summaryrefslogtreecommitdiff
path: root/src/lib/libssl/ssl
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--src/lib/libssl/ssl.h2389
-rw-r--r--src/lib/libssl/ssl2.h153
-rw-r--r--src/lib/libssl/ssl23.h82
-rw-r--r--src/lib/libssl/ssl3.h617
-rw-r--r--src/lib/libssl/ssl_algs.c131
-rw-r--r--src/lib/libssl/ssl_asn1.c692
-rw-r--r--src/lib/libssl/ssl_cert.c735
-rw-r--r--src/lib/libssl/ssl_ciph.c1765
-rw-r--r--src/lib/libssl/ssl_err.c615
-rw-r--r--src/lib/libssl/ssl_err2.c72
-rw-r--r--src/lib/libssl/ssl_lib.c3125
-rw-r--r--src/lib/libssl/ssl_locl.h875
-rw-r--r--src/lib/libssl/ssl_rsa.c755
-rw-r--r--src/lib/libssl/ssl_sess.c1102
-rw-r--r--src/lib/libssl/ssl_stat.c801
-rw-r--r--src/lib/libssl/ssl_txt.c187
16 files changed, 0 insertions, 14096 deletions
diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h
deleted file mode 100644
index 0cd220778b..0000000000
--- a/src/lib/libssl/ssl.h
+++ /dev/null
@@ -1,2389 +0,0 @@
1/* $OpenBSD: ssl.h,v 1.92 2015/07/19 06:31:32 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111/* ====================================================================
112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113 * ECC cipher suite support in OpenSSL originally developed by
114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
115 */
116/* ====================================================================
117 * Copyright 2005 Nokia. All rights reserved.
118 *
119 * The portions of the attached software ("Contribution") is developed by
120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
121 * license.
122 *
123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
125 * support (see RFC 4279) to OpenSSL.
126 *
127 * No patent licenses or other rights except those expressly stated in
128 * the OpenSSL open source license shall be deemed granted or received
129 * expressly, by implication, estoppel, or otherwise.
130 *
131 * No assurances are provided by Nokia that the Contribution does not
132 * infringe the patent or other intellectual property rights of any third
133 * party or that the license provides you with all the necessary rights
134 * to make use of the Contribution.
135 *
136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
140 * OTHERWISE.
141 */
142
143#ifndef HEADER_SSL_H
144#define HEADER_SSL_H
145
146#include <stdint.h>
147
148#include <openssl/opensslconf.h>
149#include <openssl/hmac.h>
150#include <openssl/pem.h>
151#include <openssl/safestack.h>
152
153#ifndef OPENSSL_NO_BIO
154#include <openssl/bio.h>
155#endif
156
157#ifndef OPENSSL_NO_DEPRECATED
158#include <openssl/buffer.h>
159#include <openssl/crypto.h>
160#include <openssl/lhash.h>
161
162#ifndef OPENSSL_NO_X509
163#include <openssl/x509.h>
164#endif
165#endif
166
167#ifdef __cplusplus
168extern "C" {
169#endif
170
171/* SSLeay version number for ASN.1 encoding of the session information */
172/* Version 0 - initial version
173 * Version 1 - added the optional peer certificate
174 */
175#define SSL_SESSION_ASN1_VERSION 0x0001
176
177/* text strings for the ciphers */
178#define SSL_TXT_NULL_WITH_MD5 SSL2_TXT_NULL_WITH_MD5
179#define SSL_TXT_RC4_128_WITH_MD5 SSL2_TXT_RC4_128_WITH_MD5
180#define SSL_TXT_RC4_128_EXPORT40_WITH_MD5 SSL2_TXT_RC4_128_EXPORT40_WITH_MD5
181#define SSL_TXT_RC2_128_CBC_WITH_MD5 SSL2_TXT_RC2_128_CBC_WITH_MD5
182#define SSL_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5
183#define SSL_TXT_IDEA_128_CBC_WITH_MD5 SSL2_TXT_IDEA_128_CBC_WITH_MD5
184#define SSL_TXT_DES_64_CBC_WITH_MD5 SSL2_TXT_DES_64_CBC_WITH_MD5
185#define SSL_TXT_DES_64_CBC_WITH_SHA SSL2_TXT_DES_64_CBC_WITH_SHA
186#define SSL_TXT_DES_192_EDE3_CBC_WITH_MD5 SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5
187#define SSL_TXT_DES_192_EDE3_CBC_WITH_SHA SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA
188
189/* VRS Additional Kerberos5 entries
190 */
191#define SSL_TXT_KRB5_DES_64_CBC_SHA SSL3_TXT_KRB5_DES_64_CBC_SHA
192#define SSL_TXT_KRB5_DES_192_CBC3_SHA SSL3_TXT_KRB5_DES_192_CBC3_SHA
193#define SSL_TXT_KRB5_RC4_128_SHA SSL3_TXT_KRB5_RC4_128_SHA
194#define SSL_TXT_KRB5_IDEA_128_CBC_SHA SSL3_TXT_KRB5_IDEA_128_CBC_SHA
195#define SSL_TXT_KRB5_DES_64_CBC_MD5 SSL3_TXT_KRB5_DES_64_CBC_MD5
196#define SSL_TXT_KRB5_DES_192_CBC3_MD5 SSL3_TXT_KRB5_DES_192_CBC3_MD5
197#define SSL_TXT_KRB5_RC4_128_MD5 SSL3_TXT_KRB5_RC4_128_MD5
198#define SSL_TXT_KRB5_IDEA_128_CBC_MD5 SSL3_TXT_KRB5_IDEA_128_CBC_MD5
199
200#define SSL_TXT_KRB5_DES_40_CBC_SHA SSL3_TXT_KRB5_DES_40_CBC_SHA
201#define SSL_TXT_KRB5_RC2_40_CBC_SHA SSL3_TXT_KRB5_RC2_40_CBC_SHA
202#define SSL_TXT_KRB5_RC4_40_SHA SSL3_TXT_KRB5_RC4_40_SHA
203#define SSL_TXT_KRB5_DES_40_CBC_MD5 SSL3_TXT_KRB5_DES_40_CBC_MD5
204#define SSL_TXT_KRB5_RC2_40_CBC_MD5 SSL3_TXT_KRB5_RC2_40_CBC_MD5
205#define SSL_TXT_KRB5_RC4_40_MD5 SSL3_TXT_KRB5_RC4_40_MD5
206
207#define SSL_TXT_KRB5_DES_40_CBC_SHA SSL3_TXT_KRB5_DES_40_CBC_SHA
208#define SSL_TXT_KRB5_DES_40_CBC_MD5 SSL3_TXT_KRB5_DES_40_CBC_MD5
209#define SSL_TXT_KRB5_DES_64_CBC_SHA SSL3_TXT_KRB5_DES_64_CBC_SHA
210#define SSL_TXT_KRB5_DES_64_CBC_MD5 SSL3_TXT_KRB5_DES_64_CBC_MD5
211#define SSL_TXT_KRB5_DES_192_CBC3_SHA SSL3_TXT_KRB5_DES_192_CBC3_SHA
212#define SSL_TXT_KRB5_DES_192_CBC3_MD5 SSL3_TXT_KRB5_DES_192_CBC3_MD5
213#define SSL_MAX_KRB5_PRINCIPAL_LENGTH 256
214
215#define SSL_MAX_SSL_SESSION_ID_LENGTH 32
216#define SSL_MAX_SID_CTX_LENGTH 32
217
218#define SSL_MIN_RSA_MODULUS_LENGTH_IN_BYTES (512/8)
219#define SSL_MAX_KEY_ARG_LENGTH 8
220#define SSL_MAX_MASTER_KEY_LENGTH 48
221
222
223/* These are used to specify which ciphers to use and not to use */
224
225#define SSL_TXT_LOW "LOW"
226#define SSL_TXT_MEDIUM "MEDIUM"
227#define SSL_TXT_HIGH "HIGH"
228
229#define SSL_TXT_kFZA "kFZA" /* unused! */
230#define SSL_TXT_aFZA "aFZA" /* unused! */
231#define SSL_TXT_eFZA "eFZA" /* unused! */
232#define SSL_TXT_FZA "FZA" /* unused! */
233
234#define SSL_TXT_aNULL "aNULL"
235#define SSL_TXT_eNULL "eNULL"
236#define SSL_TXT_NULL "NULL"
237
238#define SSL_TXT_kRSA "kRSA"
239#define SSL_TXT_kDHr "kDHr" /* no such ciphersuites supported! */
240#define SSL_TXT_kDHd "kDHd" /* no such ciphersuites supported! */
241#define SSL_TXT_kDH "kDH" /* no such ciphersuites supported! */
242#define SSL_TXT_kEDH "kEDH"
243#define SSL_TXT_kKRB5 "kKRB5"
244#define SSL_TXT_kECDHr "kECDHr"
245#define SSL_TXT_kECDHe "kECDHe"
246#define SSL_TXT_kECDH "kECDH"
247#define SSL_TXT_kEECDH "kEECDH"
248#define SSL_TXT_kPSK "kPSK"
249#define SSL_TXT_kGOST "kGOST"
250#define SSL_TXT_kSRP "kSRP"
251
252#define SSL_TXT_aRSA "aRSA"
253#define SSL_TXT_aDSS "aDSS"
254#define SSL_TXT_aDH "aDH" /* no such ciphersuites supported! */
255#define SSL_TXT_aECDH "aECDH"
256#define SSL_TXT_aKRB5 "aKRB5"
257#define SSL_TXT_aECDSA "aECDSA"
258#define SSL_TXT_aPSK "aPSK"
259#define SSL_TXT_aGOST94 "aGOST94"
260#define SSL_TXT_aGOST01 "aGOST01"
261#define SSL_TXT_aGOST "aGOST"
262
263#define SSL_TXT_DSS "DSS"
264#define SSL_TXT_DH "DH"
265#define SSL_TXT_DHE "DHE" /* same as "kDHE:-ADH" */
266#define SSL_TXT_EDH "EDH" /* previous name for DHE */
267#define SSL_TXT_ADH "ADH"
268#define SSL_TXT_RSA "RSA"
269#define SSL_TXT_ECDH "ECDH"
270#define SSL_TXT_ECDHE "ECDHE" /* same as "kECDHE:-AECDH" */
271#define SSL_TXT_EECDH "EECDH" /* previous name for ECDHE */
272#define SSL_TXT_AECDH "AECDH"
273#define SSL_TXT_ECDSA "ECDSA"
274#define SSL_TXT_KRB5 "KRB5"
275#define SSL_TXT_PSK "PSK"
276#define SSL_TXT_SRP "SRP"
277
278#define SSL_TXT_DES "DES"
279#define SSL_TXT_3DES "3DES"
280#define SSL_TXT_RC4 "RC4"
281#define SSL_TXT_RC2 "RC2"
282#define SSL_TXT_IDEA "IDEA"
283#define SSL_TXT_SEED "SEED"
284#define SSL_TXT_AES128 "AES128"
285#define SSL_TXT_AES256 "AES256"
286#define SSL_TXT_AES "AES"
287#define SSL_TXT_AES_GCM "AESGCM"
288#define SSL_TXT_CAMELLIA128 "CAMELLIA128"
289#define SSL_TXT_CAMELLIA256 "CAMELLIA256"
290#define SSL_TXT_CAMELLIA "CAMELLIA"
291#define SSL_TXT_CHACHA20 "CHACHA20"
292
293#define SSL_TXT_AEAD "AEAD"
294#define SSL_TXT_MD5 "MD5"
295#define SSL_TXT_SHA1 "SHA1"
296#define SSL_TXT_SHA "SHA" /* same as "SHA1" */
297#define SSL_TXT_GOST94 "GOST94"
298#define SSL_TXT_GOST89MAC "GOST89MAC"
299#define SSL_TXT_SHA256 "SHA256"
300#define SSL_TXT_SHA384 "SHA384"
301#define SSL_TXT_STREEBOG256 "STREEBOG256"
302#define SSL_TXT_STREEBOG512 "STREEBOG512"
303
304#define SSL_TXT_DTLS1 "DTLSv1"
305#define SSL_TXT_DTLS1_BAD "DTLSv1-bad"
306#define SSL_TXT_SSLV2 "SSLv2"
307#define SSL_TXT_SSLV3 "SSLv3"
308#define SSL_TXT_TLSV1 "TLSv1"
309#define SSL_TXT_TLSV1_1 "TLSv1.1"
310#define SSL_TXT_TLSV1_2 "TLSv1.2"
311
312#define SSL_TXT_EXP "EXP"
313#define SSL_TXT_EXPORT "EXPORT"
314
315#define SSL_TXT_ALL "ALL"
316
317/*
318 * COMPLEMENTOF* definitions. These identifiers are used to (de-select)
319 * ciphers normally not being used.
320 * Example: "RC4" will activate all ciphers using RC4 including ciphers
321 * without authentication, which would normally disabled by DEFAULT (due
322 * the "!ADH" being part of default). Therefore "RC4:!COMPLEMENTOFDEFAULT"
323 * will make sure that it is also disabled in the specific selection.
324 * COMPLEMENTOF* identifiers are portable between version, as adjustments
325 * to the default cipher setup will also be included here.
326 *
327 * COMPLEMENTOFDEFAULT does not experience the same special treatment that
328 * DEFAULT gets, as only selection is being done and no sorting as needed
329 * for DEFAULT.
330 */
331#define SSL_TXT_CMPALL "COMPLEMENTOFALL"
332#define SSL_TXT_CMPDEF "COMPLEMENTOFDEFAULT"
333
334/* The following cipher list is used by default.
335 * It also is substituted when an application-defined cipher list string
336 * starts with 'DEFAULT'. */
337#define SSL_DEFAULT_CIPHER_LIST "ALL:!aNULL:!eNULL:!SSLv2"
338/* As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always
339 * starts with a reasonable order, and all we have to do for DEFAULT is
340 * throwing out anonymous and unencrypted ciphersuites!
341 * (The latter are not actually enabled by ALL, but "ALL:RSA" would enable
342 * some of them.)
343 */
344
345/* Used in SSL_set_shutdown()/SSL_get_shutdown(); */
346#define SSL_SENT_SHUTDOWN 1
347#define SSL_RECEIVED_SHUTDOWN 2
348
349
350#define SSL_FILETYPE_ASN1 X509_FILETYPE_ASN1
351#define SSL_FILETYPE_PEM X509_FILETYPE_PEM
352
353/* This is needed to stop compilers complaining about the
354 * 'struct ssl_st *' function parameters used to prototype callbacks
355 * in SSL_CTX. */
356typedef struct ssl_st *ssl_crock_st;
357typedef struct tls_session_ticket_ext_st TLS_SESSION_TICKET_EXT;
358typedef struct ssl_method_st SSL_METHOD;
359typedef struct ssl_cipher_st SSL_CIPHER;
360typedef struct ssl_session_st SSL_SESSION;
361
362DECLARE_STACK_OF(SSL_CIPHER)
363
364/* SRTP protection profiles for use with the use_srtp extension (RFC 5764)*/
365typedef struct srtp_protection_profile_st {
366 const char *name;
367 unsigned long id;
368} SRTP_PROTECTION_PROFILE;
369
370DECLARE_STACK_OF(SRTP_PROTECTION_PROFILE)
371
372typedef int (*tls_session_ticket_ext_cb_fn)(SSL *s, const unsigned char *data,
373 int len, void *arg);
374typedef int (*tls_session_secret_cb_fn)(SSL *s, void *secret, int *secret_len,
375 STACK_OF(SSL_CIPHER) *peer_ciphers, SSL_CIPHER **cipher, void *arg);
376
377#ifndef OPENSSL_NO_SSL_INTERN
378
379/* used to hold info on the particular ciphers used */
380struct ssl_cipher_st {
381 int valid;
382 const char *name; /* text name */
383 unsigned long id; /* id, 4 bytes, first is version */
384
385 unsigned long algorithm_mkey; /* key exchange algorithm */
386 unsigned long algorithm_auth; /* server authentication */
387 unsigned long algorithm_enc; /* symmetric encryption */
388 unsigned long algorithm_mac; /* symmetric authentication */
389 unsigned long algorithm_ssl; /* (major) protocol version */
390
391 unsigned long algo_strength; /* strength and export flags */
392 unsigned long algorithm2; /* Extra flags */
393 int strength_bits; /* Number of bits really used */
394 int alg_bits; /* Number of bits for algorithm */
395};
396
397
398/* Used to hold functions for SSLv3/TLSv1 functions */
399struct ssl_method_st {
400 int version;
401 int (*ssl_new)(SSL *s);
402 void (*ssl_clear)(SSL *s);
403 void (*ssl_free)(SSL *s);
404 int (*ssl_accept)(SSL *s);
405 int (*ssl_connect)(SSL *s);
406 int (*ssl_read)(SSL *s, void *buf, int len);
407 int (*ssl_peek)(SSL *s, void *buf, int len);
408 int (*ssl_write)(SSL *s, const void *buf, int len);
409 int (*ssl_shutdown)(SSL *s);
410 int (*ssl_renegotiate)(SSL *s);
411 int (*ssl_renegotiate_check)(SSL *s);
412 long (*ssl_get_message)(SSL *s, int st1, int stn, int mt,
413 long max, int *ok);
414 int (*ssl_read_bytes)(SSL *s, int type, unsigned char *buf,
415 int len, int peek);
416 int (*ssl_write_bytes)(SSL *s, int type, const void *buf_, int len);
417 int (*ssl_dispatch_alert)(SSL *s);
418 long (*ssl_ctrl)(SSL *s, int cmd, long larg, void *parg);
419 long (*ssl_ctx_ctrl)(SSL_CTX *ctx, int cmd, long larg, void *parg);
420 const SSL_CIPHER *(*get_cipher_by_char)(const unsigned char *ptr);
421 int (*put_cipher_by_char)(const SSL_CIPHER *cipher, unsigned char *ptr);
422 int (*ssl_pending)(const SSL *s);
423 int (*num_ciphers)(void);
424 const SSL_CIPHER *(*get_cipher)(unsigned ncipher);
425 const struct ssl_method_st *(*get_ssl_method)(int version);
426 long (*get_timeout)(void);
427 struct ssl3_enc_method *ssl3_enc; /* Extra SSLv3/TLS stuff */
428 int (*ssl_version)(void);
429 long (*ssl_callback_ctrl)(SSL *s, int cb_id, void (*fp)(void));
430 long (*ssl_ctx_callback_ctrl)(SSL_CTX *s, int cb_id, void (*fp)(void));
431};
432
433/* Lets make this into an ASN.1 type structure as follows
434 * SSL_SESSION_ID ::= SEQUENCE {
435 * version INTEGER, -- structure version number
436 * SSLversion INTEGER, -- SSL version number
437 * Cipher OCTET STRING, -- the 3 byte cipher ID
438 * Session_ID OCTET STRING, -- the Session ID
439 * Master_key OCTET STRING, -- the master key
440 * KRB5_principal OCTET STRING -- optional Kerberos principal
441 * Time [ 1 ] EXPLICIT INTEGER, -- optional Start Time
442 * Timeout [ 2 ] EXPLICIT INTEGER, -- optional Timeout ins seconds
443 * Peer [ 3 ] EXPLICIT X509, -- optional Peer Certificate
444 * Session_ID_context [ 4 ] EXPLICIT OCTET STRING, -- the Session ID context
445 * Verify_result [ 5 ] EXPLICIT INTEGER, -- X509_V_... code for `Peer'
446 * HostName [ 6 ] EXPLICIT OCTET STRING, -- optional HostName from servername TLS extension
447 * PSK_identity_hint [ 7 ] EXPLICIT OCTET STRING, -- optional PSK identity hint
448 * PSK_identity [ 8 ] EXPLICIT OCTET STRING, -- optional PSK identity
449 * Ticket_lifetime_hint [9] EXPLICIT INTEGER, -- server's lifetime hint for session ticket
450 * Ticket [10] EXPLICIT OCTET STRING, -- session ticket (clients only)
451 * Compression_meth [11] EXPLICIT OCTET STRING, -- optional compression method
452 * SRP_username [ 12 ] EXPLICIT OCTET STRING -- optional SRP username
453 * }
454 * Look in ssl/ssl_asn1.c for more details
455 * I'm using EXPLICIT tags so I can read the damn things using asn1parse :-).
456 */
457struct ssl_session_st {
458 int ssl_version; /* what ssl version session info is
459 * being kept in here? */
460
461 int master_key_length;
462 unsigned char master_key[SSL_MAX_MASTER_KEY_LENGTH];
463 /* session_id - valid? */
464 unsigned int session_id_length;
465 unsigned char session_id[SSL_MAX_SSL_SESSION_ID_LENGTH];
466 /* this is used to determine whether the session is being reused in
467 * the appropriate context. It is up to the application to set this,
468 * via SSL_new */
469 unsigned int sid_ctx_length;
470 unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
471
472 /* Used to indicate that session resumption is not allowed.
473 * Applications can also set this bit for a new session via
474 * not_resumable_session_cb to disable session caching and tickets. */
475 int not_resumable;
476
477 /* The cert is the certificate used to establish this connection */
478 struct sess_cert_st /* SESS_CERT */ *sess_cert;
479
480 /* This is the cert for the other end.
481 * On clients, it will be the same as sess_cert->peer_key->x509
482 * (the latter is not enough as sess_cert is not retained
483 * in the external representation of sessions, see ssl_asn1.c). */
484 X509 *peer;
485 /* when app_verify_callback accepts a session where the peer's certificate
486 * is not ok, we must remember the error for session reuse: */
487 long verify_result; /* only for servers */
488
489 long timeout;
490 time_t time;
491 int references;
492
493 const SSL_CIPHER *cipher;
494 unsigned long cipher_id; /* when ASN.1 loaded, this
495 * needs to be used to load
496 * the 'cipher' structure */
497
498 STACK_OF(SSL_CIPHER) *ciphers; /* shared ciphers? */
499
500 CRYPTO_EX_DATA ex_data; /* application specific data */
501
502 /* These are used to make removal of session-ids more
503 * efficient and to implement a maximum cache size. */
504 struct ssl_session_st *prev, *next;
505 char *tlsext_hostname;
506 size_t tlsext_ecpointformatlist_length;
507 uint8_t *tlsext_ecpointformatlist; /* peer's list */
508 size_t tlsext_ellipticcurvelist_length;
509 uint16_t *tlsext_ellipticcurvelist; /* peer's list */
510
511 /* RFC4507 info */
512 unsigned char *tlsext_tick; /* Session ticket */
513 size_t tlsext_ticklen; /* Session ticket length */
514 long tlsext_tick_lifetime_hint; /* Session lifetime hint in seconds */
515};
516
517#endif
518
519/* Allow initial connection to servers that don't support RI */
520#define SSL_OP_LEGACY_SERVER_CONNECT 0x00000004L
521#define SSL_OP_TLSEXT_PADDING 0x00000010L
522
523/* Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added
524 * in OpenSSL 0.9.6d. Usually (depending on the application protocol)
525 * the workaround is not needed.
526 * Unfortunately some broken SSL/TLS implementations cannot handle it
527 * at all, which is why it was previously included in SSL_OP_ALL.
528 * Now it's not.
529 */
530#define SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS 0x00000800L
531
532/* DTLS options */
533#define SSL_OP_NO_QUERY_MTU 0x00001000L
534/* Turn on Cookie Exchange (on relevant for servers) */
535#define SSL_OP_COOKIE_EXCHANGE 0x00002000L
536/* Don't use RFC4507 ticket extension */
537#define SSL_OP_NO_TICKET 0x00004000L
538/* Use Cisco's "speshul" version of DTLS_BAD_VER (as client) */
539#define SSL_OP_CISCO_ANYCONNECT 0x00008000L
540
541/* As server, disallow session resumption on renegotiation */
542#define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0x00010000L
543/* Don't use compression even if supported */
544#define SSL_OP_NO_COMPRESSION 0x00020000L
545/* If set, always create a new key when using tmp_ecdh parameters */
546#define SSL_OP_SINGLE_ECDH_USE 0x00080000L
547/* If set, always create a new key when using tmp_dh parameters */
548#define SSL_OP_SINGLE_DH_USE 0x00100000L
549/* Set on servers to choose the cipher according to the server's
550 * preferences */
551#define SSL_OP_CIPHER_SERVER_PREFERENCE 0x00400000L
552/* If set, a server will allow a client to issue a SSLv3.0 version number
553 * as latest version supported in the premaster secret, even when TLSv1.0
554 * (version 3.1) was announced in the client hello. Normally this is
555 * forbidden to prevent version rollback attacks. */
556#define SSL_OP_TLS_ROLLBACK_BUG 0x00800000L
557
558#define SSL_OP_NO_SSLv2 0x01000000L
559#define SSL_OP_NO_SSLv3 0x02000000L
560#define SSL_OP_NO_TLSv1 0x04000000L
561#define SSL_OP_NO_TLSv1_2 0x08000000L
562#define SSL_OP_NO_TLSv1_1 0x10000000L
563
564/* Make server add server-hello extension from early version of
565 * cryptopro draft, when GOST ciphersuite is negotiated.
