. */
337#define SSL_DEFAULT_CIPHER_LIST "ALL:!aNULL:!eNULL:!SSLv2"
338/* As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always
339 * starts with a reasonable order, and all we have to do for DEFAULT is
340 * throwing out anonymous and unencrypted ciphersuites!
341 * (The latter are not actually enabled by ALL, but "ALL:RSA" would enable
342 * some of them.)
343 */
344
345/* Used in SSL_set_shutdown()/SSL_get_shutdown(); */
346#define SSL_SENT_SHUTDOWN 1
347#define SSL_RECEIVED_SHUTDOWN 2
348
349
350#define SSL_FILETYPE_ASN1 X509_FILETYPE_ASN1
351#define SSL_FILETYPE_PEM X509_FILETYPE_PEM
352
353/* This is needed to stop compilers complaining about the
354 * 'struct ssl_st *' function parameters used to prototype callbacks
355 * in SSL_CTX. */
356typedef struct ssl_st *ssl_crock_st;
357typedef struct tls_session_ticket_ext_st TLS_SESSION_TICKET_EXT;
358typedef struct ssl_method_st SSL_METHOD;
359typedef struct ssl_cipher_st SSL_CIPHER;
360typedef struct ssl_session_st SSL_SESSION;
361
362DECLARE_STACK_OF(SSL_CIPHER)
363
364/* SRTP protection profiles for use with the use_srtp extension (RFC 5764)*/
365typedef struct srtp_protection_profile_st {
366 const char *name;
367 unsigned long id;
368} SRTP_PROTECTION_PROFILE;
369
370DECLARE_STACK_OF(SRTP_PROTECTION_PROFILE)
371
372typedef int (*tls_session_ticket_ext_cb_fn)(SSL *s, const unsigned char *data,
373 int len, void *arg);
374typedef int (*tls_session_secret_cb_fn)(SSL *s, void *secret, int *secret_len,
375 STACK_OF(SSL_CIPHER) *peer_ciphers, SSL_CIPHER **cipher, void *arg);
376
377#ifndef OPENSSL_NO_SSL_INTERN
378
379/* used to hold info on the particular ciphers used */
380struct ssl_cipher_st {
381 int valid;
382 const char *name; /* text name */
383 unsigned long id; /* id, 4 bytes, first is version */
384
385 /* changed in 0.9.9: these four used to be portions of a single value 'algorithms' */
386 unsigned long algorithm_mkey; /* key exchange algorithm */
387 unsigned long algorithm_auth; /* server authentication */
388 unsigned long algorithm_enc; /* symmetric encryption */
389 unsigned long algorithm_mac; /* symmetric authentication */
390 unsigned long algorithm_ssl; /* (major) protocol version */
391
392 unsigned long algo_strength; /* strength and export flags */
393 unsigned long algorithm2; /* Extra flags */
394 int strength_bits; /* Number of bits really used */
395 int alg_bits; /* Number of bits for algorithm */
396};
397
398
399/* Used to hold functions for SSLv3/TLSv1 functions */
400struct ssl_method_st {
401 int version;
402 int (*ssl_new)(SSL *s);
403 void (*ssl_clear)(SSL *s);
404 void (*ssl_free)(SSL *s);
405 int (*ssl_accept)(SSL *s);
406 int (*ssl_connect)(SSL *s);
407 int (*ssl_read)(SSL *s, void *buf, int len);
408 int (*ssl_peek)(SSL *s, void *buf, int len);
409 int (*ssl_write)(SSL *s, const void *buf, int len);
410 int (*ssl_shutdown)(SSL *s);
411 int (*ssl_renegotiate)(SSL *s);
412 int (*ssl_renegotiate_check)(SSL *s);
413 long (*ssl_get_message)(SSL *s, int st1, int stn, int mt,
414 long max, int *ok);
415 int (*ssl_read_bytes)(SSL *s, int type, unsigned char *buf,
416 int len, int peek);
417 int (*ssl_write_bytes)(SSL *s, int type, const void *buf_, int len);
418 int (*ssl_dispatch_alert)(SSL *s);
419 long (*ssl_ctrl)(SSL *s, int cmd, long larg, void *parg);
420 long (*ssl_ctx_ctrl)(SSL_CTX *ctx, int cmd, long larg, void *parg);
421 const SSL_CIPHER *(*get_cipher_by_char)(const unsigned char *ptr);
422 int (*put_cipher_by_char)(const SSL_CIPHER *cipher, unsigned char *ptr);
423 int (*ssl_pending)(const SSL *s);
424 int (*num_ciphers)(void);
425 const SSL_CIPHER *(*get_cipher)(unsigned ncipher);
426 const struct ssl_method_st *(*get_ssl_method)(int version);
427 long (*get_timeout)(void);
428 struct ssl3_enc_method *ssl3_enc; /* Extra SSLv3/TLS stuff */
429 int (*ssl_version)(void);
430 long (*ssl_callback_ctrl)(SSL *s, int cb_id, void (*fp)(void));
431 long (*ssl_ctx_callback_ctrl)(SSL_CTX *s, int cb_id, void (*fp)(void));
432};
433
434/* Lets make this into an ASN.1 type structure as follows
435 * SSL_SESSION_ID ::= SEQUENCE {
436 * version INTEGER, -- structure version number
437 * SSLversion INTEGER, -- SSL version number
438 * Cipher OCTET STRING, -- the 3 byte cipher ID
439 * Session_ID OCTET STRING, -- the Session ID
440 * Master_key OCTET STRING, -- the master key
441 * KRB5_principal OCTET STRING -- optional Kerberos principal
442 * Time [ 1 ] EXPLICIT INTEGER, -- optional Start Time
443 * Timeout [ 2 ] EXPLICIT INTEGER, -- optional Timeout ins seconds
444 * Peer [ 3 ] EXPLICIT X509, -- optional Peer Certificate
445 * Session_ID_context [ 4 ] EXPLICIT OCTET STRING, -- the Session ID context
446 * Verify_result [ 5 ] EXPLICIT INTEGER, -- X509_V_... code for `Peer'
447 * HostName [ 6 ] EXPLICIT OCTET STRING, -- optional HostName from servername TLS extension
448 * PSK_identity_hint [ 7 ] EXPLICIT OCTET STRING, -- optional PSK identity hint
449 * PSK_identity [ 8 ] EXPLICIT OCTET STRING, -- optional PSK identity
450 * Ticket_lifetime_hint [9] EXPLICIT INTEGER, -- server's lifetime hint for session ticket
451 * Ticket [10] EXPLICIT OCTET STRING, -- session ticket (clients only)
452 * Compression_meth [11] EXPLICIT OCTET STRING, -- optional compression method
453 * SRP_username [ 12 ] EXPLICIT OCTET STRING -- optional SRP username
454 * }
455 * Look in ssl/ssl_asn1.c for more details
456 * I'm using EXPLICIT tags so I can read the damn things using asn1parse :-).
457 */
458struct ssl_session_st {
459 int ssl_version; /* what ssl version session info is
460 * being kept in here? */
461
462 int master_key_length;
463 unsigned char master_key[SSL_MAX_MASTER_KEY_LENGTH];
464 /* session_id - valid? */
465 unsigned int session_id_length;
466 unsigned char session_id[SSL_MAX_SSL_SESSION_ID_LENGTH];
467 /* this is used to determine whether the session is being reused in
468 * the appropriate context. It is up to the application to set this,
469 * via SSL_new */
470 unsigned int sid_ctx_length;
471 unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
472
473 /* Used to indicate that session resumption is not allowed.
474 * Applications can also set this bit for a new session via
475 * not_resumable_session_cb to disable session caching and tickets. */
476 int not_resumable;
477
478 /* The cert is the certificate used to establish this connection */
479 struct sess_cert_st /* SESS_CERT */ *sess_cert;
480
481 /* This is the cert for the other end.
482 * On clients, it will be the same as sess_cert->peer_key->x509
483 * (the latter is not enough as sess_cert is not retained
484 * in the external representation of sessions, see ssl_asn1.c). */
485 X509 *peer;
486 /* when app_verify_callback accepts a session where the peer's certificate
487 * is not ok, we must remember the error for session reuse: */
488 long verify_result; /* only for servers */
489
490 long timeout;
491 time_t time;
492 int references;
493
494 const SSL_CIPHER *cipher;
495 unsigned long cipher_id; /* when ASN.1 loaded, this
496 * needs to be used to load
497 * the 'cipher' structure */
498
499 STACK_OF(SSL_CIPHER) *ciphers; /* shared ciphers? */
500
501 CRYPTO_EX_DATA ex_data; /* application specific data */
502
503 /* These are used to make removal of session-ids more
504 * efficient and to implement a maximum cache size. */
505 struct ssl_session_st *prev, *next;
506 char *tlsext_hostname;
507 size_t tlsext_ecpointformatlist_length;
508 uint8_t *tlsext_ecpointformatlist; /* peer's list */
509 size_t tlsext_ellipticcurvelist_length;
510 uint16_t *tlsext_ellipticcurvelist; /* peer's list */
511
512 /* RFC4507 info */
513 unsigned char *tlsext_tick; /* Session ticket */
514 size_t tlsext_ticklen; /* Session ticket length */
515 long tlsext_tick_lifetime_hint; /* Session lifetime hint in seconds */
516};
517
518#endif
519
520#define SSL_OP_MICROSOFT_SESS_ID_BUG 0x00000001L
521#define SSL_OP_NETSCAPE_CHALLENGE_BUG 0x00000002L
522/* Allow initial connection to servers that don't support RI */
523#define SSL_OP_LEGACY_SERVER_CONNECT 0x00000004L
524#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008L
525#define SSL_OP_TLSEXT_PADDING 0x00000010L
526#define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x00000020L
527#define SSL_OP_SAFARI_ECDHE_ECDSA_BUG 0x00000040L
528#define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x00000080L
529#define SSL_OP_TLS_D5_BUG 0x00000100L
530#define SSL_OP_TLS_BLOCK_PADDING_BUG 0x00000200L
531
532/* Hasn't done anything since OpenSSL 0.9.7h, retained for compatibility */
533#define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x0
534
535/* Refers to ancient SSLREF and SSLv2, retained for compatibility */
536#define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x0
537
538/* Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added
539 * in OpenSSL 0.9.6d. Usually (depending on the application protocol)
540 * the workaround is not needed.
541 * Unfortunately some broken SSL/TLS implementations cannot handle it
542 * at all, which is why it was previously included in SSL_OP_ALL.
543 * Now it's not.
544 */
545#define SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS 0x00000800L /* added in 0.9.6e */
546
547/* SSL_OP_ALL: various bug workarounds that should be rather harmless.
548 * This used to be 0x000FFFFFL before 0.9.7. */
549#define SSL_OP_ALL 0x800003FFL
550
551/* DTLS options */
552#define SSL_OP_NO_QUERY_MTU 0x00001000L
553/* Turn on Cookie Exchange (on relevant for servers) */
554#define SSL_OP_COOKIE_EXCHANGE 0x00002000L
555/* Don't use RFC4507 ticket extension */
556#define SSL_OP_NO_TICKET 0x00004000L
557/* Use Cisco's "speshul" version of DTLS_BAD_VER (as client) */
558#define SSL_OP_CISCO_ANYCONNECT 0x00008000L
559
560/* As server, disallow session resumption on renegotiation */
561#define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0x00010000L
562/* Don't use compression even if supported */
563#define SSL_OP_NO_COMPRESSION 0x00020000L
564/* Permit unsafe legacy renegotiation */
565#define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x00040000L
566/* If set, always create a new key when using tmp_ecdh parameters */
567#define SSL_OP_SINGLE_ECDH_USE 0x00080000L
568/* If set, always create a new key when using tmp_dh parameters */
569#define SSL_OP_SINGLE_DH_USE 0x00100000L
570/* Set to always use the tmp_rsa key when doing RSA operations,
571 * even when this violates protocol specs */
572#define SSL_OP_EPHEMERAL_RSA 0x00200000L
573/* Set on servers to choose the cipher according to the server's
574 * preferences */
575#define SSL_OP_CIPHER_SERVER_PREFERENCE 0x00400000L
576/* If set, a server will allow a client to issue a SSLv3.0 version number
577 * as latest version supported in the premaster secret, even when TLSv1.0
578 * (version 3.1) was announced in the client hello. Normally this is
579 * forbidden to prevent version rollback attacks. */
580#define SSL_OP_TLS_ROLLBACK_BUG 0x00800000L
581
582#define SSL_OP_NO_SSLv2 0x01000000L
583#define SSL_OP_NO_SSLv3 0x02000000L
584#define SSL_OP_NO_TLSv1 0x04000000L
585#define SSL_OP_NO_TLSv1_2 0x08000000L
586#define SSL_OP_NO_TLSv1_1 0x10000000L
587
588/* Obsolete flags kept for compatibility. No sane code should use them. */
589#define SSL_OP_PKCS1_CHECK_1 0x0
590#define SSL_OP_PKCS1_CHECK_2 0x0
591
592#define SSL_OP_NETSCAPE_CA_DN_BUG 0x20000000L
593#define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG 0x40000000L
594/* Make server add server-hello extension from early version of
595 * cryptopro draft, when GOST ciphersuite is negotiated.
596 * Required for interoperability with CryptoPro CSP 3.x
597 */
598#define SSL_OP_CRYPTOPRO_TLSEXT_BUG 0x80000000L
599
600/* Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success
601 * when just a single record has been written): */
602#define SSL_MODE_ENABLE_PARTIAL_WRITE 0x00000001L
603/* Make it possible to retry SSL_write() with changed buffer location
604 * (buffer contents must stay the same!); this is not the default to avoid
605 * the misconception that non-blocking SSL_write() behaves like
606 * non-blocking write(): */
607#define SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER 0x00000002L
608/* Never bother the application with retries if the transport
609 * is blocking: */
610#define SSL_MODE_AUTO_RETRY 0x00000004L
611/* Don't attempt to automatically build certificate chain */
612#define SSL_MODE_NO_AUTO_CHAIN 0x00000008L
613/* Save RAM by releasing read and write buffers when they're empty. (SSL3 and
614 * TLS only.) "Released" buffers are put onto a free-list in the context
615 * or just freed (depending on the context's setting for freelist_max_len). */
616#define SSL_MODE_RELEASE_BUFFERS 0x00000010L
617
618/* Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value,
619 * they cannot be used to clear bits. */
620
621#define SSL_CTX_set_options(ctx,op) \
622 SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,(op),NULL)
623#define SSL_CTX_clear_options(ctx,op) \
624 SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_OPTIONS,(op),NULL)
625#define SSL_CTX_get_options(ctx) \
626 SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,0,NULL)
627#define SSL_set_options(ssl,op) \
628 SSL_ctrl((ssl),SSL_CTRL_OPTIONS,(op),NULL)
629#define SSL_clear_options(ssl,op) \
630 SSL_ctrl((ssl),SSL_CTRL_CLEAR_OPTIONS,(op),NULL)
631#define SSL_get_options(ssl) \
632 SSL_ctrl((ssl),SSL_CTRL_OPTIONS,0,NULL)
633
634#define SSL_CTX_set_mode(ctx,op) \
635 SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,(op),NULL)
636#define SSL_CTX_clear_mode(ctx,op) \
637 SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_MODE,(op),NULL)
638#define SSL_CTX_get_mode(ctx) \
639 SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,0,NULL)
640#define SSL_clear_mode(ssl,op) \
641 SSL_ctrl((ssl),SSL_CTRL_CLEAR_MODE,(op),NULL)
642#define SSL_set_mode(ssl,op) \
643 SSL_ctrl((ssl),SSL_CTRL_MODE,(op),NULL)
644#define SSL_get_mode(ssl) \
645 SSL_ctrl((ssl),SSL_CTRL_MODE,0,NULL)
646#define SSL_set_mtu(ssl, mtu) \
647 SSL_ctrl((ssl),SSL_CTRL_SET_MTU,(mtu),NULL)
648
649#define SSL_get_secure_renegotiation_support(ssl) \
650 SSL_ctrl((ssl), SSL_CTRL_GET_RI_SUPPORT, 0, NULL)
651
652void SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p,
653 int version, int content_type, const void *buf, size_t len, SSL *ssl,
654 void *arg));
655void SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version,
656 int content_type, const void *buf, size_t len, SSL *ssl, void *arg));
657#define SSL_CTX_set_msg_callback_arg(ctx, arg) SSL_CTX_ctrl((ctx), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
658#define SSL_set_msg_callback_arg(ssl, arg) SSL_ctrl((ssl), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
659
660struct ssl_aead_ctx_st;
661typedef struct ssl_aead_ctx_st SSL_AEAD_CTX;
662
663#define SSL_MAX_CERT_LIST_DEFAULT 1024*100 /* 100k max cert list :-) */
664
665#define SSL_SESSION_CACHE_MAX_SIZE_DEFAULT (1024*20)
666
667/* This callback type is used inside SSL_CTX, SSL, and in the functions that set
668 * them. It is used to override the generation of SSL/TLS session IDs in a
669 * server. Return value should be zero on an error, non-zero to proceed. Also,
670 * callbacks should themselves check if the id they generate is unique otherwise
671 * the SSL handshake will fail with an error - callbacks can do this using the
672 * 'ssl' value they're passed by;
673 * SSL_has_matching_session_id(ssl, id, *id_len)
674 * The length value passed in is set at the maximum size the session ID can be.
675 * In SSLv2 this is 16 bytes, whereas SSLv3/TLSv1 it is 32 bytes. The callback
676 * can alter this length to be less if desired, but under SSLv2 session IDs are
677 * supposed to be fixed at 16 bytes so the id will be padded after the callback
678 * returns in this case. It is also an error for the callback to set the size to
679 * zero. */
680typedef int (*GEN_SESSION_CB)(const SSL *ssl, unsigned char *id,
681 unsigned int *id_len);
682
683typedef struct ssl_comp_st SSL_COMP;
684
685#ifndef OPENSSL_NO_SSL_INTERN
686
687struct ssl_comp_st {
688 int id;
689 const char *name;
690};
691
692DECLARE_STACK_OF(SSL_COMP)
693DECLARE_LHASH_OF(SSL_SESSION);
694
695struct ssl_ctx_st {
696 const SSL_METHOD *method;
697
698 STACK_OF(SSL_CIPHER) *cipher_list;
699 /* same as above but sorted for lookup */
700 STACK_OF(SSL_CIPHER) *cipher_list_by_id;
701
702 struct x509_store_st /* X509_STORE */ *cert_store;
703 LHASH_OF(SSL_SESSION) *sessions;
704 /* Most session-ids that will be cached, default is
705 * SSL_SESSION_CACHE_MAX_SIZE_DEFAULT. 0 is unlimited. */
706 unsigned long session_cache_size;
707 struct ssl_session_st *session_cache_head;
708 struct ssl_session_st *session_cache_tail;
709
710 /* This can have one of 2 values, ored together,
711 * SSL_SESS_CACHE_CLIENT,
712 * SSL_SESS_CACHE_SERVER,
713 * Default is SSL_SESSION_CACHE_SERVER, which means only
714 * SSL_accept which cache SSL_SESSIONS. */
715 int session_cache_mode;
716
717 /* If timeout is not 0, it is the default timeout value set
718 * when SSL_new() is called. This has been put in to make
719 * life easier to set things up */
720 long session_timeout;
721
722 /* If this callback is not null, it will be called each
723 * time a session id is added to the cache. If this function
724 * returns 1, it means that the callback will do a
725 * SSL_SESSION_free() when it has finished using it. Otherwise,
726 * on 0, it means the callback has finished with it.
727 * If remove_session_cb is not null, it will be called when
728 * a session-id is removed from the cache. After the call,
729 * OpenSSL will SSL_SESSION_free() it. */
730 int (*new_session_cb)(struct ssl_st *ssl, SSL_SESSION *sess);
731 void (*remove_session_cb)(struct ssl_ctx_st *ctx, SSL_SESSION *sess);
732 SSL_SESSION *(*get_session_cb)(struct ssl_st *ssl,
733 unsigned char *data, int len, int *copy);
734
735 struct {
736 int sess_connect; /* SSL new conn - started */
737 int sess_connect_renegotiate;/* SSL reneg - requested */
738 int sess_connect_good; /* SSL new conne/reneg - finished */
739 int sess_accept; /* SSL new accept - started */
740 int sess_accept_renegotiate;/* SSL reneg - requested */
741 int sess_accept_good; /* SSL accept/reneg - finished */
742 int sess_miss; /* session lookup misses */
743 int sess_timeout; /* reuse attempt on timeouted session */
744 int sess_cache_full; /* session removed due to full cache */
745 int sess_hit; /* session reuse actually done */
746 int sess_cb_hit; /* session-id that was not
747 * in the cache was
748 * passed back via the callback. This
749 * indicates that the application is
750 * supplying session-id's from other
751 * processes - spooky :-) */
752 } stats;
753
754 int references;
755
756 /* if defined, these override the X509_verify_cert() calls */
757 int (*app_verify_callback)(X509_STORE_CTX *, void *);
758 void *app_verify_arg;
759 /* before OpenSSL 0.9.7, 'app_verify_arg' was ignored
760 * ('app_verify_callback' was called with just one argument) */
761
762 /* Default password callback. */
763 pem_password_cb *default_passwd_callback;
764
765 /* Default password callback user data. */
766 void *default_passwd_callback_userdata;
767
768 /* get client cert callback */
769 int (*client_cert_cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey);
770
771 /* cookie generate callback */
772 int (*app_gen_cookie_cb)(SSL *ssl, unsigned char *cookie,
773 unsigned int *cookie_len);
774
775 /* verify cookie callback */
776 int (*app_verify_cookie_cb)(SSL *ssl, unsigned char *cookie,
777 unsigned int cookie_len);
778
779 CRYPTO_EX_DATA ex_data;
780
781 const EVP_MD *md5; /* For SSLv3/TLSv1 'ssl3-md5' */
782 const EVP_MD *sha1; /* For SSLv3/TLSv1 'ssl3-sha1' */
783
784 STACK_OF(X509) *extra_certs;
785
786 /* Default values used when no per-SSL value is defined follow */
787
788 void (*info_callback)(const SSL *ssl,int type,int val); /* used if SSL's info_callback is NULL */
789
790 /* what we put in client cert requests */
791 STACK_OF(X509_NAME) *client_CA;
792
793
794 /* Default values to use in SSL structures follow (these are copied by SSL_new) */
795
796 unsigned long options;
797 unsigned long mode;
798 long max_cert_list;
799
800 struct cert_st /* CERT */ *cert;
801 int read_ahead;
802
803 /* callback that allows applications to peek at protocol messages */
804 void (*msg_callback)(int write_p, int version, int content_type,
805 const void *buf, size_t len, SSL *ssl, void *arg);
806 void *msg_callback_arg;
807
808 int verify_mode;
809 unsigned int sid_ctx_length;
810 unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
811 int (*default_verify_callback)(int ok,X509_STORE_CTX *ctx); /* called 'verify_callback' in the SSL */
812
813 /* Default generate session ID callback. */
814 GEN_SESSION_CB generate_session_id;
815
816 X509_VERIFY_PARAM *param;
817
818 int quiet_shutdown;
819
820 /* Maximum amount of data to send in one fragment.
821 * actual record size can be more than this due to
822 * padding and MAC overheads.
823 */
824 unsigned int max_send_fragment;
825
826#ifndef OPENSSL_NO_ENGINE
827 /* Engine to pass requests for client certs to
828 */
829 ENGINE *client_cert_engine;
830#endif
831
832 /* TLS extensions servername callback */
833 int (*tlsext_servername_callback)(SSL*, int *, void *);
834 void *tlsext_servername_arg;
835 /* RFC 4507 session ticket keys */
836 unsigned char tlsext_tick_key_name[16];
837 unsigned char tlsext_tick_hmac_key[16];
838 unsigned char tlsext_tick_aes_key[16];
839 /* Callback to support customisation of ticket key setting */
840 int (*tlsext_ticket_key_cb)(SSL *ssl, unsigned char *name,
841 unsigned char *iv, EVP_CIPHER_CTX *ectx, HMAC_CTX *hctx, int enc);
842
843 /* certificate status request info */
844 /* Callback for status request */
845 int (*tlsext_status_cb)(SSL *ssl, void *arg);
846 void *tlsext_status_arg;
847
848
849
850
851 /* Next protocol negotiation information */
852 /* (for experimental NPN extension). */
853
854 /* For a server, this contains a callback function by which the set of
855 * advertised protocols can be provided. */
856 int (*next_protos_advertised_cb)(SSL *s, const unsigned char **buf,
857 unsigned int *len, void *arg);
858 void *next_protos_advertised_cb_arg;
859 /* For a client, this contains a callback function that selects the
860 * next protocol from the list provided by the server. */
861 int (*next_proto_select_cb)(SSL *s, unsigned char **out,
862 unsigned char *outlen, const unsigned char *in,
863 unsigned int inlen, void *arg);
864 void *next_proto_select_cb_arg;
865
866 /*
867 * ALPN information
868 * (we are in the process of transitioning from NPN to ALPN).
869 */
870
871 /*
872 * Server callback function that allows the server to select the
873 * protocol for the connection.
874 * out: on successful return, this must point to the raw protocol
875 * name (without the length prefix).
876 * outlen: on successful return, this contains the length of out.
877 * in: points to the client's list of supported protocols in
878 * wire-format.
879 * inlen: the length of in.
880 */
881 int (*alpn_select_cb)(SSL *s, const unsigned char **out,
882 unsigned char *outlen, const unsigned char *in, unsigned int inlen,
883 void *arg);
884 void *alpn_select_cb_arg;
885
886 /* Client list of supported protocols in wire format. */
887 unsigned char *alpn_client_proto_list;
888 unsigned int alpn_client_proto_list_len;
889
890 /* SRTP profiles we are willing to do from RFC 5764 */
891 STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles;
892};
893
894#endif
895
896#define SSL_SESS_CACHE_OFF 0x0000
897#define SSL_SESS_CACHE_CLIENT 0x0001
898#define SSL_SESS_CACHE_SERVER 0x0002
899#define SSL_SESS_CACHE_BOTH (SSL_SESS_CACHE_CLIENT|SSL_SESS_CACHE_SERVER)
900#define SSL_SESS_CACHE_NO_AUTO_CLEAR 0x0080
901/* enough comments already ... see SSL_CTX_set_session_cache_mode(3) */
902#define SSL_SESS_CACHE_NO_INTERNAL_LOOKUP 0x0100
903#define SSL_SESS_CACHE_NO_INTERNAL_STORE 0x0200
904#define SSL_SESS_CACHE_NO_INTERNAL \
905 (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP|SSL_SESS_CACHE_NO_INTERNAL_STORE)
906
907LHASH_OF(SSL_SESSION) *SSL_CTX_sessions(SSL_CTX *ctx);
908#define SSL_CTX_sess_number(ctx) \
909 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_NUMBER,0,NULL)
910#define SSL_CTX_sess_connect(ctx) \
911 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT,0,NULL)
912#define SSL_CTX_sess_connect_good(ctx) \
913 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_GOOD,0,NULL)
914#define SSL_CTX_sess_connect_renegotiate(ctx) \
915 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_RENEGOTIATE,0,NULL)
916#define SSL_CTX_sess_accept(ctx) \
917 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT,0,NULL)
918#define SSL_CTX_sess_accept_renegotiate(ctx) \
919 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT_RENEGOTIATE,0,NULL)
920#define SSL_CTX_sess_accept_good(ctx) \
921 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT_GOOD,0,NULL)
922#define SSL_CTX_sess_hits(ctx) \
923 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_HIT,0,NULL)
924#define SSL_CTX_sess_cb_hits(ctx) \
925 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CB_HIT,0,NULL)
926#define SSL_CTX_sess_misses(ctx) \
927 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_MISSES,0,NULL)
928#define SSL_CTX_sess_timeouts(ctx) \
929 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_TIMEOUTS,0,NULL)
930#define SSL_CTX_sess_cache_full(ctx) \
931 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CACHE_FULL,0,NULL)
932
933void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx,
934 int (*new_session_cb)(struct ssl_st *ssl, SSL_SESSION *sess));
935int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx))(struct ssl_st *ssl,
936 SSL_SESSION *sess);
937void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx,
938 void (*remove_session_cb)(struct ssl_ctx_st *ctx, SSL_SESSION *sess));
939void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx))(struct ssl_ctx_st *ctx,
940 SSL_SESSION *sess);
941void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx,
942 SSL_SESSION *(*get_session_cb)(struct ssl_st *ssl, unsigned char *data,
943 int len, int *copy));
944SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx))(struct ssl_st *ssl,
945 unsigned char *Data, int len, int *copy);
946void SSL_CTX_set_info_callback(SSL_CTX *ctx, void (*cb)(const SSL *ssl,
947 int type, int val));
948void (*SSL_CTX_get_info_callback(SSL_CTX *ctx))(const SSL *ssl, int type,
949 int val);
950void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx,
951 int (*client_cert_cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey));
952int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx))(SSL *ssl, X509 **x509,
953 EVP_PKEY **pkey);
954#ifndef OPENSSL_NO_ENGINE
955int SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e);
956#endif
957void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx,
958 int (*app_gen_cookie_cb)(SSL *ssl, unsigned char *cookie,
959 unsigned int *cookie_len));
960void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx,
961 int (*app_verify_cookie_cb)(SSL *ssl, unsigned char *cookie,
962 unsigned int cookie_len));
963void
964SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *s, int (*cb)(SSL *ssl,
965 const unsigned char **out, unsigned int *outlen, void *arg), void *arg);
966void SSL_CTX_set_next_proto_select_cb(SSL_CTX *s, int (*cb)(SSL *ssl,
967 unsigned char **out, unsigned char *outlen, const unsigned char *in,
968 unsigned int inlen, void *arg), void *arg);
969
970int SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
971 const unsigned char *in, unsigned int inlen, const unsigned char *client,
972 unsigned int client_len);
973void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data,
974 unsigned *len);
975
976#define OPENSSL_NPN_UNSUPPORTED 0
977#define OPENSSL_NPN_NEGOTIATED 1
978#define OPENSSL_NPN_NO_OVERLAP 2
979
980int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos,
981 unsigned int protos_len);
982int SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos,
983 unsigned int protos_len);
984void SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx,
985 int (*cb)(SSL *ssl, const unsigned char **out, unsigned char *outlen,
986 const unsigned char *in, unsigned int inlen, void *arg), void *arg);
987void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
988 unsigned int *len);
989
990#define SSL_NOTHING 1
991#define SSL_WRITING 2
992#define SSL_READING 3
993#define SSL_X509_LOOKUP 4
994
995/* These will only be used when doing non-blocking IO */
996#define SSL_want_nothing(s) (SSL_want(s) == SSL_NOTHING)
997#define SSL_want_read(s) (SSL_want(s) == SSL_READING)
998#define SSL_want_write(s) (SSL_want(s) == SSL_WRITING)
999#define SSL_want_x509_lookup(s) (SSL_want(s) == SSL_X509_LOOKUP)
1000
1001#define SSL_MAC_FLAG_READ_MAC_STREAM 1
1002#define SSL_MAC_FLAG_WRITE_MAC_STREAM 2
1003
1004#ifndef OPENSSL_NO_SSL_INTERN
1005
1006struct ssl_st {
1007 /* protocol version
1008 * (one of SSL2_VERSION, SSL3_VERSION, TLS1_VERSION, DTLS1_VERSION)
1009 */
1010 int version;
1011 int type; /* SSL_ST_CONNECT or SSL_ST_ACCEPT */
1012
1013 const SSL_METHOD *method; /* SSLv3 */
1014
1015 /* There are 2 BIO's even though they are normally both the
1016 * same. This is so data can be read and written to different
1017 * handlers */
1018
1019#ifndef OPENSSL_NO_BIO
1020 BIO *rbio; /* used by SSL_read */
1021 BIO *wbio; /* used by SSL_write */
1022 BIO *bbio; /* used during session-id reuse to concatenate
1023 * messages */
1024#else
1025 char *rbio; /* used by SSL_read */
1026 char *wbio; /* used by SSL_write */
1027 char *bbio;
1028#endif
1029 /* This holds a variable that indicates what we were doing
1030 * when a 0 or -1 is returned. This is needed for
1031 * non-blocking IO so we know what request needs re-doing when
1032 * in SSL_accept or SSL_connect */
1033 int rwstate;
1034
1035 /* true when we are actually in SSL_accept() or SSL_connect() */
1036 int in_handshake;
1037 int (*handshake_func)(SSL *);
1038
1039 /* Imagine that here's a boolean member "init" that is
1040 * switched as soon as SSL_set_{accept/connect}_state
1041 * is called for the first time, so that "state" and
1042 * "handshake_func" are properly initialized. But as
1043 * handshake_func is == 0 until then, we use this
1044 * test instead of an "init" member.
1045 */
1046
1047 int server; /* are we the server side? - mostly used by SSL_clear*/
1048
1049 int new_session;/* Generate a new session or reuse an old one.
1050 * NB: For servers, the 'new' session may actually be a previously
1051 * cached session or even the previous session unless
1052 * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is set */
1053 int quiet_shutdown;/* don't send shutdown packets */
1054 int shutdown; /* we have shut things down, 0x01 sent, 0x02
1055 * for received */
1056 int state; /* where we are */
1057 int rstate; /* where we are when reading */
1058
1059 BUF_MEM *init_buf; /* buffer used during init */
1060 void *init_msg; /* pointer to handshake message body, set by ssl3_get_message() */
1061 int init_num; /* amount read/written */
1062 int init_off; /* amount read/written */
1063
1064 /* used internally to point at a raw packet */
1065 unsigned char *packet;
1066 unsigned int packet_length;
1067
1068 struct ssl3_state_st *s3; /* SSLv3 variables */
1069 struct dtls1_state_st *d1; /* DTLSv1 variables */
1070
1071 int read_ahead; /* Read as many input bytes as possible
1072 * (for non-blocking reads) */
1073
1074 /* callback that allows applications to peek at protocol messages */
1075 void (*msg_callback)(int write_p, int version, int content_type,
1076 const void *buf, size_t len, SSL *ssl, void *arg);
1077 void *msg_callback_arg;
1078
1079 int hit; /* reusing a previous session */
1080
1081 X509_VERIFY_PARAM *param;
1082
1083 /* crypto */
1084 STACK_OF(SSL_CIPHER) *cipher_list;
1085 STACK_OF(SSL_CIPHER) *cipher_list_by_id;
1086
1087 /* These are the ones being used, the ones in SSL_SESSION are
1088 * the ones to be 'copied' into these ones */
1089 int mac_flags;
1090
1091 SSL_AEAD_CTX *aead_read_ctx; /* AEAD context. If non-NULL, then
1092 enc_read_ctx and read_hash are
1093 ignored. */
1094
1095 EVP_CIPHER_CTX *enc_read_ctx; /* cryptographic state */
1096 EVP_MD_CTX *read_hash; /* used for mac generation */
1097
1098 SSL_AEAD_CTX *aead_write_ctx; /* AEAD context. If non-NULL, then
1099 enc_write_ctx and write_hash are
1100 ignored. */
1101
1102 EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */
1103 EVP_MD_CTX *write_hash; /* used for mac generation */
1104
1105 /* session info */
1106
1107 /* client cert? */
1108 /* This is used to hold the server certificate used */
1109 struct cert_st /* CERT */ *cert;
1110
1111 /* the session_id_context is used to ensure sessions are only reused
1112 * in the appropriate context */
1113 unsigned int sid_ctx_length;
1114 unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
1115
1116 /* This can also be in the session once a session is established */
1117 SSL_SESSION *session;
1118
1119 /* Default generate session ID callback. */
1120 GEN_SESSION_CB generate_session_id;
1121
1122 /* Used in SSL2 and SSL3 */
1123 int verify_mode; /* 0 don't care about verify failure.
1124 * 1 fail if verify fails */
1125 int (*verify_callback)(int ok,X509_STORE_CTX *ctx); /* fail if callback returns 0 */
1126
1127 void (*info_callback)(const SSL *ssl,int type,int val); /* optional informational callback */
1128
1129 int error; /* error bytes to be written */
1130 int error_code; /* actual code */
1131
1132
1133
1134 SSL_CTX *ctx;
1135 /* set this flag to 1 and a sleep(1) is put into all SSL_read()
1136 * and SSL_write() calls, good for nbio debuging :-) */
1137 int debug;
1138
1139
1140 /* extra application data */
1141 long verify_result;
1142 CRYPTO_EX_DATA ex_data;
1143
1144 /* for server side, keep the list of CA_dn we can use */
1145 STACK_OF(X509_NAME) *client_CA;
1146
1147 int references;
1148 unsigned long options; /* protocol behaviour */
1149 unsigned long mode; /* API behaviour */
1150 long max_cert_list;
1151 int first_packet;
1152 int client_version; /* what was passed, used for
1153 * SSLv3/TLS rollback check */
1154 unsigned int max_send_fragment;
1155 /* TLS extension debug callback */
1156 void (*tlsext_debug_cb)(SSL *s, int client_server, int type,
1157 unsigned char *data, int len, void *arg);
1158 void *tlsext_debug_arg;
1159 char *tlsext_hostname;
1160 int servername_done; /* no further mod of servername
1161 0 : call the servername extension callback.
1162 1 : prepare 2, allow last ack just after in server callback.
1163 2 : don't call servername callback, no ack in server hello
1164 */
1165 /* certificate status request info */
1166 /* Status type or -1 if no status type */
1167 int tlsext_status_type;
1168 /* Expect OCSP CertificateStatus message */
1169 int tlsext_status_expected;
1170 /* OCSP status request only */
1171 STACK_OF(OCSP_RESPID) *tlsext_ocsp_ids;
1172 X509_EXTENSIONS *tlsext_ocsp_exts;
1173 /* OCSP response received or to be sent */
1174 unsigned char *tlsext_ocsp_resp;
1175 int tlsext_ocsp_resplen;
1176
1177 /* RFC4507 session ticket expected to be received or sent */
1178 int tlsext_ticket_expected;
1179 size_t tlsext_ecpointformatlist_length;
1180 uint8_t *tlsext_ecpointformatlist; /* our list */
1181 size_t tlsext_ellipticcurvelist_length;
1182 uint16_t *tlsext_ellipticcurvelist; /* our list */
1183
1184 /* TLS Session Ticket extension override */
1185 TLS_SESSION_TICKET_EXT *tlsext_session_ticket;
1186
1187 /* TLS Session Ticket extension callback */
1188 tls_session_ticket_ext_cb_fn tls_session_ticket_ext_cb;
1189 void *tls_session_ticket_ext_cb_arg;
1190
1191 /* TLS pre-shared secret session resumption */
1192 tls_session_secret_cb_fn tls_session_secret_cb;
1193 void *tls_session_secret_cb_arg;
1194
1195 SSL_CTX * initial_ctx; /* initial ctx, used to store sessions */
1196
1197 /* Next protocol negotiation. For the client, this is the protocol that
1198 * we sent in NextProtocol and is set when handling ServerHello
1199 * extensions.
1200 *
1201 * For a server, this is the client's selected_protocol from
1202 * NextProtocol and is set when handling the NextProtocol message,
1203 * before the Finished message. */
1204 unsigned char *next_proto_negotiated;
1205 unsigned char next_proto_negotiated_len;
1206
1207#define session_ctx initial_ctx
1208
1209 STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles; /* What we'll do */
1210 SRTP_PROTECTION_PROFILE *srtp_profile; /* What's been chosen */
1211
1212 unsigned int tlsext_heartbeat; /* Is use of the Heartbeat extension negotiated?
1213 0: disabled
1214 1: enabled
1215 2: enabled, but not allowed to send Requests
1216 */
1217 unsigned int tlsext_hb_pending; /* Indicates if a HeartbeatRequest is in flight */
1218 unsigned int tlsext_hb_seq; /* HeartbeatRequest sequence number */
1219
1220 /* Client list of supported protocols in wire format. */
1221 unsigned char *alpn_client_proto_list;
1222 unsigned int alpn_client_proto_list_len;
1223
1224 int renegotiate;/* 1 if we are renegotiating.
1225 * 2 if we are a server and are inside a handshake
1226 * (i.e. not just sending a HelloRequest) */
1227
1228};
1229
1230#endif
1231
1232#ifdef __cplusplus
1233}
1234#endif
1235
1236#include <openssl/ssl2.h>
1237#include <openssl/ssl3.h>
1238#include <openssl/tls1.h> /* This is mostly sslv3 with a few tweaks */
1239#include <openssl/dtls1.h> /* Datagram TLS */
1240#include <openssl/ssl23.h>
1241#include <openssl/srtp.h> /* Support for the use_srtp extension */
1242
1243#ifdef __cplusplus
1244extern "C" {
1245#endif
1246
1247/* compatibility */
1248#define SSL_set_app_data(s,arg) (SSL_set_ex_data(s,0,(char *)arg))
1249#define SSL_get_app_data(s) (SSL_get_ex_data(s,0))
1250#define SSL_SESSION_set_app_data(s,a) (SSL_SESSION_set_ex_data(s,0,(char *)a))
1251#define SSL_SESSION_get_app_data(s) (SSL_SESSION_get_ex_data(s,0))
1252#define SSL_CTX_get_app_data(ctx) (SSL_CTX_get_ex_data(ctx,0))
1253#define SSL_CTX_set_app_data(ctx,arg) (SSL_CTX_set_ex_data(ctx,0,(char *)arg))
1254
1255/* The following are the possible values for ssl->state are are
1256 * used to indicate where we are up to in the SSL connection establishment.
1257 * The macros that follow are about the only things you should need to use
1258 * and even then, only when using non-blocking IO.
1259 * It can also be useful to work out where you were when the connection
1260 * failed */
1261
1262#define SSL_ST_CONNECT 0x1000
1263#define SSL_ST_ACCEPT 0x2000
1264#define SSL_ST_MASK 0x0FFF
1265#define SSL_ST_INIT (SSL_ST_CONNECT|SSL_ST_ACCEPT)
1266#define SSL_ST_BEFORE 0x4000
1267#define SSL_ST_OK 0x03
1268#define SSL_ST_RENEGOTIATE (0x04|SSL_ST_INIT)
1269
1270#define SSL_CB_LOOP 0x01
1271#define SSL_CB_EXIT 0x02
1272#define SSL_CB_READ 0x04
1273#define SSL_CB_WRITE 0x08
1274#define SSL_CB_ALERT 0x4000 /* used in callback */
1275#define SSL_CB_READ_ALERT (SSL_CB_ALERT|SSL_CB_READ)
1276#define SSL_CB_WRITE_ALERT (SSL_CB_ALERT|SSL_CB_WRITE)
1277#define SSL_CB_ACCEPT_LOOP (SSL_ST_ACCEPT|SSL_CB_LOOP)
1278#define SSL_CB_ACCEPT_EXIT (SSL_ST_ACCEPT|SSL_CB_EXIT)
1279#define SSL_CB_CONNECT_LOOP (SSL_ST_CONNECT|SSL_CB_LOOP)
1280#define SSL_CB_CONNECT_EXIT (SSL_ST_CONNECT|SSL_CB_EXIT)
1281#define SSL_CB_HANDSHAKE_START 0x10
1282#define SSL_CB_HANDSHAKE_DONE 0x20
1283
1284/* Is the SSL_connection established? */
1285#define SSL_get_state(a) SSL_state(a)
1286#define SSL_is_init_finished(a) (SSL_state(a) == SSL_ST_OK)
1287#define SSL_in_init(a) (SSL_state(a)&SSL_ST_INIT)
1288#define SSL_in_before(a) (SSL_state(a)&SSL_ST_BEFORE)
1289#define SSL_in_connect_init(a) (SSL_state(a)&SSL_ST_CONNECT)
1290#define SSL_in_accept_init(a) (SSL_state(a)&SSL_ST_ACCEPT)
1291
1292/* The following 2 states are kept in ssl->rstate when reads fail,
1293 * you should not need these */
1294#define SSL_ST_READ_HEADER 0xF0
1295#define SSL_ST_READ_BODY 0xF1
1296#define SSL_ST_READ_DONE 0xF2
1297
1298/* Obtain latest Finished message
1299 * -- that we sent (SSL_get_finished)
1300 * -- that we expected from peer (SSL_get_peer_finished).
1301 * Returns length (0 == no Finished so far), copies up to 'count' bytes. */
1302size_t SSL_get_finished(const SSL *s, void *buf, size_t count);
1303size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count);
1304
1305/* use either SSL_VERIFY_NONE or SSL_VERIFY_PEER, the last 2 options
1306 * are 'ored' with SSL_VERIFY_PEER if they are desired */
1307#define SSL_VERIFY_NONE 0x00
1308#define SSL_VERIFY_PEER 0x01
1309#define SSL_VERIFY_FAIL_IF_NO_PEER_CERT 0x02
1310#define SSL_VERIFY_CLIENT_ONCE 0x04
1311
1312#define OpenSSL_add_ssl_algorithms() SSL_library_init()
1313#define SSLeay_add_ssl_algorithms() SSL_library_init()
1314
1315/* More backward compatibility */
1316#define SSL_get_cipher(s) \
1317 SSL_CIPHER_get_name(SSL_get_current_cipher(s))
1318#define SSL_get_cipher_bits(s,np) \
1319 SSL_CIPHER_get_bits(SSL_get_current_cipher(s),np)
1320#define SSL_get_cipher_version(s) \
1321 SSL_CIPHER_get_version(SSL_get_current_cipher(s))
1322#define SSL_get_cipher_name(s) \
1323 SSL_CIPHER_get_name(SSL_get_current_cipher(s))
1324#define SSL_get_time(a) SSL_SESSION_get_time(a)
1325#define SSL_set_time(a,b) SSL_SESSION_set_time((a),(b))
1326#define SSL_get_timeout(a) SSL_SESSION_get_timeout(a)
1327#define SSL_set_timeout(a,b) SSL_SESSION_set_timeout((a),(b))
1328
1329#define d2i_SSL_SESSION_bio(bp,s_id) ASN1_d2i_bio_of(SSL_SESSION,SSL_SESSION_new,d2i_SSL_SESSION,bp,s_id)
1330#define i2d_SSL_SESSION_bio(bp,s_id) ASN1_i2d_bio_of(SSL_SESSION,i2d_SSL_SESSION,bp,s_id)
1331
1332DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
1333
1334#define SSL_AD_REASON_OFFSET 1000 /* offset to get SSL_R_... value from SSL_AD_... */
1335
1336/* These alert types are for SSLv3 and TLSv1 */
1337#define SSL_AD_CLOSE_NOTIFY SSL3_AD_CLOSE_NOTIFY
1338#define SSL_AD_UNEXPECTED_MESSAGE SSL3_AD_UNEXPECTED_MESSAGE /* fatal */
1339#define SSL_AD_BAD_RECORD_MAC SSL3_AD_BAD_RECORD_MAC /* fatal */
1340#define SSL_AD_DECRYPTION_FAILED TLS1_AD_DECRYPTION_FAILED
1341#define SSL_AD_RECORD_OVERFLOW TLS1_AD_RECORD_OVERFLOW
1342#define SSL_AD_DECOMPRESSION_FAILURE SSL3_AD_DECOMPRESSION_FAILURE/* fatal */
1343#define SSL_AD_HANDSHAKE_FAILURE SSL3_AD_HANDSHAKE_FAILURE/* fatal */
1344#define SSL_AD_NO_CERTIFICATE SSL3_AD_NO_CERTIFICATE /* Not for TLS */
1345#define SSL_AD_BAD_CERTIFICATE SSL3_AD_BAD_CERTIFICATE
1346#define SSL_AD_UNSUPPORTED_CERTIFICATE SSL3_AD_UNSUPPORTED_CERTIFICATE
1347#define SSL_AD_CERTIFICATE_REVOKED SSL3_AD_CERTIFICATE_REVOKED
1348#define SSL_AD_CERTIFICATE_EXPIRED SSL3_AD_CERTIFICATE_EXPIRED
1349#define SSL_AD_CERTIFICATE_UNKNOWN SSL3_AD_CERTIFICATE_UNKNOWN
1350#define SSL_AD_ILLEGAL_PARAMETER SSL3_AD_ILLEGAL_PARAMETER /* fatal */
1351#define SSL_AD_UNKNOWN_CA TLS1_AD_UNKNOWN_CA /* fatal */
1352#define SSL_AD_ACCESS_DENIED TLS1_AD_ACCESS_DENIED /* fatal */
1353#define SSL_AD_DECODE_ERROR TLS1_AD_DECODE_ERROR /* fatal */
1354#define SSL_AD_DECRYPT_ERROR TLS1_AD_DECRYPT_ERROR
1355#define SSL_AD_EXPORT_RESTRICTION TLS1_AD_EXPORT_RESTRICTION/* fatal */
1356#define SSL_AD_PROTOCOL_VERSION TLS1_AD_PROTOCOL_VERSION /* fatal */
1357#define SSL_AD_INSUFFICIENT_SECURITY TLS1_AD_INSUFFICIENT_SECURITY/* fatal */
1358#define SSL_AD_INTERNAL_ERROR TLS1_AD_INTERNAL_ERROR /* fatal */
1359#define SSL_AD_USER_CANCELLED TLS1_AD_USER_CANCELLED
1360#define SSL_AD_NO_RENEGOTIATION TLS1_AD_NO_RENEGOTIATION
1361#define SSL_AD_UNSUPPORTED_EXTENSION TLS1_AD_UNSUPPORTED_EXTENSION
1362#define SSL_AD_CERTIFICATE_UNOBTAINABLE TLS1_AD_CERTIFICATE_UNOBTAINABLE
1363#define SSL_AD_UNRECOGNIZED_NAME TLS1_AD_UNRECOGNIZED_NAME
1364#define SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE
1365#define SSL_AD_BAD_CERTIFICATE_HASH_VALUE TLS1_AD_BAD_CERTIFICATE_HASH_VALUE
1366#define SSL_AD_UNKNOWN_PSK_IDENTITY TLS1_AD_UNKNOWN_PSK_IDENTITY /* fatal */
1367#define SSL_AD_INAPPROPRIATE_FALLBACK TLS1_AD_INAPPROPRIATE_FALLBACK /* fatal */
1368
1369#define SSL_ERROR_NONE 0
1370#define SSL_ERROR_SSL 1
1371#define SSL_ERROR_WANT_READ 2
1372#define SSL_ERROR_WANT_WRITE 3
1373#define SSL_ERROR_WANT_X509_LOOKUP 4
1374#define SSL_ERROR_SYSCALL 5 /* look at error stack/return value/errno */
1375#define SSL_ERROR_ZERO_RETURN 6
1376#define SSL_ERROR_WANT_CONNECT 7
1377#define SSL_ERROR_WANT_ACCEPT 8
1378
1379#define SSL_CTRL_NEED_TMP_RSA 1
1380#define SSL_CTRL_SET_TMP_RSA 2
1381#define SSL_CTRL_SET_TMP_DH 3
1382#define SSL_CTRL_SET_TMP_ECDH 4
1383#define SSL_CTRL_SET_TMP_RSA_CB 5
1384#define SSL_CTRL_SET_TMP_DH_CB 6
1385#define SSL_CTRL_SET_TMP_ECDH_CB 7
1386
1387#define SSL_CTRL_GET_SESSION_REUSED 8
1388#define SSL_CTRL_GET_CLIENT_CERT_REQUEST 9
1389#define SSL_CTRL_GET_NUM_RENEGOTIATIONS 10
1390#define SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS 11
1391#define SSL_CTRL_GET_TOTAL_RENEGOTIATIONS 12
1392#define SSL_CTRL_GET_FLAGS 13
1393#define SSL_CTRL_EXTRA_CHAIN_CERT 14
1394
1395#define SSL_CTRL_SET_MSG_CALLBACK 15
1396#define SSL_CTRL_SET_MSG_CALLBACK_ARG 16
1397
1398/* only applies to datagram connections */
1399#define SSL_CTRL_SET_MTU 17
1400/* Stats */
1401#define SSL_CTRL_SESS_NUMBER 20
1402#define SSL_CTRL_SESS_CONNECT 21
1403#define SSL_CTRL_SESS_CONNECT_GOOD 22
1404#define SSL_CTRL_SESS_CONNECT_RENEGOTIATE 23
1405#define SSL_CTRL_SESS_ACCEPT 24
1406#define SSL_CTRL_SESS_ACCEPT_GOOD 25
1407#define SSL_CTRL_SESS_ACCEPT_RENEGOTIATE 26
1408#define SSL_CTRL_SESS_HIT 27
1409#define SSL_CTRL_SESS_CB_HIT 28
1410#define SSL_CTRL_SESS_MISSES 29
1411#define SSL_CTRL_SESS_TIMEOUTS 30
1412#define SSL_CTRL_SESS_CACHE_FULL 31
1413#define SSL_CTRL_OPTIONS 32
1414#define SSL_CTRL_MODE 33
1415
1416#define SSL_CTRL_GET_READ_AHEAD 40
1417#define SSL_CTRL_SET_READ_AHEAD 41
1418#define SSL_CTRL_SET_SESS_CACHE_SIZE 42
1419#define SSL_CTRL_GET_SESS_CACHE_SIZE 43
1420#define SSL_CTRL_SET_SESS_CACHE_MODE 44
1421#define SSL_CTRL_GET_SESS_CACHE_MODE 45
1422
1423#define SSL_CTRL_GET_MAX_CERT_LIST 50
1424#define SSL_CTRL_SET_MAX_CERT_LIST 51
1425
1426#define SSL_CTRL_SET_MAX_SEND_FRAGMENT 52
1427
1428/* see tls1.h for macros based on these */
1429#define SSL_CTRL_SET_TLSEXT_SERVERNAME_CB 53
1430#define SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG 54
1431#define SSL_CTRL_SET_TLSEXT_HOSTNAME 55
1432#define SSL_CTRL_SET_TLSEXT_DEBUG_CB 56
1433#define SSL_CTRL_SET_TLSEXT_DEBUG_ARG 57
1434#define SSL_CTRL_GET_TLSEXT_TICKET_KEYS 58
1435#define SSL_CTRL_SET_TLSEXT_TICKET_KEYS 59
1436#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB 63
1437#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG 64
1438#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE 65
1439#define SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS 66
1440#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS 67
1441#define SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS 68
1442#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS 69
1443#define SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP 70
1444#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP 71
1445
1446#define SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB 72
1447
1448#define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB 75
1449#define SSL_CTRL_SET_SRP_VERIFY_PARAM_CB 76
1450#define SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB 77
1451
1452#define SSL_CTRL_SET_SRP_ARG 78
1453#define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME 79
1454#define SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH 80
1455#define SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD 81
1456
1457#define DTLS_CTRL_GET_TIMEOUT 73
1458#define DTLS_CTRL_HANDLE_TIMEOUT 74
1459#define DTLS_CTRL_LISTEN 75
1460
1461#define SSL_CTRL_GET_RI_SUPPORT 76
1462#define SSL_CTRL_CLEAR_OPTIONS 77
1463#define SSL_CTRL_CLEAR_MODE 78
1464
1465#define SSL_CTRL_GET_EXTRA_CHAIN_CERTS 82
1466#define SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS 83
1467
1468#define SSL_CTRL_SET_ECDH_AUTO 94
1469
1470#define SSL_CTRL_SET_DH_AUTO 118
1471
1472#define DTLSv1_get_timeout(ssl, arg) \
1473 SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg)
1474#define DTLSv1_handle_timeout(ssl) \
1475 SSL_ctrl(ssl,DTLS_CTRL_HANDLE_TIMEOUT,0, NULL)
1476#define DTLSv1_listen(ssl, peer) \
1477 SSL_ctrl(ssl,DTLS_CTRL_LISTEN,0, (void *)peer)
1478
1479#define SSL_session_reused(ssl) \
1480 SSL_ctrl((ssl),SSL_CTRL_GET_SESSION_REUSED,0,NULL)
1481#define SSL_num_renegotiations(ssl) \
1482 SSL_ctrl((ssl),SSL_CTRL_GET_NUM_RENEGOTIATIONS,0,NULL)
1483#define SSL_clear_num_renegotiations(ssl) \
1484 SSL_ctrl((ssl),SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS,0,NULL)
1485#define SSL_total_renegotiations(ssl) \
1486 SSL_ctrl((ssl),SSL_CTRL_GET_TOTAL_RENEGOTIATIONS,0,NULL)
1487
1488#define SSL_CTX_need_tmp_RSA(ctx) \
1489 SSL_CTX_ctrl(ctx,SSL_CTRL_NEED_TMP_RSA,0,NULL)
1490#define SSL_CTX_set_tmp_rsa(ctx,rsa) \
1491 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_RSA,0,(char *)rsa)
1492#define SSL_CTX_set_tmp_dh(ctx,dh) \
1493 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH,0,(char *)dh)
1494#define SSL_CTX_set_tmp_ecdh(ctx,ecdh) \
1495 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_ECDH,0,(char *)ecdh)
1496#define SSL_CTX_set_dh_auto(ctx, onoff) \
1497 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_DH_AUTO,onoff,NULL)
1498#define SSL_CTX_set_ecdh_auto(ctx, onoff) \
1499 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_ECDH_AUTO,onoff,NULL)
1500
1501#define SSL_need_tmp_RSA(ssl) \
1502 SSL_ctrl(ssl,SSL_CTRL_NEED_TMP_RSA,0,NULL)
1503#define SSL_set_tmp_rsa(ssl,rsa) \
1504 SSL_ctrl(ssl,SSL_CTRL_SET_TMP_RSA,0,(char *)rsa)
1505#define SSL_set_tmp_dh(ssl,dh) \
1506 SSL_ctrl(ssl,SSL_CTRL_SET_TMP_DH,0,(char *)dh)
1507#define SSL_set_tmp_ecdh(ssl,ecdh) \
1508 SSL_ctrl(ssl,SSL_CTRL_SET_TMP_ECDH,0,(char *)ecdh)
1509#define SSL_set_dh_auto(s, onoff) \
1510 SSL_ctrl(s,SSL_CTRL_SET_DH_AUTO,onoff,NULL)
1511#define SSL_set_ecdh_auto(s, onoff) \
1512 SSL_ctrl(s,SSL_CTRL_SET_ECDH_AUTO,onoff,NULL)
1513
1514#define SSL_CTX_add_extra_chain_cert(ctx,x509) \
1515 SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)x509)
1516#define SSL_CTX_get_extra_chain_certs(ctx,px509) \
1517 SSL_CTX_ctrl(ctx,SSL_CTRL_GET_EXTRA_CHAIN_CERTS,0,px509)
1518#define SSL_CTX_clear_extra_chain_certs(ctx) \
1519 SSL_CTX_ctrl(ctx,SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS,0,NULL)
1520
1521#ifndef OPENSSL_NO_BIO
1522BIO_METHOD *BIO_f_ssl(void);
1523BIO *BIO_new_ssl(SSL_CTX *ctx, int client);
1524BIO *BIO_new_ssl_connect(SSL_CTX *ctx);
1525BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx);
1526int BIO_ssl_copy_session_id(BIO *to, BIO *from);
1527void BIO_ssl_shutdown(BIO *ssl_bio);
1528#endif
1529
1530int SSL_CTX_set_cipher_list(SSL_CTX *, const char *str);
1531SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth);
1532void SSL_CTX_free(SSL_CTX *);
1533long SSL_CTX_set_timeout(SSL_CTX *ctx, long t);
1534long SSL_CTX_get_timeout(const SSL_CTX *ctx);
1535X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *);
1536void SSL_CTX_set_cert_store(SSL_CTX *, X509_STORE *);
1537int SSL_want(const SSL *s);
1538int SSL_clear(SSL *s);
1539
1540void SSL_CTX_flush_sessions(SSL_CTX *ctx, long tm);
1541
1542const SSL_CIPHER *SSL_get_current_cipher(const SSL *s);
1543const SSL_CIPHER *SSL_CIPHER_get_by_id(unsigned int id);
1544const SSL_CIPHER *SSL_CIPHER_get_by_value(uint16_t value);
1545int SSL_CIPHER_get_bits(const SSL_CIPHER *c, int *alg_bits);
1546char * SSL_CIPHER_get_version(const SSL_CIPHER *c);
1547const char * SSL_CIPHER_get_name(const SSL_CIPHER *c);
1548unsigned long SSL_CIPHER_get_id(const SSL_CIPHER *c);
1549uint16_t SSL_CIPHER_get_value(const SSL_CIPHER *c);
1550
1551int SSL_get_fd(const SSL *s);
1552int SSL_get_rfd(const SSL *s);
1553int SSL_get_wfd(const SSL *s);
1554const char * SSL_get_cipher_list(const SSL *s, int n);
1555char * SSL_get_shared_ciphers(const SSL *s, char *buf, int len);
1556int SSL_get_read_ahead(const SSL * s);
1557int SSL_pending(const SSL *s);
1558int SSL_set_fd(SSL *s, int fd);
1559int SSL_set_rfd(SSL *s, int fd);
1560int SSL_set_wfd(SSL *s, int fd);
1561#ifndef OPENSSL_NO_BIO
1562void SSL_set_bio(SSL *s, BIO *rbio, BIO *wbio);
1563BIO * SSL_get_rbio(const SSL *s);
1564BIO * SSL_get_wbio(const SSL *s);
1565#endif
1566int SSL_set_cipher_list(SSL *s, const char *str);
1567void SSL_set_read_ahead(SSL *s, int yes);
1568int SSL_get_verify_mode(const SSL *s);
1569int SSL_get_verify_depth(const SSL *s);
1570int (*SSL_get_verify_callback(const SSL *s))(int, X509_STORE_CTX *);
1571void SSL_set_verify(SSL *s, int mode,
1572 int (*callback)(int ok, X509_STORE_CTX *ctx));
1573void SSL_set_verify_depth(SSL *s, int depth);
1574int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
1575int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
1576int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
1577int SSL_use_PrivateKey_ASN1(int pk, SSL *ssl, const unsigned char *d, long len);
1578int SSL_use_certificate(SSL *ssl, X509 *x);
1579int SSL_use_certificate_ASN1(SSL *ssl, const unsigned char *d, int len);
1580
1581int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);
1582int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type);
1583int SSL_use_certificate_file(SSL *ssl, const char *file, int type);
1584int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type);
1585int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type);
1586int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type);
1587int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file); /* PEM type */
1588int SSL_CTX_use_certificate_chain_mem(SSL_CTX *ctx, void *buf, int len);
1589STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file);
1590int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
1591 const char *file);
1592int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
1593 const char *dir);
1594
1595void SSL_load_error_strings(void );
1596const char *SSL_state_string(const SSL *s);
1597const char *SSL_rstate_string(const SSL *s);
1598const char *SSL_state_string_long(const SSL *s);
1599const char *SSL_rstate_string_long(const SSL *s);
1600long SSL_SESSION_get_time(const SSL_SESSION *s);
1601long SSL_SESSION_set_time(SSL_SESSION *s, long t);
1602long SSL_SESSION_get_timeout(const SSL_SESSION *s);
1603long SSL_SESSION_set_timeout(SSL_SESSION *s, long t);
1604void SSL_copy_session_id(SSL *to, const SSL *from);
1605X509 *SSL_SESSION_get0_peer(SSL_SESSION *s);
1606int
1607SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx,
1608unsigned int sid_ctx_len);
1609
1610SSL_SESSION *SSL_SESSION_new(void);
1611const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s,
1612 unsigned int *len);
1613unsigned int SSL_SESSION_get_compress_id(const SSL_SESSION *s);
1614int SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *ses);
1615#ifndef OPENSSL_NO_BIO
1616int SSL_SESSION_print(BIO *fp, const SSL_SESSION *ses);
1617#endif
1618void SSL_SESSION_free(SSL_SESSION *ses);
1619int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp);
1620int SSL_set_session(SSL *to, SSL_SESSION *session);
1621int SSL_CTX_add_session(SSL_CTX *s, SSL_SESSION *c);
1622int SSL_CTX_remove_session(SSL_CTX *, SSL_SESSION *c);
1623int SSL_CTX_set_generate_session_id(SSL_CTX *, GEN_SESSION_CB);
1624int SSL_set_generate_session_id(SSL *, GEN_SESSION_CB);
1625int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
1626 unsigned int id_len);
1627SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
1628 long length);
1629
1630#ifdef HEADER_X509_H
1631X509 * SSL_get_peer_certificate(const SSL *s);
1632#endif
1633
1634STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *s);
1635
1636int SSL_CTX_get_verify_mode(const SSL_CTX *ctx);
1637int SSL_CTX_get_verify_depth(const SSL_CTX *ctx);
1638int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))(int, X509_STORE_CTX *);
1639void SSL_CTX_set_verify(SSL_CTX *ctx, int mode,
1640 int (*callback)(int, X509_STORE_CTX *));
1641void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth);
1642void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, int (*cb)(X509_STORE_CTX *, void *), void *arg);
1643int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
1644int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, const unsigned char *d, long len);
1645int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
1646int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx, const unsigned char *d, long len);
1647int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
1648int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, const unsigned char *d);
1649
1650void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb);
1651void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u);
1652
1653int SSL_CTX_check_private_key(const SSL_CTX *ctx);
1654int SSL_check_private_key(const SSL *ctx);
1655
1656int SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx, unsigned int sid_ctx_len);
1657
1658SSL *SSL_new(SSL_CTX *ctx);
1659int SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx, unsigned int sid_ctx_len);
1660
1661int SSL_CTX_set_purpose(SSL_CTX *s, int purpose);
1662int SSL_set_purpose(SSL *s, int purpose);
1663int SSL_CTX_set_trust(SSL_CTX *s, int trust);
1664int SSL_set_trust(SSL *s, int trust);
1665
1666int SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm);
1667int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm);
1668
1669
1670void SSL_free(SSL *ssl);
1671int SSL_accept(SSL *ssl);
1672int SSL_connect(SSL *ssl);
1673int SSL_read(SSL *ssl, void *buf, int num);
1674int SSL_peek(SSL *ssl, void *buf, int num);
1675int SSL_write(SSL *ssl, const void *buf, int num);
1676long SSL_ctrl(SSL *ssl, int cmd, long larg, void *parg);
1677long SSL_callback_ctrl(SSL *, int, void (*)(void));
1678long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg);
1679long SSL_CTX_callback_ctrl(SSL_CTX *, int, void (*)(void));
1680
1681int SSL_get_error(const SSL *s, int ret_code);
1682const char *SSL_get_version(const SSL *s);
1683
1684/* This sets the 'default' SSL version that SSL_new() will create */
1685int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth);
1686
1687const SSL_METHOD *SSLv3_method(void); /* SSLv3 */
1688const SSL_METHOD *SSLv3_server_method(void); /* SSLv3 */
1689const SSL_METHOD *SSLv3_client_method(void); /* SSLv3 */
1690
1691const SSL_METHOD *SSLv23_method(void); /* SSLv3 or TLSv1.* */
1692const SSL_METHOD *SSLv23_server_method(void); /* SSLv3 or TLSv1.* */
1693const SSL_METHOD *SSLv23_client_method(void); /* SSLv3 or TLSv1.* */
1694
1695const SSL_METHOD *TLSv1_method(void); /* TLSv1.0 */
1696const SSL_METHOD *TLSv1_server_method(void); /* TLSv1.0 */
1697const SSL_METHOD *TLSv1_client_method(void); /* TLSv1.0 */
1698
1699const SSL_METHOD *TLSv1_1_method(void); /* TLSv1.1 */
1700const SSL_METHOD *TLSv1_1_server_method(void); /* TLSv1.1 */
1701const SSL_METHOD *TLSv1_1_client_method(void); /* TLSv1.1 */
1702
1703const SSL_METHOD *TLSv1_2_method(void); /* TLSv1.2 */
1704const SSL_METHOD *TLSv1_2_server_method(void); /* TLSv1.2 */
1705const SSL_METHOD *TLSv1_2_client_method(void); /* TLSv1.2 */
1706
1707
1708const SSL_METHOD *DTLSv1_method(void); /* DTLSv1.0 */
1709const SSL_METHOD *DTLSv1_server_method(void); /* DTLSv1.0 */
1710const SSL_METHOD *DTLSv1_client_method(void); /* DTLSv1.0 */
1711
1712STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s);
1713
1714int SSL_do_handshake(SSL *s);
1715int SSL_renegotiate(SSL *s);
1716int SSL_renegotiate_abbreviated(SSL *s);
1717int SSL_renegotiate_pending(SSL *s);
1718int SSL_shutdown(SSL *s);
1719
1720const SSL_METHOD *SSL_get_ssl_method(SSL *s);
1721int SSL_set_ssl_method(SSL *s, const SSL_METHOD *method);
1722const char *SSL_alert_type_string_long(int value);
1723const char *SSL_alert_type_string(int value);
1724const char *SSL_alert_desc_string_long(int value);
1725const char *SSL_alert_desc_string(int value);
1726
1727void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *name_list);
1728void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *name_list);
1729STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *s);
1730STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *s);
1731int SSL_add_client_CA(SSL *ssl, X509 *x);
1732int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x);
1733
1734void SSL_set_connect_state(SSL *s);
1735void SSL_set_accept_state(SSL *s);
1736
1737long SSL_get_default_timeout(const SSL *s);
1738
1739int SSL_library_init(void );
1740
1741char *SSL_CIPHER_description(const SSL_CIPHER *, char *buf, int size);
1742STACK_OF(X509_NAME) *SSL_dup_CA_list(STACK_OF(X509_NAME) *sk);
1743
1744SSL *SSL_dup(SSL *ssl);
1745
1746X509 *SSL_get_certificate(const SSL *ssl);
1747/* EVP_PKEY */ struct evp_pkey_st *SSL_get_privatekey(SSL *ssl);
1748
1749void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx,int mode);
1750int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx);
1751void SSL_set_quiet_shutdown(SSL *ssl,int mode);
1752int SSL_get_quiet_shutdown(const SSL *ssl);
1753void SSL_set_shutdown(SSL *ssl,int mode);
1754int SSL_get_shutdown(const SSL *ssl);
1755int SSL_version(const SSL *ssl);
1756int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx);
1757int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
1758 const char *CApath);
1759int SSL_CTX_load_verify_mem(SSL_CTX *ctx, void *buf, int len);
1760#define SSL_get0_session SSL_get_session /* just peek at pointer */
1761SSL_SESSION *SSL_get_session(const SSL *ssl);
1762SSL_SESSION *SSL_get1_session(SSL *ssl); /* obtain a reference count */
1763SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl);
1764SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX* ctx);
1765void SSL_set_info_callback(SSL *ssl,
1766 void (*cb)(const SSL *ssl, int type, int val));
1767void (*SSL_get_info_callback(const SSL *ssl))(const SSL *ssl, int type, int val);
1768int SSL_state(const SSL *ssl);
1769void SSL_set_state(SSL *ssl, int state);
1770
1771void SSL_set_verify_result(SSL *ssl, long v);
1772long SSL_get_verify_result(const SSL *ssl);
1773
1774int SSL_set_ex_data(SSL *ssl, int idx, void *data);
1775void *SSL_get_ex_data(const SSL *ssl, int idx);
1776int SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
1777 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
1778
1779int SSL_SESSION_set_ex_data(SSL_SESSION *ss, int idx, void *data);
1780void *SSL_SESSION_get_ex_data(const SSL_SESSION *ss, int idx);
1781int SSL_SESSION_get_ex_new_index(long argl, void *argp,
1782 CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func,
1783 CRYPTO_EX_free *free_func);
1784
1785int SSL_CTX_set_ex_data(SSL_CTX *ssl, int idx, void *data);
1786void *SSL_CTX_get_ex_data(const SSL_CTX *ssl, int idx);
1787int SSL_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
1788 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
1789
1790int SSL_get_ex_data_X509_STORE_CTX_idx(void );
1791
1792#define SSL_CTX_sess_set_cache_size(ctx,t) \
1793 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_SIZE,t,NULL)
1794#define SSL_CTX_sess_get_cache_size(ctx) \
1795 SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_SIZE,0,NULL)
1796#define SSL_CTX_set_session_cache_mode(ctx,m) \
1797 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_MODE,m,NULL)
1798#define SSL_CTX_get_session_cache_mode(ctx) \
1799 SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_MODE,0,NULL)
1800
1801#define SSL_CTX_get_default_read_ahead(ctx) SSL_CTX_get_read_ahead(ctx)
1802#define SSL_CTX_set_default_read_ahead(ctx,m) SSL_CTX_set_read_ahead(ctx,m)
1803#define SSL_CTX_get_read_ahead(ctx) \
1804 SSL_CTX_ctrl(ctx,SSL_CTRL_GET_READ_AHEAD,0,NULL)
1805#define SSL_CTX_set_read_ahead(ctx,m) \
1806 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_READ_AHEAD,m,NULL)
1807#define SSL_CTX_get_max_cert_list(ctx) \
1808 SSL_CTX_ctrl(ctx,SSL_CTRL_GET_MAX_CERT_LIST,0,NULL)
1809#define SSL_CTX_set_max_cert_list(ctx,m) \
1810 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_MAX_CERT_LIST,m,NULL)
1811#define SSL_get_max_cert_list(ssl) \
1812 SSL_ctrl(ssl,SSL_CTRL_GET_MAX_CERT_LIST,0,NULL)
1813#define SSL_set_max_cert_list(ssl,m) \
1814 SSL_ctrl(ssl,SSL_CTRL_SET_MAX_CERT_LIST,m,NULL)
1815
1816#define SSL_CTX_set_max_send_fragment(ctx,m) \
1817 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_MAX_SEND_FRAGMENT,m,NULL)
1818#define SSL_set_max_send_fragment(ssl,m) \
1819 SSL_ctrl(ssl,SSL_CTRL_SET_MAX_SEND_FRAGMENT,m,NULL)
1820
1821/* NB: the keylength is only applicable when is_export is true */
1822void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx,
1823 RSA *(*cb)(SSL *ssl, int is_export, int keylength));
1824
1825void SSL_set_tmp_rsa_callback(SSL *ssl,
1826 RSA *(*cb)(SSL *ssl, int is_export, int keylength));
1827void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
1828 DH *(*dh)(SSL *ssl, int is_export, int keylength));
1829void SSL_set_tmp_dh_callback(SSL *ssl,
1830 DH *(*dh)(SSL *ssl, int is_export, int keylength));
1831void SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx,
1832 EC_KEY *(*ecdh)(SSL *ssl, int is_export, int keylength));
1833void SSL_set_tmp_ecdh_callback(SSL *ssl,
1834 EC_KEY *(*ecdh)(SSL *ssl, int is_export, int keylength));
1835
1836const void *SSL_get_current_compression(SSL *s);
1837const void *SSL_get_current_expansion(SSL *s);
1838
1839const char *SSL_COMP_get_name(const void *comp);
1840void *SSL_COMP_get_compression_methods(void);
1841int SSL_COMP_add_compression_method(int id, void *cm);
1842
1843/* TLS extensions functions */
1844int SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len);
1845
1846int SSL_set_session_ticket_ext_cb(SSL *s,
1847 tls_session_ticket_ext_cb_fn cb, void *arg);
1848
1849/* Pre-shared secret session resumption functions */
1850int SSL_set_session_secret_cb(SSL *s,
1851 tls_session_secret_cb_fn tls_session_secret_cb, void *arg);
1852
1853void SSL_set_debug(SSL *s, int debug);
1854int SSL_cache_hit(SSL *s);
1855
1856/* BEGIN ERROR CODES */
1857/* The following lines are auto generated by the script mkerr.pl. Any changes
1858 * made after this point may be overwritten when the script is next run.