566 * Required for interoperability with CryptoPro CSP 3.x
567 */
568#define SSL_OP_CRYPTOPRO_TLSEXT_BUG 0x80000000L
569
570/* SSL_OP_ALL: various bug workarounds that should be rather harmless. */
571#define SSL_OP_ALL \
572 (SSL_OP_LEGACY_SERVER_CONNECT | \
573 SSL_OP_TLSEXT_PADDING | \
574 SSL_OP_CRYPTOPRO_TLSEXT_BUG)
575
576/* Obsolete flags kept for compatibility. No sane code should use them. */
577#define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x0
578#define SSL_OP_EPHEMERAL_RSA 0x0
579#define SSL_OP_MICROSOFT_SESS_ID_BUG 0x0
580#define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x0
581#define SSL_OP_NETSCAPE_CA_DN_BUG 0x0
582#define SSL_OP_NETSCAPE_CHALLENGE_BUG 0x0
583#define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG 0x0
584#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x0
585#define SSL_OP_PKCS1_CHECK_1 0x0
586#define SSL_OP_PKCS1_CHECK_2 0x0
587#define SSL_OP_SAFARI_ECDHE_ECDSA_BUG 0x0
588#define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x0
589#define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x0
590#define SSL_OP_TLS_BLOCK_PADDING_BUG 0x0
591#define SSL_OP_TLS_D5_BUG 0x0
592#define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x0
593
594/* Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success
595 * when just a single record has been written): */
596#define SSL_MODE_ENABLE_PARTIAL_WRITE 0x00000001L
597/* Make it possible to retry SSL_write() with changed buffer location
598 * (buffer contents must stay the same!); this is not the default to avoid
599 * the misconception that non-blocking SSL_write() behaves like
600 * non-blocking write(): */
601#define SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER 0x00000002L
602/* Never bother the application with retries if the transport
603 * is blocking: */
604#define SSL_MODE_AUTO_RETRY 0x00000004L
605/* Don't attempt to automatically build certificate chain */
606#define SSL_MODE_NO_AUTO_CHAIN 0x00000008L
607/* Save RAM by releasing read and write buffers when they're empty. (SSL3 and
608 * TLS only.) "Released" buffers are put onto a free-list in the context
609 * or just freed (depending on the context's setting for freelist_max_len). */
610#define SSL_MODE_RELEASE_BUFFERS 0x00000010L
611
612/* Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value,
613 * they cannot be used to clear bits. */
614
615#define SSL_CTX_set_options(ctx,op) \
616 SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,(op),NULL)
617#define SSL_CTX_clear_options(ctx,op) \
618 SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_OPTIONS,(op),NULL)
619#define SSL_CTX_get_options(ctx) \
620 SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,0,NULL)
621#define SSL_set_options(ssl,op) \
622 SSL_ctrl((ssl),SSL_CTRL_OPTIONS,(op),NULL)
623#define SSL_clear_options(ssl,op) \
624 SSL_ctrl((ssl),SSL_CTRL_CLEAR_OPTIONS,(op),NULL)
625#define SSL_get_options(ssl) \
626 SSL_ctrl((ssl),SSL_CTRL_OPTIONS,0,NULL)
627
628#define SSL_CTX_set_mode(ctx,op) \
629 SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,(op),NULL)
630#define SSL_CTX_clear_mode(ctx,op) \
631 SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_MODE,(op),NULL)
632#define SSL_CTX_get_mode(ctx) \
633 SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,0,NULL)
634#define SSL_clear_mode(ssl,op) \
635 SSL_ctrl((ssl),SSL_CTRL_CLEAR_MODE,(op),NULL)
636#define SSL_set_mode(ssl,op) \
637 SSL_ctrl((ssl),SSL_CTRL_MODE,(op),NULL)
638#define SSL_get_mode(ssl) \
639 SSL_ctrl((ssl),SSL_CTRL_MODE,0,NULL)
640#define SSL_set_mtu(ssl, mtu) \
641 SSL_ctrl((ssl),SSL_CTRL_SET_MTU,(mtu),NULL)
642
643#define SSL_get_secure_renegotiation_support(ssl) \
644 SSL_ctrl((ssl), SSL_CTRL_GET_RI_SUPPORT, 0, NULL)
645
646void SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p,
647 int version, int content_type, const void *buf, size_t len, SSL *ssl,
648 void *arg));
649void SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version,
650 int content_type, const void *buf, size_t len, SSL *ssl, void *arg));
651#define SSL_CTX_set_msg_callback_arg(ctx, arg) SSL_CTX_ctrl((ctx), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
652#define SSL_set_msg_callback_arg(ssl, arg) SSL_ctrl((ssl), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
653
654struct ssl_aead_ctx_st;
655typedef struct ssl_aead_ctx_st SSL_AEAD_CTX;
656
657#define SSL_MAX_CERT_LIST_DEFAULT 1024*100 /* 100k max cert list :-) */
658
659#define SSL_SESSION_CACHE_MAX_SIZE_DEFAULT (1024*20)
660
661/* This callback type is used inside SSL_CTX, SSL, and in the functions that set
662 * them. It is used to override the generation of SSL/TLS session IDs in a
663 * server. Return value should be zero on an error, non-zero to proceed. Also,
664 * callbacks should themselves check if the id they generate is unique otherwise
665 * the SSL handshake will fail with an error - callbacks can do this using the
666 * 'ssl' value they're passed by;
667 * SSL_has_matching_session_id(ssl, id, *id_len)
668 * The length value passed in is set at the maximum size the session ID can be.
669 * In SSLv2 this is 16 bytes, whereas SSLv3/TLSv1 it is 32 bytes. The callback
670 * can alter this length to be less if desired, but under SSLv2 session IDs are
671 * supposed to be fixed at 16 bytes so the id will be padded after the callback
672 * returns in this case. It is also an error for the callback to set the size to
673 * zero. */
674typedef int (*GEN_SESSION_CB)(const SSL *ssl, unsigned char *id,
675 unsigned int *id_len);
676
677typedef struct ssl_comp_st SSL_COMP;
678
679#ifndef OPENSSL_NO_SSL_INTERN
680
681struct ssl_comp_st {
682 int id;
683 const char *name;
684};
685
686DECLARE_STACK_OF(SSL_COMP)
687DECLARE_LHASH_OF(SSL_SESSION);
688
689struct ssl_ctx_st {
690 const SSL_METHOD *method;
691
692 STACK_OF(SSL_CIPHER) *cipher_list;
693 /* same as above but sorted for lookup */
694 STACK_OF(SSL_CIPHER) *cipher_list_by_id;
695
696 struct x509_store_st /* X509_STORE */ *cert_store;
697 LHASH_OF(SSL_SESSION) *sessions;
698 /* Most session-ids that will be cached, default is
699 * SSL_SESSION_CACHE_MAX_SIZE_DEFAULT. 0 is unlimited. */
700 unsigned long session_cache_size;
701 struct ssl_session_st *session_cache_head;
702 struct ssl_session_st *session_cache_tail;
703
704 /* This can have one of 2 values, ored together,
705 * SSL_SESS_CACHE_CLIENT,
706 * SSL_SESS_CACHE_SERVER,
707 * Default is SSL_SESSION_CACHE_SERVER, which means only
708 * SSL_accept which cache SSL_SESSIONS. */
709 int session_cache_mode;
710
711 /* If timeout is not 0, it is the default timeout value set
712 * when SSL_new() is called. This has been put in to make
713 * life easier to set things up */
714 long session_timeout;
715
716 /* If this callback is not null, it will be called each
717 * time a session id is added to the cache. If this function
718 * returns 1, it means that the callback will do a
719 * SSL_SESSION_free() when it has finished using it. Otherwise,
720 * on 0, it means the callback has finished with it.
721 * If remove_session_cb is not null, it will be called when
722 * a session-id is removed from the cache. After the call,
723 * OpenSSL will SSL_SESSION_free() it. */
724 int (*new_session_cb)(struct ssl_st *ssl, SSL_SESSION *sess);
725 void (*remove_session_cb)(struct ssl_ctx_st *ctx, SSL_SESSION *sess);
726 SSL_SESSION *(*get_session_cb)(struct ssl_st *ssl,
727 unsigned char *data, int len, int *copy);
728
729 struct {
730 int sess_connect; /* SSL new conn - started */
731 int sess_connect_renegotiate;/* SSL reneg - requested */
732 int sess_connect_good; /* SSL new conne/reneg - finished */
733 int sess_accept; /* SSL new accept - started */
734 int sess_accept_renegotiate;/* SSL reneg - requested */
735 int sess_accept_good; /* SSL accept/reneg - finished */
736 int sess_miss; /* session lookup misses */
737 int sess_timeout; /* reuse attempt on timeouted session */
738 int sess_cache_full; /* session removed due to full cache */
739 int sess_hit; /* session reuse actually done */
740 int sess_cb_hit; /* session-id that was not
741 * in the cache was
742 * passed back via the callback. This
743 * indicates that the application is
744 * supplying session-id's from other
745 * processes - spooky :-) */
746 } stats;
747
748 int references;
749
750 /* if defined, these override the X509_verify_cert() calls */
751 int (*app_verify_callback)(X509_STORE_CTX *, void *);
752 void *app_verify_arg;
753
754 /* Default password callback. */
755 pem_password_cb *default_passwd_callback;
756
757 /* Default password callback user data. */
758 void *default_passwd_callback_userdata;
759
760 /* get client cert callback */
761 int (*client_cert_cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey);
762
763 /* cookie generate callback */
764 int (*app_gen_cookie_cb)(SSL *ssl, unsigned char *cookie,
765 unsigned int *cookie_len);
766
767 /* verify cookie callback */
768 int (*app_verify_cookie_cb)(SSL *ssl, unsigned char *cookie,
769 unsigned int cookie_len);
770
771 CRYPTO_EX_DATA ex_data;
772
773 const EVP_MD *md5; /* For SSLv3/TLSv1 'ssl3-md5' */
774 const EVP_MD *sha1; /* For SSLv3/TLSv1 'ssl3-sha1' */
775
776 STACK_OF(X509) *extra_certs;
777
778 /* Default values used when no per-SSL value is defined follow */
779
780 void (*info_callback)(const SSL *ssl,int type,int val); /* used if SSL's info_callback is NULL */
781
782 /* what we put in client cert requests */
783 STACK_OF(X509_NAME) *client_CA;
784
785
786 /* Default values to use in SSL structures follow (these are copied by SSL_new) */
787
788 unsigned long options;
789 unsigned long mode;
790 long max_cert_list;
791
792 struct cert_st /* CERT */ *cert;
793 int read_ahead;
794
795 /* callback that allows applications to peek at protocol messages */
796 void (*msg_callback)(int write_p, int version, int content_type,
797 const void *buf, size_t len, SSL *ssl, void *arg);
798 void *msg_callback_arg;
799
800 int verify_mode;
801 unsigned int sid_ctx_length;
802 unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
803 int (*default_verify_callback)(int ok,X509_STORE_CTX *ctx); /* called 'verify_callback' in the SSL */
804
805 /* Default generate session ID callback. */
806 GEN_SESSION_CB generate_session_id;
807
808 X509_VERIFY_PARAM *param;
809
810 int quiet_shutdown;
811
812 /* Maximum amount of data to send in one fragment.
813 * actual record size can be more than this due to
814 * padding and MAC overheads.
815 */
816 unsigned int max_send_fragment;
817
818#ifndef OPENSSL_NO_ENGINE
819 /* Engine to pass requests for client certs to
820 */
821 ENGINE *client_cert_engine;
822#endif
823
824 /* TLS extensions servername callback */
825 int (*tlsext_servername_callback)(SSL*, int *, void *);
826 void *tlsext_servername_arg;
827 /* RFC 4507 session ticket keys */
828 unsigned char tlsext_tick_key_name[16];
829 unsigned char tlsext_tick_hmac_key[16];
830 unsigned char tlsext_tick_aes_key[16];
831 /* Callback to support customisation of ticket key setting */
832 int (*tlsext_ticket_key_cb)(SSL *ssl, unsigned char *name,
833 unsigned char *iv, EVP_CIPHER_CTX *ectx, HMAC_CTX *hctx, int enc);
834
835 /* certificate status request info */
836 /* Callback for status request */
837 int (*tlsext_status_cb)(SSL *ssl, void *arg);
838 void *tlsext_status_arg;
839
840
841
842
843 /* Next protocol negotiation information */
844 /* (for experimental NPN extension). */
845
846 /* For a server, this contains a callback function by which the set of
847 * advertised protocols can be provided. */
848 int (*next_protos_advertised_cb)(SSL *s, const unsigned char **buf,
849 unsigned int *len, void *arg);
850 void *next_protos_advertised_cb_arg;
851 /* For a client, this contains a callback function that selects the
852 * next protocol from the list provided by the server. */
853 int (*next_proto_select_cb)(SSL *s, unsigned char **out,
854 unsigned char *outlen, const unsigned char *in,
855 unsigned int inlen, void *arg);
856 void *next_proto_select_cb_arg;
857
858 /*
859 * ALPN information
860 * (we are in the process of transitioning from NPN to ALPN).
861 */
862
863 /*
864 * Server callback function that allows the server to select the
865 * protocol for the connection.
866 * out: on successful return, this must point to the raw protocol
867 * name (without the length prefix).
868 * outlen: on successful return, this contains the length of out.
869 * in: points to the client's list of supported protocols in
870 * wire-format.
871 * inlen: the length of in.
872 */
873 int (*alpn_select_cb)(SSL *s, const unsigned char **out,
874 unsigned char *outlen, const unsigned char *in, unsigned int inlen,
875 void *arg);
876 void *alpn_select_cb_arg;
877
878 /* Client list of supported protocols in wire format. */
879 unsigned char *alpn_client_proto_list;
880 unsigned int alpn_client_proto_list_len;
881
882 /* SRTP profiles we are willing to do from RFC 5764 */
883 STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles;
884};
885
886#endif
887
888#define SSL_SESS_CACHE_OFF 0x0000
889#define SSL_SESS_CACHE_CLIENT 0x0001
890#define SSL_SESS_CACHE_SERVER 0x0002
891#define SSL_SESS_CACHE_BOTH (SSL_SESS_CACHE_CLIENT|SSL_SESS_CACHE_SERVER)
892#define SSL_SESS_CACHE_NO_AUTO_CLEAR 0x0080
893/* enough comments already ... see SSL_CTX_set_session_cache_mode(3) */
894#define SSL_SESS_CACHE_NO_INTERNAL_LOOKUP 0x0100
895#define SSL_SESS_CACHE_NO_INTERNAL_STORE 0x0200
896#define SSL_SESS_CACHE_NO_INTERNAL \
897 (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP|SSL_SESS_CACHE_NO_INTERNAL_STORE)
898
899LHASH_OF(SSL_SESSION) *SSL_CTX_sessions(SSL_CTX *ctx);
900#define SSL_CTX_sess_number(ctx) \
901 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_NUMBER,0,NULL)
902#define SSL_CTX_sess_connect(ctx) \
903 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT,0,NULL)
904#define SSL_CTX_sess_connect_good(ctx) \
905 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_GOOD,0,NULL)
906#define SSL_CTX_sess_connect_renegotiate(ctx) \
907 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_RENEGOTIATE,0,NULL)
908#define SSL_CTX_sess_accept(ctx) \
909 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT,0,NULL)
910#define SSL_CTX_sess_accept_renegotiate(ctx) \
911 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT_RENEGOTIATE,0,NULL)
912#define SSL_CTX_sess_accept_good(ctx) \
913 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT_GOOD,0,NULL)
914#define SSL_CTX_sess_hits(ctx) \
915 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_HIT,0,NULL)
916#define SSL_CTX_sess_cb_hits(ctx) \
917 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CB_HIT,0,NULL)
918#define SSL_CTX_sess_misses(ctx) \
919 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_MISSES,0,NULL)
920#define SSL_CTX_sess_timeouts(ctx) \
921 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_TIMEOUTS,0,NULL)
922#define SSL_CTX_sess_cache_full(ctx) \
923 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CACHE_FULL,0,NULL)
924
925void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx,
926 int (*new_session_cb)(struct ssl_st *ssl, SSL_SESSION *sess));
927int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx))(struct ssl_st *ssl,
928 SSL_SESSION *sess);
929void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx,
930 void (*remove_session_cb)(struct ssl_ctx_st *ctx, SSL_SESSION *sess));
931void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx))(struct ssl_ctx_st *ctx,
932 SSL_SESSION *sess);
933void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx,
934 SSL_SESSION *(*get_session_cb)(struct ssl_st *ssl, unsigned char *data,
935 int len, int *copy));
936SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx))(struct ssl_st *ssl,
937 unsigned char *Data, int len, int *copy);
938void SSL_CTX_set_info_callback(SSL_CTX *ctx, void (*cb)(const SSL *ssl,
939 int type, int val));
940void (*SSL_CTX_get_info_callback(SSL_CTX *ctx))(const SSL *ssl, int type,
941 int val);
942void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx,
943 int (*client_cert_cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey));
944int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx))(SSL *ssl, X509 **x509,
945 EVP_PKEY **pkey);
946#ifndef OPENSSL_NO_ENGINE
947int SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e);
948#endif
949void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx,
950 int (*app_gen_cookie_cb)(SSL *ssl, unsigned char *cookie,
951 unsigned int *cookie_len));
952void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx,
953 int (*app_verify_cookie_cb)(SSL *ssl, unsigned char *cookie,
954 unsigned int cookie_len));
955void
956SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *s, int (*cb)(SSL *ssl,
957 const unsigned char **out, unsigned int *outlen, void *arg), void *arg);
958void SSL_CTX_set_next_proto_select_cb(SSL_CTX *s, int (*cb)(SSL *ssl,
959 unsigned char **out, unsigned char *outlen, const unsigned char *in,
960 unsigned int inlen, void *arg), void *arg);
961
962int SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
963 const unsigned char *in, unsigned int inlen, const unsigned char *client,
964 unsigned int client_len);
965void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data,
966 unsigned *len);
967
968#define OPENSSL_NPN_UNSUPPORTED 0
969#define OPENSSL_NPN_NEGOTIATED 1
970#define OPENSSL_NPN_NO_OVERLAP 2
971
972int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos,
973 unsigned int protos_len);
974int SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos,
975 unsigned int protos_len);
976void SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx,
977 int (*cb)(SSL *ssl, const unsigned char **out, unsigned char *outlen,
978 const unsigned char *in, unsigned int inlen, void *arg), void *arg);
979void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
980 unsigned int *len);
981
982#define SSL_NOTHING 1
983#define SSL_WRITING 2
984#define SSL_READING 3
985#define SSL_X509_LOOKUP 4
986
987/* These will only be used when doing non-blocking IO */
988#define SSL_want_nothing(s) (SSL_want(s) == SSL_NOTHING)
989#define SSL_want_read(s) (SSL_want(s) == SSL_READING)
990#define SSL_want_write(s) (SSL_want(s) == SSL_WRITING)
991#define SSL_want_x509_lookup(s) (SSL_want(s) == SSL_X509_LOOKUP)
992
993#define SSL_MAC_FLAG_READ_MAC_STREAM 1
994#define SSL_MAC_FLAG_WRITE_MAC_STREAM 2
995
996#ifndef OPENSSL_NO_SSL_INTERN
997
998struct ssl_st {
999 /* protocol version
1000 * (one of SSL2_VERSION, SSL3_VERSION, TLS1_VERSION, DTLS1_VERSION)
1001 */
1002 int version;
1003 int type; /* SSL_ST_CONNECT or SSL_ST_ACCEPT */
1004
1005 const SSL_METHOD *method; /* SSLv3 */
1006
1007 /* There are 2 BIO's even though they are normally both the
1008 * same. This is so data can be read and written to different
1009 * handlers */
1010
1011#ifndef OPENSSL_NO_BIO
1012 BIO *rbio; /* used by SSL_read */
1013 BIO *wbio; /* used by SSL_write */
1014 BIO *bbio; /* used during session-id reuse to concatenate
1015 * messages */
1016#else
1017 char *rbio; /* used by SSL_read */
1018 char *wbio; /* used by SSL_write */
1019 char *bbio;
1020#endif
1021 /* This holds a variable that indicates what we were doing
1022 * when a 0 or -1 is returned. This is needed for
1023 * non-blocking IO so we know what request needs re-doing when
1024 * in SSL_accept or SSL_connect */
1025 int rwstate;
1026
1027 /* true when we are actually in SSL_accept() or SSL_connect() */
1028 int in_handshake;
1029 int (*handshake_func)(SSL *);
1030
1031 /* Imagine that here's a boolean member "init" that is
1032 * switched as soon as SSL_set_{accept/connect}_state
1033 * is called for the first time, so that "state" and
1034 * "handshake_func" are properly initialized. But as
1035 * handshake_func is == 0 until then, we use this
1036 * test instead of an "init" member.
1037 */
1038
1039 int server; /* are we the server side? - mostly used by SSL_clear*/
1040
1041 int new_session;/* Generate a new session or reuse an old one.
1042 * NB: For servers, the 'new' session may actually be a previously
1043 * cached session or even the previous session unless
1044 * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is set */
1045 int quiet_shutdown;/* don't send shutdown packets */
1046 int shutdown; /* we have shut things down, 0x01 sent, 0x02
1047 * for received */
1048 int state; /* where we are */
1049 int rstate; /* where we are when reading */
1050
1051 BUF_MEM *init_buf; /* buffer used during init */
1052 void *init_msg; /* pointer to handshake message body, set by ssl3_get_message() */
1053 int init_num; /* amount read/written */
1054 int init_off; /* amount read/written */
1055
1056 /* used internally to point at a raw packet */
1057 unsigned char *packet;
1058 unsigned int packet_length;
1059
1060 struct ssl3_state_st *s3; /* SSLv3 variables */
1061 struct dtls1_state_st *d1; /* DTLSv1 variables */
1062
1063 int read_ahead; /* Read as many input bytes as possible
1064 * (for non-blocking reads) */
1065
1066 /* callback that allows applications to peek at protocol messages */
1067 void (*msg_callback)(int write_p, int version, int content_type,
1068 const void *buf, size_t len, SSL *ssl, void *arg);
1069 void *msg_callback_arg;
1070
1071 int hit; /* reusing a previous session */
1072
1073 X509_VERIFY_PARAM *param;
1074
1075 /* crypto */
1076 STACK_OF(SSL_CIPHER) *cipher_list;
1077 STACK_OF(SSL_CIPHER) *cipher_list_by_id;
1078
1079 /* These are the ones being used, the ones in SSL_SESSION are
1080 * the ones to be 'copied' into these ones */
1081 int mac_flags;
1082
1083 SSL_AEAD_CTX *aead_read_ctx; /* AEAD context. If non-NULL, then
1084 enc_read_ctx and read_hash are
1085 ignored. */
1086
1087 EVP_CIPHER_CTX *enc_read_ctx; /* cryptographic state */
1088 EVP_MD_CTX *read_hash; /* used for mac generation */
1089
1090 SSL_AEAD_CTX *aead_write_ctx; /* AEAD context. If non-NULL, then
1091 enc_write_ctx and write_hash are
1092 ignored. */
1093
1094 EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */
1095 EVP_MD_CTX *write_hash; /* used for mac generation */
1096
1097 /* session info */
1098
1099 /* client cert? */
1100 /* This is used to hold the server certificate used */
1101 struct cert_st /* CERT */ *cert;
1102
1103 /* the session_id_context is used to ensure sessions are only reused
1104 * in the appropriate context */
1105 unsigned int sid_ctx_length;
1106 unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
1107
1108 /* This can also be in the session once a session is established */
1109 SSL_SESSION *session;
1110
1111 /* Default generate session ID callback. */
1112 GEN_SESSION_CB generate_session_id;
1113
1114 /* Used in SSL2 and SSL3 */
1115 int verify_mode; /* 0 don't care about verify failure.
1116 * 1 fail if verify fails */
1117 int (*verify_callback)(int ok,X509_STORE_CTX *ctx); /* fail if callback returns 0 */
1118
1119 void (*info_callback)(const SSL *ssl,int type,int val); /* optional informational callback */
1120
1121 int error; /* error bytes to be written */
1122 int error_code; /* actual code */
1123
1124
1125
1126 SSL_CTX *ctx;
1127 /* set this flag to 1 and a sleep(1) is put into all SSL_read()
1128 * and SSL_write() calls, good for nbio debuging :-) */
1129 int debug;
1130
1131
1132 /* extra application data */
1133 long verify_result;
1134 CRYPTO_EX_DATA ex_data;
1135
1136 /* for server side, keep the list of CA_dn we can use */
1137 STACK_OF(X509_NAME) *client_CA;
1138
1139 int references;
1140 unsigned long options; /* protocol behaviour */
1141 unsigned long mode; /* API behaviour */
1142 long max_cert_list;
1143 int first_packet;
1144 int client_version; /* what was passed, used for
1145 * SSLv3/TLS rollback check */
1146 unsigned int max_send_fragment;
1147 /* TLS extension debug callback */
1148 void (*tlsext_debug_cb)(SSL *s, int client_server, int type,
1149 unsigned char *data, int len, void *arg);
1150 void *tlsext_debug_arg;
1151 char *tlsext_hostname;
1152 int servername_done; /* no further mod of servername
1153 0 : call the servername extension callback.
1154 1 : prepare 2, allow last ack just after in server callback.