1859 */
1860void ERR_load_SSL_strings(void);
1861
1862/* Error codes for the SSL functions. */
1863
1864/* Function codes. */
1865#define SSL_F_CLIENT_CERTIFICATE 100
1866#define SSL_F_CLIENT_FINISHED 167
1867#define SSL_F_CLIENT_HELLO 101
1868#define SSL_F_CLIENT_MASTER_KEY 102
1869#define SSL_F_D2I_SSL_SESSION 103
1870#define SSL_F_DO_DTLS1_WRITE 245
1871#define SSL_F_DO_SSL3_WRITE 104
1872#define SSL_F_DTLS1_ACCEPT 246
1873#define SSL_F_DTLS1_ADD_CERT_TO_BUF 295
1874#define SSL_F_DTLS1_BUFFER_RECORD 247
1875#define SSL_F_DTLS1_CHECK_TIMEOUT_NUM 316
1876#define SSL_F_DTLS1_CLIENT_HELLO 248
1877#define SSL_F_DTLS1_CONNECT 249
1878#define SSL_F_DTLS1_ENC 250
1879#define SSL_F_DTLS1_GET_HELLO_VERIFY 251
1880#define SSL_F_DTLS1_GET_MESSAGE 252
1881#define SSL_F_DTLS1_GET_MESSAGE_FRAGMENT 253
1882#define SSL_F_DTLS1_GET_RECORD 254
1883#define SSL_F_DTLS1_HANDLE_TIMEOUT 297
1884#define SSL_F_DTLS1_HEARTBEAT 305
1885#define SSL_F_DTLS1_OUTPUT_CERT_CHAIN 255
1886#define SSL_F_DTLS1_PREPROCESS_FRAGMENT 288
1887#define SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE 256
1888#define SSL_F_DTLS1_PROCESS_RECORD 257
1889#define SSL_F_DTLS1_READ_BYTES 258
1890#define SSL_F_DTLS1_READ_FAILED 259
1891#define SSL_F_DTLS1_SEND_CERTIFICATE_REQUEST 260
1892#define SSL_F_DTLS1_SEND_CLIENT_CERTIFICATE 261
1893#define SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE 262
1894#define SSL_F_DTLS1_SEND_CLIENT_VERIFY 263
1895#define SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST 264
1896#define SSL_F_DTLS1_SEND_SERVER_CERTIFICATE 265
1897#define SSL_F_DTLS1_SEND_SERVER_HELLO 266
1898#define SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE 267
1899#define SSL_F_DTLS1_WRITE_APP_DATA_BYTES 268
1900#define SSL_F_GET_CLIENT_FINISHED 105
1901#define SSL_F_GET_CLIENT_HELLO 106
1902#define SSL_F_GET_CLIENT_MASTER_KEY 107
1903#define SSL_F_GET_SERVER_FINISHED 108
1904#define SSL_F_GET_SERVER_HELLO 109
1905#define SSL_F_GET_SERVER_VERIFY 110
1906#define SSL_F_I2D_SSL_SESSION 111
1907#define SSL_F_READ_N 112
1908#define SSL_F_REQUEST_CERTIFICATE 113
1909#define SSL_F_SERVER_FINISH 239
1910#define SSL_F_SERVER_HELLO 114
1911#define SSL_F_SERVER_VERIFY 240
1912#define SSL_F_SSL23_ACCEPT 115
1913#define SSL_F_SSL23_CLIENT_HELLO 116
1914#define SSL_F_SSL23_CONNECT 117
1915#define SSL_F_SSL23_GET_CLIENT_HELLO 118
1916#define SSL_F_SSL23_GET_SERVER_HELLO 119
1917#define SSL_F_SSL23_PEEK 237
1918#define SSL_F_SSL23_READ 120
1919#define SSL_F_SSL23_WRITE 121
1920#define SSL_F_SSL2_ACCEPT 122
1921#define SSL_F_SSL2_CONNECT 123
1922#define SSL_F_SSL2_ENC_INIT 124
1923#define SSL_F_SSL2_GENERATE_KEY_MATERIAL 241
1924#define SSL_F_SSL2_PEEK 234
1925#define SSL_F_SSL2_READ 125
1926#define SSL_F_SSL2_READ_INTERNAL 236
1927#define SSL_F_SSL2_SET_CERTIFICATE 126
1928#define SSL_F_SSL2_WRITE 127
1929#define SSL_F_SSL3_ACCEPT 128
1930#define SSL_F_SSL3_ADD_CERT_TO_BUF 296
1931#define SSL_F_SSL3_CALLBACK_CTRL 233
1932#define SSL_F_SSL3_CHANGE_CIPHER_STATE 129
1933#define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM 130
1934#define SSL_F_SSL3_CHECK_CLIENT_HELLO 304
1935#define SSL_F_SSL3_CLIENT_HELLO 131
1936#define SSL_F_SSL3_CONNECT 132
1937#define SSL_F_SSL3_CTRL 213
1938#define SSL_F_SSL3_CTX_CTRL 133
1939#define SSL_F_SSL3_DIGEST_CACHED_RECORDS 293
1940#define SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC 292
1941#define SSL_F_SSL3_ENC 134
1942#define SSL_F_SSL3_GENERATE_KEY_BLOCK 238
1943#define SSL_F_SSL3_GET_CERTIFICATE_REQUEST 135
1944#define SSL_F_SSL3_GET_CERT_STATUS 289
1945#define SSL_F_SSL3_GET_CERT_VERIFY 136
1946#define SSL_F_SSL3_GET_CLIENT_CERTIFICATE 137
1947#define SSL_F_SSL3_GET_CLIENT_HELLO 138
1948#define SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE 139
1949#define SSL_F_SSL3_GET_FINISHED 140
1950#define SSL_F_SSL3_GET_KEY_EXCHANGE 141
1951#define SSL_F_SSL3_GET_MESSAGE 142
1952#define SSL_F_SSL3_GET_NEW_SESSION_TICKET 283
1953#define SSL_F_SSL3_GET_NEXT_PROTO 306
1954#define SSL_F_SSL3_GET_RECORD 143
1955#define SSL_F_SSL3_GET_SERVER_CERTIFICATE 144
1956#define SSL_F_SSL3_GET_SERVER_DONE 145
1957#define SSL_F_SSL3_GET_SERVER_HELLO 146
1958#define SSL_F_SSL3_HANDSHAKE_MAC 285
1959#define SSL_F_SSL3_NEW_SESSION_TICKET 287
1960#define SSL_F_SSL3_OUTPUT_CERT_CHAIN 147
1961#define SSL_F_SSL3_PEEK 235
1962#define SSL_F_SSL3_READ_BYTES 148
1963#define SSL_F_SSL3_READ_N 149
1964#define SSL_F_SSL3_SEND_CERTIFICATE_REQUEST 150
1965#define SSL_F_SSL3_SEND_CLIENT_CERTIFICATE 151
1966#define SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE 152
1967#define SSL_F_SSL3_SEND_CLIENT_VERIFY 153
1968#define SSL_F_SSL3_SEND_SERVER_CERTIFICATE 154
1969#define SSL_F_SSL3_SEND_SERVER_HELLO 242
1970#define SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE 155
1971#define SSL_F_SSL3_SETUP_KEY_BLOCK 157
1972#define SSL_F_SSL3_SETUP_READ_BUFFER 156
1973#define SSL_F_SSL3_SETUP_WRITE_BUFFER 291
1974#define SSL_F_SSL3_WRITE_BYTES 158
1975#define SSL_F_SSL3_WRITE_PENDING 159
1976#define SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT 298
1977#define SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT 277
1978#define SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT 307
1979#define SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK 215
1980#define SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK 216
1981#define SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT 299
1982#define SSL_F_SSL_ADD_SERVERHELLO_TLSEXT 278
1983#define SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT 308
1984#define SSL_F_SSL_BAD_METHOD 160
1985#define SSL_F_SSL_BYTES_TO_CIPHER_LIST 161
1986#define SSL_F_SSL_CERT_DUP 221
1987#define SSL_F_SSL_CERT_INST 222
1988#define SSL_F_SSL_CERT_INSTANTIATE 214
1989#define SSL_F_SSL_CERT_NEW 162
1990#define SSL_F_SSL_CHECK_PRIVATE_KEY 163
1991#define SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT 280
1992#define SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG 279
1993#define SSL_F_SSL_CIPHER_PROCESS_RULESTR 230
1994#define SSL_F_SSL_CIPHER_STRENGTH_SORT 231
1995#define SSL_F_SSL_CLEAR 164
1996#define SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD 165
1997#define SSL_F_SSL_CREATE_CIPHER_LIST 166
1998#define SSL_F_SSL_CTRL 232
1999#define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY 168
2000#define SSL_F_SSL_CTX_MAKE_PROFILES 309
2001#define SSL_F_SSL_CTX_NEW 169
2002#define SSL_F_SSL_CTX_SET_CIPHER_LIST 269
2003#define SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE 290
2004#define SSL_F_SSL_CTX_SET_PURPOSE 226
2005#define SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT 219
2006#define SSL_F_SSL_CTX_SET_SSL_VERSION 170
2007#define SSL_F_SSL_CTX_SET_TRUST 229
2008#define SSL_F_SSL_CTX_USE_CERTIFICATE 171
2009#define SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1 172
2010#define SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE 220
2011#define SSL_F_SSL_CTX_USE_CERTIFICATE_FILE 173
2012#define SSL_F_SSL_CTX_USE_PRIVATEKEY 174
2013#define SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1 175
2014#define SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE 176
2015#define SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT 272
2016#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY 177
2017#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1 178
2018#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE 179
2019#define SSL_F_SSL_DO_HANDSHAKE 180
2020#define SSL_F_SSL_GET_NEW_SESSION 181
2021#define SSL_F_SSL_GET_PREV_SESSION 217
2022#define SSL_F_SSL_GET_SERVER_SEND_CERT 182
2023#define SSL_F_SSL_GET_SERVER_SEND_PKEY 317
2024#define SSL_F_SSL_GET_SIGN_PKEY 183
2025#define SSL_F_SSL_INIT_WBIO_BUFFER 184
2026#define SSL_F_SSL_LOAD_CLIENT_CA_FILE 185
2027#define SSL_F_SSL_NEW 186
2028#define SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT 300
2029#define SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT 302
2030#define SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT 310
2031#define SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT 301
2032#define SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT 303
2033#define SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT 311
2034#define SSL_F_SSL_PEEK 270
2035#define SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT 281
2036#define SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT 282
2037#define SSL_F_SSL_READ 223
2038#define SSL_F_SSL_RSA_PRIVATE_DECRYPT 187
2039#define SSL_F_SSL_RSA_PUBLIC_ENCRYPT 188
2040#define SSL_F_SSL_SESSION_NEW 189
2041#define SSL_F_SSL_SESSION_PRINT_FP 190
2042#define SSL_F_SSL_SESSION_SET1_ID_CONTEXT 312
2043#define SSL_F_SSL_SESS_CERT_NEW 225
2044#define SSL_F_SSL_SET_CERT 191
2045#define SSL_F_SSL_SET_CIPHER_LIST 271
2046#define SSL_F_SSL_SET_FD 192
2047#define SSL_F_SSL_SET_PKEY 193
2048#define SSL_F_SSL_SET_PURPOSE 227
2049#define SSL_F_SSL_SET_RFD 194
2050#define SSL_F_SSL_SET_SESSION 195
2051#define SSL_F_SSL_SET_SESSION_ID_CONTEXT 218
2052#define SSL_F_SSL_SET_SESSION_TICKET_EXT 294
2053#define SSL_F_SSL_SET_TRUST 228
2054#define SSL_F_SSL_SET_WFD 196
2055#define SSL_F_SSL_SHUTDOWN 224
2056#define SSL_F_SSL_SRP_CTX_INIT 313
2057#define SSL_F_SSL_UNDEFINED_CONST_FUNCTION 243
2058#define SSL_F_SSL_UNDEFINED_FUNCTION 197
2059#define SSL_F_SSL_UNDEFINED_VOID_FUNCTION 244
2060#define SSL_F_SSL_USE_CERTIFICATE 198
2061#define SSL_F_SSL_USE_CERTIFICATE_ASN1 199
2062#define SSL_F_SSL_USE_CERTIFICATE_FILE 200
2063#define SSL_F_SSL_USE_PRIVATEKEY 201
2064#define SSL_F_SSL_USE_PRIVATEKEY_ASN1 202
2065#define SSL_F_SSL_USE_PRIVATEKEY_FILE 203
2066#define SSL_F_SSL_USE_PSK_IDENTITY_HINT 273
2067#define SSL_F_SSL_USE_RSAPRIVATEKEY 204
2068#define SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1 205
2069#define SSL_F_SSL_USE_RSAPRIVATEKEY_FILE 206
2070#define SSL_F_SSL_VERIFY_CERT_CHAIN 207
2071#define SSL_F_SSL_WRITE 208
2072#define SSL_F_TLS1_AEAD_CTX_INIT 339
2073#define SSL_F_TLS1_CERT_VERIFY_MAC 286
2074#define SSL_F_TLS1_CHANGE_CIPHER_STATE 209
2075#define SSL_F_TLS1_CHANGE_CIPHER_STATE_AEAD 340
2076#define SSL_F_TLS1_CHANGE_CIPHER_STATE_CIPHER 338
2077#define SSL_F_TLS1_CHECK_SERVERHELLO_TLSEXT 274
2078#define SSL_F_TLS1_ENC 210
2079#define SSL_F_TLS1_EXPORT_KEYING_MATERIAL 314
2080#define SSL_F_TLS1_HEARTBEAT 315
2081#define SSL_F_TLS1_PREPARE_CLIENTHELLO_TLSEXT 275
2082#define SSL_F_TLS1_PREPARE_SERVERHELLO_TLSEXT 276
2083#define SSL_F_TLS1_PRF 284
2084#define SSL_F_TLS1_SETUP_KEY_BLOCK 211
2085#define SSL_F_WRITE_PENDING 212
2086
2087/* Reason codes. */
2088#define SSL_R_APP_DATA_IN_HANDSHAKE 100
2089#define SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT 272
2090#define SSL_R_BAD_ALERT_RECORD 101
2091#define SSL_R_BAD_AUTHENTICATION_TYPE 102
2092#define SSL_R_BAD_CHANGE_CIPHER_SPEC 103
2093#define SSL_R_BAD_CHECKSUM 104
2094#define SSL_R_BAD_DATA_RETURNED_BY_CALLBACK 106
2095#define SSL_R_BAD_DECOMPRESSION 107
2096#define SSL_R_BAD_DH_G_LENGTH 108
2097#define SSL_R_BAD_DH_PUB_KEY_LENGTH 109
2098#define SSL_R_BAD_DH_P_LENGTH 110
2099#define SSL_R_BAD_DIGEST_LENGTH 111
2100#define SSL_R_BAD_DSA_SIGNATURE 112
2101#define SSL_R_BAD_ECC_CERT 304
2102#define SSL_R_BAD_ECDSA_SIGNATURE 305
2103#define SSL_R_BAD_ECPOINT 306
2104#define SSL_R_BAD_HANDSHAKE_LENGTH 332
2105#define SSL_R_BAD_HELLO_REQUEST 105
2106#define SSL_R_BAD_LENGTH 271
2107#define SSL_R_BAD_MAC_DECODE 113
2108#define SSL_R_BAD_MAC_LENGTH 333
2109#define SSL_R_BAD_MESSAGE_TYPE 114
2110#define SSL_R_BAD_PACKET_LENGTH 115
2111#define SSL_R_BAD_PROTOCOL_VERSION_NUMBER 116
2112#define SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH 316
2113#define SSL_R_BAD_RESPONSE_ARGUMENT 117
2114#define SSL_R_BAD_RSA_DECRYPT 118
2115#define SSL_R_BAD_RSA_ENCRYPT 119
2116#define SSL_R_BAD_RSA_E_LENGTH 120
2117#define SSL_R_BAD_RSA_MODULUS_LENGTH 121
2118#define SSL_R_BAD_RSA_SIGNATURE 122
2119#define SSL_R_BAD_SIGNATURE 123
2120#define SSL_R_BAD_SRP_A_LENGTH 347
2121#define SSL_R_BAD_SRP_B_LENGTH 348
2122#define SSL_R_BAD_SRP_G_LENGTH 349
2123#define SSL_R_BAD_SRP_N_LENGTH 350
2124#define SSL_R_BAD_SRP_S_LENGTH 351
2125#define SSL_R_BAD_SRTP_MKI_VALUE 352
2126#define SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST 353
2127#define SSL_R_BAD_SSL_FILETYPE 124
2128#define SSL_R_BAD_SSL_SESSION_ID_LENGTH 125
2129#define SSL_R_BAD_STATE 126
2130#define SSL_R_BAD_WRITE_RETRY 127
2131#define SSL_R_BIO_NOT_SET 128
2132#define SSL_R_BLOCK_CIPHER_PAD_IS_WRONG 129
2133#define SSL_R_BN_LIB 130
2134#define SSL_R_CA_DN_LENGTH_MISMATCH 131
2135#define SSL_R_CA_DN_TOO_LONG 132
2136#define SSL_R_CCS_RECEIVED_EARLY 133
2137#define SSL_R_CERTIFICATE_VERIFY_FAILED 134
2138#define SSL_R_CERT_LENGTH_MISMATCH 135
2139#define SSL_R_CHALLENGE_IS_DIFFERENT 136
2140#define SSL_R_CIPHER_CODE_WRONG_LENGTH 137
2141#define SSL_R_CIPHER_COMPRESSION_UNAVAILABLE 371
2142#define SSL_R_CIPHER_OR_HASH_UNAVAILABLE 138
2143#define SSL_R_CIPHER_TABLE_SRC_ERROR 139
2144#define SSL_R_CLIENTHELLO_TLSEXT 226
2145#define SSL_R_COMPRESSED_LENGTH_TOO_LONG 140
2146#define SSL_R_COMPRESSION_DISABLED 343
2147#define SSL_R_COMPRESSION_FAILURE 141
2148#define SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE 307
2149#define SSL_R_COMPRESSION_LIBRARY_ERROR 142
2150#define SSL_R_CONNECTION_ID_IS_DIFFERENT 143
2151#define SSL_R_CONNECTION_TYPE_NOT_SET 144
2152#define SSL_R_COOKIE_MISMATCH 308
2153#define SSL_R_DATA_BETWEEN_CCS_AND_FINISHED 145
2154#define SSL_R_DATA_LENGTH_TOO_LONG 146
2155#define SSL_R_DECRYPTION_FAILED 147
2156#define SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC 281
2157#define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG 148
2158#define SSL_R_DIGEST_CHECK_FAILED 149
2159#define SSL_R_DTLS_MESSAGE_TOO_BIG 334
2160#define SSL_R_DUPLICATE_COMPRESSION_ID 309
2161#define SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT 317
2162#define SSL_R_ECC_CERT_NOT_FOR_SIGNING 318
2163#define SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE 322
2164#define SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE 323
2165#define SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER 310
2166#define SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST 354
2167#define SSL_R_ENCRYPTED_LENGTH_TOO_LONG 150
2168#define SSL_R_ERROR_GENERATING_TMP_RSA_KEY 282
2169#define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST 151
2170#define SSL_R_EXCESSIVE_MESSAGE_SIZE 152
2171#define SSL_R_EXTRA_DATA_IN_MESSAGE 153
2172#define SSL_R_GOT_A_FIN_BEFORE_A_CCS 154
2173#define SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS 355
2174#define SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION 356
2175#define SSL_R_HTTPS_PROXY_REQUEST 155
2176#define SSL_R_HTTP_REQUEST 156
2177#define SSL_R_ILLEGAL_PADDING 283
2178#define SSL_R_INAPPROPRIATE_FALLBACK 373
2179#define SSL_R_INCONSISTENT_COMPRESSION 340
2180#define SSL_R_INVALID_CHALLENGE_LENGTH 158
2181#define SSL_R_INVALID_COMMAND 280
2182#define SSL_R_INVALID_COMPRESSION_ALGORITHM 341
2183#define SSL_R_INVALID_PURPOSE 278
2184#define SSL_R_INVALID_SRP_USERNAME 357
2185#define SSL_R_INVALID_STATUS_RESPONSE 328
2186#define SSL_R_INVALID_TICKET_KEYS_LENGTH 325
2187#define SSL_R_INVALID_TRUST 279
2188#define SSL_R_KEY_ARG_TOO_LONG 284
2189#define SSL_R_KRB5 285
2190#define SSL_R_KRB5_C_CC_PRINC 286
2191#define SSL_R_KRB5_C_GET_CRED 287
2192#define SSL_R_KRB5_C_INIT 288
2193#define SSL_R_KRB5_C_MK_REQ 289
2194#define SSL_R_KRB5_S_BAD_TICKET 290
2195#define SSL_R_KRB5_S_INIT 291
2196#define SSL_R_KRB5_S_RD_REQ 292
2197#define SSL_R_KRB5_S_TKT_EXPIRED 293
2198#define SSL_R_KRB5_S_TKT_NYV 294
2199#define SSL_R_KRB5_S_TKT_SKEW 295
2200#define SSL_R_LENGTH_MISMATCH 159
2201#define SSL_R_LENGTH_TOO_SHORT 160
2202#define SSL_R_LIBRARY_BUG 274
2203#define SSL_R_LIBRARY_HAS_NO_CIPHERS 161
2204#define SSL_R_MESSAGE_TOO_LONG 296
2205#define SSL_R_MISSING_DH_DSA_CERT 162
2206#define SSL_R_MISSING_DH_KEY 163
2207#define SSL_R_MISSING_DH_RSA_CERT 164
2208#define SSL_R_MISSING_DSA_SIGNING_CERT 165
2209#define SSL_R_MISSING_EXPORT_TMP_DH_KEY 166
2210#define SSL_R_MISSING_EXPORT_TMP_RSA_KEY 167
2211#define SSL_R_MISSING_RSA_CERTIFICATE 168
2212#define SSL_R_MISSING_RSA_ENCRYPTING_CERT 169
2213#define SSL_R_MISSING_RSA_SIGNING_CERT 170
2214#define SSL_R_MISSING_SRP_PARAM 358
2215#define SSL_R_MISSING_TMP_DH_KEY 171
2216#define SSL_R_MISSING_TMP_ECDH_KEY 311
2217#define SSL_R_MISSING_TMP_RSA_KEY 172
2218#define SSL_R_MISSING_TMP_RSA_PKEY 173
2219#define SSL_R_MISSING_VERIFY_MESSAGE 174
2220#define SSL_R_MULTIPLE_SGC_RESTARTS 346
2221#define SSL_R_NON_SSLV2_INITIAL_PACKET 175
2222#define SSL_R_NO_CERTIFICATES_RETURNED 176
2223#define SSL_R_NO_CERTIFICATE_ASSIGNED 177
2224#define SSL_R_NO_CERTIFICATE_RETURNED 178
2225#define SSL_R_NO_CERTIFICATE_SET 179
2226#define SSL_R_NO_CERTIFICATE_SPECIFIED 180
2227#define SSL_R_NO_CIPHERS_AVAILABLE 181
2228#define SSL_R_NO_CIPHERS_PASSED 182
2229#define SSL_R_NO_CIPHERS_SPECIFIED 183
2230#define SSL_R_NO_CIPHER_LIST 184
2231#define SSL_R_NO_CIPHER_MATCH 185
2232#define SSL_R_NO_CLIENT_CERT_METHOD 331
2233#define SSL_R_NO_CLIENT_CERT_RECEIVED 186
2234#define SSL_R_NO_COMPRESSION_SPECIFIED 187
2235#define SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER 330
2236#define SSL_R_NO_METHOD_SPECIFIED 188
2237#define SSL_R_NO_PRIVATEKEY 189
2238#define SSL_R_NO_PRIVATE_KEY_ASSIGNED 190
2239#define SSL_R_NO_PROTOCOLS_AVAILABLE 191
2240#define SSL_R_NO_PUBLICKEY 192
2241#define SSL_R_NO_RENEGOTIATION 339
2242#define SSL_R_NO_REQUIRED_DIGEST 324
2243#define SSL_R_NO_SHARED_CIPHER 193
2244#define SSL_R_NO_SRTP_PROFILES 359
2245#define SSL_R_NO_VERIFY_CALLBACK 194
2246#define SSL_R_NULL_SSL_CTX 195
2247#define SSL_R_NULL_SSL_METHOD_PASSED 196
2248#define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED 197
2249#define SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED 344
2250#define SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE 297
2251#define SSL_R_PACKET_LENGTH_TOO_LONG 198
2252#define SSL_R_PARSE_TLSEXT 227
2253#define SSL_R_PATH_TOO_LONG 270
2254#define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE 199
2255#define SSL_R_PEER_ERROR 200
2256#define SSL_R_PEER_ERROR_CERTIFICATE 201
2257#define SSL_R_PEER_ERROR_NO_CERTIFICATE 202
2258#define SSL_R_PEER_ERROR_NO_CIPHER 203
2259#define SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 204
2260#define SSL_R_PRE_MAC_LENGTH_TOO_LONG 205
2261#define SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS 206
2262#define SSL_R_PROTOCOL_IS_SHUTDOWN 207
2263#define SSL_R_PSK_IDENTITY_NOT_FOUND 223
2264#define SSL_R_PSK_NO_CLIENT_CB 224
2265#define SSL_R_PSK_NO_SERVER_CB 225
2266#define SSL_R_PUBLIC_KEY_ENCRYPT_ERROR 208
2267#define SSL_R_PUBLIC_KEY_IS_NOT_RSA 209
2268#define SSL_R_PUBLIC_KEY_NOT_RSA 210
2269#define SSL_R_READ_BIO_NOT_SET 211
2270#define SSL_R_READ_TIMEOUT_EXPIRED 312
2271#define SSL_R_READ_WRONG_PACKET_TYPE 212
2272#define SSL_R_RECORD_LENGTH_MISMATCH 213
2273#define SSL_R_RECORD_TOO_LARGE 214
2274#define SSL_R_RECORD_TOO_SMALL 298
2275#define SSL_R_RENEGOTIATE_EXT_TOO_LONG 335
2276#define SSL_R_RENEGOTIATION_ENCODING_ERR 336
2277#define SSL_R_RENEGOTIATION_MISMATCH 337
2278#define SSL_R_REQUIRED_CIPHER_MISSING 215
2279#define SSL_R_REQUIRED_COMPRESSSION_ALGORITHM_MISSING 342
2280#define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO 216
2281#define SSL_R_REUSE_CERT_TYPE_NOT_ZERO 217
2282#define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO 218
2283#define SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING 345
2284#define SSL_R_SERVERHELLO_TLSEXT 275
2285#define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED 277
2286#define SSL_R_SHORT_READ 219
2287#define SSL_R_SIGNATURE_ALGORITHMS_ERROR 360
2288#define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220
2289#define SSL_R_SRP_A_CALC 361
2290#define SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES 362
2291#define SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG 363
2292#define SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE 364
2293#define SSL_R_SSL23_DOING_SESSION_ID_REUSE 221
2294#define SSL_R_SSL2_CONNECTION_ID_TOO_LONG 299
2295#define SSL_R_SSL3_EXT_INVALID_ECPOINTFORMAT 321
2296#define SSL_R_SSL3_EXT_INVALID_SERVERNAME 319
2297#define SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE 320
2298#define SSL_R_SSL3_SESSION_ID_TOO_LONG 300
2299#define SSL_R_SSL3_SESSION_ID_TOO_SHORT 222
2300#define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE 1042
2301#define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020
2302#define SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED 1045
2303#define SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED 1044
2304#define SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN 1046
2305#define SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE 1030
2306#define SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE 1040
2307#define SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER 1047
2308#define SSL_R_SSLV3_ALERT_NO_CERTIFICATE 1041
2309#define SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE 1010
2310#define SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE 1043
2311#define SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION 228
2312#define SSL_R_SSL_HANDSHAKE_FAILURE 229
2313#define SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS 230
2314#define SSL_R_SSL_SESSION_ID_CALLBACK_FAILED 301
2315#define SSL_R_SSL_SESSION_ID_CONFLICT 302
2316#define SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG 273
2317#define SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH 303
2318#define SSL_R_SSL_SESSION_ID_IS_DIFFERENT 231
2319#define SSL_R_TLSV1_ALERT_ACCESS_DENIED 1049
2320#define SSL_R_TLSV1_ALERT_DECODE_ERROR 1050
2321#define SSL_R_TLSV1_ALERT_DECRYPTION_FAILED 1021
2322#define SSL_R_TLSV1_ALERT_DECRYPT_ERROR 1051
2323#define SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION 1060
2324#define SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK 1086
2325#define SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY 1071
2326#define SSL_R_TLSV1_ALERT_INTERNAL_ERROR 1080
2327#define SSL_R_TLSV1_ALERT_NO_RENEGOTIATION 1100
2328#define SSL_R_TLSV1_ALERT_PROTOCOL_VERSION 1070
2329#define SSL_R_TLSV1_ALERT_RECORD_OVERFLOW 1022
2330#define SSL_R_TLSV1_ALERT_UNKNOWN_CA 1048
2331#define SSL_R_TLSV1_ALERT_USER_CANCELLED 1090
2332#define SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE 1114
2333#define SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE 1113
2334#define SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE 1111
2335#define SSL_R_TLSV1_UNRECOGNIZED_NAME 1112
2336#define SSL_R_TLSV1_UNSUPPORTED_EXTENSION 1110
2337#define SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER 232
2338#define SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT 365
2339#define SSL_R_TLS_HEARTBEAT_PENDING 366
2340#define SSL_R_TLS_ILLEGAL_EXPORTER_LABEL 367
2341#define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST 157
2342#define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233
2343#define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG 234
2344#define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER 235
2345#define SSL_R_UNABLE_TO_DECODE_DH_CERTS 236
2346#define SSL_R_UNABLE_TO_DECODE_ECDH_CERTS 313
2347#define SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY 237
2348#define SSL_R_UNABLE_TO_FIND_DH_PARAMETERS 238
2349#define SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS 314
2350#define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS 239
2351#define SSL_R_UNABLE_TO_FIND_SSL_METHOD 240
2352#define SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES 241
2353#define SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES 242
2354#define SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES 243
2355#define SSL_R_UNEXPECTED_MESSAGE 244
2356#define SSL_R_UNEXPECTED_RECORD 245
2357#define SSL_R_UNINITIALIZED 276
2358#define SSL_R_UNKNOWN_ALERT_TYPE 246
2359#define SSL_R_UNKNOWN_CERTIFICATE_TYPE 247
2360#define SSL_R_UNKNOWN_CIPHER_RETURNED 248
2361#define SSL_R_UNKNOWN_CIPHER_TYPE 249
2362#define SSL_R_UNKNOWN_DIGEST 368
2363#define SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE 250
2364#define SSL_R_UNKNOWN_PKEY_TYPE 251
2365#define SSL_R_UNKNOWN_PROTOCOL 252
2366#define SSL_R_UNKNOWN_REMOTE_ERROR_TYPE 253
2367#define SSL_R_UNKNOWN_SSL_VERSION 254
2368#define SSL_R_UNKNOWN_STATE 255
2369#define SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED 338
2370#define SSL_R_UNSUPPORTED_CIPHER 256
2371#define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM 257
2372#define SSL_R_UNSUPPORTED_DIGEST_TYPE 326
2373#define SSL_R_UNSUPPORTED_ELLIPTIC_CURVE 315
2374#define SSL_R_UNSUPPORTED_PROTOCOL 258
2375#define SSL_R_UNSUPPORTED_SSL_VERSION 259
2376#define SSL_R_UNSUPPORTED_STATUS_TYPE 329
2377#define SSL_R_USE_SRTP_NOT_NEGOTIATED 369
2378#define SSL_R_WRITE_BIO_NOT_SET 260
2379#define SSL_R_WRONG_CIPHER_RETURNED 261
2380#define SSL_R_WRONG_CURVE 378
2381#define SSL_R_WRONG_MESSAGE_TYPE 262
2382#define SSL_R_WRONG_NUMBER_OF_KEY_BITS 263
2383#define SSL_R_WRONG_SIGNATURE_LENGTH 264
2384#define SSL_R_WRONG_SIGNATURE_SIZE 265
2385#define SSL_R_WRONG_SIGNATURE_TYPE 370
2386#define SSL_R_WRONG_SSL_VERSION 266
2387#define SSL_R_WRONG_VERSION_NUMBER 267
2388#define SSL_R_X509_LIB 268
2389#define SSL_R_X509_VERIFICATION_SETUP_PROBLEMS 269
2390
2391#ifdef __cplusplus
2392}
2393#endif
2394#endif
diff --git a/src/lib/libssl/ssl2.h b/src/lib/libssl/ssl2.h
deleted file mode 100644
index 3a8d300729..0000000000
--- a/src/lib/libssl/ssl2.h
+++ /dev/null
@@ -1,153 +0,0 @@
1/* $OpenBSD: ssl2.h,v 1.12 2014/12/14 15:30:50 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_SSL2_H
60#define HEADER_SSL2_H
61
62#ifdef __cplusplus
63extern "C" {
64#endif
65
66/* Protocol Version Codes */
67#define SSL2_VERSION 0x0002
68#define SSL2_VERSION_MAJOR 0x00
69#define SSL2_VERSION_MINOR 0x02
70/* #define SSL2_CLIENT_VERSION 0x0002 */
71/* #define SSL2_SERVER_VERSION 0x0002 */
72
73/* Protocol Message Codes */
74#define SSL2_MT_ERROR 0
75#define SSL2_MT_CLIENT_HELLO 1
76#define SSL2_MT_CLIENT_MASTER_KEY 2
77#define SSL2_MT_CLIENT_FINISHED 3
78#define SSL2_MT_SERVER_HELLO 4
79#define SSL2_MT_SERVER_VERIFY 5
80#define SSL2_MT_SERVER_FINISHED 6
81#define SSL2_MT_REQUEST_CERTIFICATE 7
82#define SSL2_MT_CLIENT_CERTIFICATE 8
83
84/* Error Message Codes */
85#define SSL2_PE_UNDEFINED_ERROR 0x0000
86#define SSL2_PE_NO_CIPHER 0x0001
87#define SSL2_PE_NO_CERTIFICATE 0x0002
88#define SSL2_PE_BAD_CERTIFICATE 0x0004
89#define SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE 0x0006
90
91/* Cipher Kind Values */
92#define SSL2_CK_NULL_WITH_MD5 0x02000000 /* v3 */
93#define SSL2_CK_RC4_128_WITH_MD5 0x02010080
94#define SSL2_CK_RC4_128_EXPORT40_WITH_MD5 0x02020080
95#define SSL2_CK_RC2_128_CBC_WITH_MD5 0x02030080
96#define SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5 0x02040080
97#define SSL2_CK_IDEA_128_CBC_WITH_MD5 0x02050080
98#define SSL2_CK_DES_64_CBC_WITH_MD5 0x02060040
99#define SSL2_CK_DES_64_CBC_WITH_SHA 0x02060140 /* v3 */
100#define SSL2_CK_DES_192_EDE3_CBC_WITH_MD5 0x020700c0
101#define SSL2_CK_DES_192_EDE3_CBC_WITH_SHA 0x020701c0 /* v3 */
102#define SSL2_CK_RC4_64_WITH_MD5 0x02080080 /* MS hack */
103
104#define SSL2_CK_DES_64_CFB64_WITH_MD5_1 0x02ff0800 /* SSLeay */
105#define SSL2_CK_NULL 0x02ff0810 /* SSLeay */
106
107#define SSL2_TXT_DES_64_CFB64_WITH_MD5_1 "DES-CFB-M1"
108#define SSL2_TXT_NULL_WITH_MD5 "NULL-MD5"
109#define SSL2_TXT_RC4_128_WITH_MD5 "RC4-MD5"
110#define SSL2_TXT_RC4_128_EXPORT40_WITH_MD5 "EXP-RC4-MD5"
111#define SSL2_TXT_RC2_128_CBC_WITH_MD5 "RC2-CBC-MD5"
112#define SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 "EXP-RC2-CBC-MD5"
113#define SSL2_TXT_IDEA_128_CBC_WITH_MD5 "IDEA-CBC-MD5"
114#define SSL2_TXT_DES_64_CBC_WITH_MD5 "DES-CBC-MD5"
115#define SSL2_TXT_DES_64_CBC_WITH_SHA "DES-CBC-SHA"
116#define SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5 "DES-CBC3-MD5"
117#define SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA "DES-CBC3-SHA"
118#define SSL2_TXT_RC4_64_WITH_MD5 "RC4-64-MD5"
119
120#define SSL2_TXT_NULL "NULL"
121
122/* Flags for the SSL_CIPHER.algorithm2 field */
123#define SSL2_CF_5_BYTE_ENC 0x01
124#define SSL2_CF_8_BYTE_ENC 0x02
125
126/* Certificate Type Codes */
127#define SSL2_CT_X509_CERTIFICATE 0x01
128
129/* Authentication Type Code */
130#define SSL2_AT_MD5_WITH_RSA_ENCRYPTION 0x01
131
132#define SSL2_MAX_SSL_SESSION_ID_LENGTH 32
133
134/* Upper/Lower Bounds */
135#define SSL2_MAX_MASTER_KEY_LENGTH_IN_BITS 256
136#define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER 32767u /* 2^15-1 */
137#define SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER 16383 /* 2^14-1 */
138
139#define SSL2_CHALLENGE_LENGTH 16
140/*#define SSL2_CHALLENGE_LENGTH 32 */
141#define SSL2_MIN_CHALLENGE_LENGTH 16
142#define SSL2_MAX_CHALLENGE_LENGTH 32
143#define SSL2_CONNECTION_ID_LENGTH 16
144#define SSL2_MAX_CONNECTION_ID_LENGTH 16
145#define SSL2_SSL_SESSION_ID_LENGTH 16
146#define SSL2_MAX_CERT_CHALLENGE_LENGTH 32
147#define SSL2_MIN_CERT_CHALLENGE_LENGTH 16
148#define SSL2_MAX_KEY_MATERIAL_LENGTH 24
149
150#ifdef __cplusplus
151}
152#endif
153#endif
diff --git a/src/lib/libssl/ssl23.h b/src/lib/libssl/ssl23.h
deleted file mode 100644
index 570e4b0171..0000000000
--- a/src/lib/libssl/ssl23.h
+++ /dev/null
@@ -1,82 +0,0 @@
1/* $OpenBSD: ssl23.h,v 1.4 2014/12/14 15:30:50 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_SSL23_H
60#define HEADER_SSL23_H
61
62#ifdef __cplusplus
63extern "C" {
64#endif
65
66/*client */
67/* write to server */
68#define SSL23_ST_CW_CLNT_HELLO_A (0x210|SSL_ST_CONNECT)
69#define SSL23_ST_CW_CLNT_HELLO_B (0x211|SSL_ST_CONNECT)
70/* read from server */
71#define SSL23_ST_CR_SRVR_HELLO_A (0x220|SSL_ST_CONNECT)
72#define SSL23_ST_CR_SRVR_HELLO_B (0x221|SSL_ST_CONNECT)
73
74/* server */
75/* read from client */
76#define SSL23_ST_SR_CLNT_HELLO_A (0x210|SSL_ST_ACCEPT)
77#define SSL23_ST_SR_CLNT_HELLO_B (0x211|SSL_ST_ACCEPT)
78
79#ifdef __cplusplus
80}
81#endif
82#endif
diff --git a/src/lib/libssl/ssl3.h b/src/lib/libssl/ssl3.h
deleted file mode 100644
index 61f600c55d..0000000000
--- a/src/lib/libssl/ssl3.h
+++ /dev/null
@@ -1,636 +0,0 @@
1/* $OpenBSD: ssl3.h,v 1.36 2015/02/22 15:54:27 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111/* ====================================================================
112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113 * ECC cipher suite support in OpenSSL originally developed by
114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
115 */
116
117#ifndef HEADER_SSL3_H
118#define HEADER_SSL3_H
119
120#include <openssl/buffer.h>
121#include <openssl/evp.h>
122#include <openssl/ssl.h>
123
124#ifdef __cplusplus
125extern "C" {
126#endif
127
128/* TLS_EMPTY_RENEGOTIATION_INFO_SCSV from RFC 5746. */
129#define SSL3_CK_SCSV 0x030000FF
130
131/* TLS_FALLBACK_SCSV from draft-ietf-tls-downgrade-scsv-03. */
132#define SSL3_CK_FALLBACK_SCSV 0x03005600
133
134#define SSL3_CK_RSA_NULL_MD5 0x03000001
135#define SSL3_CK_RSA_NULL_SHA 0x03000002
136#define SSL3_CK_RSA_RC4_40_MD5 0x03000003
137#define SSL3_CK_RSA_RC4_128_MD5 0x03000004
138#define SSL3_CK_RSA_RC4_128_SHA 0x03000005
139#define SSL3_CK_RSA_RC2_40_MD5 0x03000006
140#define SSL3_CK_RSA_IDEA_128_SHA 0x03000007
141#define SSL3_CK_RSA_DES_40_CBC_SHA 0x03000008
142#define SSL3_CK_RSA_DES_64_CBC_SHA 0x03000009
143#define SSL3_CK_RSA_DES_192_CBC3_SHA 0x0300000A
144
145#define SSL3_CK_DH_DSS_DES_40_CBC_SHA 0x0300000B
146#define SSL3_CK_DH_DSS_DES_64_CBC_SHA 0x0300000C
147#define SSL3_CK_DH_DSS_DES_192_CBC3_SHA 0x0300000D
148#define SSL3_CK_DH_RSA_DES_40_CBC_SHA 0x0300000E
149#define SSL3_CK_DH_RSA_DES_64_CBC_SHA 0x0300000F
150#define SSL3_CK_DH_RSA_DES_192_CBC3_SHA 0x03000010
151
152#define SSL3_CK_EDH_DSS_DES_40_CBC_SHA 0x03000011
153#define SSL3_CK_EDH_DSS_DES_64_CBC_SHA 0x03000012
154#define SSL3_CK_EDH_DSS_DES_192_CBC3_SHA 0x03000013
155#define SSL3_CK_EDH_RSA_DES_40_CBC_SHA 0x03000014
156#define SSL3_CK_EDH_RSA_DES_64_CBC_SHA 0x03000015
157#define SSL3_CK_EDH_RSA_DES_192_CBC3_SHA 0x03000016
158
159#define SSL3_CK_ADH_RC4_40_MD5 0x03000017
160#define SSL3_CK_ADH_RC4_128_MD5 0x03000018
161#define SSL3_CK_ADH_DES_40_CBC_SHA 0x03000019
162#define SSL3_CK_ADH_DES_64_CBC_SHA 0x0300001A
163#define SSL3_CK_ADH_DES_192_CBC_SHA 0x0300001B
164
165/* VRS Additional Kerberos5 entries
166 */
167#define SSL3_CK_KRB5_DES_64_CBC_SHA 0x0300001E
168#define SSL3_CK_KRB5_DES_192_CBC3_SHA 0x0300001F
169#define SSL3_CK_KRB5_RC4_128_SHA 0x03000020
170#define SSL3_CK_KRB5_IDEA_128_CBC_SHA 0x03000021
171#define SSL3_CK_KRB5_DES_64_CBC_MD5 0x03000022
172#define SSL3_CK_KRB5_DES_192_CBC3_MD5 0x03000023
173#define SSL3_CK_KRB5_RC4_128_MD5 0x03000024
174#define SSL3_CK_KRB5_IDEA_128_CBC_MD5 0x03000025
175
176#define SSL3_CK_KRB5_DES_40_CBC_SHA 0x03000026
177#define SSL3_CK_KRB5_RC2_40_CBC_SHA 0x03000027
178#define SSL3_CK_KRB5_RC4_40_SHA 0x03000028
179#define SSL3_CK_KRB5_DES_40_CBC_MD5 0x03000029
180#define SSL3_CK_KRB5_RC2_40_CBC_MD5 0x0300002A
181#define SSL3_CK_KRB5_RC4_40_MD5 0x0300002B
182
183#define SSL3_TXT_RSA_NULL_MD5 "NULL-MD5"
184#define SSL3_TXT_RSA_NULL_SHA "NULL-SHA"
185#define SSL3_TXT_RSA_RC4_40_MD5 "EXP-RC4-MD5"
186#define SSL3_TXT_RSA_RC4_128_MD5 "RC4-MD5"
187#define SSL3_TXT_RSA_RC4_128_SHA "RC4-SHA"
188#define SSL3_TXT_RSA_RC2_40_MD5 "EXP-RC2-CBC-MD5"
189#define SSL3_TXT_RSA_IDEA_128_SHA "IDEA-CBC-SHA"
190#define SSL3_TXT_RSA_DES_40_CBC_SHA "EXP-DES-CBC-SHA"
191#define SSL3_TXT_RSA_DES_64_CBC_SHA "DES-CBC-SHA"
192#define SSL3_TXT_RSA_DES_192_CBC3_SHA "DES-CBC3-SHA"
193
194#define SSL3_TXT_DH_DSS_DES_40_CBC_SHA "EXP-DH-DSS-DES-CBC-SHA"
195#define SSL3_TXT_DH_DSS_DES_64_CBC_SHA "DH-DSS-DES-CBC-SHA"
196#define SSL3_TXT_DH_DSS_DES_192_CBC3_SHA "DH-DSS-DES-CBC3-SHA"
197#define SSL3_TXT_DH_RSA_DES_40_CBC_SHA "EXP-DH-RSA-DES-CBC-SHA"
198#define SSL3_TXT_DH_RSA_DES_64_CBC_SHA "DH-RSA-DES-CBC-SHA"
199#define SSL3_TXT_DH_RSA_DES_192_CBC3_SHA "DH-RSA-DES-CBC3-SHA"
200
201#define SSL3_TXT_EDH_DSS_DES_40_CBC_SHA "EXP-EDH-DSS-DES-CBC-SHA"
202#define SSL3_TXT_EDH_DSS_DES_64_CBC_SHA "EDH-DSS-DES-CBC-SHA"
203#define SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA "EDH-DSS-DES-CBC3-SHA"
204#define SSL3_TXT_EDH_RSA_DES_40_CBC_SHA "EXP-EDH-RSA-DES-CBC-SHA"
205#define SSL3_TXT_EDH_RSA_DES_64_CBC_SHA "EDH-RSA-DES-CBC-SHA"
206#define SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA "EDH-RSA-DES-CBC3-SHA"
207
208#define SSL3_TXT_ADH_RC4_40_MD5 "EXP-ADH-RC4-MD5"
209#define SSL3_TXT_ADH_RC4_128_MD5 "ADH-RC4-MD5"
210#define SSL3_TXT_ADH_DES_40_CBC_SHA "EXP-ADH-DES-CBC-SHA"
211#define SSL3_TXT_ADH_DES_64_CBC_SHA "ADH-DES-CBC-SHA"
212#define SSL3_TXT_ADH_DES_192_CBC_SHA "ADH-DES-CBC3-SHA"
213
214#define SSL3_TXT_KRB5_DES_64_CBC_SHA "KRB5-DES-CBC-SHA"
215#define SSL3_TXT_KRB5_DES_192_CBC3_SHA "KRB5-DES-CBC3-SHA"
216#define SSL3_TXT_KRB5_RC4_128_SHA "KRB5-RC4-SHA"
217#define SSL3_TXT_KRB5_IDEA_128_CBC_SHA "KRB5-IDEA-CBC-SHA"
218#define SSL3_TXT_KRB5_DES_64_CBC_MD5 "KRB5-DES-CBC-MD5"
219#define SSL3_TXT_KRB5_DES_192_CBC3_MD5 "KRB5-DES-CBC3-MD5"
220#define SSL3_TXT_KRB5_RC4_128_MD5 "KRB5-RC4-MD5"
221#define SSL3_TXT_KRB5_IDEA_128_CBC_MD5 "KRB5-IDEA-CBC-MD5"
222
223#define SSL3_TXT_KRB5_DES_40_CBC_SHA "EXP-KRB5-DES-CBC-SHA"
224#define SSL3_TXT_KRB5_RC2_40_CBC_SHA "EXP-KRB5-RC2-CBC-SHA"
225#define SSL3_TXT_KRB5_RC4_40_SHA "EXP-KRB5-RC4-SHA"
226#define SSL3_TXT_KRB5_DES_40_CBC_MD5 "EXP-KRB5-DES-CBC-MD5"
227#define SSL3_TXT_KRB5_RC2_40_CBC_MD5 "EXP-KRB5-RC2-CBC-MD5"
228#define SSL3_TXT_KRB5_RC4_40_MD5 "EXP-KRB5-RC4-MD5"
229
230#define SSL3_SSL_SESSION_ID_LENGTH 32
231#define SSL3_MAX_SSL_SESSION_ID_LENGTH 32
232
233#define SSL3_MASTER_SECRET_SIZE 48
234#define SSL3_RANDOM_SIZE 32
235#define SSL3_SEQUENCE_SIZE 8
236#define SSL3_SESSION_ID_SIZE 32
237#define SSL3_CIPHER_VALUE_SIZE 2
238
239#define SSL3_RT_HEADER_LENGTH 5
240#define SSL3_HM_HEADER_LENGTH 4
241
242#define SSL3_ALIGN_PAYLOAD 8
243
244/* This is the maximum MAC (digest) size used by the SSL library.
245 * Currently maximum of 20 is used by SHA1, but we reserve for
246 * future extension for 512-bit hashes.
247 */
248
249#define SSL3_RT_MAX_MD_SIZE 64
250
251/* Maximum block size used in all ciphersuites. Currently 16 for AES.
252 */
253
254#define SSL_RT_MAX_CIPHER_BLOCK_SIZE 16
255
256#define SSL3_RT_MAX_EXTRA (16384)
257
258/* Maximum plaintext length: defined by SSL/TLS standards */
259#define SSL3_RT_MAX_PLAIN_LENGTH 16384
260/* Maximum compression overhead: defined by SSL/TLS standards */
261#define SSL3_RT_MAX_COMPRESSED_OVERHEAD 1024
262
263/* The standards give a maximum encryption overhead of 1024 bytes.
264 * In practice the value is lower than this. The overhead is the maximum
265 * number of padding bytes (256) plus the mac size.
266 */
267#define SSL3_RT_MAX_ENCRYPTED_OVERHEAD (256 + SSL3_RT_MAX_MD_SIZE)
268
269/* OpenSSL currently only uses a padding length of at most one block so
270 * the send overhead is smaller.
271 */
272
273#define SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD \
274 (SSL_RT_MAX_CIPHER_BLOCK_SIZE + SSL3_RT_MAX_MD_SIZE)
275
276/* If compression isn't used don't include the compression overhead */
277#define SSL3_RT_MAX_COMPRESSED_LENGTH SSL3_RT_MAX_PLAIN_LENGTH
278#define SSL3_RT_MAX_ENCRYPTED_LENGTH \
279 (SSL3_RT_MAX_ENCRYPTED_OVERHEAD+SSL3_RT_MAX_COMPRESSED_LENGTH)
280#define SSL3_RT_MAX_PACKET_SIZE \
281 (SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH)
282
283#define SSL3_MD_CLIENT_FINISHED_CONST "\x43\x4C\x4E\x54"
284#define SSL3_MD_SERVER_FINISHED_CONST "\x53\x52\x56\x52"
285
286#define SSL3_VERSION 0x0300
287#define SSL3_VERSION_MAJOR 0x03
288#define SSL3_VERSION_MINOR 0x00
289
290#define SSL3_RT_CHANGE_CIPHER_SPEC 20
291#define SSL3_RT_ALERT 21
292#define SSL3_RT_HANDSHAKE 22
293#define SSL3_RT_APPLICATION_DATA 23
294#define TLS1_RT_HEARTBEAT 24
295
296#define SSL3_AL_WARNING 1
297#define SSL3_AL_FATAL 2
298
299#define SSL3_AD_CLOSE_NOTIFY 0
300#define SSL3_AD_UNEXPECTED_MESSAGE 10 /* fatal */
301#define SSL3_AD_BAD_RECORD_MAC 20 /* fatal */
302#define SSL3_AD_DECOMPRESSION_FAILURE 30 /* fatal */
303#define SSL3_AD_HANDSHAKE_FAILURE 40 /* fatal */
304#define SSL3_AD_NO_CERTIFICATE 41
305#define SSL3_AD_BAD_CERTIFICATE 42
306#define SSL3_AD_UNSUPPORTED_CERTIFICATE 43
307#define SSL3_AD_CERTIFICATE_REVOKED 44
308#define SSL3_AD_CERTIFICATE_EXPIRED 45
309#define SSL3_AD_CERTIFICATE_UNKNOWN 46
310#define SSL3_AD_ILLEGAL_PARAMETER 47 /* fatal */
311
312#define TLS1_HB_REQUEST 1
313#define TLS1_HB_RESPONSE 2
314
315#ifndef OPENSSL_NO_SSL_INTERN
316
317typedef struct ssl3_record_st {
318/*r */ int type; /* type of record */
319/*rw*/ unsigned int length; /* How many bytes available */
320/*r */ unsigned int off; /* read/write offset into 'buf' */
321/*rw*/ unsigned char *data; /* pointer to the record data */
322/*rw*/ unsigned char *input; /* where the decode bytes are */
323/*r */ unsigned long epoch; /* epoch number, needed by DTLS1 */
324/*r */ unsigned char seq_num[8]; /* sequence number, needed by DTLS1 */
325} SSL3_RECORD;
326
327typedef struct ssl3_buffer_st {
328 unsigned char *buf; /* at least SSL3_RT_MAX_PACKET_SIZE bytes,
329 * see ssl3_setup_buffers() */
330 size_t len; /* buffer size */
331 int offset; /* where to 'copy from' */
332 int left; /* how many bytes left */
333} SSL3_BUFFER;
334
335#endif
336
337#define SSL3_CT_RSA_SIGN 1
338#define SSL3_CT_DSS_SIGN 2
339#define SSL3_CT_RSA_FIXED_DH 3
340#define SSL3_CT_DSS_FIXED_DH 4
341#define SSL3_CT_RSA_EPHEMERAL_DH 5
342#define SSL3_CT_DSS_EPHEMERAL_DH 6
343#define SSL3_CT_FORTEZZA_DMS 20
344/* SSL3_CT_NUMBER is used to size arrays and it must be large
345 * enough to contain all of the cert types defined either for
346 * SSLv3 and TLSv1.
347 */
348#define SSL3_CT_NUMBER 11
349
350
351#define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS 0x0001
352#define SSL3_FLAGS_DELAY_CLIENT_FINISHED 0x0002
353#define SSL3_FLAGS_POP_BUFFER 0x0004
354#define TLS1_FLAGS_TLS_PADDING_BUG 0x0008
355#define TLS1_FLAGS_SKIP_CERT_VERIFY 0x0010
356#define TLS1_FLAGS_KEEP_HANDSHAKE 0x0020
357#define SSL3_FLAGS_CCS_OK 0x0080
358
359/* SSL3_FLAGS_SGC_RESTART_DONE is set when we
360 * restart a handshake because of MS SGC and so prevents us
361 * from restarting the handshake in a loop. It's reset on a
362 * renegotiation, so effectively limits the client to one restart
363 * per negotiation. This limits the possibility of a DDoS
364 * attack where the client handshakes in a loop using SGC to
365 * restart. Servers which permit renegotiation can still be
366 * effected, but we can't prevent that.
367 */
368#define SSL3_FLAGS_SGC_RESTART_DONE 0x0040
369
370#ifndef OPENSSL_NO_SSL_INTERN
371
372typedef struct ssl3_state_st {
373 long flags;
374 int delay_buf_pop_ret;
375
376 unsigned char read_sequence[SSL3_SEQUENCE_SIZE];
377 int read_mac_secret_size;
378 unsigned char read_mac_secret[EVP_MAX_MD_SIZE];
379 unsigned char write_sequence[SSL3_SEQUENCE_SIZE];
380 int write_mac_secret_size;
381 unsigned char write_mac_secret[EVP_MAX_MD_SIZE];
382
383 unsigned char server_random[SSL3_RANDOM_SIZE];
384 unsigned char client_random[SSL3_RANDOM_SIZE];
385
386 /* flags for countermeasure against known-IV weakness */
387 int need_empty_fragments;
388 int empty_fragment_done;
389
390 /* The value of 'extra' when the buffers were initialized */
391 int init_extra;
392
393 SSL3_BUFFER rbuf; /* read IO goes into here */
394 SSL3_BUFFER wbuf; /* write IO goes into here */
395
396 SSL3_RECORD rrec; /* each decoded record goes in here */
397 SSL3_RECORD wrec; /* goes out from here */
398
399 /* storage for Alert/Handshake protocol data received but not
400 * yet processed by ssl3_read_bytes: */
401 unsigned char alert_fragment[2];
402 unsigned int alert_fragment_len;
403 unsigned char handshake_fragment[4];
404 unsigned int handshake_fragment_len;
405
406 /* partial write - check the numbers match */
407 unsigned int wnum; /* number of bytes sent so far */
408 int wpend_tot; /* number bytes written */
409 int wpend_type;
410 int wpend_ret; /* number of bytes submitted */
411 const unsigned char *wpend_buf;
412
413 /* used during startup, digest all incoming/outgoing packets */
414 BIO *handshake_buffer;
415 /* When set of handshake digests is determined, buffer is hashed
416 * and freed and MD_CTX-es for all required digests are stored in
417 * this array */
418 EVP_MD_CTX **handshake_dgst;
419 /* this is set whenerver we see a change_cipher_spec message
420 * come in when we are not looking for one */
421 int change_cipher_spec;
422
423 int warn_alert;
424 int fatal_alert;
425 /* we allow one fatal and one warning alert to be outstanding,
426 * send close alert via the warning alert */
427 int alert_dispatch;
428 unsigned char send_alert[2];
429
430 /* This flag is set when we should renegotiate ASAP, basically when
431 * there is no more data in the read or write buffers */
432 int renegotiate;
433 int total_renegotiations;
434 int num_renegotiations;
435
436 int in_read_app_data;
437
438 struct {
439 /* actually only needs to be 16+20 */
440 unsigned char cert_verify_md[EVP_MAX_MD_SIZE*2];
441
442 /* actually only need to be 16+20 for SSLv3 and 12 for TLS */
443 unsigned char finish_md[EVP_MAX_MD_SIZE*2];
444 int finish_md_len;
445 unsigned char peer_finish_md[EVP_MAX_MD_SIZE*2];
446 int peer_finish_md_len;
447
448 unsigned long message_size;
449 int message_type;
450
451 /* used to hold the new cipher we are going to use */
452 const SSL_CIPHER *new_cipher;
453 DH *dh;
454
455 EC_KEY *ecdh; /* holds short lived ECDH key */
456
457 /* used when SSL_ST_FLUSH_DATA is entered */
458 int next_state;
459
460 int reuse_message;
461
462 /* used for certificate requests */
463 int cert_req;
464 int ctype_num;
465 char ctype[SSL3_CT_NUMBER];
466 STACK_OF(X509_NAME) *ca_names;
467
468 int key_block_length;
469 unsigned char *key_block;
470
471 const EVP_CIPHER *new_sym_enc;
472 const EVP_AEAD *new_aead;
473 const EVP_MD *new_hash;
474 int new_mac_pkey_type;
475 int new_mac_secret_size;
476 int cert_request;
477 } tmp;
478
479 /* Connection binding to prevent renegotiation attacks */
480 unsigned char previous_client_finished[EVP_MAX_MD_SIZE];
481 unsigned char previous_client_finished_len;
482 unsigned char previous_server_finished[EVP_MAX_MD_SIZE];
483 unsigned char previous_server_finished_len;
484 int send_connection_binding; /* TODOEKR */
485
486 /* Set if we saw the Next Protocol Negotiation extension from our peer.
487 */
488 int next_proto_neg_seen;
489
490 /*
491 * ALPN information
492 * (we are in the process of transitioning from NPN to ALPN).
493 */
494
495 /*
496 * In a server these point to the selected ALPN protocol after the
497 * ClientHello has been processed. In a client these contain the
498 * protocol that the server selected once the ServerHello has been
499 * processed.
500 */
501 unsigned char *alpn_selected;
502 unsigned int alpn_selected_len;
503
504 /* This is set to true if we believe that this is a version of Safari
505 * running on OS X 10.6 or newer. We wish to know this because Safari
506 * on 10.8 .. 10.8.3 has broken ECDHE-ECDSA support. */
507 char is_probably_safari;
508} SSL3_STATE;
509
510#endif
511
512/* SSLv3 */
513/*client */
514/* extra state */
515#define SSL3_ST_CW_FLUSH (0x100|SSL_ST_CONNECT)
516/* write to server */
517#define SSL3_ST_CW_CLNT_HELLO_A (0x110|SSL_ST_CONNECT)
518#define SSL3_ST_CW_CLNT_HELLO_B (0x111|SSL_ST_CONNECT)
519/* read from server */
520#define SSL3_ST_CR_SRVR_HELLO_A (0x120|SSL_ST_CONNECT)
521#define SSL3_ST_CR_SRVR_HELLO_B (0x121|SSL_ST_CONNECT)
522#define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A (0x126|SSL_ST_CONNECT)
523#define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B (0x127|SSL_ST_CONNECT)
524#define SSL3_ST_CR_CERT_A (0x130|SSL_ST_CONNECT)
525#define SSL3_ST_CR_CERT_B (0x131|SSL_ST_CONNECT)
526#define SSL3_ST_CR_KEY_EXCH_A (0x140|SSL_ST_CONNECT)
527#define SSL3_ST_CR_KEY_EXCH_B (0x141|SSL_ST_CONNECT)
528#define SSL3_ST_CR_CERT_REQ_A (0x150|SSL_ST_CONNECT)
529#define SSL3_ST_CR_CERT_REQ_B (0x151|SSL_ST_CONNECT)
530#define SSL3_ST_CR_SRVR_DONE_A (0x160|SSL_ST_CONNECT)
531#define SSL3_ST_CR_SRVR_DONE_B (0x161|SSL_ST_CONNECT)
532/* write to server */
533#define SSL3_ST_CW_CERT_A (0x170|SSL_ST_CONNECT)
534#define SSL3_ST_CW_CERT_B (0x171|SSL_ST_CONNECT)
535#define SSL3_ST_CW_CERT_C (0x172|SSL_ST_CONNECT)
536#define SSL3_ST_CW_CERT_D (0x173|SSL_ST_CONNECT)
537#define SSL3_ST_CW_KEY_EXCH_A (0x180|SSL_ST_CONNECT)
538#define SSL3_ST_CW_KEY_EXCH_B (0x181|SSL_ST_CONNECT)
539#define SSL3_ST_CW_CERT_VRFY_A (0x190|SSL_ST_CONNECT)
540#define SSL3_ST_CW_CERT_VRFY_B (0x191|SSL_ST_CONNECT)
541#define SSL3_ST_CW_CHANGE_A (0x1A0|SSL_ST_CONNECT)
542#define SSL3_ST_CW_CHANGE_B (0x1A1|SSL_ST_CONNECT)
543#define SSL3_ST_CW_NEXT_PROTO_A (0x200|SSL_ST_CONNECT)
544#define SSL3_ST_CW_NEXT_PROTO_B (0x201|SSL_ST_CONNECT)
545#define SSL3_ST_CW_FINISHED_A (0x1B0|SSL_ST_CONNECT)
546#define SSL3_ST_CW_FINISHED_B (0x1B1|SSL_ST_CONNECT)
547/* read from server */
548#define SSL3_ST_CR_CHANGE_A (0x1C0|SSL_ST_CONNECT)
549#define SSL3_ST_CR_CHANGE_B (0x1C1|SSL_ST_CONNECT)
550#define SSL3_ST_CR_FINISHED_A (0x1D0|SSL_ST_CONNECT)
551#define SSL3_ST_CR_FINISHED_B (0x1D1|SSL_ST_CONNECT)
552#define SSL3_ST_CR_SESSION_TICKET_A (0x1E0|SSL_ST_CONNECT)
553#define SSL3_ST_CR_SESSION_TICKET_B (0x1E1|SSL_ST_CONNECT)
554#define SSL3_ST_CR_CERT_STATUS_A (0x1F0|SSL_ST_CONNECT)
555#define SSL3_ST_CR_CERT_STATUS_B (0x1F1|SSL_ST_CONNECT)
556
557/* server */
558/* extra state */
559#define SSL3_ST_SW_FLUSH (0x100|SSL_ST_ACCEPT)
560/* read from client */
561/* Do not change the number values, they do matter */
562#define SSL3_ST_SR_CLNT_HELLO_A (0x110|SSL_ST_ACCEPT)
563#define SSL3_ST_SR_CLNT_HELLO_B (0x111|SSL_ST_ACCEPT)
564#define SSL3_ST_SR_CLNT_HELLO_C (0x112|SSL_ST_ACCEPT)
565/* write to client */
566#define DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A (0x113|SSL_ST_ACCEPT)
567#define DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B (0x114|SSL_ST_ACCEPT)
568#define SSL3_ST_SW_HELLO_REQ_A (0x120|SSL_ST_ACCEPT)
569#define SSL3_ST_SW_HELLO_REQ_B (0x121|SSL_ST_ACCEPT)
570#define SSL3_ST_SW_HELLO_REQ_C (0x122|SSL_ST_ACCEPT)
571#define SSL3_ST_SW_SRVR_HELLO_A (0x130|SSL_ST_ACCEPT)
572#define SSL3_ST_SW_SRVR_HELLO_B (0x131|SSL_ST_ACCEPT)
573#define SSL3_ST_SW_CERT_A (0x140|SSL_ST_ACCEPT)
574#define SSL3_ST_SW_CERT_B (0x141|SSL_ST_ACCEPT)
575#define SSL3_ST_SW_KEY_EXCH_A (0x150|SSL_ST_ACCEPT)
576#define SSL3_ST_SW_KEY_EXCH_B (0x151|SSL_ST_ACCEPT)
577#define SSL3_ST_SW_CERT_REQ_A (0x160|SSL_ST_ACCEPT)
578#define SSL3_ST_SW_CERT_REQ_B (0x161|SSL_ST_ACCEPT)
579#define SSL3_ST_SW_SRVR_DONE_A (0x170|SSL_ST_ACCEPT)
580#define SSL3_ST_SW_SRVR_DONE_B (0x171|SSL_ST_ACCEPT)
581/* read from client */
582#define SSL3_ST_SR_CERT_A (0x180|SSL_ST_ACCEPT)
583#define SSL3_ST_SR_CERT_B (0x181|SSL_ST_ACCEPT)
584#define SSL3_ST_SR_KEY_EXCH_A (0x190|SSL_ST_ACCEPT)
585#define SSL3_ST_SR_KEY_EXCH_B (0x191|SSL_ST_ACCEPT)
586#define SSL3_ST_SR_CERT_VRFY_A (0x1A0|SSL_ST_ACCEPT)
587#define SSL3_ST_SR_CERT_VRFY_B (0x1A1|SSL_ST_ACCEPT)
588#define SSL3_ST_SR_CHANGE_A (0x1B0|SSL_ST_ACCEPT)
589#define SSL3_ST_SR_CHANGE_B (0x1B1|SSL_ST_ACCEPT)
590#define SSL3_ST_SR_NEXT_PROTO_A (0x210|SSL_ST_ACCEPT)
591#define SSL3_ST_SR_NEXT_PROTO_B (0x211|SSL_ST_ACCEPT)
592#define SSL3_ST_SR_FINISHED_A (0x1C0|SSL_ST_ACCEPT)
593#define SSL3_ST_SR_FINISHED_B (0x1C1|SSL_ST_ACCEPT)
594/* write to client */
595#define SSL3_ST_SW_CHANGE_A (0x1D0|SSL_ST_ACCEPT)
596#define SSL3_ST_SW_CHANGE_B (0x1D1|SSL_ST_ACCEPT)
597#define SSL3_ST_SW_FINISHED_A (0x1E0|SSL_ST_ACCEPT)
598#define SSL3_ST_SW_FINISHED_B (0x1E1|SSL_ST_ACCEPT)
599#define SSL3_ST_SW_SESSION_TICKET_A (0x1F0|SSL_ST_ACCEPT)
600#define SSL3_ST_SW_SESSION_TICKET_B (0x1F1|SSL_ST_ACCEPT)
601#define SSL3_ST_SW_CERT_STATUS_A (0x200|SSL_ST_ACCEPT)
602#define SSL3_ST_SW_CERT_STATUS_B (0x201|SSL_ST_ACCEPT)
603
604#define SSL3_MT_HELLO_REQUEST 0
605#define SSL3_MT_CLIENT_HELLO 1
606#define SSL3_MT_SERVER_HELLO 2
607#define SSL3_MT_NEWSESSION_TICKET 4
608#define SSL3_MT_CERTIFICATE 11
609#define SSL3_MT_SERVER_KEY_EXCHANGE 12
610#define SSL3_MT_CERTIFICATE_REQUEST 13
611#define SSL3_MT_SERVER_DONE 14
612#define SSL3_MT_CERTIFICATE_VERIFY 15
613#define SSL3_MT_CLIENT_KEY_EXCHANGE 16
614#define SSL3_MT_FINISHED 20
615#define SSL3_MT_CERTIFICATE_STATUS 22
616
617#define SSL3_MT_NEXT_PROTO 67
618
619#define DTLS1_MT_HELLO_VERIFY_REQUEST 3
620
621#define SSL3_MT_CCS 1
622
623/* These are used when changing over to a new cipher */
624#define SSL3_CC_READ 0x01
625#define SSL3_CC_WRITE 0x02
626#define SSL3_CC_CLIENT 0x10
627#define SSL3_CC_SERVER 0x20
628#define SSL3_CHANGE_CIPHER_CLIENT_WRITE (SSL3_CC_CLIENT|SSL3_CC_WRITE)
629#define SSL3_CHANGE_CIPHER_SERVER_READ (SSL3_CC_SERVER|SSL3_CC_READ)
630#define SSL3_CHANGE_CIPHER_CLIENT_READ (SSL3_CC_CLIENT|SSL3_CC_READ)
631#define SSL3_CHANGE_CIPHER_SERVER_WRITE (SSL3_CC_SERVER|SSL3_CC_WRITE)
632
633#ifdef __cplusplus
634}
635#endif
636#endif
diff --git a/src/lib/libssl/ssl_algs.c b/src/lib/libssl/ssl_algs.c
deleted file mode 100644
index 3010a735c9..0000000000
--- a/src/lib/libssl/ssl_algs.c
+++ /dev/null
@@ -1,131 +0,0 @@
1/* $OpenBSD: ssl_algs.c,v 1.22 2014/12/14 15:30:50 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/lhash.h>
62#include <openssl/objects.h>
63
64#include "ssl_locl.h"
65
66int
67SSL_library_init(void)
68{
69
70#ifndef OPENSSL_NO_DES
71 EVP_add_cipher(EVP_des_cbc());
72 EVP_add_cipher(EVP_des_ede3_cbc());
73#endif
74#ifndef OPENSSL_NO_IDEA
75 EVP_add_cipher(EVP_idea_cbc());
76#endif
77#ifndef OPENSSL_NO_RC4
78 EVP_add_cipher(EVP_rc4());
79#if !defined(OPENSSL_NO_MD5) && (defined(__x86_64) || defined(__x86_64__))
80 EVP_add_cipher(EVP_rc4_hmac_md5());
81#endif
82#endif
83#ifndef OPENSSL_NO_RC2
84 EVP_add_cipher(EVP_rc2_cbc());
85 /* Not actually used for SSL/TLS but this makes PKCS#12 work
86 * if an application only calls SSL_library_init().
87 */
88 EVP_add_cipher(EVP_rc2_40_cbc());
89#endif
90 EVP_add_cipher(EVP_aes_128_cbc());
91 EVP_add_cipher(EVP_aes_192_cbc());
92 EVP_add_cipher(EVP_aes_256_cbc());
93 EVP_add_cipher(EVP_aes_128_gcm());
94 EVP_add_cipher(EVP_aes_256_gcm());
95 EVP_add_cipher(EVP_aes_128_cbc_hmac_sha1());
96 EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1());
97#ifndef OPENSSL_NO_CAMELLIA
98 EVP_add_cipher(EVP_camellia_128_cbc());
99 EVP_add_cipher(EVP_camellia_256_cbc());
100#endif
101#ifndef OPENSSL_NO_GOST
102 EVP_add_cipher(EVP_gost2814789_cfb64());
103 EVP_add_cipher(EVP_gost2814789_cnt());
104#endif
105
106 EVP_add_digest(EVP_md5());
107 EVP_add_digest_alias(SN_md5, "ssl2-md5");
108 EVP_add_digest_alias(SN_md5, "ssl3-md5");
109 EVP_add_digest(EVP_sha1()); /* RSA with sha1 */
110 EVP_add_digest_alias(SN_sha1, "ssl3-sha1");
111 EVP_add_digest_alias(SN_sha1WithRSAEncryption, SN_sha1WithRSA);
112 EVP_add_digest(EVP_sha224());
113 EVP_add_digest(EVP_sha256());
114 EVP_add_digest(EVP_sha384());
115 EVP_add_digest(EVP_sha512());
116 EVP_add_digest(EVP_dss1()); /* DSA with sha1 */
117 EVP_add_digest_alias(SN_dsaWithSHA1, SN_dsaWithSHA1_2);
118 EVP_add_digest_alias(SN_dsaWithSHA1, "DSS1");
119 EVP_add_digest_alias(SN_dsaWithSHA1, "dss1");
120 EVP_add_digest(EVP_ecdsa());
121#ifndef OPENSSL_NO_GOST
122 EVP_add_digest(EVP_gostr341194());
123 EVP_add_digest(EVP_gost2814789imit());
124 EVP_add_digest(EVP_streebog256());
125 EVP_add_digest(EVP_streebog512());
126#endif
127 /* initialize cipher/digest methods table */
128 ssl_load_ciphers();
129 return (1);
130}
131
diff --git a/src/lib/libssl/ssl_asn1.c b/src/lib/libssl/ssl_asn1.c
deleted file mode 100644
index b60b3ea3f8..0000000000
--- a/src/lib/libssl/ssl_asn1.c
+++ /dev/null
@@ -1,692 +0,0 @@
1/* $OpenBSD: ssl_asn1.c,v 1.40 2014/12/14 15:30:50 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61
62#include "ssl_locl.h"
63
64#include <openssl/objects.h>
65#include <openssl/x509.h>
66
67/* XXX - these are here to avoid including asn1_mac.h */
68int asn1_GetSequence(ASN1_const_CTX *c, long *length);
69void asn1_add_error(const unsigned char *address, int offset);
70
71typedef struct ssl_session_asn1_st {
72 ASN1_INTEGER version;
73 ASN1_INTEGER ssl_version;
74 ASN1_OCTET_STRING cipher;
75 ASN1_OCTET_STRING master_key;
76 ASN1_OCTET_STRING session_id;
77 ASN1_OCTET_STRING session_id_context;
78 ASN1_INTEGER time;
79 ASN1_INTEGER timeout;
80 ASN1_INTEGER verify_result;
81 ASN1_OCTET_STRING tlsext_hostname;
82 ASN1_INTEGER tlsext_tick_lifetime;
83 ASN1_OCTET_STRING tlsext_tick;
84} SSL_SESSION_ASN1;
85
86int
87i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
88{
89#define LSIZE2 (sizeof(long)*2)
90 int v1 = 0, v2 = 0, v3 = 0, v4 = 0, v5 = 0, v6 = 0, v9 = 0, v10 = 0;
91 unsigned char buf[4], ibuf1[LSIZE2], ibuf2[LSIZE2];
92 unsigned char ibuf3[LSIZE2], ibuf4[LSIZE2], ibuf5[LSIZE2];
93 unsigned char ibuf6[LSIZE2];
94 SSL_SESSION_ASN1 a;
95 unsigned char *p;
96 int len = 0, ret;
97 long l;
98
99 if ((in == NULL) || ((in->cipher == NULL) && (in->cipher_id == 0)))
100 return (0);
101
102 /*
103 * Note that I cheat in the following 2 assignments.
104 * I know that if the ASN1_INTEGER passed to ASN1_INTEGER_set
105 * is > sizeof(long)+1, the buffer will not be re-malloc()ed.
106 * This is a bit evil but makes things simple, no dynamic allocation
107 * to clean up :-)
108 */
109 a.version.length = LSIZE2;
110 a.version.type = V_ASN1_INTEGER;
111 a.version.data = ibuf1;
112 ASN1_INTEGER_set(&(a.version), SSL_SESSION_ASN1_VERSION);
113 len += i2d_ASN1_INTEGER(&(a.version), NULL);
114
115 a.ssl_version.length = LSIZE2;
116 a.ssl_version.type = V_ASN1_INTEGER;
117 a.ssl_version.data = ibuf2;
118 ASN1_INTEGER_set(&(a.ssl_version), in->ssl_version);
119 len += i2d_ASN1_INTEGER(&(a.ssl_version), NULL);
120
121 a.cipher.length = 2;
122 a.cipher.type = V_ASN1_OCTET_STRING;
123 l = (in->cipher == NULL) ? in->cipher_id : in->cipher->id;
124 buf[0] = ((unsigned char)(l >> 8L)) & 0xff;
125 buf[1] = ((unsigned char)(l)) & 0xff;
126 a.cipher.data = buf;
127 len += i2d_ASN1_OCTET_STRING(&(a.cipher), NULL);
128
129 a.master_key.length = in->master_key_length;
130 a.master_key.type = V_ASN1_OCTET_STRING;
131 a.master_key.data = in->master_key;
132 len += i2d_ASN1_OCTET_STRING(&(a.master_key), NULL);
133
134 a.session_id.length = in->session_id_length;
135 a.session_id.type = V_ASN1_OCTET_STRING;
136 a.session_id.data = in->session_id;
137 len += i2d_ASN1_OCTET_STRING(&(a.session_id), NULL);
138
139 if (in->time != 0L) {
140 a.time.length = LSIZE2;
141 a.time.type = V_ASN1_INTEGER;
142 a.time.data = ibuf3;
143 ASN1_INTEGER_set(&(a.time), in->time); /* XXX 2038 */
144 v1 = i2d_ASN1_INTEGER(&(a.time), NULL);
145 len += ASN1_object_size(1, v1, 1);
146 }
147
148 if (in->timeout != 0L) {
149 a.timeout.length = LSIZE2;
150 a.timeout.type = V_ASN1_INTEGER;
151 a.timeout.data = ibuf4;
152 ASN1_INTEGER_set(&(a.timeout), in->timeout);
153 v2 = i2d_ASN1_INTEGER(&(a.timeout), NULL);
154 len += ASN1_object_size(1, v2, 2);
155 }
156
157 if (in->peer != NULL) {
158 v3 = i2d_X509(in->peer, NULL);
159 len += ASN1_object_size(1, v3, 3);
160 }
161
162 a.session_id_context.length = in->sid_ctx_length;
163 a.session_id_context.type = V_ASN1_OCTET_STRING;
164 a.session_id_context.data = in->sid_ctx;
165 v4 = i2d_ASN1_OCTET_STRING(&(a.session_id_context), NULL);
166 len += ASN1_object_size(1, v4, 4);
167
168 if (in->verify_result != X509_V_OK) {
169 a.verify_result.length = LSIZE2;
170 a.verify_result.type = V_ASN1_INTEGER;
171 a.verify_result.data = ibuf5;
172 ASN1_INTEGER_set(&a.verify_result, in->verify_result);
173 v5 = i2d_ASN1_INTEGER(&(a.verify_result), NULL);
174 len += ASN1_object_size(1, v5, 5);
175 }
176
177 if (in->tlsext_hostname) {
178 a.tlsext_hostname.length = strlen(in->tlsext_hostname);
179 a.tlsext_hostname.type = V_ASN1_OCTET_STRING;
180 a.tlsext_hostname.data = (unsigned char *)in->tlsext_hostname;
181 v6 = i2d_ASN1_OCTET_STRING(&(a.tlsext_hostname), NULL);
182 len += ASN1_object_size(1, v6, 6);
183 }
184
185 /* 7 - PSK identity hint. */
186 /* 8 - PSK identity. */
187
188 if (in->tlsext_tick_lifetime_hint > 0) {
189 a.tlsext_tick_lifetime.length = LSIZE2;
190 a.tlsext_tick_lifetime.type = V_ASN1_INTEGER;
191 a.tlsext_tick_lifetime.data = ibuf6;
192 ASN1_INTEGER_set(&a.tlsext_tick_lifetime,
193 in->tlsext_tick_lifetime_hint);
194 v9 = i2d_ASN1_INTEGER(&(a.tlsext_tick_lifetime), NULL);
195 len += ASN1_object_size(1, v9, 9);
196 }
197
198 if (in->tlsext_tick) {
199 a.tlsext_tick.length = in->tlsext_ticklen;
200 a.tlsext_tick.type = V_ASN1_OCTET_STRING;
201 a.tlsext_tick.data = (unsigned char *)in->tlsext_tick;
202 v10 = i2d_ASN1_OCTET_STRING(&(a.tlsext_tick), NULL);
203 len += ASN1_object_size(1, v10, 10);
204 }
205
206 /* 11 - Compression method. */
207 /* 12 - SRP username. */
208
209 /* If given a NULL pointer, return the length only. */
210 ret = (ASN1_object_size(1, len, V_ASN1_SEQUENCE));
211 if (pp == NULL)
212 return (ret);
213
214 /* Burp out the ASN1. */
215 p = *pp;
216 ASN1_put_object(&p, 1, len, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
217 i2d_ASN1_INTEGER(&(a.version), &p);
218 i2d_ASN1_INTEGER(&(a.ssl_version), &p);
219 i2d_ASN1_OCTET_STRING(&(a.cipher), &p);
220 i2d_ASN1_OCTET_STRING(&(a.session_id), &p);
221 i2d_ASN1_OCTET_STRING(&(a.master_key), &p);
222 if (in->time != 0L) {
223 ASN1_put_object(&p, 1, v1, 1, V_ASN1_CONTEXT_SPECIFIC);
224 i2d_ASN1_INTEGER(&(a.time), &p);
225 }
226 if (in->timeout != 0L) {
227 ASN1_put_object(&p, 1, v2, 2, V_ASN1_CONTEXT_SPECIFIC);
228 i2d_ASN1_INTEGER(&(a.timeout), &p);
229 }
230 if (in->peer != NULL) {
231 ASN1_put_object(&p, 1, v3, 3, V_ASN1_CONTEXT_SPECIFIC);
232 i2d_X509(in->peer, &p);
233 }
234 ASN1_put_object(&p, 1, v4, 4, V_ASN1_CONTEXT_SPECIFIC);
235 i2d_ASN1_OCTET_STRING(&(a.session_id_context), &p);
236 if (in->verify_result != X509_V_OK) {
237 ASN1_put_object(&p, 1, v5, 5, V_ASN1_CONTEXT_SPECIFIC);
238 i2d_ASN1_INTEGER(&(a.verify_result), &p);
239 }
240 if (in->tlsext_hostname) {
241 ASN1_put_object(&p, 1, v6, 6, V_ASN1_CONTEXT_SPECIFIC);
242 i2d_ASN1_OCTET_STRING(&(a.tlsext_hostname), &p);
243 }
244 /* 7 - PSK identity hint. */
245 /* 8 - PSK identity. */
246 if (in->tlsext_tick_lifetime_hint > 0) {
247 ASN1_put_object(&p, 1, v9, 9, V_ASN1_CONTEXT_SPECIFIC);
248 i2d_ASN1_INTEGER(&(a.tlsext_tick_lifetime), &p);
249 }
250 if (in->tlsext_tick) {
251 ASN1_put_object(&p, 1, v10, 10, V_ASN1_CONTEXT_SPECIFIC);
252 i2d_ASN1_OCTET_STRING(&(a.tlsext_tick), &p);
253 }
254 /* 11 - Compression method. */
255 /* 12 - SRP username. */
256
257 *pp = p;
258 return (ret);
259}
260
261SSL_SESSION *
262d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length)
263{
264 SSL_SESSION *ret = NULL;
265 ASN1_const_CTX c;
266 ASN1_INTEGER ai, *aip;
267 ASN1_OCTET_STRING os, *osp;
268 int ssl_version = 0, i;
269 int Tinf, Ttag, Tclass;
270 long Tlen;
271 long id;
272
273 c.pp = pp;
274 c.p = *pp;
275 c.q = *pp;
276 c.max = (length == 0) ? 0 : (c.p + length);
277 c.slen = length;
278
279 if (a == NULL || *a == NULL) {
280 if ((ret = SSL_SESSION_new()) == NULL) {
281 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
282 goto err;
283 }
284 } else
285 ret = *a;
286
287 aip = &ai;
288 osp = &os;
289
290 if (!asn1_GetSequence(&c, &length)) {
291 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
292 goto err;
293 }
294
295 ai.data = NULL;
296 ai.length = 0;
297 c.q = c.p;
298 if (d2i_ASN1_INTEGER(&aip, &c.p, c.slen) == NULL) {
299 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
300 goto err;
301 }
302 c.slen -= (c.p - c.q);
303
304 if (ai.data != NULL) {
305 free(ai.data);
306 ai.data = NULL;
307 ai.length = 0;
308 }
309
310 /* we don't care about the version right now :-) */
311 c.q = c.p;
312 if (d2i_ASN1_INTEGER(&aip, &c.p, c.slen) == NULL) {
313 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
314 goto err;
315 }
316 c.slen -= (c.p - c.q);
317 ssl_version = (int)ASN1_INTEGER_get(aip);
318 ret->ssl_version = ssl_version;
319 if (ai.data != NULL) {
320 free(ai.data);
321 ai.data = NULL;
322 ai.length = 0;
323 }
324
325 os.data = NULL;
326 os.length = 0;
327 c.q = c.p;
328 if (d2i_ASN1_OCTET_STRING(&osp, &c.p, c.slen) == NULL) {
329 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
330 goto err;
331 }
332 c.slen -= (c.p - c.q);
333 if ((ssl_version >> 8) >= SSL3_VERSION_MAJOR) {
334 if (os.length != 2) {
335 SSLerr(SSL_F_D2I_SSL_SESSION,
336 SSL_R_CIPHER_CODE_WRONG_LENGTH);
337 goto err;
338 }
339 id = 0x03000000L | ((unsigned long)os.data[0]<<8L) |
340 (unsigned long)os.data[1];
341 } else {
342 SSLerr(SSL_F_D2I_SSL_SESSION, SSL_R_UNKNOWN_SSL_VERSION);
343 goto err;
344 }
345
346 ret->cipher = NULL;
347 ret->cipher_id = id;
348
349 c.q = c.p;
350 if (d2i_ASN1_OCTET_STRING(&osp, &c.p, c.slen) == NULL) {
351 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
352 goto err;
353 }
354 c.slen -= (c.p - c.q);
355
356 i = SSL3_MAX_SSL_SESSION_ID_LENGTH;
357 if (os.length > i)
358 os.length = i;
359 if (os.length > (int)sizeof(ret->session_id)) /* can't happen */
360 os.length = sizeof(ret->session_id);
361
362 ret->session_id_length = os.length;
363 OPENSSL_assert(os.length <= (int)sizeof(ret->session_id));
364 memcpy(ret->session_id, os.data, os.length);
365
366 c.q = c.p;
367 if (d2i_ASN1_OCTET_STRING(&osp, &c.p, c.slen) == NULL) {
368 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
369 goto err;
370 }
371 c.slen -= (c.p - c.q);
372 if (os.length > SSL_MAX_MASTER_KEY_LENGTH)
373 ret->master_key_length = SSL_MAX_MASTER_KEY_LENGTH;
374 else
375 ret->master_key_length = os.length;
376 memcpy(ret->master_key, os.data, ret->master_key_length);
377
378 os.length = 0;
379
380 /* 1 - Time (INTEGER). */
381 /* XXX 2038 */
382 ai.length = 0;
383 if (c.slen != 0L &&
384 *c.p == (V_ASN1_CONSTRUCTED | V_ASN1_CONTEXT_SPECIFIC | 1)) {
385 c.q = c.p;
386 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen);
387 if (Tinf & 0x80) {
388 SSLerr(SSL_F_D2I_SSL_SESSION,
389 ERR_R_BAD_ASN1_OBJECT_HEADER);
390 goto err;
391 }
392 if (Tinf == (V_ASN1_CONSTRUCTED + 1))
393 Tlen = c.slen - (c.p - c.q) - 2;
394 if (d2i_ASN1_INTEGER(&aip, &c.p, Tlen) == NULL) {
395 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
396 goto err;
397 }
398 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) {
399 Tlen = c.slen - (c.p - c.q);
400 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) {
401 SSLerr(SSL_F_D2I_SSL_SESSION,
402 ERR_R_MISSING_ASN1_EOS);
403 goto err;
404 }
405 }
406 c.slen -= (c.p - c.q);
407 }
408 if (ai.data != NULL) {
409 ret->time = ASN1_INTEGER_get(aip);
410 free(ai.data);
411 ai.data = NULL;
412 ai.length = 0;
413 } else
414 ret->time = time(NULL);
415
416 /* 2 - Timeout (INTEGER). */
417 ai.length = 0;
418 if (c.slen != 0L &&
419 *c.p == (V_ASN1_CONSTRUCTED | V_ASN1_CONTEXT_SPECIFIC | 2)) {
420 c.q = c.p;
421 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen);
422 if (Tinf & 0x80) {
423 SSLerr(SSL_F_D2I_SSL_SESSION,
424 ERR_R_BAD_ASN1_OBJECT_HEADER);
425 goto err;
426 }
427 if (Tinf == (V_ASN1_CONSTRUCTED + 1))
428 Tlen = c.slen - (c.p - c.q) - 2;
429 if (d2i_ASN1_INTEGER(&aip, &c.p, Tlen) == NULL) {
430 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
431 goto err;
432 }
433 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) {
434 Tlen = c.slen - (c.p - c.q);
435 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) {
436 SSLerr(SSL_F_D2I_SSL_SESSION,
437 ERR_R_MISSING_ASN1_EOS);
438 goto err;
439 }
440 }
441 c.slen -= (c.p - c.q);
442 }
443 if (ai.data != NULL) {
444 ret->timeout = ASN1_INTEGER_get(aip);
445 free(ai.data);
446 ai.data = NULL;
447 ai.length = 0;
448 } else
449 ret->timeout = 3;
450
451 /* 3 - Peer (X509). */
452 if (ret->peer != NULL) {
453 X509_free(ret->peer);
454 ret->peer = NULL;
455 }
456 if (c.slen != 0L &&
457 *c.p == (V_ASN1_CONSTRUCTED | V_ASN1_CONTEXT_SPECIFIC | 3)) {
458 c.q = c.p;
459 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen);
460 if (Tinf & 0x80) {
461 SSLerr(SSL_F_D2I_SSL_SESSION,
462 ERR_R_BAD_ASN1_OBJECT_HEADER);
463 goto err;
464 }
465 if (Tinf == (V_ASN1_CONSTRUCTED + 1))
466 Tlen = c.slen - (c.p - c.q) - 2;
467 if (d2i_X509(&ret->peer, &c.p, Tlen) == NULL) {
468 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
469 goto err;
470 }
471 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) {
472 Tlen = c.slen - (c.p - c.q);
473 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) {
474 SSLerr(SSL_F_D2I_SSL_SESSION,
475 ERR_R_MISSING_ASN1_EOS);
476 goto err;
477 }
478 }
479 c.slen -= (c.p - c.q);
480 }
481
482 /* 4 - Session ID (OCTET STRING). */
483 os.length = 0;
484 free(os.data);
485 os.data = NULL;
486 if (c.slen != 0L &&
487 *c.p == (V_ASN1_CONSTRUCTED | V_ASN1_CONTEXT_SPECIFIC | 4)) {
488 c.q = c.p;
489 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen);
490 if (Tinf & 0x80) {
491 SSLerr(SSL_F_D2I_SSL_SESSION,
492 ERR_R_BAD_ASN1_OBJECT_HEADER);
493 goto err;
494 }
495 if (Tinf == (V_ASN1_CONSTRUCTED + 1))
496 Tlen = c.slen - (c.p - c.q) - 2;
497 if (d2i_ASN1_OCTET_STRING(&osp, &c.p, Tlen) == NULL) {
498 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
499 goto err;
500 }
501 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) {
502 Tlen = c.slen - (c.p - c.q);
503 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) {
504 SSLerr(SSL_F_D2I_SSL_SESSION,
505 ERR_R_MISSING_ASN1_EOS);
506 goto err;
507 }
508 }
509 c.slen -= (c.p - c.q);
510 }
511 if (os.data != NULL) {
512 if (os.length > SSL_MAX_SID_CTX_LENGTH) {
513 SSLerr(SSL_F_D2I_SSL_SESSION, SSL_R_BAD_LENGTH);
514 goto err;
515 } else {
516 ret->sid_ctx_length = os.length;
517 memcpy(ret->sid_ctx, os.data, os.length);
518 }
519 free(os.data);
520 os.data = NULL;
521 os.length = 0;
522 } else
523 ret->sid_ctx_length = 0;
524
525 /* 5 - Verify_result. */
526 ai.length = 0;
527 if (c.slen != 0L &&
528 *c.p == (V_ASN1_CONSTRUCTED | V_ASN1_CONTEXT_SPECIFIC | 5)) {
529 c.q = c.p;
530 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen);
531 if (Tinf & 0x80) {
532 SSLerr(SSL_F_D2I_SSL_SESSION,
533 ERR_R_BAD_ASN1_OBJECT_HEADER);
534 goto err;
535 }
536 if (Tinf == (V_ASN1_CONSTRUCTED + 1))
537 Tlen = c.slen - (c.p - c.q) - 2;
538 if (d2i_ASN1_INTEGER(&aip, &c.p, Tlen) == NULL) {
539 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
540 goto err;
541 }
542 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) {
543 Tlen = c.slen - (c.p - c.q);
544 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) {
545 SSLerr(SSL_F_D2I_SSL_SESSION,
546 ERR_R_MISSING_ASN1_EOS);
547 goto err;
548 }
549 }
550 c.slen -= (c.p - c.q);
551 }
552 if (ai.data != NULL) {
553 ret->verify_result = ASN1_INTEGER_get(aip);
554 free(ai.data);
555 ai.data = NULL;
556 ai.length = 0;
557 } else
558 ret->verify_result = X509_V_OK;
559
560 /* 6 - HostName (OCTET STRING). */
561 os.length = 0;
562 os.data = NULL;
563 if (c.slen != 0L &&
564 *c.p == (V_ASN1_CONSTRUCTED | V_ASN1_CONTEXT_SPECIFIC | 6)) {
565 c.q = c.p;
566 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen);
567 if (Tinf & 0x80) {
568 SSLerr(SSL_F_D2I_SSL_SESSION,
569 ERR_R_BAD_ASN1_OBJECT_HEADER);
570 goto err;
571 }
572 if (Tinf == (V_ASN1_CONSTRUCTED + 1))
573 Tlen = c.slen - (c.p - c.q) - 2;
574 if (d2i_ASN1_OCTET_STRING(&osp, &c.p, Tlen) == NULL) {
575 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
576 goto err;
577 }
578 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) {
579 Tlen = c.slen - (c.p - c.q);
580 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) {
581 SSLerr(SSL_F_D2I_SSL_SESSION,
582 ERR_R_MISSING_ASN1_EOS);
583 goto err;
584 }
585 }
586 c.slen -= (c.p - c.q);
587 }
588 if (os.data) {
589 ret->tlsext_hostname = strndup((char *)os.data, os.length);
590 free(os.data);
591 os.data = NULL;
592 os.length = 0;
593 } else
594 ret->tlsext_hostname = NULL;
595
596 /* 7 - PSK identity hint (OCTET STRING). */
597 /* 8 - PSK identity (OCTET STRING). */
598
599 /* 9 - Ticket lifetime. */
600 ai.length = 0;
601 if (c.slen != 0L &&
602 *c.p == (V_ASN1_CONSTRUCTED | V_ASN1_CONTEXT_SPECIFIC | 9)) {
603 c.q = c.p;
604 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen);
605 if (Tinf & 0x80) {
606 SSLerr(SSL_F_D2I_SSL_SESSION,
607 ERR_R_BAD_ASN1_OBJECT_HEADER);
608 goto err;
609 }
610 if (Tinf == (V_ASN1_CONSTRUCTED + 1))
611 Tlen = c.slen - (c.p - c.q) - 2;
612 if (d2i_ASN1_INTEGER(&aip, &c.p, Tlen) == NULL) {
613 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
614 goto err;
615 }
616 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) {
617 Tlen = c.slen - (c.p - c.q);
618 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) {
619 SSLerr(SSL_F_D2I_SSL_SESSION,
620 ERR_R_MISSING_ASN1_EOS);
621 goto err;
622 }
623 }
624 c.slen -= (c.p - c.q);
625 }
626 if (ai.data != NULL) {
627 ret->tlsext_tick_lifetime_hint = ASN1_INTEGER_get(aip);
628 free(ai.data);
629 ai.data = NULL;
630 ai.length = 0;
631 } else if (ret->tlsext_ticklen && ret->session_id_length)
632 ret->tlsext_tick_lifetime_hint = -1;
633 else
634 ret->tlsext_tick_lifetime_hint = 0;
635 os.length = 0;
636 os.data = NULL;
637
638 /* 10 - Ticket (OCTET STRING). */
639 if (c.slen != 0L &&
640 *c.p == (V_ASN1_CONSTRUCTED | V_ASN1_CONTEXT_SPECIFIC | 10)) {
641 c.q = c.p;
642 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen);
643 if (Tinf & 0x80) {
644 SSLerr(SSL_F_D2I_SSL_SESSION,
645 ERR_R_BAD_ASN1_OBJECT_HEADER);
646 goto err;
647 }
648 if (Tinf == (V_ASN1_CONSTRUCTED + 1))
649 Tlen = c.slen - (c.p - c.q) - 2;
650 if (d2i_ASN1_OCTET_STRING(&osp, &c.p, Tlen) == NULL) {
651 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
652 goto err;
653 }
654 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) {
655 Tlen = c.slen - (c.p - c.q);
656 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) {
657 SSLerr(SSL_F_D2I_SSL_SESSION,
658 ERR_R_MISSING_ASN1_EOS);
659 goto err;
660 }
661 }
662 c.slen -= (c.p - c.q);
663 }
664 if (os.data) {
665 ret->tlsext_tick = os.data;
666 ret->tlsext_ticklen = os.length;
667 os.data = NULL;
668 os.length = 0;
669 } else
670 ret->tlsext_tick = NULL;
671
672 /* 11 - Compression method (OCTET STRING). */
673 /* 12 - SRP username (OCTET STRING). */
674
675 if (!asn1_const_Finish(&c)) {
676 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
677 goto err;
678 }
679
680 *pp = c.p;
681 if (a != NULL)
682 *a = ret;
683
684 return (ret);
685
686err:
687 ERR_asprintf_error_data("offset=%d", (int)(c.q - *pp));
688 if (ret != NULL && (a == NULL || *a != ret))
689 SSL_SESSION_free(ret);
690
691 return (NULL);
692}
diff --git a/src/lib/libssl/ssl_cert.c b/src/lib/libssl/ssl_cert.c
deleted file mode 100644
index 90c351298b..0000000000
--- a/src/lib/libssl/ssl_cert.c
+++ /dev/null
@@ -1,737 +0,0 @@
1/* $OpenBSD: ssl_cert.c,v 1.49 2014/12/14 15:30:50 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111/* ====================================================================
112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113 * ECC cipher suite support in OpenSSL originally developed by
114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
115 */
116
117#include <sys/types.h>
118
119#include <dirent.h>
120#include <stdio.h>
121#include <unistd.h>
122
123#include <openssl/bio.h>
124#include <openssl/bn.h>
125#include <openssl/dh.h>
126#include <openssl/objects.h>
127#include <openssl/opensslconf.h>
128#include <openssl/pem.h>
129#include <openssl/x509v3.h>
130
131#include "ssl_locl.h"
132
133int
134SSL_get_ex_data_X509_STORE_CTX_idx(void)
135{
136 static volatile int ssl_x509_store_ctx_idx = -1;
137 int got_write_lock = 0;
138
139 CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
140
141 if (ssl_x509_store_ctx_idx < 0) {
142 CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
143 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
144 got_write_lock = 1;
145
146 if (ssl_x509_store_ctx_idx < 0) {
147 ssl_x509_store_ctx_idx =
148 X509_STORE_CTX_get_ex_new_index(
149 0, "SSL for verify callback", NULL, NULL, NULL);
150 }
151 }
152
153 if (got_write_lock)
154 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
155 else
156 CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
157
158 return ssl_x509_store_ctx_idx;
159}
160
161static void
162ssl_cert_set_default_md(CERT *cert)
163{
164 /* Set digest values to defaults */
165 cert->pkeys[SSL_PKEY_DSA_SIGN].digest = EVP_sha1();
166 cert->pkeys[SSL_PKEY_RSA_SIGN].digest = EVP_sha1();
167 cert->pkeys[SSL_PKEY_RSA_ENC].digest = EVP_sha1();
168 cert->pkeys[SSL_PKEY_ECC].digest = EVP_sha1();
169#ifndef OPENSSL_NO_GOST
170 cert->pkeys[SSL_PKEY_GOST01].digest = EVP_gostr341194();
171#endif
172}
173
174CERT *
175ssl_cert_new(void)
176{
177 CERT *ret;
178
179 ret = calloc(1, sizeof(CERT));
180 if (ret == NULL) {
181 SSLerr(SSL_F_SSL_CERT_NEW, ERR_R_MALLOC_FAILURE);
182 return (NULL);
183 }
184 ret->key = &(ret->pkeys[SSL_PKEY_RSA_ENC]);
185 ret->references = 1;
186 ssl_cert_set_default_md(ret);
187 return (ret);
188}
189
190CERT *
191ssl_cert_dup(CERT *cert)
192{
193 CERT *ret;
194 int i;
195
196 ret = calloc(1, sizeof(CERT));
197 if (ret == NULL) {
198 SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_MALLOC_FAILURE);
199 return (NULL);
200 }
201
202 /*
203 * same as ret->key = ret->pkeys + (cert->key - cert->pkeys),
204 * if you find that more readable
205 */
206 ret->key = &ret->pkeys[cert->key - &cert->pkeys[0]];
207
208 ret->valid = cert->valid;
209 ret->mask_k = cert->mask_k;
210 ret->mask_a = cert->mask_a;
211
212 if (cert->dh_tmp != NULL) {
213 ret->dh_tmp = DHparams_dup(cert->dh_tmp);
214 if (ret->dh_tmp == NULL) {
215 SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_DH_LIB);
216 goto err;
217 }
218 if (cert->dh_tmp->priv_key) {
219 BIGNUM *b = BN_dup(cert->dh_tmp->priv_key);
220 if (!b) {
221 SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_BN_LIB);
222 goto err;
223 }
224 ret->dh_tmp->priv_key = b;
225 }
226 if (cert->dh_tmp->pub_key) {
227 BIGNUM *b = BN_dup(cert->dh_tmp->pub_key);
228 if (!b) {
229 SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_BN_LIB);
230 goto err;
231 }
232 ret->dh_tmp->pub_key = b;
233 }
234 }
235 ret->dh_tmp_cb = cert->dh_tmp_cb;
236 ret->dh_tmp_auto = cert->dh_tmp_auto;
237
238 if (cert->ecdh_tmp) {
239 ret->ecdh_tmp = EC_KEY_dup(cert->ecdh_tmp);
240 if (ret->ecdh_tmp == NULL) {
241 SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_EC_LIB);
242 goto err;
243 }
244 }
245 ret->ecdh_tmp_cb = cert->ecdh_tmp_cb;
246 ret->ecdh_tmp_auto = cert->ecdh_tmp_auto;
247
248 for (i = 0; i < SSL_PKEY_NUM; i++) {
249 if (cert->pkeys[i].x509 != NULL) {
250 ret->pkeys[i].x509 = cert->pkeys[i].x509;
251 CRYPTO_add(&ret->pkeys[i].x509->references, 1,
252 CRYPTO_LOCK_X509);
253 }
254
255 if (cert->pkeys[i].privatekey != NULL) {
256 ret->pkeys[i].privatekey = cert->pkeys[i].privatekey;
257 CRYPTO_add(&ret->pkeys[i].privatekey->references, 1,
258 CRYPTO_LOCK_EVP_PKEY);
259
260 switch (i) {
261 /*
262 * If there was anything special to do for
263 * certain types of keys, we'd do it here.
264 * (Nothing at the moment, I think.)
265 */
266
267 case SSL_PKEY_RSA_ENC:
268 case SSL_PKEY_RSA_SIGN:
269 /* We have an RSA key. */
270 break;
271
272 case SSL_PKEY_DSA_SIGN:
273 /* We have a DSA key. */
274 break;
275
276 case SSL_PKEY_DH_RSA:
277 case SSL_PKEY_DH_DSA:
278 /* We have a DH key. */
279 break;
280
281 case SSL_PKEY_ECC:
282 /* We have an ECC key */
283 break;
284
285 default:
286 /* Can't happen. */
287 SSLerr(SSL_F_SSL_CERT_DUP, SSL_R_LIBRARY_BUG);
288 }
289 }
290 }
291
292 /*
293 * ret->extra_certs *should* exist, but currently the own certificate
294 * chain is held inside SSL_CTX
295 */
296
297 ret->references = 1;
298 /*
299 * Set digests to defaults. NB: we don't copy existing values
300 * as they will be set during handshake.
301 */
302 ssl_cert_set_default_md(ret);
303
304 return (ret);
305
306err:
307 DH_free(ret->dh_tmp);
308 EC_KEY_free(ret->ecdh_tmp);
309
310 for (i = 0; i < SSL_PKEY_NUM; i++) {
311 if (ret->pkeys[i].x509 != NULL)
312 X509_free(ret->pkeys[i].x509);
313 EVP_PKEY_free(ret->pkeys[i].privatekey);
314 }
315 free (ret);
316 return NULL;
317}
318
319
320void
321ssl_cert_free(CERT *c)
322{
323 int i;
324
325 if (c == NULL)
326 return;
327
328 i = CRYPTO_add(&c->references, -1, CRYPTO_LOCK_SSL_CERT);
329 if (i > 0)
330 return;
331
332 DH_free(c->dh_tmp);
333 EC_KEY_free(c->ecdh_tmp);
334
335 for (i = 0; i < SSL_PKEY_NUM; i++) {
336 if (c->pkeys[i].x509 != NULL)
337 X509_free(c->pkeys[i].x509);
338 EVP_PKEY_free(c->pkeys[i].privatekey);
339 }
340
341 free(c);
342}
343
344int
345ssl_cert_inst(CERT **o)
346{
347 /*
348 * Create a CERT if there isn't already one
349 * (which cannot really happen, as it is initially created in
350 * SSL_CTX_new; but the earlier code usually allows for that one
351 * being non-existant, so we follow that behaviour, as it might
352 * turn out that there actually is a reason for it -- but I'm
353 * not sure that *all* of the existing code could cope with
354 * s->cert being NULL, otherwise we could do without the
355 * initialization in SSL_CTX_new).
356 */
357
358 if (o == NULL) {
359 SSLerr(SSL_F_SSL_CERT_INST, ERR_R_PASSED_NULL_PARAMETER);
360 return (0);
361 }
362 if (*o == NULL) {
363 if ((*o = ssl_cert_new()) == NULL) {
364 SSLerr(SSL_F_SSL_CERT_INST, ERR_R_MALLOC_FAILURE);
365 return (0);
366 }
367 }
368 return (1);
369}
370
371
372SESS_CERT *
373ssl_sess_cert_new(void)
374{
375 SESS_CERT *ret;
376
377 ret = calloc(1, sizeof *ret);
378 if (ret == NULL) {
379 SSLerr(SSL_F_SSL_SESS_CERT_NEW, ERR_R_MALLOC_FAILURE);
380 return NULL;
381 }
382 ret->peer_key = &(ret->peer_pkeys[SSL_PKEY_RSA_ENC]);
383 ret->references = 1;
384
385 return ret;
386}
387
388void
389ssl_sess_cert_free(SESS_CERT *sc)
390{
391 int i;
392
393 if (sc == NULL)
394 return;
395
396 i = CRYPTO_add(&sc->references, -1, CRYPTO_LOCK_SSL_SESS_CERT);
397 if (i > 0)
398 return;
399
400 /* i == 0 */
401 if (sc->cert_chain != NULL)
402 sk_X509_pop_free(sc->cert_chain, X509_free);
403 for (i = 0; i < SSL_PKEY_NUM; i++) {
404 if (sc->peer_pkeys[i].x509 != NULL)
405 X509_free(sc->peer_pkeys[i].x509);
406 }
407
408 DH_free(sc->peer_dh_tmp);
409 EC_KEY_free(sc->peer_ecdh_tmp);
410
411 free(sc);
412}
413
414int
415ssl_set_peer_cert_type(SESS_CERT *sc, int type)
416{
417 sc->peer_cert_type = type;
418 return (1);
419}
420
421int
422ssl_verify_cert_chain(SSL *s, STACK_OF(X509) *sk)
423{
424 X509_STORE_CTX ctx;
425 X509 *x;
426 int ret;
427
428 if ((sk == NULL) || (sk_X509_num(sk) == 0))
429 return (0);
430
431 x = sk_X509_value(sk, 0);
432 if (!X509_STORE_CTX_init(&ctx, s->ctx->cert_store, x, sk)) {
433 SSLerr(SSL_F_SSL_VERIFY_CERT_CHAIN, ERR_R_X509_LIB);
434 return (0);
435 }
436 X509_STORE_CTX_set_ex_data(&ctx,
437 SSL_get_ex_data_X509_STORE_CTX_idx(), s);
438
439 /*
440 * We need to inherit the verify parameters. These can be
441 * determined by the context: if its a server it will verify
442 * SSL client certificates or vice versa.
443 */
444 X509_STORE_CTX_set_default(&ctx,
445 s->server ? "ssl_client" : "ssl_server");
446
447 /*
448 * Anything non-default in "param" should overwrite anything
449 * in the ctx.
450 */
451 X509_VERIFY_PARAM_set1(X509_STORE_CTX_get0_param(&ctx), s->param);
452
453 if (s->verify_callback)
454 X509_STORE_CTX_set_verify_cb(&ctx, s->verify_callback);
455
456 if (s->ctx->app_verify_callback != NULL)
457 ret = s->ctx->app_verify_callback(&ctx, s->ctx->app_verify_arg);
458 else
459 ret = X509_verify_cert(&ctx);
460
461 s->verify_result = ctx.error;
462 X509_STORE_CTX_cleanup(&ctx);
463
464 return (ret);
465}
466
467static void
468set_client_CA_list(STACK_OF(X509_NAME) **ca_list,
469 STACK_OF(X509_NAME) *name_list)
470{
471 if (*ca_list != NULL)
472 sk_X509_NAME_pop_free(*ca_list, X509_NAME_free);
473
474 *ca_list = name_list;
475}
476
477STACK_OF(X509_NAME) *
478SSL_dup_CA_list(STACK_OF(X509_NAME) *sk)
479{
480 int i;
481 STACK_OF(X509_NAME) *ret;
482 X509_NAME *name;
483
484 ret = sk_X509_NAME_new_null();
485 for (i = 0; i < sk_X509_NAME_num(sk); i++) {
486 name = X509_NAME_dup(sk_X509_NAME_value(sk, i));
487 if ((name == NULL) || !sk_X509_NAME_push(ret, name)) {
488 sk_X509_NAME_pop_free(ret, X509_NAME_free);
489 return (NULL);
490 }
491 }
492 return (ret);
493}
494
495void
496SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *name_list)
497{
498 set_client_CA_list(&(s->client_CA), name_list);
499}
500
501void
502SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *name_list)
503{
504 set_client_CA_list(&(ctx->client_CA), name_list);
505}
506
507STACK_OF(X509_NAME) *
508SSL_CTX_get_client_CA_list(const SSL_CTX *ctx)
509{
510 return (ctx->client_CA);
511}
512
513STACK_OF(X509_NAME) *
514SSL_get_client_CA_list(const SSL *s)
515{
516 if (s->type == SSL_ST_CONNECT) {
517 /* We are in the client. */
518 if (((s->version >> 8) == SSL3_VERSION_MAJOR) &&
519 (s->s3 != NULL))
520 return (s->s3->tmp.ca_names);
521 else
522 return (NULL);
523 } else {
524 if (s->client_CA != NULL)
525 return (s->client_CA);
526 else
527 return (s->ctx->client_CA);
528 }
529}
530
531static int
532add_client_CA(STACK_OF(X509_NAME) **sk, X509 *x)
533{
534 X509_NAME *name;
535
536 if (x == NULL)
537 return (0);
538 if ((*sk == NULL) && ((*sk = sk_X509_NAME_new_null()) == NULL))
539 return (0);
540
541 if ((name = X509_NAME_dup(X509_get_subject_name(x))) == NULL)
542 return (0);
543
544 if (!sk_X509_NAME_push(*sk, name)) {
545 X509_NAME_free(name);
546 return (0);
547 }
548 return (1);
549}
550
551int
552SSL_add_client_CA(SSL *ssl, X509 *x)
553{
554 return (add_client_CA(&(ssl->client_CA), x));
555}
556
557int
558SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x)
559{
560 return (add_client_CA(&(ctx->client_CA), x));
561}
562
563static int
564xname_cmp(const X509_NAME * const *a, const X509_NAME * const *b)
565{
566 return (X509_NAME_cmp(*a, *b));
567}
568
569/*!
570 * Load CA certs from a file into a ::STACK. Note that it is somewhat misnamed;
571 * it doesn't really have anything to do with clients (except that a common use
572 * for a stack of CAs is to send it to the client). Actually, it doesn't have
573 * much to do with CAs, either, since it will load any old cert.
574 * \param file the file containing one or more certs.
575 * \return a ::STACK containing the certs.
576 */
577STACK_OF(X509_NAME) *
578SSL_load_client_CA_file(const char *file)
579{
580 BIO *in;
581 X509 *x = NULL;
582 X509_NAME *xn = NULL;
583 STACK_OF(X509_NAME) *ret = NULL, *sk;
584
585 sk = sk_X509_NAME_new(xname_cmp);
586
587 in = BIO_new(BIO_s_file_internal());
588
589 if ((sk == NULL) || (in == NULL)) {
590 SSLerr(SSL_F_SSL_LOAD_CLIENT_CA_FILE, ERR_R_MALLOC_FAILURE);
591 goto err;
592 }
593
594 if (!BIO_read_filename(in, file))
595 goto err;
596
597 for (;;) {
598 if (PEM_read_bio_X509(in, &x, NULL, NULL) == NULL)
599 break;
600 if (ret == NULL) {
601 ret = sk_X509_NAME_new_null();
602 if (ret == NULL) {
603 SSLerr(SSL_F_SSL_LOAD_CLIENT_CA_FILE,
604 ERR_R_MALLOC_FAILURE);
605 goto err;
606 }
607 }
608 if ((xn = X509_get_subject_name(x)) == NULL) goto err;
609 /* check for duplicates */
610 xn = X509_NAME_dup(xn);
611 if (xn == NULL)
612 goto err;
613 if (sk_X509_NAME_find(sk, xn) >= 0)
614 X509_NAME_free(xn);
615 else {
616 sk_X509_NAME_push(sk, xn);
617 sk_X509_NAME_push(ret, xn);
618 }
619 }
620
621 if (0) {
622err:
623 if (ret != NULL)
624 sk_X509_NAME_pop_free(ret, X509_NAME_free);
625 ret = NULL;
626 }
627 if (sk != NULL)
628 sk_X509_NAME_free(sk);
629 BIO_free(in);
630 if (x != NULL)
631 X509_free(x);
632 if (ret != NULL)
633 ERR_clear_error();
634 return (ret);
635}
636
637/*!
638 * Add a file of certs to a stack.
639 * \param stack the stack to add to.
640 * \param file the file to add from. All certs in this file that are not
641 * already in the stack will be added.
642 * \return 1 for success, 0 for failure. Note that in the case of failure some
643 * certs may have been added to \c stack.
644 */
645
646int
647SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
648 const char *file)
649{
650 BIO *in;
651 X509 *x = NULL;
652 X509_NAME *xn = NULL;
653 int ret = 1;
654 int (*oldcmp)(const X509_NAME * const *a, const X509_NAME * const *b);
655
656 oldcmp = sk_X509_NAME_set_cmp_func(stack, xname_cmp);
657
658 in = BIO_new(BIO_s_file_internal());
659
660 if (in == NULL) {
661 SSLerr(SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK,
662 ERR_R_MALLOC_FAILURE);
663 goto err;
664 }
665
666 if (!BIO_read_filename(in, file))
667 goto err;
668
669 for (;;) {
670 if (PEM_read_bio_X509(in, &x, NULL, NULL) == NULL)
671 break;
672 if ((xn = X509_get_subject_name(x)) == NULL) goto err;
673 xn = X509_NAME_dup(xn);
674 if (xn == NULL)
675 goto err;
676 if (sk_X509_NAME_find(stack, xn) >= 0)
677 X509_NAME_free(xn);
678 else
679 sk_X509_NAME_push(stack, xn);
680 }
681
682 ERR_clear_error();
683
684 if (0) {
685err:
686 ret = 0;
687 }
688 BIO_free(in);
689 if (x != NULL)
690 X509_free(x);
691
692 (void)sk_X509_NAME_set_cmp_func(stack, oldcmp);
693
694 return ret;
695}
696
697/*!
698 * Add a directory of certs to a stack.
699 * \param stack the stack to append to.
700 * \param dir the directory to append from. All files in this directory will be
701 * examined as potential certs. Any that are acceptable to
702 * SSL_add_dir_cert_subjects_to_stack() that are not already in the stack will
703 * be included.
704 * \return 1 for success, 0 for failure. Note that in the case of failure some
705 * certs may have been added to \c stack.
706 */
707
708int
709SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, const char *dir)
710{
711 DIR *dirp = NULL;
712 char *path = NULL;
713 int ret = 0;
714
715 CRYPTO_w_lock(CRYPTO_LOCK_READDIR);
716 dirp = opendir(dir);
717 if (dirp) {
718 struct dirent *dp;
719 while ((dp = readdir(dirp)) != NULL) {
720 if (asprintf(&path, "%s/%s", dir, dp->d_name) != -1) {
721 ret = SSL_add_file_cert_subjects_to_stack(
722 stack, path);
723 free(path);
724 }
725 if (!ret)
726 break;
727 }
728 (void) closedir(dirp);
729 }
730 if (!ret) {
731 SYSerr(SYS_F_OPENDIR, errno);
732 ERR_asprintf_error_data("opendir ('%s')", dir);
733 SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK, ERR_R_SYS_LIB);
734 }
735 CRYPTO_w_unlock(CRYPTO_LOCK_READDIR);
736 return ret;
737}
diff --git a/src/lib/libssl/ssl_ciph.c b/src/lib/libssl/ssl_ciph.c
deleted file mode 100644
index 96b4099d19..0000000000
--- a/src/lib/libssl/ssl_ciph.c
+++ /dev/null
@@ -1,1765 +0,0 @@
1/* $OpenBSD: ssl_ciph.c,v 1.81 2015/02/07 04:17:11 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111/* ====================================================================
112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113 * ECC cipher suite support in OpenSSL originally developed by
114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
115 */
116/* ====================================================================
117 * Copyright 2005 Nokia. All rights reserved.
118 *
119 * The portions of the attached software ("Contribution") is developed by
120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
121 * license.
122 *
123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
125 * support (see RFC 4279) to OpenSSL.
126 *
127 * No patent licenses or other rights except those expressly stated in
128 * the OpenSSL open source license shall be deemed granted or received
129 * expressly, by implication, estoppel, or otherwise.
130 *
131 * No assurances are provided by Nokia that the Contribution does not
132 * infringe the patent or other intellectual property rights of any third
133 * party or that the license provides you with all the necessary rights
134 * to make use of the Contribution.
135 *
136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
140 * OTHERWISE.
141 */
142
143#include <stdio.h>
144
145#include <openssl/objects.h>
146
147#ifndef OPENSSL_NO_ENGINE
148#include <openssl/engine.h>
149#endif
150
151#include "ssl_locl.h"
152
153#define SSL_ENC_DES_IDX 0
154#define SSL_ENC_3DES_IDX 1
155#define SSL_ENC_RC4_IDX 2
156#define SSL_ENC_IDEA_IDX 3
157#define SSL_ENC_NULL_IDX 4
158#define SSL_ENC_AES128_IDX 5
159#define SSL_ENC_AES256_IDX 6
160#define SSL_ENC_CAMELLIA128_IDX 7
161#define SSL_ENC_CAMELLIA256_IDX 8
162#define SSL_ENC_GOST89_IDX 9
163#define SSL_ENC_AES128GCM_IDX 10
164#define SSL_ENC_AES256GCM_IDX 11
165#define SSL_ENC_NUM_IDX 12
166
167
168static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX] = {
169 NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
170};
171
172#define SSL_MD_MD5_IDX 0
173#define SSL_MD_SHA1_IDX 1
174#define SSL_MD_GOST94_IDX 2
175#define SSL_MD_GOST89MAC_IDX 3
176#define SSL_MD_SHA256_IDX 4
177#define SSL_MD_SHA384_IDX 5
178#define SSL_MD_STREEBOG256_IDX 6
179#define SSL_MD_STREEBOG512_IDX 7
180/*Constant SSL_MAX_DIGEST equal to size of digests array should be
181 * defined in the
182 * ssl_locl.h */
183#define SSL_MD_NUM_IDX SSL_MAX_DIGEST
184static const EVP_MD *ssl_digest_methods[SSL_MD_NUM_IDX] = {
185 NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
186};
187
188static int ssl_mac_pkey_id[SSL_MD_NUM_IDX] = {
189 EVP_PKEY_HMAC, EVP_PKEY_HMAC, EVP_PKEY_HMAC, EVP_PKEY_GOSTIMIT,
190 EVP_PKEY_HMAC, EVP_PKEY_HMAC, EVP_PKEY_HMAC, EVP_PKEY_HMAC,
191};
192
193static int ssl_mac_secret_size[SSL_MD_NUM_IDX] = {
194 0, 0, 0, 0, 0, 0, 0, 0
195};
196
197static int ssl_handshake_digest_flag[SSL_MD_NUM_IDX] = {
198 SSL_HANDSHAKE_MAC_MD5, SSL_HANDSHAKE_MAC_SHA,
199 SSL_HANDSHAKE_MAC_GOST94, 0, SSL_HANDSHAKE_MAC_SHA256,
200 SSL_HANDSHAKE_MAC_SHA384, SSL_HANDSHAKE_MAC_STREEBOG256,
201 SSL_HANDSHAKE_MAC_STREEBOG512
202};
203
204#define CIPHER_ADD 1
205#define CIPHER_KILL 2
206#define CIPHER_DEL 3
207#define CIPHER_ORD 4
208#define CIPHER_SPECIAL 5
209
210typedef struct cipher_order_st {
211 const SSL_CIPHER *cipher;
212 int active;
213 int dead;
214 struct cipher_order_st *next, *prev;
215} CIPHER_ORDER;
216
217static const SSL_CIPHER cipher_aliases[] = {
218
219 /* "ALL" doesn't include eNULL (must be specifically enabled) */
220 {
221 .name = SSL_TXT_ALL,
222 .algorithm_enc = ~SSL_eNULL,
223 },
224
225 /* "COMPLEMENTOFALL" */
226 {
227 .name = SSL_TXT_CMPALL,
228 .algorithm_enc = SSL_eNULL,
229 },
230
231 /*
232 * "COMPLEMENTOFDEFAULT"
233 * (does *not* include ciphersuites not found in ALL!)