1155 2 : don't call servername callback, no ack in server hello
1156 */
1157 /* certificate status request info */
1158 /* Status type or -1 if no status type */
1159 int tlsext_status_type;
1160 /* Expect OCSP CertificateStatus message */
1161 int tlsext_status_expected;
1162 /* OCSP status request only */
1163 STACK_OF(OCSP_RESPID) *tlsext_ocsp_ids;
1164 X509_EXTENSIONS *tlsext_ocsp_exts;
1165 /* OCSP response received or to be sent */
1166 unsigned char *tlsext_ocsp_resp;
1167 int tlsext_ocsp_resplen;
1168
1169 /* RFC4507 session ticket expected to be received or sent */
1170 int tlsext_ticket_expected;
1171 size_t tlsext_ecpointformatlist_length;
1172 uint8_t *tlsext_ecpointformatlist; /* our list */
1173 size_t tlsext_ellipticcurvelist_length;
1174 uint16_t *tlsext_ellipticcurvelist; /* our list */
1175
1176 /* TLS Session Ticket extension override */
1177 TLS_SESSION_TICKET_EXT *tlsext_session_ticket;
1178
1179 /* TLS Session Ticket extension callback */
1180 tls_session_ticket_ext_cb_fn tls_session_ticket_ext_cb;
1181 void *tls_session_ticket_ext_cb_arg;
1182
1183 /* TLS pre-shared secret session resumption */
1184 tls_session_secret_cb_fn tls_session_secret_cb;
1185 void *tls_session_secret_cb_arg;
1186
1187 SSL_CTX * initial_ctx; /* initial ctx, used to store sessions */
1188
1189 /* Next protocol negotiation. For the client, this is the protocol that
1190 * we sent in NextProtocol and is set when handling ServerHello
1191 * extensions.
1192 *
1193 * For a server, this is the client's selected_protocol from
1194 * NextProtocol and is set when handling the NextProtocol message,
1195 * before the Finished message. */
1196 unsigned char *next_proto_negotiated;
1197 unsigned char next_proto_negotiated_len;
1198
1199#define session_ctx initial_ctx
1200
1201 STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles; /* What we'll do */
1202 SRTP_PROTECTION_PROFILE *srtp_profile; /* What's been chosen */
1203
1204 unsigned int tlsext_heartbeat; /* Is use of the Heartbeat extension negotiated?
1205 0: disabled
1206 1: enabled
1207 2: enabled, but not allowed to send Requests
1208 */
1209 unsigned int tlsext_hb_pending; /* Indicates if a HeartbeatRequest is in flight */
1210 unsigned int tlsext_hb_seq; /* HeartbeatRequest sequence number */
1211
1212 /* Client list of supported protocols in wire format. */
1213 unsigned char *alpn_client_proto_list;
1214 unsigned int alpn_client_proto_list_len;
1215
1216 int renegotiate;/* 1 if we are renegotiating.
1217 * 2 if we are a server and are inside a handshake
1218 * (i.e. not just sending a HelloRequest) */
1219
1220};
1221
1222#endif
1223
1224#ifdef __cplusplus
1225}
1226#endif
1227
1228#include <openssl/ssl2.h>
1229#include <openssl/ssl3.h>
1230#include <openssl/tls1.h> /* This is mostly sslv3 with a few tweaks */
1231#include <openssl/dtls1.h> /* Datagram TLS */
1232#include <openssl/ssl23.h>
1233#include <openssl/srtp.h> /* Support for the use_srtp extension */
1234
1235#ifdef __cplusplus
1236extern "C" {
1237#endif
1238
1239/* compatibility */
1240#define SSL_set_app_data(s,arg) (SSL_set_ex_data(s,0,(char *)arg))
1241#define SSL_get_app_data(s) (SSL_get_ex_data(s,0))
1242#define SSL_SESSION_set_app_data(s,a) (SSL_SESSION_set_ex_data(s,0,(char *)a))
1243#define SSL_SESSION_get_app_data(s) (SSL_SESSION_get_ex_data(s,0))
1244#define SSL_CTX_get_app_data(ctx) (SSL_CTX_get_ex_data(ctx,0))
1245#define SSL_CTX_set_app_data(ctx,arg) (SSL_CTX_set_ex_data(ctx,0,(char *)arg))
1246
1247/* The following are the possible values for ssl->state are are
1248 * used to indicate where we are up to in the SSL connection establishment.
1249 * The macros that follow are about the only things you should need to use
1250 * and even then, only when using non-blocking IO.
1251 * It can also be useful to work out where you were when the connection
1252 * failed */
1253
1254#define SSL_ST_CONNECT 0x1000
1255#define SSL_ST_ACCEPT 0x2000
1256#define SSL_ST_MASK 0x0FFF
1257#define SSL_ST_INIT (SSL_ST_CONNECT|SSL_ST_ACCEPT)
1258#define SSL_ST_BEFORE 0x4000
1259#define SSL_ST_OK 0x03
1260#define SSL_ST_RENEGOTIATE (0x04|SSL_ST_INIT)
1261
1262#define SSL_CB_LOOP 0x01
1263#define SSL_CB_EXIT 0x02
1264#define SSL_CB_READ 0x04
1265#define SSL_CB_WRITE 0x08
1266#define SSL_CB_ALERT 0x4000 /* used in callback */
1267#define SSL_CB_READ_ALERT (SSL_CB_ALERT|SSL_CB_READ)
1268#define SSL_CB_WRITE_ALERT (SSL_CB_ALERT|SSL_CB_WRITE)
1269#define SSL_CB_ACCEPT_LOOP (SSL_ST_ACCEPT|SSL_CB_LOOP)
1270#define SSL_CB_ACCEPT_EXIT (SSL_ST_ACCEPT|SSL_CB_EXIT)
1271#define SSL_CB_CONNECT_LOOP (SSL_ST_CONNECT|SSL_CB_LOOP)
1272#define SSL_CB_CONNECT_EXIT (SSL_ST_CONNECT|SSL_CB_EXIT)
1273#define SSL_CB_HANDSHAKE_START 0x10
1274#define SSL_CB_HANDSHAKE_DONE 0x20
1275
1276/* Is the SSL_connection established? */
1277#define SSL_get_state(a) SSL_state(a)
1278#define SSL_is_init_finished(a) (SSL_state(a) == SSL_ST_OK)
1279#define SSL_in_init(a) (SSL_state(a)&SSL_ST_INIT)
1280#define SSL_in_before(a) (SSL_state(a)&SSL_ST_BEFORE)
1281#define SSL_in_connect_init(a) (SSL_state(a)&SSL_ST_CONNECT)
1282#define SSL_in_accept_init(a) (SSL_state(a)&SSL_ST_ACCEPT)
1283
1284/* The following 2 states are kept in ssl->rstate when reads fail,
1285 * you should not need these */
1286#define SSL_ST_READ_HEADER 0xF0
1287#define SSL_ST_READ_BODY 0xF1
1288#define SSL_ST_READ_DONE 0xF2
1289
1290/* Obtain latest Finished message
1291 * -- that we sent (SSL_get_finished)
1292 * -- that we expected from peer (SSL_get_peer_finished).
1293 * Returns length (0 == no Finished so far), copies up to 'count' bytes. */
1294size_t SSL_get_finished(const SSL *s, void *buf, size_t count);
1295size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count);
1296
1297/* use either SSL_VERIFY_NONE or SSL_VERIFY_PEER, the last 2 options
1298 * are 'ored' with SSL_VERIFY_PEER if they are desired */
1299#define SSL_VERIFY_NONE 0x00
1300#define SSL_VERIFY_PEER 0x01
1301#define SSL_VERIFY_FAIL_IF_NO_PEER_CERT 0x02
1302#define SSL_VERIFY_CLIENT_ONCE 0x04
1303
1304#define OpenSSL_add_ssl_algorithms() SSL_library_init()
1305#define SSLeay_add_ssl_algorithms() SSL_library_init()
1306
1307/* More backward compatibility */
1308#define SSL_get_cipher(s) \
1309 SSL_CIPHER_get_name(SSL_get_current_cipher(s))
1310#define SSL_get_cipher_bits(s,np) \
1311 SSL_CIPHER_get_bits(SSL_get_current_cipher(s),np)
1312#define SSL_get_cipher_version(s) \
1313 SSL_CIPHER_get_version(SSL_get_current_cipher(s))
1314#define SSL_get_cipher_name(s) \
1315 SSL_CIPHER_get_name(SSL_get_current_cipher(s))
1316#define SSL_get_time(a) SSL_SESSION_get_time(a)
1317#define SSL_set_time(a,b) SSL_SESSION_set_time((a),(b))
1318#define SSL_get_timeout(a) SSL_SESSION_get_timeout(a)
1319#define SSL_set_timeout(a,b) SSL_SESSION_set_timeout((a),(b))
1320
1321#define d2i_SSL_SESSION_bio(bp,s_id) ASN1_d2i_bio_of(SSL_SESSION,SSL_SESSION_new,d2i_SSL_SESSION,bp,s_id)
1322#define i2d_SSL_SESSION_bio(bp,s_id) ASN1_i2d_bio_of(SSL_SESSION,i2d_SSL_SESSION,bp,s_id)
1323
1324DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
1325
1326#define SSL_AD_REASON_OFFSET 1000 /* offset to get SSL_R_... value from SSL_AD_... */
1327
1328/* These alert types are for SSLv3 and TLSv1 */
1329#define SSL_AD_CLOSE_NOTIFY SSL3_AD_CLOSE_NOTIFY
1330#define SSL_AD_UNEXPECTED_MESSAGE SSL3_AD_UNEXPECTED_MESSAGE /* fatal */
1331#define SSL_AD_BAD_RECORD_MAC SSL3_AD_BAD_RECORD_MAC /* fatal */
1332#define SSL_AD_DECRYPTION_FAILED TLS1_AD_DECRYPTION_FAILED
1333#define SSL_AD_RECORD_OVERFLOW TLS1_AD_RECORD_OVERFLOW
1334#define SSL_AD_DECOMPRESSION_FAILURE SSL3_AD_DECOMPRESSION_FAILURE/* fatal */
1335#define SSL_AD_HANDSHAKE_FAILURE SSL3_AD_HANDSHAKE_FAILURE/* fatal */
1336#define SSL_AD_NO_CERTIFICATE SSL3_AD_NO_CERTIFICATE /* Not for TLS */
1337#define SSL_AD_BAD_CERTIFICATE SSL3_AD_BAD_CERTIFICATE
1338#define SSL_AD_UNSUPPORTED_CERTIFICATE SSL3_AD_UNSUPPORTED_CERTIFICATE
1339#define SSL_AD_CERTIFICATE_REVOKED SSL3_AD_CERTIFICATE_REVOKED
1340#define SSL_AD_CERTIFICATE_EXPIRED SSL3_AD_CERTIFICATE_EXPIRED
1341#define SSL_AD_CERTIFICATE_UNKNOWN SSL3_AD_CERTIFICATE_UNKNOWN
1342#define SSL_AD_ILLEGAL_PARAMETER SSL3_AD_ILLEGAL_PARAMETER /* fatal */
1343#define SSL_AD_UNKNOWN_CA TLS1_AD_UNKNOWN_CA /* fatal */
1344#define SSL_AD_ACCESS_DENIED TLS1_AD_ACCESS_DENIED /* fatal */
1345#define SSL_AD_DECODE_ERROR TLS1_AD_DECODE_ERROR /* fatal */
1346#define SSL_AD_DECRYPT_ERROR TLS1_AD_DECRYPT_ERROR
1347#define SSL_AD_EXPORT_RESTRICTION TLS1_AD_EXPORT_RESTRICTION/* fatal */
1348#define SSL_AD_PROTOCOL_VERSION TLS1_AD_PROTOCOL_VERSION /* fatal */
1349#define SSL_AD_INSUFFICIENT_SECURITY TLS1_AD_INSUFFICIENT_SECURITY/* fatal */
1350#define SSL_AD_INTERNAL_ERROR TLS1_AD_INTERNAL_ERROR /* fatal */
1351#define SSL_AD_INAPPROPRIATE_FALLBACK TLS1_AD_INAPPROPRIATE_FALLBACK /* fatal */
1352#define SSL_AD_USER_CANCELLED TLS1_AD_USER_CANCELLED
1353#define SSL_AD_NO_RENEGOTIATION TLS1_AD_NO_RENEGOTIATION
1354#define SSL_AD_UNSUPPORTED_EXTENSION TLS1_AD_UNSUPPORTED_EXTENSION
1355#define SSL_AD_CERTIFICATE_UNOBTAINABLE TLS1_AD_CERTIFICATE_UNOBTAINABLE
1356#define SSL_AD_UNRECOGNIZED_NAME TLS1_AD_UNRECOGNIZED_NAME
1357#define SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE
1358#define SSL_AD_BAD_CERTIFICATE_HASH_VALUE TLS1_AD_BAD_CERTIFICATE_HASH_VALUE
1359#define SSL_AD_UNKNOWN_PSK_IDENTITY TLS1_AD_UNKNOWN_PSK_IDENTITY /* fatal */
1360
1361#define SSL_ERROR_NONE 0
1362#define SSL_ERROR_SSL 1
1363#define SSL_ERROR_WANT_READ 2
1364#define SSL_ERROR_WANT_WRITE 3
1365#define SSL_ERROR_WANT_X509_LOOKUP 4
1366#define SSL_ERROR_SYSCALL 5 /* look at error stack/return value/errno */
1367#define SSL_ERROR_ZERO_RETURN 6
1368#define SSL_ERROR_WANT_CONNECT 7
1369#define SSL_ERROR_WANT_ACCEPT 8
1370
1371#define SSL_CTRL_NEED_TMP_RSA 1
1372#define SSL_CTRL_SET_TMP_RSA 2
1373#define SSL_CTRL_SET_TMP_DH 3
1374#define SSL_CTRL_SET_TMP_ECDH 4
1375#define SSL_CTRL_SET_TMP_RSA_CB 5
1376#define SSL_CTRL_SET_TMP_DH_CB 6
1377#define SSL_CTRL_SET_TMP_ECDH_CB 7
1378
1379#define SSL_CTRL_GET_SESSION_REUSED 8
1380#define SSL_CTRL_GET_CLIENT_CERT_REQUEST 9
1381#define SSL_CTRL_GET_NUM_RENEGOTIATIONS 10
1382#define SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS 11
1383#define SSL_CTRL_GET_TOTAL_RENEGOTIATIONS 12
1384#define SSL_CTRL_GET_FLAGS 13
1385#define SSL_CTRL_EXTRA_CHAIN_CERT 14
1386
1387#define SSL_CTRL_SET_MSG_CALLBACK 15
1388#define SSL_CTRL_SET_MSG_CALLBACK_ARG 16
1389
1390/* only applies to datagram connections */
1391#define SSL_CTRL_SET_MTU 17
1392/* Stats */
1393#define SSL_CTRL_SESS_NUMBER 20
1394#define SSL_CTRL_SESS_CONNECT 21
1395#define SSL_CTRL_SESS_CONNECT_GOOD 22
1396#define SSL_CTRL_SESS_CONNECT_RENEGOTIATE 23
1397#define SSL_CTRL_SESS_ACCEPT 24
1398#define SSL_CTRL_SESS_ACCEPT_GOOD 25
1399#define SSL_CTRL_SESS_ACCEPT_RENEGOTIATE 26
1400#define SSL_CTRL_SESS_HIT 27
1401#define SSL_CTRL_SESS_CB_HIT 28
1402#define SSL_CTRL_SESS_MISSES 29
1403#define SSL_CTRL_SESS_TIMEOUTS 30
1404#define SSL_CTRL_SESS_CACHE_FULL 31
1405#define SSL_CTRL_OPTIONS 32
1406#define SSL_CTRL_MODE 33
1407
1408#define SSL_CTRL_GET_READ_AHEAD 40
1409#define SSL_CTRL_SET_READ_AHEAD 41
1410#define SSL_CTRL_SET_SESS_CACHE_SIZE 42
1411#define SSL_CTRL_GET_SESS_CACHE_SIZE 43
1412#define SSL_CTRL_SET_SESS_CACHE_MODE 44
1413#define SSL_CTRL_GET_SESS_CACHE_MODE 45
1414
1415#define SSL_CTRL_GET_MAX_CERT_LIST 50
1416#define SSL_CTRL_SET_MAX_CERT_LIST 51
1417
1418#define SSL_CTRL_SET_MAX_SEND_FRAGMENT 52
1419
1420/* see tls1.h for macros based on these */
1421#define SSL_CTRL_SET_TLSEXT_SERVERNAME_CB 53
1422#define SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG 54
1423#define SSL_CTRL_SET_TLSEXT_HOSTNAME 55
1424#define SSL_CTRL_SET_TLSEXT_DEBUG_CB 56
1425#define SSL_CTRL_SET_TLSEXT_DEBUG_ARG 57
1426#define SSL_CTRL_GET_TLSEXT_TICKET_KEYS 58
1427#define SSL_CTRL_SET_TLSEXT_TICKET_KEYS 59
1428#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB 63
1429#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG 64
1430#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE 65
1431#define SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS 66
1432#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS 67
1433#define SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS 68
1434#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS 69
1435#define SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP 70
1436#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP 71
1437
1438#define SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB 72
1439
1440#define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB 75
1441#define SSL_CTRL_SET_SRP_VERIFY_PARAM_CB 76
1442#define SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB 77
1443
1444#define SSL_CTRL_SET_SRP_ARG 78
1445#define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME 79
1446#define SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH 80
1447#define SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD 81
1448
1449#define DTLS_CTRL_GET_TIMEOUT 73
1450#define DTLS_CTRL_HANDLE_TIMEOUT 74
1451#define DTLS_CTRL_LISTEN 75
1452
1453#define SSL_CTRL_GET_RI_SUPPORT 76
1454#define SSL_CTRL_CLEAR_OPTIONS 77
1455#define SSL_CTRL_CLEAR_MODE 78
1456
1457#define SSL_CTRL_GET_EXTRA_CHAIN_CERTS 82
1458#define SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS 83
1459
1460#define SSL_CTRL_SET_ECDH_AUTO 94
1461
1462#define SSL_CTRL_SET_DH_AUTO 118
1463
1464#define DTLSv1_get_timeout(ssl, arg) \
1465 SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg)
1466#define DTLSv1_handle_timeout(ssl) \
1467 SSL_ctrl(ssl,DTLS_CTRL_HANDLE_TIMEOUT,0, NULL)
1468#define DTLSv1_listen(ssl, peer) \
1469 SSL_ctrl(ssl,DTLS_CTRL_LISTEN,0, (void *)peer)
1470
1471#define SSL_session_reused(ssl) \
1472 SSL_ctrl((ssl),SSL_CTRL_GET_SESSION_REUSED,0,NULL)
1473#define SSL_num_renegotiations(ssl) \
1474 SSL_ctrl((ssl),SSL_CTRL_GET_NUM_RENEGOTIATIONS,0,NULL)
1475#define SSL_clear_num_renegotiations(ssl) \
1476 SSL_ctrl((ssl),SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS,0,NULL)
1477#define SSL_total_renegotiations(ssl) \
1478 SSL_ctrl((ssl),SSL_CTRL_GET_TOTAL_RENEGOTIATIONS,0,NULL)
1479
1480#define SSL_CTX_need_tmp_RSA(ctx) \
1481 SSL_CTX_ctrl(ctx,SSL_CTRL_NEED_TMP_RSA,0,NULL)
1482#define SSL_CTX_set_tmp_rsa(ctx,rsa) \
1483 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_RSA,0,(char *)rsa)
1484#define SSL_CTX_set_tmp_dh(ctx,dh) \
1485 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH,0,(char *)dh)
1486#define SSL_CTX_set_tmp_ecdh(ctx,ecdh) \
1487 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_ECDH,0,(char *)ecdh)
1488#define SSL_CTX_set_dh_auto(ctx, onoff) \
1489 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_DH_AUTO,onoff,NULL)
1490#define SSL_CTX_set_ecdh_auto(ctx, onoff) \
1491 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_ECDH_AUTO,onoff,NULL)
1492
1493#define SSL_need_tmp_RSA(ssl) \
1494 SSL_ctrl(ssl,SSL_CTRL_NEED_TMP_RSA,0,NULL)
1495#define SSL_set_tmp_rsa(ssl,rsa) \
1496 SSL_ctrl(ssl,SSL_CTRL_SET_TMP_RSA,0,(char *)rsa)
1497#define SSL_set_tmp_dh(ssl,dh) \
1498 SSL_ctrl(ssl,SSL_CTRL_SET_TMP_DH,0,(char *)dh)
1499#define SSL_set_tmp_ecdh(ssl,ecdh) \
1500 SSL_ctrl(ssl,SSL_CTRL_SET_TMP_ECDH,0,(char *)ecdh)
1501#define SSL_set_dh_auto(s, onoff) \
1502 SSL_ctrl(s,SSL_CTRL_SET_DH_AUTO,onoff,NULL)
1503#define SSL_set_ecdh_auto(s, onoff) \
1504 SSL_ctrl(s,SSL_CTRL_SET_ECDH_AUTO,onoff,NULL)
1505
1506#define SSL_CTX_add_extra_chain_cert(ctx,x509) \
1507 SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)x509)
1508#define SSL_CTX_get_extra_chain_certs(ctx,px509) \
1509 SSL_CTX_ctrl(ctx,SSL_CTRL_GET_EXTRA_CHAIN_CERTS,0,px509)
1510#define SSL_CTX_clear_extra_chain_certs(ctx) \
1511 SSL_CTX_ctrl(ctx,SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS,0,NULL)
1512
1513#ifndef OPENSSL_NO_BIO
1514BIO_METHOD *BIO_f_ssl(void);
1515BIO *BIO_new_ssl(SSL_CTX *ctx, int client);
1516BIO *BIO_new_ssl_connect(SSL_CTX *ctx);
1517BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx);
1518int BIO_ssl_copy_session_id(BIO *to, BIO *from);
1519void BIO_ssl_shutdown(BIO *ssl_bio);
1520#endif
1521
1522int SSL_CTX_set_cipher_list(SSL_CTX *, const char *str);
1523SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth);
1524void SSL_CTX_free(SSL_CTX *);
1525long SSL_CTX_set_timeout(SSL_CTX *ctx, long t);
1526long SSL_CTX_get_timeout(const SSL_CTX *ctx);
1527X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *);
1528void SSL_CTX_set_cert_store(SSL_CTX *, X509_STORE *);
1529int SSL_want(const SSL *s);
1530int SSL_clear(SSL *s);
1531
1532void SSL_CTX_flush_sessions(SSL_CTX *ctx, long tm);
1533
1534const SSL_CIPHER *SSL_get_current_cipher(const SSL *s);
1535const SSL_CIPHER *SSL_CIPHER_get_by_id(unsigned int id);
1536const SSL_CIPHER *SSL_CIPHER_get_by_value(uint16_t value);
1537int SSL_CIPHER_get_bits(const SSL_CIPHER *c, int *alg_bits);
1538char * SSL_CIPHER_get_version(const SSL_CIPHER *c);
1539const char * SSL_CIPHER_get_name(const SSL_CIPHER *c);
1540unsigned long SSL_CIPHER_get_id(const SSL_CIPHER *c);
1541uint16_t SSL_CIPHER_get_value(const SSL_CIPHER *c);
1542
1543int SSL_get_fd(const SSL *s);
1544int SSL_get_rfd(const SSL *s);
1545int SSL_get_wfd(const SSL *s);
1546const char * SSL_get_cipher_list(const SSL *s, int n);
1547char * SSL_get_shared_ciphers(const SSL *s, char *buf, int len);
1548int SSL_get_read_ahead(const SSL * s);
1549int SSL_pending(const SSL *s);
1550int SSL_set_fd(SSL *s, int fd);
1551int SSL_set_rfd(SSL *s, int fd);
1552int SSL_set_wfd(SSL *s, int fd);
1553#ifndef OPENSSL_NO_BIO
1554void SSL_set_bio(SSL *s, BIO *rbio, BIO *wbio);
1555BIO * SSL_get_rbio(const SSL *s);
1556BIO * SSL_get_wbio(const SSL *s);
1557#endif
1558int SSL_set_cipher_list(SSL *s, const char *str);
1559void SSL_set_read_ahead(SSL *s, int yes);
1560int SSL_get_verify_mode(const SSL *s);
1561int SSL_get_verify_depth(const SSL *s);
1562int (*SSL_get_verify_callback(const SSL *s))(int, X509_STORE_CTX *);
1563void SSL_set_verify(SSL *s, int mode,
1564 int (*callback)(int ok, X509_STORE_CTX *ctx));
1565void SSL_set_verify_depth(SSL *s, int depth);
1566int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
1567int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
1568int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
1569int SSL_use_PrivateKey_ASN1(int pk, SSL *ssl, const unsigned char *d, long len);
1570int SSL_use_certificate(SSL *ssl, X509 *x);
1571int SSL_use_certificate_ASN1(SSL *ssl, const unsigned char *d, int len);
1572
1573int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);
1574int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type);
1575int SSL_use_certificate_file(SSL *ssl, const char *file, int type);
1576int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type);
1577int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type);
1578int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type);
1579int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file); /* PEM type */
1580int SSL_CTX_use_certificate_chain_mem(SSL_CTX *ctx, void *buf, int len);