234 */
235 {
236 .name = SSL_TXT_CMPDEF,
237 .algorithm_mkey = SSL_kDHE|SSL_kECDHE,
238 .algorithm_auth = SSL_aNULL,
239 .algorithm_enc = ~SSL_eNULL,
240 },
241
242 /*
243 * key exchange aliases
244 * (some of those using only a single bit here combine multiple key
245 * exchange algs according to the RFCs, e.g. kEDH combines DHE_DSS
246 * and DHE_RSA)
247 */
248 {
249 .name = SSL_TXT_kRSA,
250 .algorithm_mkey = SSL_kRSA,
251 },
252 {
253 .name = SSL_TXT_kEDH,
254 .algorithm_mkey = SSL_kDHE,
255 },
256 {
257 .name = SSL_TXT_DH,
258 .algorithm_mkey = SSL_kDHE,
259 },
260
261 {
262 .name = SSL_TXT_kECDHr,
263 .algorithm_mkey = SSL_kECDHr,
264 },
265 {
266 .name = SSL_TXT_kECDHe,
267 .algorithm_mkey = SSL_kECDHe,
268 },
269 {
270 .name = SSL_TXT_kECDH,
271 .algorithm_mkey = SSL_kECDHr|SSL_kECDHe,
272 },
273 {
274 .name = SSL_TXT_kEECDH,
275 .algorithm_mkey = SSL_kECDHE,
276 },
277 {
278 .name = SSL_TXT_ECDH,
279 .algorithm_mkey = SSL_kECDHr|SSL_kECDHe|SSL_kECDHE,
280 },
281
282 {
283 .name = SSL_TXT_kGOST,
284 .algorithm_mkey = SSL_kGOST,
285 },
286
287 /* server authentication aliases */
288 {
289 .name = SSL_TXT_aRSA,
290 .algorithm_auth = SSL_aRSA,
291 },
292 {
293 .name = SSL_TXT_aDSS,
294 .algorithm_auth = SSL_aDSS,
295 },
296 {
297 .name = SSL_TXT_DSS,
298 .algorithm_auth = SSL_aDSS,
299 },
300 {
301 .name = SSL_TXT_aNULL,
302 .algorithm_auth = SSL_aNULL,
303 },
304 {
305 .name = SSL_TXT_aECDH,
306 .algorithm_auth = SSL_aECDH,
307 },
308 {
309 .name = SSL_TXT_aECDSA,
310 .algorithm_auth = SSL_aECDSA,
311 },
312 {
313 .name = SSL_TXT_ECDSA,
314 .algorithm_auth = SSL_aECDSA,
315 },
316 {
317 .name = SSL_TXT_aGOST01,
318 .algorithm_auth = SSL_aGOST01,
319 },
320 {
321 .name = SSL_TXT_aGOST,
322 .algorithm_auth = SSL_aGOST01,
323 },
324
325 /* aliases combining key exchange and server authentication */
326 {
327 .name = SSL_TXT_DHE,
328 .algorithm_mkey = SSL_kDHE,
329 .algorithm_auth = ~SSL_aNULL,
330 },
331 {
332 .name = SSL_TXT_EDH,
333 .algorithm_mkey = SSL_kDHE,
334 .algorithm_auth = ~SSL_aNULL,
335 },
336 {
337 .name = SSL_TXT_ECDHE,
338 .algorithm_mkey = SSL_kECDHE,
339 .algorithm_auth = ~SSL_aNULL,
340 },
341 {
342 .name = SSL_TXT_EECDH,
343 .algorithm_mkey = SSL_kECDHE,
344 .algorithm_auth = ~SSL_aNULL,
345 },
346 {
347 .name = SSL_TXT_NULL,
348 .algorithm_enc = SSL_eNULL,
349 },
350 {
351 .name = SSL_TXT_RSA,
352 .algorithm_mkey = SSL_kRSA,
353 .algorithm_auth = SSL_aRSA,
354 },
355 {
356 .name = SSL_TXT_ADH,
357 .algorithm_mkey = SSL_kDHE,
358 .algorithm_auth = SSL_aNULL,
359 },
360 {
361 .name = SSL_TXT_AECDH,
362 .algorithm_mkey = SSL_kECDHE,
363 .algorithm_auth = SSL_aNULL,
364 },
365
366 /* symmetric encryption aliases */
367 {
368 .name = SSL_TXT_DES,
369 .algorithm_enc = SSL_DES,
370 },
371 {
372 .name = SSL_TXT_3DES,
373 .algorithm_enc = SSL_3DES,
374 },
375 {
376 .name = SSL_TXT_RC4,
377 .algorithm_enc = SSL_RC4,
378 },
379 {
380 .name = SSL_TXT_IDEA,
381 .algorithm_enc = SSL_IDEA,
382 },
383 {
384 .name = SSL_TXT_eNULL,
385 .algorithm_enc = SSL_eNULL,
386 },
387 {
388 .name = SSL_TXT_AES128,
389 .algorithm_enc = SSL_AES128|SSL_AES128GCM,
390 },
391 {
392 .name = SSL_TXT_AES256,
393 .algorithm_enc = SSL_AES256|SSL_AES256GCM,
394 },
395 {
396 .name = SSL_TXT_AES,
397 .algorithm_enc = SSL_AES,
398 },
399 {
400 .name = SSL_TXT_AES_GCM,
401 .algorithm_enc = SSL_AES128GCM|SSL_AES256GCM,
402 },
403 {
404 .name = SSL_TXT_CAMELLIA128,
405 .algorithm_enc = SSL_CAMELLIA128,
406 },
407 {
408 .name = SSL_TXT_CAMELLIA256,
409 .algorithm_enc = SSL_CAMELLIA256,
410 },
411 {
412 .name = SSL_TXT_CAMELLIA,
413 .algorithm_enc = SSL_CAMELLIA128|SSL_CAMELLIA256,
414 },
415 {
416 .name = SSL_TXT_CHACHA20,
417 .algorithm_enc = SSL_CHACHA20POLY1305,
418 },
419
420 /* MAC aliases */
421 {
422 .name = SSL_TXT_AEAD,
423 .algorithm_mac = SSL_AEAD,
424 },
425 {
426 .name = SSL_TXT_MD5,
427 .algorithm_mac = SSL_MD5,
428 },
429 {
430 .name = SSL_TXT_SHA1,
431 .algorithm_mac = SSL_SHA1,
432 },
433 {
434 .name = SSL_TXT_SHA,
435 .algorithm_mac = SSL_SHA1,
436 },
437 {
438 .name = SSL_TXT_GOST94,
439 .algorithm_mac = SSL_GOST94,
440 },
441 {
442 .name = SSL_TXT_GOST89MAC,
443 .algorithm_mac = SSL_GOST89MAC,
444 },
445 {
446 .name = SSL_TXT_SHA256,
447 .algorithm_mac = SSL_SHA256,
448 },
449 {
450 .name = SSL_TXT_SHA384,
451 .algorithm_mac = SSL_SHA384,
452 },
453 {
454 .name = SSL_TXT_STREEBOG256,
455 .algorithm_mac = SSL_STREEBOG256,
456 },
457 {
458 .name = SSL_TXT_STREEBOG512,
459 .algorithm_mac = SSL_STREEBOG512,
460 },
461
462 /* protocol version aliases */
463 {
464 .name = SSL_TXT_SSLV3,
465 .algorithm_ssl = SSL_SSLV3,
466 },
467 {
468 .name = SSL_TXT_TLSV1,
469 .algorithm_ssl = SSL_TLSV1,
470 },
471 {
472 .name = SSL_TXT_TLSV1_2,
473 .algorithm_ssl = SSL_TLSV1_2,
474 },
475
476 /* strength classes */
477 {
478 .name = SSL_TXT_LOW,
479 .algo_strength = SSL_LOW,
480 },
481 {
482 .name = SSL_TXT_MEDIUM,
483 .algo_strength = SSL_MEDIUM,
484 },
485 {
486 .name = SSL_TXT_HIGH,
487 .algo_strength = SSL_HIGH,
488 },
489};
490
491void
492ssl_load_ciphers(void)
493{
494 ssl_cipher_methods[SSL_ENC_DES_IDX] =
495 EVP_get_cipherbyname(SN_des_cbc);
496 ssl_cipher_methods[SSL_ENC_3DES_IDX] =
497 EVP_get_cipherbyname(SN_des_ede3_cbc);
498 ssl_cipher_methods[SSL_ENC_RC4_IDX] =
499 EVP_get_cipherbyname(SN_rc4);
500#ifndef OPENSSL_NO_IDEA
501 ssl_cipher_methods[SSL_ENC_IDEA_IDX] =
502 EVP_get_cipherbyname(SN_idea_cbc);
503#else
504 ssl_cipher_methods[SSL_ENC_IDEA_IDX] = NULL;
505#endif
506 ssl_cipher_methods[SSL_ENC_AES128_IDX] =
507 EVP_get_cipherbyname(SN_aes_128_cbc);
508 ssl_cipher_methods[SSL_ENC_AES256_IDX] =
509 EVP_get_cipherbyname(SN_aes_256_cbc);
510 ssl_cipher_methods[SSL_ENC_CAMELLIA128_IDX] =
511 EVP_get_cipherbyname(SN_camellia_128_cbc);
512 ssl_cipher_methods[SSL_ENC_CAMELLIA256_IDX] =
513 EVP_get_cipherbyname(SN_camellia_256_cbc);
514 ssl_cipher_methods[SSL_ENC_GOST89_IDX] =
515 EVP_get_cipherbyname(SN_gost89_cnt);
516
517 ssl_cipher_methods[SSL_ENC_AES128GCM_IDX] =
518 EVP_get_cipherbyname(SN_aes_128_gcm);
519 ssl_cipher_methods[SSL_ENC_AES256GCM_IDX] =
520 EVP_get_cipherbyname(SN_aes_256_gcm);
521
522 ssl_digest_methods[SSL_MD_MD5_IDX] =
523 EVP_get_digestbyname(SN_md5);
524 ssl_mac_secret_size[SSL_MD_MD5_IDX] =
525 EVP_MD_size(ssl_digest_methods[SSL_MD_MD5_IDX]);
526 OPENSSL_assert(ssl_mac_secret_size[SSL_MD_MD5_IDX] >= 0);
527 ssl_digest_methods[SSL_MD_SHA1_IDX] =
528 EVP_get_digestbyname(SN_sha1);
529 ssl_mac_secret_size[SSL_MD_SHA1_IDX] =
530 EVP_MD_size(ssl_digest_methods[SSL_MD_SHA1_IDX]);
531 OPENSSL_assert(ssl_mac_secret_size[SSL_MD_SHA1_IDX] >= 0);
532 ssl_digest_methods[SSL_MD_GOST94_IDX] =
533 EVP_get_digestbyname(SN_id_GostR3411_94);
534 if (ssl_digest_methods[SSL_MD_GOST94_IDX]) {
535 ssl_mac_secret_size[SSL_MD_GOST94_IDX] =
536 EVP_MD_size(ssl_digest_methods[SSL_MD_GOST94_IDX]);
537 OPENSSL_assert(ssl_mac_secret_size[SSL_MD_GOST94_IDX] >= 0);
538 }
539 ssl_digest_methods[SSL_MD_GOST89MAC_IDX] =
540 EVP_get_digestbyname(SN_id_Gost28147_89_MAC);
541 if (ssl_mac_pkey_id[SSL_MD_GOST89MAC_IDX]) {
542 ssl_mac_secret_size[SSL_MD_GOST89MAC_IDX] = 32;
543 }
544
545 ssl_digest_methods[SSL_MD_SHA256_IDX] =
546 EVP_get_digestbyname(SN_sha256);
547 ssl_mac_secret_size[SSL_MD_SHA256_IDX] =
548 EVP_MD_size(ssl_digest_methods[SSL_MD_SHA256_IDX]);
549 ssl_digest_methods[SSL_MD_SHA384_IDX] =
550 EVP_get_digestbyname(SN_sha384);
551 ssl_mac_secret_size[SSL_MD_SHA384_IDX] =
552 EVP_MD_size(ssl_digest_methods[SSL_MD_SHA384_IDX]);
553 ssl_digest_methods[SSL_MD_STREEBOG256_IDX] =
554 EVP_get_digestbyname(SN_id_tc26_gost3411_2012_256);
555 ssl_mac_secret_size[SSL_MD_STREEBOG256_IDX] =
556 EVP_MD_size(ssl_digest_methods[SSL_MD_STREEBOG256_IDX]);
557 ssl_digest_methods[SSL_MD_STREEBOG512_IDX] =
558 EVP_get_digestbyname(SN_id_tc26_gost3411_2012_512);
559 ssl_mac_secret_size[SSL_MD_STREEBOG512_IDX] =
560 EVP_MD_size(ssl_digest_methods[SSL_MD_STREEBOG512_IDX]);
561}
562
563int
564ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
565 const EVP_MD **md, int *mac_pkey_type, int *mac_secret_size)
566{
567 const SSL_CIPHER *c;
568 int i;
569
570 c = s->cipher;
571 if (c == NULL)
572 return (0);
573
574 /*
575 * This function does not handle EVP_AEAD.
576 * See ssl_cipher_get_aead_evp instead.
577 */
578 if (c->algorithm2 & SSL_CIPHER_ALGORITHM2_AEAD)
579 return(0);
580
581 if ((enc == NULL) || (md == NULL))
582 return (0);
583
584 switch (c->algorithm_enc) {
585 case SSL_DES:
586 i = SSL_ENC_DES_IDX;
587 break;
588 case SSL_3DES:
589 i = SSL_ENC_3DES_IDX;
590 break;
591 case SSL_RC4:
592 i = SSL_ENC_RC4_IDX;
593 break;
594 case SSL_IDEA:
595 i = SSL_ENC_IDEA_IDX;
596 break;
597 case SSL_eNULL:
598 i = SSL_ENC_NULL_IDX;
599 break;
600 case SSL_AES128:
601 i = SSL_ENC_AES128_IDX;
602 break;
603 case SSL_AES256:
604 i = SSL_ENC_AES256_IDX;
605 break;
606 case SSL_CAMELLIA128:
607 i = SSL_ENC_CAMELLIA128_IDX;
608 break;
609 case SSL_CAMELLIA256:
610 i = SSL_ENC_CAMELLIA256_IDX;
611 break;
612 case SSL_eGOST2814789CNT:
613 i = SSL_ENC_GOST89_IDX;
614 break;
615 case SSL_AES128GCM:
616 i = SSL_ENC_AES128GCM_IDX;
617 break;
618 case SSL_AES256GCM:
619 i = SSL_ENC_AES256GCM_IDX;
620 break;
621 default:
622 i = -1;
623 break;
624 }
625
626 if ((i < 0) || (i >= SSL_ENC_NUM_IDX))
627 *enc = NULL;
628 else {
629 if (i == SSL_ENC_NULL_IDX)
630 *enc = EVP_enc_null();
631 else
632 *enc = ssl_cipher_methods[i];
633 }
634
635 switch (c->algorithm_mac) {
636 case SSL_MD5:
637 i = SSL_MD_MD5_IDX;
638 break;
639 case SSL_SHA1:
640 i = SSL_MD_SHA1_IDX;
641 break;
642 case SSL_SHA256:
643 i = SSL_MD_SHA256_IDX;
644 break;
645 case SSL_SHA384:
646 i = SSL_MD_SHA384_IDX;
647 break;
648 case SSL_GOST94:
649 i = SSL_MD_GOST94_IDX;
650 break;
651 case SSL_GOST89MAC:
652 i = SSL_MD_GOST89MAC_IDX;
653 break;
654 case SSL_STREEBOG256:
655 i = SSL_MD_STREEBOG256_IDX;
656 break;
657 case SSL_STREEBOG512:
658 i = SSL_MD_STREEBOG512_IDX;
659 break;
660 default:
661 i = -1;
662 break;
663 }
664 if ((i < 0) || (i >= SSL_MD_NUM_IDX)) {
665 *md = NULL;
666
667 if (mac_pkey_type != NULL)
668 *mac_pkey_type = NID_undef;
669 if (mac_secret_size != NULL)
670 *mac_secret_size = 0;
671 if (c->algorithm_mac == SSL_AEAD)
672 mac_pkey_type = NULL;
673 } else {
674 *md = ssl_digest_methods[i];
675 if (mac_pkey_type != NULL)
676 *mac_pkey_type = ssl_mac_pkey_id[i];
677 if (mac_secret_size != NULL)
678 *mac_secret_size = ssl_mac_secret_size[i];
679 }
680
681 if ((*enc != NULL) &&
682 (*md != NULL || (EVP_CIPHER_flags(*enc)&EVP_CIPH_FLAG_AEAD_CIPHER)) &&
683 (!mac_pkey_type || *mac_pkey_type != NID_undef)) {
684 const EVP_CIPHER *evp;
685
686 if (s->ssl_version >> 8 != TLS1_VERSION_MAJOR ||
687 s->ssl_version < TLS1_VERSION)
688 return 1;
689
690 if (c->algorithm_enc == SSL_RC4 &&
691 c->algorithm_mac == SSL_MD5 &&
692 (evp = EVP_get_cipherbyname("RC4-HMAC-MD5")))
693 *enc = evp, *md = NULL;
694 else if (c->algorithm_enc == SSL_AES128 &&
695 c->algorithm_mac == SSL_SHA1 &&
696 (evp = EVP_get_cipherbyname("AES-128-CBC-HMAC-SHA1")))
697 *enc = evp, *md = NULL;
698 else if (c->algorithm_enc == SSL_AES256 &&
699 c->algorithm_mac == SSL_SHA1 &&
700 (evp = EVP_get_cipherbyname("AES-256-CBC-HMAC-SHA1")))
701 *enc = evp, *md = NULL;
702 return (1);
703 } else
704 return (0);
705}
706
707/*
708 * ssl_cipher_get_evp_aead sets aead to point to the correct EVP_AEAD object
709 * for s->cipher. It returns 1 on success and 0 on error.
710 */
711int
712ssl_cipher_get_evp_aead(const SSL_SESSION *s, const EVP_AEAD **aead)
713{
714 const SSL_CIPHER *c = s->cipher;
715
716 *aead = NULL;
717
718 if (c == NULL)
719 return 0;
720 if ((c->algorithm2 & SSL_CIPHER_ALGORITHM2_AEAD) == 0)
721 return 0;
722
723 switch (c->algorithm_enc) {
724#ifndef OPENSSL_NO_AES
725 case SSL_AES128GCM:
726 *aead = EVP_aead_aes_128_gcm();
727 return 1;
728 case SSL_AES256GCM:
729 *aead = EVP_aead_aes_256_gcm();
730 return 1;
731#endif
732#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
733 case SSL_CHACHA20POLY1305:
734 *aead = EVP_aead_chacha20_poly1305();
735 return 1;
736#endif
737 default:
738 break;
739 }
740 return 0;
741}
742
743int
744ssl_get_handshake_digest(int idx, long *mask, const EVP_MD **md)
745{
746 if (idx < 0 || idx >= SSL_MD_NUM_IDX) {
747 return 0;
748 }
749 *mask = ssl_handshake_digest_flag[idx];
750 if (*mask)
751 *md = ssl_digest_methods[idx];
752 else
753 *md = NULL;
754 return 1;
755}
756
757#define ITEM_SEP(a) \
758 (((a) == ':') || ((a) == ' ') || ((a) == ';') || ((a) == ','))
759
760static void
761ll_append_tail(CIPHER_ORDER **head, CIPHER_ORDER *curr,
762 CIPHER_ORDER **tail)
763{
764 if (curr == *tail)
765 return;
766 if (curr == *head)
767 *head = curr->next;
768 if (curr->prev != NULL)
769 curr->prev->next = curr->next;
770 if (curr->next != NULL)
771 curr->next->prev = curr->prev;
772 (*tail)->next = curr;
773 curr->prev= *tail;
774 curr->next = NULL;
775 *tail = curr;
776}
777
778static void
779ll_append_head(CIPHER_ORDER **head, CIPHER_ORDER *curr,
780 CIPHER_ORDER **tail)
781{
782 if (curr == *head)
783 return;
784 if (curr == *tail)
785 *tail = curr->prev;
786 if (curr->next != NULL)
787 curr->next->prev = curr->prev;
788 if (curr->prev != NULL)
789 curr->prev->next = curr->next;
790 (*head)->prev = curr;
791 curr->next= *head;
792 curr->prev = NULL;
793 *head = curr;
794}
795
796static void
797ssl_cipher_get_disabled(unsigned long *mkey, unsigned long *auth,
798 unsigned long *enc, unsigned long *mac, unsigned long *ssl)
799{
800 *mkey = 0;
801 *auth = 0;
802 *enc = 0;
803 *mac = 0;
804 *ssl = 0;
805
806 /*
807 * Check for the availability of GOST 34.10 public/private key
808 * algorithms. If they are not available disable the associated
809 * authentication and key exchange algorithms.
810 */
811 if (EVP_PKEY_meth_find(NID_id_GostR3410_2001) == NULL) {
812 *auth |= SSL_aGOST01;
813 *mkey |= SSL_kGOST;
814 }
815
816#ifdef SSL_FORBID_ENULL
817 *enc |= SSL_eNULL;
818#endif
819
820 *enc |= (ssl_cipher_methods[SSL_ENC_DES_IDX ] == NULL) ? SSL_DES : 0;
821 *enc |= (ssl_cipher_methods[SSL_ENC_3DES_IDX] == NULL) ? SSL_3DES : 0;
822 *enc |= (ssl_cipher_methods[SSL_ENC_RC4_IDX ] == NULL) ? SSL_RC4 : 0;
823 *enc |= (ssl_cipher_methods[SSL_ENC_IDEA_IDX] == NULL) ? SSL_IDEA : 0;
824 *enc |= (ssl_cipher_methods[SSL_ENC_AES128_IDX] == NULL) ? SSL_AES128 : 0;
825 *enc |= (ssl_cipher_methods[SSL_ENC_AES256_IDX] == NULL) ? SSL_AES256 : 0;
826 *enc |= (ssl_cipher_methods[SSL_ENC_AES128GCM_IDX] == NULL) ? SSL_AES128GCM : 0;
827 *enc |= (ssl_cipher_methods[SSL_ENC_AES256GCM_IDX] == NULL) ? SSL_AES256GCM : 0;
828 *enc |= (ssl_cipher_methods[SSL_ENC_CAMELLIA128_IDX] == NULL) ? SSL_CAMELLIA128 : 0;
829 *enc |= (ssl_cipher_methods[SSL_ENC_CAMELLIA256_IDX] == NULL) ? SSL_CAMELLIA256 : 0;
830 *enc |= (ssl_cipher_methods[SSL_ENC_GOST89_IDX] == NULL) ? SSL_eGOST2814789CNT : 0;
831
832 *mac |= (ssl_digest_methods[SSL_MD_MD5_IDX ] == NULL) ? SSL_MD5 : 0;
833 *mac |= (ssl_digest_methods[SSL_MD_SHA1_IDX] == NULL) ? SSL_SHA1 : 0;
834 *mac |= (ssl_digest_methods[SSL_MD_SHA256_IDX] == NULL) ? SSL_SHA256 : 0;
835 *mac |= (ssl_digest_methods[SSL_MD_SHA384_IDX] == NULL) ? SSL_SHA384 : 0;
836 *mac |= (ssl_digest_methods[SSL_MD_GOST94_IDX] == NULL) ? SSL_GOST94 : 0;
837 *mac |= (ssl_digest_methods[SSL_MD_GOST89MAC_IDX] == NULL) ? SSL_GOST89MAC : 0;
838 *mac |= (ssl_digest_methods[SSL_MD_STREEBOG256_IDX] == NULL) ? SSL_STREEBOG256 : 0;
839 *mac |= (ssl_digest_methods[SSL_MD_STREEBOG512_IDX] == NULL) ? SSL_STREEBOG512 : 0;
840
841}
842
843static void
844ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method, int num_of_ciphers,
845 unsigned long disabled_mkey, unsigned long disabled_auth,
846 unsigned long disabled_enc, unsigned long disabled_mac,
847 unsigned long disabled_ssl, CIPHER_ORDER *co_list,
848 CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p)
849{
850 int i, co_list_num;
851 const SSL_CIPHER *c;
852
853 /*
854 * We have num_of_ciphers descriptions compiled in, depending on the
855 * method selected (SSLv3, TLSv1, etc). These will later be sorted in
856 * a linked list with at most num entries.
857 */
858
859 /* Get the initial list of ciphers */
860 co_list_num = 0; /* actual count of ciphers */
861 for (i = 0; i < num_of_ciphers; i++) {
862 c = ssl_method->get_cipher(i);
863 /* drop those that use any of that is not available */
864 if ((c != NULL) && c->valid &&
865 !(c->algorithm_mkey & disabled_mkey) &&
866 !(c->algorithm_auth & disabled_auth) &&
867 !(c->algorithm_enc & disabled_enc) &&
868 !(c->algorithm_mac & disabled_mac) &&
869 !(c->algorithm_ssl & disabled_ssl)) {
870 co_list[co_list_num].cipher = c;
871 co_list[co_list_num].next = NULL;
872 co_list[co_list_num].prev = NULL;
873 co_list[co_list_num].active = 0;
874 co_list_num++;
875 /*
876 if (!sk_push(ca_list,(char *)c)) goto err;
877 */
878 }
879 }
880
881 /*
882 * Prepare linked list from list entries
883 */
884 if (co_list_num > 0) {
885 co_list[0].prev = NULL;
886
887 if (co_list_num > 1) {
888 co_list[0].next = &co_list[1];
889
890 for (i = 1; i < co_list_num - 1; i++) {
891 co_list[i].prev = &co_list[i - 1];
892 co_list[i].next = &co_list[i + 1];
893 }
894
895 co_list[co_list_num - 1].prev =
896 &co_list[co_list_num - 2];
897 }
898
899 co_list[co_list_num - 1].next = NULL;
900
901 *head_p = &co_list[0];
902 *tail_p = &co_list[co_list_num - 1];
903 }
904}
905
906static void
907ssl_cipher_collect_aliases(const SSL_CIPHER **ca_list, int num_of_group_aliases,
908 unsigned long disabled_mkey, unsigned long disabled_auth,
909 unsigned long disabled_enc, unsigned long disabled_mac,
910 unsigned long disabled_ssl, CIPHER_ORDER *head)
911{
912 CIPHER_ORDER *ciph_curr;
913 const SSL_CIPHER **ca_curr;
914 int i;
915 unsigned long mask_mkey = ~disabled_mkey;
916 unsigned long mask_auth = ~disabled_auth;
917 unsigned long mask_enc = ~disabled_enc;
918 unsigned long mask_mac = ~disabled_mac;
919 unsigned long mask_ssl = ~disabled_ssl;
920
921 /*
922 * First, add the real ciphers as already collected
923 */
924 ciph_curr = head;
925 ca_curr = ca_list;
926 while (ciph_curr != NULL) {
927 *ca_curr = ciph_curr->cipher;
928 ca_curr++;
929 ciph_curr = ciph_curr->next;
930 }
931
932 /*
933 * Now we add the available ones from the cipher_aliases[] table.
934 * They represent either one or more algorithms, some of which
935 * in any affected category must be supported (set in enabled_mask),
936 * or represent a cipher strength value (will be added in any case because algorithms=0).
937 */
938 for (i = 0; i < num_of_group_aliases; i++) {
939 unsigned long algorithm_mkey = cipher_aliases[i].algorithm_mkey;
940 unsigned long algorithm_auth = cipher_aliases[i].algorithm_auth;
941 unsigned long algorithm_enc = cipher_aliases[i].algorithm_enc;
942 unsigned long algorithm_mac = cipher_aliases[i].algorithm_mac;
943 unsigned long algorithm_ssl = cipher_aliases[i].algorithm_ssl;
944
945 if (algorithm_mkey)
946 if ((algorithm_mkey & mask_mkey) == 0)
947 continue;
948
949 if (algorithm_auth)
950 if ((algorithm_auth & mask_auth) == 0)
951 continue;
952
953 if (algorithm_enc)
954 if ((algorithm_enc & mask_enc) == 0)
955 continue;
956
957 if (algorithm_mac)
958 if ((algorithm_mac & mask_mac) == 0)
959 continue;
960
961 if (algorithm_ssl)
962 if ((algorithm_ssl & mask_ssl) == 0)
963 continue;
964
965 *ca_curr = (SSL_CIPHER *)(cipher_aliases + i);
966 ca_curr++;
967 }
968
969 *ca_curr = NULL; /* end of list */
970}
971
972static void
973ssl_cipher_apply_rule(unsigned long cipher_id, unsigned long alg_mkey,
974 unsigned long alg_auth, unsigned long alg_enc, unsigned long alg_mac,
975 unsigned long alg_ssl, unsigned long algo_strength,
976 int rule, int strength_bits, CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p)
977{
978 CIPHER_ORDER *head, *tail, *curr, *next, *last;
979 const SSL_CIPHER *cp;
980 int reverse = 0;
981
982
983 if (rule == CIPHER_DEL)
984 reverse = 1; /* needed to maintain sorting between currently deleted ciphers */
985
986 head = *head_p;
987 tail = *tail_p;
988
989 if (reverse) {
990 next = tail;
991 last = head;
992 } else {
993 next = head;
994 last = tail;
995 }
996
997 curr = NULL;
998 for (;;) {
999 if (curr == last)
1000 break;
1001 curr = next;
1002 next = reverse ? curr->prev : curr->next;
1003
1004 cp = curr->cipher;
1005
1006 /*
1007 * Selection criteria is either the value of strength_bits
1008 * or the algorithms used.
1009 */
1010 if (strength_bits >= 0) {
1011 if (strength_bits != cp->strength_bits)
1012 continue;
1013 } else {
1014
1015 if (alg_mkey && !(alg_mkey & cp->algorithm_mkey))
1016 continue;
1017 if (alg_auth && !(alg_auth & cp->algorithm_auth))
1018 continue;
1019 if (alg_enc && !(alg_enc & cp->algorithm_enc))
1020 continue;
1021 if (alg_mac && !(alg_mac & cp->algorithm_mac))
1022 continue;
1023 if (alg_ssl && !(alg_ssl & cp->algorithm_ssl))
1024 continue;
1025 if ((algo_strength & SSL_STRONG_MASK) && !(algo_strength & SSL_STRONG_MASK & cp->algo_strength))
1026 continue;
1027 }
1028
1029
1030 /* add the cipher if it has not been added yet. */
1031 if (rule == CIPHER_ADD) {
1032 /* reverse == 0 */
1033 if (!curr->active) {
1034 ll_append_tail(&head, curr, &tail);
1035 curr->active = 1;
1036 }
1037 }
1038 /* Move the added cipher to this location */
1039 else if (rule == CIPHER_ORD) {
1040 /* reverse == 0 */
1041 if (curr->active) {
1042 ll_append_tail(&head, curr, &tail);
1043 }
1044 } else if (rule == CIPHER_DEL) {
1045 /* reverse == 1 */
1046 if (curr->active) {
1047 /* most recently deleted ciphersuites get best positions
1048 * for any future CIPHER_ADD (note that the CIPHER_DEL loop
1049 * works in reverse to maintain the order) */
1050 ll_append_head(&head, curr, &tail);
1051 curr->active = 0;
1052 }
1053 } else if (rule == CIPHER_KILL) {
1054 /* reverse == 0 */
1055 if (head == curr)
1056 head = curr->next;
1057 else
1058 curr->prev->next = curr->next;
1059 if (tail == curr)
1060 tail = curr->prev;
1061 curr->active = 0;
1062 if (curr->next != NULL)
1063 curr->next->prev = curr->prev;
1064 if (curr->prev != NULL)
1065 curr->prev->next = curr->next;
1066 curr->next = NULL;
1067 curr->prev = NULL;
1068 }
1069 }
1070
1071 *head_p = head;
1072 *tail_p = tail;
1073}
1074
1075static int
1076ssl_cipher_strength_sort(CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p)
1077{
1078 int max_strength_bits, i, *number_uses;
1079 CIPHER_ORDER *curr;
1080
1081 /*
1082 * This routine sorts the ciphers with descending strength. The sorting
1083 * must keep the pre-sorted sequence, so we apply the normal sorting
1084 * routine as '+' movement to the end of the list.
1085 */
1086 max_strength_bits = 0;
1087 curr = *head_p;
1088 while (curr != NULL) {
1089 if (curr->active &&
1090 (curr->cipher->strength_bits > max_strength_bits))
1091 max_strength_bits = curr->cipher->strength_bits;
1092 curr = curr->next;
1093 }
1094
1095 number_uses = calloc((max_strength_bits + 1), sizeof(int));
1096 if (!number_uses) {
1097 SSLerr(SSL_F_SSL_CIPHER_STRENGTH_SORT, ERR_R_MALLOC_FAILURE);
1098 return (0);
1099 }
1100
1101 /*
1102 * Now find the strength_bits values actually used
1103 */
1104 curr = *head_p;
1105 while (curr != NULL) {
1106 if (curr->active)
1107 number_uses[curr->cipher->strength_bits]++;
1108 curr = curr->next;
1109 }
1110 /*
1111 * Go through the list of used strength_bits values in descending
1112 * order.
1113 */
1114 for (i = max_strength_bits; i >= 0; i--)
1115 if (number_uses[i] > 0)
1116 ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, CIPHER_ORD, i, head_p, tail_p);
1117
1118 free(number_uses);
1119 return (1);
1120}
1121
1122static int
1123ssl_cipher_process_rulestr(const char *rule_str, CIPHER_ORDER **head_p,
1124 CIPHER_ORDER **tail_p, const SSL_CIPHER **ca_list)
1125{
1126 unsigned long alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl;
1127 unsigned long algo_strength;
1128 int j, multi, found, rule, retval, ok, buflen;
1129 unsigned long cipher_id = 0;
1130 const char *l, *buf;
1131 char ch;
1132
1133 retval = 1;
1134 l = rule_str;
1135 for (;;) {
1136 ch = *l;
1137
1138 if (ch == '\0')
1139 break;
1140
1141 if (ch == '-') {
1142 rule = CIPHER_DEL;
1143 l++;
1144 } else if (ch == '+') {
1145 rule = CIPHER_ORD;
1146 l++;
1147 } else if (ch == '!') {
1148 rule = CIPHER_KILL;
1149 l++;
1150 } else if (ch == '@') {
1151 rule = CIPHER_SPECIAL;
1152 l++;
1153 } else {
1154 rule = CIPHER_ADD;
1155 }
1156
1157 if (ITEM_SEP(ch)) {
1158 l++;
1159 continue;
1160 }
1161
1162 alg_mkey = 0;
1163 alg_auth = 0;
1164 alg_enc = 0;
1165 alg_mac = 0;
1166 alg_ssl = 0;
1167 algo_strength = 0;
1168
1169 for (;;) {
1170 ch = *l;
1171 buf = l;
1172 buflen = 0;
1173 while (((ch >= 'A') && (ch <= 'Z')) ||
1174 ((ch >= '0') && (ch <= '9')) ||
1175 ((ch >= 'a') && (ch <= 'z')) ||
1176 (ch == '-') || (ch == '.')) {
1177 ch = *(++l);
1178 buflen++;
1179 }
1180
1181 if (buflen == 0) {
1182 /*
1183 * We hit something we cannot deal with,
1184 * it is no command or separator nor
1185 * alphanumeric, so we call this an error.
1186 */
1187 SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR,
1188 SSL_R_INVALID_COMMAND);
1189 retval = found = 0;
1190 l++;
1191 break;
1192 }
1193
1194 if (rule == CIPHER_SPECIAL) {
1195 /* unused -- avoid compiler warning */
1196 found = 0;
1197 /* special treatment */
1198 break;
1199 }
1200
1201 /* check for multi-part specification */
1202 if (ch == '+') {
1203 multi = 1;
1204 l++;
1205 } else
1206 multi = 0;
1207
1208 /*
1209 * Now search for the cipher alias in the ca_list.
1210 * Be careful with the strncmp, because the "buflen"
1211 * limitation will make the rule "ADH:SOME" and the
1212 * cipher "ADH-MY-CIPHER" look like a match for
1213 * buflen=3. So additionally check whether the cipher
1214 * name found has the correct length. We can save a
1215 * strlen() call: just checking for the '\0' at the
1216 * right place is sufficient, we have to strncmp()
1217 * anyway (we cannot use strcmp(), because buf is not
1218 * '\0' terminated.)
1219 */
1220 j = found = 0;
1221 cipher_id = 0;
1222 while (ca_list[j]) {
1223 if (!strncmp(buf, ca_list[j]->name, buflen) &&
1224 (ca_list[j]->name[buflen] == '\0')) {
1225 found = 1;
1226 break;
1227 } else
1228 j++;
1229 }
1230
1231 if (!found)
1232 break; /* ignore this entry */
1233
1234 if (ca_list[j]->algorithm_mkey) {
1235 if (alg_mkey) {
1236 alg_mkey &= ca_list[j]->algorithm_mkey;
1237 if (!alg_mkey) {
1238 found = 0;
1239 break;
1240 }
1241 } else
1242 alg_mkey = ca_list[j]->algorithm_mkey;
1243 }
1244
1245 if (ca_list[j]->algorithm_auth) {
1246 if (alg_auth) {
1247 alg_auth &= ca_list[j]->algorithm_auth;
1248 if (!alg_auth) {
1249 found = 0;
1250 break;
1251 }
1252 } else
1253 alg_auth = ca_list[j]->algorithm_auth;
1254 }
1255
1256 if (ca_list[j]->algorithm_enc) {
1257 if (alg_enc) {
1258 alg_enc &= ca_list[j]->algorithm_enc;
1259 if (!alg_enc) {
1260 found = 0;
1261 break;
1262 }
1263 } else
1264 alg_enc = ca_list[j]->algorithm_enc;
1265 }
1266
1267 if (ca_list[j]->algorithm_mac) {
1268 if (alg_mac) {
1269 alg_mac &= ca_list[j]->algorithm_mac;
1270 if (!alg_mac) {
1271 found = 0;
1272 break;
1273 }
1274 } else
1275 alg_mac = ca_list[j]->algorithm_mac;
1276 }
1277
1278 if (ca_list[j]->algo_strength & SSL_STRONG_MASK) {
1279 if (algo_strength & SSL_STRONG_MASK) {
1280 algo_strength &=
1281 (ca_list[j]->algo_strength &
1282 SSL_STRONG_MASK) | ~SSL_STRONG_MASK;
1283 if (!(algo_strength &
1284 SSL_STRONG_MASK)) {
1285 found = 0;
1286 break;
1287 }
1288 } else
1289 algo_strength |=
1290 ca_list[j]->algo_strength &
1291 SSL_STRONG_MASK;
1292 }
1293
1294 if (ca_list[j]->valid) {
1295 /*
1296 * explicit ciphersuite found; its protocol
1297 * version does not become part of the search
1298 * pattern!
1299 */
1300 cipher_id = ca_list[j]->id;
1301 } else {
1302 /*
1303 * not an explicit ciphersuite; only in this
1304 * case, the protocol version is considered
1305 * part of the search pattern
1306 */
1307 if (ca_list[j]->algorithm_ssl) {
1308 if (alg_ssl) {
1309 alg_ssl &=
1310 ca_list[j]->algorithm_ssl;
1311 if (!alg_ssl) {
1312 found = 0;
1313 break;
1314 }
1315 } else
1316 alg_ssl =
1317 ca_list[j]->algorithm_ssl;
1318 }
1319 }
1320
1321 if (!multi)
1322 break;
1323 }
1324
1325 /*
1326 * Ok, we have the rule, now apply it
1327 */
1328 if (rule == CIPHER_SPECIAL) {
1329 /* special command */
1330 ok = 0;
1331 if ((buflen == 8) && !strncmp(buf, "STRENGTH", 8))
1332 ok = ssl_cipher_strength_sort(head_p, tail_p);
1333 else
1334 SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR,
1335 SSL_R_INVALID_COMMAND);
1336 if (ok == 0)
1337 retval = 0;
1338 /*
1339 * We do not support any "multi" options
1340 * together with "@", so throw away the
1341 * rest of the command, if any left, until
1342 * end or ':' is found.
1343 */
1344 while ((*l != '\0') && !ITEM_SEP(*l))
1345 l++;
1346 } else if (found) {
1347 ssl_cipher_apply_rule(cipher_id, alg_mkey, alg_auth,
1348 alg_enc, alg_mac, alg_ssl, algo_strength, rule,
1349 -1, head_p, tail_p);
1350 } else {
1351 while ((*l != '\0') && !ITEM_SEP(*l))
1352 l++;
1353 }
1354 if (*l == '\0')
1355 break; /* done */
1356 }
1357
1358 return (retval);
1359}
1360
1361STACK_OF(SSL_CIPHER) *
1362ssl_create_cipher_list(const SSL_METHOD *ssl_method,
1363 STACK_OF(SSL_CIPHER) **cipher_list,
1364 STACK_OF(SSL_CIPHER) **cipher_list_by_id,
1365 const char *rule_str)
1366{
1367 int ok, num_of_ciphers, num_of_alias_max, num_of_group_aliases;
1368 unsigned long disabled_mkey, disabled_auth, disabled_enc, disabled_mac, disabled_ssl;
1369 STACK_OF(SSL_CIPHER) *cipherstack, *tmp_cipher_list;
1370 const char *rule_p;
1371 CIPHER_ORDER *co_list = NULL, *head = NULL, *tail = NULL, *curr;
1372 const SSL_CIPHER **ca_list = NULL;
1373
1374 /*
1375 * Return with error if nothing to do.
1376 */
1377 if (rule_str == NULL || cipher_list == NULL || cipher_list_by_id == NULL)
1378 return NULL;
1379
1380 /*
1381 * To reduce the work to do we only want to process the compiled
1382 * in algorithms, so we first get the mask of disabled ciphers.
1383 */
1384 ssl_cipher_get_disabled(&disabled_mkey, &disabled_auth, &disabled_enc, &disabled_mac, &disabled_ssl);
1385
1386 /*
1387 * Now we have to collect the available ciphers from the compiled
1388 * in ciphers. We cannot get more than the number compiled in, so
1389 * it is used for allocation.
1390 */
1391 num_of_ciphers = ssl_method->num_ciphers();
1392 co_list = reallocarray(NULL, num_of_ciphers, sizeof(CIPHER_ORDER));
1393 if (co_list == NULL) {
1394 SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
1395 return(NULL); /* Failure */
1396 }
1397
1398 ssl_cipher_collect_ciphers(ssl_method, num_of_ciphers,
1399 disabled_mkey, disabled_auth, disabled_enc, disabled_mac, disabled_ssl,
1400 co_list, &head, &tail);
1401
1402
1403 /* Now arrange all ciphers by preference: */
1404
1405 /* Everything else being equal, prefer ephemeral ECDH over other key exchange mechanisms */
1406 ssl_cipher_apply_rule(0, SSL_kECDHE, 0, 0, 0, 0, 0, CIPHER_ADD, -1, &head, &tail);
1407 ssl_cipher_apply_rule(0, SSL_kECDHE, 0, 0, 0, 0, 0, CIPHER_DEL, -1, &head, &tail);
1408
1409 /*
1410 * CHACHA20 is fast and safe on all hardware and is thus our preferred
1411 * symmetric cipher, with AES second.
1412 */
1413 ssl_cipher_apply_rule(0, 0, 0, SSL_CHACHA20POLY1305, 0, 0, 0, CIPHER_ADD, -1, &head, &tail);
1414 ssl_cipher_apply_rule(0, 0, 0, SSL_AES, 0, 0, 0, CIPHER_ADD, -1, &head, &tail);
1415
1416 /* Temporarily enable everything else for sorting */
1417 ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, CIPHER_ADD, -1, &head, &tail);
1418
1419 /* Low priority for MD5 */
1420 ssl_cipher_apply_rule(0, 0, 0, 0, SSL_MD5, 0, 0, CIPHER_ORD, -1, &head, &tail);
1421
1422 /* Move anonymous ciphers to the end. Usually, these will remain disabled.
1423 * (For applications that allow them, they aren't too bad, but we prefer
1424 * authenticated ciphers.) */
1425 ssl_cipher_apply_rule(0, 0, SSL_aNULL, 0, 0, 0, 0, CIPHER_ORD, -1, &head, &tail);
1426
1427 /* Move ciphers without forward secrecy to the end */
1428 ssl_cipher_apply_rule(0, 0, SSL_aECDH, 0, 0, 0, 0, CIPHER_ORD, -1, &head, &tail);
1429 ssl_cipher_apply_rule(0, SSL_kRSA, 0, 0, 0, 0, 0, CIPHER_ORD, -1, &head, &tail);
1430
1431 /* RC4 is sort-of broken -- move the the end */
1432 ssl_cipher_apply_rule(0, 0, 0, SSL_RC4, 0, 0, 0, CIPHER_ORD, -1, &head, &tail);
1433
1434 /* Now sort by symmetric encryption strength. The above ordering remains
1435 * in force within each class */
1436 if (!ssl_cipher_strength_sort(&head, &tail)) {
1437 free(co_list);
1438 return NULL;
1439 }
1440
1441 /* Now disable everything (maintaining the ordering!) */
1442 ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, CIPHER_DEL, -1, &head, &tail);
1443
1444
1445 /*
1446 * We also need cipher aliases for selecting based on the rule_str.
1447 * There might be two types of entries in the rule_str: 1) names
1448 * of ciphers themselves 2) aliases for groups of ciphers.
1449 * For 1) we need the available ciphers and for 2) the cipher
1450 * groups of cipher_aliases added together in one list (otherwise
1451 * we would be happy with just the cipher_aliases table).
1452 */
1453 num_of_group_aliases = sizeof(cipher_aliases) / sizeof(SSL_CIPHER);
1454 num_of_alias_max = num_of_ciphers + num_of_group_aliases + 1;
1455 ca_list = reallocarray(NULL, num_of_alias_max, sizeof(SSL_CIPHER *));
1456 if (ca_list == NULL) {
1457 free(co_list);
1458 SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
1459 return(NULL); /* Failure */
1460 }
1461 ssl_cipher_collect_aliases(ca_list, num_of_group_aliases,
1462 disabled_mkey, disabled_auth, disabled_enc,
1463 disabled_mac, disabled_ssl, head);
1464
1465 /*
1466 * If the rule_string begins with DEFAULT, apply the default rule
1467 * before using the (possibly available) additional rules.
1468 */
1469 ok = 1;
1470 rule_p = rule_str;
1471 if (strncmp(rule_str, "DEFAULT", 7) == 0) {
1472 ok = ssl_cipher_process_rulestr(SSL_DEFAULT_CIPHER_LIST,
1473 &head, &tail, ca_list);
1474 rule_p += 7;
1475 if (*rule_p == ':')
1476 rule_p++;
1477 }
1478
1479 if (ok && (strlen(rule_p) > 0))
1480 ok = ssl_cipher_process_rulestr(rule_p, &head, &tail, ca_list);
1481
1482 free((void *)ca_list); /* Not needed anymore */
1483
1484 if (!ok) {
1485 /* Rule processing failure */
1486 free(co_list);
1487 return (NULL);
1488 }
1489
1490 /*
1491 * Allocate new "cipherstack" for the result, return with error
1492 * if we cannot get one.
1493 */
1494 if ((cipherstack = sk_SSL_CIPHER_new_null()) == NULL) {
1495 free(co_list);
1496 return (NULL);
1497 }
1498
1499 /*
1500 * The cipher selection for the list is done. The ciphers are added
1501 * to the resulting precedence to the STACK_OF(SSL_CIPHER).
1502 */
1503 for (curr = head; curr != NULL; curr = curr->next) {
1504 if (curr->active) {
1505 sk_SSL_CIPHER_push(cipherstack, curr->cipher);
1506 }
1507 }
1508 free(co_list); /* Not needed any longer */
1509
1510 tmp_cipher_list = sk_SSL_CIPHER_dup(cipherstack);
1511 if (tmp_cipher_list == NULL) {
1512 sk_SSL_CIPHER_free(cipherstack);
1513 return NULL;
1514 }
1515 if (*cipher_list != NULL)
1516 sk_SSL_CIPHER_free(*cipher_list);
1517 *cipher_list = cipherstack;
1518 if (*cipher_list_by_id != NULL)
1519 sk_SSL_CIPHER_free(*cipher_list_by_id);
1520 *cipher_list_by_id = tmp_cipher_list;
1521 (void)sk_SSL_CIPHER_set_cmp_func(*cipher_list_by_id,
1522 ssl_cipher_ptr_id_cmp);
1523
1524 sk_SSL_CIPHER_sort(*cipher_list_by_id);
1525 return (cipherstack);
1526}
1527
1528const SSL_CIPHER *
1529SSL_CIPHER_get_by_id(unsigned int id)
1530{
1531 return ssl3_get_cipher_by_id(id);
1532}
1533
1534const SSL_CIPHER *
1535SSL_CIPHER_get_by_value(uint16_t value)
1536{
1537 return ssl3_get_cipher_by_value(value);
1538}
1539
1540char *
1541SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
1542{
1543 unsigned long alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl, alg2;
1544 const char *ver, *kx, *au, *enc, *mac;
1545 char *ret;
1546 int l;
1547
1548 alg_mkey = cipher->algorithm_mkey;
1549 alg_auth = cipher->algorithm_auth;
1550 alg_enc = cipher->algorithm_enc;
1551 alg_mac = cipher->algorithm_mac;
1552 alg_ssl = cipher->algorithm_ssl;
1553
1554 alg2 = cipher->algorithm2;
1555
1556 if (alg_ssl & SSL_SSLV3)
1557 ver = "SSLv3";
1558 else if (alg_ssl & SSL_TLSV1_2)
1559 ver = "TLSv1.2";
1560 else
1561 ver = "unknown";
1562
1563 switch (alg_mkey) {
1564 case SSL_kRSA:
1565 kx = "RSA";
1566 break;
1567 case SSL_kDHE:
1568 kx = "DH";
1569 break;
1570 case SSL_kECDHr:
1571 kx = "ECDH/RSA";
1572 break;
1573 case SSL_kECDHe:
1574 kx = "ECDH/ECDSA";
1575 break;
1576 case SSL_kECDHE:
1577 kx = "ECDH";
1578 break;
1579 case SSL_kGOST:
1580 kx = "GOST";
1581 break;
1582 default:
1583 kx = "unknown";
1584 }
1585
1586 switch (alg_auth) {
1587 case SSL_aRSA:
1588 au = "RSA";
1589 break;
1590 case SSL_aDSS:
1591 au = "DSS";
1592 break;
1593 case SSL_aECDH:
1594 au = "ECDH";
1595 break;
1596 case SSL_aNULL:
1597 au = "None";
1598 break;
1599 case SSL_aECDSA:
1600 au = "ECDSA";
1601 break;
1602 case SSL_aGOST01:
1603 au = "GOST01";
1604 break;
1605 default:
1606 au = "unknown";
1607 break;
1608 }
1609
1610 switch (alg_enc) {
1611 case SSL_DES:
1612 enc = "DES(56)";
1613 break;
1614 case SSL_3DES:
1615 enc = "3DES(168)";
1616 break;
1617 case SSL_RC4:
1618 enc = alg2 & SSL2_CF_8_BYTE_ENC ? "RC4(64)" : "RC4(128)";
1619 break;
1620 case SSL_IDEA:
1621 enc = "IDEA(128)";
1622 break;
1623 case SSL_eNULL:
1624 enc = "None";
1625 break;
1626 case SSL_AES128:
1627 enc = "AES(128)";
1628 break;
1629 case SSL_AES256:
1630 enc = "AES(256)";
1631 break;
1632 case SSL_AES128GCM:
1633 enc = "AESGCM(128)";
1634 break;
1635 case SSL_AES256GCM:
1636 enc = "AESGCM(256)";
1637 break;
1638 case SSL_CAMELLIA128:
1639 enc = "Camellia(128)";
1640 break;
1641 case SSL_CAMELLIA256:
1642 enc = "Camellia(256)";
1643 break;
1644 case SSL_CHACHA20POLY1305:
1645 enc = "ChaCha20-Poly1305";
1646 break;
1647 case SSL_eGOST2814789CNT:
1648 enc = "GOST-28178-89-CNT";
1649 break;
1650 default:
1651 enc = "unknown";
1652 break;
1653 }
1654
1655 switch (alg_mac) {
1656 case SSL_MD5:
1657 mac = "MD5";
1658 break;
1659 case SSL_SHA1:
1660 mac = "SHA1";
1661 break;
1662 case SSL_SHA256:
1663 mac = "SHA256";
1664 break;
1665 case SSL_SHA384:
1666 mac = "SHA384";
1667 break;
1668 case SSL_AEAD:
1669 mac = "AEAD";
1670 break;
1671 case SSL_GOST94:
1672 mac = "GOST94";
1673 break;
1674 case SSL_GOST89MAC:
1675 mac = "GOST89IMIT";
1676 break;
1677 case SSL_STREEBOG256:
1678 mac = "STREEBOG256";
1679 break;
1680 case SSL_STREEBOG512:
1681 mac = "STREEBOG512";
1682 break;
1683 default:
1684 mac = "unknown";
1685 break;
1686 }
1687
1688 if (asprintf(&ret, "%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s\n",
1689 cipher->name, ver, kx, au, enc, mac) == -1)
1690 return "OPENSSL_malloc Error";
1691
1692 if (buf != NULL) {
1693 l = strlcpy(buf, ret, len);
1694 free(ret);
1695 ret = buf;
1696 if (l >= len)
1697 ret = "Buffer too small";
1698 }
1699
1700 return (ret);
1701}
1702
1703char *
1704SSL_CIPHER_get_version(const SSL_CIPHER *c)
1705{
1706 if (c == NULL)
1707 return("(NONE)");
1708 if ((c->id >> 24) == 3)
1709 return("TLSv1/SSLv3");
1710 else
1711 return("unknown");
1712}
1713
1714/* return the actual cipher being used */
1715const char *
1716SSL_CIPHER_get_name(const SSL_CIPHER *c)
1717{
1718 if (c != NULL)
1719 return (c->name);
1720 return("(NONE)");
1721}
1722
1723/* number of bits for symmetric cipher */
1724int
1725SSL_CIPHER_get_bits(const SSL_CIPHER *c, int *alg_bits)
1726{
1727 int ret = 0;
1728
1729 if (c != NULL) {
1730 if (alg_bits != NULL)
1731 *alg_bits = c->alg_bits;
1732 ret = c->strength_bits;
1733 }
1734 return (ret);
1735}
1736
1737unsigned long
1738SSL_CIPHER_get_id(const SSL_CIPHER *c)
1739{
1740 return c->id;
1741}
1742
1743uint16_t
1744SSL_CIPHER_get_value(const SSL_CIPHER *c)
1745{
1746 return ssl3_cipher_get_value(c);
1747}
1748
1749void *
1750SSL_COMP_get_compression_methods(void)
1751{
1752 return NULL;
1753}
1754
1755int
1756SSL_COMP_add_compression_method(int id, void *cm)
1757{
1758 return 1;
1759}
1760
1761const char *
1762SSL_COMP_get_name(const void *comp)
1763{
1764 return NULL;
1765}
diff --git a/src/lib/libssl/ssl_err.c b/src/lib/libssl/ssl_err.c
deleted file mode 100644
index 04742b60ca..0000000000
--- a/src/lib/libssl/ssl_err.c
+++ /dev/null
@@ -1,615 +0,0 @@
1/* $OpenBSD: ssl_err.c,v 1.29 2015/02/22 15:54:27 jsing Exp $ */
2/* ====================================================================
3 * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56/* NOTE: this file was auto generated by the mkerr.pl script: any changes
57 * made to it will be overwritten when the script next updates this file,
58 * only reason strings will be preserved.