1581STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file);
1582int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
1583 const char *file);
1584int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
1585 const char *dir);
1586
1587void SSL_load_error_strings(void );
1588const char *SSL_state_string(const SSL *s);
1589const char *SSL_rstate_string(const SSL *s);
1590const char *SSL_state_string_long(const SSL *s);
1591const char *SSL_rstate_string_long(const SSL *s);
1592long SSL_SESSION_get_time(const SSL_SESSION *s);
1593long SSL_SESSION_set_time(SSL_SESSION *s, long t);
1594long SSL_SESSION_get_timeout(const SSL_SESSION *s);
1595long SSL_SESSION_set_timeout(SSL_SESSION *s, long t);
1596void SSL_copy_session_id(SSL *to, const SSL *from);
1597X509 *SSL_SESSION_get0_peer(SSL_SESSION *s);
1598int
1599SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx,
1600unsigned int sid_ctx_len);
1601
1602SSL_SESSION *SSL_SESSION_new(void);
1603const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s,
1604 unsigned int *len);
1605unsigned int SSL_SESSION_get_compress_id(const SSL_SESSION *s);
1606int SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *ses);
1607#ifndef OPENSSL_NO_BIO
1608int SSL_SESSION_print(BIO *fp, const SSL_SESSION *ses);
1609#endif
1610void SSL_SESSION_free(SSL_SESSION *ses);
1611int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp);
1612int SSL_set_session(SSL *to, SSL_SESSION *session);
1613int SSL_CTX_add_session(SSL_CTX *s, SSL_SESSION *c);
1614int SSL_CTX_remove_session(SSL_CTX *, SSL_SESSION *c);
1615int SSL_CTX_set_generate_session_id(SSL_CTX *, GEN_SESSION_CB);
1616int SSL_set_generate_session_id(SSL *, GEN_SESSION_CB);
1617int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
1618 unsigned int id_len);
1619SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
1620 long length);
1621
1622#ifdef HEADER_X509_H
1623X509 * SSL_get_peer_certificate(const SSL *s);
1624#endif
1625
1626STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *s);
1627
1628int SSL_CTX_get_verify_mode(const SSL_CTX *ctx);
1629int SSL_CTX_get_verify_depth(const SSL_CTX *ctx);
1630int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))(int, X509_STORE_CTX *);
1631void SSL_CTX_set_verify(SSL_CTX *ctx, int mode,
1632 int (*callback)(int, X509_STORE_CTX *));
1633void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth);
1634void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, int (*cb)(X509_STORE_CTX *, void *), void *arg);
1635int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
1636int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, const unsigned char *d, long len);
1637int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
1638int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx, const unsigned char *d, long len);
1639int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
1640int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, const unsigned char *d);
1641
1642void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb);
1643void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u);
1644
1645int SSL_CTX_check_private_key(const SSL_CTX *ctx);
1646int SSL_check_private_key(const SSL *ctx);
1647
1648int SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx, unsigned int sid_ctx_len);
1649
1650SSL *SSL_new(SSL_CTX *ctx);
1651int SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx, unsigned int sid_ctx_len);
1652
1653int SSL_CTX_set_purpose(SSL_CTX *s, int purpose);
1654int SSL_set_purpose(SSL *s, int purpose);
1655int SSL_CTX_set_trust(SSL_CTX *s, int trust);
1656int SSL_set_trust(SSL *s, int trust);
1657
1658int SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm);
1659int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm);
1660
1661
1662void SSL_free(SSL *ssl);
1663int SSL_accept(SSL *ssl);
1664int SSL_connect(SSL *ssl);
1665int SSL_read(SSL *ssl, void *buf, int num);
1666int SSL_peek(SSL *ssl, void *buf, int num);
1667int SSL_write(SSL *ssl, const void *buf, int num);
1668long SSL_ctrl(SSL *ssl, int cmd, long larg, void *parg);
1669long SSL_callback_ctrl(SSL *, int, void (*)(void));
1670long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg);
1671long SSL_CTX_callback_ctrl(SSL_CTX *, int, void (*)(void));
1672
1673int SSL_get_error(const SSL *s, int ret_code);
1674const char *SSL_get_version(const SSL *s);
1675
1676/* This sets the 'default' SSL version that SSL_new() will create */
1677int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth);
1678
1679const SSL_METHOD *SSLv3_method(void); /* SSLv3 */
1680const SSL_METHOD *SSLv3_server_method(void); /* SSLv3 */
1681const SSL_METHOD *SSLv3_client_method(void); /* SSLv3 */
1682
1683const SSL_METHOD *SSLv23_method(void); /* SSLv3 or TLSv1.* */
1684const SSL_METHOD *SSLv23_server_method(void); /* SSLv3 or TLSv1.* */
1685const SSL_METHOD *SSLv23_client_method(void); /* SSLv3 or TLSv1.* */
1686
1687const SSL_METHOD *TLSv1_method(void); /* TLSv1.0 */
1688const SSL_METHOD *TLSv1_server_method(void); /* TLSv1.0 */
1689const SSL_METHOD *TLSv1_client_method(void); /* TLSv1.0 */
1690
1691const SSL_METHOD *TLSv1_1_method(void); /* TLSv1.1 */
1692const SSL_METHOD *TLSv1_1_server_method(void); /* TLSv1.1 */
1693const SSL_METHOD *TLSv1_1_client_method(void); /* TLSv1.1 */
1694
1695const SSL_METHOD *TLSv1_2_method(void); /* TLSv1.2 */
1696const SSL_METHOD *TLSv1_2_server_method(void); /* TLSv1.2 */
1697const SSL_METHOD *TLSv1_2_client_method(void); /* TLSv1.2 */
1698
1699const SSL_METHOD *TLS_method(void); /* TLS v1.0 or later */
1700const SSL_METHOD *TLS_server_method(void); /* TLS v1.0 or later */
1701const SSL_METHOD *TLS_client_method(void); /* TLS v1.0 or later */
1702
1703const SSL_METHOD *DTLSv1_method(void); /* DTLSv1.0 */
1704const SSL_METHOD *DTLSv1_server_method(void); /* DTLSv1.0 */
1705const SSL_METHOD *DTLSv1_client_method(void); /* DTLSv1.0 */
1706
1707STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s);
1708
1709int SSL_do_handshake(SSL *s);
1710int SSL_renegotiate(SSL *s);
1711int SSL_renegotiate_abbreviated(SSL *s);
1712int SSL_renegotiate_pending(SSL *s);
1713int SSL_shutdown(SSL *s);
1714
1715const SSL_METHOD *SSL_get_ssl_method(SSL *s);
1716int SSL_set_ssl_method(SSL *s, const SSL_METHOD *method);
1717const char *SSL_alert_type_string_long(int value);
1718const char *SSL_alert_type_string(int value);
1719const char *SSL_alert_desc_string_long(int value);
1720const char *SSL_alert_desc_string(int value);
1721
1722void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *name_list);
1723void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *name_list);
1724STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *s);
1725STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *s);
1726int SSL_add_client_CA(SSL *ssl, X509 *x);
1727int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x);
1728
1729void SSL_set_connect_state(SSL *s);
1730void SSL_set_accept_state(SSL *s);
1731
1732long SSL_get_default_timeout(const SSL *s);
1733
1734int SSL_library_init(void );
1735
1736char *SSL_CIPHER_description(const SSL_CIPHER *, char *buf, int size);
1737STACK_OF(X509_NAME) *SSL_dup_CA_list(STACK_OF(X509_NAME) *sk);
1738
1739SSL *SSL_dup(SSL *ssl);
1740
1741X509 *SSL_get_certificate(const SSL *ssl);
1742/* EVP_PKEY */ struct evp_pkey_st *SSL_get_privatekey(SSL *ssl);
1743
1744void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx,int mode);
1745int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx);
1746void SSL_set_quiet_shutdown(SSL *ssl,int mode);
1747int SSL_get_quiet_shutdown(const SSL *ssl);
1748void SSL_set_shutdown(SSL *ssl,int mode);
1749int SSL_get_shutdown(const SSL *ssl);
1750int SSL_version(const SSL *ssl);
1751int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx);
1752int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
1753 const char *CApath);
1754int SSL_CTX_load_verify_mem(SSL_CTX *ctx, void *buf, int len);
1755#define SSL_get0_session SSL_get_session /* just peek at pointer */
1756SSL_SESSION *SSL_get_session(const SSL *ssl);
1757SSL_SESSION *SSL_get1_session(SSL *ssl); /* obtain a reference count */
1758SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl);
1759SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX* ctx);
1760void SSL_set_info_callback(SSL *ssl,
1761 void (*cb)(const SSL *ssl, int type, int val));
1762void (*SSL_get_info_callback(const SSL *ssl))(const SSL *ssl, int type, int val);
1763int SSL_state(const SSL *ssl);
1764void SSL_set_state(SSL *ssl, int state);
1765
1766void SSL_set_verify_result(SSL *ssl, long v);
1767long SSL_get_verify_result(const SSL *ssl);
1768
1769int SSL_set_ex_data(SSL *ssl, int idx, void *data);
1770void *SSL_get_ex_data(const SSL *ssl, int idx);
1771int SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
1772 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
1773
1774int SSL_SESSION_set_ex_data(SSL_SESSION *ss, int idx, void *data);
1775void *SSL_SESSION_get_ex_data(const SSL_SESSION *ss, int idx);
1776int SSL_SESSION_get_ex_new_index(long argl, void *argp,
1777 CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func,
1778 CRYPTO_EX_free *free_func);
1779
1780int SSL_CTX_set_ex_data(SSL_CTX *ssl, int idx, void *data);
1781void *SSL_CTX_get_ex_data(const SSL_CTX *ssl, int idx);
1782int SSL_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
1783 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
1784
1785int SSL_get_ex_data_X509_STORE_CTX_idx(void );
1786
1787#define SSL_CTX_sess_set_cache_size(ctx,t) \
1788 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_SIZE,t,NULL)
1789#define SSL_CTX_sess_get_cache_size(ctx) \
1790 SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_SIZE,0,NULL)
1791#define SSL_CTX_set_session_cache_mode(ctx,m) \
1792 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_MODE,m,NULL)
1793#define SSL_CTX_get_session_cache_mode(ctx) \
1794 SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_MODE,0,NULL)
1795
1796#define SSL_CTX_get_default_read_ahead(ctx) SSL_CTX_get_read_ahead(ctx)
1797#define SSL_CTX_set_default_read_ahead(ctx,m) SSL_CTX_set_read_ahead(ctx,m)
1798#define SSL_CTX_get_read_ahead(ctx) \
1799 SSL_CTX_ctrl(ctx,SSL_CTRL_GET_READ_AHEAD,0,NULL)
1800#define SSL_CTX_set_read_ahead(ctx,m) \
1801 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_READ_AHEAD,m,NULL)
1802#define SSL_CTX_get_max_cert_list(ctx) \
1803 SSL_CTX_ctrl(ctx,SSL_CTRL_GET_MAX_CERT_LIST,0,NULL)
1804#define SSL_CTX_set_max_cert_list(ctx,m) \
1805 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_MAX_CERT_LIST,m,NULL)
1806#define SSL_get_max_cert_list(ssl) \
1807 SSL_ctrl(ssl,SSL_CTRL_GET_MAX_CERT_LIST,0,NULL)
1808#define SSL_set_max_cert_list(ssl,m) \
1809 SSL_ctrl(ssl,SSL_CTRL_SET_MAX_CERT_LIST,m,NULL)
1810
1811#define SSL_CTX_set_max_send_fragment(ctx,m) \
1812 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_MAX_SEND_FRAGMENT,m,NULL)
1813#define SSL_set_max_send_fragment(ssl,m) \
1814 SSL_ctrl(ssl,SSL_CTRL_SET_MAX_SEND_FRAGMENT,m,NULL)
1815
1816/* NB: the keylength is only applicable when is_export is true */
1817void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx,
1818 RSA *(*cb)(SSL *ssl, int is_export, int keylength));
1819
1820void SSL_set_tmp_rsa_callback(SSL *ssl,
1821 RSA *(*cb)(SSL *ssl, int is_export, int keylength));
1822void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
1823 DH *(*dh)(SSL *ssl, int is_export, int keylength));
1824void SSL_set_tmp_dh_callback(SSL *ssl,
1825 DH *(*dh)(SSL *ssl, int is_export, int keylength));
1826void SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx,
1827 EC_KEY *(*ecdh)(SSL *ssl, int is_export, int keylength));
1828void SSL_set_tmp_ecdh_callback(SSL *ssl,
1829 EC_KEY *(*ecdh)(SSL *ssl, int is_export, int keylength));
1830
1831const void *SSL_get_current_compression(SSL *s);
1832const void *SSL_get_current_expansion(SSL *s);
1833
1834const char *SSL_COMP_get_name(const void *comp);
1835void *SSL_COMP_get_compression_methods(void);
1836int SSL_COMP_add_compression_method(int id, void *cm);
1837
1838/* TLS extensions functions */
1839int SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len);
1840
1841int SSL_set_session_ticket_ext_cb(SSL *s,
1842 tls_session_ticket_ext_cb_fn cb, void *arg);
1843
1844/* Pre-shared secret session resumption functions */
1845int SSL_set_session_secret_cb(SSL *s,
1846 tls_session_secret_cb_fn tls_session_secret_cb, void *arg);
1847
1848void SSL_set_debug(SSL *s, int debug);
1849int SSL_cache_hit(SSL *s);
1850
1851/* BEGIN ERROR CODES */
1852/* The following lines are auto generated by the script mkerr.pl. Any changes
1853 * made after this point may be overwritten when the script is next run.
1854 */
1855void ERR_load_SSL_strings(void);
1856
1857/* Error codes for the SSL functions. */
1858
1859/* Function codes. */
1860#define SSL_F_CLIENT_CERTIFICATE 100
1861#define SSL_F_CLIENT_FINISHED 167
1862#define SSL_F_CLIENT_HELLO 101
1863#define SSL_F_CLIENT_MASTER_KEY 102
1864#define SSL_F_D2I_SSL_SESSION 103
1865#define SSL_F_DO_DTLS1_WRITE 245
1866#define SSL_F_DO_SSL3_WRITE 104
1867#define SSL_F_DTLS1_ACCEPT 246
1868#define SSL_F_DTLS1_ADD_CERT_TO_BUF 295
1869#define SSL_F_DTLS1_BUFFER_RECORD 247
1870#define SSL_F_DTLS1_CHECK_TIMEOUT_NUM 316
1871#define SSL_F_DTLS1_CLIENT_HELLO 248
1872#define SSL_F_DTLS1_CONNECT 249
1873#define SSL_F_DTLS1_ENC 250
1874#define SSL_F_DTLS1_GET_HELLO_VERIFY 251
1875#define SSL_F_DTLS1_GET_MESSAGE 252
1876#define SSL_F_DTLS1_GET_MESSAGE_FRAGMENT 253
1877#define SSL_F_DTLS1_GET_RECORD 254
1878#define SSL_F_DTLS1_HANDLE_TIMEOUT 297
1879#define SSL_F_DTLS1_HEARTBEAT 305
1880#define SSL_F_DTLS1_OUTPUT_CERT_CHAIN 255
1881#define SSL_F_DTLS1_PREPROCESS_FRAGMENT 288
1882#define SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE 256
1883#define SSL_F_DTLS1_PROCESS_RECORD 257
1884#define SSL_F_DTLS1_READ_BYTES 258
1885#define SSL_F_DTLS1_READ_FAILED 259
1886#define SSL_F_DTLS1_SEND_CERTIFICATE_REQUEST 260
1887#define SSL_F_DTLS1_SEND_CLIENT_CERTIFICATE 261
1888#define SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE 262
1889#define SSL_F_DTLS1_SEND_CLIENT_VERIFY 263
1890#define SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST 264
1891#define SSL_F_DTLS1_SEND_SERVER_CERTIFICATE 265
1892#define SSL_F_DTLS1_SEND_SERVER_HELLO 266
1893#define SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE 267
1894#define SSL_F_DTLS1_WRITE_APP_DATA_BYTES 268
1895#define SSL_F_GET_CLIENT_FINISHED 105
1896#define SSL_F_GET_CLIENT_HELLO 106
1897#define SSL_F_GET_CLIENT_MASTER_KEY 107
1898#define SSL_F_GET_SERVER_FINISHED 108
1899#define SSL_F_GET_SERVER_HELLO 109
1900#define SSL_F_GET_SERVER_VERIFY 110
1901#define SSL_F_I2D_SSL_SESSION 111
1902#define SSL_F_READ_N 112
1903#define SSL_F_REQUEST_CERTIFICATE 113
1904#define SSL_F_SERVER_FINISH 239
1905#define SSL_F_SERVER_HELLO 114
1906#define SSL_F_SERVER_VERIFY 240
1907#define SSL_F_SSL23_ACCEPT 115
1908#define SSL_F_SSL23_CLIENT_HELLO 116
1909#define SSL_F_SSL23_CONNECT 117
1910#define SSL_F_SSL23_GET_CLIENT_HELLO 118
1911#define SSL_F_SSL23_GET_SERVER_HELLO 119
1912#define SSL_F_SSL23_PEEK 237
1913#define SSL_F_SSL23_READ 120
1914#define SSL_F_SSL23_WRITE 121
1915#define SSL_F_SSL2_ACCEPT 122
1916#define SSL_F_SSL2_CONNECT 123
1917#define SSL_F_SSL2_ENC_INIT 124
1918#define SSL_F_SSL2_GENERATE_KEY_MATERIAL 241
1919#define SSL_F_SSL2_PEEK 234
1920#define SSL_F_SSL2_READ 125
1921#define SSL_F_SSL2_READ_INTERNAL 236
1922#define SSL_F_SSL2_SET_CERTIFICATE 126
1923#define SSL_F_SSL2_WRITE 127
1924#define SSL_F_SSL3_ACCEPT 128
1925#define SSL_F_SSL3_ADD_CERT_TO_BUF 296
1926#define SSL_F_SSL3_CALLBACK_CTRL 233
1927#define SSL_F_SSL3_CHANGE_CIPHER_STATE 129
1928#define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM 130
1929#define SSL_F_SSL3_CHECK_CLIENT_HELLO 304
1930#define SSL_F_SSL3_CLIENT_HELLO 131
1931#define SSL_F_SSL3_CONNECT 132
1932#define SSL_F_SSL3_CTRL 213
1933#define SSL_F_SSL3_CTX_CTRL 133
1934#define SSL_F_SSL3_DIGEST_CACHED_RECORDS 293
1935#define SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC 292
1936#define SSL_F_SSL3_ENC 134
1937#define SSL_F_SSL3_GENERATE_KEY_BLOCK 238
1938#define SSL_F_SSL3_GET_CERTIFICATE_REQUEST 135
1939#define SSL_F_SSL3_GET_CERT_STATUS 289
1940#define SSL_F_SSL3_GET_CERT_VERIFY 136
1941#define SSL_F_SSL3_GET_CLIENT_CERTIFICATE 137
1942#define SSL_F_SSL3_GET_CLIENT_HELLO 138
1943#define SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE 139
1944#define SSL_F_SSL3_GET_FINISHED 140
1945#define SSL_F_SSL3_GET_KEY_EXCHANGE 141
1946#define SSL_F_SSL3_GET_MESSAGE 142
1947#define SSL_F_SSL3_GET_NEW_SESSION_TICKET 283
1948#define SSL_F_SSL3_GET_NEXT_PROTO 306
1949#define SSL_F_SSL3_GET_RECORD 143
1950#define SSL_F_SSL3_GET_SERVER_CERTIFICATE 144
1951#define SSL_F_SSL3_GET_SERVER_DONE 145
1952#define SSL_F_SSL3_GET_SERVER_HELLO 146
1953#define SSL_F_SSL3_HANDSHAKE_MAC 285
1954#define SSL_F_SSL3_NEW_SESSION_TICKET 287
1955#define SSL_F_SSL3_OUTPUT_CERT_CHAIN 147
1956#define SSL_F_SSL3_PEEK 235
1957#define SSL_F_SSL3_READ_BYTES 148
1958#define SSL_F_SSL3_READ_N 149
1959#define SSL_F_SSL3_SEND_CERTIFICATE_REQUEST 150
1960#define SSL_F_SSL3_SEND_CLIENT_CERTIFICATE 151
1961#define SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE 152
1962#define SSL_F_SSL3_SEND_CLIENT_VERIFY 153
1963#define SSL_F_SSL3_SEND_SERVER_CERTIFICATE 154
1964#define SSL_F_SSL3_SEND_SERVER_HELLO 242
1965#define SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE 155
1966#define SSL_F_SSL3_SETUP_KEY_BLOCK 157
1967#define SSL_F_SSL3_SETUP_READ_BUFFER 156
1968#define SSL_F_SSL3_SETUP_WRITE_BUFFER 291
1969#define SSL_F_SSL3_WRITE_BYTES 158
1970#define SSL_F_SSL3_WRITE_PENDING 159
1971#define SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT 298
1972#define SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT 277
1973#define SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT 307
1974#define SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK 215
1975#define SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK 216
1976#define SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT 299
1977#define SSL_F_SSL_ADD_SERVERHELLO_TLSEXT 278
1978#define SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT 308
1979#define SSL_F_SSL_BAD_METHOD 160
1980#define SSL_F_SSL_BYTES_TO_CIPHER_LIST 161
1981#define SSL_F_SSL_CERT_DUP 221
1982#define SSL_F_SSL_CERT_INST 222
1983#define SSL_F_SSL_CERT_INSTANTIATE 214
1984#define SSL_F_SSL_CERT_NEW 162
1985#define SSL_F_SSL_CHECK_PRIVATE_KEY 163
1986#define SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT 280
1987#define SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG 279
1988#define SSL_F_SSL_CIPHER_PROCESS_RULESTR 230
1989#define SSL_F_SSL_CIPHER_STRENGTH_SORT 231
1990#define SSL_F_SSL_CLEAR 164
1991#define SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD 165
1992#define SSL_F_SSL_CREATE_CIPHER_LIST 166
1993#define SSL_F_SSL_CTRL 232
1994#define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY 168