59 */
60
61#include <stdio.h>
62
63#include <openssl/err.h>
64#include <openssl/ssl.h>
65
66/* BEGIN ERROR CODES */
67#ifndef OPENSSL_NO_ERR
68
69#define ERR_FUNC(func) ERR_PACK(ERR_LIB_SSL,func,0)
70#define ERR_REASON(reason) ERR_PACK(ERR_LIB_SSL,0,reason)
71
72static ERR_STRING_DATA SSL_str_functs[]= {
73 {ERR_FUNC(SSL_F_CLIENT_CERTIFICATE), "CLIENT_CERTIFICATE"},
74 {ERR_FUNC(SSL_F_CLIENT_FINISHED), "CLIENT_FINISHED"},
75 {ERR_FUNC(SSL_F_CLIENT_HELLO), "CLIENT_HELLO"},
76 {ERR_FUNC(SSL_F_CLIENT_MASTER_KEY), "CLIENT_MASTER_KEY"},
77 {ERR_FUNC(SSL_F_D2I_SSL_SESSION), "d2i_SSL_SESSION"},
78 {ERR_FUNC(SSL_F_DO_DTLS1_WRITE), "DO_DTLS1_WRITE"},
79 {ERR_FUNC(SSL_F_DO_SSL3_WRITE), "DO_SSL3_WRITE"},
80 {ERR_FUNC(SSL_F_DTLS1_ACCEPT), "DTLS1_ACCEPT"},
81 {ERR_FUNC(SSL_F_DTLS1_ADD_CERT_TO_BUF), "DTLS1_ADD_CERT_TO_BUF"},
82 {ERR_FUNC(SSL_F_DTLS1_BUFFER_RECORD), "DTLS1_BUFFER_RECORD"},
83 {ERR_FUNC(SSL_F_DTLS1_CHECK_TIMEOUT_NUM), "DTLS1_CHECK_TIMEOUT_NUM"},
84 {ERR_FUNC(SSL_F_DTLS1_CLIENT_HELLO), "DTLS1_CLIENT_HELLO"},
85 {ERR_FUNC(SSL_F_DTLS1_CONNECT), "DTLS1_CONNECT"},
86 {ERR_FUNC(SSL_F_DTLS1_ENC), "DTLS1_ENC"},
87 {ERR_FUNC(SSL_F_DTLS1_GET_HELLO_VERIFY), "DTLS1_GET_HELLO_VERIFY"},
88 {ERR_FUNC(SSL_F_DTLS1_GET_MESSAGE), "DTLS1_GET_MESSAGE"},
89 {ERR_FUNC(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT), "DTLS1_GET_MESSAGE_FRAGMENT"},
90 {ERR_FUNC(SSL_F_DTLS1_GET_RECORD), "DTLS1_GET_RECORD"},
91 {ERR_FUNC(SSL_F_DTLS1_HANDLE_TIMEOUT), "DTLS1_HANDLE_TIMEOUT"},
92 {ERR_FUNC(SSL_F_DTLS1_HEARTBEAT), "DTLS1_HEARTBEAT"},
93 {ERR_FUNC(SSL_F_DTLS1_OUTPUT_CERT_CHAIN), "DTLS1_OUTPUT_CERT_CHAIN"},
94 {ERR_FUNC(SSL_F_DTLS1_PREPROCESS_FRAGMENT), "DTLS1_PREPROCESS_FRAGMENT"},
95 {ERR_FUNC(SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE), "DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE"},
96 {ERR_FUNC(SSL_F_DTLS1_PROCESS_RECORD), "DTLS1_PROCESS_RECORD"},
97 {ERR_FUNC(SSL_F_DTLS1_READ_BYTES), "DTLS1_READ_BYTES"},
98 {ERR_FUNC(SSL_F_DTLS1_READ_FAILED), "DTLS1_READ_FAILED"},
99 {ERR_FUNC(SSL_F_DTLS1_SEND_CERTIFICATE_REQUEST), "DTLS1_SEND_CERTIFICATE_REQUEST"},
100 {ERR_FUNC(SSL_F_DTLS1_SEND_CLIENT_CERTIFICATE), "DTLS1_SEND_CLIENT_CERTIFICATE"},
101 {ERR_FUNC(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE), "DTLS1_SEND_CLIENT_KEY_EXCHANGE"},
102 {ERR_FUNC(SSL_F_DTLS1_SEND_CLIENT_VERIFY), "DTLS1_SEND_CLIENT_VERIFY"},
103 {ERR_FUNC(SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST), "DTLS1_SEND_HELLO_VERIFY_REQUEST"},
104 {ERR_FUNC(SSL_F_DTLS1_SEND_SERVER_CERTIFICATE), "DTLS1_SEND_SERVER_CERTIFICATE"},
105 {ERR_FUNC(SSL_F_DTLS1_SEND_SERVER_HELLO), "DTLS1_SEND_SERVER_HELLO"},
106 {ERR_FUNC(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE), "DTLS1_SEND_SERVER_KEY_EXCHANGE"},
107 {ERR_FUNC(SSL_F_DTLS1_WRITE_APP_DATA_BYTES), "DTLS1_WRITE_APP_DATA_BYTES"},
108 {ERR_FUNC(SSL_F_GET_CLIENT_FINISHED), "GET_CLIENT_FINISHED"},
109 {ERR_FUNC(SSL_F_GET_CLIENT_HELLO), "GET_CLIENT_HELLO"},
110 {ERR_FUNC(SSL_F_GET_CLIENT_MASTER_KEY), "GET_CLIENT_MASTER_KEY"},
111 {ERR_FUNC(SSL_F_GET_SERVER_FINISHED), "GET_SERVER_FINISHED"},
112 {ERR_FUNC(SSL_F_GET_SERVER_HELLO), "GET_SERVER_HELLO"},
113 {ERR_FUNC(SSL_F_GET_SERVER_VERIFY), "GET_SERVER_VERIFY"},
114 {ERR_FUNC(SSL_F_I2D_SSL_SESSION), "i2d_SSL_SESSION"},
115 {ERR_FUNC(SSL_F_READ_N), "READ_N"},
116 {ERR_FUNC(SSL_F_REQUEST_CERTIFICATE), "REQUEST_CERTIFICATE"},
117 {ERR_FUNC(SSL_F_SERVER_FINISH), "SERVER_FINISH"},
118 {ERR_FUNC(SSL_F_SERVER_HELLO), "SERVER_HELLO"},
119 {ERR_FUNC(SSL_F_SERVER_VERIFY), "SERVER_VERIFY"},
120 {ERR_FUNC(SSL_F_SSL23_ACCEPT), "SSL23_ACCEPT"},
121 {ERR_FUNC(SSL_F_SSL23_CLIENT_HELLO), "SSL23_CLIENT_HELLO"},
122 {ERR_FUNC(SSL_F_SSL23_CONNECT), "SSL23_CONNECT"},
123 {ERR_FUNC(SSL_F_SSL23_GET_CLIENT_HELLO), "SSL23_GET_CLIENT_HELLO"},
124 {ERR_FUNC(SSL_F_SSL23_GET_SERVER_HELLO), "SSL23_GET_SERVER_HELLO"},
125 {ERR_FUNC(SSL_F_SSL23_PEEK), "SSL23_PEEK"},
126 {ERR_FUNC(SSL_F_SSL23_READ), "SSL23_READ"},
127 {ERR_FUNC(SSL_F_SSL23_WRITE), "SSL23_WRITE"},
128 {ERR_FUNC(SSL_F_SSL2_ACCEPT), "SSL2_ACCEPT"},
129 {ERR_FUNC(SSL_F_SSL2_CONNECT), "SSL2_CONNECT"},
130 {ERR_FUNC(SSL_F_SSL2_ENC_INIT), "SSL2_ENC_INIT"},
131 {ERR_FUNC(SSL_F_SSL2_GENERATE_KEY_MATERIAL), "SSL2_GENERATE_KEY_MATERIAL"},
132 {ERR_FUNC(SSL_F_SSL2_PEEK), "SSL2_PEEK"},
133 {ERR_FUNC(SSL_F_SSL2_READ), "SSL2_READ"},
134 {ERR_FUNC(SSL_F_SSL2_READ_INTERNAL), "SSL2_READ_INTERNAL"},
135 {ERR_FUNC(SSL_F_SSL2_SET_CERTIFICATE), "SSL2_SET_CERTIFICATE"},
136 {ERR_FUNC(SSL_F_SSL2_WRITE), "SSL2_WRITE"},
137 {ERR_FUNC(SSL_F_SSL3_ACCEPT), "SSL3_ACCEPT"},
138 {ERR_FUNC(SSL_F_SSL3_ADD_CERT_TO_BUF), "SSL3_ADD_CERT_TO_BUF"},
139 {ERR_FUNC(SSL_F_SSL3_CALLBACK_CTRL), "SSL3_CALLBACK_CTRL"},
140 {ERR_FUNC(SSL_F_SSL3_CHANGE_CIPHER_STATE), "SSL3_CHANGE_CIPHER_STATE"},
141 {ERR_FUNC(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM), "SSL3_CHECK_CERT_AND_ALGORITHM"},
142 {ERR_FUNC(SSL_F_SSL3_CHECK_CLIENT_HELLO), "SSL3_CHECK_CLIENT_HELLO"},
143 {ERR_FUNC(SSL_F_SSL3_CLIENT_HELLO), "SSL3_CLIENT_HELLO"},
144 {ERR_FUNC(SSL_F_SSL3_CONNECT), "SSL3_CONNECT"},
145 {ERR_FUNC(SSL_F_SSL3_CTRL), "SSL3_CTRL"},
146 {ERR_FUNC(SSL_F_SSL3_CTX_CTRL), "SSL3_CTX_CTRL"},
147 {ERR_FUNC(SSL_F_SSL3_DIGEST_CACHED_RECORDS), "SSL3_DIGEST_CACHED_RECORDS"},
148 {ERR_FUNC(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC), "SSL3_DO_CHANGE_CIPHER_SPEC"},
149 {ERR_FUNC(SSL_F_SSL3_ENC), "SSL3_ENC"},
150 {ERR_FUNC(SSL_F_SSL3_GENERATE_KEY_BLOCK), "SSL3_GENERATE_KEY_BLOCK"},
151 {ERR_FUNC(SSL_F_SSL3_GET_CERTIFICATE_REQUEST), "SSL3_GET_CERTIFICATE_REQUEST"},
152 {ERR_FUNC(SSL_F_SSL3_GET_CERT_STATUS), "SSL3_GET_CERT_STATUS"},
153 {ERR_FUNC(SSL_F_SSL3_GET_CERT_VERIFY), "SSL3_GET_CERT_VERIFY"},
154 {ERR_FUNC(SSL_F_SSL3_GET_CLIENT_CERTIFICATE), "SSL3_GET_CLIENT_CERTIFICATE"},
155 {ERR_FUNC(SSL_F_SSL3_GET_CLIENT_HELLO), "SSL3_GET_CLIENT_HELLO"},
156 {ERR_FUNC(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE), "SSL3_GET_CLIENT_KEY_EXCHANGE"},
157 {ERR_FUNC(SSL_F_SSL3_GET_FINISHED), "SSL3_GET_FINISHED"},
158 {ERR_FUNC(SSL_F_SSL3_GET_KEY_EXCHANGE), "SSL3_GET_KEY_EXCHANGE"},
159 {ERR_FUNC(SSL_F_SSL3_GET_MESSAGE), "SSL3_GET_MESSAGE"},
160 {ERR_FUNC(SSL_F_SSL3_GET_NEW_SESSION_TICKET), "SSL3_GET_NEW_SESSION_TICKET"},
161 {ERR_FUNC(SSL_F_SSL3_GET_NEXT_PROTO), "SSL3_GET_NEXT_PROTO"},
162 {ERR_FUNC(SSL_F_SSL3_GET_RECORD), "SSL3_GET_RECORD"},
163 {ERR_FUNC(SSL_F_SSL3_GET_SERVER_CERTIFICATE), "SSL3_GET_SERVER_CERTIFICATE"},
164 {ERR_FUNC(SSL_F_SSL3_GET_SERVER_DONE), "SSL3_GET_SERVER_DONE"},
165 {ERR_FUNC(SSL_F_SSL3_GET_SERVER_HELLO), "SSL3_GET_SERVER_HELLO"},
166 {ERR_FUNC(SSL_F_SSL3_HANDSHAKE_MAC), "ssl3_handshake_mac"},
167 {ERR_FUNC(SSL_F_SSL3_NEW_SESSION_TICKET), "SSL3_NEW_SESSION_TICKET"},
168 {ERR_FUNC(SSL_F_SSL3_OUTPUT_CERT_CHAIN), "SSL3_OUTPUT_CERT_CHAIN"},
169 {ERR_FUNC(SSL_F_SSL3_PEEK), "SSL3_PEEK"},
170 {ERR_FUNC(SSL_F_SSL3_READ_BYTES), "SSL3_READ_BYTES"},
171 {ERR_FUNC(SSL_F_SSL3_READ_N), "SSL3_READ_N"},
172 {ERR_FUNC(SSL_F_SSL3_SEND_CERTIFICATE_REQUEST), "SSL3_SEND_CERTIFICATE_REQUEST"},
173 {ERR_FUNC(SSL_F_SSL3_SEND_CLIENT_CERTIFICATE), "SSL3_SEND_CLIENT_CERTIFICATE"},
174 {ERR_FUNC(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE), "SSL3_SEND_CLIENT_KEY_EXCHANGE"},
175 {ERR_FUNC(SSL_F_SSL3_SEND_CLIENT_VERIFY), "SSL3_SEND_CLIENT_VERIFY"},
176 {ERR_FUNC(SSL_F_SSL3_SEND_SERVER_CERTIFICATE), "SSL3_SEND_SERVER_CERTIFICATE"},
177 {ERR_FUNC(SSL_F_SSL3_SEND_SERVER_HELLO), "SSL3_SEND_SERVER_HELLO"},
178 {ERR_FUNC(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE), "SSL3_SEND_SERVER_KEY_EXCHANGE"},
179 {ERR_FUNC(SSL_F_SSL3_SETUP_KEY_BLOCK), "SSL3_SETUP_KEY_BLOCK"},
180 {ERR_FUNC(SSL_F_SSL3_SETUP_READ_BUFFER), "SSL3_SETUP_READ_BUFFER"},
181 {ERR_FUNC(SSL_F_SSL3_SETUP_WRITE_BUFFER), "SSL3_SETUP_WRITE_BUFFER"},
182 {ERR_FUNC(SSL_F_SSL3_WRITE_BYTES), "SSL3_WRITE_BYTES"},
183 {ERR_FUNC(SSL_F_SSL3_WRITE_PENDING), "SSL3_WRITE_PENDING"},
184 {ERR_FUNC(SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT), "SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT"},
185 {ERR_FUNC(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT), "SSL_ADD_CLIENTHELLO_TLSEXT"},
186 {ERR_FUNC(SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT), "SSL_ADD_CLIENTHELLO_USE_SRTP_EXT"},
187 {ERR_FUNC(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK), "SSL_add_dir_cert_subjects_to_stack"},
188 {ERR_FUNC(SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK), "SSL_add_file_cert_subjects_to_stack"},
189 {ERR_FUNC(SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT), "SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT"},
190 {ERR_FUNC(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT), "SSL_ADD_SERVERHELLO_TLSEXT"},
191 {ERR_FUNC(SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT), "SSL_ADD_SERVERHELLO_USE_SRTP_EXT"},
192 {ERR_FUNC(SSL_F_SSL_BAD_METHOD), "SSL_BAD_METHOD"},
193 {ERR_FUNC(SSL_F_SSL_BYTES_TO_CIPHER_LIST), "SSL_BYTES_TO_CIPHER_LIST"},
194 {ERR_FUNC(SSL_F_SSL_CERT_DUP), "SSL_CERT_DUP"},
195 {ERR_FUNC(SSL_F_SSL_CERT_INST), "SSL_CERT_INST"},
196 {ERR_FUNC(SSL_F_SSL_CERT_INSTANTIATE), "SSL_CERT_INSTANTIATE"},
197 {ERR_FUNC(SSL_F_SSL_CERT_NEW), "SSL_CERT_NEW"},
198 {ERR_FUNC(SSL_F_SSL_CHECK_PRIVATE_KEY), "SSL_check_private_key"},
199 {ERR_FUNC(SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT), "SSL_CHECK_SERVERHELLO_TLSEXT"},
200 {ERR_FUNC(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG), "SSL_CHECK_SRVR_ECC_CERT_AND_ALG"},
201 {ERR_FUNC(SSL_F_SSL_CIPHER_PROCESS_RULESTR), "SSL_CIPHER_PROCESS_RULESTR"},
202 {ERR_FUNC(SSL_F_SSL_CIPHER_STRENGTH_SORT), "SSL_CIPHER_STRENGTH_SORT"},
203 {ERR_FUNC(SSL_F_SSL_CLEAR), "SSL_clear"},
204 {ERR_FUNC(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD), "SSL_COMP_add_compression_method"},
205 {ERR_FUNC(SSL_F_SSL_CREATE_CIPHER_LIST), "SSL_CREATE_CIPHER_LIST"},
206 {ERR_FUNC(SSL_F_SSL_CTRL), "SSL_ctrl"},
207 {ERR_FUNC(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY), "SSL_CTX_check_private_key"},
208 {ERR_FUNC(SSL_F_SSL_CTX_MAKE_PROFILES), "SSL_CTX_MAKE_PROFILES"},
209 {ERR_FUNC(SSL_F_SSL_CTX_NEW), "SSL_CTX_new"},
210 {ERR_FUNC(SSL_F_SSL_CTX_SET_CIPHER_LIST), "SSL_CTX_set_cipher_list"},
211 {ERR_FUNC(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE), "SSL_CTX_set_client_cert_engine"},
212 {ERR_FUNC(SSL_F_SSL_CTX_SET_PURPOSE), "SSL_CTX_set_purpose"},
213 {ERR_FUNC(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT), "SSL_CTX_set_session_id_context"},
214 {ERR_FUNC(SSL_F_SSL_CTX_SET_SSL_VERSION), "SSL_CTX_set_ssl_version"},
215 {ERR_FUNC(SSL_F_SSL_CTX_SET_TRUST), "SSL_CTX_set_trust"},
216 {ERR_FUNC(SSL_F_SSL_CTX_USE_CERTIFICATE), "SSL_CTX_use_certificate"},
217 {ERR_FUNC(SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1), "SSL_CTX_use_certificate_ASN1"},
218 {ERR_FUNC(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE), "SSL_CTX_use_certificate_chain_file"},
219 {ERR_FUNC(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE), "SSL_CTX_use_certificate_file"},
220 {ERR_FUNC(SSL_F_SSL_CTX_USE_PRIVATEKEY), "SSL_CTX_use_PrivateKey"},
221 {ERR_FUNC(SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1), "SSL_CTX_use_PrivateKey_ASN1"},
222 {ERR_FUNC(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE), "SSL_CTX_use_PrivateKey_file"},
223 {ERR_FUNC(SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT), "SSL_CTX_use_psk_identity_hint"},
224 {ERR_FUNC(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY), "SSL_CTX_use_RSAPrivateKey"},
225 {ERR_FUNC(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1), "SSL_CTX_use_RSAPrivateKey_ASN1"},
226 {ERR_FUNC(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE), "SSL_CTX_use_RSAPrivateKey_file"},
227 {ERR_FUNC(SSL_F_SSL_DO_HANDSHAKE), "SSL_do_handshake"},
228 {ERR_FUNC(SSL_F_SSL_GET_NEW_SESSION), "SSL_GET_NEW_SESSION"},
229 {ERR_FUNC(SSL_F_SSL_GET_PREV_SESSION), "SSL_GET_PREV_SESSION"},
230 {ERR_FUNC(SSL_F_SSL_GET_SERVER_SEND_CERT), "SSL_GET_SERVER_SEND_CERT"},
231 {ERR_FUNC(SSL_F_SSL_GET_SERVER_SEND_PKEY), "SSL_GET_SERVER_SEND_PKEY"},
232 {ERR_FUNC(SSL_F_SSL_GET_SIGN_PKEY), "SSL_GET_SIGN_PKEY"},
233 {ERR_FUNC(SSL_F_SSL_INIT_WBIO_BUFFER), "SSL_INIT_WBIO_BUFFER"},
234 {ERR_FUNC(SSL_F_SSL_LOAD_CLIENT_CA_FILE), "SSL_load_client_CA_file"},
235 {ERR_FUNC(SSL_F_SSL_NEW), "SSL_new"},
236 {ERR_FUNC(SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT), "SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT"},
237 {ERR_FUNC(SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT), "SSL_PARSE_CLIENTHELLO_TLSEXT"},
238 {ERR_FUNC(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT), "SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT"},
239 {ERR_FUNC(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT), "SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT"},
240 {ERR_FUNC(SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT), "SSL_PARSE_SERVERHELLO_TLSEXT"},
241 {ERR_FUNC(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT), "SSL_PARSE_SERVERHELLO_USE_SRTP_EXT"},
242 {ERR_FUNC(SSL_F_SSL_PEEK), "SSL_peek"},
243 {ERR_FUNC(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT), "SSL_PREPARE_CLIENTHELLO_TLSEXT"},
244 {ERR_FUNC(SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT), "SSL_PREPARE_SERVERHELLO_TLSEXT"},
245 {ERR_FUNC(SSL_F_SSL_READ), "SSL_read"},
246 {ERR_FUNC(SSL_F_SSL_RSA_PRIVATE_DECRYPT), "SSL_RSA_PRIVATE_DECRYPT"},
247 {ERR_FUNC(SSL_F_SSL_RSA_PUBLIC_ENCRYPT), "SSL_RSA_PUBLIC_ENCRYPT"},
248 {ERR_FUNC(SSL_F_SSL_SESSION_NEW), "SSL_SESSION_new"},
249 {ERR_FUNC(SSL_F_SSL_SESSION_PRINT_FP), "SSL_SESSION_print_fp"},
250 {ERR_FUNC(SSL_F_SSL_SESSION_SET1_ID_CONTEXT), "SSL_SESSION_set1_id_context"},
251 {ERR_FUNC(SSL_F_SSL_SESS_CERT_NEW), "SSL_SESS_CERT_NEW"},
252 {ERR_FUNC(SSL_F_SSL_SET_CERT), "SSL_SET_CERT"},
253 {ERR_FUNC(SSL_F_SSL_SET_CIPHER_LIST), "SSL_set_cipher_list"},
254 {ERR_FUNC(SSL_F_SSL_SET_FD), "SSL_set_fd"},
255 {ERR_FUNC(SSL_F_SSL_SET_PKEY), "SSL_SET_PKEY"},
256 {ERR_FUNC(SSL_F_SSL_SET_PURPOSE), "SSL_set_purpose"},
257 {ERR_FUNC(SSL_F_SSL_SET_RFD), "SSL_set_rfd"},
258 {ERR_FUNC(SSL_F_SSL_SET_SESSION), "SSL_set_session"},
259 {ERR_FUNC(SSL_F_SSL_SET_SESSION_ID_CONTEXT), "SSL_set_session_id_context"},
260 {ERR_FUNC(SSL_F_SSL_SET_SESSION_TICKET_EXT), "SSL_set_session_ticket_ext"},
261 {ERR_FUNC(SSL_F_SSL_SET_TRUST), "SSL_set_trust"},
262 {ERR_FUNC(SSL_F_SSL_SET_WFD), "SSL_set_wfd"},
263 {ERR_FUNC(SSL_F_SSL_SHUTDOWN), "SSL_shutdown"},
264 {ERR_FUNC(SSL_F_SSL_SRP_CTX_INIT), "SSL_SRP_CTX_init"},
265 {ERR_FUNC(SSL_F_SSL_UNDEFINED_CONST_FUNCTION), "SSL_UNDEFINED_CONST_FUNCTION"},
266 {ERR_FUNC(SSL_F_SSL_UNDEFINED_FUNCTION), "SSL_UNDEFINED_FUNCTION"},
267 {ERR_FUNC(SSL_F_SSL_UNDEFINED_VOID_FUNCTION), "SSL_UNDEFINED_VOID_FUNCTION"},
268 {ERR_FUNC(SSL_F_SSL_USE_CERTIFICATE), "SSL_use_certificate"},
269 {ERR_FUNC(SSL_F_SSL_USE_CERTIFICATE_ASN1), "SSL_use_certificate_ASN1"},
270 {ERR_FUNC(SSL_F_SSL_USE_CERTIFICATE_FILE), "SSL_use_certificate_file"},
271 {ERR_FUNC(SSL_F_SSL_USE_PRIVATEKEY), "SSL_use_PrivateKey"},
272 {ERR_FUNC(SSL_F_SSL_USE_PRIVATEKEY_ASN1), "SSL_use_PrivateKey_ASN1"},
273 {ERR_FUNC(SSL_F_SSL_USE_PRIVATEKEY_FILE), "SSL_use_PrivateKey_file"},
274 {ERR_FUNC(SSL_F_SSL_USE_PSK_IDENTITY_HINT), "SSL_use_psk_identity_hint"},
275 {ERR_FUNC(SSL_F_SSL_USE_RSAPRIVATEKEY), "SSL_use_RSAPrivateKey"},
276 {ERR_FUNC(SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1), "SSL_use_RSAPrivateKey_ASN1"},
277 {ERR_FUNC(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE), "SSL_use_RSAPrivateKey_file"},
278 {ERR_FUNC(SSL_F_SSL_VERIFY_CERT_CHAIN), "SSL_VERIFY_CERT_CHAIN"},
279 {ERR_FUNC(SSL_F_SSL_WRITE), "SSL_write"},
280 {ERR_FUNC(SSL_F_TLS1_AEAD_CTX_INIT), "TLS1_AEAD_CTX_INIT"},
281 {ERR_FUNC(SSL_F_TLS1_CERT_VERIFY_MAC), "tls1_cert_verify_mac"},
282 {ERR_FUNC(SSL_F_TLS1_CHANGE_CIPHER_STATE), "TLS1_CHANGE_CIPHER_STATE"},
283 {ERR_FUNC(SSL_F_TLS1_CHANGE_CIPHER_STATE_AEAD), "TLS1_CHANGE_CIPHER_STATE_AEAD"},
284 {ERR_FUNC(SSL_F_TLS1_CHANGE_CIPHER_STATE_CIPHER), "TLS1_CHANGE_CIPHER_STATE_CIPHER"},
285 {ERR_FUNC(SSL_F_TLS1_CHECK_SERVERHELLO_TLSEXT), "TLS1_CHECK_SERVERHELLO_TLSEXT"},
286 {ERR_FUNC(SSL_F_TLS1_ENC), "TLS1_ENC"},
287 {ERR_FUNC(SSL_F_TLS1_EXPORT_KEYING_MATERIAL), "TLS1_EXPORT_KEYING_MATERIAL"},
288 {ERR_FUNC(SSL_F_TLS1_HEARTBEAT), "SSL_F_TLS1_HEARTBEAT"},
289 {ERR_FUNC(SSL_F_TLS1_PREPARE_CLIENTHELLO_TLSEXT), "TLS1_PREPARE_CLIENTHELLO_TLSEXT"},
290 {ERR_FUNC(SSL_F_TLS1_PREPARE_SERVERHELLO_TLSEXT), "TLS1_PREPARE_SERVERHELLO_TLSEXT"},
291 {ERR_FUNC(SSL_F_TLS1_PRF), "tls1_prf"},
292 {ERR_FUNC(SSL_F_TLS1_SETUP_KEY_BLOCK), "TLS1_SETUP_KEY_BLOCK"},
293 {ERR_FUNC(SSL_F_WRITE_PENDING), "WRITE_PENDING"},
294 {0, NULL}
295};
296
297static ERR_STRING_DATA SSL_str_reasons[]= {
298 {ERR_REASON(SSL_R_APP_DATA_IN_HANDSHAKE) , "app data in handshake"},
299 {ERR_REASON(SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT), "attempt to reuse session in different context"},
300 {ERR_REASON(SSL_R_BAD_ALERT_RECORD) , "bad alert record"},
301 {ERR_REASON(SSL_R_BAD_AUTHENTICATION_TYPE), "bad authentication type"},
302 {ERR_REASON(SSL_R_BAD_CHANGE_CIPHER_SPEC), "bad change cipher spec"},
303 {ERR_REASON(SSL_R_BAD_CHECKSUM) , "bad checksum"},
304 {ERR_REASON(SSL_R_BAD_DATA_RETURNED_BY_CALLBACK), "bad data returned by callback"},
305 {ERR_REASON(SSL_R_BAD_DECOMPRESSION) , "bad decompression"},
306 {ERR_REASON(SSL_R_BAD_DH_G_LENGTH) , "bad dh g length"},
307 {ERR_REASON(SSL_R_BAD_DH_PUB_KEY_LENGTH) , "bad dh pub key length"},
308 {ERR_REASON(SSL_R_BAD_DH_P_LENGTH) , "bad dh p length"},
309 {ERR_REASON(SSL_R_BAD_DIGEST_LENGTH) , "bad digest length"},
310 {ERR_REASON(SSL_R_BAD_DSA_SIGNATURE) , "bad dsa signature"},
311 {ERR_REASON(SSL_R_BAD_ECC_CERT) , "bad ecc cert"},
312 {ERR_REASON(SSL_R_BAD_ECDSA_SIGNATURE) , "bad ecdsa signature"},
313 {ERR_REASON(SSL_R_BAD_ECPOINT) , "bad ecpoint"},
314 {ERR_REASON(SSL_R_BAD_HANDSHAKE_LENGTH) , "bad handshake length"},
315 {ERR_REASON(SSL_R_BAD_HELLO_REQUEST) , "bad hello request"},
316 {ERR_REASON(SSL_R_BAD_LENGTH) , "bad length"},
317 {ERR_REASON(SSL_R_BAD_MAC_DECODE) , "bad mac decode"},
318 {ERR_REASON(SSL_R_BAD_MAC_LENGTH) , "bad mac length"},
319 {ERR_REASON(SSL_R_BAD_MESSAGE_TYPE) , "bad message type"},
320 {ERR_REASON(SSL_R_BAD_PACKET_LENGTH) , "bad packet length"},
321 {ERR_REASON(SSL_R_BAD_PROTOCOL_VERSION_NUMBER), "bad protocol version number"},
322 {ERR_REASON(SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH), "bad psk identity hint length"},
323 {ERR_REASON(SSL_R_BAD_RESPONSE_ARGUMENT) , "bad response argument"},
324 {ERR_REASON(SSL_R_BAD_RSA_DECRYPT) , "bad rsa decrypt"},
325 {ERR_REASON(SSL_R_BAD_RSA_ENCRYPT) , "bad rsa encrypt"},
326 {ERR_REASON(SSL_R_BAD_RSA_E_LENGTH) , "bad rsa e length"},
327 {ERR_REASON(SSL_R_BAD_RSA_MODULUS_LENGTH), "bad rsa modulus length"},
328 {ERR_REASON(SSL_R_BAD_RSA_SIGNATURE) , "bad rsa signature"},
329 {ERR_REASON(SSL_R_BAD_SIGNATURE) , "bad signature"},
330 {ERR_REASON(SSL_R_BAD_SRP_A_LENGTH) , "bad srp a length"},
331 {ERR_REASON(SSL_R_BAD_SRP_B_LENGTH) , "bad srp b length"},
332 {ERR_REASON(SSL_R_BAD_SRP_G_LENGTH) , "bad srp g length"},
333 {ERR_REASON(SSL_R_BAD_SRP_N_LENGTH) , "bad srp n length"},
334 {ERR_REASON(SSL_R_BAD_SRP_S_LENGTH) , "bad srp s length"},
335 {ERR_REASON(SSL_R_BAD_SRTP_MKI_VALUE) , "bad srtp mki value"},
336 {ERR_REASON(SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST), "bad srtp protection profile list"},
337 {ERR_REASON(SSL_R_BAD_SSL_FILETYPE) , "bad ssl filetype"},
338 {ERR_REASON(SSL_R_BAD_SSL_SESSION_ID_LENGTH), "bad ssl session id length"},
339 {ERR_REASON(SSL_R_BAD_STATE) , "bad state"},
340 {ERR_REASON(SSL_R_BAD_WRITE_RETRY) , "bad write retry"},
341 {ERR_REASON(SSL_R_BIO_NOT_SET) , "bio not set"},
342 {ERR_REASON(SSL_R_BLOCK_CIPHER_PAD_IS_WRONG), "block cipher pad is wrong"},
343 {ERR_REASON(SSL_R_BN_LIB) , "bn lib"},
344 {ERR_REASON(SSL_R_CA_DN_LENGTH_MISMATCH) , "ca dn length mismatch"},
345 {ERR_REASON(SSL_R_CA_DN_TOO_LONG) , "ca dn too long"},
346 {ERR_REASON(SSL_R_CCS_RECEIVED_EARLY) , "ccs received early"},
347 {ERR_REASON(SSL_R_CERTIFICATE_VERIFY_FAILED), "certificate verify failed"},
348 {ERR_REASON(SSL_R_CERT_LENGTH_MISMATCH) , "cert length mismatch"},
349 {ERR_REASON(SSL_R_CHALLENGE_IS_DIFFERENT), "challenge is different"},
350 {ERR_REASON(SSL_R_CIPHER_CODE_WRONG_LENGTH), "cipher code wrong length"},
351 {ERR_REASON(SSL_R_CIPHER_COMPRESSION_UNAVAILABLE), "cipher compression unavailable"},
352 {ERR_REASON(SSL_R_CIPHER_OR_HASH_UNAVAILABLE), "cipher or hash unavailable"},
353 {ERR_REASON(SSL_R_CIPHER_TABLE_SRC_ERROR), "cipher table src error"},
354 {ERR_REASON(SSL_R_CLIENTHELLO_TLSEXT) , "clienthello tlsext"},
355 {ERR_REASON(SSL_R_COMPRESSED_LENGTH_TOO_LONG), "compressed length too long"},
356 {ERR_REASON(SSL_R_COMPRESSION_DISABLED) , "compression disabled"},
357 {ERR_REASON(SSL_R_COMPRESSION_FAILURE) , "compression failure"},
358 {ERR_REASON(SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE), "compression id not within private range"},
359 {ERR_REASON(SSL_R_COMPRESSION_LIBRARY_ERROR), "compression library error"},
360 {ERR_REASON(SSL_R_CONNECTION_ID_IS_DIFFERENT), "connection id is different"},
361 {ERR_REASON(SSL_R_CONNECTION_TYPE_NOT_SET), "connection type not set"},
362 {ERR_REASON(SSL_R_COOKIE_MISMATCH) , "cookie mismatch"},
363 {ERR_REASON(SSL_R_DATA_BETWEEN_CCS_AND_FINISHED), "data between ccs and finished"},
364 {ERR_REASON(SSL_R_DATA_LENGTH_TOO_LONG) , "data length too long"},
365 {ERR_REASON(SSL_R_DECRYPTION_FAILED) , "decryption failed"},
366 {ERR_REASON(SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC), "decryption failed or bad record mac"},
367 {ERR_REASON(SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG), "dh public value length is wrong"},
368 {ERR_REASON(SSL_R_DIGEST_CHECK_FAILED) , "digest check failed"},
369 {ERR_REASON(SSL_R_DTLS_MESSAGE_TOO_BIG) , "dtls message too big"},
370 {ERR_REASON(SSL_R_DUPLICATE_COMPRESSION_ID), "duplicate compression id"},
371 {ERR_REASON(SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT), "ecc cert not for key agreement"},
372 {ERR_REASON(SSL_R_ECC_CERT_NOT_FOR_SIGNING), "ecc cert not for signing"},
373 {ERR_REASON(SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE), "ecc cert should have rsa signature"},
374 {ERR_REASON(SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE), "ecc cert should have sha1 signature"},
375 {ERR_REASON(SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER), "ecgroup too large for cipher"},
376 {ERR_REASON(SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST), "empty srtp protection profile list"},
377 {ERR_REASON(SSL_R_ENCRYPTED_LENGTH_TOO_LONG), "encrypted length too long"},
378 {ERR_REASON(SSL_R_ERROR_GENERATING_TMP_RSA_KEY), "error generating tmp rsa key"},
379 {ERR_REASON(SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST), "error in received cipher list"},
380 {ERR_REASON(SSL_R_EXCESSIVE_MESSAGE_SIZE), "excessive message size"},
381 {ERR_REASON(SSL_R_EXTRA_DATA_IN_MESSAGE) , "extra data in message"},
382 {ERR_REASON(SSL_R_GOT_A_FIN_BEFORE_A_CCS), "got a fin before a ccs"},
383 {ERR_REASON(SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS), "got next proto before a ccs"},
384 {ERR_REASON(SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION), "got next proto without seeing extension"},
385 {ERR_REASON(SSL_R_HTTPS_PROXY_REQUEST) , "https proxy request"},
386 {ERR_REASON(SSL_R_HTTP_REQUEST) , "http request"},
387 {ERR_REASON(SSL_R_ILLEGAL_PADDING) , "illegal padding"},
388 {ERR_REASON(SSL_R_INAPPROPRIATE_FALLBACK), "inappropriate fallback"},
389 {ERR_REASON(SSL_R_INCONSISTENT_COMPRESSION), "inconsistent compression"},
390 {ERR_REASON(SSL_R_INVALID_CHALLENGE_LENGTH), "invalid challenge length"},
391 {ERR_REASON(SSL_R_INVALID_COMMAND) , "invalid command"},
392 {ERR_REASON(SSL_R_INVALID_COMPRESSION_ALGORITHM), "invalid compression algorithm"},
393 {ERR_REASON(SSL_R_INVALID_PURPOSE) , "invalid purpose"},
394 {ERR_REASON(SSL_R_INVALID_SRP_USERNAME) , "invalid srp username"},
395 {ERR_REASON(SSL_R_INVALID_STATUS_RESPONSE), "invalid status response"},
396 {ERR_REASON(SSL_R_INVALID_TICKET_KEYS_LENGTH), "invalid ticket keys length"},
397 {ERR_REASON(SSL_R_INVALID_TRUST) , "invalid trust"},
398 {ERR_REASON(SSL_R_KEY_ARG_TOO_LONG) , "key arg too long"},
399 {ERR_REASON(SSL_R_KRB5) , "krb5"},
400 {ERR_REASON(SSL_R_KRB5_C_CC_PRINC) , "krb5 client cc principal (no tkt?)"},
401 {ERR_REASON(SSL_R_KRB5_C_GET_CRED) , "krb5 client get cred"},
402 {ERR_REASON(SSL_R_KRB5_C_INIT) , "krb5 client init"},
403 {ERR_REASON(SSL_R_KRB5_C_MK_REQ) , "krb5 client mk_req (expired tkt?)"},
404 {ERR_REASON(SSL_R_KRB5_S_BAD_TICKET) , "krb5 server bad ticket"},
405 {ERR_REASON(SSL_R_KRB5_S_INIT) , "krb5 server init"},
406 {ERR_REASON(SSL_R_KRB5_S_RD_REQ) , "krb5 server rd_req (keytab perms?)"},
407 {ERR_REASON(SSL_R_KRB5_S_TKT_EXPIRED) , "krb5 server tkt expired"},
408 {ERR_REASON(SSL_R_KRB5_S_TKT_NYV) , "krb5 server tkt not yet valid"},
409 {ERR_REASON(SSL_R_KRB5_S_TKT_SKEW) , "krb5 server tkt skew"},
410 {ERR_REASON(SSL_R_LENGTH_MISMATCH) , "length mismatch"},
411 {ERR_REASON(SSL_R_LENGTH_TOO_SHORT) , "length too short"},
412 {ERR_REASON(SSL_R_LIBRARY_BUG) , "library bug"},
413 {ERR_REASON(SSL_R_LIBRARY_HAS_NO_CIPHERS), "library has no ciphers"},
414 {ERR_REASON(SSL_R_MESSAGE_TOO_LONG) , "message too long"},
415 {ERR_REASON(SSL_R_MISSING_DH_DSA_CERT) , "missing dh dsa cert"},
416 {ERR_REASON(SSL_R_MISSING_DH_KEY) , "missing dh key"},
417 {ERR_REASON(SSL_R_MISSING_DH_RSA_CERT) , "missing dh rsa cert"},
418 {ERR_REASON(SSL_R_MISSING_DSA_SIGNING_CERT), "missing dsa signing cert"},
419 {ERR_REASON(SSL_R_MISSING_EXPORT_TMP_DH_KEY), "missing export tmp dh key"},
420 {ERR_REASON(SSL_R_MISSING_EXPORT_TMP_RSA_KEY), "missing export tmp rsa key"},
421 {ERR_REASON(SSL_R_MISSING_RSA_CERTIFICATE), "missing rsa certificate"},
422 {ERR_REASON(SSL_R_MISSING_RSA_ENCRYPTING_CERT), "missing rsa encrypting cert"},
423 {ERR_REASON(SSL_R_MISSING_RSA_SIGNING_CERT), "missing rsa signing cert"},
424 {ERR_REASON(SSL_R_MISSING_SRP_PARAM) , "can't find SRP server param"},
425 {ERR_REASON(SSL_R_MISSING_TMP_DH_KEY) , "missing tmp dh key"},
426 {ERR_REASON(SSL_R_MISSING_TMP_ECDH_KEY) , "missing tmp ecdh key"},
427 {ERR_REASON(SSL_R_MISSING_TMP_RSA_KEY) , "missing tmp rsa key"},
428 {ERR_REASON(SSL_R_MISSING_TMP_RSA_PKEY) , "missing tmp rsa pkey"},
429 {ERR_REASON(SSL_R_MISSING_VERIFY_MESSAGE), "missing verify message"},
430 {ERR_REASON(SSL_R_MULTIPLE_SGC_RESTARTS) , "multiple sgc restarts"},
431 {ERR_REASON(SSL_R_NON_SSLV2_INITIAL_PACKET), "non sslv2 initial packet"},
432 {ERR_REASON(SSL_R_NO_CERTIFICATES_RETURNED), "no certificates returned"},
433 {ERR_REASON(SSL_R_NO_CERTIFICATE_ASSIGNED), "no certificate assigned"},
434 {ERR_REASON(SSL_R_NO_CERTIFICATE_RETURNED), "no certificate returned"},
435 {ERR_REASON(SSL_R_NO_CERTIFICATE_SET) , "no certificate set"},
436 {ERR_REASON(SSL_R_NO_CERTIFICATE_SPECIFIED), "no certificate specified"},
437 {ERR_REASON(SSL_R_NO_CIPHERS_AVAILABLE) , "no ciphers available"},
438 {ERR_REASON(SSL_R_NO_CIPHERS_PASSED) , "no ciphers passed"},
439 {ERR_REASON(SSL_R_NO_CIPHERS_SPECIFIED) , "no ciphers specified"},
440 {ERR_REASON(SSL_R_NO_CIPHER_LIST) , "no cipher list"},
441 {ERR_REASON(SSL_R_NO_CIPHER_MATCH) , "no cipher match"},
442 {ERR_REASON(SSL_R_NO_CLIENT_CERT_METHOD) , "no client cert method"},
443 {ERR_REASON(SSL_R_NO_CLIENT_CERT_RECEIVED), "no client cert received"},
444 {ERR_REASON(SSL_R_NO_COMPRESSION_SPECIFIED), "no compression specified"},
445 {ERR_REASON(SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER), "Peer haven't sent GOST certificate, required for selected ciphersuite"},
446 {ERR_REASON(SSL_R_NO_METHOD_SPECIFIED) , "no method specified"},
447 {ERR_REASON(SSL_R_NO_PRIVATEKEY) , "no privatekey"},
448 {ERR_REASON(SSL_R_NO_PRIVATE_KEY_ASSIGNED), "no private key assigned"},
449 {ERR_REASON(SSL_R_NO_PROTOCOLS_AVAILABLE), "no protocols available"},
450 {ERR_REASON(SSL_R_NO_PUBLICKEY) , "no publickey"},
451 {ERR_REASON(SSL_R_NO_RENEGOTIATION) , "no renegotiation"},
452 {ERR_REASON(SSL_R_NO_REQUIRED_DIGEST) , "digest requred for handshake isn't computed"},
453 {ERR_REASON(SSL_R_NO_SHARED_CIPHER) , "no shared cipher"},
454 {ERR_REASON(SSL_R_NO_SRTP_PROFILES) , "no srtp profiles"},
455 {ERR_REASON(SSL_R_NO_VERIFY_CALLBACK) , "no verify callback"},
456 {ERR_REASON(SSL_R_NULL_SSL_CTX) , "null ssl ctx"},
457 {ERR_REASON(SSL_R_NULL_SSL_METHOD_PASSED), "null ssl method passed"},
458 {ERR_REASON(SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED), "old session cipher not returned"},
459 {ERR_REASON(SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED), "old session compression algorithm not returned"},
460 {ERR_REASON(SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE), "only tls allowed in fips mode"},
461 {ERR_REASON(SSL_R_PACKET_LENGTH_TOO_LONG), "packet length too long"},
462 {ERR_REASON(SSL_R_PARSE_TLSEXT) , "parse tlsext"},
463 {ERR_REASON(SSL_R_PATH_TOO_LONG) , "path too long"},
464 {ERR_REASON(SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE), "peer did not return a certificate"},
465 {ERR_REASON(SSL_R_PEER_ERROR) , "peer error"},
466 {ERR_REASON(SSL_R_PEER_ERROR_CERTIFICATE), "peer error certificate"},
467 {ERR_REASON(SSL_R_PEER_ERROR_NO_CERTIFICATE), "peer error no certificate"},
468 {ERR_REASON(SSL_R_PEER_ERROR_NO_CIPHER) , "peer error no cipher"},
469 {ERR_REASON(SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE), "peer error unsupported certificate type"},
470 {ERR_REASON(SSL_R_PRE_MAC_LENGTH_TOO_LONG), "pre mac length too long"},
471 {ERR_REASON(SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS), "problems mapping cipher functions"},
472 {ERR_REASON(SSL_R_PROTOCOL_IS_SHUTDOWN) , "protocol is shutdown"},
473 {ERR_REASON(SSL_R_PSK_IDENTITY_NOT_FOUND), "psk identity not found"},
474 {ERR_REASON(SSL_R_PSK_NO_CLIENT_CB) , "psk no client cb"},
475 {ERR_REASON(SSL_R_PSK_NO_SERVER_CB) , "psk no server cb"},
476 {ERR_REASON(SSL_R_PUBLIC_KEY_ENCRYPT_ERROR), "public key encrypt error"},
477 {ERR_REASON(SSL_R_PUBLIC_KEY_IS_NOT_RSA) , "public key is not rsa"},
478 {ERR_REASON(SSL_R_PUBLIC_KEY_NOT_RSA) , "public key not rsa"},
479 {ERR_REASON(SSL_R_READ_BIO_NOT_SET) , "read bio not set"},
480 {ERR_REASON(SSL_R_READ_TIMEOUT_EXPIRED) , "read timeout expired"},
481 {ERR_REASON(SSL_R_READ_WRONG_PACKET_TYPE), "read wrong packet type"},
482 {ERR_REASON(SSL_R_RECORD_LENGTH_MISMATCH), "record length mismatch"},
483 {ERR_REASON(SSL_R_RECORD_TOO_LARGE) , "record too large"},
484 {ERR_REASON(SSL_R_RECORD_TOO_SMALL) , "record too small"},
485 {ERR_REASON(SSL_R_RENEGOTIATE_EXT_TOO_LONG), "renegotiate ext too long"},
486 {ERR_REASON(SSL_R_RENEGOTIATION_ENCODING_ERR), "renegotiation encoding err"},
487 {ERR_REASON(SSL_R_RENEGOTIATION_MISMATCH), "renegotiation mismatch"},
488 {ERR_REASON(SSL_R_REQUIRED_CIPHER_MISSING), "required cipher missing"},
489 {ERR_REASON(SSL_R_REQUIRED_COMPRESSSION_ALGORITHM_MISSING), "required compresssion algorithm missing"},
490 {ERR_REASON(SSL_R_REUSE_CERT_LENGTH_NOT_ZERO), "reuse cert length not zero"},
491 {ERR_REASON(SSL_R_REUSE_CERT_TYPE_NOT_ZERO), "reuse cert type not zero"},
492 {ERR_REASON(SSL_R_REUSE_CIPHER_LIST_NOT_ZERO), "reuse cipher list not zero"},
493 {ERR_REASON(SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING), "scsv received when renegotiating"},
494 {ERR_REASON(SSL_R_SERVERHELLO_TLSEXT) , "serverhello tlsext"},
495 {ERR_REASON(SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED), "session id context uninitialized"},
496 {ERR_REASON(SSL_R_SHORT_READ) , "short read"},
497 {ERR_REASON(SSL_R_SIGNATURE_ALGORITHMS_ERROR), "signature algorithms error"},
498 {ERR_REASON(SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE), "signature for non signing certificate"},
499 {ERR_REASON(SSL_R_SRP_A_CALC) , "error with the srp params"},
500 {ERR_REASON(SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES), "srtp could not allocate profiles"},
501 {ERR_REASON(SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG), "srtp protection profile list too long"},
502 {ERR_REASON(SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE), "srtp unknown protection profile"},
503 {ERR_REASON(SSL_R_SSL23_DOING_SESSION_ID_REUSE), "ssl23 doing session id reuse"},
504 {ERR_REASON(SSL_R_SSL2_CONNECTION_ID_TOO_LONG), "ssl2 connection id too long"},
505 {ERR_REASON(SSL_R_SSL3_EXT_INVALID_ECPOINTFORMAT), "ssl3 ext invalid ecpointformat"},
506 {ERR_REASON(SSL_R_SSL3_EXT_INVALID_SERVERNAME), "ssl3 ext invalid servername"},
507 {ERR_REASON(SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE), "ssl3 ext invalid servername type"},
508 {ERR_REASON(SSL_R_SSL3_SESSION_ID_TOO_LONG), "ssl3 session id too long"},
509 {ERR_REASON(SSL_R_SSL3_SESSION_ID_TOO_SHORT), "ssl3 session id too short"},
510 {ERR_REASON(SSL_R_SSLV3_ALERT_BAD_CERTIFICATE), "sslv3 alert bad certificate"},
511 {ERR_REASON(SSL_R_SSLV3_ALERT_BAD_RECORD_MAC), "sslv3 alert bad record mac"},
512 {ERR_REASON(SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED), "sslv3 alert certificate expired"},
513 {ERR_REASON(SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED), "sslv3 alert certificate revoked"},
514 {ERR_REASON(SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN), "sslv3 alert certificate unknown"},
515 {ERR_REASON(SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE), "sslv3 alert decompression failure"},
516 {ERR_REASON(SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE), "sslv3 alert handshake failure"},
517 {ERR_REASON(SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER), "sslv3 alert illegal parameter"},
518 {ERR_REASON(SSL_R_SSLV3_ALERT_NO_CERTIFICATE), "sslv3 alert no certificate"},
519 {ERR_REASON(SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE), "sslv3 alert unexpected message"},
520 {ERR_REASON(SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE), "sslv3 alert unsupported certificate"},
521 {ERR_REASON(SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION), "ssl ctx has no default ssl version"},
522 {ERR_REASON(SSL_R_SSL_HANDSHAKE_FAILURE) , "ssl handshake failure"},
523 {ERR_REASON(SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS), "ssl library has no ciphers"},
524 {ERR_REASON(SSL_R_SSL_SESSION_ID_CALLBACK_FAILED), "ssl session id callback failed"},
525 {ERR_REASON(SSL_R_SSL_SESSION_ID_CONFLICT), "ssl session id conflict"},
526 {ERR_REASON(SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG), "ssl session id context too long"},
527 {ERR_REASON(SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH), "ssl session id has bad length"},
528 {ERR_REASON(SSL_R_SSL_SESSION_ID_IS_DIFFERENT), "ssl session id is different"},
529 {ERR_REASON(SSL_R_TLSV1_ALERT_ACCESS_DENIED), "tlsv1 alert access denied"},
530 {ERR_REASON(SSL_R_TLSV1_ALERT_DECODE_ERROR), "tlsv1 alert decode error"},
531 {ERR_REASON(SSL_R_TLSV1_ALERT_DECRYPTION_FAILED), "tlsv1 alert decryption failed"},
532 {ERR_REASON(SSL_R_TLSV1_ALERT_DECRYPT_ERROR), "tlsv1 alert decrypt error"},
533 {ERR_REASON(SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION), "tlsv1 alert export restriction"},
534 {ERR_REASON(SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK), "tlsv1 alert inappropriate fallback"},
535 {ERR_REASON(SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY), "tlsv1 alert insufficient security"},
536 {ERR_REASON(SSL_R_TLSV1_ALERT_INTERNAL_ERROR), "tlsv1 alert internal error"},
537 {ERR_REASON(SSL_R_TLSV1_ALERT_NO_RENEGOTIATION), "tlsv1 alert no renegotiation"},
538 {ERR_REASON(SSL_R_TLSV1_ALERT_PROTOCOL_VERSION), "tlsv1 alert protocol version"},
539 {ERR_REASON(SSL_R_TLSV1_ALERT_RECORD_OVERFLOW), "tlsv1 alert record overflow"},
540 {ERR_REASON(SSL_R_TLSV1_ALERT_UNKNOWN_CA), "tlsv1 alert unknown ca"},
541 {ERR_REASON(SSL_R_TLSV1_ALERT_USER_CANCELLED), "tlsv1 alert user cancelled"},
542 {ERR_REASON(SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE), "tlsv1 bad certificate hash value"},
543 {ERR_REASON(SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE), "tlsv1 bad certificate status response"},
544 {ERR_REASON(SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE), "tlsv1 certificate unobtainable"},
545 {ERR_REASON(SSL_R_TLSV1_UNRECOGNIZED_NAME), "tlsv1 unrecognized name"},
546 {ERR_REASON(SSL_R_TLSV1_UNSUPPORTED_EXTENSION), "tlsv1 unsupported extension"},
547 {ERR_REASON(SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER), "tls client cert req with anon cipher"},
548 {ERR_REASON(SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT), "peer does not accept heartbeats"},
549 {ERR_REASON(SSL_R_TLS_HEARTBEAT_PENDING) , "heartbeat request already pending"},
550 {ERR_REASON(SSL_R_TLS_ILLEGAL_EXPORTER_LABEL), "tls illegal exporter label"},
551 {ERR_REASON(SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST), "tls invalid ecpointformat list"},
552 {ERR_REASON(SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST), "tls peer did not respond with certificate list"},
553 {ERR_REASON(SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG), "tls rsa encrypted value length is wrong"},
554 {ERR_REASON(SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER), "tried to use unsupported cipher"},
555 {ERR_REASON(SSL_R_UNABLE_TO_DECODE_DH_CERTS), "unable to decode dh certs"},
556 {ERR_REASON(SSL_R_UNABLE_TO_DECODE_ECDH_CERTS), "unable to decode ecdh certs"},
557 {ERR_REASON(SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY), "unable to extract public key"},
558 {ERR_REASON(SSL_R_UNABLE_TO_FIND_DH_PARAMETERS), "unable to find dh parameters"},
559 {ERR_REASON(SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS), "unable to find ecdh parameters"},
560 {ERR_REASON(SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS), "unable to find public key parameters"},
561 {ERR_REASON(SSL_R_UNABLE_TO_FIND_SSL_METHOD), "unable to find ssl method"},
562 {ERR_REASON(SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES), "unable to load ssl2 md5 routines"},
563 {ERR_REASON(SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES), "unable to load ssl3 md5 routines"},
564 {ERR_REASON(SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES), "unable to load ssl3 sha1 routines"},
565 {ERR_REASON(SSL_R_UNEXPECTED_MESSAGE) , "unexpected message"},
566 {ERR_REASON(SSL_R_UNEXPECTED_RECORD) , "unexpected record"},
567 {ERR_REASON(SSL_R_UNINITIALIZED) , "uninitialized"},
568 {ERR_REASON(SSL_R_UNKNOWN_ALERT_TYPE) , "unknown alert type"},
569 {ERR_REASON(SSL_R_UNKNOWN_CERTIFICATE_TYPE), "unknown certificate type"},
570 {ERR_REASON(SSL_R_UNKNOWN_CIPHER_RETURNED), "unknown cipher returned"},
571 {ERR_REASON(SSL_R_UNKNOWN_CIPHER_TYPE) , "unknown cipher type"},
572 {ERR_REASON(SSL_R_UNKNOWN_DIGEST) , "unknown digest"},
573 {ERR_REASON(SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE), "unknown key exchange type"},
574 {ERR_REASON(SSL_R_UNKNOWN_PKEY_TYPE) , "unknown pkey type"},
575 {ERR_REASON(SSL_R_UNKNOWN_PROTOCOL) , "unknown protocol"},
576 {ERR_REASON(SSL_R_UNKNOWN_REMOTE_ERROR_TYPE), "unknown remote error type"},
577 {ERR_REASON(SSL_R_UNKNOWN_SSL_VERSION) , "unknown ssl version"},
578 {ERR_REASON(SSL_R_UNKNOWN_STATE) , "unknown state"},
579 {ERR_REASON(SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED), "unsafe legacy renegotiation disabled"},
580 {ERR_REASON(SSL_R_UNSUPPORTED_CIPHER) , "unsupported cipher"},
581 {ERR_REASON(SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM), "unsupported compression algorithm"},
582 {ERR_REASON(SSL_R_UNSUPPORTED_DIGEST_TYPE), "unsupported digest type"},
583 {ERR_REASON(SSL_R_UNSUPPORTED_ELLIPTIC_CURVE), "unsupported elliptic curve"},
584 {ERR_REASON(SSL_R_UNSUPPORTED_PROTOCOL) , "unsupported protocol"},
585 {ERR_REASON(SSL_R_UNSUPPORTED_SSL_VERSION), "unsupported ssl version"},
586 {ERR_REASON(SSL_R_UNSUPPORTED_STATUS_TYPE), "unsupported status type"},
587 {ERR_REASON(SSL_R_USE_SRTP_NOT_NEGOTIATED), "use srtp not negotiated"},
588 {ERR_REASON(SSL_R_WRITE_BIO_NOT_SET) , "write bio not set"},
589 {ERR_REASON(SSL_R_WRONG_CIPHER_RETURNED) , "wrong cipher returned"},
590 {ERR_REASON(SSL_R_WRONG_CURVE) , "wrong curve"},
591 {ERR_REASON(SSL_R_WRONG_MESSAGE_TYPE) , "wrong message type"},
592 {ERR_REASON(SSL_R_WRONG_NUMBER_OF_KEY_BITS), "wrong number of key bits"},
593 {ERR_REASON(SSL_R_WRONG_SIGNATURE_LENGTH), "wrong signature length"},
594 {ERR_REASON(SSL_R_WRONG_SIGNATURE_SIZE) , "wrong signature size"},
595 {ERR_REASON(SSL_R_WRONG_SIGNATURE_TYPE) , "wrong signature type"},
596 {ERR_REASON(SSL_R_WRONG_SSL_VERSION) , "wrong ssl version"},
597 {ERR_REASON(SSL_R_WRONG_VERSION_NUMBER) , "wrong version number"},
598 {ERR_REASON(SSL_R_X509_LIB) , "x509 lib"},
599 {ERR_REASON(SSL_R_X509_VERIFICATION_SETUP_PROBLEMS), "x509 verification setup problems"},
600 {0, NULL}
601};
602
603#endif
604
605void
606ERR_load_SSL_strings(void)
607{
608#ifndef OPENSSL_NO_ERR
609
610 if (ERR_func_error_string(SSL_str_functs[0].error) == NULL) {
611 ERR_load_strings(0, SSL_str_functs);
612 ERR_load_strings(0, SSL_str_reasons);
613 }
614#endif
615}
diff --git a/src/lib/libssl/ssl_err2.c b/src/lib/libssl/ssl_err2.c
deleted file mode 100644
index 9aad13cdc5..0000000000
--- a/src/lib/libssl/ssl_err2.c
+++ /dev/null
@@ -1,72 +0,0 @@
1/* $OpenBSD: ssl_err2.c,v 1.7 2014/12/14 15:30:50 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/err.h>
62#include <openssl/ssl.h>
63
64void
65SSL_load_error_strings(void)
66{
67#ifndef OPENSSL_NO_ERR
68 ERR_load_crypto_strings();
69 ERR_load_SSL_strings();
70#endif
71}
72
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
deleted file mode 100644
index d7b5283501..0000000000
--- a/src/lib/libssl/ssl_lib.c
+++ /dev/null
@@ -1,3121 +0,0 @@
1/* $OpenBSD: ssl_lib.c,v 1.101 2015/02/22 15:54:27 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111/* ====================================================================
112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113 * ECC cipher suite support in OpenSSL originally developed by
114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
115 */
116/* ====================================================================
117 * Copyright 2005 Nokia. All rights reserved.
118 *
119 * The portions of the attached software ("Contribution") is developed by
120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
121 * license.
122 *
123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
125 * support (see RFC 4279) to OpenSSL.
126 *
127 * No patent licenses or other rights except those expressly stated in
128 * the OpenSSL open source license shall be deemed granted or received
129 * expressly, by implication, estoppel, or otherwise.
130 *
131 * No assurances are provided by Nokia that the Contribution does not
132 * infringe the patent or other intellectual property rights of any third
133 * party or that the license provides you with all the necessary rights
134 * to make use of the Contribution.
135 *
136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
140 * OTHERWISE.
141 */
142
143#include <stdio.h>
144
145#include "ssl_locl.h"
146
147#include <openssl/bn.h>
148#include <openssl/dh.h>
149#include <openssl/lhash.h>
150#include <openssl/objects.h>
151#include <openssl/ocsp.h>
152#include <openssl/x509v3.h>
153
154#ifndef OPENSSL_NO_ENGINE
155#include <openssl/engine.h>
156#endif
157
158const char *SSL_version_str = OPENSSL_VERSION_TEXT;
159
160SSL3_ENC_METHOD ssl3_undef_enc_method = {
161 /*
162 * Evil casts, but these functions are only called if there's a
163 * library bug.
164 */
165 .enc = (int (*)(SSL *, int))ssl_undefined_function,
166 .mac = (int (*)(SSL *, unsigned char *, int))ssl_undefined_function,
167 .setup_key_block = ssl_undefined_function,
168 .generate_master_secret = (int (*)(SSL *, unsigned char *,
169 unsigned char *, int))ssl_undefined_function,
170 .change_cipher_state = (int (*)(SSL*, int))ssl_undefined_function,
171 .final_finish_mac = (int (*)(SSL *, const char*, int,
172 unsigned char *))ssl_undefined_function,
173 .finish_mac_length = 0,
174 .cert_verify_mac = (int (*)(SSL *, int,
175 unsigned char *))ssl_undefined_function,
176 .client_finished_label = NULL,
177 .client_finished_label_len = 0,
178 .server_finished_label = NULL,
179 .server_finished_label_len = 0,
180 .alert_value = (int (*)(int))ssl_undefined_function,
181 .export_keying_material = (int (*)(SSL *, unsigned char *, size_t,
182 const char *, size_t, const unsigned char *, size_t,
183 int use_context))ssl_undefined_function,
184 .enc_flags = 0,
185};
186
187int
188SSL_clear(SSL *s)
189{
190 if (s->method == NULL) {
191 SSLerr(SSL_F_SSL_CLEAR,
192 SSL_R_NO_METHOD_SPECIFIED);
193 return (0);
194 }
195
196 if (ssl_clear_bad_session(s)) {
197 SSL_SESSION_free(s->session);
198 s->session = NULL;
199 }
200
201 s->error = 0;
202 s->hit = 0;
203 s->shutdown = 0;
204
205 if (s->renegotiate) {
206 SSLerr(SSL_F_SSL_CLEAR,
207 ERR_R_INTERNAL_ERROR);
208 return (0);
209 }
210
211 s->type = 0;
212
213 s->state = SSL_ST_BEFORE|((s->server) ? SSL_ST_ACCEPT : SSL_ST_CONNECT);
214
215 s->version = s->method->version;
216 s->client_version = s->version;
217 s->rwstate = SSL_NOTHING;
218 s->rstate = SSL_ST_READ_HEADER;
219
220 if (s->init_buf != NULL) {
221 BUF_MEM_free(s->init_buf);
222 s->init_buf = NULL;
223 }
224
225 ssl_clear_cipher_ctx(s);
226 ssl_clear_hash_ctx(&s->read_hash);
227 ssl_clear_hash_ctx(&s->write_hash);
228
229 s->first_packet = 0;
230
231 /*
232 * Check to see if we were changed into a different method, if
233 * so, revert back if we are not doing session-id reuse.
234 */
235 if (!s->in_handshake && (s->session == NULL) &&
236 (s->method != s->ctx->method)) {
237 s->method->ssl_free(s);
238 s->method = s->ctx->method;
239 if (!s->method->ssl_new(s))
240 return (0);
241 } else
242 s->method->ssl_clear(s);
243 return (1);
244}
245
246/* Used to change an SSL_CTXs default SSL method type */
247int
248SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth)
249{
250 STACK_OF(SSL_CIPHER) *sk;
251
252 ctx->method = meth;
253
254 sk = ssl_create_cipher_list(ctx->method, &(ctx->cipher_list),
255 &(ctx->cipher_list_by_id), SSL_DEFAULT_CIPHER_LIST);
256 if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0)) {
257 SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION,
258 SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
259 return (0);
260 }
261 return (1);
262}
263
264SSL *
265SSL_new(SSL_CTX *ctx)
266{
267 SSL *s;
268
269 if (ctx == NULL) {
270 SSLerr(SSL_F_SSL_NEW,
271 SSL_R_NULL_SSL_CTX);
272 return (NULL);
273 }
274 if (ctx->method == NULL) {
275 SSLerr(SSL_F_SSL_NEW,
276 SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION);
277 return (NULL);
278 }
279
280 s = calloc(1, sizeof(SSL));
281 if (s == NULL)
282 goto err;
283
284
285 s->options = ctx->options;
286 s->mode = ctx->mode;
287 s->max_cert_list = ctx->max_cert_list;
288
289 if (ctx->cert != NULL) {
290 /*
291 * Earlier library versions used to copy the pointer to
292 * the CERT, not its contents; only when setting new
293 * parameters for the per-SSL copy, ssl_cert_new would be
294 * called (and the direct reference to the per-SSL_CTX
295 * settings would be lost, but those still were indirectly
296 * accessed for various purposes, and for that reason they
297 * used to be known as s->ctx->default_cert).
298 * Now we don't look at the SSL_CTX's CERT after having
299 * duplicated it once.
300 */
301 s->cert = ssl_cert_dup(ctx->cert);
302 if (s->cert == NULL)
303 goto err;
304 } else
305 s->cert=NULL; /* Cannot really happen (see SSL_CTX_new) */
306
307 s->read_ahead = ctx->read_ahead;
308 s->msg_callback = ctx->msg_callback;
309 s->msg_callback_arg = ctx->msg_callback_arg;
310 s->verify_mode = ctx->verify_mode;
311 s->sid_ctx_length = ctx->sid_ctx_length;
312 OPENSSL_assert(s->sid_ctx_length <= sizeof s->sid_ctx);
313 memcpy(&s->sid_ctx, &ctx->sid_ctx, sizeof(s->sid_ctx));
314 s->verify_callback = ctx->default_verify_callback;
315 s->generate_session_id = ctx->generate_session_id;
316
317 s->param = X509_VERIFY_PARAM_new();
318 if (!s->param)
319 goto err;
320 X509_VERIFY_PARAM_inherit(s->param, ctx->param);
321 s->quiet_shutdown = ctx->quiet_shutdown;
322 s->max_send_fragment = ctx->max_send_fragment;
323
324 CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
325 s->ctx = ctx;
326 s->tlsext_debug_cb = 0;
327 s->tlsext_debug_arg = NULL;
328 s->tlsext_ticket_expected = 0;
329 s->tlsext_status_type = -1;
330 s->tlsext_status_expected = 0;
331 s->tlsext_ocsp_ids = NULL;
332 s->tlsext_ocsp_exts = NULL;
333 s->tlsext_ocsp_resp = NULL;
334 s->tlsext_ocsp_resplen = -1;
335 CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
336 s->initial_ctx = ctx;
337 s->next_proto_negotiated = NULL;
338
339 if (s->ctx->alpn_client_proto_list != NULL) {
340 s->alpn_client_proto_list =
341 malloc(s->ctx->alpn_client_proto_list_len);
342 if (s->alpn_client_proto_list == NULL)
343 goto err;
344 memcpy(s->alpn_client_proto_list,
345 s->ctx->alpn_client_proto_list,
346 s->ctx->alpn_client_proto_list_len);
347 s->alpn_client_proto_list_len =
348 s->ctx->alpn_client_proto_list_len;
349 }
350
351 s->verify_result = X509_V_OK;
352
353 s->method = ctx->method;
354
355 if (!s->method->ssl_new(s))
356 goto err;
357
358 s->references = 1;
359 s->server = (ctx->method->ssl_accept == ssl_undefined_function) ? 0 : 1;
360
361 SSL_clear(s);
362
363 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
364
365
366 return (s);
367err:
368 if (s != NULL) {
369 if (s->cert != NULL)
370 ssl_cert_free(s->cert);
371 SSL_CTX_free(s->ctx); /* decrement reference count */
372 free(s);
373 }
374 SSLerr(SSL_F_SSL_NEW,
375 ERR_R_MALLOC_FAILURE);
376 return (NULL);
377}
378
379int
380SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx,
381 unsigned int sid_ctx_len)
382{
383 if (sid_ctx_len > sizeof ctx->sid_ctx) {
384 SSLerr(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT,
385 SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
386 return (0);
387 }
388 ctx->sid_ctx_length = sid_ctx_len;
389 memcpy(ctx->sid_ctx, sid_ctx, sid_ctx_len);
390
391 return (1);
392}
393
394int
395SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx,
396 unsigned int sid_ctx_len)
397{
398 if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {
399 SSLerr(SSL_F_SSL_SET_SESSION_ID_CONTEXT,
400 SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
401 return (0);
402 }
403 ssl->sid_ctx_length = sid_ctx_len;
404 memcpy(ssl->sid_ctx, sid_ctx, sid_ctx_len);
405
406 return (1);
407}
408
409int
410SSL_CTX_set_generate_session_id(SSL_CTX *ctx, GEN_SESSION_CB cb)
411{
412 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
413 ctx->generate_session_id = cb;
414 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
415 return (1);
416}
417
418int
419SSL_set_generate_session_id(SSL *ssl, GEN_SESSION_CB cb)
420{
421 CRYPTO_w_lock(CRYPTO_LOCK_SSL);
422 ssl->generate_session_id = cb;
423 CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
424 return (1);
425}
426
427int
428SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
429 unsigned int id_len)
430{
431 /*
432 * A quick examination of SSL_SESSION_hash and SSL_SESSION_cmp
433 * shows how we can "construct" a session to give us the desired
434 * check - ie. to find if there's a session in the hash table
435 * that would conflict with any new session built out of this
436 * id/id_len and the ssl_version in use by this SSL.
437 */
438 SSL_SESSION r, *p;
439
440 if (id_len > sizeof r.session_id)
441 return (0);
442
443 r.ssl_version = ssl->version;
444 r.session_id_length = id_len;
445 memcpy(r.session_id, id, id_len);
446
447 CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
448 p = lh_SSL_SESSION_retrieve(ssl->ctx->sessions, &r);
449 CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
450 return (p != NULL);
451}
452
453int
454SSL_CTX_set_purpose(SSL_CTX *s, int purpose)
455{
456 return (X509_VERIFY_PARAM_set_purpose(s->param, purpose));
457}
458
459int
460SSL_set_purpose(SSL *s, int purpose)
461{
462 return (X509_VERIFY_PARAM_set_purpose(s->param, purpose));
463}
464
465int
466SSL_CTX_set_trust(SSL_CTX *s, int trust)
467{
468 return (X509_VERIFY_PARAM_set_trust(s->param, trust));
469}
470
471int
472SSL_set_trust(SSL *s, int trust)
473{
474 return (X509_VERIFY_PARAM_set_trust(s->param, trust));
475}
476
477int
478SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm)
479{
480 return (X509_VERIFY_PARAM_set1(ctx->param, vpm));
481}
482
483int
484SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm)
485{
486 return (X509_VERIFY_PARAM_set1(ssl->param, vpm));
487}
488
489void
490SSL_free(SSL *s)
491{
492 int i;
493
494 if (s == NULL)
495 return;
496
497 i = CRYPTO_add(&s->references, -1, CRYPTO_LOCK_SSL);
498 if (i > 0)
499 return;
500
501 if (s->param)
502 X509_VERIFY_PARAM_free(s->param);
503
504 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
505
506 if (s->bbio != NULL) {
507 /* If the buffering BIO is in place, pop it off */
508 if (s->bbio == s->wbio) {
509 s->wbio = BIO_pop(s->wbio);
510 }
511 BIO_free(s->bbio);
512 s->bbio = NULL;
513 }
514 if (s->rbio != NULL)
515 BIO_free_all(s->rbio);
516 if ((s->wbio != NULL) && (s->wbio != s->rbio))
517 BIO_free_all(s->wbio);
518
519 if (s->init_buf != NULL)
520 BUF_MEM_free(s->init_buf);
521
522 /* add extra stuff */
523 if (s->cipher_list != NULL)
524 sk_SSL_CIPHER_free(s->cipher_list);
525 if (s->cipher_list_by_id != NULL)
526 sk_SSL_CIPHER_free(s->cipher_list_by_id);
527
528 /* Make the next call work :-) */
529 if (s->session != NULL) {
530 ssl_clear_bad_session(s);
531 SSL_SESSION_free(s->session);
532 }
533
534 ssl_clear_cipher_ctx(s);
535 ssl_clear_hash_ctx(&s->read_hash);
536 ssl_clear_hash_ctx(&s->write_hash);
537
538 if (s->cert != NULL)
539 ssl_cert_free(s->cert);
540 /* Free up if allocated */
541
542 free(s->tlsext_hostname);
543 SSL_CTX_free(s->initial_ctx);
544 free(s->tlsext_ecpointformatlist);
545 free(s->tlsext_ellipticcurvelist);
546 if (s->tlsext_ocsp_exts)
547 sk_X509_EXTENSION_pop_free(s->tlsext_ocsp_exts,
548 X509_EXTENSION_free);
549 if (s->tlsext_ocsp_ids)
550 sk_OCSP_RESPID_pop_free(s->tlsext_ocsp_ids, OCSP_RESPID_free);
551 free(s->tlsext_ocsp_resp);
552
553 if (s->client_CA != NULL)
554 sk_X509_NAME_pop_free(s->client_CA, X509_NAME_free);
555
556 if (s->method != NULL)
557 s->method->ssl_free(s);
558
559 SSL_CTX_free(s->ctx);
560
561
562 free(s->next_proto_negotiated);
563 free(s->alpn_client_proto_list);
564
565#ifndef OPENSSL_NO_SRTP
566 if (s->srtp_profiles)
567 sk_SRTP_PROTECTION_PROFILE_free(s->srtp_profiles);
568#endif
569
570 free(s);
571}
572
573void
574SSL_set_bio(SSL *s, BIO *rbio, BIO *wbio)
575{
576 /* If the output buffering BIO is still in place, remove it */
577 if (s->bbio != NULL) {
578 if (s->wbio == s->bbio) {
579 s->wbio = s->wbio->next_bio;
580 s->bbio->next_bio = NULL;
581 }
582 }
583 if ((s->rbio != NULL) && (s->rbio != rbio))
584 BIO_free_all(s->rbio);
585 if ((s->wbio != NULL) && (s->wbio != wbio) && (s->rbio != s->wbio))
586 BIO_free_all(s->wbio);
587 s->rbio = rbio;
588 s->wbio = wbio;
589}
590
591BIO *
592SSL_get_rbio(const SSL *s)
593{
594 return (s->rbio);
595}
596
597BIO *
598SSL_get_wbio(const SSL *s)
599{
600 return (s->wbio);
601}
602
603int
604SSL_get_fd(const SSL *s)
605{
606 return (SSL_get_rfd(s));
607}
608
609int
610SSL_get_rfd(const SSL *s)
611{
612 int ret = -1;
613 BIO *b, *r;
614
615 b = SSL_get_rbio(s);
616 r = BIO_find_type(b, BIO_TYPE_DESCRIPTOR);
617 if (r != NULL)
618 BIO_get_fd(r, &ret);
619 return (ret);
620}
621
622int
623SSL_get_wfd(const SSL *s)
624{
625 int ret = -1;
626 BIO *b, *r;
627
628 b = SSL_get_wbio(s);
629 r = BIO_find_type(b, BIO_TYPE_DESCRIPTOR);
630 if (r != NULL)
631 BIO_get_fd(r, &ret);
632 return (ret);
633}
634
635int
636SSL_set_fd(SSL *s, int fd)
637{
638 int ret = 0;
639 BIO *bio = NULL;
640
641 bio = BIO_new(BIO_s_socket());
642
643 if (bio == NULL) {
644 SSLerr(SSL_F_SSL_SET_FD,
645 ERR_R_BUF_LIB);
646 goto err;
647 }
648 BIO_set_fd(bio, fd, BIO_NOCLOSE);
649 SSL_set_bio(s, bio, bio);
650 ret = 1;
651err:
652 return (ret);
653}
654
655int
656SSL_set_wfd(SSL *s, int fd)
657{
658 int ret = 0;
659 BIO *bio = NULL;
660
661 if ((s->rbio == NULL) || (BIO_method_type(s->rbio) != BIO_TYPE_SOCKET)
662 || ((int)BIO_get_fd(s->rbio, NULL) != fd)) {
663 bio = BIO_new(BIO_s_socket());
664
665 if (bio == NULL) {
666 SSLerr(SSL_F_SSL_SET_WFD,
667 ERR_R_BUF_LIB);
668 goto err;
669 }
670 BIO_set_fd(bio, fd, BIO_NOCLOSE);
671 SSL_set_bio(s, SSL_get_rbio(s), bio);
672 } else
673 SSL_set_bio(s, SSL_get_rbio(s), SSL_get_rbio(s));
674 ret = 1;
675err:
676 return (ret);
677}
678
679int
680SSL_set_rfd(SSL *s, int fd)
681{
682 int ret = 0;
683 BIO *bio = NULL;
684
685 if ((s->wbio == NULL) || (BIO_method_type(s->wbio) != BIO_TYPE_SOCKET)
686 || ((int)BIO_get_fd(s->wbio, NULL) != fd)) {
687 bio = BIO_new(BIO_s_socket());
688
689 if (bio == NULL) {
690 SSLerr(SSL_F_SSL_SET_RFD,
691 ERR_R_BUF_LIB);
692 goto err;
693 }
694 BIO_set_fd(bio, fd, BIO_NOCLOSE);
695 SSL_set_bio(s, bio, SSL_get_wbio(s));
696 } else
697 SSL_set_bio(s, SSL_get_wbio(s), SSL_get_wbio(s));
698 ret = 1;
699err:
700 return (ret);
701}
702
703
704/* return length of latest Finished message we sent, copy to 'buf' */
705size_t
706SSL_get_finished(const SSL *s, void *buf, size_t count)
707{
708 size_t ret = 0;
709
710 if (s->s3 != NULL) {
711 ret = s->s3->tmp.finish_md_len;
712 if (count > ret)
713 count = ret;
714 memcpy(buf, s->s3->tmp.finish_md, count);
715 }
716 return (ret);
717}
718
719/* return length of latest Finished message we expected, copy to 'buf' */
720size_t
721SSL_get_peer_finished(const SSL *s, void *buf, size_t count)
722{
723 size_t ret = 0;
724
725 if (s->s3 != NULL) {
726 ret = s->s3->tmp.peer_finish_md_len;
727 if (count > ret)
728 count = ret;
729 memcpy(buf, s->s3->tmp.peer_finish_md, count);
730 }
731 return (ret);
732}
733
734
735int
736SSL_get_verify_mode(const SSL *s)
737{
738 return (s->verify_mode);
739}
740
741int
742SSL_get_verify_depth(const SSL *s)
743{
744 return (X509_VERIFY_PARAM_get_depth(s->param));
745}
746
747int
748(*SSL_get_verify_callback(const SSL *s))(int, X509_STORE_CTX *)
749{
750 return (s->verify_callback);
751}
752
753int
754SSL_CTX_get_verify_mode(const SSL_CTX *ctx)
755{
756 return (ctx->verify_mode);
757}
758
759int
760SSL_CTX_get_verify_depth(const SSL_CTX *ctx)
761{
762 return (X509_VERIFY_PARAM_get_depth(ctx->param));
763}
764
765int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))(int, X509_STORE_CTX *)
766{
767 return (ctx->default_verify_callback);
768}
769
770void
771SSL_set_verify(SSL *s, int mode,
772 int (*callback)(int ok, X509_STORE_CTX *ctx))
773{
774 s->verify_mode = mode;
775 if (callback != NULL)
776 s->verify_callback = callback;
777}
778
779void
780SSL_set_verify_depth(SSL *s, int depth)
781{
782 X509_VERIFY_PARAM_set_depth(s->param, depth);
783}
784
785void
786SSL_set_read_ahead(SSL *s, int yes)
787{
788 s->read_ahead = yes;
789}
790
791int
792SSL_get_read_ahead(const SSL *s)
793{
794 return (s->read_ahead);
795}
796
797int
798SSL_pending(const SSL *s)
799{
800 /*
801 * SSL_pending cannot work properly if read-ahead is enabled
802 * (SSL_[CTX_]ctrl(..., SSL_CTRL_SET_READ_AHEAD, 1, NULL)),
803 * and it is impossible to fix since SSL_pending cannot report
804 * errors that may be observed while scanning the new data.
805 * (Note that SSL_pending() is often used as a boolean value,
806 * so we'd better not return -1.)
807 */
808 return (s->method->ssl_pending(s));
809}
810
811X509 *
812SSL_get_peer_certificate(const SSL *s)
813{
814 X509 *r;
815
816 if ((s == NULL) || (s->session == NULL))
817 r = NULL;
818 else
819 r = s->session->peer;
820
821 if (r == NULL)
822 return (r);
823
824 CRYPTO_add(&r->references, 1, CRYPTO_LOCK_X509);
825
826 return (r);
827}
828
829STACK_OF(X509) *
830SSL_get_peer_cert_chain(const SSL *s)
831{
832 STACK_OF(X509) *r;
833
834 if ((s == NULL) || (s->session == NULL) ||
835 (s->session->sess_cert == NULL))
836 r = NULL;
837 else
838 r = s->session->sess_cert->cert_chain;
839
840 /*
841 * If we are a client, cert_chain includes the peer's own
842 * certificate;
843 * if we are a server, it does not.
844 */
845 return (r);
846}
847
848/*
849 * Now in theory, since the calling process own 't' it should be safe to
850 * modify. We need to be able to read f without being hassled
851 */
852void
853SSL_copy_session_id(SSL *t, const SSL *f)
854{
855 CERT *tmp;
856
857 /* Do we need to to SSL locking? */
858 SSL_set_session(t, SSL_get_session(f));
859
860 /*
861 * What if we are setup as SSLv2 but want to talk SSLv3 or
862 * vice-versa.
863 */
864 if (t->method != f->method) {
865 t->method->ssl_free(t); /* cleanup current */
866 t->method=f->method; /* change method */
867 t->method->ssl_new(t); /* setup new */
868 }
869
870 tmp = t->cert;
871 if (f->cert != NULL) {
872 CRYPTO_add(&f->cert->references, 1, CRYPTO_LOCK_SSL_CERT);
873 t->cert = f->cert;
874 } else
875 t->cert = NULL;
876 if (tmp != NULL)
877 ssl_cert_free(tmp);
878 SSL_set_session_id_context(t, f->sid_ctx, f->sid_ctx_length);
879}
880
881/* Fix this so it checks all the valid key/cert options */
882int
883SSL_CTX_check_private_key(const SSL_CTX *ctx)
884{
885 if ((ctx == NULL) || (ctx->cert == NULL) ||
886 (ctx->cert->key->x509 == NULL)) {
887 SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,
888 SSL_R_NO_CERTIFICATE_ASSIGNED);
889 return (0);
890 }
891 if (ctx->cert->key->privatekey == NULL) {
892 SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,
893 SSL_R_NO_PRIVATE_KEY_ASSIGNED);
894 return (0);
895 }
896 return (X509_check_private_key(ctx->cert->key->x509,
897 ctx->cert->key->privatekey));
898}
899
900/* Fix this function so that it takes an optional type parameter */
901int
902SSL_check_private_key(const SSL *ssl)
903{
904 if (ssl == NULL) {
905 SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,
906 ERR_R_PASSED_NULL_PARAMETER);
907 return (0);
908 }
909 if (ssl->cert == NULL) {
910 SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,
911 SSL_R_NO_CERTIFICATE_ASSIGNED);
912 return (0);
913 }
914 if (ssl->cert->key->x509 == NULL) {
915 SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,
916 SSL_R_NO_CERTIFICATE_ASSIGNED);
917 return (0);
918 }
919 if (ssl->cert->key->privatekey == NULL) {
920 SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,
921 SSL_R_NO_PRIVATE_KEY_ASSIGNED);
922 return (0);
923 }
924 return (X509_check_private_key(ssl->cert->key->x509,
925 ssl->cert->key->privatekey));
926}
927
928int
929SSL_accept(SSL *s)
930{
931 if (s->handshake_func == 0)
932 SSL_set_accept_state(s); /* Not properly initialized yet */
933
934 return (s->method->ssl_accept(s));
935}
936
937int
938SSL_connect(SSL *s)
939{
940 if (s->handshake_func == 0)
941 SSL_set_connect_state(s); /* Not properly initialized yet */
942
943 return (s->method->ssl_connect(s));
944}
945
946long
947SSL_get_default_timeout(const SSL *s)
948{
949 return (s->method->get_timeout());
950}
951
952int
953SSL_read(SSL *s, void *buf, int num)
954{
955 if (s->handshake_func == 0) {
956 SSLerr(SSL_F_SSL_READ,
957 SSL_R_UNINITIALIZED);
958 return (-1);
959 }
960
961 if (s->shutdown & SSL_RECEIVED_SHUTDOWN) {
962 s->rwstate = SSL_NOTHING;
963 return (0);
964 }
965 return (s->method->ssl_read(s, buf, num));
966}
967
968int
969SSL_peek(SSL *s, void *buf, int num)
970{
971 if (s->handshake_func == 0) {
972 SSLerr(SSL_F_SSL_PEEK,
973 SSL_R_UNINITIALIZED);
974 return (-1);
975 }
976
977 if (s->shutdown & SSL_RECEIVED_SHUTDOWN) {
978 return (0);
979 }
980 return (s->method->ssl_peek(s, buf, num));
981}
982
983int
984SSL_write(SSL *s, const void *buf, int num)
985{
986 if (s->handshake_func == 0) {
987 SSLerr(SSL_F_SSL_WRITE,
988 SSL_R_UNINITIALIZED);
989 return (-1);
990 }
991
992 if (s->shutdown & SSL_SENT_SHUTDOWN) {
993 s->rwstate = SSL_NOTHING;
994 SSLerr(SSL_F_SSL_WRITE,
995 SSL_R_PROTOCOL_IS_SHUTDOWN);
996 return (-1);
997 }
998 return (s->method->ssl_write(s, buf, num));
999}
1000
1001int
1002SSL_shutdown(SSL *s)
1003{
1004 /*
1005 * Note that this function behaves differently from what one might
1006 * expect. Return values are 0 for no success (yet),
1007 * 1 for success; but calling it once is usually not enough,
1008 * even if blocking I/O is used (see ssl3_shutdown).
1009 */
1010
1011 if (s->handshake_func == 0) {
1012 SSLerr(SSL_F_SSL_SHUTDOWN,
1013 SSL_R_UNINITIALIZED);
1014 return (-1);
1015 }
1016
1017 if ((s != NULL) && !SSL_in_init(s))
1018 return (s->method->ssl_shutdown(s));
1019 else
1020 return (1);
1021}
1022
1023int
1024SSL_renegotiate(SSL *s)
1025{
1026 if (s->renegotiate == 0)
1027 s->renegotiate = 1;
1028
1029 s->new_session = 1;
1030
1031 return (s->method->ssl_renegotiate(s));
1032}
1033
1034int
1035SSL_renegotiate_abbreviated(SSL *s)
1036{
1037 if (s->renegotiate == 0)
1038 s->renegotiate = 1;
1039
1040 s->new_session = 0;
1041
1042 return (s->method->ssl_renegotiate(s));
1043}
1044
1045int
1046SSL_renegotiate_pending(SSL *s)
1047{
1048 /*
1049 * Becomes true when negotiation is requested;
1050 * false again once a handshake has finished.
1051 */
1052 return (s->renegotiate != 0);
1053}
1054
1055long
1056SSL_ctrl(SSL *s, int cmd, long larg, void *parg)
1057{
1058 long l;
1059
1060 switch (cmd) {
1061 case SSL_CTRL_GET_READ_AHEAD:
1062 return (s->read_ahead);
1063 case SSL_CTRL_SET_READ_AHEAD:
1064 l = s->read_ahead;
1065 s->read_ahead = larg;
1066 return (l);
1067
1068 case SSL_CTRL_SET_MSG_CALLBACK_ARG:
1069 s->msg_callback_arg = parg;
1070 return (1);
1071
1072 case SSL_CTRL_OPTIONS:
1073 return (s->options|=larg);
1074 case SSL_CTRL_CLEAR_OPTIONS:
1075 return (s->options&=~larg);
1076 case SSL_CTRL_MODE:
1077 return (s->mode|=larg);
1078 case SSL_CTRL_CLEAR_MODE:
1079 return (s->mode &=~larg);
1080 case SSL_CTRL_GET_MAX_CERT_LIST:
1081 return (s->max_cert_list);
1082 case SSL_CTRL_SET_MAX_CERT_LIST:
1083 l = s->max_cert_list;
1084 s->max_cert_list = larg;
1085 return (l);
1086 case SSL_CTRL_SET_MTU:
1087#ifndef OPENSSL_NO_DTLS1
1088 if (larg < (long)dtls1_min_mtu())
1089 return (0);
1090#endif
1091 if (SSL_IS_DTLS(s)) {
1092 s->d1->mtu = larg;
1093 return (larg);
1094 }
1095 return (0);
1096 case SSL_CTRL_SET_MAX_SEND_FRAGMENT:
1097 if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH)
1098 return (0);
1099 s->max_send_fragment = larg;
1100 return (1);
1101 case SSL_CTRL_GET_RI_SUPPORT:
1102 if (s->s3)
1103 return (s->s3->send_connection_binding);
1104 else return (0);
1105 default:
1106 return (s->method->ssl_ctrl(s, cmd, larg, parg));
1107 }
1108}
1109
1110long
1111SSL_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
1112{
1113 switch (cmd) {
1114 case SSL_CTRL_SET_MSG_CALLBACK:
1115 s->msg_callback = (void (*)(int write_p, int version,
1116 int content_type, const void *buf, size_t len,
1117 SSL *ssl, void *arg))(fp);
1118 return (1);
1119
1120 default:
1121 return (s->method->ssl_callback_ctrl(s, cmd, fp));
1122 }
1123}
1124
1125LHASH_OF(SSL_SESSION) *
1126SSL_CTX_sessions(SSL_CTX *ctx)
1127{
1128 return (ctx->sessions);
1129}
1130
1131long
1132SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
1133{
1134 long l;
1135
1136 switch (cmd) {
1137 case SSL_CTRL_GET_READ_AHEAD:
1138 return (ctx->read_ahead);
1139 case SSL_CTRL_SET_READ_AHEAD:
1140 l = ctx->read_ahead;
1141 ctx->read_ahead = larg;
1142 return (l);
1143
1144 case SSL_CTRL_SET_MSG_CALLBACK_ARG:
1145 ctx->msg_callback_arg = parg;
1146 return (1);
1147
1148 case SSL_CTRL_GET_MAX_CERT_LIST:
1149 return (ctx->max_cert_list);
1150 case SSL_CTRL_SET_MAX_CERT_LIST:
1151 l = ctx->max_cert_list;
1152 ctx->max_cert_list = larg;
1153 return (l);
1154
1155 case SSL_CTRL_SET_SESS_CACHE_SIZE:
1156 l = ctx->session_cache_size;
1157 ctx->session_cache_size = larg;
1158 return (l);
1159 case SSL_CTRL_GET_SESS_CACHE_SIZE:
1160 return (ctx->session_cache_size);
1161 case SSL_CTRL_SET_SESS_CACHE_MODE:
1162 l = ctx->session_cache_mode;
1163 ctx->session_cache_mode = larg;
1164 return (l);
1165 case SSL_CTRL_GET_SESS_CACHE_MODE:
1166 return (ctx->session_cache_mode);
1167
1168 case SSL_CTRL_SESS_NUMBER:
1169 return (lh_SSL_SESSION_num_items(ctx->sessions));
1170 case SSL_CTRL_SESS_CONNECT:
1171 return (ctx->stats.sess_connect);
1172 case SSL_CTRL_SESS_CONNECT_GOOD:
1173 return (ctx->stats.sess_connect_good);
1174 case SSL_CTRL_SESS_CONNECT_RENEGOTIATE:
1175 return (ctx->stats.sess_connect_renegotiate);
1176 case SSL_CTRL_SESS_ACCEPT:
1177 return (ctx->stats.sess_accept);
1178 case SSL_CTRL_SESS_ACCEPT_GOOD:
1179 return (ctx->stats.sess_accept_good);
1180 case SSL_CTRL_SESS_ACCEPT_RENEGOTIATE:
1181 return (ctx->stats.sess_accept_renegotiate);
1182 case SSL_CTRL_SESS_HIT:
1183 return (ctx->stats.sess_hit);
1184 case SSL_CTRL_SESS_CB_HIT:
1185 return (ctx->stats.sess_cb_hit);
1186 case SSL_CTRL_SESS_MISSES:
1187 return (ctx->stats.sess_miss);
1188 case SSL_CTRL_SESS_TIMEOUTS:
1189 return (ctx->stats.sess_timeout);
1190 case SSL_CTRL_SESS_CACHE_FULL:
1191 return (ctx->stats.sess_cache_full);
1192 case SSL_CTRL_OPTIONS:
1193 return (ctx->options|=larg);
1194 case SSL_CTRL_CLEAR_OPTIONS:
1195 return (ctx->options&=~larg);
1196 case SSL_CTRL_MODE:
1197 return (ctx->mode|=larg);
1198 case SSL_CTRL_CLEAR_MODE:
1199 return (ctx->mode&=~larg);
1200 case SSL_CTRL_SET_MAX_SEND_FRAGMENT:
1201 if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH)
1202 return (0);
1203 ctx->max_send_fragment = larg;
1204 return (1);
1205 default:
1206 return (ctx->method->ssl_ctx_ctrl(ctx, cmd, larg, parg));
1207 }
1208}
1209
1210long
1211SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
1212{
1213 switch (cmd) {
1214 case SSL_CTRL_SET_MSG_CALLBACK:
1215 ctx->msg_callback = (void (*)(int write_p, int version,
1216 int content_type, const void *buf, size_t len, SSL *ssl,
1217 void *arg))(fp);
1218 return (1);
1219
1220 default:
1221 return (ctx->method->ssl_ctx_callback_ctrl(ctx, cmd, fp));
1222 }
1223}
1224
1225int
1226ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b)
1227{
1228 long l;
1229
1230 l = a->id - b->id;
1231 if (l == 0L)
1232 return (0);
1233 else
1234 return ((l > 0) ? 1:-1);
1235}
1236
1237int
1238ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap,
1239 const SSL_CIPHER * const *bp)
1240{
1241 long l;
1242
1243 l = (*ap)->id - (*bp)->id;
1244 if (l == 0L)
1245 return (0);
1246 else
1247 return ((l > 0) ? 1:-1);
1248}
1249
1250/*
1251 * Return a STACK of the ciphers available for the SSL and in order of
1252 * preference.
1253 */
1254STACK_OF(SSL_CIPHER) *
1255SSL_get_ciphers(const SSL *s)
1256{
1257 if (s != NULL) {
1258 if (s->cipher_list != NULL) {
1259 return (s->cipher_list);
1260 } else if ((s->ctx != NULL) && (s->ctx->cipher_list != NULL)) {
1261 return (s->ctx->cipher_list);
1262 }
1263 }
1264 return (NULL);
1265}
1266
1267/*
1268 * Return a STACK of the ciphers available for the SSL and in order of
1269 * algorithm id.
1270 */
1271STACK_OF(SSL_CIPHER) *
1272ssl_get_ciphers_by_id(SSL *s)
1273{
1274 if (s != NULL) {
1275 if (s->cipher_list_by_id != NULL) {
1276 return (s->cipher_list_by_id);
1277 } else if ((s->ctx != NULL) &&
1278 (s->ctx->cipher_list_by_id != NULL)) {
1279 return (s->ctx->cipher_list_by_id);
1280 }
1281 }
1282 return (NULL);
1283}
1284
1285/* The old interface to get the same thing as SSL_get_ciphers(). */
1286const char *
1287SSL_get_cipher_list(const SSL *s, int n)
1288{
1289 SSL_CIPHER *c;
1290 STACK_OF(SSL_CIPHER) *sk;
1291
1292 if (s == NULL)
1293 return (NULL);
1294 sk = SSL_get_ciphers(s);
1295 if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= n))
1296 return (NULL);
1297 c = sk_SSL_CIPHER_value(sk, n);
1298 if (c == NULL)
1299 return (NULL);
1300 return (c->name);
1301}
1302
1303/* Specify the ciphers to be used by default by the SSL_CTX. */
1304int
1305SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str)
1306{
1307 STACK_OF(SSL_CIPHER) *sk;
1308
1309 sk = ssl_create_cipher_list(ctx->method, &ctx->cipher_list,
1310 &ctx->cipher_list_by_id, str);
1311 /*
1312 * ssl_create_cipher_list may return an empty stack if it
1313 * was unable to find a cipher matching the given rule string
1314 * (for example if the rule string specifies a cipher which
1315 * has been disabled). This is not an error as far as
1316 * ssl_create_cipher_list is concerned, and hence
1317 * ctx->cipher_list and ctx->cipher_list_by_id has been
1318 * updated.
1319 */
1320 if (sk == NULL)
1321 return (0);
1322 else if (sk_SSL_CIPHER_num(sk) == 0) {
1323 SSLerr(SSL_F_SSL_CTX_SET_CIPHER_LIST,
1324 SSL_R_NO_CIPHER_MATCH);
1325 return (0);
1326 }
1327 return (1);
1328}
1329
1330/* Specify the ciphers to be used by the SSL. */
1331int
1332SSL_set_cipher_list(SSL *s, const char *str)
1333{
1334 STACK_OF(SSL_CIPHER) *sk;
1335
1336 sk = ssl_create_cipher_list(s->ctx->method, &s->cipher_list,
1337 &s->cipher_list_by_id, str);
1338 /* see comment in SSL_CTX_set_cipher_list */
1339 if (sk == NULL)
1340 return (0);
1341 else if (sk_SSL_CIPHER_num(sk) == 0) {
1342 SSLerr(SSL_F_SSL_SET_CIPHER_LIST,
1343 SSL_R_NO_CIPHER_MATCH);
1344 return (0);
1345 }
1346 return (1);
1347}
1348
1349/* works well for SSLv2, not so good for SSLv3 */
1350char *
1351SSL_get_shared_ciphers(const SSL *s, char *buf, int len)
1352{
1353 char *end;
1354 STACK_OF(SSL_CIPHER) *sk;
1355 SSL_CIPHER *c;
1356 size_t curlen = 0;
1357 int i;
1358
1359 if (s->session == NULL || s->session->ciphers == NULL || len < 2)
1360 return (NULL);
1361
1362 sk = s->session->ciphers;
1363 if (sk_SSL_CIPHER_num(sk) == 0)
1364 return (NULL);
1365
1366 buf[0] = '\0';
1367 for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
1368 c = sk_SSL_CIPHER_value(sk, i);
1369 end = buf + curlen;
1370 if (strlcat(buf, c->name, len) >= len ||
1371 (curlen = strlcat(buf, ":", len)) >= len) {
1372 /* remove truncated cipher from list */
1373 *end = '\0';
1374 break;
1375 }
1376 }
1377 /* remove trailing colon */
1378 if ((end = strrchr(buf, ':')) != NULL)
1379 *end = '\0';
1380 return (buf);
1381}
1382
1383int
1384ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, unsigned char *p)
1385{
1386 int i;
1387 SSL_CIPHER *c;
1388 unsigned char *q;
1389
1390 if (sk == NULL)
1391 return (0);
1392 q = p;
1393
1394 for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
1395 c = sk_SSL_CIPHER_value(sk, i);
1396
1397 /* Skip TLS v1.2 only ciphersuites if lower than v1.2 */
1398 if ((c->algorithm_ssl & SSL_TLSV1_2) &&
1399 (TLS1_get_client_version(s) < TLS1_2_VERSION))
1400 continue;
1401
1402 s2n(ssl3_cipher_get_value(c), p);
1403 }
1404
1405 /*
1406 * If p == q, no ciphers and caller indicates an error. Otherwise
1407 * add SCSV if not renegotiating.
1408 */
1409 if (p != q && !s->renegotiate)
1410 s2n(SSL3_CK_SCSV & SSL3_CK_VALUE_MASK, p);
1411
1412 return (p - q);
1413}
1414
1415STACK_OF(SSL_CIPHER) *
1416ssl_bytes_to_cipher_list(SSL *s, unsigned char *p, int num,
1417 STACK_OF(SSL_CIPHER) **skp)
1418{
1419 const SSL_CIPHER *c;
1420 STACK_OF(SSL_CIPHER) *sk;
1421 int i;
1422 unsigned long cipher_id;
1423 uint16_t cipher_value;
1424 uint16_t max_version;
1425
1426 if (s->s3)
1427 s->s3->send_connection_binding = 0;
1428
1429 if ((num % SSL3_CIPHER_VALUE_SIZE) != 0) {
1430 SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
1431 SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
1432 return (NULL);
1433 }
1434 if (skp == NULL || *skp == NULL) {
1435 sk = sk_SSL_CIPHER_new_null(); /* change perhaps later */
1436 if (sk == NULL)
1437 goto err;
1438 } else {
1439 sk = *skp;
1440 sk_SSL_CIPHER_zero(sk);
1441 }
1442
1443 for (i = 0; i < num; i += SSL3_CIPHER_VALUE_SIZE) {
1444 n2s(p, cipher_value);
1445 cipher_id = SSL3_CK_ID | cipher_value;
1446
1447 if (s->s3 != NULL && cipher_id == SSL3_CK_SCSV) {
1448 /*
1449 * TLS_EMPTY_RENEGOTIATION_INFO_SCSV is fatal if
1450 * renegotiating.
1451 */
1452 if (s->renegotiate) {
1453 SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
1454 SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING);
1455 ssl3_send_alert(s, SSL3_AL_FATAL,
1456 SSL_AD_HANDSHAKE_FAILURE);
1457
1458 goto err;
1459 }
1460 s->s3->send_connection_binding = 1;
1461 continue;
1462 }
1463
1464 if (cipher_id == SSL3_CK_FALLBACK_SCSV) {
1465 /*
1466 * TLS_FALLBACK_SCSV indicates that the client
1467 * previously tried a higher protocol version.
1468 * Fail if the current version is an unexpected
1469 * downgrade.
1470 */
1471 max_version = ssl_max_server_version(s);
1472 if (max_version == 0 || s->version < max_version) {
1473 SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
1474 SSL_R_INAPPROPRIATE_FALLBACK);
1475 if (s->s3 != NULL)
1476 ssl3_send_alert(s, SSL3_AL_FATAL,
1477 SSL_AD_INAPPROPRIATE_FALLBACK);
1478 goto err;
1479 }
1480 continue;
1481 }
1482
1483 if ((c = ssl3_get_cipher_by_value(cipher_value)) != NULL) {
1484 if (!sk_SSL_CIPHER_push(sk, c)) {
1485 SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
1486 ERR_R_MALLOC_FAILURE);
1487 goto err;
1488 }
1489 }
1490 }
1491
1492 if (skp != NULL)
1493 *skp = sk;
1494 return (sk);
1495
1496err:
1497 if (skp == NULL || *skp == NULL)
1498 sk_SSL_CIPHER_free(sk);
1499 return (NULL);
1500}
1501
1502
1503/*
1504 * Return a servername extension value if provided in Client Hello, or NULL.
1505 * So far, only host_name types are defined (RFC 3546).
1506 */
1507const char *
1508SSL_get_servername(const SSL *s, const int type)
1509{
1510 if (type != TLSEXT_NAMETYPE_host_name)
1511 return (NULL);
1512
1513 return (s->session && !s->tlsext_hostname ?
1514 s->session->tlsext_hostname :
1515 s->tlsext_hostname);
1516}
1517
1518int
1519SSL_get_servername_type(const SSL *s)
1520{
1521 if (s->session &&
1522 (!s->tlsext_hostname ?
1523 s->session->tlsext_hostname : s->tlsext_hostname))
1524 return (TLSEXT_NAMETYPE_host_name);
1525 return (-1);
1526}
1527
1528/*
1529 * SSL_select_next_proto implements the standard protocol selection. It is
1530 * expected that this function is called from the callback set by
1531 * SSL_CTX_set_next_proto_select_cb.
1532 *
1533 * The protocol data is assumed to be a vector of 8-bit, length prefixed byte
1534 * strings. The length byte itself is not included in the length. A byte
1535 * string of length 0 is invalid. No byte string may be truncated.
1536 *
1537 * The current, but experimental algorithm for selecting the protocol is:
1538 *
1539 * 1) If the server doesn't support NPN then this is indicated to the
1540 * callback. In this case, the client application has to abort the connection
1541 * or have a default application level protocol.
1542 *
1543 * 2) If the server supports NPN, but advertises an empty list then the
1544 * client selects the first protcol in its list, but indicates via the
1545 * API that this fallback case was enacted.
1546 *
1547 * 3) Otherwise, the client finds the first protocol in the server's list
1548 * that it supports and selects this protocol. This is because it's
1549 * assumed that the server has better information about which protocol
1550 * a client should use.
1551 *
1552 * 4) If the client doesn't support any of the server's advertised
1553 * protocols, then this is treated the same as case 2.
1554 *
1555 * It returns either
1556 * OPENSSL_NPN_NEGOTIATED if a common protocol was found, or
1557 * OPENSSL_NPN_NO_OVERLAP if the fallback case was reached.
1558 */
1559int
1560SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
1561 const unsigned char *server, unsigned int server_len,
1562 const unsigned char *client, unsigned int client_len)
1563{
1564 unsigned int i, j;
1565 const unsigned char *result;
1566 int status = OPENSSL_NPN_UNSUPPORTED;
1567
1568 /*
1569 * For each protocol in server preference order,
1570 * see if we support it.
1571 */
1572 for (i = 0; i < server_len; ) {
1573 for (j = 0; j < client_len; ) {
1574 if (server[i] == client[j] &&
1575 memcmp(&server[i + 1],
1576 &client[j + 1], server[i]) == 0) {
1577 /* We found a match */
1578 result = &server[i];
1579 status = OPENSSL_NPN_NEGOTIATED;
1580 goto found;
1581 }
1582 j += client[j];
1583 j++;
1584 }
1585 i += server[i];
1586 i++;
1587 }
1588
1589 /* There's no overlap between our protocols and the server's list. */
1590 result = client;
1591 status = OPENSSL_NPN_NO_OVERLAP;
1592
1593found:
1594 *out = (unsigned char *) result + 1;
1595 *outlen = result[0];
1596 return (status);
1597}
1598
1599/*
1600 * SSL_get0_next_proto_negotiated sets *data and *len to point to the client's
1601 * requested protocol for this connection and returns 0. If the client didn't
1602 * request any protocol, then *data is set to NULL.
1603 *
1604 * Note that the client can request any protocol it chooses. The value returned
1605 * from this function need not be a member of the list of supported protocols
1606 * provided by the callback.
1607 */
1608void
1609SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data,
1610 unsigned *len)
1611{
1612 *data = s->next_proto_negotiated;
1613 if (!*data) {
1614 *len = 0;
1615 } else {
1616 *len = s->next_proto_negotiated_len;
1617 }
1618}
1619
1620/*
1621 * SSL_CTX_set_next_protos_advertised_cb sets a callback that is called when a
1622 * TLS server needs a list of supported protocols for Next Protocol
1623 * Negotiation. The returned list must be in wire format. The list is returned
1624 * by setting |out| to point to it and |outlen| to its length. This memory will
1625 * not be modified, but one should assume that the SSL* keeps a reference to
1626 * it.
1627 *
1628 * The callback should return SSL_TLSEXT_ERR_OK if it wishes to advertise.
1629 * Otherwise, no such extension will be included in the ServerHello.
1630 */
1631void
1632SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *ctx, int (*cb) (SSL *ssl,
1633 const unsigned char **out, unsigned int *outlen, void *arg), void *arg)
1634{
1635 ctx->next_protos_advertised_cb = cb;
1636 ctx->next_protos_advertised_cb_arg = arg;
1637}
1638
1639/*
1640 * SSL_CTX_set_next_proto_select_cb sets a callback that is called when a
1641 * client needs to select a protocol from the server's provided list. |out|
1642 * must be set to point to the selected protocol (which may be within |in|).
1643 * The length of the protocol name must be written into |outlen|. The server's
1644 * advertised protocols are provided in |in| and |inlen|. The callback can
1645 * assume that |in| is syntactically valid.
1646 *
1647 * The client must select a protocol. It is fatal to the connection if this
1648 * callback returns a value other than SSL_TLSEXT_ERR_OK.
1649 */
1650void
1651SSL_CTX_set_next_proto_select_cb(SSL_CTX *ctx, int (*cb) (SSL *s,
1652 unsigned char **out, unsigned char *outlen, const unsigned char *in,
1653 unsigned int inlen, void *arg), void *arg)
1654{
1655 ctx->next_proto_select_cb = cb;
1656 ctx->next_proto_select_cb_arg = arg;
1657}
1658
1659/*
1660 * SSL_CTX_set_alpn_protos sets the ALPN protocol list to the specified
1661 * protocols, which must be in wire-format (i.e. a series of non-empty,
1662 * 8-bit length-prefixed strings). Returns 0 on success.
1663 */
1664int
1665SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos,
1666 unsigned int protos_len)
1667{
1668 free(ctx->alpn_client_proto_list);
1669 if ((ctx->alpn_client_proto_list = malloc(protos_len)) == NULL)
1670 return (1);
1671 memcpy(ctx->alpn_client_proto_list, protos, protos_len);
1672 ctx->alpn_client_proto_list_len = protos_len;
1673
1674 return (0);
1675}
1676
1677/*
1678 * SSL_set_alpn_protos sets the ALPN protocol list to the specified
1679 * protocols, which must be in wire-format (i.e. a series of non-empty,
1680 * 8-bit length-prefixed strings). Returns 0 on success.
1681 */
1682int
1683SSL_set_alpn_protos(SSL *ssl, const unsigned char* protos,
1684 unsigned int protos_len)
1685{
1686 free(ssl->alpn_client_proto_list);
1687 if ((ssl->alpn_client_proto_list = malloc(protos_len)) == NULL)
1688 return (1);
1689 memcpy(ssl->alpn_client_proto_list, protos, protos_len);
1690 ssl->alpn_client_proto_list_len = protos_len;
1691
1692 return (0);
1693}
1694
1695/*
1696 * SSL_CTX_set_alpn_select_cb sets a callback function that is called during
1697 * ClientHello processing in order to select an ALPN protocol from the
1698 * client's list of offered protocols.
1699 */
1700void
1701SSL_CTX_set_alpn_select_cb(SSL_CTX* ctx,
1702 int (*cb) (SSL *ssl, const unsigned char **out, unsigned char *outlen,
1703 const unsigned char *in, unsigned int inlen, void *arg), void *arg)
1704{
1705 ctx->alpn_select_cb = cb;
1706 ctx->alpn_select_cb_arg = arg;
1707}
1708
1709/*
1710 * SSL_get0_alpn_selected gets the selected ALPN protocol (if any). On return
1711 * it sets data to point to len bytes of protocol name (not including the
1712 * leading length-prefix byte). If the server didn't respond with* a negotiated
1713 * protocol then len will be zero.
1714 */
1715void
1716SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
1717 unsigned *len)
1718{
1719 *data = NULL;
1720 *len = 0;
1721
1722 if (ssl->s3 != NULL) {
1723 *data = ssl->s3->alpn_selected;
1724 *len = ssl->s3->alpn_selected_len;
1725 }
1726}
1727
1728int
1729SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
1730 const char *label, size_t llen, const unsigned char *p, size_t plen,
1731 int use_context)
1732{
1733 if (s->version < TLS1_VERSION)
1734 return (-1);
1735
1736 return (s->method->ssl3_enc->export_keying_material(s, out, olen,
1737 label, llen, p, plen, use_context));
1738}
1739
1740static unsigned long
1741ssl_session_hash(const SSL_SESSION *a)
1742{
1743 unsigned long l;
1744
1745 l = (unsigned long)
1746 ((unsigned int) a->session_id[0] )|
1747 ((unsigned int) a->session_id[1]<< 8L)|
1748 ((unsigned long)a->session_id[2]<<16L)|
1749 ((unsigned long)a->session_id[3]<<24L);
1750 return (l);
1751}
1752
1753/*
1754 * NB: If this function (or indeed the hash function which uses a sort of
1755 * coarser function than this one) is changed, ensure
1756 * SSL_CTX_has_matching_session_id() is checked accordingly. It relies on being
1757 * able to construct an SSL_SESSION that will collide with any existing session
1758 * with a matching session ID.
1759 */
1760static int
1761ssl_session_cmp(const SSL_SESSION *a, const SSL_SESSION *b)
1762{
1763 if (a->ssl_version != b->ssl_version)
1764 return (1);
1765 if (a->session_id_length != b->session_id_length)
1766 return (1);
1767 if (timingsafe_memcmp(a->session_id, b->session_id, a->session_id_length) != 0)
1768 return (1);
1769 return (0);
1770}
1771
1772/*
1773 * These wrapper functions should remain rather than redeclaring
1774 * SSL_SESSION_hash and SSL_SESSION_cmp for void* types and casting each
1775 * variable. The reason is that the functions aren't static, they're exposed via
1776 * ssl.h.
1777 */
1778static
1779IMPLEMENT_LHASH_HASH_FN(ssl_session, SSL_SESSION)
1780static
1781IMPLEMENT_LHASH_COMP_FN(ssl_session, SSL_SESSION)
1782
1783SSL_CTX *
1784SSL_CTX_new(const SSL_METHOD *meth)
1785{
1786 SSL_CTX *ret = NULL;
1787
1788 if (meth == NULL) {
1789 SSLerr(SSL_F_SSL_CTX_NEW,
1790 SSL_R_NULL_SSL_METHOD_PASSED);
1791 return (NULL);
1792 }
1793
1794 if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0) {
1795 SSLerr(SSL_F_SSL_CTX_NEW,
1796 SSL_R_X509_VERIFICATION_SETUP_PROBLEMS);
1797 goto err;
1798 }
1799 ret = calloc(1, sizeof(SSL_CTX));
1800 if (ret == NULL)
1801 goto err;
1802
1803 ret->method = meth;
1804
1805 ret->cert_store = NULL;
1806 ret->session_cache_mode = SSL_SESS_CACHE_SERVER;
1807 ret->session_cache_size = SSL_SESSION_CACHE_MAX_SIZE_DEFAULT;
1808 ret->session_cache_head = NULL;
1809 ret->session_cache_tail = NULL;
1810
1811 /* We take the system default */
1812 ret->session_timeout = meth->get_timeout();
1813
1814 ret->new_session_cb = 0;
1815 ret->remove_session_cb = 0;
1816 ret->get_session_cb = 0;
1817 ret->generate_session_id = 0;
1818
1819 memset((char *)&ret->stats, 0, sizeof(ret->stats));
1820
1821 ret->references = 1;
1822 ret->quiet_shutdown = 0;
1823
1824 ret->info_callback = NULL;
1825
1826 ret->app_verify_callback = 0;
1827 ret->app_verify_arg = NULL;
1828
1829 ret->max_cert_list = SSL_MAX_CERT_LIST_DEFAULT;
1830 ret->read_ahead = 0;
1831 ret->msg_callback = 0;
1832 ret->msg_callback_arg = NULL;
1833 ret->verify_mode = SSL_VERIFY_NONE;
1834 ret->sid_ctx_length = 0;
1835 ret->default_verify_callback = NULL;
1836 if ((ret->cert = ssl_cert_new()) == NULL)
1837 goto err;
1838
1839 ret->default_passwd_callback = 0;
1840 ret->default_passwd_callback_userdata = NULL;
1841 ret->client_cert_cb = 0;
1842 ret->app_gen_cookie_cb = 0;
1843 ret->app_verify_cookie_cb = 0;
1844
1845 ret->sessions = lh_SSL_SESSION_new();
1846 if (ret->sessions == NULL)
1847 goto err;
1848 ret->cert_store = X509_STORE_new();
1849 if (ret->cert_store == NULL)
1850 goto err;
1851
1852 ssl_create_cipher_list(ret->method, &ret->cipher_list,
1853 &ret->cipher_list_by_id, SSL_DEFAULT_CIPHER_LIST);
1854 if (ret->cipher_list == NULL ||
1855 sk_SSL_CIPHER_num(ret->cipher_list) <= 0) {
1856 SSLerr(SSL_F_SSL_CTX_NEW,
1857 SSL_R_LIBRARY_HAS_NO_CIPHERS);
1858 goto err2;
1859 }
1860
1861 ret->param = X509_VERIFY_PARAM_new();
1862 if (!ret->param)
1863 goto err;
1864
1865 if ((ret->md5 = EVP_get_digestbyname("ssl3-md5")) == NULL) {
1866 SSLerr(SSL_F_SSL_CTX_NEW,
1867 SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES);
1868 goto err2;
1869 }
1870 if ((ret->sha1 = EVP_get_digestbyname("ssl3-sha1")) == NULL) {
1871 SSLerr(SSL_F_SSL_CTX_NEW,
1872 SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES);
1873 goto err2;
1874 }
1875
1876 if ((ret->client_CA = sk_X509_NAME_new_null()) == NULL)
1877 goto err;
1878
1879 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ret, &ret->ex_data);
1880
1881 ret->extra_certs = NULL;
1882
1883 ret->max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH;
1884
1885 ret->tlsext_servername_callback = 0;
1886 ret->tlsext_servername_arg = NULL;
1887
1888 /* Setup RFC4507 ticket keys */
1889 arc4random_buf(ret->tlsext_tick_key_name, 16);
1890 arc4random_buf(ret->tlsext_tick_hmac_key, 16);
1891 arc4random_buf(ret->tlsext_tick_aes_key, 16);
1892
1893 ret->tlsext_status_cb = 0;
1894 ret->tlsext_status_arg = NULL;
1895
1896 ret->next_protos_advertised_cb = 0;
1897 ret->next_proto_select_cb = 0;
1898#ifndef OPENSSL_NO_ENGINE
1899 ret->client_cert_engine = NULL;
1900#ifdef OPENSSL_SSL_CLIENT_ENGINE_AUTO
1901#define eng_strx(x) #x
1902#define eng_str(x) eng_strx(x)
1903 /* Use specific client engine automatically... ignore errors */
1904 {
1905 ENGINE *eng;
1906 eng = ENGINE_by_id(eng_str(OPENSSL_SSL_CLIENT_ENGINE_AUTO));
1907 if (!eng) {
1908 ERR_clear_error();
1909 ENGINE_load_builtin_engines();
1910 eng = ENGINE_by_id(eng_str(
1911 OPENSSL_SSL_CLIENT_ENGINE_AUTO));
1912 }
1913 if (!eng || !SSL_CTX_set_client_cert_engine(ret, eng))
1914 ERR_clear_error();
1915 }
1916#endif
1917#endif
1918 /*
1919 * Default is to connect to non-RI servers. When RI is more widely
1920 * deployed might change this.
1921 */
1922 ret->options |= SSL_OP_LEGACY_SERVER_CONNECT;
1923
1924 /* Disable SSLv3 by default. */
1925 ret->options |= SSL_OP_NO_SSLv3;
1926
1927 return (ret);
1928err:
1929 SSLerr(SSL_F_SSL_CTX_NEW,
1930 ERR_R_MALLOC_FAILURE);
1931err2:
1932 SSL_CTX_free(ret);
1933 return (NULL);
1934}
1935
1936void
1937SSL_CTX_free(SSL_CTX *a)
1938{
1939 int i;
1940
1941 if (a == NULL)
1942 return;
1943
1944 i = CRYPTO_add(&a->references, -1, CRYPTO_LOCK_SSL_CTX);
1945 if (i > 0)
1946 return;
1947
1948 if (a->param)
1949 X509_VERIFY_PARAM_free(a->param);
1950
1951 /*
1952 * Free internal session cache. However: the remove_cb() may reference
1953 * the ex_data of SSL_CTX, thus the ex_data store can only be removed
1954 * after the sessions were flushed.
1955 * As the ex_data handling routines might also touch the session cache,
1956 * the most secure solution seems to be: empty (flush) the cache, then
1957 * free ex_data, then finally free the cache.
1958 * (See ticket [openssl.org #212].)
1959 */
1960 if (a->sessions != NULL)
1961 SSL_CTX_flush_sessions(a, 0);
1962
1963 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_CTX, a, &a->ex_data);
1964
1965 if (a->sessions != NULL)
1966 lh_SSL_SESSION_free(a->sessions);
1967
1968 if (a->cert_store != NULL)
1969 X509_STORE_free(a->cert_store);
1970 if (a->cipher_list != NULL)
1971 sk_SSL_CIPHER_free(a->cipher_list);
1972 if (a->cipher_list_by_id != NULL)
1973 sk_SSL_CIPHER_free(a->cipher_list_by_id);
1974 if (a->cert != NULL)
1975 ssl_cert_free(a->cert);
1976 if (a->client_CA != NULL)
1977 sk_X509_NAME_pop_free(a->client_CA, X509_NAME_free);
1978 if (a->extra_certs != NULL)
1979 sk_X509_pop_free(a->extra_certs, X509_free);
1980
1981#ifndef OPENSSL_NO_SRTP
1982 if (a->srtp_profiles)
1983 sk_SRTP_PROTECTION_PROFILE_free(a->srtp_profiles);
1984#endif
1985
1986#ifndef OPENSSL_NO_ENGINE
1987 if (a->client_cert_engine)
1988 ENGINE_finish(a->client_cert_engine);
1989#endif
1990
1991 free(a->alpn_client_proto_list);
1992
1993 free(a);
1994}
1995
1996void
1997SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb)
1998{
1999 ctx->default_passwd_callback = cb;
2000}
2001
2002void
2003SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u)
2004{
2005 ctx->default_passwd_callback_userdata = u;
2006}
2007
2008void
2009SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, int (*cb)(X509_STORE_CTX *,
2010 void *), void *arg)
2011{
2012 ctx->app_verify_callback = cb;
2013 ctx->app_verify_arg = arg;
2014}
2015
2016void
2017SSL_CTX_set_verify(SSL_CTX *ctx, int mode, int (*cb)(int, X509_STORE_CTX *))
2018{
2019 ctx->verify_mode = mode;
2020 ctx->default_verify_callback = cb;
2021}
2022
2023void
2024SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth)
2025{
2026 X509_VERIFY_PARAM_set_depth(ctx->param, depth);
2027}
2028
2029void
2030ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
2031{
2032 CERT_PKEY *cpk;
2033 int rsa_enc, rsa_sign, dh_tmp, dsa_sign;
2034 unsigned long mask_k, mask_a;
2035 int have_ecc_cert, ecdh_ok, ecdsa_ok;
2036 int have_ecdh_tmp;
2037 X509 *x = NULL;
2038 EVP_PKEY *ecc_pkey = NULL;
2039 int signature_nid = 0, pk_nid = 0, md_nid = 0;
2040
2041 if (c == NULL)
2042 return;
2043
2044 dh_tmp = (c->dh_tmp != NULL || c->dh_tmp_cb != NULL ||
2045 c->dh_tmp_auto != 0);
2046
2047 have_ecdh_tmp = (c->ecdh_tmp != NULL || c->ecdh_tmp_cb != NULL ||
2048 c->ecdh_tmp_auto != 0);
2049 cpk = &(c->pkeys[SSL_PKEY_RSA_ENC]);
2050 rsa_enc = (cpk->x509 != NULL && cpk->privatekey != NULL);
2051 cpk = &(c->pkeys[SSL_PKEY_RSA_SIGN]);
2052 rsa_sign = (cpk->x509 != NULL && cpk->privatekey != NULL);
2053 cpk = &(c->pkeys[SSL_PKEY_DSA_SIGN]);
2054 dsa_sign = (cpk->x509 != NULL && cpk->privatekey != NULL);
2055/* FIX THIS EAY EAY EAY */
2056 cpk = &(c->pkeys[SSL_PKEY_ECC]);
2057 have_ecc_cert = (cpk->x509 != NULL && cpk->privatekey != NULL);
2058 mask_k = 0;
2059 mask_a = 0;
2060
2061 cpk = &(c->pkeys[SSL_PKEY_GOST01]);
2062 if (cpk->x509 != NULL && cpk->privatekey !=NULL) {
2063 mask_k |= SSL_kGOST;
2064 mask_a |= SSL_aGOST01;
2065 }
2066
2067 if (rsa_enc)
2068 mask_k|=SSL_kRSA;
2069
2070 if (dh_tmp)
2071 mask_k|=SSL_kDHE;
2072
2073 if (rsa_enc || rsa_sign)
2074 mask_a|=SSL_aRSA;
2075
2076 if (dsa_sign)
2077 mask_a|=SSL_aDSS;
2078
2079 mask_a|=SSL_aNULL;
2080
2081 /*
2082 * An ECC certificate may be usable for ECDH and/or
2083 * ECDSA cipher suites depending on the key usage extension.
2084 */
2085 if (have_ecc_cert) {
2086 /* This call populates extension flags (ex_flags) */
2087 x = (c->pkeys[SSL_PKEY_ECC]).x509;
2088 X509_check_purpose(x, -1, 0);
2089 ecdh_ok = (x->ex_flags & EXFLAG_KUSAGE) ?
2090 (x->ex_kusage & X509v3_KU_KEY_AGREEMENT) : 1;
2091 ecdsa_ok = (x->ex_flags & EXFLAG_KUSAGE) ?
2092 (x->ex_kusage & X509v3_KU_DIGITAL_SIGNATURE) : 1;
2093 ecc_pkey = X509_get_pubkey(x);
2094 EVP_PKEY_free(ecc_pkey);
2095 if ((x->sig_alg) && (x->sig_alg->algorithm)) {
2096 signature_nid = OBJ_obj2nid(x->sig_alg->algorithm);
2097 OBJ_find_sigid_algs(signature_nid, &md_nid, &pk_nid);
2098 }
2099 if (ecdh_ok) {
2100 if (pk_nid == NID_rsaEncryption || pk_nid == NID_rsa) {
2101 mask_k|=SSL_kECDHr;
2102 mask_a|=SSL_aECDH;
2103 }
2104 if (pk_nid == NID_X9_62_id_ecPublicKey) {
2105 mask_k|=SSL_kECDHe;
2106 mask_a|=SSL_aECDH;
2107 }
2108 }
2109 if (ecdsa_ok)
2110 mask_a|=SSL_aECDSA;
2111 }
2112
2113 if (have_ecdh_tmp) {
2114 mask_k|=SSL_kECDHE;
2115 }
2116
2117
2118 c->mask_k = mask_k;
2119 c->mask_a = mask_a;
2120 c->valid = 1;
2121}
2122
2123/* This handy macro borrowed from crypto/x509v3/v3_purp.c */
2124#define ku_reject(x, usage) \
2125 (((x)->ex_flags & EXFLAG_KUSAGE) && !((x)->ex_kusage & (usage)))
2126
2127
2128int
2129ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
2130{
2131 unsigned long alg_k, alg_a;
2132 int signature_nid = 0, md_nid = 0, pk_nid = 0;
2133 const SSL_CIPHER *cs = s->s3->tmp.new_cipher;
2134
2135 alg_k = cs->algorithm_mkey;
2136 alg_a = cs->algorithm_auth;
2137
2138 /* This call populates the ex_flags field correctly */
2139 X509_check_purpose(x, -1, 0);
2140 if ((x->sig_alg) && (x->sig_alg->algorithm)) {
2141 signature_nid = OBJ_obj2nid(x->sig_alg->algorithm);
2142 OBJ_find_sigid_algs(signature_nid, &md_nid, &pk_nid);
2143 }
2144 if (alg_k & SSL_kECDHe || alg_k & SSL_kECDHr) {
2145 /* key usage, if present, must allow key agreement */
2146 if (ku_reject(x, X509v3_KU_KEY_AGREEMENT)) {
2147 SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
2148 SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT);
2149 return (0);
2150 }
2151 if ((alg_k & SSL_kECDHe) && TLS1_get_version(s) <
2152 TLS1_2_VERSION) {
2153 /* signature alg must be ECDSA */
2154 if (pk_nid != NID_X9_62_id_ecPublicKey) {
2155 SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
2156 SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE);
2157 return (0);
2158 }
2159 }
2160 if ((alg_k & SSL_kECDHr) && TLS1_get_version(s) <
2161 TLS1_2_VERSION) {
2162 /* signature alg must be RSA */
2163 if (pk_nid != NID_rsaEncryption && pk_nid != NID_rsa) {
2164 SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
2165 SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE);
2166 return (0);
2167 }
2168 }
2169 }
2170 if (alg_a & SSL_aECDSA) {
2171 /* key usage, if present, must allow signing */
2172 if (ku_reject(x, X509v3_KU_DIGITAL_SIGNATURE)) {
2173 SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
2174 SSL_R_ECC_CERT_NOT_FOR_SIGNING);
2175 return (0);
2176 }
2177 }
2178
2179 return (1);
2180 /* all checks are ok */
2181}
2182
2183
2184/* THIS NEEDS CLEANING UP */
2185CERT_PKEY *
2186ssl_get_server_send_pkey(const SSL *s)
2187{
2188 unsigned long alg_k, alg_a;
2189 CERT *c;
2190 int i;
2191
2192 c = s->cert;
2193 ssl_set_cert_masks(c, s->s3->tmp.new_cipher);
2194
2195 alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
2196 alg_a = s->s3->tmp.new_cipher->algorithm_auth;
2197
2198 if (alg_k & (SSL_kECDHr|SSL_kECDHe)) {
2199 /*
2200 * We don't need to look at SSL_kECDHE
2201 * since no certificate is needed for
2202 * anon ECDH and for authenticated
2203 * ECDHE, the check for the auth
2204 * algorithm will set i correctly
2205 * NOTE: For ECDH-RSA, we need an ECC
2206 * not an RSA cert but for EECDH-RSA
2207 * we need an RSA cert. Placing the
2208 * checks for SSL_kECDH before RSA
2209 * checks ensures the correct cert is chosen.
2210 */
2211 i = SSL_PKEY_ECC;
2212 } else if (alg_a & SSL_aECDSA) {
2213 i = SSL_PKEY_ECC;
2214 } else if (alg_a & SSL_aDSS) {
2215 i = SSL_PKEY_DSA_SIGN;
2216 } else if (alg_a & SSL_aRSA) {
2217 if (c->pkeys[SSL_PKEY_RSA_ENC].x509 == NULL)
2218 i = SSL_PKEY_RSA_SIGN;
2219 else
2220 i = SSL_PKEY_RSA_ENC;
2221 } else if (alg_a & SSL_aGOST01) {
2222 i = SSL_PKEY_GOST01;
2223 } else { /* if (alg_a & SSL_aNULL) */
2224 SSLerr(SSL_F_SSL_GET_SERVER_SEND_PKEY, ERR_R_INTERNAL_ERROR);
2225 return (NULL);
2226 }
2227
2228 return (c->pkeys + i);
2229}
2230
2231X509 *
2232ssl_get_server_send_cert(const SSL *s)
2233{
2234 CERT_PKEY *cpk;
2235
2236 cpk = ssl_get_server_send_pkey(s);
2237 if (!cpk)
2238 return (NULL);
2239 return (cpk->x509);
2240}
2241
2242EVP_PKEY *
2243ssl_get_sign_pkey(SSL *s, const SSL_CIPHER *cipher, const EVP_MD **pmd)
2244{
2245 unsigned long alg_a;
2246 CERT *c;
2247 int idx = -1;
2248
2249 alg_a = cipher->algorithm_auth;
2250 c = s->cert;
2251
2252 if ((alg_a & SSL_aDSS) &&
2253 (c->pkeys[SSL_PKEY_DSA_SIGN].privatekey != NULL))
2254 idx = SSL_PKEY_DSA_SIGN;
2255 else if (alg_a & SSL_aRSA) {
2256 if (c->pkeys[SSL_PKEY_RSA_SIGN].privatekey != NULL)
2257 idx = SSL_PKEY_RSA_SIGN;
2258 else if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey != NULL)
2259 idx = SSL_PKEY_RSA_ENC;
2260 } else if ((alg_a & SSL_aECDSA) &&
2261 (c->pkeys[SSL_PKEY_ECC].privatekey != NULL))
2262 idx = SSL_PKEY_ECC;
2263 if (idx == -1) {
2264 SSLerr(SSL_F_SSL_GET_SIGN_PKEY, ERR_R_INTERNAL_ERROR);
2265 return (NULL);
2266 }
2267 if (pmd)
2268 *pmd = c->pkeys[idx].digest;
2269 return (c->pkeys[idx].privatekey);
2270}
2271
2272DH *
2273ssl_get_auto_dh(SSL *s)
2274{
2275 CERT_PKEY *cpk;
2276 int keylen;
2277 DH *dhp;
2278
2279 if (s->cert->dh_tmp_auto == 2) {
2280 keylen = 1024;
2281 } else if (s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) {
2282 keylen = 1024;
2283 if (s->s3->tmp.new_cipher->strength_bits == 256)
2284 keylen = 3072;
2285 } else {
2286 if ((cpk = ssl_get_server_send_pkey(s)) == NULL)
2287 return (NULL);
2288 if (cpk->privatekey == NULL || cpk->privatekey->pkey.dh == NULL)
2289 return (NULL);
2290 keylen = EVP_PKEY_bits(cpk->privatekey);
2291 }
2292
2293 if ((dhp = DH_new()) == NULL)
2294 return (NULL);
2295
2296 dhp->g = BN_new();
2297 if (dhp->g != NULL)
2298 BN_set_word(dhp->g, 2);
2299
2300 if (keylen >= 8192)
2301 dhp->p = get_rfc3526_prime_8192(NULL);
2302 else if (keylen >= 4096)
2303 dhp->p = get_rfc3526_prime_4096(NULL);
2304 else if (keylen >= 3072)
2305 dhp->p = get_rfc3526_prime_3072(NULL);
2306 else if (keylen >= 2048)
2307 dhp->p = get_rfc3526_prime_2048(NULL);
2308 else if (keylen >= 1536)
2309 dhp->p = get_rfc3526_prime_1536(NULL);
2310 else
2311 dhp->p = get_rfc2409_prime_1024(NULL);
2312
2313 if (dhp->p == NULL || dhp->g == NULL) {
2314 DH_free(dhp);
2315 return (NULL);
2316 }
2317 return (dhp);
2318}
2319
2320void
2321ssl_update_cache(SSL *s, int mode)
2322{
2323 int i;
2324
2325 /*
2326 * If the session_id_length is 0, we are not supposed to cache it,
2327 * and it would be rather hard to do anyway :-)
2328 */
2329 if (s->session->session_id_length == 0)
2330 return;
2331
2332 i = s->session_ctx->session_cache_mode;
2333 if ((i & mode) && (!s->hit) && ((i & SSL_SESS_CACHE_NO_INTERNAL_STORE)
2334 || SSL_CTX_add_session(s->session_ctx, s->session))
2335 && (s->session_ctx->new_session_cb != NULL)) {
2336 CRYPTO_add(&s->session->references, 1, CRYPTO_LOCK_SSL_SESSION);
2337 if (!s->session_ctx->new_session_cb(s, s->session))
2338 SSL_SESSION_free(s->session);
2339 }
2340
2341 /* auto flush every 255 connections */
2342 if ((!(i & SSL_SESS_CACHE_NO_AUTO_CLEAR)) &&
2343 ((i & mode) == mode)) {
2344 if ((((mode & SSL_SESS_CACHE_CLIENT) ?
2345 s->session_ctx->stats.sess_connect_good :
2346 s->session_ctx->stats.sess_accept_good) & 0xff) == 0xff) {
2347 SSL_CTX_flush_sessions(s->session_ctx, time(NULL));
2348 }
2349 }
2350}
2351
2352const SSL_METHOD *
2353SSL_get_ssl_method(SSL *s)
2354{
2355 return (s->method);
2356}
2357
2358int
2359SSL_set_ssl_method(SSL *s, const SSL_METHOD *meth)
2360{
2361 int conn = -1;
2362 int ret = 1;
2363
2364 if (s->method != meth) {
2365 if (s->handshake_func != NULL)
2366 conn = (s->handshake_func == s->method->ssl_connect);
2367
2368 if (s->method->version == meth->version)
2369 s->method = meth;
2370 else {
2371 s->method->ssl_free(s);
2372 s->method = meth;
2373 ret = s->method->ssl_new(s);
2374 }
2375
2376 if (conn == 1)
2377 s->handshake_func = meth->ssl_connect;
2378 else if (conn == 0)
2379 s->handshake_func = meth->ssl_accept;
2380 }
2381 return (ret);
2382}
2383
2384int
2385SSL_get_error(const SSL *s, int i)
2386{
2387 int reason;
2388 unsigned long l;
2389 BIO *bio;
2390
2391 if (i > 0)
2392 return (SSL_ERROR_NONE);
2393
2394 /* Make things return SSL_ERROR_SYSCALL when doing SSL_do_handshake
2395 * etc, where we do encode the error */
2396 if ((l = ERR_peek_error()) != 0) {
2397 if (ERR_GET_LIB(l) == ERR_LIB_SYS)
2398 return (SSL_ERROR_SYSCALL);
2399 else
2400 return (SSL_ERROR_SSL);
2401 }
2402
2403 if ((i < 0) && SSL_want_read(s)) {
2404 bio = SSL_get_rbio(s);
2405 if (BIO_should_read(bio)) {
2406 return (SSL_ERROR_WANT_READ);
2407 } else if (BIO_should_write(bio)) {
2408 /*
2409 * This one doesn't make too much sense... We never
2410 * try to write to the rbio, and an application
2411 * program where rbio and wbio are separate couldn't
2412 * even know what it should wait for. However if we
2413 * ever set s->rwstate incorrectly (so that we have
2414 * SSL_want_read(s) instead of SSL_want_write(s))
2415 * and rbio and wbio *are* the same, this test works
2416 * around that bug; so it might be safer to keep it.
2417 */
2418 return (SSL_ERROR_WANT_WRITE);
2419 } else if (BIO_should_io_special(bio)) {
2420 reason = BIO_get_retry_reason(bio);
2421 if (reason == BIO_RR_CONNECT)
2422 return (SSL_ERROR_WANT_CONNECT);
2423 else if (reason == BIO_RR_ACCEPT)
2424 return (SSL_ERROR_WANT_ACCEPT);
2425 else
2426 return (SSL_ERROR_SYSCALL); /* unknown */
2427 }
2428 }
2429
2430 if ((i < 0) && SSL_want_write(s)) {
2431 bio = SSL_get_wbio(s);
2432 if (BIO_should_write(bio)) {
2433 return (SSL_ERROR_WANT_WRITE);
2434 } else if (BIO_should_read(bio)) {
2435 /*
2436 * See above (SSL_want_read(s) with
2437 * BIO_should_write(bio))
2438 */
2439 return (SSL_ERROR_WANT_READ);
2440 } else if (BIO_should_io_special(bio)) {
2441 reason = BIO_get_retry_reason(bio);
2442 if (reason == BIO_RR_CONNECT)
2443 return (SSL_ERROR_WANT_CONNECT);
2444 else if (reason == BIO_RR_ACCEPT)
2445 return (SSL_ERROR_WANT_ACCEPT);
2446 else
2447 return (SSL_ERROR_SYSCALL);
2448 }
2449 }
2450 if ((i < 0) && SSL_want_x509_lookup(s)) {
2451 return (SSL_ERROR_WANT_X509_LOOKUP);
2452 }
2453
2454 if (i == 0) {
2455 if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) &&
2456 (s->s3->warn_alert == SSL_AD_CLOSE_NOTIFY))
2457 return (SSL_ERROR_ZERO_RETURN);
2458 }
2459 return (SSL_ERROR_SYSCALL);
2460}
2461
2462int
2463SSL_do_handshake(SSL *s)
2464{
2465 int ret = 1;
2466
2467 if (s->handshake_func == NULL) {
2468 SSLerr(SSL_F_SSL_DO_HANDSHAKE,
2469 SSL_R_CONNECTION_TYPE_NOT_SET);
2470 return (-1);
2471 }
2472
2473 s->method->ssl_renegotiate_check(s);
2474
2475 if (SSL_in_init(s) || SSL_in_before(s)) {
2476 ret = s->handshake_func(s);
2477 }
2478 return (ret);
2479}
2480
2481/*
2482 * For the next 2 functions, SSL_clear() sets shutdown and so
2483 * one of these calls will reset it
2484 */
2485void
2486SSL_set_accept_state(SSL *s)
2487{
2488 s->server = 1;
2489 s->shutdown = 0;
2490 s->state = SSL_ST_ACCEPT|SSL_ST_BEFORE;
2491 s->handshake_func = s->method->ssl_accept;
2492 /* clear the current cipher */
2493 ssl_clear_cipher_ctx(s);
2494 ssl_clear_hash_ctx(&s->read_hash);
2495 ssl_clear_hash_ctx(&s->write_hash);
2496}
2497
2498void
2499SSL_set_connect_state(SSL *s)
2500{
2501 s->server = 0;
2502 s->shutdown = 0;
2503 s->state = SSL_ST_CONNECT|SSL_ST_BEFORE;
2504 s->handshake_func = s->method->ssl_connect;
2505 /* clear the current cipher */
2506 ssl_clear_cipher_ctx(s);
2507 ssl_clear_hash_ctx(&s->read_hash);
2508 ssl_clear_hash_ctx(&s->write_hash);
2509}
2510
2511int
2512ssl_undefined_function(SSL *s)
2513{
2514 SSLerr(SSL_F_SSL_UNDEFINED_FUNCTION,
2515 ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2516 return (0);
2517}
2518
2519int
2520ssl_undefined_void_function(void)
2521{
2522 SSLerr(SSL_F_SSL_UNDEFINED_VOID_FUNCTION,
2523 ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2524 return (0);
2525}
2526
2527int
2528ssl_undefined_const_function(const SSL *s)
2529{
2530 SSLerr(SSL_F_SSL_UNDEFINED_CONST_FUNCTION,
2531 ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2532 return (0);
2533}
2534
2535SSL_METHOD *
2536ssl_bad_method(int ver)
2537{
2538 SSLerr(SSL_F_SSL_BAD_METHOD,
2539 ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2540 return (NULL);
2541}
2542
2543const char *
2544ssl_version_string(int ver)
2545{
2546 switch (ver) {
2547 case DTLS1_BAD_VER:
2548 return (SSL_TXT_DTLS1_BAD);
2549 case DTLS1_VERSION:
2550 return (SSL_TXT_DTLS1);
2551 case SSL3_VERSION:
2552 return (SSL_TXT_SSLV3);
2553 case TLS1_VERSION:
2554 return (SSL_TXT_TLSV1);
2555 case TLS1_1_VERSION:
2556 return (SSL_TXT_TLSV1_1);
2557 case TLS1_2_VERSION:
2558 return (SSL_TXT_TLSV1_2);
2559 default:
2560 return ("unknown");
2561 }
2562}
2563
2564const char *
2565SSL_get_version(const SSL *s)
2566{
2567 return ssl_version_string(s->version);
2568}
2569
2570uint16_t
2571ssl_max_server_version(SSL *s)
2572{
2573 uint16_t max_version;
2574
2575 /*
2576 * The SSL method will be changed during version negotiation, as such
2577 * we want to use the SSL method from the context.