1995#define SSL_F_SSL_CTX_MAKE_PROFILES 309
1996#define SSL_F_SSL_CTX_NEW 169
1997#define SSL_F_SSL_CTX_SET_CIPHER_LIST 269
1998#define SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE 290
1999#define SSL_F_SSL_CTX_SET_PURPOSE 226
2000#define SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT 219
2001#define SSL_F_SSL_CTX_SET_SSL_VERSION 170
2002#define SSL_F_SSL_CTX_SET_TRUST 229
2003#define SSL_F_SSL_CTX_USE_CERTIFICATE 171
2004#define SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1 172
2005#define SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE 220
2006#define SSL_F_SSL_CTX_USE_CERTIFICATE_FILE 173
2007#define SSL_F_SSL_CTX_USE_PRIVATEKEY 174
2008#define SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1 175
2009#define SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE 176
2010#define SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT 272
2011#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY 177
2012#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1 178
2013#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE 179
2014#define SSL_F_SSL_DO_HANDSHAKE 180
2015#define SSL_F_SSL_GET_NEW_SESSION 181
2016#define SSL_F_SSL_GET_PREV_SESSION 217
2017#define SSL_F_SSL_GET_SERVER_SEND_CERT 182
2018#define SSL_F_SSL_GET_SERVER_SEND_PKEY 317
2019#define SSL_F_SSL_GET_SIGN_PKEY 183
2020#define SSL_F_SSL_INIT_WBIO_BUFFER 184
2021#define SSL_F_SSL_LOAD_CLIENT_CA_FILE 185
2022#define SSL_F_SSL_NEW 186
2023#define SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT 300
2024#define SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT 302
2025#define SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT 310
2026#define SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT 301
2027#define SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT 303
2028#define SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT 311
2029#define SSL_F_SSL_PEEK 270
2030#define SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT 281
2031#define SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT 282
2032#define SSL_F_SSL_READ 223
2033#define SSL_F_SSL_RSA_PRIVATE_DECRYPT 187
2034#define SSL_F_SSL_RSA_PUBLIC_ENCRYPT 188
2035#define SSL_F_SSL_SESSION_NEW 189
2036#define SSL_F_SSL_SESSION_PRINT_FP 190
2037#define SSL_F_SSL_SESSION_SET1_ID_CONTEXT 312
2038#define SSL_F_SSL_SESS_CERT_NEW 225
2039#define SSL_F_SSL_SET_CERT 191
2040#define SSL_F_SSL_SET_CIPHER_LIST 271
2041#define SSL_F_SSL_SET_FD 192
2042#define SSL_F_SSL_SET_PKEY 193
2043#define SSL_F_SSL_SET_PURPOSE 227
2044#define SSL_F_SSL_SET_RFD 194
2045#define SSL_F_SSL_SET_SESSION 195
2046#define SSL_F_SSL_SET_SESSION_ID_CONTEXT 218
2047#define SSL_F_SSL_SET_SESSION_TICKET_EXT 294
2048#define SSL_F_SSL_SET_TRUST 228
2049#define SSL_F_SSL_SET_WFD 196
2050#define SSL_F_SSL_SHUTDOWN 224
2051#define SSL_F_SSL_SRP_CTX_INIT 313
2052#define SSL_F_SSL_UNDEFINED_CONST_FUNCTION 243
2053#define SSL_F_SSL_UNDEFINED_FUNCTION 197
2054#define SSL_F_SSL_UNDEFINED_VOID_FUNCTION 244
2055#define SSL_F_SSL_USE_CERTIFICATE 198
2056#define SSL_F_SSL_USE_CERTIFICATE_ASN1 199
2057#define SSL_F_SSL_USE_CERTIFICATE_FILE 200
2058#define SSL_F_SSL_USE_PRIVATEKEY 201
2059#define SSL_F_SSL_USE_PRIVATEKEY_ASN1 202
2060#define SSL_F_SSL_USE_PRIVATEKEY_FILE 203
2061#define SSL_F_SSL_USE_PSK_IDENTITY_HINT 273
2062#define SSL_F_SSL_USE_RSAPRIVATEKEY 204
2063#define SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1 205
2064#define SSL_F_SSL_USE_RSAPRIVATEKEY_FILE 206
2065#define SSL_F_SSL_VERIFY_CERT_CHAIN 207
2066#define SSL_F_SSL_WRITE 208
2067#define SSL_F_TLS1_AEAD_CTX_INIT 339
2068#define SSL_F_TLS1_CERT_VERIFY_MAC 286
2069#define SSL_F_TLS1_CHANGE_CIPHER_STATE 209
2070#define SSL_F_TLS1_CHANGE_CIPHER_STATE_AEAD 340
2071#define SSL_F_TLS1_CHANGE_CIPHER_STATE_CIPHER 338
2072#define SSL_F_TLS1_CHECK_SERVERHELLO_TLSEXT 274
2073#define SSL_F_TLS1_ENC 210
2074#define SSL_F_TLS1_EXPORT_KEYING_MATERIAL 314
2075#define SSL_F_TLS1_HEARTBEAT 315
2076#define SSL_F_TLS1_PREPARE_CLIENTHELLO_TLSEXT 275
2077#define SSL_F_TLS1_PREPARE_SERVERHELLO_TLSEXT 276
2078#define SSL_F_TLS1_PRF 284
2079#define SSL_F_TLS1_SETUP_KEY_BLOCK 211
2080#define SSL_F_WRITE_PENDING 212
2081
2082/* Reason codes. */
2083#define SSL_R_APP_DATA_IN_HANDSHAKE 100
2084#define SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT 272
2085#define SSL_R_BAD_ALERT_RECORD 101
2086#define SSL_R_BAD_AUTHENTICATION_TYPE 102
2087#define SSL_R_BAD_CHANGE_CIPHER_SPEC 103
2088#define SSL_R_BAD_CHECKSUM 104
2089#define SSL_R_BAD_DATA_RETURNED_BY_CALLBACK 106
2090#define SSL_R_BAD_DECOMPRESSION 107
2091#define SSL_R_BAD_DH_G_LENGTH 108
2092#define SSL_R_BAD_DH_PUB_KEY_LENGTH 109
2093#define SSL_R_BAD_DH_P_LENGTH 110
2094#define SSL_R_BAD_DIGEST_LENGTH 111
2095#define SSL_R_BAD_DSA_SIGNATURE 112
2096#define SSL_R_BAD_ECC_CERT 304
2097#define SSL_R_BAD_ECDSA_SIGNATURE 305
2098#define SSL_R_BAD_ECPOINT 306
2099#define SSL_R_BAD_HANDSHAKE_LENGTH 332
2100#define SSL_R_BAD_HELLO_REQUEST 105
2101#define SSL_R_BAD_LENGTH 271
2102#define SSL_R_BAD_MAC_DECODE 113
2103#define SSL_R_BAD_MAC_LENGTH 333
2104#define SSL_R_BAD_MESSAGE_TYPE 114
2105#define SSL_R_BAD_PACKET_LENGTH 115
2106#define SSL_R_BAD_PROTOCOL_VERSION_NUMBER 116
2107#define SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH 316
2108#define SSL_R_BAD_RESPONSE_ARGUMENT 117
2109#define SSL_R_BAD_RSA_DECRYPT 118
2110#define SSL_R_BAD_RSA_ENCRYPT 119
2111#define SSL_R_BAD_RSA_E_LENGTH 120
2112#define SSL_R_BAD_RSA_MODULUS_LENGTH 121
2113#define SSL_R_BAD_RSA_SIGNATURE 122
2114#define SSL_R_BAD_SIGNATURE 123
2115#define SSL_R_BAD_SRP_A_LENGTH 347
2116#define SSL_R_BAD_SRP_B_LENGTH 348
2117#define SSL_R_BAD_SRP_G_LENGTH 349
2118#define SSL_R_BAD_SRP_N_LENGTH 350
2119#define SSL_R_BAD_SRP_S_LENGTH 351
2120#define SSL_R_BAD_SRTP_MKI_VALUE 352
2121#define SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST 353
2122#define SSL_R_BAD_SSL_FILETYPE 124
2123#define SSL_R_BAD_SSL_SESSION_ID_LENGTH 125
2124#define SSL_R_BAD_STATE 126
2125#define SSL_R_BAD_WRITE_RETRY 127
2126#define SSL_R_BIO_NOT_SET 128
2127#define SSL_R_BLOCK_CIPHER_PAD_IS_WRONG 129
2128#define SSL_R_BN_LIB 130
2129#define SSL_R_CA_DN_LENGTH_MISMATCH 131
2130#define SSL_R_CA_DN_TOO_LONG 132
2131#define SSL_R_CCS_RECEIVED_EARLY 133
2132#define SSL_R_CERTIFICATE_VERIFY_FAILED 134
2133#define SSL_R_CERT_LENGTH_MISMATCH 135
2134#define SSL_R_CHALLENGE_IS_DIFFERENT 136
2135#define SSL_R_CIPHER_CODE_WRONG_LENGTH 137
2136#define SSL_R_CIPHER_COMPRESSION_UNAVAILABLE 371
2137#define SSL_R_CIPHER_OR_HASH_UNAVAILABLE 138
2138#define SSL_R_CIPHER_TABLE_SRC_ERROR 139
2139#define SSL_R_CLIENTHELLO_TLSEXT 226
2140#define SSL_R_COMPRESSED_LENGTH_TOO_LONG 140
2141#define SSL_R_COMPRESSION_DISABLED 343
2142#define SSL_R_COMPRESSION_FAILURE 141
2143#define SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE 307
2144#define SSL_R_COMPRESSION_LIBRARY_ERROR 142
2145#define SSL_R_CONNECTION_ID_IS_DIFFERENT 143
2146#define SSL_R_CONNECTION_TYPE_NOT_SET 144
2147#define SSL_R_COOKIE_MISMATCH 308
2148#define SSL_R_DATA_BETWEEN_CCS_AND_FINISHED 145
2149#define SSL_R_DATA_LENGTH_TOO_LONG 146
2150#define SSL_R_DECRYPTION_FAILED 147
2151#define SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC 281
2152#define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG 148
2153#define SSL_R_DIGEST_CHECK_FAILED 149
2154#define SSL_R_DTLS_MESSAGE_TOO_BIG 334
2155#define SSL_R_DUPLICATE_COMPRESSION_ID 309
2156#define SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT 317
2157#define SSL_R_ECC_CERT_NOT_FOR_SIGNING 318
2158#define SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE 322
2159#define SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE 323
2160#define SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER 310
2161#define SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST 354
2162#define SSL_R_ENCRYPTED_LENGTH_TOO_LONG 150
2163#define SSL_R_ERROR_GENERATING_TMP_RSA_KEY 282
2164#define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST 151
2165#define SSL_R_EXCESSIVE_MESSAGE_SIZE 152
2166#define SSL_R_EXTRA_DATA_IN_MESSAGE 153
2167#define SSL_R_GOT_A_FIN_BEFORE_A_CCS 154
2168#define SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS 355
2169#define SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION 356
2170#define SSL_R_HTTPS_PROXY_REQUEST 155
2171#define SSL_R_HTTP_REQUEST 156
2172#define SSL_R_ILLEGAL_PADDING 283
2173#define SSL_R_INAPPROPRIATE_FALLBACK 373
2174#define SSL_R_INCONSISTENT_COMPRESSION 340
2175#define SSL_R_INVALID_CHALLENGE_LENGTH 158
2176#define SSL_R_INVALID_COMMAND 280
2177#define SSL_R_INVALID_COMPRESSION_ALGORITHM 341
2178#define SSL_R_INVALID_PURPOSE 278
2179#define SSL_R_INVALID_SRP_USERNAME 357
2180#define SSL_R_INVALID_STATUS_RESPONSE 328
2181#define SSL_R_INVALID_TICKET_KEYS_LENGTH 325
2182#define SSL_R_INVALID_TRUST 279
2183#define SSL_R_KEY_ARG_TOO_LONG 284
2184#define SSL_R_KRB5 285
2185#define SSL_R_KRB5_C_CC_PRINC 286
2186#define SSL_R_KRB5_C_GET_CRED 287
2187#define SSL_R_KRB5_C_INIT 288
2188#define SSL_R_KRB5_C_MK_REQ 289
2189#define SSL_R_KRB5_S_BAD_TICKET 290
2190#define SSL_R_KRB5_S_INIT 291
2191#define SSL_R_KRB5_S_RD_REQ 292
2192#define SSL_R_KRB5_S_TKT_EXPIRED 293
2193#define SSL_R_KRB5_S_TKT_NYV 294
2194#define SSL_R_KRB5_S_TKT_SKEW 295
2195#define SSL_R_LENGTH_MISMATCH 159
2196#define SSL_R_LENGTH_TOO_SHORT 160
2197#define SSL_R_LIBRARY_BUG 274
2198#define SSL_R_LIBRARY_HAS_NO_CIPHERS 161
2199#define SSL_R_MESSAGE_TOO_LONG 296
2200#define SSL_R_MISSING_DH_DSA_CERT 162
2201#define SSL_R_MISSING_DH_KEY 163
2202#define SSL_R_MISSING_DH_RSA_CERT 164
2203#define SSL_R_MISSING_DSA_SIGNING_CERT 165
2204#define SSL_R_MISSING_EXPORT_TMP_DH_KEY 166
2205#define SSL_R_MISSING_EXPORT_TMP_RSA_KEY 167
2206#define SSL_R_MISSING_RSA_CERTIFICATE 168
2207#define SSL_R_MISSING_RSA_ENCRYPTING_CERT 169
2208#define SSL_R_MISSING_RSA_SIGNING_CERT 170
2209#define SSL_R_MISSING_SRP_PARAM 358
2210#define SSL_R_MISSING_TMP_DH_KEY 171
2211#define SSL_R_MISSING_TMP_ECDH_KEY 311
2212#define SSL_R_MISSING_TMP_RSA_KEY 172
2213#define SSL_R_MISSING_TMP_RSA_PKEY 173
2214#define SSL_R_MISSING_VERIFY_MESSAGE 174
2215#define SSL_R_MULTIPLE_SGC_RESTARTS 346
2216#define SSL_R_NON_SSLV2_INITIAL_PACKET 175
2217#define SSL_R_NO_CERTIFICATES_RETURNED 176
2218#define SSL_R_NO_CERTIFICATE_ASSIGNED 177
2219#define SSL_R_NO_CERTIFICATE_RETURNED 178
2220#define SSL_R_NO_CERTIFICATE_SET 179
2221#define SSL_R_NO_CERTIFICATE_SPECIFIED 180
2222#define SSL_R_NO_CIPHERS_AVAILABLE 181
2223#define SSL_R_NO_CIPHERS_PASSED 182
2224#define SSL_R_NO_CIPHERS_SPECIFIED 183
2225#define SSL_R_NO_CIPHER_LIST 184
2226#define SSL_R_NO_CIPHER_MATCH 185
2227#define SSL_R_NO_CLIENT_CERT_METHOD 331
2228#define SSL_R_NO_CLIENT_CERT_RECEIVED 186
2229#define SSL_R_NO_COMPRESSION_SPECIFIED 187
2230#define SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER 330
2231#define SSL_R_NO_METHOD_SPECIFIED 188
2232#define SSL_R_NO_PRIVATEKEY 189
2233#define SSL_R_NO_PRIVATE_KEY_ASSIGNED 190
2234#define SSL_R_NO_PROTOCOLS_AVAILABLE 191
2235#define SSL_R_NO_PUBLICKEY 192
2236#define SSL_R_NO_RENEGOTIATION 339
2237#define SSL_R_NO_REQUIRED_DIGEST 324
2238#define SSL_R_NO_SHARED_CIPHER 193
2239#define SSL_R_NO_SRTP_PROFILES 359
2240#define SSL_R_NO_VERIFY_CALLBACK 194
2241#define SSL_R_NULL_SSL_CTX 195
2242#define SSL_R_NULL_SSL_METHOD_PASSED 196
2243#define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED 197
2244#define SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED 344
2245#define SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE 297
2246#define SSL_R_PACKET_LENGTH_TOO_LONG 198
2247#define SSL_R_PARSE_TLSEXT 227
2248#define SSL_R_PATH_TOO_LONG 270
2249#define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE 199
2250#define SSL_R_PEER_ERROR 200
2251#define SSL_R_PEER_ERROR_CERTIFICATE 201
2252#define SSL_R_PEER_ERROR_NO_CERTIFICATE 202
2253#define SSL_R_PEER_ERROR_NO_CIPHER 203
2254#define SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 204
2255#define SSL_R_PRE_MAC_LENGTH_TOO_LONG 205
2256#define SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS 206
2257#define SSL_R_PROTOCOL_IS_SHUTDOWN 207
2258#define SSL_R_PSK_IDENTITY_NOT_FOUND 223
2259#define SSL_R_PSK_NO_CLIENT_CB 224
2260#define SSL_R_PSK_NO_SERVER_CB 225
2261#define SSL_R_PUBLIC_KEY_ENCRYPT_ERROR 208
2262#define SSL_R_PUBLIC_KEY_IS_NOT_RSA 209
2263#define SSL_R_PUBLIC_KEY_NOT_RSA 210
2264#define SSL_R_READ_BIO_NOT_SET 211
2265#define SSL_R_READ_TIMEOUT_EXPIRED 312
2266#define SSL_R_READ_WRONG_PACKET_TYPE 212
2267#define SSL_R_RECORD_LENGTH_MISMATCH 213
2268#define SSL_R_RECORD_TOO_LARGE 214
2269#define SSL_R_RECORD_TOO_SMALL 298
2270#define SSL_R_RENEGOTIATE_EXT_TOO_LONG 335
2271#define SSL_R_RENEGOTIATION_ENCODING_ERR 336
2272#define SSL_R_RENEGOTIATION_MISMATCH 337
2273#define SSL_R_REQUIRED_CIPHER_MISSING 215
2274#define SSL_R_REQUIRED_COMPRESSSION_ALGORITHM_MISSING 342
2275#define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO 216
2276#define SSL_R_REUSE_CERT_TYPE_NOT_ZERO 217
2277#define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO 218
2278#define SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING 345
2279#define SSL_R_SERVERHELLO_TLSEXT 275
2280#define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED 277
2281#define SSL_R_SHORT_READ 219
2282#define SSL_R_SIGNATURE_ALGORITHMS_ERROR 360
2283#define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220
2284#define SSL_R_SRP_A_CALC 361
2285#define SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES 362
2286#define SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG 363
2287#define SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE 364
2288#define SSL_R_SSL23_DOING_SESSION_ID_REUSE 221
2289#define SSL_R_SSL2_CONNECTION_ID_TOO_LONG 299
2290#define SSL_R_SSL3_EXT_INVALID_ECPOINTFORMAT 321
2291#define SSL_R_SSL3_EXT_INVALID_SERVERNAME 319
2292#define SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE 320
2293#define SSL_R_SSL3_SESSION_ID_TOO_LONG 300
2294#define SSL_R_SSL3_SESSION_ID_TOO_SHORT 222
2295#define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE 1042
2296#define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020
2297#define SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED 1045
2298#define SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED 1044
2299#define SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN 1046
2300#define SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE 1030
2301#define SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE 1040
2302#define SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER 1047
2303#define SSL_R_SSLV3_ALERT_NO_CERTIFICATE 1041
2304#define SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE 1010
2305#define SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE 1043
2306#define SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION 228
2307#define SSL_R_SSL_HANDSHAKE_FAILURE 229
2308#define SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS 230
2309#define SSL_R_SSL_SESSION_ID_CALLBACK_FAILED 301
2310#define SSL_R_SSL_SESSION_ID_CONFLICT 302
2311#define SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG 273
2312#define SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH 303
2313#define SSL_R_SSL_SESSION_ID_IS_DIFFERENT 231
2314#define SSL_R_TLSV1_ALERT_ACCESS_DENIED 1049
2315#define SSL_R_TLSV1_ALERT_DECODE_ERROR 1050
2316#define SSL_R_TLSV1_ALERT_DECRYPTION_FAILED 1021
2317#define SSL_R_TLSV1_ALERT_DECRYPT_ERROR 1051
2318#define SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION 1060
2319#define SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK 1086
2320#define SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY 1071
2321#define SSL_R_TLSV1_ALERT_INTERNAL_ERROR 1080
2322#define SSL_R_TLSV1_ALERT_NO_RENEGOTIATION 1100
2323#define SSL_R_TLSV1_ALERT_PROTOCOL_VERSION 1070
2324#define SSL_R_TLSV1_ALERT_RECORD_OVERFLOW 1022
2325#define SSL_R_TLSV1_ALERT_UNKNOWN_CA 1048
2326#define SSL_R_TLSV1_ALERT_USER_CANCELLED 1090
2327#define SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE 1114
2328#define SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE 1113
2329#define SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE 1111
2330#define SSL_R_TLSV1_UNRECOGNIZED_NAME 1112
2331#define SSL_R_TLSV1_UNSUPPORTED_EXTENSION 1110
2332#define SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER 232
2333#define SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT 365
2334#define SSL_R_TLS_HEARTBEAT_PENDING 366
2335#define SSL_R_TLS_ILLEGAL_EXPORTER_LABEL 367
2336#define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST 157
2337#define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233
2338#define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG 234
2339#define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER 235
2340#define SSL_R_UNABLE_TO_DECODE_DH_CERTS 236
2341#define SSL_R_UNABLE_TO_DECODE_ECDH_CERTS 313
2342#define SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY 237
2343#define SSL_R_UNABLE_TO_FIND_DH_PARAMETERS 238
2344#define SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS 314
2345#define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS 239
2346#define SSL_R_UNABLE_TO_FIND_SSL_METHOD 240
2347#define SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES 241
2348#define SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES 242
2349#define SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES 243
2350#define SSL_R_UNEXPECTED_MESSAGE 244
2351#define SSL_R_UNEXPECTED_RECORD 245
2352#define SSL_R_UNINITIALIZED 276
2353#define SSL_R_UNKNOWN_ALERT_TYPE 246
2354#define SSL_R_UNKNOWN_CERTIFICATE_TYPE 247
2355#define SSL_R_UNKNOWN_CIPHER_RETURNED 248
2356#define SSL_R_UNKNOWN_CIPHER_TYPE 249
2357#define SSL_R_UNKNOWN_DIGEST 368
2358#define SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE 250
2359#define SSL_R_UNKNOWN_PKEY_TYPE 251
2360#define SSL_R_UNKNOWN_PROTOCOL 252
2361#define SSL_R_UNKNOWN_REMOTE_ERROR_TYPE 253
2362#define SSL_R_UNKNOWN_SSL_VERSION 254
2363#define SSL_R_UNKNOWN_STATE 255
2364#define SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED 338
2365#define SSL_R_UNSUPPORTED_CIPHER 256
2366#define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM 257
2367#define SSL_R_UNSUPPORTED_DIGEST_TYPE 326
2368#define SSL_R_UNSUPPORTED_ELLIPTIC_CURVE 315
2369#define SSL_R_UNSUPPORTED_PROTOCOL 258
2370#define SSL_R_UNSUPPORTED_SSL_VERSION 259
2371#define SSL_R_UNSUPPORTED_STATUS_TYPE 329
2372#define SSL_R_USE_SRTP_NOT_NEGOTIATED 369
2373#define SSL_R_WRITE_BIO_NOT_SET 260
2374#define SSL_R_WRONG_CIPHER_RETURNED 261
2375#define SSL_R_WRONG_CURVE 378
2376#define SSL_R_WRONG_MESSAGE_TYPE 262
2377#define SSL_R_WRONG_NUMBER_OF_KEY_BITS 263
2378#define SSL_R_WRONG_SIGNATURE_LENGTH 264
2379#define SSL_R_WRONG_SIGNATURE_SIZE 265
2380#define SSL_R_WRONG_SIGNATURE_TYPE 370
2381#define SSL_R_WRONG_SSL_VERSION 266