2578 */
2579 max_version = s->ctx->method->version;
2580
2581 if (SSL_IS_DTLS(s))
2582 return (DTLS1_VERSION);
2583
2584 if ((s->options & SSL_OP_NO_TLSv1_2) == 0 &&
2585 max_version >= TLS1_2_VERSION)
2586 return (TLS1_2_VERSION);
2587 if ((s->options & SSL_OP_NO_TLSv1_1) == 0 &&
2588 max_version >= TLS1_1_VERSION)
2589 return (TLS1_1_VERSION);
2590 if ((s->options & SSL_OP_NO_TLSv1) == 0 &&
2591 max_version >= TLS1_VERSION)
2592 return (TLS1_VERSION);
2593 if ((s->options & SSL_OP_NO_SSLv3) == 0 &&
2594 max_version >= SSL3_VERSION)
2595 return (SSL3_VERSION);
2596
2597 return (0);
2598}
2599
2600SSL *
2601SSL_dup(SSL *s)
2602{
2603 STACK_OF(X509_NAME) *sk;
2604 X509_NAME *xn;
2605 SSL *ret;
2606 int i;
2607
2608 if ((ret = SSL_new(SSL_get_SSL_CTX(s))) == NULL)
2609 return (NULL);
2610
2611 ret->version = s->version;
2612 ret->type = s->type;
2613 ret->method = s->method;
2614
2615 if (s->session != NULL) {
2616 /* This copies session-id, SSL_METHOD, sid_ctx, and 'cert' */
2617 SSL_copy_session_id(ret, s);
2618 } else {
2619 /*
2620 * No session has been established yet, so we have to expect
2621 * that s->cert or ret->cert will be changed later --
2622 * they should not both point to the same object,
2623 * and thus we can't use SSL_copy_session_id.
2624 */
2625
2626 ret->method->ssl_free(ret);
2627 ret->method = s->method;
2628 ret->method->ssl_new(ret);
2629
2630 if (s->cert != NULL) {
2631 if (ret->cert != NULL) {
2632 ssl_cert_free(ret->cert);
2633 }
2634 ret->cert = ssl_cert_dup(s->cert);
2635 if (ret->cert == NULL)
2636 goto err;
2637 }
2638
2639 SSL_set_session_id_context(ret,
2640 s->sid_ctx, s->sid_ctx_length);
2641 }
2642
2643 ret->options = s->options;
2644 ret->mode = s->mode;
2645 SSL_set_max_cert_list(ret, SSL_get_max_cert_list(s));
2646 SSL_set_read_ahead(ret, SSL_get_read_ahead(s));
2647 ret->msg_callback = s->msg_callback;
2648 ret->msg_callback_arg = s->msg_callback_arg;
2649 SSL_set_verify(ret, SSL_get_verify_mode(s),
2650 SSL_get_verify_callback(s));
2651 SSL_set_verify_depth(ret, SSL_get_verify_depth(s));
2652 ret->generate_session_id = s->generate_session_id;
2653
2654 SSL_set_info_callback(ret, SSL_get_info_callback(s));
2655
2656 ret->debug = s->debug;
2657
2658 /* copy app data, a little dangerous perhaps */
2659 if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL,
2660 &ret->ex_data, &s->ex_data))
2661 goto err;
2662
2663 /* setup rbio, and wbio */
2664 if (s->rbio != NULL) {
2665 if (!BIO_dup_state(s->rbio,(char *)&ret->rbio))
2666 goto err;
2667 }
2668 if (s->wbio != NULL) {
2669 if (s->wbio != s->rbio) {
2670 if (!BIO_dup_state(s->wbio,(char *)&ret->wbio))
2671 goto err;
2672 } else
2673 ret->wbio = ret->rbio;
2674 }
2675 ret->rwstate = s->rwstate;
2676 ret->in_handshake = s->in_handshake;
2677 ret->handshake_func = s->handshake_func;
2678 ret->server = s->server;
2679 ret->renegotiate = s->renegotiate;
2680 ret->new_session = s->new_session;
2681 ret->quiet_shutdown = s->quiet_shutdown;
2682 ret->shutdown = s->shutdown;
2683 /* SSL_dup does not really work at any state, though */
2684 ret->state=s->state;
2685 ret->rstate = s->rstate;
2686
2687 /*
2688 * Would have to copy ret->init_buf, ret->init_msg, ret->init_num,
2689 * ret->init_off
2690 */
2691 ret->init_num = 0;
2692
2693 ret->hit = s->hit;
2694
2695 X509_VERIFY_PARAM_inherit(ret->param, s->param);
2696
2697 /* dup the cipher_list and cipher_list_by_id stacks */
2698 if (s->cipher_list != NULL) {
2699 if ((ret->cipher_list =
2700 sk_SSL_CIPHER_dup(s->cipher_list)) == NULL)
2701 goto err;
2702 }
2703 if (s->cipher_list_by_id != NULL) {
2704 if ((ret->cipher_list_by_id =
2705 sk_SSL_CIPHER_dup(s->cipher_list_by_id)) == NULL)
2706 goto err;
2707 }
2708
2709 /* Dup the client_CA list */
2710 if (s->client_CA != NULL) {
2711 if ((sk = sk_X509_NAME_dup(s->client_CA)) == NULL) goto err;
2712 ret->client_CA = sk;
2713 for (i = 0; i < sk_X509_NAME_num(sk); i++) {
2714 xn = sk_X509_NAME_value(sk, i);
2715 if (sk_X509_NAME_set(sk, i,
2716 X509_NAME_dup(xn)) == NULL) {
2717 X509_NAME_free(xn);
2718 goto err;
2719 }
2720 }
2721 }
2722
2723 if (0) {
2724err:
2725 if (ret != NULL)
2726 SSL_free(ret);
2727 ret = NULL;
2728 }
2729 return (ret);
2730}
2731
2732void
2733ssl_clear_cipher_ctx(SSL *s)
2734{
2735 EVP_CIPHER_CTX_free(s->enc_read_ctx);
2736 s->enc_read_ctx = NULL;
2737 EVP_CIPHER_CTX_free(s->enc_write_ctx);
2738 s->enc_write_ctx = NULL;
2739
2740 if (s->aead_read_ctx != NULL) {
2741 EVP_AEAD_CTX_cleanup(&s->aead_read_ctx->ctx);
2742 free(s->aead_read_ctx);
2743 s->aead_read_ctx = NULL;
2744 }
2745 if (s->aead_write_ctx != NULL) {
2746 EVP_AEAD_CTX_cleanup(&s->aead_write_ctx->ctx);
2747 free(s->aead_write_ctx);
2748 s->aead_write_ctx = NULL;
2749 }
2750
2751}
2752
2753/* Fix this function so that it takes an optional type parameter */
2754X509 *
2755SSL_get_certificate(const SSL *s)
2756{
2757 if (s->cert != NULL)
2758 return (s->cert->key->x509);
2759 else
2760 return (NULL);
2761}
2762
2763/* Fix this function so that it takes an optional type parameter */
2764EVP_PKEY *
2765SSL_get_privatekey(SSL *s)
2766{
2767 if (s->cert != NULL)
2768 return (s->cert->key->privatekey);
2769 else
2770 return (NULL);
2771}
2772
2773const SSL_CIPHER *
2774SSL_get_current_cipher(const SSL *s)
2775{
2776 if ((s->session != NULL) && (s->session->cipher != NULL))
2777 return (s->session->cipher);
2778 return (NULL);
2779}
2780const void *
2781SSL_get_current_compression(SSL *s)
2782{
2783 return (NULL);
2784}
2785
2786const void *
2787SSL_get_current_expansion(SSL *s)
2788{
2789 return (NULL);
2790}
2791
2792int
2793ssl_init_wbio_buffer(SSL *s, int push)
2794{
2795 BIO *bbio;
2796
2797 if (s->bbio == NULL) {
2798 bbio = BIO_new(BIO_f_buffer());
2799 if (bbio == NULL)
2800 return (0);
2801 s->bbio = bbio;
2802 } else {
2803 bbio = s->bbio;
2804 if (s->bbio == s->wbio)
2805 s->wbio = BIO_pop(s->wbio);
2806 }
2807 (void)BIO_reset(bbio);
2808/* if (!BIO_set_write_buffer_size(bbio,16*1024)) */
2809 if (!BIO_set_read_buffer_size(bbio, 1)) {
2810 SSLerr(SSL_F_SSL_INIT_WBIO_BUFFER,
2811 ERR_R_BUF_LIB);
2812 return (0);
2813 }
2814 if (push) {
2815 if (s->wbio != bbio)
2816 s->wbio = BIO_push(bbio, s->wbio);
2817 } else {
2818 if (s->wbio == bbio)
2819 s->wbio = BIO_pop(bbio);
2820 }
2821 return (1);
2822}
2823
2824void
2825ssl_free_wbio_buffer(SSL *s)
2826{
2827 if (s->bbio == NULL)
2828 return;
2829
2830 if (s->bbio == s->wbio) {
2831 /* remove buffering */
2832 s->wbio = BIO_pop(s->wbio);
2833 }
2834 BIO_free(s->bbio);
2835 s->bbio = NULL;
2836}
2837
2838void
2839SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode)
2840{
2841 ctx->quiet_shutdown = mode;
2842}
2843
2844int
2845SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx)
2846{
2847 return (ctx->quiet_shutdown);
2848}
2849
2850void
2851SSL_set_quiet_shutdown(SSL *s, int mode)
2852{
2853 s->quiet_shutdown = mode;
2854}
2855
2856int
2857SSL_get_quiet_shutdown(const SSL *s)
2858{
2859 return (s->quiet_shutdown);
2860}
2861
2862void
2863SSL_set_shutdown(SSL *s, int mode)
2864{
2865 s->shutdown = mode;
2866}
2867
2868int
2869SSL_get_shutdown(const SSL *s)
2870{
2871 return (s->shutdown);
2872}
2873
2874int
2875SSL_version(const SSL *s)
2876{
2877 return (s->version);
2878}
2879
2880SSL_CTX *
2881SSL_get_SSL_CTX(const SSL *ssl)
2882{
2883 return (ssl->ctx);
2884}
2885
2886SSL_CTX *
2887SSL_set_SSL_CTX(SSL *ssl, SSL_CTX* ctx)
2888{
2889 if (ssl->ctx == ctx)
2890 return (ssl->ctx);
2891 if (ctx == NULL)
2892 ctx = ssl->initial_ctx;
2893 if (ssl->cert != NULL)
2894 ssl_cert_free(ssl->cert);
2895 ssl->cert = ssl_cert_dup(ctx->cert);
2896 CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
2897 SSL_CTX_free(ssl->ctx); /* decrement reference count */
2898 ssl->ctx = ctx;
2899 return (ssl->ctx);
2900}
2901
2902int
2903SSL_CTX_set_default_verify_paths(SSL_CTX *ctx)
2904{
2905 return (X509_STORE_set_default_paths(ctx->cert_store));
2906}
2907
2908int
2909SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
2910 const char *CApath)
2911{
2912 return (X509_STORE_load_locations(ctx->cert_store, CAfile, CApath));
2913}
2914
2915int
2916SSL_CTX_load_verify_mem(SSL_CTX *ctx, void *buf, int len)
2917{
2918 return (X509_STORE_load_mem(ctx->cert_store, buf, len));
2919}
2920
2921void
2922SSL_set_info_callback(SSL *ssl, void (*cb)(const SSL *ssl, int type, int val))
2923{
2924 ssl->info_callback = cb;
2925}
2926
2927void (*SSL_get_info_callback(const SSL *ssl))(const SSL *ssl, int type, int val)
2928{
2929 return (ssl->info_callback);
2930}
2931
2932int
2933SSL_state(const SSL *ssl)
2934{
2935 return (ssl->state);
2936}
2937
2938void
2939SSL_set_state(SSL *ssl, int state)
2940{
2941 ssl->state = state;
2942}
2943
2944void
2945SSL_set_verify_result(SSL *ssl, long arg)
2946{
2947 ssl->verify_result = arg;
2948}
2949
2950long
2951SSL_get_verify_result(const SSL *ssl)
2952{
2953 return (ssl->verify_result);
2954}
2955
2956int
2957SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
2958 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
2959{
2960 return (CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL, argl, argp,
2961 new_func, dup_func, free_func));
2962}
2963
2964int
2965SSL_set_ex_data(SSL *s, int idx, void *arg)
2966{
2967 return (CRYPTO_set_ex_data(&s->ex_data, idx, arg));
2968}
2969
2970void *
2971SSL_get_ex_data(const SSL *s, int idx)
2972{
2973 return (CRYPTO_get_ex_data(&s->ex_data, idx));
2974}
2975
2976int
2977SSL_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
2978 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
2979{
2980 return (CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX, argl, argp,
2981 new_func, dup_func, free_func));
2982}
2983
2984int
2985SSL_CTX_set_ex_data(SSL_CTX *s, int idx, void *arg)
2986{
2987 return (CRYPTO_set_ex_data(&s->ex_data, idx, arg));
2988}
2989
2990void *
2991SSL_CTX_get_ex_data(const SSL_CTX *s, int idx)
2992{
2993 return (CRYPTO_get_ex_data(&s->ex_data, idx));
2994}
2995
2996int
2997ssl_ok(SSL *s)
2998{
2999 return (1);
3000}
3001
3002X509_STORE *
3003SSL_CTX_get_cert_store(const SSL_CTX *ctx)
3004{
3005 return (ctx->cert_store);
3006}
3007
3008void
3009SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *store)
3010{
3011 if (ctx->cert_store != NULL)
3012 X509_STORE_free(ctx->cert_store);
3013 ctx->cert_store = store;
3014}
3015
3016int
3017SSL_want(const SSL *s)
3018{
3019 return (s->rwstate);
3020}
3021
3022void
3023SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx, RSA *(*cb)(SSL *ssl, int is_export,
3024 int keylength))
3025{
3026 SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_RSA_CB,(void (*)(void))cb);
3027}
3028
3029void
3030SSL_set_tmp_rsa_callback(SSL *ssl, RSA *(*cb)(SSL *ssl, int is_export,
3031 int keylength))
3032{
3033 SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_RSA_CB,(void (*)(void))cb);
3034}
3035
3036void
3037SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx, DH *(*dh)(SSL *ssl, int is_export,
3038 int keylength))
3039{
3040 SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_DH_CB,(void (*)(void))dh);
3041}
3042
3043void
3044SSL_set_tmp_dh_callback(SSL *ssl, DH *(*dh)(SSL *ssl, int is_export,
3045 int keylength))
3046{
3047 SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_DH_CB,(void (*)(void))dh);
3048}
3049
3050void
3051SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx, EC_KEY *(*ecdh)(SSL *ssl,
3052 int is_export, int keylength))
3053{
3054 SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_ECDH_CB,
3055 (void (*)(void))ecdh);
3056}
3057
3058void
3059SSL_set_tmp_ecdh_callback(SSL *ssl, EC_KEY *(*ecdh)(SSL *ssl, int is_export,
3060 int keylength))
3061{
3062 SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_ECDH_CB,(void (*)(void))ecdh);
3063}
3064
3065
3066void
3067SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int version,
3068 int content_type, const void *buf, size_t len, SSL *ssl, void *arg))
3069{
3070 SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_MSG_CALLBACK,
3071 (void (*)(void))cb);
3072}
3073
3074void
3075SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version,
3076 int content_type, const void *buf, size_t len, SSL *ssl, void *arg))
3077{
3078 SSL_callback_ctrl(ssl, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb);
3079}
3080
3081/*
3082 * Allocates new EVP_MD_CTX and sets pointer to it into given pointer
3083 * variable, freeing EVP_MD_CTX previously stored in that variable, if
3084 * any. If EVP_MD pointer is passed, initializes ctx with this md
3085 * Returns newly allocated ctx;
3086 */
3087EVP_MD_CTX *
3088ssl_replace_hash(EVP_MD_CTX **hash, const EVP_MD *md)
3089{
3090 ssl_clear_hash_ctx(hash);
3091 *hash = EVP_MD_CTX_create();
3092 if (*hash != NULL && md != NULL) {
3093 if (!EVP_DigestInit_ex(*hash, md, NULL)) {
3094 ssl_clear_hash_ctx(hash);
3095 return (NULL);
3096 }
3097 }
3098 return (*hash);
3099}
3100
3101void
3102ssl_clear_hash_ctx(EVP_MD_CTX **hash)
3103{
3104 if (*hash)
3105 EVP_MD_CTX_destroy(*hash);
3106 *hash = NULL;
3107}
3108
3109void
3110SSL_set_debug(SSL *s, int debug)
3111{
3112 s->debug = debug;
3113}
3114
3115int
3116SSL_cache_hit(SSL *s)
3117{
3118 return (s->hit);
3119}
3120
3121IMPLEMENT_OBJ_BSEARCH_GLOBAL_CMP_FN(SSL_CIPHER, SSL_CIPHER, ssl_cipher_id);
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
deleted file mode 100644
index c38aa3a90d..0000000000
--- a/src/lib/libssl/ssl_locl.h
+++ /dev/null
@@ -1,874 +0,0 @@
1/* $OpenBSD: ssl_locl.h,v 1.88 2015/02/22 15:54:27 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111/* ====================================================================
112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113 * ECC cipher suite support in OpenSSL originally developed by
114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
115 */
116/* ====================================================================
117 * Copyright 2005 Nokia. All rights reserved.
118 *
119 * The portions of the attached software ("Contribution") is developed by
120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
121 * license.
122 *
123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
125 * support (see RFC 4279) to OpenSSL.
126 *
127 * No patent licenses or other rights except those expressly stated in
128 * the OpenSSL open source license shall be deemed granted or received
129 * expressly, by implication, estoppel, or otherwise.
130 *
131 * No assurances are provided by Nokia that the Contribution does not
132 * infringe the patent or other intellectual property rights of any third
133 * party or that the license provides you with all the necessary rights
134 * to make use of the Contribution.
135 *
136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
140 * OTHERWISE.
141 */
142
143#ifndef HEADER_SSL_LOCL_H
144#define HEADER_SSL_LOCL_H
145
146#include <sys/types.h>
147
148#include <errno.h>
149#include <stdlib.h>
150#include <string.h>
151#include <time.h>
152#include <unistd.h>
153
154#include <openssl/opensslconf.h>
155#include <openssl/bio.h>
156#include <openssl/buffer.h>
157#include <openssl/dsa.h>
158#include <openssl/err.h>
159#include <openssl/rsa.h>
160#include <openssl/ssl.h>
161#include <openssl/stack.h>
162
163#define c2l(c,l) (l = ((unsigned long)(*((c)++))) , \
164 l|=(((unsigned long)(*((c)++)))<< 8), \
165 l|=(((unsigned long)(*((c)++)))<<16), \
166 l|=(((unsigned long)(*((c)++)))<<24))
167
168/* NOTE - c is not incremented as per c2l */
169#define c2ln(c,l1,l2,n) { \
170 c+=n; \
171 l1=l2=0; \
172 switch (n) { \
173 case 8: l2 =((unsigned long)(*(--(c))))<<24; \
174 case 7: l2|=((unsigned long)(*(--(c))))<<16; \
175 case 6: l2|=((unsigned long)(*(--(c))))<< 8; \
176 case 5: l2|=((unsigned long)(*(--(c)))); \
177 case 4: l1 =((unsigned long)(*(--(c))))<<24; \
178 case 3: l1|=((unsigned long)(*(--(c))))<<16; \
179 case 2: l1|=((unsigned long)(*(--(c))))<< 8; \
180 case 1: l1|=((unsigned long)(*(--(c)))); \
181 } \
182 }
183
184#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
185 *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
186 *((c)++)=(unsigned char)(((l)>>16)&0xff), \
187 *((c)++)=(unsigned char)(((l)>>24)&0xff))
188
189#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24, \
190 l|=((unsigned long)(*((c)++)))<<16, \
191 l|=((unsigned long)(*((c)++)))<< 8, \
192 l|=((unsigned long)(*((c)++))))
193
194#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \
195 *((c)++)=(unsigned char)(((l)>>16)&0xff), \
196 *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
197 *((c)++)=(unsigned char)(((l) )&0xff))
198
199#define l2n8(l,c) (*((c)++)=(unsigned char)(((l)>>56)&0xff), \
200 *((c)++)=(unsigned char)(((l)>>48)&0xff), \
201 *((c)++)=(unsigned char)(((l)>>40)&0xff), \
202 *((c)++)=(unsigned char)(((l)>>32)&0xff), \
203 *((c)++)=(unsigned char)(((l)>>24)&0xff), \
204 *((c)++)=(unsigned char)(((l)>>16)&0xff), \
205 *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
206 *((c)++)=(unsigned char)(((l) )&0xff))
207
208/* NOTE - c is not incremented as per l2c */
209#define l2cn(l1,l2,c,n) { \
210 c+=n; \
211 switch (n) { \
212 case 8: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
213 case 7: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
214 case 6: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
215 case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
216 case 4: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
217 case 3: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
218 case 2: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
219 case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
220 } \
221 }
222
223#define n2s(c,s) ((s=(((unsigned int)(c[0]))<< 8)| \
224 (((unsigned int)(c[1])) )),c+=2)
225#define s2n(s,c) ((c[0]=(unsigned char)(((s)>> 8)&0xff), \
226 c[1]=(unsigned char)(((s) )&0xff)),c+=2)
227
228#define n2l3(c,l) ((l =(((unsigned long)(c[0]))<<16)| \
229 (((unsigned long)(c[1]))<< 8)| \
230 (((unsigned long)(c[2])) )),c+=3)
231
232#define l2n3(l,c) ((c[0]=(unsigned char)(((l)>>16)&0xff), \
233 c[1]=(unsigned char)(((l)>> 8)&0xff), \
234 c[2]=(unsigned char)(((l) )&0xff)),c+=3)
235
236/* LOCAL STUFF */
237
238#define SSL_DECRYPT 0
239#define SSL_ENCRYPT 1
240
241/*
242 * Define the Bitmasks for SSL_CIPHER.algorithms.
243 * This bits are used packed as dense as possible. If new methods/ciphers
244 * etc will be added, the bits a likely to change, so this information
245 * is for internal library use only, even though SSL_CIPHER.algorithms
246 * can be publicly accessed.
247 * Use the according functions for cipher management instead.
248 *
249 * The bit mask handling in the selection and sorting scheme in
250 * ssl_create_cipher_list() has only limited capabilities, reflecting
251 * that the different entities within are mutually exclusive:
252 * ONLY ONE BIT PER MASK CAN BE SET AT A TIME.
253 */
254
255/* Bits for algorithm_mkey (key exchange algorithm) */
256#define SSL_kRSA 0x00000001L /* RSA key exchange */
257#define SSL_kDHE 0x00000008L /* tmp DH key no DH cert */
258#define SSL_kECDHr 0x00000020L /* ECDH cert, RSA CA cert */
259#define SSL_kECDHe 0x00000040L /* ECDH cert, ECDSA CA cert */
260#define SSL_kECDHE 0x00000080L /* ephemeral ECDH */
261#define SSL_kGOST 0x00000200L /* GOST key exchange */
262
263/* Bits for algorithm_auth (server authentication) */
264#define SSL_aRSA 0x00000001L /* RSA auth */
265#define SSL_aDSS 0x00000002L /* DSS auth */
266#define SSL_aNULL 0x00000004L /* no auth (i.e. use ADH or AECDH) */
267#define SSL_aECDH 0x00000010L /* Fixed ECDH auth (kECDHe or kECDHr) */
268#define SSL_aECDSA 0x00000040L /* ECDSA auth*/
269#define SSL_aGOST01 0x00000200L /* GOST R 34.10-2001 signature auth */
270
271
272/* Bits for algorithm_enc (symmetric encryption) */
273#define SSL_DES 0x00000001L
274#define SSL_3DES 0x00000002L
275#define SSL_RC4 0x00000004L
276#define SSL_IDEA 0x00000008L
277#define SSL_eNULL 0x00000010L
278#define SSL_AES128 0x00000020L
279#define SSL_AES256 0x00000040L
280#define SSL_CAMELLIA128 0x00000080L
281#define SSL_CAMELLIA256 0x00000100L
282#define SSL_eGOST2814789CNT 0x00000200L
283#define SSL_AES128GCM 0x00000400L
284#define SSL_AES256GCM 0x00000800L
285#define SSL_CHACHA20POLY1305 0x00001000L
286
287#define SSL_AES (SSL_AES128|SSL_AES256|SSL_AES128GCM|SSL_AES256GCM)
288#define SSL_CAMELLIA (SSL_CAMELLIA128|SSL_CAMELLIA256)
289
290
291/* Bits for algorithm_mac (symmetric authentication) */
292
293#define SSL_MD5 0x00000001L
294#define SSL_SHA1 0x00000002L
295#define SSL_GOST94 0x00000004L
296#define SSL_GOST89MAC 0x00000008L
297#define SSL_SHA256 0x00000010L
298#define SSL_SHA384 0x00000020L
299/* Not a real MAC, just an indication it is part of cipher */
300#define SSL_AEAD 0x00000040L
301#define SSL_STREEBOG256 0x00000080L
302#define SSL_STREEBOG512 0x00000100L
303
304/* Bits for algorithm_ssl (protocol version) */
305#define SSL_SSLV3 0x00000002L
306#define SSL_TLSV1 SSL_SSLV3 /* for now */
307#define SSL_TLSV1_2 0x00000004L
308
309
310/* Bits for algorithm2 (handshake digests and other extra flags) */
311
312#define SSL_HANDSHAKE_MAC_MD5 0x10
313#define SSL_HANDSHAKE_MAC_SHA 0x20
314#define SSL_HANDSHAKE_MAC_GOST94 0x40
315#define SSL_HANDSHAKE_MAC_SHA256 0x80
316#define SSL_HANDSHAKE_MAC_SHA384 0x100
317#define SSL_HANDSHAKE_MAC_STREEBOG256 0x200
318#define SSL_HANDSHAKE_MAC_STREEBOG512 0x400
319#define SSL_HANDSHAKE_MAC_DEFAULT (SSL_HANDSHAKE_MAC_MD5 | SSL_HANDSHAKE_MAC_SHA)
320
321/* When adding new digest in the ssl_ciph.c and increment SSM_MD_NUM_IDX
322 * make sure to update this constant too */
323#define SSL_MAX_DIGEST 8
324
325#define SSL3_CK_ID 0x03000000
326#define SSL3_CK_VALUE_MASK 0x0000ffff
327
328#define TLS1_PRF_DGST_MASK (0xff << TLS1_PRF_DGST_SHIFT)
329
330#define TLS1_PRF_DGST_SHIFT 10
331#define TLS1_PRF_MD5 (SSL_HANDSHAKE_MAC_MD5 << TLS1_PRF_DGST_SHIFT)
332#define TLS1_PRF_SHA1 (SSL_HANDSHAKE_MAC_SHA << TLS1_PRF_DGST_SHIFT)
333#define TLS1_PRF_SHA256 (SSL_HANDSHAKE_MAC_SHA256 << TLS1_PRF_DGST_SHIFT)
334#define TLS1_PRF_SHA384 (SSL_HANDSHAKE_MAC_SHA384 << TLS1_PRF_DGST_SHIFT)
335#define TLS1_PRF_GOST94 (SSL_HANDSHAKE_MAC_GOST94 << TLS1_PRF_DGST_SHIFT)
336#define TLS1_PRF_STREEBOG256 (SSL_HANDSHAKE_MAC_STREEBOG256 << TLS1_PRF_DGST_SHIFT)
337#define TLS1_PRF (TLS1_PRF_MD5 | TLS1_PRF_SHA1)
338
339/* Stream MAC for GOST ciphersuites from cryptopro draft
340 * (currently this also goes into algorithm2) */
341#define TLS1_STREAM_MAC 0x04
342
343/*
344 * SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_IN_RECORD is an algorithm2 flag that
345 * indicates that the variable part of the nonce is included as a prefix of
346 * the record (AES-GCM, for example, does this with an 8-byte variable nonce.)
347 */
348#define SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_IN_RECORD (1 << 22)
349
350/*
351 * SSL_CIPHER_ALGORITHM2_AEAD is an algorithm2 flag that indicates the cipher
352 * is implemented via an EVP_AEAD.
353 */
354#define SSL_CIPHER_ALGORITHM2_AEAD (1 << 23)
355
356/*
357 * SSL_CIPHER_AEAD_FIXED_NONCE_LEN returns the number of bytes of fixed nonce
358 * for an SSL_CIPHER with the SSL_CIPHER_ALGORITHM2_AEAD flag.
359 */
360#define SSL_CIPHER_AEAD_FIXED_NONCE_LEN(ssl_cipher) \
361 (((ssl_cipher->algorithm2 >> 24) & 0xf) * 2)
362
363/*
364 * Cipher strength information.
365 */
366#define SSL_STRONG_MASK 0x000001fcL
367#define SSL_STRONG_NONE 0x00000004L
368#define SSL_LOW 0x00000020L
369#define SSL_MEDIUM 0x00000040L
370#define SSL_HIGH 0x00000080L
371
372/*
373 * The keylength (measured in RSA key bits, I guess) for temporary keys.
374 * Cipher argument is so that this can be variable in the future.
375 */
376#define SSL_C_PKEYLENGTH(c) 1024
377
378/* Check if an SSL structure is using DTLS. */
379#define SSL_IS_DTLS(s) (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_DTLS)
380
381/* See if we need explicit IV. */
382#define SSL_USE_EXPLICIT_IV(s) \
383 (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_EXPLICIT_IV)
384
385/* See if we use signature algorithms extension. */
386#define SSL_USE_SIGALGS(s) \
387 (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_SIGALGS)
388
389/* Allow TLS 1.2 ciphersuites: applies to DTLS 1.2 as well as TLS 1.2. */
390#define SSL_USE_TLS1_2_CIPHERS(s) \
391 (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_TLS1_2_CIPHERS)
392
393/* Mostly for SSLv3 */
394#define SSL_PKEY_RSA_ENC 0
395#define SSL_PKEY_RSA_SIGN 1
396#define SSL_PKEY_DSA_SIGN 2
397#define SSL_PKEY_DH_RSA 3
398#define SSL_PKEY_DH_DSA 4
399#define SSL_PKEY_ECC 5
400#define SSL_PKEY_GOST01 6
401#define SSL_PKEY_NUM 7
402
403/* SSL_kRSA <- RSA_ENC | (RSA_TMP & RSA_SIGN) |
404 * <- (EXPORT & (RSA_ENC | RSA_TMP) & RSA_SIGN)
405 * SSL_kDH <- DH_ENC & (RSA_ENC | RSA_SIGN | DSA_SIGN)
406 * SSL_kDHE <- RSA_ENC | RSA_SIGN | DSA_SIGN
407 * SSL_aRSA <- RSA_ENC | RSA_SIGN
408 * SSL_aDSS <- DSA_SIGN
409 */
410
411/*
412#define CERT_INVALID 0
413#define CERT_PUBLIC_KEY 1
414#define CERT_PRIVATE_KEY 2
415*/
416
417/* From ECC-TLS draft, used in encoding the curve type in
418 * ECParameters
419 */
420#define EXPLICIT_PRIME_CURVE_TYPE 1
421#define EXPLICIT_CHAR2_CURVE_TYPE 2
422#define NAMED_CURVE_TYPE 3
423
424typedef struct cert_pkey_st {
425 X509 *x509;
426 EVP_PKEY *privatekey;
427 /* Digest to use when signing */
428 const EVP_MD *digest;
429} CERT_PKEY;
430
431typedef struct cert_st {
432 /* Current active set */
433 CERT_PKEY *key; /* ALWAYS points to an element of the pkeys array
434 * Probably it would make more sense to store
435 * an index, not a pointer. */
436
437 /* The following masks are for the key and auth
438 * algorithms that are supported by the certs below */
439 int valid;
440 unsigned long mask_k;
441 unsigned long mask_a;
442
443 DH *dh_tmp;
444 DH *(*dh_tmp_cb)(SSL *ssl, int is_export, int keysize);
445 int dh_tmp_auto;
446
447 EC_KEY *ecdh_tmp;
448 EC_KEY *(*ecdh_tmp_cb)(SSL *ssl, int is_export, int keysize);
449 int ecdh_tmp_auto;
450
451 CERT_PKEY pkeys[SSL_PKEY_NUM];
452
453 int references; /* >1 only if SSL_copy_session_id is used */
454} CERT;
455
456
457typedef struct sess_cert_st {
458 STACK_OF(X509) *cert_chain; /* as received from peer */
459
460 /* The 'peer_...' members are used only by clients. */
461 int peer_cert_type;
462
463 CERT_PKEY *peer_key; /* points to an element of peer_pkeys (never NULL!) */
464 CERT_PKEY peer_pkeys[SSL_PKEY_NUM];
465 /* Obviously we don't have the private keys of these,
466 * so maybe we shouldn't even use the CERT_PKEY type here. */
467
468 DH *peer_dh_tmp;
469 EC_KEY *peer_ecdh_tmp;
470
471 int references; /* actually always 1 at the moment */
472} SESS_CERT;
473
474
475/*#define SSL_DEBUG */
476/*#define RSA_DEBUG */
477
478/* This is for the SSLv3/TLSv1.0 differences in crypto/hash stuff
479 * It is a bit of a mess of functions, but hell, think of it as
480 * an opaque structure :-) */
481typedef struct ssl3_enc_method {
482 int (*enc)(SSL *, int);
483 int (*mac)(SSL *, unsigned char *, int);
484 int (*setup_key_block)(SSL *);
485 int (*generate_master_secret)(SSL *, unsigned char *,
486 unsigned char *, int);
487 int (*change_cipher_state)(SSL *, int);
488 int (*final_finish_mac)(SSL *, const char *, int, unsigned char *);
489 int finish_mac_length;
490 int (*cert_verify_mac)(SSL *, int, unsigned char *);
491 const char *client_finished_label;
492 int client_finished_label_len;
493 const char *server_finished_label;
494 int server_finished_label_len;
495 int (*alert_value)(int);
496 int (*export_keying_material)(SSL *, unsigned char *, size_t,
497 const char *, size_t, const unsigned char *, size_t,
498 int use_context);
499 /* Flags indicating protocol version requirements. */
500 unsigned int enc_flags;
501} SSL3_ENC_METHOD;
502
503/*
504 * Flag values for enc_flags.
505 */
506
507/* Uses explicit IV. */
508#define SSL_ENC_FLAG_EXPLICIT_IV (1 << 0)
509
510/* Uses signature algorithms extension. */
511#define SSL_ENC_FLAG_SIGALGS (1 << 1)
512
513/* Uses SHA256 default PRF. */
514#define SSL_ENC_FLAG_SHA256_PRF (1 << 2)
515
516/* Is DTLS. */
517#define SSL_ENC_FLAG_DTLS (1 << 3)
518
519/* Allow TLS 1.2 ciphersuites: applies to DTLS 1.2 as well as TLS 1.2. */
520#define SSL_ENC_FLAG_TLS1_2_CIPHERS (1 << 4)
521
522/*
523 * ssl_aead_ctx_st contains information about an AEAD that is being used to
524 * encrypt an SSL connection.
525 */
526struct ssl_aead_ctx_st {
527 EVP_AEAD_CTX ctx;
528 /*
529 * fixed_nonce contains any bytes of the nonce that are fixed for all
530 * records.
531 */
532 unsigned char fixed_nonce[8];
533 unsigned char fixed_nonce_len;
534 unsigned char variable_nonce_len;
535 unsigned char tag_len;
536 /*
537 * variable_nonce_in_record is non-zero if the variable nonce
538 * for a record is included as a prefix before the ciphertext.
539 */
540 char variable_nonce_in_record;
541};
542
543extern SSL3_ENC_METHOD ssl3_undef_enc_method;
544extern SSL_CIPHER ssl3_ciphers[];
545
546SSL_METHOD *ssl_bad_method(int ver);
547const char *ssl_version_string(int ver);
548uint16_t ssl_max_server_version(SSL *s);
549
550extern SSL3_ENC_METHOD TLSv1_enc_data;
551extern SSL3_ENC_METHOD TLSv1_1_enc_data;
552extern SSL3_ENC_METHOD TLSv1_2_enc_data;
553extern SSL3_ENC_METHOD SSLv3_enc_data;
554extern SSL3_ENC_METHOD DTLSv1_enc_data;
555
556void ssl_clear_cipher_ctx(SSL *s);
557int ssl_clear_bad_session(SSL *s);
558CERT *ssl_cert_new(void);
559CERT *ssl_cert_dup(CERT *cert);
560int ssl_cert_inst(CERT **o);
561void ssl_cert_free(CERT *c);
562SESS_CERT *ssl_sess_cert_new(void);
563void ssl_sess_cert_free(SESS_CERT *sc);
564int ssl_set_peer_cert_type(SESS_CERT *c, int type);
565int ssl_get_new_session(SSL *s, int session);
566int ssl_get_prev_session(SSL *s, unsigned char *session, int len,
567 const unsigned char *limit);
568int ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b);
569DECLARE_OBJ_BSEARCH_GLOBAL_CMP_FN(SSL_CIPHER, SSL_CIPHER, ssl_cipher_id);
570int ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap,
571 const SSL_CIPHER * const *bp);
572STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, unsigned char *p,
573 int num, STACK_OF(SSL_CIPHER) **skp);
574int ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk,
575 unsigned char *p);
576STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *meth,
577 STACK_OF(SSL_CIPHER) **pref, STACK_OF(SSL_CIPHER) **sorted,
578 const char *rule_str);
579void ssl_update_cache(SSL *s, int mode);
580int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
581 const EVP_MD **md, int *mac_pkey_type, int *mac_secret_size);
582int ssl_cipher_get_evp_aead(const SSL_SESSION *s, const EVP_AEAD **aead);
583int ssl_get_handshake_digest(int i, long *mask, const EVP_MD **md);
584
585int ssl_verify_cert_chain(SSL *s, STACK_OF(X509) *sk);
586int ssl_undefined_function(SSL *s);
587int ssl_undefined_void_function(void);
588int ssl_undefined_const_function(const SSL *s);
589CERT_PKEY *ssl_get_server_send_pkey(const SSL *s);
590X509 *ssl_get_server_send_cert(const SSL *);
591EVP_PKEY *ssl_get_sign_pkey(SSL *s, const SSL_CIPHER *c, const EVP_MD **pmd);
592DH *ssl_get_auto_dh(SSL *s);
593int ssl_cert_type(X509 *x, EVP_PKEY *pkey);
594void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher);
595STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s);
596int ssl_verify_alarm_type(long type);
597void ssl_load_ciphers(void);
598
599const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p);
600int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p);
601int ssl3_init_finished_mac(SSL *s);
602int ssl3_send_server_certificate(SSL *s);
603int ssl3_send_newsession_ticket(SSL *s);
604int ssl3_send_cert_status(SSL *s);
605int ssl3_get_finished(SSL *s, int state_a, int state_b);
606int ssl3_setup_key_block(SSL *s);
607int ssl3_send_change_cipher_spec(SSL *s, int state_a, int state_b);
608int ssl3_change_cipher_state(SSL *s, int which);
609void ssl3_cleanup_key_block(SSL *s);
610int ssl3_do_write(SSL *s, int type);
611int ssl3_send_alert(SSL *s, int level, int desc);
612int ssl3_generate_master_secret(SSL *s, unsigned char *out,
613 unsigned char *p, int len);
614int ssl3_get_req_cert_type(SSL *s, unsigned char *p);
615long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok);
616int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen);
617int ssl3_num_ciphers(void);
618const SSL_CIPHER *ssl3_get_cipher(unsigned int u);
619const SSL_CIPHER *ssl3_get_cipher_by_id(unsigned int id);
620const SSL_CIPHER *ssl3_get_cipher_by_value(uint16_t value);
621uint16_t ssl3_cipher_get_value(const SSL_CIPHER *c);
622int ssl3_renegotiate(SSL *ssl);
623
624int ssl3_renegotiate_check(SSL *ssl);
625
626int ssl3_dispatch_alert(SSL *s);
627int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek);
628int ssl3_write_bytes(SSL *s, int type, const void *buf, int len);
629int ssl3_final_finish_mac(SSL *s, const char *sender, int slen,
630 unsigned char *p);
631int ssl3_cert_verify_mac(SSL *s, int md_nid, unsigned char *p);
632void ssl3_finish_mac(SSL *s, const unsigned char *buf, int len);
633int ssl3_enc(SSL *s, int send_data);
634int n_ssl3_mac(SSL *ssl, unsigned char *md, int send_data);
635void ssl3_free_digest_list(SSL *s);
636unsigned long ssl3_output_cert_chain(SSL *s, X509 *x);
637SSL_CIPHER *ssl3_choose_cipher(SSL *ssl, STACK_OF(SSL_CIPHER) *clnt,
638 STACK_OF(SSL_CIPHER) *srvr);
639int ssl3_setup_buffers(SSL *s);
640int ssl3_setup_read_buffer(SSL *s);
641int ssl3_setup_write_buffer(SSL *s);
642int ssl3_release_read_buffer(SSL *s);
643int ssl3_release_write_buffer(SSL *s);
644int ssl3_digest_cached_records(SSL *s);
645int ssl3_new(SSL *s);
646void ssl3_free(SSL *s);
647int ssl3_accept(SSL *s);
648int ssl3_connect(SSL *s);
649int ssl3_read(SSL *s, void *buf, int len);
650int ssl3_peek(SSL *s, void *buf, int len);
651int ssl3_write(SSL *s, const void *buf, int len);
652int ssl3_shutdown(SSL *s);
653void ssl3_clear(SSL *s);
654long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg);
655long ssl3_ctx_ctrl(SSL_CTX *s, int cmd, long larg, void *parg);
656long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)(void));
657long ssl3_ctx_callback_ctrl(SSL_CTX *s, int cmd, void (*fp)(void));
658int ssl3_pending(const SSL *s);
659
660unsigned char *ssl3_handshake_msg_start(SSL *s, uint8_t htype);
661void ssl3_handshake_msg_finish(SSL *s, unsigned int len);
662int ssl3_handshake_write(SSL *s);
663
664void ssl3_record_sequence_increment(unsigned char *seq);
665int ssl3_do_change_cipher_spec(SSL *ssl);
666long ssl3_default_timeout(void);
667
668int ssl23_read(SSL *s, void *buf, int len);
669int ssl23_peek(SSL *s, void *buf, int len);
670int ssl23_write(SSL *s, const void *buf, int len);
671long ssl23_default_timeout(void);
672
673long tls1_default_timeout(void);
674int dtls1_do_write(SSL *s, int type);
675int ssl3_read_n(SSL *s, int n, int max, int extend);
676int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek);
677int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
678 unsigned int len);
679unsigned char *dtls1_set_message_header(SSL *s, unsigned char *p,
680 unsigned char mt, unsigned long len, unsigned long frag_off,
681 unsigned long frag_len);
682
683int dtls1_write_app_data_bytes(SSL *s, int type, const void *buf, int len);
684int dtls1_write_bytes(SSL *s, int type, const void *buf, int len);
685
686int dtls1_send_change_cipher_spec(SSL *s, int a, int b);
687int dtls1_send_finished(SSL *s, int a, int b, const char *sender, int slen);
688unsigned long dtls1_output_cert_chain(SSL *s, X509 *x);
689int dtls1_read_failed(SSL *s, int code);
690int dtls1_buffer_message(SSL *s, int ccs);
691int dtls1_retransmit_message(SSL *s, unsigned short seq,
692 unsigned long frag_off, int *found);
693int dtls1_get_queue_priority(unsigned short seq, int is_ccs);
694int dtls1_retransmit_buffered_messages(SSL *s);
695void dtls1_clear_record_buffer(SSL *s);
696void dtls1_get_message_header(unsigned char *data,
697 struct hm_header_st *msg_hdr);
698void dtls1_get_ccs_header(unsigned char *data, struct ccs_header_st *ccs_hdr);
699void dtls1_reset_seq_numbers(SSL *s, int rw);
700void dtls1_build_sequence_number(unsigned char *dst, unsigned char *seq,
701 unsigned short epoch);
702long dtls1_default_timeout(void);
703struct timeval* dtls1_get_timeout(SSL *s, struct timeval* timeleft);
704int dtls1_check_timeout_num(SSL *s);
705int dtls1_handle_timeout(SSL *s);
706const SSL_CIPHER *dtls1_get_cipher(unsigned int u);
707void dtls1_start_timer(SSL *s);
708void dtls1_stop_timer(SSL *s);
709int dtls1_is_timer_expired(SSL *s);
710void dtls1_double_timeout(SSL *s);
711int dtls1_send_newsession_ticket(SSL *s);
712unsigned int dtls1_min_mtu(void);
713
714/* some client-only functions */
715int ssl3_client_hello(SSL *s);
716int ssl3_get_server_hello(SSL *s);
717int ssl3_get_certificate_request(SSL *s);
718int ssl3_get_new_session_ticket(SSL *s);
719int ssl3_get_cert_status(SSL *s);
720int ssl3_get_server_done(SSL *s);
721int ssl3_send_client_verify(SSL *s);
722int ssl3_send_client_certificate(SSL *s);
723int ssl_do_client_cert_cb(SSL *s, X509 **px509, EVP_PKEY **ppkey);
724int ssl3_send_client_key_exchange(SSL *s);
725int ssl3_get_key_exchange(SSL *s);
726int ssl3_get_server_certificate(SSL *s);
727int ssl3_check_cert_and_algorithm(SSL *s);
728int ssl3_check_finished(SSL *s);
729int ssl3_send_next_proto(SSL *s);
730
731int dtls1_client_hello(SSL *s);
732int dtls1_send_client_certificate(SSL *s);
733int dtls1_send_client_key_exchange(SSL *s);
734int dtls1_send_client_verify(SSL *s);
735
736/* some server-only functions */
737int ssl3_get_client_hello(SSL *s);
738int ssl3_send_server_hello(SSL *s);
739int ssl3_send_hello_request(SSL *s);
740int ssl3_send_server_key_exchange(SSL *s);
741int ssl3_send_certificate_request(SSL *s);
742int ssl3_send_server_done(SSL *s);
743int ssl3_check_client_hello(SSL *s);
744int ssl3_get_client_certificate(SSL *s);
745int ssl3_get_client_key_exchange(SSL *s);
746int ssl3_get_cert_verify(SSL *s);
747int ssl3_get_next_proto(SSL *s);
748
749int dtls1_send_hello_request(SSL *s);
750int dtls1_send_server_hello(SSL *s);
751int dtls1_send_server_certificate(SSL *s);
752int dtls1_send_server_key_exchange(SSL *s);
753int dtls1_send_certificate_request(SSL *s);
754int dtls1_send_server_done(SSL *s);
755
756int ssl23_accept(SSL *s);
757int ssl23_connect(SSL *s);
758int ssl23_read_bytes(SSL *s, int n);
759int ssl23_write_bytes(SSL *s);
760
761int tls1_new(SSL *s);
762void tls1_free(SSL *s);
763void tls1_clear(SSL *s);
764long tls1_ctrl(SSL *s, int cmd, long larg, void *parg);
765long tls1_callback_ctrl(SSL *s, int cmd, void (*fp)(void));
766
767int dtls1_new(SSL *s);
768int dtls1_accept(SSL *s);
769int dtls1_connect(SSL *s);
770void dtls1_free(SSL *s);
771void dtls1_clear(SSL *s);
772long dtls1_ctrl(SSL *s, int cmd, long larg, void *parg);
773int dtls1_shutdown(SSL *s);
774
775long dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok);
776int dtls1_get_record(SSL *s);
777int do_dtls1_write(SSL *s, int type, const unsigned char *buf,
778 unsigned int len);
779int dtls1_dispatch_alert(SSL *s);
780int dtls1_enc(SSL *s, int snd);
781
782int ssl_init_wbio_buffer(SSL *s, int push);
783void ssl_free_wbio_buffer(SSL *s);
784
785int tls1_change_cipher_state(SSL *s, int which);
786int tls1_setup_key_block(SSL *s);
787int tls1_enc(SSL *s, int snd);
788int tls1_final_finish_mac(SSL *s, const char *str, int slen, unsigned char *p);
789int tls1_cert_verify_mac(SSL *s, int md_nid, unsigned char *p);
790int tls1_mac(SSL *ssl, unsigned char *md, int snd);
791int tls1_generate_master_secret(SSL *s, unsigned char *out,
792 unsigned char *p, int len);
793int tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen,
794 const char *label, size_t llen, const unsigned char *p, size_t plen,
795 int use_context);
796int tls1_alert_code(int code);
797int ssl3_alert_code(int code);
798int ssl_ok(SSL *s);
799
800int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s);
801
802SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n);
803
804int tls1_ec_curve_id2nid(uint16_t curve_id);
805uint16_t tls1_ec_nid2curve_id(int nid);
806int tls1_check_curve(SSL *s, const unsigned char *p, size_t len);
807int tls1_get_shared_curve(SSL *s);
808
809unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p,
810 unsigned char *limit);
811
812unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p,
813 unsigned char *limit);
814
815int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **data,
816 unsigned char *d, int n, int *al);
817int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **data,
818 unsigned char *d, int n, int *al);
819int ssl_prepare_clienthello_tlsext(SSL *s);
820int ssl_prepare_serverhello_tlsext(SSL *s);
821int ssl_check_clienthello_tlsext_early(SSL *s);
822int ssl_check_clienthello_tlsext_late(SSL *s);
823int ssl_check_serverhello_tlsext(SSL *s);
824
825#define tlsext_tick_md EVP_sha256
826int tls1_process_ticket(SSL *s, unsigned char *session_id, int len,
827 const unsigned char *limit, SSL_SESSION **ret);
828
829int tls12_get_sigandhash(unsigned char *p, const EVP_PKEY *pk,
830 const EVP_MD *md);
831int tls12_get_sigid(const EVP_PKEY *pk);
832const EVP_MD *tls12_get_hash(unsigned char hash_alg);
833
834EVP_MD_CTX* ssl_replace_hash(EVP_MD_CTX **hash, const EVP_MD *md);
835void ssl_clear_hash_ctx(EVP_MD_CTX **hash);
836int ssl_add_serverhello_renegotiate_ext(SSL *s, unsigned char *p,
837 int *len, int maxlen);
838int ssl_parse_serverhello_renegotiate_ext(SSL *s, unsigned char *d,
839 int len, int *al);
840int ssl_add_clienthello_renegotiate_ext(SSL *s, unsigned char *p,
841 int *len, int maxlen);
842int ssl_parse_clienthello_renegotiate_ext(SSL *s, unsigned char *d,
843 int len, int *al);
844long ssl_get_algorithm2(SSL *s);
845int tls1_process_sigalgs(SSL *s, const unsigned char *data, int dsize);
846int tls12_get_req_sig_algs(SSL *s, unsigned char *p);
847
848int tls1_check_ec_server_key(SSL *s);
849int tls1_check_ec_tmp_key(SSL *s);
850
851int ssl_add_clienthello_use_srtp_ext(SSL *s, unsigned char *p,
852 int *len, int maxlen);
853int ssl_parse_clienthello_use_srtp_ext(SSL *s, unsigned char *d,
854 int len, int *al);
855int ssl_add_serverhello_use_srtp_ext(SSL *s, unsigned char *p,
856 int *len, int maxlen);
857int ssl_parse_serverhello_use_srtp_ext(SSL *s, unsigned char *d,
858 int len, int *al);
859
860/* s3_cbc.c */
861void ssl3_cbc_copy_mac(unsigned char *out, const SSL3_RECORD *rec,
862 unsigned md_size, unsigned orig_len);
863int ssl3_cbc_remove_padding(const SSL *s, SSL3_RECORD *rec,
864 unsigned block_size, unsigned mac_size);
865int tls1_cbc_remove_padding(const SSL *s, SSL3_RECORD *rec,
866 unsigned block_size, unsigned mac_size);
867char ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx);
868int ssl3_cbc_digest_record(const EVP_MD_CTX *ctx, unsigned char *md_out,
869 size_t *md_out_size, const unsigned char header[13],
870 const unsigned char *data, size_t data_plus_mac_size,
871 size_t data_plus_mac_plus_padding_size, const unsigned char *mac_secret,
872 unsigned mac_secret_length, char is_sslv3);
873
874#endif
diff --git a/src/lib/libssl/ssl_rsa.c b/src/lib/libssl/ssl_rsa.c
deleted file mode 100644
index 039bee7952..0000000000
--- a/src/lib/libssl/ssl_rsa.c
+++ /dev/null
@@ -1,755 +0,0 @@
1/* $OpenBSD: ssl_rsa.c,v 1.20 2015/02/06 01:37:11 reyk Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include "ssl_locl.h"
62
63#include <openssl/bio.h>
64#include <openssl/evp.h>
65#include <openssl/objects.h>
66#include <openssl/pem.h>
67#include <openssl/x509.h>
68
69static int ssl_set_cert(CERT *c, X509 *x509);
70static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey);
71static int ssl_ctx_use_certificate_chain_bio(SSL_CTX *, BIO *);
72
73int
74SSL_use_certificate(SSL *ssl, X509 *x)
75{
76 if (x == NULL) {
77 SSLerr(SSL_F_SSL_USE_CERTIFICATE, ERR_R_PASSED_NULL_PARAMETER);
78 return (0);
79 }
80 if (!ssl_cert_inst(&ssl->cert)) {
81 SSLerr(SSL_F_SSL_USE_CERTIFICATE, ERR_R_MALLOC_FAILURE);
82 return (0);
83 }
84 return (ssl_set_cert(ssl->cert, x));
85}
86
87int
88SSL_use_certificate_file(SSL *ssl, const char *file, int type)
89{
90 int j;
91 BIO *in;
92 int ret = 0;
93 X509 *x = NULL;
94
95 in = BIO_new(BIO_s_file_internal());
96 if (in == NULL) {
97 SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, ERR_R_BUF_LIB);
98 goto end;
99 }
100
101 if (BIO_read_filename(in, file) <= 0) {
102 SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, ERR_R_SYS_LIB);
103 goto end;
104 }
105 if (type == SSL_FILETYPE_ASN1) {
106 j = ERR_R_ASN1_LIB;
107 x = d2i_X509_bio(in, NULL);
108 } else if (type == SSL_FILETYPE_PEM) {
109 j = ERR_R_PEM_LIB;
110 x = PEM_read_bio_X509(in, NULL,
111 ssl->ctx->default_passwd_callback,
112 ssl->ctx->default_passwd_callback_userdata);
113 } else {
114 SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, SSL_R_BAD_SSL_FILETYPE);
115 goto end;
116 }
117
118 if (x == NULL) {
119 SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, j);
120 goto end;
121 }
122
123 ret = SSL_use_certificate(ssl, x);
124end:
125 if (x != NULL)
126 X509_free(x);
127 BIO_free(in);
128 return (ret);
129}
130
131int
132SSL_use_certificate_ASN1(SSL *ssl, const unsigned char *d, int len)
133{
134 X509 *x;
135 int ret;
136
137 x = d2i_X509(NULL, &d,(long)len);
138 if (x == NULL) {
139 SSLerr(SSL_F_SSL_USE_CERTIFICATE_ASN1, ERR_R_ASN1_LIB);
140 return (0);
141 }
142
143 ret = SSL_use_certificate(ssl, x);
144 X509_free(x);
145 return (ret);
146}
147
148int
149SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa)
150{
151 EVP_PKEY *pkey;
152 int ret;
153
154 if (rsa == NULL) {
155 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER);
156 return (0);
157 }
158 if (!ssl_cert_inst(&ssl->cert)) {
159 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY, ERR_R_MALLOC_FAILURE);
160 return (0);
161 }
162 if ((pkey = EVP_PKEY_new()) == NULL) {
163 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY, ERR_R_EVP_LIB);
164 return (0);
165 }
166
167 RSA_up_ref(rsa);
168 EVP_PKEY_assign_RSA(pkey, rsa);
169
170 ret = ssl_set_pkey(ssl->cert, pkey);
171 EVP_PKEY_free(pkey);
172 return (ret);
173}
174
175static int
176ssl_set_pkey(CERT *c, EVP_PKEY *pkey)
177{
178 int i;
179
180 i = ssl_cert_type(NULL, pkey);
181 if (i < 0) {
182 SSLerr(SSL_F_SSL_SET_PKEY, SSL_R_UNKNOWN_CERTIFICATE_TYPE);
183 return (0);
184 }
185
186 if (c->pkeys[i].x509 != NULL) {
187 EVP_PKEY *pktmp;
188 pktmp = X509_get_pubkey(c->pkeys[i].x509);
189 EVP_PKEY_copy_parameters(pktmp, pkey);
190 EVP_PKEY_free(pktmp);
191 ERR_clear_error();
192
193 /*
194 * Don't check the public/private key, this is mostly
195 * for smart cards.
196 */
197 if ((pkey->type == EVP_PKEY_RSA) &&
198 (RSA_flags(pkey->pkey.rsa) & RSA_METHOD_FLAG_NO_CHECK))
199;
200 else
201 if (!X509_check_private_key(c->pkeys[i].x509, pkey)) {
202 X509_free(c->pkeys[i].x509);
203 c->pkeys[i].x509 = NULL;
204 return 0;
205 }
206 }
207
208 EVP_PKEY_free(c->pkeys[i].privatekey);
209 CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
210 c->pkeys[i].privatekey = pkey;
211 c->key = &(c->pkeys[i]);
212
213 c->valid = 0;
214 return (1);
215}
216
217int
218SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type)
219{
220 int j, ret = 0;
221 BIO *in;
222 RSA *rsa = NULL;
223
224 in = BIO_new(BIO_s_file_internal());
225 if (in == NULL) {
226 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, ERR_R_BUF_LIB);
227 goto end;
228 }
229
230 if (BIO_read_filename(in, file) <= 0) {
231 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, ERR_R_SYS_LIB);
232 goto end;
233 }
234 if (type == SSL_FILETYPE_ASN1) {
235 j = ERR_R_ASN1_LIB;
236 rsa = d2i_RSAPrivateKey_bio(in, NULL);
237 } else if (type == SSL_FILETYPE_PEM) {
238 j = ERR_R_PEM_LIB;
239 rsa = PEM_read_bio_RSAPrivateKey(in, NULL,
240 ssl->ctx->default_passwd_callback,
241 ssl->ctx->default_passwd_callback_userdata);
242 } else {
243 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE);
244 goto end;
245 }
246 if (rsa == NULL) {
247 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, j);
248 goto end;
249 }
250 ret = SSL_use_RSAPrivateKey(ssl, rsa);
251 RSA_free(rsa);
252end:
253 BIO_free(in);
254 return (ret);
255}
256
257int
258SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len)
259{
260 int ret;
261 const unsigned char *p;
262 RSA *rsa;
263
264 p = d;
265 if ((rsa = d2i_RSAPrivateKey(NULL, &p,(long)len)) == NULL) {
266 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1, ERR_R_ASN1_LIB);
267 return (0);
268 }
269
270 ret = SSL_use_RSAPrivateKey(ssl, rsa);
271 RSA_free(rsa);
272 return (ret);
273}
274
275int
276SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey)
277{
278 int ret;
279
280 if (pkey == NULL) {
281 SSLerr(SSL_F_SSL_USE_PRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER);
282 return (0);
283 }
284 if (!ssl_cert_inst(&ssl->cert)) {
285 SSLerr(SSL_F_SSL_USE_PRIVATEKEY, ERR_R_MALLOC_FAILURE);
286 return (0);
287 }
288 ret = ssl_set_pkey(ssl->cert, pkey);
289 return (ret);
290}
291
292int
293SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type)
294{
295 int j, ret = 0;
296 BIO *in;
297 EVP_PKEY *pkey = NULL;
298
299 in = BIO_new(BIO_s_file_internal());
300 if (in == NULL) {
301 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE, ERR_R_BUF_LIB);
302 goto end;
303 }
304
305 if (BIO_read_filename(in, file) <= 0) {
306 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE, ERR_R_SYS_LIB);
307 goto end;
308 }
309 if (type == SSL_FILETYPE_PEM) {
310 j = ERR_R_PEM_LIB;
311 pkey = PEM_read_bio_PrivateKey(in, NULL,
312 ssl->ctx->default_passwd_callback,
313 ssl->ctx->default_passwd_callback_userdata);
314 } else if (type == SSL_FILETYPE_ASN1) {
315 j = ERR_R_ASN1_LIB;
316 pkey = d2i_PrivateKey_bio(in, NULL);
317 } else {
318 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE);
319 goto end;
320 }
321 if (pkey == NULL) {
322 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE, j);
323 goto end;
324 }
325 ret = SSL_use_PrivateKey(ssl, pkey);
326 EVP_PKEY_free(pkey);
327end:
328 BIO_free(in);
329 return (ret);
330}
331
332int
333SSL_use_PrivateKey_ASN1(int type, SSL *ssl, const unsigned char *d, long len)
334{
335 int ret;
336 const unsigned char *p;
337 EVP_PKEY *pkey;
338
339 p = d;
340 if ((pkey = d2i_PrivateKey(type, NULL, &p,(long)len)) == NULL) {
341 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_ASN1, ERR_R_ASN1_LIB);
342 return (0);
343 }
344
345 ret = SSL_use_PrivateKey(ssl, pkey);
346 EVP_PKEY_free(pkey);
347 return (ret);
348}
349
350int
351SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x)
352{
353 if (x == NULL) {
354 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE, ERR_R_PASSED_NULL_PARAMETER);
355 return (0);
356 }
357 if (!ssl_cert_inst(&ctx->cert)) {
358 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE, ERR_R_MALLOC_FAILURE);
359 return (0);
360 }
361 return (ssl_set_cert(ctx->cert, x));
362}
363
364static int
365ssl_set_cert(CERT *c, X509 *x)
366{
367 EVP_PKEY *pkey;
368 int i;
369
370 pkey = X509_get_pubkey(x);
371 if (pkey == NULL) {
372 SSLerr(SSL_F_SSL_SET_CERT, SSL_R_X509_LIB);
373 return (0);
374 }
375
376 i = ssl_cert_type(x, pkey);
377 if (i < 0) {
378 SSLerr(SSL_F_SSL_SET_CERT, SSL_R_UNKNOWN_CERTIFICATE_TYPE);
379 EVP_PKEY_free(pkey);
380 return (0);
381 }
382
383 if (c->pkeys[i].privatekey != NULL) {
384 EVP_PKEY_copy_parameters(pkey, c->pkeys[i].privatekey);
385 ERR_clear_error();
386
387 /*
388 * Don't check the public/private key, this is mostly
389 * for smart cards.
390 */
391 if ((c->pkeys[i].privatekey->type == EVP_PKEY_RSA) &&
392 (RSA_flags(c->pkeys[i].privatekey->pkey.rsa) &
393 RSA_METHOD_FLAG_NO_CHECK))
394;
395 else
396 if (!X509_check_private_key(x, c->pkeys[i].privatekey)) {
397 /*
398 * don't fail for a cert/key mismatch, just free
399 * current private key (when switching to a different
400 * cert & key, first this function should be used,
401 * then ssl_set_pkey
402 */
403 EVP_PKEY_free(c->pkeys[i].privatekey);
404 c->pkeys[i].privatekey = NULL;
405 /* clear error queue */
406 ERR_clear_error();
407 }
408 }
409
410 EVP_PKEY_free(pkey);
411
412 if (c->pkeys[i].x509 != NULL)
413 X509_free(c->pkeys[i].x509);
414 CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
415 c->pkeys[i].x509 = x;
416 c->key = &(c->pkeys[i]);
417
418 c->valid = 0;
419 return (1);
420}
421
422int
423SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type)
424{
425 int j;
426 BIO *in;
427 int ret = 0;
428 X509 *x = NULL;
429
430 in = BIO_new(BIO_s_file_internal());
431 if (in == NULL) {
432 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, ERR_R_BUF_LIB);
433 goto end;
434 }
435
436 if (BIO_read_filename(in, file) <= 0) {
437 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, ERR_R_SYS_LIB);
438 goto end;
439 }
440 if (type == SSL_FILETYPE_ASN1) {
441 j = ERR_R_ASN1_LIB;
442 x = d2i_X509_bio(in, NULL);
443 } else if (type == SSL_FILETYPE_PEM) {
444 j = ERR_R_PEM_LIB;
445 x = PEM_read_bio_X509(in, NULL, ctx->default_passwd_callback,
446 ctx->default_passwd_callback_userdata);
447 } else {
448 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, SSL_R_BAD_SSL_FILETYPE);
449 goto end;
450 }
451
452 if (x == NULL) {
453 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, j);
454 goto end;
455 }
456
457 ret = SSL_CTX_use_certificate(ctx, x);
458end:
459 if (x != NULL)
460 X509_free(x);
461 BIO_free(in);
462 return (ret);
463}
464
465int
466SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, const unsigned char *d)
467{
468 X509 *x;
469 int ret;
470
471 x = d2i_X509(NULL, &d,(long)len);
472 if (x == NULL) {
473 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1, ERR_R_ASN1_LIB);
474 return (0);
475 }
476
477 ret = SSL_CTX_use_certificate(ctx, x);
478 X509_free(x);
479 return (ret);
480}
481
482int
483SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa)
484{
485 int ret;
486 EVP_PKEY *pkey;
487
488 if (rsa == NULL) {
489 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER);
490 return (0);
491 }
492 if (!ssl_cert_inst(&ctx->cert)) {
493 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY, ERR_R_MALLOC_FAILURE);
494 return (0);
495 }
496 if ((pkey = EVP_PKEY_new()) == NULL) {
497 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY, ERR_R_EVP_LIB);
498 return (0);
499 }
500
501 RSA_up_ref(rsa);
502 EVP_PKEY_assign_RSA(pkey, rsa);
503
504 ret = ssl_set_pkey(ctx->cert, pkey);
505 EVP_PKEY_free(pkey);
506 return (ret);
507}
508
509int
510SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type)
511{
512 int j, ret = 0;
513 BIO *in;
514 RSA *rsa = NULL;
515
516 in = BIO_new(BIO_s_file_internal());
517 if (in == NULL) {
518 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE, ERR_R_BUF_LIB);
519 goto end;
520 }
521
522 if (BIO_read_filename(in, file) <= 0) {
523 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE, ERR_R_SYS_LIB);
524 goto end;
525 }
526 if (type == SSL_FILETYPE_ASN1) {
527 j = ERR_R_ASN1_LIB;
528 rsa = d2i_RSAPrivateKey_bio(in, NULL);
529 } else if (type == SSL_FILETYPE_PEM) {
530 j = ERR_R_PEM_LIB;
531 rsa = PEM_read_bio_RSAPrivateKey(in, NULL,
532 ctx->default_passwd_callback,
533 ctx->default_passwd_callback_userdata);
534 } else {
535 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE);
536 goto end;
537 }
538 if (rsa == NULL) {
539 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE, j);
540 goto end;
541 }
542 ret = SSL_CTX_use_RSAPrivateKey(ctx, rsa);
543 RSA_free(rsa);
544end:
545 BIO_free(in);
546 return (ret);
547}
548
549int
550SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, const unsigned char *d, long len)
551{
552 int ret;
553 const unsigned char *p;
554 RSA *rsa;
555
556 p = d;
557 if ((rsa = d2i_RSAPrivateKey(NULL, &p,(long)len)) == NULL) {
558 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1, ERR_R_ASN1_LIB);
559 return (0);
560 }
561
562 ret = SSL_CTX_use_RSAPrivateKey(ctx, rsa);
563 RSA_free(rsa);
564 return (ret);
565}
566
567int
568SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey)
569{
570 if (pkey == NULL) {
571 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY,
572 ERR_R_PASSED_NULL_PARAMETER);
573 return (0);
574 }
575 if (!ssl_cert_inst(&ctx->cert)) {
576 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY, ERR_R_MALLOC_FAILURE);
577 return (0);
578 }
579 return (ssl_set_pkey(ctx->cert, pkey));
580}
581
582int
583SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type)
584{
585 int j, ret = 0;
586 BIO *in;
587 EVP_PKEY *pkey = NULL;
588
589 in = BIO_new(BIO_s_file_internal());
590 if (in == NULL) {
591 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, ERR_R_BUF_LIB);
592 goto end;
593 }
594
595 if (BIO_read_filename(in, file) <= 0) {
596 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, ERR_R_SYS_LIB);
597 goto end;
598 }
599 if (type == SSL_FILETYPE_PEM) {
600 j = ERR_R_PEM_LIB;
601 pkey = PEM_read_bio_PrivateKey(in, NULL,
602 ctx->default_passwd_callback,
603 ctx->default_passwd_callback_userdata);
604 } else if (type == SSL_FILETYPE_ASN1) {
605 j = ERR_R_ASN1_LIB;
606 pkey = d2i_PrivateKey_bio(in, NULL);
607 } else {
608 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,
609 SSL_R_BAD_SSL_FILETYPE);
610 goto end;
611 }
612 if (pkey == NULL) {
613 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, j);
614 goto end;
615 }
616 ret = SSL_CTX_use_PrivateKey(ctx, pkey);
617 EVP_PKEY_free(pkey);
618end:
619 BIO_free(in);
620 return (ret);
621}
622
623int
624SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx, const unsigned char *d,
625 long len)
626{
627 int ret;
628 const unsigned char *p;
629 EVP_PKEY *pkey;
630
631 p = d;
632 if ((pkey = d2i_PrivateKey(type, NULL, &p,(long)len)) == NULL) {
633 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1, ERR_R_ASN1_LIB);
634 return (0);
635 }
636
637 ret = SSL_CTX_use_PrivateKey(ctx, pkey);
638 EVP_PKEY_free(pkey);
639 return (ret);
640}
641
642
643/*
644 * Read a bio that contains our certificate in "PEM" format,
645 * possibly followed by a sequence of CA certificates that should be
646 * sent to the peer in the Certificate message.
647 */
648static int
649ssl_ctx_use_certificate_chain_bio(SSL_CTX *ctx, BIO *in)
650{
651 int ret = 0;
652 X509 *x = NULL;
653
654 ERR_clear_error(); /* clear error stack for SSL_CTX_use_certificate() */
655
656 x = PEM_read_bio_X509_AUX(in, NULL, ctx->default_passwd_callback,
657 ctx->default_passwd_callback_userdata);
658 if (x == NULL) {
659 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE, ERR_R_PEM_LIB);
660 goto end;
661 }
662
663 ret = SSL_CTX_use_certificate(ctx, x);
664
665 if (ERR_peek_error() != 0)
666 ret = 0;
667 /* Key/certificate mismatch doesn't imply ret==0 ... */
668 if (ret) {
669 /*
670 * If we could set up our certificate, now proceed to
671 * the CA certificates.
672 */
673 X509 *ca;
674 int r;
675 unsigned long err;
676
677 if (ctx->extra_certs != NULL) {
678 sk_X509_pop_free(ctx->extra_certs, X509_free);
679 ctx->extra_certs = NULL;
680 }
681
682 while ((ca = PEM_read_bio_X509(in, NULL,
683 ctx->default_passwd_callback,
684 ctx->default_passwd_callback_userdata)) != NULL) {
685 r = SSL_CTX_add_extra_chain_cert(ctx, ca);
686 if (!r) {
687 X509_free(ca);
688 ret = 0;
689 goto end;
690 }
691 /*
692 * Note that we must not free r if it was successfully
693 * added to the chain (while we must free the main
694 * certificate, since its reference count is increased
695 * by SSL_CTX_use_certificate).
696 */
697 }
698
699 /* When the while loop ends, it's usually just EOF. */
700 err = ERR_peek_last_error();
701 if (ERR_GET_LIB(err) == ERR_LIB_PEM &&
702 ERR_GET_REASON(err) == PEM_R_NO_START_LINE)
703 ERR_clear_error();
704 else
705 ret = 0; /* some real error */
706 }
707
708end:
709 if (x != NULL)
710 X509_free(x);
711 return (ret);
712}
713
714int
715SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file)
716{
717 BIO *in;
718 int ret = 0;
719
720 in = BIO_new(BIO_s_file_internal());
721 if (in == NULL) {
722 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE, ERR_R_BUF_LIB);
723 goto end;
724 }
725
726 if (BIO_read_filename(in, file) <= 0) {
727 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE, ERR_R_SYS_LIB);
728 goto end;
729 }
730
731 ret = ssl_ctx_use_certificate_chain_bio(ctx, in);
732
733end:
734 BIO_free(in);
735 return (ret);
736}
737
738int
739SSL_CTX_use_certificate_chain_mem(SSL_CTX *ctx, void *buf, int len)
740{
741 BIO *in;
742 int ret = 0;
743
744 in = BIO_new_mem_buf(buf, len);
745 if (in == NULL) {
746 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE, ERR_R_BUF_LIB);
747 goto end;
748 }
749
750 ret = ssl_ctx_use_certificate_chain_bio(ctx, in);
751
752end:
753 BIO_free(in);
754 return (ret);
755}
diff --git a/src/lib/libssl/ssl_sess.c b/src/lib/libssl/ssl_sess.c
deleted file mode 100644
index 80b883f786..0000000000
--- a/src/lib/libssl/ssl_sess.c
+++ /dev/null
@@ -1,1104 +0,0 @@
1/* $OpenBSD: ssl_sess.c,v 1.44 2014/12/14 15:30:50 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111/* ====================================================================
112 * Copyright 2005 Nokia. All rights reserved.
113 *
114 * The portions of the attached software ("Contribution") is developed by
115 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
116 * license.
117 *
118 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
119 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
120 * support (see RFC 4279) to OpenSSL.
121 *
122 * No patent licenses or other rights except those expressly stated in
123 * the OpenSSL open source license shall be deemed granted or received
124 * expressly, by implication, estoppel, or otherwise.
125 *
126 * No assurances are provided by Nokia that the Contribution does not
127 * infringe the patent or other intellectual property rights of any third
128 * party or that the license provides you with all the necessary rights
129 * to make use of the Contribution.
130 *
131 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
132 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
133 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
134 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
135 * OTHERWISE.
136 */
137
138#include <openssl/lhash.h>
139
140#ifndef OPENSSL_NO_ENGINE
141#include <openssl/engine.h>
142#endif
143
144#include "ssl_locl.h"
145
146static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s);
147static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s);
148static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck);
149
150/* aka SSL_get0_session; gets 0 objects, just returns a copy of the pointer */
151SSL_SESSION *
152SSL_get_session(const SSL *ssl)
153{
154 return (ssl->session);
155}
156
157/* variant of SSL_get_session: caller really gets something */
158SSL_SESSION *
159SSL_get1_session(SSL *ssl)
160{
161 SSL_SESSION *sess;
162
163 /*
164 * Need to lock this all up rather than just use CRYPTO_add so that
165 * somebody doesn't free ssl->session between when we check it's
166 * non-null and when we up the reference count.
167 */
168 CRYPTO_w_lock(CRYPTO_LOCK_SSL_SESSION);
169 sess = ssl->session;
170 if (sess)
171 sess->references++;
172 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_SESSION);
173
174 return (sess);
175}
176
177int
178SSL_SESSION_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
179 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
180{
181 return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_SESSION,
182 argl, argp, new_func, dup_func, free_func);
183}
184
185int
186SSL_SESSION_set_ex_data(SSL_SESSION *s, int idx, void *arg)
187{
188 return (CRYPTO_set_ex_data(&s->ex_data, idx, arg));
189}
190
191void *
192SSL_SESSION_get_ex_data(const SSL_SESSION *s, int idx)
193{
194 return (CRYPTO_get_ex_data(&s->ex_data, idx));
195}
196
197SSL_SESSION *
198SSL_SESSION_new(void)
199{
200 SSL_SESSION *ss;
201
202 ss = calloc(1, sizeof(SSL_SESSION));
203 if (ss == NULL) {
204 SSLerr(SSL_F_SSL_SESSION_NEW, ERR_R_MALLOC_FAILURE);
205 return (0);
206 }
207
208 ss->verify_result = 1; /* avoid 0 (= X509_V_OK) just in case */
209 ss->references = 1;
210 ss->timeout=60*5+4; /* 5 minute timeout by default */
211 ss->time = time(NULL);
212 ss->prev = NULL;
213 ss->next = NULL;
214 ss->tlsext_hostname = NULL;
215
216 ss->tlsext_ecpointformatlist_length = 0;
217 ss->tlsext_ecpointformatlist = NULL;
218 ss->tlsext_ellipticcurvelist_length = 0;
219 ss->tlsext_ellipticcurvelist = NULL;
220
221 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data);
222
223 return (ss);
224}
225
226const unsigned char *
227SSL_SESSION_get_id(const SSL_SESSION *s, unsigned int *len)
228{
229 if (len)
230 *len = s->session_id_length;
231 return s->session_id;
232}
233
234unsigned int
235SSL_SESSION_get_compress_id(const SSL_SESSION *s)
236{
237 return 0;
238}
239
240/*
241 * SSLv3/TLSv1 has 32 bytes (256 bits) of session ID space. As such, filling
242 * the ID with random gunk repeatedly until we have no conflict is going to
243 * complete in one iteration pretty much "most" of the time (btw:
244 * understatement). So, if it takes us 10 iterations and we still can't avoid
245 * a conflict - well that's a reasonable point to call it quits. Either the
246 * arc4random code is broken or someone is trying to open roughly very close to
247 * 2^128 (or 2^256) SSL sessions to our server. How you might store that many
248 * sessions is perhaps a more interesting question...
249 */
250
251#define MAX_SESS_ID_ATTEMPTS 10
252
253static int
254def_generate_session_id(const SSL *ssl, unsigned char *id, unsigned int *id_len)
255{
256 unsigned int retry = 0;
257
258 do {
259 arc4random_buf(id, *id_len);
260 } while (SSL_has_matching_session_id(ssl, id, *id_len) &&
261 (++retry < MAX_SESS_ID_ATTEMPTS));
262
263 if (retry < MAX_SESS_ID_ATTEMPTS)
264 return 1;
265
266 /* else - woops a session_id match */
267 /* XXX We should also check the external cache --
268 * but the probability of a collision is negligible, and
269 * we could not prevent the concurrent creation of sessions
270 * with identical IDs since we currently don't have means
271 * to atomically check whether a session ID already exists
272 * and make a reservation for it if it does not
273 * (this problem applies to the internal cache as well).
274 */
275 return 0;
276}
277
278int
279ssl_get_new_session(SSL *s, int session)
280{
281 unsigned int tmp;
282 SSL_SESSION *ss = NULL;
283 GEN_SESSION_CB cb = def_generate_session_id;
284
285 /* This gets used by clients and servers. */
286
287 if ((ss = SSL_SESSION_new()) == NULL)
288 return (0);
289
290 /* If the context has a default timeout, use it */
291 if (s->session_ctx->session_timeout == 0)
292 ss->timeout = SSL_get_default_timeout(s);
293 else
294 ss->timeout = s->session_ctx->session_timeout;
295
296 if (s->session != NULL) {
297 SSL_SESSION_free(s->session);
298 s->session = NULL;
299 }
300
301 if (session) {
302 switch (s->version) {
303 case SSL3_VERSION:
304 case TLS1_VERSION:
305 case TLS1_1_VERSION:
306 case TLS1_2_VERSION:
307 case DTLS1_BAD_VER:
308 case DTLS1_VERSION:
309 ss->ssl_version = s->version;
310 ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
311 break;
312 default:
313 SSLerr(SSL_F_SSL_GET_NEW_SESSION,
314 SSL_R_UNSUPPORTED_SSL_VERSION);
315 SSL_SESSION_free(ss);
316 return (0);
317 }
318
319 /* If RFC4507 ticket use empty session ID. */
320 if (s->tlsext_ticket_expected) {
321 ss->session_id_length = 0;
322 goto sess_id_done;
323 }
324
325 /* Choose which callback will set the session ID. */
326 CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
327 if (s->generate_session_id)
328 cb = s->generate_session_id;
329 else if (s->session_ctx->generate_session_id)
330 cb = s->session_ctx->generate_session_id;
331 CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
332
333 /* Choose a session ID. */
334 tmp = ss->session_id_length;
335 if (!cb(s, ss->session_id, &tmp)) {
336 /* The callback failed */
337 SSLerr(SSL_F_SSL_GET_NEW_SESSION,
338 SSL_R_SSL_SESSION_ID_CALLBACK_FAILED);
339 SSL_SESSION_free(ss);
340 return (0);
341 }
342
343 /*
344 * Don't allow the callback to set the session length to zero.
345 * nor set it higher than it was.
346 */
347 if (!tmp || (tmp > ss->session_id_length)) {
348 /* The callback set an illegal length */
349 SSLerr(SSL_F_SSL_GET_NEW_SESSION,
350 SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH);
351 SSL_SESSION_free(ss);
352 return (0);
353 }
354 ss->session_id_length = tmp;
355
356 /* Finally, check for a conflict. */
357 if (SSL_has_matching_session_id(s, ss->session_id,
358 ss->session_id_length)) {
359 SSLerr(SSL_F_SSL_GET_NEW_SESSION,
360 SSL_R_SSL_SESSION_ID_CONFLICT);
361 SSL_SESSION_free(ss);
362 return (0);
363 }
364
365sess_id_done:
366 if (s->tlsext_hostname) {
367 ss->tlsext_hostname = strdup(s->tlsext_hostname);
368 if (ss->tlsext_hostname == NULL) {
369 SSLerr(SSL_F_SSL_GET_NEW_SESSION,
370 ERR_R_INTERNAL_ERROR);
371 SSL_SESSION_free(ss);
372 return 0;
373 }
374 }
375 } else {
376 ss->session_id_length = 0;
377 }
378
379 if (s->sid_ctx_length > sizeof ss->sid_ctx) {
380 SSLerr(SSL_F_SSL_GET_NEW_SESSION, ERR_R_INTERNAL_ERROR);
381 SSL_SESSION_free(ss);
382 return 0;
383 }
384
385 memcpy(ss->sid_ctx, s->sid_ctx, s->sid_ctx_length);
386 ss->sid_ctx_length = s->sid_ctx_length;
387 s->session = ss;
388 ss->ssl_version = s->version;
389 ss->verify_result = X509_V_OK;
390
391 return (1);
392}
393
394/*
395 * ssl_get_prev attempts to find an SSL_SESSION to be used to resume this
396 * connection. It is only called by servers.
397 *
398 * session_id: points at the session ID in the ClientHello. This code will
399 * read past the end of this in order to parse out the session ticket
400 * extension, if any.
401 * len: the length of the session ID.
402 * limit: a pointer to the first byte after the ClientHello.
403 *
404 * Returns:
405 * -1: error
406 * 0: a session may have been found.
407 *
408 * Side effects:
409 * - If a session is found then s->session is pointed at it (after freeing
410 * an existing session if need be) and s->verify_result is set from the
411 * session.
412 * - Both for new and resumed sessions, s->tlsext_ticket_expected is set
413 * to 1 if the server should issue a new session ticket (to 0 otherwise).
414 */
415int
416ssl_get_prev_session(SSL *s, unsigned char *session_id, int len,
417 const unsigned char *limit)
418{
419 SSL_SESSION *ret = NULL;
420 int fatal = 0;
421 int try_session_cache = 1;
422 int r;
423
424 /* This is used only by servers. */
425
426 if (len > SSL_MAX_SSL_SESSION_ID_LENGTH)
427 goto err;
428
429 if (len == 0)
430 try_session_cache = 0;
431
432 /* Sets s->tlsext_ticket_expected. */
433 r = tls1_process_ticket(s, session_id, len, limit, &ret);
434 switch (r) {
435 case -1: /* Error during processing */
436 fatal = 1;
437 goto err;
438 case 0: /* No ticket found */
439 case 1: /* Zero length ticket found */
440 break; /* Ok to carry on processing session id. */
441 case 2: /* Ticket found but not decrypted. */
442 case 3: /* Ticket decrypted, *ret has been set. */
443 try_session_cache = 0;
444 break;
445 default:
446 abort();
447 }
448
449 if (try_session_cache && ret == NULL &&
450 !(s->session_ctx->session_cache_mode &
451 SSL_SESS_CACHE_NO_INTERNAL_LOOKUP)) {
452 SSL_SESSION data;
453 data.ssl_version = s->version;
454 data.session_id_length = len;
455 if (len == 0)
456 return 0;
457 memcpy(data.session_id, session_id, len);
458
459 CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
460 ret = lh_SSL_SESSION_retrieve(s->session_ctx->sessions, &data);
461 if (ret != NULL) {
462 /* Don't allow other threads to steal it. */
463 CRYPTO_add(&ret->references, 1,
464 CRYPTO_LOCK_SSL_SESSION);
465 }
466 CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
467
468 if (ret == NULL)
469 s->session_ctx->stats.sess_miss++;
470 }
471
472 if (try_session_cache && ret == NULL &&
473 s->session_ctx->get_session_cb != NULL) {
474 int copy = 1;
475
476 if ((ret = s->session_ctx->get_session_cb(s, session_id,
477 len, &copy))) {
478 s->session_ctx->stats.sess_cb_hit++;
479
480 /*
481 * Increment reference count now if the session
482 * callback asks us to do so (note that if the session
483 * structures returned by the callback are shared
484 * between threads, it must handle the reference count
485 * itself [i.e. copy == 0], or things won't be
486 * thread-safe).
487 */
488 if (copy)
489 CRYPTO_add(&ret->references, 1,
490 CRYPTO_LOCK_SSL_SESSION);
491
492 /*
493 * Add the externally cached session to the internal
494 * cache as well if and only if we are supposed to.
495 */
496 if (!(s->session_ctx->session_cache_mode &
497 SSL_SESS_CACHE_NO_INTERNAL_STORE))
498 /*
499 * The following should not return 1,
500 * otherwise, things are very strange.
501 */
502 SSL_CTX_add_session(s->session_ctx, ret);
503 }
504 }
505
506 if (ret == NULL)
507 goto err;
508
509 /* Now ret is non-NULL and we own one of its reference counts. */
510
511 if (ret->sid_ctx_length != s->sid_ctx_length ||
512 timingsafe_memcmp(ret->sid_ctx,
513 s->sid_ctx, ret->sid_ctx_length) != 0) {
514 /* We have the session requested by the client, but we don't
515 * want to use it in this context. */
516 goto err; /* treat like cache miss */
517 }
518
519 if ((s->verify_mode & SSL_VERIFY_PEER) && s->sid_ctx_length == 0) {
520 /*
521 * We can't be sure if this session is being used out of
522 * context, which is especially important for SSL_VERIFY_PEER.
523 * The application should have used
524 * SSL[_CTX]_set_session_id_context.
525 *
526 * For this error case, we generate an error instead of treating
527 * the event like a cache miss (otherwise it would be easy for
528 * applications to effectively disable the session cache by
529 * accident without anyone noticing).
530 */
531 SSLerr(SSL_F_SSL_GET_PREV_SESSION,
532 SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED);
533 fatal = 1;
534 goto err;
535 }
536
537 if (ret->cipher == NULL) {
538 ret->cipher = ssl3_get_cipher_by_id(ret->cipher_id);
539 if (ret->cipher == NULL)
540 goto err;
541 }
542
543 if (ret->timeout < (time(NULL) - ret->time)) {
544 /* timeout */
545 s->session_ctx->stats.sess_timeout++;
546 if (try_session_cache) {
547 /* session was from the cache, so remove it */
548 SSL_CTX_remove_session(s->session_ctx, ret);
549 }
550 goto err;
551 }
552
553 s->session_ctx->stats.sess_hit++;
554
555 if (s->session != NULL)
556 SSL_SESSION_free(s->session);
557 s->session = ret;
558 s->verify_result = s->session->verify_result;
559 return 1;
560
561err:
562 if (ret != NULL) {
563 SSL_SESSION_free(ret);
564 if (!try_session_cache) {
565 /*
566 * The session was from a ticket, so we should
567 * issue a ticket for the new session.
568 */
569 s->tlsext_ticket_expected = 1;
570 }
571 }
572 if (fatal)
573 return -1;
574 else
575 return 0;
576}
577
578int
579SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c)
580{
581 int ret = 0;
582 SSL_SESSION *s;
583
584 /*
585 * Add just 1 reference count for the SSL_CTX's session cache
586 * even though it has two ways of access: each session is in a
587 * doubly linked list and an lhash.
588 */
589 CRYPTO_add(&c->references, 1, CRYPTO_LOCK_SSL_SESSION);
590
591 /*
592 * If session c is in already in cache, we take back the increment
593 * later.
594 */
595 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
596 s = lh_SSL_SESSION_insert(ctx->sessions, c);
597
598 /*
599 * s != NULL iff we already had a session with the given PID.
600 * In this case, s == c should hold (then we did not really modify
601 * ctx->sessions), or we're in trouble.
602 */
603 if (s != NULL && s != c) {
604 /* We *are* in trouble ... */
605 SSL_SESSION_list_remove(ctx, s);
606 SSL_SESSION_free(s);
607 /*
608 * ... so pretend the other session did not exist in cache
609 * (we cannot handle two SSL_SESSION structures with identical
610 * session ID in the same cache, which could happen e.g. when
611 * two threads concurrently obtain the same session from an
612 * external cache).
613 */
614 s = NULL;
615 }
616
617 /* Put at the head of the queue unless it is already in the cache */
618 if (s == NULL)
619 SSL_SESSION_list_add(ctx, c);
620
621 if (s != NULL) {
622 /*
623 * existing cache entry -- decrement previously incremented
624 * reference count because it already takes into account the
625 * cache.
626 */
627 SSL_SESSION_free(s); /* s == c */
628 ret = 0;
629 } else {
630 /*
631 * New cache entry -- remove old ones if cache has become
632 * too large.
633 */
634
635 ret = 1;
636
637 if (SSL_CTX_sess_get_cache_size(ctx) > 0) {
638 while (SSL_CTX_sess_number(ctx) >
639 SSL_CTX_sess_get_cache_size(ctx)) {
640 if (!remove_session_lock(ctx,
641 ctx->session_cache_tail, 0))
642 break;
643 else
644 ctx->stats.sess_cache_full++;
645 }
646 }
647 }
648 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
649 return (ret);
650}
651
652int
653SSL_CTX_remove_session(SSL_CTX *ctx, SSL_SESSION *c)
654{
655 return remove_session_lock(ctx, c, 1);
656}
657
658static int
659remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck)
660{
661 SSL_SESSION *r;
662 int ret = 0;
663
664 if ((c != NULL) && (c->session_id_length != 0)) {
665 if (lck)
666 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
667 if ((r = lh_SSL_SESSION_retrieve(ctx->sessions, c)) == c) {
668 ret = 1;
669 r = lh_SSL_SESSION_delete(ctx->sessions, c);
670 SSL_SESSION_list_remove(ctx, c);
671 }
672 if (lck)
673 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
674
675 if (ret) {
676 r->not_resumable = 1;
677 if (ctx->remove_session_cb != NULL)
678 ctx->remove_session_cb(ctx, r);
679 SSL_SESSION_free(r);
680 }
681 } else
682 ret = 0;
683 return (ret);
684}
685
686void
687SSL_SESSION_free(SSL_SESSION *ss)
688{
689 int i;
690
691 if (ss == NULL)
692 return;
693
694 i = CRYPTO_add(&ss->references, -1, CRYPTO_LOCK_SSL_SESSION);
695 if (i > 0)
696 return;
697
698 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data);
699
700 OPENSSL_cleanse(ss->master_key, sizeof ss->master_key);
701 OPENSSL_cleanse(ss->session_id, sizeof ss->session_id);
702 if (ss->sess_cert != NULL)
703 ssl_sess_cert_free(ss->sess_cert);
704 if (ss->peer != NULL)
705 X509_free(ss->peer);
706 if (ss->ciphers != NULL)
707 sk_SSL_CIPHER_free(ss->ciphers);
708 free(ss->tlsext_hostname);
709 free(ss->tlsext_tick);
710 ss->tlsext_ecpointformatlist_length = 0;
711 free(ss->tlsext_ecpointformatlist);
712 ss->tlsext_ellipticcurvelist_length = 0;
713 free(ss->tlsext_ellipticcurvelist);
714 OPENSSL_cleanse(ss, sizeof(*ss));
715 free(ss);
716}
717
718int
719SSL_set_session(SSL *s, SSL_SESSION *session)
720{
721 int ret = 0;
722 const SSL_METHOD *meth;
723
724 if (session != NULL) {
725 meth = s->ctx->method->get_ssl_method(session->ssl_version);
726 if (meth == NULL)
727 meth = s->method->get_ssl_method(session->ssl_version);
728 if (meth == NULL) {
729 SSLerr(SSL_F_SSL_SET_SESSION,
730 SSL_R_UNABLE_TO_FIND_SSL_METHOD);
731 return (0);
732 }
733
734 if (meth != s->method) {
735 if (!SSL_set_ssl_method(s, meth))
736 return (0);
737 }
738
739
740 /* CRYPTO_w_lock(CRYPTO_LOCK_SSL);*/
741 CRYPTO_add(&session->references, 1, CRYPTO_LOCK_SSL_SESSION);
742 if (s->session != NULL)
743 SSL_SESSION_free(s->session);
744 s->session = session;
745 s->verify_result = s->session->verify_result;
746 /* CRYPTO_w_unlock(CRYPTO_LOCK_SSL);*/
747 ret = 1;
748 } else {
749 if (s->session != NULL) {
750 SSL_SESSION_free(s->session);
751 s->session = NULL;
752 }
753
754 meth = s->ctx->method;
755 if (meth != s->method) {
756 if (!SSL_set_ssl_method(s, meth))
757 return (0);
758 }
759 ret = 1;
760 }
761 return (ret);
762}
763
764long
765SSL_SESSION_set_timeout(SSL_SESSION *s, long t)
766{
767 if (s == NULL)
768 return (0);
769 s->timeout = t;
770 return (1);
771}
772
773long
774SSL_SESSION_get_timeout(const SSL_SESSION *s)
775{
776 if (s == NULL)
777 return (0);
778 return (s->timeout);
779}
780
781/* XXX 2038 */
782long
783SSL_SESSION_get_time(const SSL_SESSION *s)
784{
785 if (s == NULL)
786 return (0);
787 return (s->time);
788}
789
790/* XXX 2038 */
791long
792SSL_SESSION_set_time(SSL_SESSION *s, long t)
793{
794 if (s == NULL)
795 return (0);
796 s->time = t;
797 return (t);
798}
799
800X509 *
801SSL_SESSION_get0_peer(SSL_SESSION *s)
802{
803 return s->peer;
804}
805
806int
807SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx,
808 unsigned int sid_ctx_len)
809{
810 if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {
811 SSLerr(SSL_F_SSL_SESSION_SET1_ID_CONTEXT,
812 SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
813 return 0;
814 }
815 s->sid_ctx_length = sid_ctx_len;
816 memcpy(s->sid_ctx, sid_ctx, sid_ctx_len);
817
818 return 1;
819}
820
821long
822SSL_CTX_set_timeout(SSL_CTX *s, long t)
823{
824 long l;
825
826 if (s == NULL)
827 return (0);
828 l = s->session_timeout;
829 s->session_timeout = t;
830
831 return (l);
832}
833
834long
835SSL_CTX_get_timeout(const SSL_CTX *s)
836{
837 if (s == NULL)
838 return (0);
839 return (s->session_timeout);
840}
841
842int
843SSL_set_session_secret_cb(SSL *s, int (*tls_session_secret_cb)(SSL *s,
844 void *secret, int *secret_len, STACK_OF(SSL_CIPHER) *peer_ciphers,
845 SSL_CIPHER **cipher, void *arg), void *arg)
846{
847 if (s == NULL)
848 return (0);
849 s->tls_session_secret_cb = tls_session_secret_cb;
850 s->tls_session_secret_cb_arg = arg;
851 return (1);
852}
853
854int
855SSL_set_session_ticket_ext_cb(SSL *s, tls_session_ticket_ext_cb_fn cb,
856 void *arg)
857{
858 if (s == NULL)
859 return (0);
860 s->tls_session_ticket_ext_cb = cb;
861 s->tls_session_ticket_ext_cb_arg = arg;
862 return (1);
863}
864
865int
866SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len)
867{
868 if (s->version >= TLS1_VERSION) {
869 free(s->tlsext_session_ticket);
870 s->tlsext_session_ticket =
871 malloc(sizeof(TLS_SESSION_TICKET_EXT) + ext_len);
872 if (!s->tlsext_session_ticket) {
873 SSLerr(SSL_F_SSL_SET_SESSION_TICKET_EXT,
874 ERR_R_MALLOC_FAILURE);
875 return 0;
876 }
877
878 if (ext_data) {
879 s->tlsext_session_ticket->length = ext_len;
880 s->tlsext_session_ticket->data =
881 s->tlsext_session_ticket + 1;
882 memcpy(s->tlsext_session_ticket->data,
883 ext_data, ext_len);
884 } else {
885 s->tlsext_session_ticket->length = 0;
886 s->tlsext_session_ticket->data = NULL;
887 }
888
889 return 1;
890 }
891
892 return 0;
893}
894
895typedef struct timeout_param_st {
896 SSL_CTX *ctx;
897 long time;
898 LHASH_OF(SSL_SESSION) *cache;
899} TIMEOUT_PARAM;
900
901static void
902timeout_doall_arg(SSL_SESSION *s, TIMEOUT_PARAM *p)
903{
904 if ((p->time == 0) || (p->time > (s->time + s->timeout))) {
905 /* timeout */
906 /* The reason we don't call SSL_CTX_remove_session() is to
907 * save on locking overhead */
908 (void)lh_SSL_SESSION_delete(p->cache, s);
909 SSL_SESSION_list_remove(p->ctx, s);
910 s->not_resumable = 1;
911 if (p->ctx->remove_session_cb != NULL)
912 p->ctx->remove_session_cb(p->ctx, s);
913 SSL_SESSION_free(s);
914 }
915}
916
917static
918IMPLEMENT_LHASH_DOALL_ARG_FN(timeout, SSL_SESSION, TIMEOUT_PARAM)
919
920/* XXX 2038 */
921void
922SSL_CTX_flush_sessions(SSL_CTX *s, long t)
923{
924 unsigned long i;
925 TIMEOUT_PARAM tp;
926
927 tp.ctx = s;
928 tp.cache = s->sessions;
929 if (tp.cache == NULL)
930 return;
931 tp.time = t;
932 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
933 i = CHECKED_LHASH_OF(SSL_SESSION, tp.cache)->down_load;
934 CHECKED_LHASH_OF(SSL_SESSION, tp.cache)->down_load = 0;
935 lh_SSL_SESSION_doall_arg(tp.cache, LHASH_DOALL_ARG_FN(timeout),
936 TIMEOUT_PARAM, &tp);
937 CHECKED_LHASH_OF(SSL_SESSION, tp.cache)->down_load = i;
938 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
939}
940
941int
942ssl_clear_bad_session(SSL *s)
943{
944 if ((s->session != NULL) && !(s->shutdown & SSL_SENT_SHUTDOWN) &&
945 !(SSL_in_init(s) || SSL_in_before(s))) {
946 SSL_CTX_remove_session(s->ctx, s->session);
947 return (1);
948 } else
949 return (0);
950}
951
952/* locked by SSL_CTX in the calling function */
953static void
954SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s)
955{
956 if ((s->next == NULL) || (s->prev == NULL))
957 return;
958
959 if (s->next == (SSL_SESSION *)&(ctx->session_cache_tail)) {
960 /* last element in list */
961 if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head)) {
962 /* only one element in list */
963 ctx->session_cache_head = NULL;
964 ctx->session_cache_tail = NULL;
965 } else {
966 ctx->session_cache_tail = s->prev;
967 s->prev->next =
968 (SSL_SESSION *)&(ctx->session_cache_tail);
969 }
970 } else {
971 if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head)) {
972 /* first element in list */
973 ctx->session_cache_head = s->next;
974 s->next->prev =
975 (SSL_SESSION *)&(ctx->session_cache_head);
976 } else {
977 /* middle of list */
978 s->next->prev = s->prev;
979 s->prev->next = s->next;
980 }
981 }
982 s->prev = s->next = NULL;
983}
984
985static void
986SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s)
987{
988 if ((s->next != NULL) && (s->prev != NULL))
989 SSL_SESSION_list_remove(ctx, s);
990
991 if (ctx->session_cache_head == NULL) {
992 ctx->session_cache_head = s;
993 ctx->session_cache_tail = s;
994 s->prev = (SSL_SESSION *)&(ctx->session_cache_head);
995 s->next = (SSL_SESSION *)&(ctx->session_cache_tail);
996 } else {
997 s->next = ctx->session_cache_head;
998 s->next->prev = s;
999 s->prev = (SSL_SESSION *)&(ctx->session_cache_head);
1000 ctx->session_cache_head = s;
1001 }
1002}
1003
1004void
1005SSL_CTX_sess_set_new_cb(SSL_CTX *ctx,
1006 int (*cb)(struct ssl_st *ssl, SSL_SESSION *sess)) {
1007 ctx->new_session_cb = cb;
1008}
1009
1010int
1011(*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx))(SSL *ssl, SSL_SESSION *sess)
1012{
1013 return ctx->new_session_cb;
1014}
1015
1016void
1017SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx,
1018 void (*cb)(SSL_CTX *ctx, SSL_SESSION *sess))
1019{
1020 ctx->remove_session_cb = cb;
1021}
1022
1023void
1024(*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx))(SSL_CTX * ctx, SSL_SESSION *sess)
1025{
1026 return ctx->remove_session_cb;
1027}
1028
1029void
1030SSL_CTX_sess_set_get_cb(SSL_CTX *ctx, SSL_SESSION *(*cb)(struct ssl_st *ssl,
1031 unsigned char *data, int len, int *copy))
1032{
1033 ctx->get_session_cb = cb;
1034}
1035
1036SSL_SESSION *
1037(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx))(SSL *ssl, unsigned char *data,
1038 int len, int *copy)
1039{
1040 return ctx->get_session_cb;
1041}
1042
1043void
1044SSL_CTX_set_info_callback(SSL_CTX *ctx,
1045 void (*cb)(const SSL *ssl, int type, int val))
1046{
1047 ctx->info_callback = cb;
1048}
1049
1050void
1051(*SSL_CTX_get_info_callback(SSL_CTX *ctx))(const SSL *ssl, int type, int val)
1052{
1053 return ctx->info_callback;
1054}
1055
1056void
1057SSL_CTX_set_client_cert_cb(SSL_CTX *ctx,
1058 int (*cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey))
1059{
1060 ctx->client_cert_cb = cb;
1061}
1062
1063int
1064(*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx))(SSL * ssl, X509 ** x509,
1065 EVP_PKEY **pkey)
1066{
1067 return ctx->client_cert_cb;
1068}
1069
1070#ifndef OPENSSL_NO_ENGINE
1071int
1072SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e)
1073{
1074 if (!ENGINE_init(e)) {
1075 SSLerr(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE,
1076 ERR_R_ENGINE_LIB);
1077 return 0;
1078 }
1079 if (!ENGINE_get_ssl_client_cert_function(e)) {
1080 SSLerr(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE,
1081 SSL_R_NO_CLIENT_CERT_METHOD);
1082 ENGINE_finish(e);
1083 return 0;
1084 }
1085 ctx->client_cert_engine = e;
1086 return 1;
1087}
1088#endif
1089
1090void
1091SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx,
1092 int (*cb)(SSL *ssl, unsigned char *cookie, unsigned int *cookie_len))
1093{
1094 ctx->app_gen_cookie_cb = cb;
1095}
1096
1097void
1098SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx,
1099 int (*cb)(SSL *ssl, unsigned char *cookie, unsigned int cookie_len))
1100{
1101 ctx->app_verify_cookie_cb = cb;
1102}
1103
1104IMPLEMENT_PEM_rw(SSL_SESSION, SSL_SESSION, PEM_STRING_SSL_SESSION, SSL_SESSION)
diff --git a/src/lib/libssl/ssl_stat.c b/src/lib/libssl/ssl_stat.c
deleted file mode 100644
index 6d67d19c25..0000000000
--- a/src/lib/libssl/ssl_stat.c
+++ /dev/null
@@ -1,801 +0,0 @@
1/* $OpenBSD: ssl_stat.c,v 1.12 2014/11/16 14:12:47 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright 2005 Nokia. All rights reserved.
60 *
61 * The portions of the attached software ("Contribution") is developed by
62 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
63 * license.
64 *
65 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
66 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
67 * support (see RFC 4279) to OpenSSL.
68 *
69 * No patent licenses or other rights except those expressly stated in
70 * the OpenSSL open source license shall be deemed granted or received
71 * expressly, by implication, estoppel, or otherwise.
72 *
73 * No assurances are provided by Nokia that the Contribution does not
74 * infringe the patent or other intellectual property rights of any third
75 * party or that the license provides you with all the necessary rights
76 * to make use of the Contribution.
77 *
78 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
79 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
80 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
81 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
82 * OTHERWISE.
83 */
84
85#include <stdio.h>
86
87#include "ssl_locl.h"
88
89const char *
90SSL_state_string_long(const SSL *s)
91{
92 const char *str;
93
94 switch (s->state) {
95 case SSL_ST_BEFORE:
96 str = "before SSL initialization";
97 break;
98 case SSL_ST_ACCEPT:
99 str = "before accept initialization";
100 break;
101 case SSL_ST_CONNECT:
102 str = "before connect initialization";
103 break;
104 case SSL_ST_OK:
105 str = "SSL negotiation finished successfully";
106 break;
107 case SSL_ST_RENEGOTIATE:
108 str = "SSL renegotiate ciphers";
109 break;
110 case SSL_ST_BEFORE|SSL_ST_CONNECT:
111 str = "before/connect initialization";
112 break;
113 case SSL_ST_OK|SSL_ST_CONNECT:
114 str = "ok/connect SSL initialization";
115 break;
116 case SSL_ST_BEFORE|SSL_ST_ACCEPT:
117 str = "before/accept initialization";
118 break;
119 case SSL_ST_OK|SSL_ST_ACCEPT:
120 str = "ok/accept SSL initialization";
121 break;
122
123 /* SSLv3 additions */
124 case SSL3_ST_CW_CLNT_HELLO_A:
125 str = "SSLv3 write client hello A";
126 break;
127 case SSL3_ST_CW_CLNT_HELLO_B:
128 str = "SSLv3 write client hello B";
129 break;
130 case SSL3_ST_CR_SRVR_HELLO_A:
131 str = "SSLv3 read server hello A";
132 break;
133 case SSL3_ST_CR_SRVR_HELLO_B:
134 str = "SSLv3 read server hello B";
135 break;
136 case SSL3_ST_CR_CERT_A:
137 str = "SSLv3 read server certificate A";
138 break;
139 case SSL3_ST_CR_CERT_B:
140 str = "SSLv3 read server certificate B";
141 break;
142 case SSL3_ST_CR_KEY_EXCH_A:
143 str = "SSLv3 read server key exchange A";
144 break;
145 case SSL3_ST_CR_KEY_EXCH_B:
146 str = "SSLv3 read server key exchange B";
147 break;
148 case SSL3_ST_CR_CERT_REQ_A:
149 str = "SSLv3 read server certificate request A";
150 break;
151 case SSL3_ST_CR_CERT_REQ_B:
152 str = "SSLv3 read server certificate request B";
153 break;
154 case SSL3_ST_CR_SESSION_TICKET_A:
155 str = "SSLv3 read server session ticket A";
156 break;
157 case SSL3_ST_CR_SESSION_TICKET_B:
158 str = "SSLv3 read server session ticket B";
159 break;
160 case SSL3_ST_CR_SRVR_DONE_A:
161 str = "SSLv3 read server done A";
162 break;
163 case SSL3_ST_CR_SRVR_DONE_B:
164 str = "SSLv3 read server done B";
165 break;
166 case SSL3_ST_CW_CERT_A:
167 str = "SSLv3 write client certificate A";
168 break;
169 case SSL3_ST_CW_CERT_B:
170 str = "SSLv3 write client certificate B";
171 break;
172 case SSL3_ST_CW_CERT_C:
173 str = "SSLv3 write client certificate C";
174 break;
175 case SSL3_ST_CW_CERT_D:
176 str = "SSLv3 write client certificate D";
177 break;
178 case SSL3_ST_CW_KEY_EXCH_A:
179 str = "SSLv3 write client key exchange A";
180 break;
181 case SSL3_ST_CW_KEY_EXCH_B:
182 str = "SSLv3 write client key exchange B";
183 break;
184 case SSL3_ST_CW_CERT_VRFY_A:
185 str = "SSLv3 write certificate verify A";
186 break;
187 case SSL3_ST_CW_CERT_VRFY_B:
188 str = "SSLv3 write certificate verify B";
189 break;
190
191 case SSL3_ST_CW_CHANGE_A:
192 case SSL3_ST_SW_CHANGE_A:
193 str = "SSLv3 write change cipher spec A";
194 break;
195 case SSL3_ST_CW_CHANGE_B:
196 case SSL3_ST_SW_CHANGE_B:
197 str = "SSLv3 write change cipher spec B";
198 break;
199 case SSL3_ST_CW_FINISHED_A:
200 case SSL3_ST_SW_FINISHED_A:
201 str = "SSLv3 write finished A";
202 break;
203 case SSL3_ST_CW_FINISHED_B:
204 case SSL3_ST_SW_FINISHED_B:
205 str = "SSLv3 write finished B";
206 break;
207 case SSL3_ST_CR_CHANGE_A:
208 case SSL3_ST_SR_CHANGE_A:
209 str = "SSLv3 read change cipher spec A";
210 break;
211 case SSL3_ST_CR_CHANGE_B:
212 case SSL3_ST_SR_CHANGE_B:
213 str = "SSLv3 read change cipher spec B";
214 break;
215 case SSL3_ST_CR_FINISHED_A:
216 case SSL3_ST_SR_FINISHED_A:
217 str = "SSLv3 read finished A";
218 break;
219 case SSL3_ST_CR_FINISHED_B:
220 case SSL3_ST_SR_FINISHED_B:
221 str = "SSLv3 read finished B";
222 break;
223
224 case SSL3_ST_CW_FLUSH:
225 case SSL3_ST_SW_FLUSH:
226 str = "SSLv3 flush data";
227 break;
228
229 case SSL3_ST_SR_CLNT_HELLO_A:
230 str = "SSLv3 read client hello A";
231 break;
232 case SSL3_ST_SR_CLNT_HELLO_B:
233 str = "SSLv3 read client hello B";
234 break;
235 case SSL3_ST_SR_CLNT_HELLO_C:
236 str = "SSLv3 read client hello C";
237 break;
238 case SSL3_ST_SW_HELLO_REQ_A:
239 str = "SSLv3 write hello request A";
240 break;
241 case SSL3_ST_SW_HELLO_REQ_B:
242 str = "SSLv3 write hello request B";
243 break;
244 case SSL3_ST_SW_HELLO_REQ_C:
245 str = "SSLv3 write hello request C";
246 break;
247 case SSL3_ST_SW_SRVR_HELLO_A:
248 str = "SSLv3 write server hello A";
249 break;
250 case SSL3_ST_SW_SRVR_HELLO_B:
251 str = "SSLv3 write server hello B";
252 break;
253 case SSL3_ST_SW_CERT_A:
254 str = "SSLv3 write certificate A";
255 break;
256 case SSL3_ST_SW_CERT_B:
257 str = "SSLv3 write certificate B";
258 break;
259 case SSL3_ST_SW_KEY_EXCH_A:
260 str = "SSLv3 write key exchange A";
261 break;
262 case SSL3_ST_SW_KEY_EXCH_B:
263 str = "SSLv3 write key exchange B";
264 break;
265 case SSL3_ST_SW_CERT_REQ_A:
266 str = "SSLv3 write certificate request A";
267 break;
268 case SSL3_ST_SW_CERT_REQ_B:
269 str = "SSLv3 write certificate request B";
270 break;
271 case SSL3_ST_SW_SESSION_TICKET_A:
272 str = "SSLv3 write session ticket A";
273 break;
274 case SSL3_ST_SW_SESSION_TICKET_B:
275 str = "SSLv3 write session ticket B";
276 break;
277 case SSL3_ST_SW_SRVR_DONE_A:
278 str = "SSLv3 write server done A";
279 break;
280 case SSL3_ST_SW_SRVR_DONE_B:
281 str = "SSLv3 write server done B";
282 break;
283 case SSL3_ST_SR_CERT_A:
284 str = "SSLv3 read client certificate A";
285 break;
286 case SSL3_ST_SR_CERT_B:
287 str = "SSLv3 read client certificate B";
288 break;
289 case SSL3_ST_SR_KEY_EXCH_A:
290 str = "SSLv3 read client key exchange A";
291 break;
292 case SSL3_ST_SR_KEY_EXCH_B:
293 str = "SSLv3 read client key exchange B";
294 break;
295 case SSL3_ST_SR_CERT_VRFY_A:
296 str = "SSLv3 read certificate verify A";
297 break;
298 case SSL3_ST_SR_CERT_VRFY_B:
299 str = "SSLv3 read certificate verify B";
300 break;
301
302 /* DTLS */
303 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A:
304 str = "DTLS1 read hello verify request A";
305 break;
306 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B:
307 str = "DTLS1 read hello verify request B";
308 break;
309 case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A:
310 str = "DTLS1 write hello verify request A";
311 break;
312 case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B:
313 str = "DTLS1 write hello verify request B";
314 break;
315
316 default:
317 str = "unknown state";
318 break;
319 }
320 return (str);
321}
322
323const char *
324SSL_rstate_string_long(const SSL *s)
325{
326 const char *str;
327
328 switch (s->rstate) {
329 case SSL_ST_READ_HEADER:
330 str = "read header";
331 break;
332 case SSL_ST_READ_BODY:
333 str = "read body";
334 break;
335 case SSL_ST_READ_DONE:
336 str = "read done";
337 break;
338 default:
339 str = "unknown";
340 break;
341 }
342 return (str);
343}
344
345const char *
346SSL_state_string(const SSL *s)
347{
348 const char *str;
349
350 switch (s->state) {
351 case SSL_ST_BEFORE:
352 str = "PINIT ";
353 break;
354 case SSL_ST_ACCEPT:
355 str = "AINIT ";
356 break;
357 case SSL_ST_CONNECT:
358 str = "CINIT ";
359 break;
360 case SSL_ST_OK:
361 str = "SSLOK ";
362 break;
363
364 /* SSLv3 additions */
365 case SSL3_ST_SW_FLUSH:
366 case SSL3_ST_CW_FLUSH:
367 str = "3FLUSH";
368 break;
369 case SSL3_ST_CW_CLNT_HELLO_A:
370 str = "3WCH_A";
371 break;
372 case SSL3_ST_CW_CLNT_HELLO_B:
373 str = "3WCH_B";
374 break;
375 case SSL3_ST_CR_SRVR_HELLO_A:
376 str = "3RSH_A";
377 break;
378 case SSL3_ST_CR_SRVR_HELLO_B:
379 str = "3RSH_B";
380 break;
381 case SSL3_ST_CR_CERT_A:
382 str = "3RSC_A";
383 break;
384 case SSL3_ST_CR_CERT_B:
385 str = "3RSC_B";
386 break;
387 case SSL3_ST_CR_KEY_EXCH_A:
388 str = "3RSKEA";
389 break;
390 case SSL3_ST_CR_KEY_EXCH_B:
391 str = "3RSKEB";
392 break;
393 case SSL3_ST_CR_CERT_REQ_A:
394 str = "3RCR_A";
395 break;
396 case SSL3_ST_CR_CERT_REQ_B:
397 str = "3RCR_B";
398 break;
399 case SSL3_ST_CR_SRVR_DONE_A:
400 str = "3RSD_A";
401 break;
402 case SSL3_ST_CR_SRVR_DONE_B:
403 str = "3RSD_B";
404 break;
405 case SSL3_ST_CW_CERT_A:
406 str = "3WCC_A";
407 break;
408 case SSL3_ST_CW_CERT_B:
409 str = "3WCC_B";
410 break;
411 case SSL3_ST_CW_CERT_C:
412 str = "3WCC_C";
413 break;
414 case SSL3_ST_CW_CERT_D:
415 str = "3WCC_D";
416 break;
417 case SSL3_ST_CW_KEY_EXCH_A:
418 str = "3WCKEA";
419 break;
420 case SSL3_ST_CW_KEY_EXCH_B:
421 str = "3WCKEB";
422 break;
423 case SSL3_ST_CW_CERT_VRFY_A:
424 str = "3WCV_A";
425 break;
426 case SSL3_ST_CW_CERT_VRFY_B:
427 str = "3WCV_B";
428 break;
429
430 case SSL3_ST_SW_CHANGE_A:
431 case SSL3_ST_CW_CHANGE_A:
432 str = "3WCCSA";
433 break;
434 case SSL3_ST_SW_CHANGE_B:
435 case SSL3_ST_CW_CHANGE_B:
436 str = "3WCCSB";
437 break;
438 case SSL3_ST_SW_FINISHED_A:
439 case SSL3_ST_CW_FINISHED_A:
440 str = "3WFINA";
441 break;
442 case SSL3_ST_SW_FINISHED_B:
443 case SSL3_ST_CW_FINISHED_B:
444 str = "3WFINB";
445 break;
446 case SSL3_ST_SR_CHANGE_A:
447 case SSL3_ST_CR_CHANGE_A:
448 str = "3RCCSA";
449 break;
450 case SSL3_ST_SR_CHANGE_B:
451 case SSL3_ST_CR_CHANGE_B:
452 str = "3RCCSB";
453 break;
454 case SSL3_ST_SR_FINISHED_A:
455 case SSL3_ST_CR_FINISHED_A:
456 str = "3RFINA";
457 break;
458 case SSL3_ST_SR_FINISHED_B:
459 case SSL3_ST_CR_FINISHED_B:
460 str = "3RFINB";
461 break;
462
463 case SSL3_ST_SW_HELLO_REQ_A:
464 str = "3WHR_A";
465 break;
466 case SSL3_ST_SW_HELLO_REQ_B:
467 str = "3WHR_B";
468 break;
469 case SSL3_ST_SW_HELLO_REQ_C:
470 str = "3WHR_C";
471 break;
472 case SSL3_ST_SR_CLNT_HELLO_A:
473 str = "3RCH_A";
474 break;
475 case SSL3_ST_SR_CLNT_HELLO_B:
476 str = "3RCH_B";
477 break;
478 case SSL3_ST_SR_CLNT_HELLO_C:
479 str = "3RCH_C";
480 break;
481 case SSL3_ST_SW_SRVR_HELLO_A:
482 str = "3WSH_A";
483 break;
484 case SSL3_ST_SW_SRVR_HELLO_B:
485 str = "3WSH_B";
486 break;
487 case SSL3_ST_SW_CERT_A:
488 str = "3WSC_A";
489 break;
490 case SSL3_ST_SW_CERT_B:
491 str = "3WSC_B";
492 break;
493 case SSL3_ST_SW_KEY_EXCH_A:
494 str = "3WSKEA";
495 break;
496 case SSL3_ST_SW_KEY_EXCH_B:
497 str = "3WSKEB";
498 break;
499 case SSL3_ST_SW_CERT_REQ_A:
500 str = "3WCR_A";
501 break;
502 case SSL3_ST_SW_CERT_REQ_B:
503 str = "3WCR_B";
504 break;
505 case SSL3_ST_SW_SRVR_DONE_A:
506 str = "3WSD_A";
507 break;
508 case SSL3_ST_SW_SRVR_DONE_B:
509 str = "3WSD_B";
510 break;
511 case SSL3_ST_SR_CERT_A:
512 str = "3RCC_A";
513 break;
514 case SSL3_ST_SR_CERT_B:
515 str = "3RCC_B";
516 break;
517 case SSL3_ST_SR_KEY_EXCH_A:
518 str = "3RCKEA";
519 break;
520 case SSL3_ST_SR_KEY_EXCH_B:
521 str = "3RCKEB";
522 break;
523 case SSL3_ST_SR_CERT_VRFY_A:
524 str = "3RCV_A";
525 break;
526 case SSL3_ST_SR_CERT_VRFY_B:
527 str = "3RCV_B";
528 break;
529
530 /* DTLS */
531 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A:
532 str = "DRCHVA";
533 break;
534 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B:
535 str = "DRCHVB";
536 break;
537 case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A:
538 str = "DWCHVA";
539 break;
540 case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B:
541 str = "DWCHVB";
542 break;
543
544 default:
545 str = "UNKWN ";
546 break;
547 }
548 return (str);
549}
550
551const char *
552SSL_alert_type_string_long(int value)
553{
554 value >>= 8;
555 if (value == SSL3_AL_WARNING)
556 return ("warning");
557 else if (value == SSL3_AL_FATAL)
558 return ("fatal");
559 else
560 return ("unknown");
561}
562
563const char *
564SSL_alert_type_string(int value)
565{
566 value >>= 8;
567 if (value == SSL3_AL_WARNING)
568 return ("W");
569 else if (value == SSL3_AL_FATAL)
570 return ("F");
571 else
572 return ("U");
573}
574
575const char *
576SSL_alert_desc_string(int value)
577{
578 const char *str;
579
580 switch (value & 0xff) {
581 case SSL3_AD_CLOSE_NOTIFY:
582 str = "CN";
583 break;
584 case SSL3_AD_UNEXPECTED_MESSAGE:
585 str = "UM";
586 break;
587 case SSL3_AD_BAD_RECORD_MAC:
588 str = "BM";
589 break;
590 case SSL3_AD_DECOMPRESSION_FAILURE:
591 str = "DF";
592 break;
593 case SSL3_AD_HANDSHAKE_FAILURE:
594 str = "HF";
595 break;
596 case SSL3_AD_NO_CERTIFICATE:
597 str = "NC";
598 break;
599 case SSL3_AD_BAD_CERTIFICATE:
600 str = "BC";
601 break;
602 case SSL3_AD_UNSUPPORTED_CERTIFICATE:
603 str = "UC";
604 break;
605 case SSL3_AD_CERTIFICATE_REVOKED:
606 str = "CR";
607 break;
608 case SSL3_AD_CERTIFICATE_EXPIRED:
609 str = "CE";
610 break;
611 case SSL3_AD_CERTIFICATE_UNKNOWN:
612 str = "CU";
613 break;
614 case SSL3_AD_ILLEGAL_PARAMETER:
615 str = "IP";
616 break;
617 case TLS1_AD_DECRYPTION_FAILED:
618 str = "DC";
619 break;
620 case TLS1_AD_RECORD_OVERFLOW:
621 str = "RO";
622 break;
623 case TLS1_AD_UNKNOWN_CA:
624 str = "CA";
625 break;
626 case TLS1_AD_ACCESS_DENIED:
627 str = "AD";
628 break;
629 case TLS1_AD_DECODE_ERROR:
630 str = "DE";
631 break;
632 case TLS1_AD_DECRYPT_ERROR:
633 str = "CY";
634 break;
635 case TLS1_AD_EXPORT_RESTRICTION:
636 str = "ER";
637 break;
638 case TLS1_AD_PROTOCOL_VERSION:
639 str = "PV";
640 break;
641 case TLS1_AD_INSUFFICIENT_SECURITY:
642 str = "IS";
643 break;
644 case TLS1_AD_INTERNAL_ERROR:
645 str = "IE";
646 break;
647 case TLS1_AD_USER_CANCELLED:
648 str = "US";
649 break;
650 case TLS1_AD_NO_RENEGOTIATION:
651 str = "NR";
652 break;
653 case TLS1_AD_UNSUPPORTED_EXTENSION:
654 str = "UE";
655 break;
656 case TLS1_AD_CERTIFICATE_UNOBTAINABLE:
657 str = "CO";
658 break;
659 case TLS1_AD_UNRECOGNIZED_NAME:
660 str = "UN";
661 break;
662 case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE:
663 str = "BR";
664 break;
665 case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE:
666 str = "BH";
667 break;
668 case TLS1_AD_UNKNOWN_PSK_IDENTITY:
669 str = "UP";
670 break;
671 default:
672 str = "UK";
673 break;
674 }
675 return (str);
676}
677
678const char *
679SSL_alert_desc_string_long(int value)
680{
681 const char *str;
682
683 switch (value & 0xff) {
684 case SSL3_AD_CLOSE_NOTIFY:
685 str = "close notify";
686 break;
687 case SSL3_AD_UNEXPECTED_MESSAGE:
688 str = "unexpected_message";
689 break;
690 case SSL3_AD_BAD_RECORD_MAC:
691 str = "bad record mac";
692 break;
693 case SSL3_AD_DECOMPRESSION_FAILURE:
694 str = "decompression failure";
695 break;
696 case SSL3_AD_HANDSHAKE_FAILURE:
697 str = "handshake failure";
698 break;
699 case SSL3_AD_NO_CERTIFICATE:
700 str = "no certificate";
701 break;
702 case SSL3_AD_BAD_CERTIFICATE:
703 str = "bad certificate";
704 break;
705 case SSL3_AD_UNSUPPORTED_CERTIFICATE:
706 str = "unsupported certificate";
707 break;
708 case SSL3_AD_CERTIFICATE_REVOKED:
709 str = "certificate revoked";
710 break;
711 case SSL3_AD_CERTIFICATE_EXPIRED:
712 str = "certificate expired";
713 break;
714 case SSL3_AD_CERTIFICATE_UNKNOWN:
715 str = "certificate unknown";
716 break;
717 case SSL3_AD_ILLEGAL_PARAMETER:
718 str = "illegal parameter";
719 break;
720 case TLS1_AD_DECRYPTION_FAILED:
721 str = "decryption failed";
722 break;
723 case TLS1_AD_RECORD_OVERFLOW:
724 str = "record overflow";
725 break;
726 case TLS1_AD_UNKNOWN_CA:
727 str = "unknown CA";
728 break;
729 case TLS1_AD_ACCESS_DENIED:
730 str = "access denied";
731 break;
732 case TLS1_AD_DECODE_ERROR:
733 str = "decode error";
734 break;
735 case TLS1_AD_DECRYPT_ERROR:
736 str = "decrypt error";
737 break;
738 case TLS1_AD_EXPORT_RESTRICTION:
739 str = "export restriction";
740 break;
741 case TLS1_AD_PROTOCOL_VERSION:
742 str = "protocol version";
743 break;
744 case TLS1_AD_INSUFFICIENT_SECURITY:
745 str = "insufficient security";
746 break;
747 case TLS1_AD_INTERNAL_ERROR:
748 str = "internal error";
749 break;
750 case TLS1_AD_USER_CANCELLED:
751 str = "user canceled";
752 break;
753 case TLS1_AD_NO_RENEGOTIATION:
754 str = "no renegotiation";
755 break;
756 case TLS1_AD_UNSUPPORTED_EXTENSION:
757 str = "unsupported extension";
758 break;
759 case TLS1_AD_CERTIFICATE_UNOBTAINABLE:
760 str = "certificate unobtainable";
761 break;
762 case TLS1_AD_UNRECOGNIZED_NAME:
763 str = "unrecognized name";
764 break;
765 case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE:
766 str = "bad certificate status response";
767 break;
768 case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE:
769 str = "bad certificate hash value";
770 break;
771 case TLS1_AD_UNKNOWN_PSK_IDENTITY:
772 str = "unknown PSK identity";
773 break;
774 default:
775 str = "unknown";
776 break;
777 }
778 return (str);
779}
780
781const char *
782SSL_rstate_string(const SSL *s)
783{
784 const char *str;
785
786 switch (s->rstate) {
787 case SSL_ST_READ_HEADER:
788 str = "RH";
789 break;
790 case SSL_ST_READ_BODY:
791 str = "RB";
792 break;
793 case SSL_ST_READ_DONE:
794 str = "RD";
795 break;
796 default:
797 str = "unknown";
798 break;
799 }
800 return (str);
801}
diff --git a/src/lib/libssl/ssl_txt.c b/src/lib/libssl/ssl_txt.c
deleted file mode 100644
index c3626dc03a..0000000000
--- a/src/lib/libssl/ssl_txt.c
+++ /dev/null
@@ -1,187 +0,0 @@
1/* $OpenBSD: ssl_txt.c,v 1.26 2014/12/14 15:30:50 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright 2005 Nokia. All rights reserved.
60 *
61 * The portions of the attached software ("Contribution") is developed by
62 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
63 * license.
64 *
65 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
66 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
67 * support (see RFC 4279) to OpenSSL.
68 *
69 * No patent licenses or other rights except those expressly stated in
70 * the OpenSSL open source license shall be deemed granted or received
71 * expressly, by implication, estoppel, or otherwise.
72 *
73 * No assurances are provided by Nokia that the Contribution does not
74 * infringe the patent or other intellectual property rights of any third
75 * party or that the license provides you with all the necessary rights
76 * to make use of the Contribution.
77 *
78 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
79 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
80 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
81 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
82 * OTHERWISE.
83 */
84
85#include <stdio.h>
86
87#include <openssl/buffer.h>
88
89#include "ssl_locl.h"
90
91int
92SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *x)
93{
94 BIO *b;
95 int ret;
96
97 if ((b = BIO_new(BIO_s_file_internal())) == NULL) {
98 SSLerr(SSL_F_SSL_SESSION_PRINT_FP, ERR_R_BUF_LIB);
99 return (0);
100 }
101 BIO_set_fp(b, fp, BIO_NOCLOSE);
102 ret = SSL_SESSION_print(b, x);
103 BIO_free(b);
104 return (ret);
105}
106
107int
108SSL_SESSION_print(BIO *bp, const SSL_SESSION *x)
109{
110 unsigned int i;
111 const char *s;
112
113 if (x == NULL)
114 goto err;
115 if (BIO_puts(bp, "SSL-Session:\n") <= 0)
116 goto err;
117
118 s = ssl_version_string(x->ssl_version);
119 if (BIO_printf(bp, " Protocol : %s\n", s) <= 0)
120 goto err;
121
122 if (x->cipher == NULL) {
123 if (((x->cipher_id) & 0xff000000) == 0x02000000) {
124 if (BIO_printf(bp, " Cipher : %06lX\n", x->cipher_id&0xffffff) <= 0)
125 goto err;
126 } else {
127 if (BIO_printf(bp, " Cipher : %04lX\n", x->cipher_id&0xffff) <= 0)
128 goto err;
129 }
130 } else {
131 if (BIO_printf(bp, " Cipher : %s\n",((x->cipher == NULL)?"unknown":x->cipher->name)) <= 0)
132 goto err;
133 }
134 if (BIO_puts(bp, " Session-ID: ") <= 0)
135 goto err;
136 for (i = 0; i < x->session_id_length; i++) {
137 if (BIO_printf(bp, "%02X", x->session_id[i]) <= 0)
138 goto err;
139 }
140 if (BIO_puts(bp, "\n Session-ID-ctx: ") <= 0)
141 goto err;
142 for (i = 0; i < x->sid_ctx_length; i++) {
143 if (BIO_printf(bp, "%02X", x->sid_ctx[i]) <= 0)
144 goto err;
145 }
146 if (BIO_puts(bp, "\n Master-Key: ") <= 0)
147 goto err;
148 for (i = 0; i < (unsigned int)x->master_key_length; i++) {
149 if (BIO_printf(bp, "%02X", x->master_key[i]) <= 0)
150 goto err;
151 }
152 if (x->tlsext_tick_lifetime_hint) {
153 if (BIO_printf(bp,
154 "\n TLS session ticket lifetime hint: %ld (seconds)",
155 x->tlsext_tick_lifetime_hint) <= 0)
156 goto err;
157 }
158 if (x->tlsext_tick) {
159 if (BIO_puts(bp, "\n TLS session ticket:\n") <= 0)
160 goto err;
161 if (BIO_dump_indent(bp, (char *)x->tlsext_tick, x->tlsext_ticklen, 4) <= 0)
162 goto err;
163 }
164
165 if (x->time != 0) {
166 if (BIO_printf(bp, "\n Start Time: %lld", (long long)x->time) <= 0)
167 goto err;
168 }
169 if (x->timeout != 0L) {
170 if (BIO_printf(bp, "\n Timeout : %ld (sec)", x->timeout) <= 0)
171 goto err;
172 }
173 if (BIO_puts(bp, "\n") <= 0)
174 goto err;
175
176 if (BIO_puts(bp, " Verify return code: ") <= 0)
177 goto err;
178
179 if (BIO_printf(bp, "%ld (%s)\n", x->verify_result,
180 X509_verify_cert_error_string(x->verify_result)) <= 0)
181 goto err;
182
183 return (1);
184err:
185 return (0);
186}
187
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2026-01-09 11:32:31 +0000