2382#define SSL_R_WRONG_VERSION_NUMBER 267
2383#define SSL_R_X509_LIB 268
2384#define SSL_R_X509_VERIFICATION_SETUP_PROBLEMS 269
2385
2386#ifdef __cplusplus
2387}
2388#endif
2389#endif
diff --git a/src/lib/libssl/ssl2.h b/src/lib/libssl/ssl2.h
deleted file mode 100644
index 3a8d300729..0000000000
--- a/src/lib/libssl/ssl2.h
+++ /dev/null
@@ -1,153 +0,0 @@
1/* $OpenBSD: ssl2.h,v 1.12 2014/12/14 15:30:50 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_SSL2_H
60#define HEADER_SSL2_H
61
62#ifdef __cplusplus
63extern "C" {
64#endif
65
66/* Protocol Version Codes */
67#define SSL2_VERSION 0x0002
68#define SSL2_VERSION_MAJOR 0x00
69#define SSL2_VERSION_MINOR 0x02
70/* #define SSL2_CLIENT_VERSION 0x0002 */
71/* #define SSL2_SERVER_VERSION 0x0002 */
72
73/* Protocol Message Codes */
74#define SSL2_MT_ERROR 0
75#define SSL2_MT_CLIENT_HELLO 1
76#define SSL2_MT_CLIENT_MASTER_KEY 2
77#define SSL2_MT_CLIENT_FINISHED 3
78#define SSL2_MT_SERVER_HELLO 4
79#define SSL2_MT_SERVER_VERIFY 5
80#define SSL2_MT_SERVER_FINISHED 6
81#define SSL2_MT_REQUEST_CERTIFICATE 7
82#define SSL2_MT_CLIENT_CERTIFICATE 8
83
84/* Error Message Codes */
85#define SSL2_PE_UNDEFINED_ERROR 0x0000
86#define SSL2_PE_NO_CIPHER 0x0001
87#define SSL2_PE_NO_CERTIFICATE 0x0002
88#define SSL2_PE_BAD_CERTIFICATE 0x0004
89#define SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE 0x0006
90
91/* Cipher Kind Values */
92#define SSL2_CK_NULL_WITH_MD5 0x02000000 /* v3 */
93#define SSL2_CK_RC4_128_WITH_MD5 0x02010080
94#define SSL2_CK_RC4_128_EXPORT40_WITH_MD5 0x02020080
95#define SSL2_CK_RC2_128_CBC_WITH_MD5 0x02030080
96#define SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5 0x02040080
97#define SSL2_CK_IDEA_128_CBC_WITH_MD5 0x02050080
98#define SSL2_CK_DES_64_CBC_WITH_MD5 0x02060040
99#define SSL2_CK_DES_64_CBC_WITH_SHA 0x02060140 /* v3 */
100#define SSL2_CK_DES_192_EDE3_CBC_WITH_MD5 0x020700c0
101#define SSL2_CK_DES_192_EDE3_CBC_WITH_SHA 0x020701c0 /* v3 */
102#define SSL2_CK_RC4_64_WITH_MD5 0x02080080 /* MS hack */
103
104#define SSL2_CK_DES_64_CFB64_WITH_MD5_1 0x02ff0800 /* SSLeay */
105#define SSL2_CK_NULL 0x02ff0810 /* SSLeay */
106
107#define SSL2_TXT_DES_64_CFB64_WITH_MD5_1 "DES-CFB-M1"
108#define SSL2_TXT_NULL_WITH_MD5 "NULL-MD5"
109#define SSL2_TXT_RC4_128_WITH_MD5 "RC4-MD5"
110#define SSL2_TXT_RC4_128_EXPORT40_WITH_MD5 "EXP-RC4-MD5"
111#define SSL2_TXT_RC2_128_CBC_WITH_MD5 "RC2-CBC-MD5"
112#define SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 "EXP-RC2-CBC-MD5"
113#define SSL2_TXT_IDEA_128_CBC_WITH_MD5 "IDEA-CBC-MD5"
114#define SSL2_TXT_DES_64_CBC_WITH_MD5 "DES-CBC-MD5"
115#define SSL2_TXT_DES_64_CBC_WITH_SHA "DES-CBC-SHA"
116#define SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5 "DES-CBC3-MD5"
117#define SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA "DES-CBC3-SHA"
118#define SSL2_TXT_RC4_64_WITH_MD5 "RC4-64-MD5"
119
120#define SSL2_TXT_NULL "NULL"
121
122/* Flags for the SSL_CIPHER.algorithm2 field */
123#define SSL2_CF_5_BYTE_ENC 0x01
124#define SSL2_CF_8_BYTE_ENC 0x02
125
126/* Certificate Type Codes */
127#define SSL2_CT_X509_CERTIFICATE 0x01
128
129/* Authentication Type Code */
130#define SSL2_AT_MD5_WITH_RSA_ENCRYPTION 0x01
131
132#define SSL2_MAX_SSL_SESSION_ID_LENGTH 32
133
134/* Upper/Lower Bounds */
135#define SSL2_MAX_MASTER_KEY_LENGTH_IN_BITS 256
136#define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER 32767u /* 2^15-1 */
137#define SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER 16383 /* 2^14-1 */
138
139#define SSL2_CHALLENGE_LENGTH 16
140/*#define SSL2_CHALLENGE_LENGTH 32 */
141#define SSL2_MIN_CHALLENGE_LENGTH 16
142#define SSL2_MAX_CHALLENGE_LENGTH 32
143#define SSL2_CONNECTION_ID_LENGTH 16
144#define SSL2_MAX_CONNECTION_ID_LENGTH 16
145#define SSL2_SSL_SESSION_ID_LENGTH 16
146#define SSL2_MAX_CERT_CHALLENGE_LENGTH 32
147#define SSL2_MIN_CERT_CHALLENGE_LENGTH 16
148#define SSL2_MAX_KEY_MATERIAL_LENGTH 24
149
150#ifdef __cplusplus
151}
152#endif
153#endif
diff --git a/src/lib/libssl/ssl23.h b/src/lib/libssl/ssl23.h
deleted file mode 100644
index 570e4b0171..0000000000
--- a/src/lib/libssl/ssl23.h
+++ /dev/null
@@ -1,82 +0,0 @@
1/* $OpenBSD: ssl23.h,v 1.4 2014/12/14 15:30:50 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_SSL23_H
60#define HEADER_SSL23_H
61
62#ifdef __cplusplus
63extern "C" {
64#endif
65
66/*client */
67/* write to server */
68#define SSL23_ST_CW_CLNT_HELLO_A (0x210|SSL_ST_CONNECT)
69#define SSL23_ST_CW_CLNT_HELLO_B (0x211|SSL_ST_CONNECT)
70/* read from server */
71#define SSL23_ST_CR_SRVR_HELLO_A (0x220|SSL_ST_CONNECT)
72#define SSL23_ST_CR_SRVR_HELLO_B (0x221|SSL_ST_CONNECT)
73
74/* server */
75/* read from client */
76#define SSL23_ST_SR_CLNT_HELLO_A (0x210|SSL_ST_ACCEPT)
77#define SSL23_ST_SR_CLNT_HELLO_B (0x211|SSL_ST_ACCEPT)
78
79#ifdef __cplusplus
80}
81#endif
82#endif
diff --git a/src/lib/libssl/ssl3.h b/src/lib/libssl/ssl3.h
deleted file mode 100644
index 5ec2fe6f88..0000000000
--- a/src/lib/libssl/ssl3.h
+++ /dev/null
@@ -1,617 +0,0 @@
1/* $OpenBSD: ssl3.h,v 1.41 2015/07/19 06:23:51 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111/* ====================================================================
112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113 * ECC cipher suite support in OpenSSL originally developed by
114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
115 */
116
117#ifndef HEADER_SSL3_H
118#define HEADER_SSL3_H
119
120#include <openssl/buffer.h>
121#include <openssl/evp.h>
122#include <openssl/ssl.h>
123
124#ifdef __cplusplus
125extern "C" {
126#endif
127
128/* TLS_EMPTY_RENEGOTIATION_INFO_SCSV from RFC 5746. */
129#define SSL3_CK_SCSV 0x030000FF
130
131/* TLS_FALLBACK_SCSV from draft-ietf-tls-downgrade-scsv-03. */
132#define SSL3_CK_FALLBACK_SCSV 0x03005600
133
134#define SSL3_CK_RSA_NULL_MD5 0x03000001
135#define SSL3_CK_RSA_NULL_SHA 0x03000002
136#define SSL3_CK_RSA_RC4_40_MD5 0x03000003
137#define SSL3_CK_RSA_RC4_128_MD5 0x03000004
138#define SSL3_CK_RSA_RC4_128_SHA 0x03000005
139#define SSL3_CK_RSA_RC2_40_MD5 0x03000006
140#define SSL3_CK_RSA_IDEA_128_SHA 0x03000007
141#define SSL3_CK_RSA_DES_40_CBC_SHA 0x03000008
142#define SSL3_CK_RSA_DES_64_CBC_SHA 0x03000009
143#define SSL3_CK_RSA_DES_192_CBC3_SHA 0x0300000A
144
145#define SSL3_CK_DH_DSS_DES_40_CBC_SHA 0x0300000B
146#define SSL3_CK_DH_DSS_DES_64_CBC_SHA 0x0300000C
147#define SSL3_CK_DH_DSS_DES_192_CBC3_SHA 0x0300000D
148#define SSL3_CK_DH_RSA_DES_40_CBC_SHA 0x0300000E
149#define SSL3_CK_DH_RSA_DES_64_CBC_SHA 0x0300000F
150#define SSL3_CK_DH_RSA_DES_192_CBC3_SHA 0x03000010
151
152#define SSL3_CK_EDH_DSS_DES_40_CBC_SHA 0x03000011
153#define SSL3_CK_EDH_DSS_DES_64_CBC_SHA 0x03000012
154#define SSL3_CK_EDH_DSS_DES_192_CBC3_SHA 0x03000013
155#define SSL3_CK_EDH_RSA_DES_40_CBC_SHA 0x03000014
156#define SSL3_CK_EDH_RSA_DES_64_CBC_SHA 0x03000015
157#define SSL3_CK_EDH_RSA_DES_192_CBC3_SHA 0x03000016
158
159#define SSL3_CK_ADH_RC4_40_MD5 0x03000017
160#define SSL3_CK_ADH_RC4_128_MD5 0x03000018
161#define SSL3_CK_ADH_DES_40_CBC_SHA 0x03000019
162#define SSL3_CK_ADH_DES_64_CBC_SHA 0x0300001A
163#define SSL3_CK_ADH_DES_192_CBC_SHA 0x0300001B
164
165/* VRS Additional Kerberos5 entries
166 */
167#define SSL3_CK_KRB5_DES_64_CBC_SHA 0x0300001E
168#define SSL3_CK_KRB5_DES_192_CBC3_SHA 0x0300001F
169#define SSL3_CK_KRB5_RC4_128_SHA 0x03000020
170#define SSL3_CK_KRB5_IDEA_128_CBC_SHA 0x03000021
171#define SSL3_CK_KRB5_DES_64_CBC_MD5 0x03000022
172#define SSL3_CK_KRB5_DES_192_CBC3_MD5 0x03000023
173#define SSL3_CK_KRB5_RC4_128_MD5 0x03000024
174#define SSL3_CK_KRB5_IDEA_128_CBC_MD5 0x03000025
175
176#define SSL3_CK_KRB5_DES_40_CBC_SHA 0x03000026
177#define SSL3_CK_KRB5_RC2_40_CBC_SHA 0x03000027
178#define SSL3_CK_KRB5_RC4_40_SHA 0x03000028
179#define SSL3_CK_KRB5_DES_40_CBC_MD5 0x03000029
180#define SSL3_CK_KRB5_RC2_40_CBC_MD5 0x0300002A
181#define SSL3_CK_KRB5_RC4_40_MD5 0x0300002B
182
183#define SSL3_TXT_RSA_NULL_MD5 "NULL-MD5"
184#define SSL3_TXT_RSA_NULL_SHA "NULL-SHA"
185#define SSL3_TXT_RSA_RC4_40_MD5 "EXP-RC4-MD5"
186#define SSL3_TXT_RSA_RC4_128_MD5 "RC4-MD5"
187#define SSL3_TXT_RSA_RC4_128_SHA "RC4-SHA"
188#define SSL3_TXT_RSA_RC2_40_MD5 "EXP-RC2-CBC-MD5"
189#define SSL3_TXT_RSA_IDEA_128_SHA "IDEA-CBC-SHA"
190#define SSL3_TXT_RSA_DES_40_CBC_SHA "EXP-DES-CBC-SHA"
191#define SSL3_TXT_RSA_DES_64_CBC_SHA "DES-CBC-SHA"
192#define SSL3_TXT_RSA_DES_192_CBC3_SHA "DES-CBC3-SHA"
193
194#define SSL3_TXT_DH_DSS_DES_40_CBC_SHA "EXP-DH-DSS-DES-CBC-SHA"
195#define SSL3_TXT_DH_DSS_DES_64_CBC_SHA "DH-DSS-DES-CBC-SHA"
196#define SSL3_TXT_DH_DSS_DES_192_CBC3_SHA "DH-DSS-DES-CBC3-SHA"
197#define SSL3_TXT_DH_RSA_DES_40_CBC_SHA "EXP-DH-RSA-DES-CBC-SHA"
198#define SSL3_TXT_DH_RSA_DES_64_CBC_SHA "DH-RSA-DES-CBC-SHA"
199#define SSL3_TXT_DH_RSA_DES_192_CBC3_SHA "DH-RSA-DES-CBC3-SHA"
200
201#define SSL3_TXT_EDH_DSS_DES_40_CBC_SHA "EXP-EDH-DSS-DES-CBC-SHA"
202#define SSL3_TXT_EDH_DSS_DES_64_CBC_SHA "EDH-DSS-DES-CBC-SHA"
203#define SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA "EDH-DSS-DES-CBC3-SHA"
204#define SSL3_TXT_EDH_RSA_DES_40_CBC_SHA "EXP-EDH-RSA-DES-CBC-SHA"
205#define SSL3_TXT_EDH_RSA_DES_64_CBC_SHA "EDH-RSA-DES-CBC-SHA"
206#define SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA "EDH-RSA-DES-CBC3-SHA"
207
208#define SSL3_TXT_ADH_RC4_40_MD5 "EXP-ADH-RC4-MD5"
209#define SSL3_TXT_ADH_RC4_128_MD5 "ADH-RC4-MD5"
210#define SSL3_TXT_ADH_DES_40_CBC_SHA "EXP-ADH-DES-CBC-SHA"
211#define SSL3_TXT_ADH_DES_64_CBC_SHA "ADH-DES-CBC-SHA"
212#define SSL3_TXT_ADH_DES_192_CBC_SHA "ADH-DES-CBC3-SHA"
213
214#define SSL3_TXT_KRB5_DES_64_CBC_SHA "KRB5-DES-CBC-SHA"
215#define SSL3_TXT_KRB5_DES_192_CBC3_SHA "KRB5-DES-CBC3-SHA"
216#define SSL3_TXT_KRB5_RC4_128_SHA "KRB5-RC4-SHA"
217#define SSL3_TXT_KRB5_IDEA_128_CBC_SHA "KRB5-IDEA-CBC-SHA"
218#define SSL3_TXT_KRB5_DES_64_CBC_MD5 "KRB5-DES-CBC-MD5"
219#define SSL3_TXT_KRB5_DES_192_CBC3_MD5 "KRB5-DES-CBC3-MD5"
220#define SSL3_TXT_KRB5_RC4_128_MD5 "KRB5-RC4-MD5"
221#define SSL3_TXT_KRB5_IDEA_128_CBC_MD5 "KRB5-IDEA-CBC-MD5"
222
223#define SSL3_TXT_KRB5_DES_40_CBC_SHA "EXP-KRB5-DES-CBC-SHA"
224#define SSL3_TXT_KRB5_RC2_40_CBC_SHA "EXP-KRB5-RC2-CBC-SHA"
225#define SSL3_TXT_KRB5_RC4_40_SHA "EXP-KRB5-RC4-SHA"
226#define SSL3_TXT_KRB5_DES_40_CBC_MD5 "EXP-KRB5-DES-CBC-MD5"
227#define SSL3_TXT_KRB5_RC2_40_CBC_MD5 "EXP-KRB5-RC2-CBC-MD5"
228#define SSL3_TXT_KRB5_RC4_40_MD5 "EXP-KRB5-RC4-MD5"
229
230#define SSL3_SSL_SESSION_ID_LENGTH 32
231#define SSL3_MAX_SSL_SESSION_ID_LENGTH 32
232
233#define SSL3_MASTER_SECRET_SIZE 48
234#define SSL3_RANDOM_SIZE 32
235#define SSL3_SEQUENCE_SIZE 8
236#define SSL3_SESSION_ID_SIZE 32
237#define SSL3_CIPHER_VALUE_SIZE 2
238
239#define SSL3_RT_HEADER_LENGTH 5
240#define SSL3_HM_HEADER_LENGTH 4
241
242#define SSL3_ALIGN_PAYLOAD 8
243
244/* This is the maximum MAC (digest) size used by the SSL library.
245 * Currently maximum of 20 is used by SHA1, but we reserve for
246 * future extension for 512-bit hashes.
247 */
248
249#define SSL3_RT_MAX_MD_SIZE 64
250
251/* Maximum block size used in all ciphersuites. Currently 16 for AES.
252 */
253
254#define SSL_RT_MAX_CIPHER_BLOCK_SIZE 16
255
256#define SSL3_RT_MAX_EXTRA (16384)
257
258/* Maximum plaintext length: defined by SSL/TLS standards */
259#define SSL3_RT_MAX_PLAIN_LENGTH 16384
260/* Maximum compression overhead: defined by SSL/TLS standards */
261#define SSL3_RT_MAX_COMPRESSED_OVERHEAD 1024
262
263/* The standards give a maximum encryption overhead of 1024 bytes.
264 * In practice the value is lower than this. The overhead is the maximum
265 * number of padding bytes (256) plus the mac size.
266 */
267#define SSL3_RT_MAX_ENCRYPTED_OVERHEAD (256 + SSL3_RT_MAX_MD_SIZE)
268
269/* OpenSSL currently only uses a padding length of at most one block so
270 * the send overhead is smaller.
271 */
272
273#define SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD \
274 (SSL_RT_MAX_CIPHER_BLOCK_SIZE + SSL3_RT_MAX_MD_SIZE)
275
276/* If compression isn't used don't include the compression overhead */
277#define SSL3_RT_MAX_COMPRESSED_LENGTH SSL3_RT_MAX_PLAIN_LENGTH
278#define SSL3_RT_MAX_ENCRYPTED_LENGTH \
279 (SSL3_RT_MAX_ENCRYPTED_OVERHEAD+SSL3_RT_MAX_COMPRESSED_LENGTH)
280#define SSL3_RT_MAX_PACKET_SIZE \
281 (SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH)
282
283#define SSL3_MD_CLIENT_FINISHED_CONST "\x43\x4C\x4E\x54"
284#define SSL3_MD_SERVER_FINISHED_CONST "\x53\x52\x56\x52"
285
286#define SSL3_VERSION 0x0300
287#define SSL3_VERSION_MAJOR 0x03
288#define SSL3_VERSION_MINOR 0x00
289
290#define SSL3_RT_CHANGE_CIPHER_SPEC 20
291#define SSL3_RT_ALERT 21
292#define SSL3_RT_HANDSHAKE 22
293#define SSL3_RT_APPLICATION_DATA 23
294#define TLS1_RT_HEARTBEAT 24
295
296#define SSL3_AL_WARNING 1
297#define SSL3_AL_FATAL 2
298
299#define SSL3_AD_CLOSE_NOTIFY 0
300#define SSL3_AD_UNEXPECTED_MESSAGE 10 /* fatal */
301#define SSL3_AD_BAD_RECORD_MAC 20 /* fatal */
302#define SSL3_AD_DECOMPRESSION_FAILURE 30 /* fatal */
303#define SSL3_AD_HANDSHAKE_FAILURE 40 /* fatal */
304#define SSL3_AD_NO_CERTIFICATE 41
305#define SSL3_AD_BAD_CERTIFICATE 42
306#define SSL3_AD_UNSUPPORTED_CERTIFICATE 43
307#define SSL3_AD_CERTIFICATE_REVOKED 44
308#define SSL3_AD_CERTIFICATE_EXPIRED 45
309#define SSL3_AD_CERTIFICATE_UNKNOWN 46
310#define SSL3_AD_ILLEGAL_PARAMETER 47 /* fatal */
311
312#define TLS1_HB_REQUEST 1
313#define TLS1_HB_RESPONSE 2
314
315#ifndef OPENSSL_NO_SSL_INTERN
316
317typedef struct ssl3_record_st {
318/*r */ int type; /* type of record */
319/*rw*/ unsigned int length; /* How many bytes available */
320/*r */ unsigned int off; /* read/write offset into 'buf' */
321/*rw*/ unsigned char *data; /* pointer to the record data */
322/*rw*/ unsigned char *input; /* where the decode bytes are */
323/*r */ unsigned long epoch; /* epoch number, needed by DTLS1 */
324/*r */ unsigned char seq_num[8]; /* sequence number, needed by DTLS1 */
325} SSL3_RECORD;
326
327typedef struct ssl3_buffer_st {
328 unsigned char *buf; /* at least SSL3_RT_MAX_PACKET_SIZE bytes,
329 * see ssl3_setup_buffers() */
330 size_t len; /* buffer size */
331 int offset; /* where to 'copy from' */
332 int left; /* how many bytes left */
333} SSL3_BUFFER;
334
335#endif
336
337#define SSL3_CT_RSA_SIGN 1
338#define SSL3_CT_DSS_SIGN 2
339#define SSL3_CT_RSA_FIXED_DH 3
340#define SSL3_CT_DSS_FIXED_DH 4
341#define SSL3_CT_RSA_EPHEMERAL_DH 5
342#define SSL3_CT_DSS_EPHEMERAL_DH 6
343#define SSL3_CT_FORTEZZA_DMS 20
344/* SSL3_CT_NUMBER is used to size arrays and it must be large
345 * enough to contain all of the cert types defined either for
346 * SSLv3 and TLSv1.
347 */
348#define SSL3_CT_NUMBER 11
349
350
351#define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS 0x0001
352#define SSL3_FLAGS_DELAY_CLIENT_FINISHED 0x0002
353#define SSL3_FLAGS_POP_BUFFER 0x0004
354#define TLS1_FLAGS_TLS_PADDING_BUG 0x0
355#define TLS1_FLAGS_SKIP_CERT_VERIFY 0x0010
356#define TLS1_FLAGS_KEEP_HANDSHAKE 0x0020
357#define SSL3_FLAGS_CCS_OK 0x0080
358
359#ifndef OPENSSL_NO_SSL_INTERN
360
361typedef struct ssl3_state_st {
362 long flags;
363 int delay_buf_pop_ret;
364
365 unsigned char read_sequence[SSL3_SEQUENCE_SIZE];
366 int read_mac_secret_size;
367 unsigned char read_mac_secret[EVP_MAX_MD_SIZE];
368 unsigned char write_sequence[SSL3_SEQUENCE_SIZE];
369 int write_mac_secret_size;
370 unsigned char write_mac_secret[EVP_MAX_MD_SIZE];
371
372 unsigned char server_random[SSL3_RANDOM_SIZE];
373 unsigned char client_random[SSL3_RANDOM_SIZE];
374
375 /* flags for countermeasure against known-IV weakness */
376 int need_empty_fragments;
377 int empty_fragment_done;
378
379 SSL3_BUFFER rbuf; /* read IO goes into here */
380 SSL3_BUFFER wbuf; /* write IO goes into here */
381
382 SSL3_RECORD rrec; /* each decoded record goes in here */
383 SSL3_RECORD wrec; /* goes out from here */
384
385 /* storage for Alert/Handshake protocol data received but not
386 * yet processed by ssl3_read_bytes: */
387 unsigned char alert_fragment[2];
388 unsigned int alert_fragment_len;
389 unsigned char handshake_fragment[4];
390 unsigned int handshake_fragment_len;
391
392 /* partial write - check the numbers match */
393 unsigned int wnum; /* number of bytes sent so far */
394 int wpend_tot; /* number bytes written */
395 int wpend_type;
396 int wpend_ret; /* number of bytes submitted */
397 const unsigned char *wpend_buf;
398
399 /* used during startup, digest all incoming/outgoing packets */
400 BIO *handshake_buffer;
401 /* When set of handshake digests is determined, buffer is hashed
402 * and freed and MD_CTX-es for all required digests are stored in
403 * this array */
404 EVP_MD_CTX **handshake_dgst;
405 /* this is set whenerver we see a change_cipher_spec message
406 * come in when we are not looking for one */
407 int change_cipher_spec;
408
409 int warn_alert;
410 int fatal_alert;
411 /* we allow one fatal and one warning alert to be outstanding,
412 * send close alert via the warning alert */
413 int alert_dispatch;
414 unsigned char send_alert[2];
415
416 /* This flag is set when we should renegotiate ASAP, basically when
417 * there is no more data in the read or write buffers */
418 int renegotiate;
419 int total_renegotiations;
420 int num_renegotiations;
421
422 int in_read_app_data;
423
424 struct {
425 /* actually only needs to be 16+20 */
426 unsigned char cert_verify_md[EVP_MAX_MD_SIZE*2];
427
428 /* actually only need to be 16+20 for SSLv3 and 12 for TLS */
429 unsigned char finish_md[EVP_MAX_MD_SIZE*2];
430 int finish_md_len;
431 unsigned char peer_finish_md[EVP_MAX_MD_SIZE*2];
432 int peer_finish_md_len;
433
434 unsigned long message_size;
435 int message_type;
436
437 /* used to hold the new cipher we are going to use */
438 const SSL_CIPHER *new_cipher;
439 DH *dh;
440
441 EC_KEY *ecdh; /* holds short lived ECDH key */
442
443 /* used when SSL_ST_FLUSH_DATA is entered */
444 int next_state;
445
446 int reuse_message;
447
448 /* used for certificate requests */
449 int cert_req;
450 int ctype_num;
451 char ctype[SSL3_CT_NUMBER];
452 STACK_OF(X509_NAME) *ca_names;
453
454 int key_block_length;
455 unsigned char *key_block;
456
457 const EVP_CIPHER *new_sym_enc;
458 const EVP_AEAD *new_aead;
459 const EVP_MD *new_hash;
460 int new_mac_pkey_type;
461 int new_mac_secret_size;
462 int cert_request;
463 } tmp;
464
465 /* Connection binding to prevent renegotiation attacks */
466 unsigned char previous_client_finished[EVP_MAX_MD_SIZE];
467 unsigned char previous_client_finished_len;
468 unsigned char previous_server_finished[EVP_MAX_MD_SIZE];
469 unsigned char previous_server_finished_len;
470 int send_connection_binding; /* TODOEKR */
471
472 /* Set if we saw the Next Protocol Negotiation extension from our peer.
473 */
474 int next_proto_neg_seen;
475
476 /*
477 * ALPN information
478 * (we are in the process of transitioning from NPN to ALPN).
479 */
480
481 /*
482 * In a server these point to the selected ALPN protocol after the
483 * ClientHello has been processed. In a client these contain the
484 * protocol that the server selected once the ServerHello has been
485 * processed.
486 */
487 unsigned char *alpn_selected;
488 unsigned int alpn_selected_len;
489} SSL3_STATE;
490
491#endif
492
493/* SSLv3 */
494/*client */
495/* extra state */
496#define SSL3_ST_CW_FLUSH (0x100|SSL_ST_CONNECT)
497/* write to server */
498#define SSL3_ST_CW_CLNT_HELLO_A (0x110|SSL_ST_CONNECT)
499#define SSL3_ST_CW_CLNT_HELLO_B (0x111|SSL_ST_CONNECT)
500/* read from server */
501#define SSL3_ST_CR_SRVR_HELLO_A (0x120|SSL_ST_CONNECT)
502#define SSL3_ST_CR_SRVR_HELLO_B (0x121|SSL_ST_CONNECT)
503#define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A (0x126|SSL_ST_CONNECT)
504#define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B (0x127|SSL_ST_CONNECT)
505#define SSL3_ST_CR_CERT_A (0x130|SSL_ST_CONNECT)
506#define SSL3_ST_CR_CERT_B (0x131|SSL_ST_CONNECT)
507#define SSL3_ST_CR_KEY_EXCH_A (0x140|SSL_ST_CONNECT)
508#define SSL3_ST_CR_KEY_EXCH_B (0x141|SSL_ST_CONNECT)
509#define SSL3_ST_CR_CERT_REQ_A (0x150|SSL_ST_CONNECT)
510#define SSL3_ST_CR_CERT_REQ_B (0x151|SSL_ST_CONNECT)
511#define SSL3_ST_CR_SRVR_DONE_A (0x160|SSL_ST_CONNECT)
512#define SSL3_ST_CR_SRVR_DONE_B (0x161|SSL_ST_CONNECT)
513/* write to server */
514#define SSL3_ST_CW_CERT_A (0x170|SSL_ST_CONNECT)
515#define SSL3_ST_CW_CERT_B (0x171|SSL_ST_CONNECT)
516#define SSL3_ST_CW_CERT_C (0x172|SSL_ST_CONNECT)
517#define SSL3_ST_CW_CERT_D (0x173|SSL_ST_CONNECT)
518#define SSL3_ST_CW_KEY_EXCH_A (0x180|SSL_ST_CONNECT)
519#define SSL3_ST_CW_KEY_EXCH_B (0x181|SSL_ST_CONNECT)
520#define SSL3_ST_CW_CERT_VRFY_A (0x190|SSL_ST_CONNECT)
521#define SSL3_ST_CW_CERT_VRFY_B (0x191|SSL_ST_CONNECT)
522#define SSL3_ST_CW_CHANGE_A (0x1A0|SSL_ST_CONNECT)
523#define SSL3_ST_CW_CHANGE_B (0x1A1|SSL_ST_CONNECT)
524#define SSL3_ST_CW_NEXT_PROTO_A (0x200|SSL_ST_CONNECT)
525#define SSL3_ST_CW_NEXT_PROTO_B (0x201|SSL_ST_CONNECT)
526#define SSL3_ST_CW_FINISHED_A (0x1B0|SSL_ST_CONNECT)
527#define SSL3_ST_CW_FINISHED_B (0x1B1|SSL_ST_CONNECT)
528/* read from server */
529#define SSL3_ST_CR_CHANGE_A (0x1C0|SSL_ST_CONNECT)
530#define SSL3_ST_CR_CHANGE_B (0x1C1|SSL_ST_CONNECT)
531#define SSL3_ST_CR_FINISHED_A (0x1D0|SSL_ST_CONNECT)
532#define SSL3_ST_CR_FINISHED_B (0x1D1|SSL_ST_CONNECT)
533#define SSL3_ST_CR_SESSION_TICKET_A (0x1E0|SSL_ST_CONNECT)
534#define SSL3_ST_CR_SESSION_TICKET_B (0x1E1|SSL_ST_CONNECT)
535#define SSL3_ST_CR_CERT_STATUS_A (0x1F0|SSL_ST_CONNECT)
536#define SSL3_ST_CR_CERT_STATUS_B (0x1F1|SSL_ST_CONNECT)
537
538/* server */
539/* extra state */
540#define SSL3_ST_SW_FLUSH (0x100|SSL_ST_ACCEPT)
541/* read from client */
542/* Do not change the number values, they do matter */
543#define SSL3_ST_SR_CLNT_HELLO_A (0x110|SSL_ST_ACCEPT)
544#define SSL3_ST_SR_CLNT_HELLO_B (0x111|SSL_ST_ACCEPT)
545#define SSL3_ST_SR_CLNT_HELLO_C (0x112|SSL_ST_ACCEPT)
546/* write to client */
547#define DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A (0x113|SSL_ST_ACCEPT)
548#define DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B (0x114|SSL_ST_ACCEPT)
549#define SSL3_ST_SW_HELLO_REQ_A (0x120|SSL_ST_ACCEPT)
550#define SSL3_ST_SW_HELLO_REQ_B (0x121|SSL_ST_ACCEPT)
551#define SSL3_ST_SW_HELLO_REQ_C (0x122|SSL_ST_ACCEPT)
552#define SSL3_ST_SW_SRVR_HELLO_A (0x130|SSL_ST_ACCEPT)
553#define SSL3_ST_SW_SRVR_HELLO_B (0x131|SSL_ST_ACCEPT)
554#define SSL3_ST_SW_CERT_A (0x140|SSL_ST_ACCEPT)
555#define SSL3_ST_SW_CERT_B (0x141|SSL_ST_ACCEPT)
556#define SSL3_ST_SW_KEY_EXCH_A (0x150|SSL_ST_ACCEPT)
557#define SSL3_ST_SW_KEY_EXCH_B (0x151|SSL_ST_ACCEPT)
558#define SSL3_ST_SW_CERT_REQ_A (0x160|SSL_ST_ACCEPT)
559#define SSL3_ST_SW_CERT_REQ_B (0x161|SSL_ST_ACCEPT)
560#define SSL3_ST_SW_SRVR_DONE_A (0x170|SSL_ST_ACCEPT)
561#define SSL3_ST_SW_SRVR_DONE_B (0x171|SSL_ST_ACCEPT)
562/* read from client */
563#define SSL3_ST_SR_CERT_A (0x180|SSL_ST_ACCEPT)
564#define SSL3_ST_SR_CERT_B (0x181|SSL_ST_ACCEPT)
565#define SSL3_ST_SR_KEY_EXCH_A (0x190|SSL_ST_ACCEPT)
566#define SSL3_ST_SR_KEY_EXCH_B (0x191|SSL_ST_ACCEPT)
567#define SSL3_ST_SR_CERT_VRFY_A (0x1A0|SSL_ST_ACCEPT)
568#define SSL3_ST_SR_CERT_VRFY_B (0x1A1|SSL_ST_ACCEPT)
569#define SSL3_ST_SR_CHANGE_A (0x1B0|SSL_ST_ACCEPT)
570#define SSL3_ST_SR_CHANGE_B (0x1B1|SSL_ST_ACCEPT)
571#define SSL3_ST_SR_NEXT_PROTO_A (0x210|SSL_ST_ACCEPT)
572#define SSL3_ST_SR_NEXT_PROTO_B (0x211|SSL_ST_ACCEPT)
573#define SSL3_ST_SR_FINISHED_A (0x1C0|SSL_ST_ACCEPT)
574#define SSL3_ST_SR_FINISHED_B (0x1C1|SSL_ST_ACCEPT)
575/* write to client */
576#define SSL3_ST_SW_CHANGE_A (0x1D0|SSL_ST_ACCEPT)
577#define SSL3_ST_SW_CHANGE_B (0x1D1|SSL_ST_ACCEPT)
578#define SSL3_ST_SW_FINISHED_A (0x1E0|SSL_ST_ACCEPT)
579#define SSL3_ST_SW_FINISHED_B (0x1E1|SSL_ST_ACCEPT)
580#define SSL3_ST_SW_SESSION_TICKET_A (0x1F0|SSL_ST_ACCEPT)
581#define SSL3_ST_SW_SESSION_TICKET_B (0x1F1|SSL_ST_ACCEPT)
582#define SSL3_ST_SW_CERT_STATUS_A (0x200|SSL_ST_ACCEPT)
583#define SSL3_ST_SW_CERT_STATUS_B (0x201|SSL_ST_ACCEPT)
584
585#define SSL3_MT_HELLO_REQUEST 0
586#define SSL3_MT_CLIENT_HELLO 1
587#define SSL3_MT_SERVER_HELLO 2
588#define SSL3_MT_NEWSESSION_TICKET 4
589#define SSL3_MT_CERTIFICATE 11
590#define SSL3_MT_SERVER_KEY_EXCHANGE 12
591#define SSL3_MT_CERTIFICATE_REQUEST 13
592#define SSL3_MT_SERVER_DONE 14
593#define SSL3_MT_CERTIFICATE_VERIFY 15
594#define SSL3_MT_CLIENT_KEY_EXCHANGE 16
595#define SSL3_MT_FINISHED 20
596#define SSL3_MT_CERTIFICATE_STATUS 22
597
598#define SSL3_MT_NEXT_PROTO 67
599
600#define DTLS1_MT_HELLO_VERIFY_REQUEST 3
601
602#define SSL3_MT_CCS 1
603
604/* These are used when changing over to a new cipher */
605#define SSL3_CC_READ 0x01
606#define SSL3_CC_WRITE 0x02
607#define SSL3_CC_CLIENT 0x10
608#define SSL3_CC_SERVER 0x20
609#define SSL3_CHANGE_CIPHER_CLIENT_WRITE (SSL3_CC_CLIENT|SSL3_CC_WRITE)
610#define SSL3_CHANGE_CIPHER_SERVER_READ (SSL3_CC_SERVER|SSL3_CC_READ)
611#define SSL3_CHANGE_CIPHER_CLIENT_READ (SSL3_CC_CLIENT|SSL3_CC_READ)
612#define SSL3_CHANGE_CIPHER_SERVER_WRITE (SSL3_CC_SERVER|SSL3_CC_WRITE)
613
614#ifdef __cplusplus
615}
616#endif
617#endif
diff --git a/src/lib/libssl/ssl_algs.c b/src/lib/libssl/ssl_algs.c
deleted file mode 100644
index 3010a735c9..0000000000
--- a/src/lib/libssl/ssl_algs.c
+++ /dev/null
@@ -1,131 +0,0 @@
1/* $OpenBSD: ssl_algs.c,v 1.22 2014/12/14 15:30:50 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/lhash.h>
62#include <openssl/objects.h>
63
64#include "ssl_locl.h"
65
66int
67SSL_library_init(void)
68{
69
70#ifndef OPENSSL_NO_DES
71 EVP_add_cipher(EVP_des_cbc());
72 EVP_add_cipher(EVP_des_ede3_cbc());
73#endif
74#ifndef OPENSSL_NO_IDEA
75 EVP_add_cipher(EVP_idea_cbc());
76#endif
77#ifndef OPENSSL_NO_RC4
78 EVP_add_cipher(EVP_rc4());
79#if !defined(OPENSSL_NO_MD5) && (defined(__x86_64) || defined(__x86_64__))
80 EVP_add_cipher(EVP_rc4_hmac_md5());
81#endif
82#endif
83#ifndef OPENSSL_NO_RC2
84 EVP_add_cipher(EVP_rc2_cbc());
85 /* Not actually used for SSL/TLS but this makes PKCS#12 work
86 * if an application only calls SSL_library_init().
87 */
88 EVP_add_cipher(EVP_rc2_40_cbc());
89#endif
90 EVP_add_cipher(EVP_aes_128_cbc());
91 EVP_add_cipher(EVP_aes_192_cbc());
92 EVP_add_cipher(EVP_aes_256_cbc());
93 EVP_add_cipher(EVP_aes_128_gcm());
94 EVP_add_cipher(EVP_aes_256_gcm());
95 EVP_add_cipher(EVP_aes_128_cbc_hmac_sha1());
96 EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1());
97#ifndef OPENSSL_NO_CAMELLIA
98 EVP_add_cipher(EVP_camellia_128_cbc());
99 EVP_add_cipher(EVP_camellia_256_cbc());
100#endif
101#ifndef OPENSSL_NO_GOST
102 EVP_add_cipher(EVP_gost2814789_cfb64());
103 EVP_add_cipher(EVP_gost2814789_cnt());
104#endif
105
106 EVP_add_digest(EVP_md5());
107 EVP_add_digest_alias(SN_md5, "ssl2-md5");
108 EVP_add_digest_alias(SN_md5, "ssl3-md5");
109 EVP_add_digest(EVP_sha1()); /* RSA with sha1 */
110 EVP_add_digest_alias(SN_sha1, "ssl3-sha1");
111 EVP_add_digest_alias(SN_sha1WithRSAEncryption, SN_sha1WithRSA);
112 EVP_add_digest(EVP_sha224());
113 EVP_add_digest(EVP_sha256());
114 EVP_add_digest(EVP_sha384());
115 EVP_add_digest(EVP_sha512());
116 EVP_add_digest(EVP_dss1()); /* DSA with sha1 */
117 EVP_add_digest_alias(SN_dsaWithSHA1, SN_dsaWithSHA1_2);
118 EVP_add_digest_alias(SN_dsaWithSHA1, "DSS1");
119 EVP_add_digest_alias(SN_dsaWithSHA1, "dss1");
120 EVP_add_digest(EVP_ecdsa());
121#ifndef OPENSSL_NO_GOST
122 EVP_add_digest(EVP_gostr341194());
123 EVP_add_digest(EVP_gost2814789imit());
124 EVP_add_digest(EVP_streebog256());
125 EVP_add_digest(EVP_streebog512());
126#endif
127 /* initialize cipher/digest methods table */
128 ssl_load_ciphers();
129 return (1);
130}
131
diff --git a/src/lib/libssl/ssl_asn1.c b/src/lib/libssl/ssl_asn1.c
deleted file mode 100644
index b60b3ea3f8..0000000000
--- a/src/lib/libssl/ssl_asn1.c
+++ /dev/null
@@ -1,692 +0,0 @@
1/* $OpenBSD: ssl_asn1.c,v 1.40 2014/12/14 15:30:50 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61
62#include "ssl_locl.h"
63
64#include <openssl/objects.h>
65#include <openssl/x509.h>
66
67/* XXX - these are here to avoid including asn1_mac.h */
68int asn1_GetSequence(ASN1_const_CTX *c, long *length);
69void asn1_add_error(const unsigned char *address, int offset);
70
71typedef struct ssl_session_asn1_st {
72 ASN1_INTEGER version;
73 ASN1_INTEGER ssl_version;
74 ASN1_OCTET_STRING cipher;
75 ASN1_OCTET_STRING master_key;
76 ASN1_OCTET_STRING session_id;
77 ASN1_OCTET_STRING session_id_context;
78 ASN1_INTEGER time;
79 ASN1_INTEGER timeout;
80 ASN1_INTEGER verify_result;
81 ASN1_OCTET_STRING tlsext_hostname;
82 ASN1_INTEGER tlsext_tick_lifetime;
83 ASN1_OCTET_STRING tlsext_tick;
84} SSL_SESSION_ASN1;
85
86int
87i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
88{
89#define LSIZE2 (sizeof(long)*2)
90 int v1 = 0, v2 = 0, v3 = 0, v4 = 0, v5 = 0, v6 = 0, v9 = 0, v10 = 0;
91 unsigned char buf[4], ibuf1[LSIZE2], ibuf2[LSIZE2];
92 unsigned char ibuf3[LSIZE2], ibuf4[LSIZE2], ibuf5[LSIZE2];
93 unsigned char ibuf6[LSIZE2];
94 SSL_SESSION_ASN1 a;
95 unsigned char *p;
96 int len = 0, ret;
97 long l;
98
99 if ((in == NULL) || ((in->cipher == NULL) && (in->cipher_id == 0)))
100 return (0);
101
102 /*
103 * Note that I cheat in the following 2 assignments.
104 * I know that if the ASN1_INTEGER passed to ASN1_INTEGER_set
105 * is > sizeof(long)+1, the buffer will not be re-malloc()ed.
106 * This is a bit evil but makes things simple, no dynamic allocation
107 * to clean up :-)
108 */
109 a.version.length = LSIZE2;
110 a.version.type = V_ASN1_INTEGER;
111 a.version.data = ibuf1;
112 ASN1_INTEGER_set(&(a.version), SSL_SESSION_ASN1_VERSION);
113 len += i2d_ASN1_INTEGER(&(a.version), NULL);
114
115 a.ssl_version.length = LSIZE2;
116 a.ssl_version.type = V_ASN1_INTEGER;
117 a.ssl_version.data = ibuf2;
118 ASN1_INTEGER_set(&(a.ssl_version), in->ssl_version);
119 len += i2d_ASN1_INTEGER(&(a.ssl_version), NULL);
120
121 a.cipher.length = 2;
122 a.cipher.type = V_ASN1_OCTET_STRING;
123 l = (in->cipher == NULL) ? in->cipher_id : in->cipher->id;
124 buf[0] = ((unsigned char)(l >> 8L)) & 0xff;
125 buf[1] = ((unsigned char)(l)) & 0xff;
126 a.cipher.data = buf;
127 len += i2d_ASN1_OCTET_STRING(&(a.cipher), NULL);
128
129 a.master_key.length = in->master_key_length;
130 a.master_key.type = V_ASN1_OCTET_STRING;
131 a.master_key.data = in->master_key;
132 len += i2d_ASN1_OCTET_STRING(&(a.master_key), NULL);
133
134 a.session_id.length = in->session_id_length;
135 a.session_id.type = V_ASN1_OCTET_STRING;
136 a.session_id.data = in->session_id;
137 len += i2d_ASN1_OCTET_STRING(&(a.session_id), NULL);
138
139 if (in->time != 0L) {
140 a.time.length = LSIZE2;
141 a.time.type = V_ASN1_INTEGER;
142 a.time.data = ibuf3;
143 ASN1_INTEGER_set(&(a.time), in->time); /* XXX 2038 */
144 v1 = i2d_ASN1_INTEGER(&(a.time), NULL);
145 len += ASN1_object_size(1, v1, 1);
146 }
147
148 if (in->timeout != 0L) {
149 a.timeout.length = LSIZE2;
150 a.timeout.type = V_ASN1_INTEGER;
151 a.timeout.data = ibuf4;
152 ASN1_INTEGER_set(&(a.timeout), in->timeout);
153 v2 = i2d_ASN1_INTEGER(&(a.timeout), NULL);
154 len += ASN1_object_size(1, v2, 2);
155 }
156
157 if (in->peer != NULL) {
158 v3 = i2d_X509(in->peer, NULL);
159 len += ASN1_object_size(1, v3, 3);
160 }
161
162 a.session_id_context.length = in->sid_ctx_length;
163 a.session_id_context.type = V_ASN1_OCTET_STRING;
164 a.session_id_context.data = in->sid_ctx;
165 v4 = i2d_ASN1_OCTET_STRING(&(a.session_id_context), NULL);
166 len += ASN1_object_size(1, v4, 4);
167
168 if (in->verify_result != X509_V_OK) {
169 a.verify_result.length = LSIZE2;
170 a.verify_result.type = V_ASN1_INTEGER;
171 a.verify_result.data = ibuf5;
172 ASN1_INTEGER_set(&a.verify_result, in->verify_result);
173 v5 = i2d_ASN1_INTEGER(&(a.verify_result), NULL);
174 len += ASN1_object_size(1, v5, 5);
175 }
176
177 if (in->tlsext_hostname) {
178 a.tlsext_hostname.length = strlen(in->tlsext_hostname);
179 a.tlsext_hostname.type = V_ASN1_OCTET_STRING;
180 a.tlsext_hostname.data = (unsigned char *)in->tlsext_hostname;
181 v6 = i2d_ASN1_OCTET_STRING(&(a.tlsext_hostname), NULL);
182 len += ASN1_object_size(1, v6, 6);
183 }
184
185 /* 7 - PSK identity hint. */
186 /* 8 - PSK identity. */
187
188 if (in->tlsext_tick_lifetime_hint > 0) {
189 a.tlsext_tick_lifetime.length = LSIZE2;
190 a.tlsext_tick_lifetime.type = V_ASN1_INTEGER;
191 a.tlsext_tick_lifetime.data = ibuf6;
192 ASN1_INTEGER_set(&a.tlsext_tick_lifetime,
193 in->tlsext_tick_lifetime_hint);
194 v9 = i2d_ASN1_INTEGER(&(a.tlsext_tick_lifetime), NULL);
195 len += ASN1_object_size(1, v9, 9);
196 }
197
198 if (in->tlsext_tick) {
199 a.tlsext_tick.length = in->tlsext_ticklen;
200 a.tlsext_tick.type = V_ASN1_OCTET_STRING;
201 a.tlsext_tick.data = (unsigned char *)in->tlsext_tick;
202 v10 = i2d_ASN1_OCTET_STRING(&(a.tlsext_tick), NULL);
203 len += ASN1_object_size(1, v10, 10);
204 }
205
206 /* 11 - Compression method. */
207 /* 12 - SRP username. */
208
209 /* If given a NULL pointer, return the length only. */
210 ret = (ASN1_object_size(1, len, V_ASN1_SEQUENCE));
211 if (pp == NULL)
212 return (ret);
213
214 /* Burp out the ASN1. */
215 p = *pp;
216 ASN1_put_object(&p, 1, len, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
217 i2d_ASN1_INTEGER(&(a.version), &p);
218 i2d_ASN1_INTEGER(&(a.ssl_version), &p);
219 i2d_ASN1_OCTET_STRING(&(a.cipher), &p);
220 i2d_ASN1_OCTET_STRING(&(a.session_id), &p);
221 i2d_ASN1_OCTET_STRING(&(a.master_key), &p);
222 if (in->time != 0L) {
223 ASN1_put_object(&p, 1, v1, 1, V_ASN1_CONTEXT_SPECIFIC);
224 i2d_ASN1_INTEGER(&(a.time), &p);
225 }
226 if (in->timeout != 0L) {
227 ASN1_put_object(&p, 1, v2, 2, V_ASN1_CONTEXT_SPECIFIC);
228 i2d_ASN1_INTEGER(&(a.timeout), &p);
229 }
230 if (in->peer != NULL) {
231 ASN1_put_object(&p, 1, v3, 3, V_ASN1_CONTEXT_SPECIFIC);
232 i2d_X509(in->peer, &p);
233 }
234 ASN1_put_object(&p, 1, v4, 4, V_ASN1_CONTEXT_SPECIFIC);
235 i2d_ASN1_OCTET_STRING(&(a.session_id_context), &p);
236 if (in->verify_result != X509_V_OK) {
237 ASN1_put_object(&p, 1, v5, 5, V_ASN1_CONTEXT_SPECIFIC);
238 i2d_ASN1_INTEGER(&(a.verify_result), &p);
239 }
240 if (in->tlsext_hostname) {
241 ASN1_put_object(&p, 1, v6, 6, V_ASN1_CONTEXT_SPECIFIC);
242 i2d_ASN1_OCTET_STRING(&(a.tlsext_hostname), &p);
243 }
244 /* 7 - PSK identity hint. */
245 /* 8 - PSK identity. */
246 if (in->tlsext_tick_lifetime_hint > 0) {
247 ASN1_put_object(&p, 1, v9, 9, V_ASN1_CONTEXT_SPECIFIC);
248 i2d_ASN1_INTEGER(&(a.tlsext_tick_lifetime), &p);
249 }
250 if (in->tlsext_tick) {
251 ASN1_put_object(&p, 1, v10, 10, V_ASN1_CONTEXT_SPECIFIC);
252 i2d_ASN1_OCTET_STRING(&(a.tlsext_tick), &p);
253 }
254 /* 11 - Compression method. */
255 /* 12 - SRP username. */
256
257 *pp = p;
258 return (ret);
259}
260
261SSL_SESSION *
262d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length)
263{
264 SSL_SESSION *ret = NULL;
265 ASN1_const_CTX c;
266 ASN1_INTEGER ai, *aip;
267 ASN1_OCTET_STRING os, *osp;
268 int ssl_version = 0, i;
269 int Tinf, Ttag, Tclass;
270 long Tlen;
271 long id;
272
273 c.pp = pp;
274 c.p = *pp;
275 c.q = *pp;
276 c.max = (length == 0) ? 0 : (c.p + length);
277 c.slen = length;
278
279 if (a == NULL || *a == NULL) {
280 if ((ret = SSL_SESSION_new()) == NULL) {
281 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
282 goto err;
283 }
284 } else
285 ret = *a;
286
287 aip = &ai;
288 osp = &os;
289
290 if (!asn1_GetSequence(&c, &length)) {
291 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
292 goto err;
293 }
294
295 ai.data = NULL;
296 ai.length = 0;
297 c.q = c.p;
298 if (d2i_ASN1_INTEGER(&aip, &c.p, c.slen) == NULL) {
299 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
300 goto err;
301 }
302 c.slen -= (c.p - c.q);
303
304 if (ai.data != NULL) {
305 free(ai.data);
306 ai.data = NULL;
307 ai.length = 0;
308 }
309
310 /* we don't care about the version right now :-) */
311 c.q = c.p;
312 if (d2i_ASN1_INTEGER(&aip, &c.p, c.slen) == NULL) {
313 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
314 goto err;
315 }
316 c.slen -= (c.p - c.q);
317 ssl_version = (int)ASN1_INTEGER_get(aip);
318 ret->ssl_version = ssl_version;
319 if (ai.data != NULL) {
320 free(ai.data);
321 ai.data = NULL;
322 ai.length = 0;
323 }
324
325 os.data = NULL;
326 os.length = 0;
327 c.q = c.p;
328 if (d2i_ASN1_OCTET_STRING(&osp, &c.p, c.slen) == NULL) {
329 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
330 goto err;
331 }
332 c.slen -= (c.p - c.q);
333 if ((ssl_version >> 8) >= SSL3_VERSION_MAJOR) {
334 if (os.length != 2) {
335 SSLerr(SSL_F_D2I_SSL_SESSION,
336 SSL_R_CIPHER_CODE_WRONG_LENGTH);
337 goto err;
338 }
339 id = 0x03000000L | ((unsigned long)os.data[0]<<8L) |
340 (unsigned long)os.data[1];
341 } else {
342 SSLerr(SSL_F_D2I_SSL_SESSION, SSL_R_UNKNOWN_SSL_VERSION);
343 goto err;
344 }
345
346 ret->cipher = NULL;
347 ret->cipher_id = id;
348
349 c.q = c.p;
350 if (d2i_ASN1_OCTET_STRING(&osp, &c.p, c.slen) == NULL) {
351 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
352 goto err;
353 }
354 c.slen -= (c.p - c.q);
355
356 i = SSL3_MAX_SSL_SESSION_ID_LENGTH;
357 if (os.length > i)
358 os.length = i;
359 if (os.length > (int)sizeof(ret->session_id)) /* can't happen */
360 os.length = sizeof(ret->session_id);
361
362 ret->session_id_length = os.length;
363 OPENSSL_assert(os.length <= (int)sizeof(ret->session_id));
364 memcpy(ret->session_id, os.data, os.length);
365
366 c.q = c.p;
367 if (d2i_ASN1_OCTET_STRING(&osp, &c.p, c.slen) == NULL) {
368 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
369 goto err;
370 }
371 c.slen -= (c.p - c.q);
372 if (os.length > SSL_MAX_MASTER_KEY_LENGTH)
373 ret->master_key_length = SSL_MAX_MASTER_KEY_LENGTH;
374 else
375 ret->master_key_length = os.length;
376 memcpy(ret->master_key, os.data, ret->master_key_length);
377
378 os.length = 0;
379
380 /* 1 - Time (INTEGER). */
381 /* XXX 2038 */
382 ai.length = 0;
383 if (c.slen != 0L &&
384 *c.p == (V_ASN1_CONSTRUCTED | V_ASN1_CONTEXT_SPECIFIC | 1)) {
385 c.q = c.p;
386 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen);
387 if (Tinf & 0x80) {
388 SSLerr(SSL_F_D2I_SSL_SESSION,
389 ERR_R_BAD_ASN1_OBJECT_HEADER);
390 goto err;
391 }
392 if (Tinf == (V_ASN1_CONSTRUCTED + 1))
393 Tlen = c.slen - (c.p - c.q) - 2;
394 if (d2i_ASN1_INTEGER(&aip, &c.p, Tlen) == NULL) {
395 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
396 goto err;
397 }
398 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) {
399 Tlen = c.slen - (c.p - c.q);
400 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) {
401 SSLerr(SSL_F_D2I_SSL_SESSION,
402 ERR_R_MISSING_ASN1_EOS);
403 goto err;
404 }
405 }
406 c.slen -= (c.p - c.q);
407 }
408 if (ai.data != NULL) {
409 ret->time = ASN1_INTEGER_get(aip);
410 free(ai.data);
411 ai.data = NULL;
412 ai.length = 0;
413 } else
414 ret->time = time(NULL);
415
416 /* 2 - Timeout (INTEGER). */
417 ai.length = 0;
418 if (c.slen != 0L &&
419 *c.p == (V_ASN1_CONSTRUCTED | V_ASN1_CONTEXT_SPECIFIC | 2)) {
420 c.q = c.p;
421 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen);
422 if (Tinf & 0x80) {
423 SSLerr(SSL_F_D2I_SSL_SESSION,
424 ERR_R_BAD_ASN1_OBJECT_HEADER);
425 goto err;
426 }
427 if (Tinf == (V_ASN1_CONSTRUCTED + 1))
428 Tlen = c.slen - (c.p - c.q) - 2;
429 if (d2i_ASN1_INTEGER(&aip, &c.p, Tlen) == NULL) {
430 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
431 goto err;
432 }
433 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) {
434 Tlen = c.slen - (c.p - c.q);
435 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) {
436 SSLerr(SSL_F_D2I_SSL_SESSION,
437 ERR_R_MISSING_ASN1_EOS);
438 goto err;
439 }
440 }
441 c.slen -= (c.p - c.q);
442 }
443 if (ai.data != NULL) {
444 ret->timeout = ASN1_INTEGER_get(aip);
445 free(ai.data);
446 ai.data = NULL;
447 ai.length = 0;
448 } else
449 ret->timeout = 3;
450
451 /* 3 - Peer (X509). */
452 if (ret->peer != NULL) {
453 X509_free(ret->peer);
454 ret->peer = NULL;
455 }
456 if (c.slen != 0L &&
457 *c.p == (V_ASN1_CONSTRUCTED | V_ASN1_CONTEXT_SPECIFIC | 3)) {
458 c.q = c.p;
459 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen);
460 if (Tinf & 0x80) {
461 SSLerr(SSL_F_D2I_SSL_SESSION,
462 ERR_R_BAD_ASN1_OBJECT_HEADER);
463 goto err;
464 }
465 if (Tinf == (V_ASN1_CONSTRUCTED + 1))
466 Tlen = c.slen - (c.p - c.q) - 2;
467 if (d2i_X509(&ret->peer, &c.p, Tlen) == NULL) {
468 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
469 goto err;
470 }
471 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) {
472 Tlen = c.slen - (c.p - c.q);
473 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) {
474 SSLerr(SSL_F_D2I_SSL_SESSION,
475 ERR_R_MISSING_ASN1_EOS);
476 goto err;
477 }
478 }
479 c.slen -= (c.p - c.q);
480 }
481
482 /* 4 - Session ID (OCTET STRING). */
483 os.length = 0;
484 free(os.data);
485 os.data = NULL;
486 if (c.slen != 0L &&
487 *c.p == (V_ASN1_CONSTRUCTED | V_ASN1_CONTEXT_SPECIFIC | 4)) {
488 c.q = c.p;
489 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen);
490 if (Tinf & 0x80) {
491 SSLerr(SSL_F_D2I_SSL_SESSION,
492 ERR_R_BAD_ASN1_OBJECT_HEADER);
493 goto err;
494 }
495 if (Tinf == (V_ASN1_CONSTRUCTED + 1))
496 Tlen = c.slen - (c.p - c.q) - 2;
497 if (d2i_ASN1_OCTET_STRING(&osp, &c.p, Tlen) == NULL) {
498 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
499 goto err;
500 }
501 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) {
502 Tlen = c.slen - (c.p - c.q);
503 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) {
504 SSLerr(SSL_F_D2I_SSL_SESSION,
505 ERR_R_MISSING_ASN1_EOS);
506 goto err;
507 }
508 }
509 c.slen -= (c.p - c.q);
510 }
511 if (os.data != NULL) {
512 if (os.length > SSL_MAX_SID_CTX_LENGTH) {
513 SSLerr(SSL_F_D2I_SSL_SESSION, SSL_R_BAD_LENGTH);
514 goto err;
515 } else {
516 ret->sid_ctx_length = os.length;
517 memcpy(ret->sid_ctx, os.data, os.length);
518 }
519 free(os.data);
520 os.data = NULL;
521 os.length = 0;
522 } else
523 ret->sid_ctx_length = 0;
524
525 /* 5 - Verify_result. */
526 ai.length = 0;
527 if (c.slen != 0L &&
528 *c.p == (V_ASN1_CONSTRUCTED | V_ASN1_CONTEXT_SPECIFIC | 5)) {
529 c.q = c.p;
530 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen);
531 if (Tinf & 0x80) {
532 SSLerr(SSL_F_D2I_SSL_SESSION,
533 ERR_R_BAD_ASN1_OBJECT_HEADER);
534 goto err;
535 }
536 if (Tinf == (V_ASN1_CONSTRUCTED + 1))
537 Tlen = c.slen - (c.p - c.q) - 2;
538 if (d2i_ASN1_INTEGER(&aip, &c.p, Tlen) == NULL) {
539 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
540 goto err;
541 }
542 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) {
543 Tlen = c.slen - (c.p - c.q);
544 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) {
545 SSLerr(SSL_F_D2I_SSL_SESSION,
546 ERR_R_MISSING_ASN1_EOS);
547 goto err;
548 }
549 }
550 c.slen -= (c.p - c.q);
551 }
552 if (ai.data != NULL) {
553 ret->verify_result = ASN1_INTEGER_get(aip);
554 free(ai.data);
555 ai.data = NULL;
556 ai.length = 0;
557 } else
558 ret->verify_result = X509_V_OK;
559
560 /* 6 - HostName (OCTET STRING). */
561 os.length = 0;
562 os.data = NULL;
563 if (c.slen != 0L &&
564 *c.p == (V_ASN1_CONSTRUCTED | V_ASN1_CONTEXT_SPECIFIC | 6)) {
565 c.q = c.p;
566 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen);
567 if (Tinf & 0x80) {
568 SSLerr(SSL_F_D2I_SSL_SESSION,
569 ERR_R_BAD_ASN1_OBJECT_HEADER);
570 goto err;
571 }
572 if (Tinf == (V_ASN1_CONSTRUCTED + 1))
573 Tlen = c.slen - (c.p - c.q) - 2;
574 if (d2i_ASN1_OCTET_STRING(&osp, &c.p, Tlen) == NULL) {
575 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
576 goto err;
577 }
578 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) {
579 Tlen = c.slen - (c.p - c.q);
580 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) {
581 SSLerr(SSL_F_D2I_SSL_SESSION,
582 ERR_R_MISSING_ASN1_EOS);
583 goto err;
584 }
585 }
586 c.slen -= (c.p - c.q);
587 }
588 if (os.data) {
589 ret->tlsext_hostname = strndup((char *)os.data, os.length);
590 free(os.data);
591 os.data = NULL;
592 os.length = 0;
593 } else
594 ret->tlsext_hostname = NULL;
595
596 /* 7 - PSK identity hint (OCTET STRING). */
597 /* 8 - PSK identity (OCTET STRING). */
598
599 /* 9 - Ticket lifetime. */
600 ai.length = 0;
601 if (c.slen != 0L &&
602 *c.p == (V_ASN1_CONSTRUCTED | V_ASN1_CONTEXT_SPECIFIC | 9)) {
603 c.q = c.p;
604 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen);
605 if (Tinf & 0x80) {
606 SSLerr(SSL_F_D2I_SSL_SESSION,
607 ERR_R_BAD_ASN1_OBJECT_HEADER);
608 goto err;
609 }
610 if (Tinf == (V_ASN1_CONSTRUCTED + 1))
611 Tlen = c.slen - (c.p - c.q) - 2;
612 if (d2i_ASN1_INTEGER(&aip, &c.p, Tlen) == NULL) {
613 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
614 goto err;
615 }
616 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) {
617 Tlen = c.slen - (c.p - c.q);
618 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) {
619 SSLerr(SSL_F_D2I_SSL_SESSION,
620 ERR_R_MISSING_ASN1_EOS);
621 goto err;
622 }
623 }
624 c.slen -= (c.p - c.q);
625 }
626 if (ai.data != NULL) {
627 ret->tlsext_tick_lifetime_hint = ASN1_INTEGER_get(aip);
628 free(ai.data);
629 ai.data = NULL;
630 ai.length = 0;
631 } else if (ret->tlsext_ticklen && ret->session_id_length)
632 ret->tlsext_tick_lifetime_hint = -1;
633 else
634 ret->tlsext_tick_lifetime_hint = 0;
635 os.length = 0;
636 os.data = NULL;
637
638 /* 10 - Ticket (OCTET STRING). */
639 if (c.slen != 0L &&
640 *c.p == (V_ASN1_CONSTRUCTED | V_ASN1_CONTEXT_SPECIFIC | 10)) {
641 c.q = c.p;
642 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen);
643 if (Tinf & 0x80) {
644 SSLerr(SSL_F_D2I_SSL_SESSION,
645 ERR_R_BAD_ASN1_OBJECT_HEADER);
646 goto err;
647 }
648 if (Tinf == (V_ASN1_CONSTRUCTED + 1))
649 Tlen = c.slen - (c.p - c.q) - 2;
650 if (d2i_ASN1_OCTET_STRING(&osp, &c.p, Tlen) == NULL) {
651 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
652 goto err;
653 }
654 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) {
655 Tlen = c.slen - (c.p - c.q);
656 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) {
657 SSLerr(SSL_F_D2I_SSL_SESSION,
658 ERR_R_MISSING_ASN1_EOS);
659 goto err;
660 }
661 }
662 c.slen -= (c.p - c.q);
663 }
664 if (os.data) {
665 ret->tlsext_tick = os.data;
666 ret->tlsext_ticklen = os.length;
667 os.data = NULL;
668 os.length = 0;
669 } else
670 ret->tlsext_tick = NULL;
671
672 /* 11 - Compression method (OCTET STRING). */
673 /* 12 - SRP username (OCTET STRING). */
674
675 if (!asn1_const_Finish(&c)) {
676 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
677 goto err;
678 }
679
680 *pp = c.p;
681 if (a != NULL)
682 *a = ret;
683
684 return (ret);
685
686err:
687 ERR_asprintf_error_data("offset=%d", (int)(c.q - *pp));
688 if (ret != NULL && (a == NULL || *a != ret))
689 SSL_SESSION_free(ret);
690
691 return (NULL);
692}
diff --git a/src/lib/libssl/ssl_cert.c b/src/lib/libssl/ssl_cert.c
deleted file mode 100644
index bc864883c8..0000000000
--- a/src/lib/libssl/ssl_cert.c
+++ /dev/null
@@ -1,735 +0,0 @@
1/* $OpenBSD: ssl_cert.c,v 1.50 2015/04/06 04:09:59 guenther Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111/* ====================================================================
112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113 * ECC cipher suite support in OpenSSL originally developed by
114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
115 */
116
117#include <sys/types.h>
118
119#include <dirent.h>
120#include <stdio.h>
121#include <unistd.h>
122
123#include <openssl/bio.h>
124#include <openssl/bn.h>
125#include <openssl/dh.h>
126#include <openssl/objects.h>
127#include <openssl/opensslconf.h>
128#include <openssl/pem.h>
129#include <openssl/x509v3.h>
130
131#include "ssl_locl.h"
132
133int
134SSL_get_ex_data_X509_STORE_CTX_idx(void)
135{
136 static volatile int ssl_x509_store_ctx_idx = -1;
137 int got_write_lock = 0;
138
139 CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
140
141 if (ssl_x509_store_ctx_idx < 0) {
142 CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
143 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
144 got_write_lock = 1;
145
146 if (ssl_x509_store_ctx_idx < 0) {
147 ssl_x509_store_ctx_idx =
148 X509_STORE_CTX_get_ex_new_index(
149 0, "SSL for verify callback", NULL, NULL, NULL);
150 }
151 }
152
153 if (got_write_lock)
154 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
155 else
156 CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
157
158 return ssl_x509_store_ctx_idx;
159}
160
161static void
162ssl_cert_set_default_md(CERT *cert)
163{
164 /* Set digest values to defaults */
165 cert->pkeys[SSL_PKEY_DSA_SIGN].digest = EVP_sha1();
166 cert->pkeys[SSL_PKEY_RSA_SIGN].digest = EVP_sha1();
167 cert->pkeys[SSL_PKEY_RSA_ENC].digest = EVP_sha1();
168 cert->pkeys[SSL_PKEY_ECC].digest = EVP_sha1();
169#ifndef OPENSSL_NO_GOST
170 cert->pkeys[SSL_PKEY_GOST01].digest = EVP_gostr341194();
171#endif
172}
173
174CERT *
175ssl_cert_new(void)
176{
177 CERT *ret;
178
179 ret = calloc(1, sizeof(CERT));
180 if (ret == NULL) {
181 SSLerr(SSL_F_SSL_CERT_NEW, ERR_R_MALLOC_FAILURE);
182 return (NULL);
183 }
184 ret->key = &(ret->pkeys[SSL_PKEY_RSA_ENC]);
185 ret->references = 1;
186 ssl_cert_set_default_md(ret);
187 return (ret);
188}
189
190CERT *
191ssl_cert_dup(CERT *cert)
192{
193 CERT *ret;
194 int i;
195
196 ret = calloc(1, sizeof(CERT));
197 if (ret == NULL) {
198 SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_MALLOC_FAILURE);
199 return (NULL);
200 }
201
202 /*
203 * same as ret->key = ret->pkeys + (cert->key - cert->pkeys),
204 * if you find that more readable
205 */
206 ret->key = &ret->pkeys[cert->key - &cert->pkeys[0]];
207
208 ret->valid = cert->valid;
209 ret->mask_k = cert->mask_k;
210 ret->mask_a = cert->mask_a;
211
212 if (cert->dh_tmp != NULL) {
213 ret->dh_tmp = DHparams_dup(cert->dh_tmp);
214 if (ret->dh_tmp == NULL) {
215 SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_DH_LIB);
216 goto err;
217 }
218 if (cert->dh_tmp->priv_key) {
219 BIGNUM *b = BN_dup(cert->dh_tmp->priv_key);
220 if (!b) {
221 SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_BN_LIB);
222 goto err;
223 }
224 ret->dh_tmp->priv_key = b;
225 }
226 if (cert->dh_tmp->pub_key) {
227 BIGNUM *b = BN_dup(cert->dh_tmp->pub_key);
228 if (!b) {
229 SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_BN_LIB);
230 goto err;
231 }
232 ret->dh_tmp->pub_key = b;
233 }
234 }
235 ret->dh_tmp_cb = cert->dh_tmp_cb;
236 ret->dh_tmp_auto = cert->dh_tmp_auto;
237
238 if (cert->ecdh_tmp) {
239 ret->ecdh_tmp = EC_KEY_dup(cert->ecdh_tmp);
240 if (ret->ecdh_tmp == NULL) {
241 SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_EC_LIB);
242 goto err;
243 }
244 }
245 ret->ecdh_tmp_cb = cert->ecdh_tmp_cb;
246 ret->ecdh_tmp_auto = cert->ecdh_tmp_auto;
247
248 for (i = 0; i < SSL_PKEY_NUM; i++) {
249 if (cert->pkeys[i].x509 != NULL) {
250 ret->pkeys[i].x509 = cert->pkeys[i].x509;
251 CRYPTO_add(&ret->pkeys[i].x509->references, 1,
252 CRYPTO_LOCK_X509);
253 }
254
255 if (cert->pkeys[i].privatekey != NULL) {
256 ret->pkeys[i].privatekey = cert->pkeys[i].privatekey;
257 CRYPTO_add(&ret->pkeys[i].privatekey->references, 1,
258 CRYPTO_LOCK_EVP_PKEY);
259
260 switch (i) {
261 /*
262 * If there was anything special to do for
263 * certain types of keys, we'd do it here.
264 * (Nothing at the moment, I think.)
265 */
266
267 case SSL_PKEY_RSA_ENC:
268 case SSL_PKEY_RSA_SIGN:
269 /* We have an RSA key. */
270 break;
271
272 case SSL_PKEY_DSA_SIGN:
273 /* We have a DSA key. */
274 break;
275
276 case SSL_PKEY_DH_RSA:
277 case SSL_PKEY_DH_DSA:
278 /* We have a DH key. */
279 break;
280
281 case SSL_PKEY_ECC:
282 /* We have an ECC key */
283 break;
284
285 default:
286 /* Can't happen. */
287 SSLerr(SSL_F_SSL_CERT_DUP, SSL_R_LIBRARY_BUG);
288 }
289 }
290 }
291
292 /*
293 * ret->extra_certs *should* exist, but currently the own certificate
294 * chain is held inside SSL_CTX
295 */
296
297 ret->references = 1;
298 /*
299 * Set digests to defaults. NB: we don't copy existing values
300 * as they will be set during handshake.
301 */
302 ssl_cert_set_default_md(ret);
303
304 return (ret);
305
306err:
307 DH_free(ret->dh_tmp);
308 EC_KEY_free(ret->ecdh_tmp);
309
310 for (i = 0; i < SSL_PKEY_NUM; i++) {
311 if (ret->pkeys[i].x509 != NULL)
312 X509_free(ret->pkeys[i].x509);
313 EVP_PKEY_free(ret->pkeys[i].privatekey);
314 }
315 free (ret);
316 return NULL;
317}
318
319
320void
321ssl_cert_free(CERT *c)
322{
323 int i;
324
325 if (c == NULL)
326 return;
327
328 i = CRYPTO_add(&c->references, -1, CRYPTO_LOCK_SSL_CERT);
329 if (i > 0)
330 return;
331
332 DH_free(c->dh_tmp);
333 EC_KEY_free(c->ecdh_tmp);
334
335 for (i = 0; i < SSL_PKEY_NUM; i++) {
336 if (c->pkeys[i].x509 != NULL)
337 X509_free(c->pkeys[i].x509);
338 EVP_PKEY_free(c->pkeys[i].privatekey);
339 }
340
341 free(c);
342}
343
344int
345ssl_cert_inst(CERT **o)
346{
347 /*
348 * Create a CERT if there isn't already one
349 * (which cannot really happen, as it is initially created in
350 * SSL_CTX_new; but the earlier code usually allows for that one
351 * being non-existant, so we follow that behaviour, as it might
352 * turn out that there actually is a reason for it -- but I'm
353 * not sure that *all* of the existing code could cope with
354 * s->cert being NULL, otherwise we could do without the
355 * initialization in SSL_CTX_new).
356 */
357
358 if (o == NULL) {
359 SSLerr(SSL_F_SSL_CERT_INST, ERR_R_PASSED_NULL_PARAMETER);
360 return (0);
361 }
362 if (*o == NULL) {
363 if ((*o = ssl_cert_new()) == NULL) {
364 SSLerr(SSL_F_SSL_CERT_INST, ERR_R_MALLOC_FAILURE);
365 return (0);
366 }
367 }
368 return (1);
369}
370
371
372SESS_CERT *
373ssl_sess_cert_new(void)
374{
375 SESS_CERT *ret;
376
377 ret = calloc(1, sizeof *ret);
378 if (ret == NULL) {
379 SSLerr(SSL_F_SSL_SESS_CERT_NEW, ERR_R_MALLOC_FAILURE);
380 return NULL;
381 }
382 ret->peer_key = &(ret->peer_pkeys[SSL_PKEY_RSA_ENC]);
383 ret->references = 1;
384
385 return ret;
386}
387
388void
389ssl_sess_cert_free(SESS_CERT *sc)
390{
391 int i;
392
393 if (sc == NULL)
394 return;
395
396 i = CRYPTO_add(&sc->references, -1, CRYPTO_LOCK_SSL_SESS_CERT);
397 if (i > 0)
398 return;
399
400 /* i == 0 */
401 if (sc->cert_chain != NULL)
402 sk_X509_pop_free(sc->cert_chain, X509_free);
403 for (i = 0; i < SSL_PKEY_NUM; i++) {
404 if (sc->peer_pkeys[i].x509 != NULL)
405 X509_free(sc->peer_pkeys[i].x509);
406 }
407
408 DH_free(sc->peer_dh_tmp);
409 EC_KEY_free(sc->peer_ecdh_tmp);
410
411 free(sc);
412}
413
414int
415ssl_set_peer_cert_type(SESS_CERT *sc, int type)
416{
417 sc->peer_cert_type = type;
418 return (1);
419}
420
421int
422ssl_verify_cert_chain(SSL *s, STACK_OF(X509) *sk)
423{
424 X509_STORE_CTX ctx;
425 X509 *x;
426 int ret;
427
428 if ((sk == NULL) || (sk_X509_num(sk) == 0))
429 return (0);
430
431 x = sk_X509_value(sk, 0);
432 if (!X509_STORE_CTX_init(&ctx, s->ctx->cert_store, x, sk)) {
433 SSLerr(SSL_F_SSL_VERIFY_CERT_CHAIN, ERR_R_X509_LIB);
434 return (0);
435 }
436 X509_STORE_CTX_set_ex_data(&ctx,
437 SSL_get_ex_data_X509_STORE_CTX_idx(), s);
438
439 /*
440 * We need to inherit the verify parameters. These can be
441 * determined by the context: if its a server it will verify
442 * SSL client certificates or vice versa.
443 */
444 X509_STORE_CTX_set_default(&ctx,
445 s->server ? "ssl_client" : "ssl_server");
446
447 /*
448 * Anything non-default in "param" should overwrite anything
449 * in the ctx.
450 */
451 X509_VERIFY_PARAM_set1(X509_STORE_CTX_get0_param(&ctx), s->param);
452
453 if (s->verify_callback)
454 X509_STORE_CTX_set_verify_cb(&ctx, s->verify_callback);
455
456 if (s->ctx->app_verify_callback != NULL)
457 ret = s->ctx->app_verify_callback(&ctx, s->ctx->app_verify_arg);
458 else
459 ret = X509_verify_cert(&ctx);
460
461 s->verify_result = ctx.error;
462 X509_STORE_CTX_cleanup(&ctx);
463
464 return (ret);
465}
466
467static void
468set_client_CA_list(STACK_OF(X509_NAME) **ca_list,
469 STACK_OF(X509_NAME) *name_list)
470{
471 if (*ca_list != NULL)
472 sk_X509_NAME_pop_free(*ca_list, X509_NAME_free);
473
474 *ca_list = name_list;
475}
476
477STACK_OF(X509_NAME) *
478SSL_dup_CA_list(STACK_OF(X509_NAME) *sk)
479{
480 int i;
481 STACK_OF(X509_NAME) *ret;
482 X509_NAME *name;
483
484 ret = sk_X509_NAME_new_null();
485 for (i = 0; i < sk_X509_NAME_num(sk); i++) {
486 name = X509_NAME_dup(sk_X509_NAME_value(sk, i));
487 if ((name == NULL) || !sk_X509_NAME_push(ret, name)) {
488 sk_X509_NAME_pop_free(ret, X509_NAME_free);
489 return (NULL);
490 }
491 }
492 return (ret);
493}
494
495void
496SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *name_list)
497{
498 set_client_CA_list(&(s->client_CA), name_list);
499}
500
501void
502SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *name_list)
503{
504 set_client_CA_list(&(ctx->client_CA), name_list);
505}
506
507STACK_OF(X509_NAME) *
508SSL_CTX_get_client_CA_list(const SSL_CTX *ctx)
509{
510 return (ctx->client_CA);
511}
512
513STACK_OF(X509_NAME) *
514SSL_get_client_CA_list(const SSL *s)
515{
516 if (s->type == SSL_ST_CONNECT) {
517 /* We are in the client. */
518 if (((s->version >> 8) == SSL3_VERSION_MAJOR) &&
519 (s->s3 != NULL))
520 return (s->s3->tmp.ca_names);
521 else
522 return (NULL);
523 } else {
524 if (s->client_CA != NULL)
525 return (s->client_CA);
526 else
527 return (s->ctx->client_CA);
528 }
529}
530
531static int
532add_client_CA(STACK_OF(X509_NAME) **sk, X509 *x)
533{
534 X509_NAME *name;
535
536 if (x == NULL)
537 return (0);
538 if ((*sk == NULL) && ((*sk = sk_X509_NAME_new_null()) == NULL))
539 return (0);
540
541 if ((name = X509_NAME_dup(X509_get_subject_name(x))) == NULL)
542 return (0);
543
544 if (!sk_X509_NAME_push(*sk, name)) {
545 X509_NAME_free(name);
546 return (0);
547 }
548 return (1);
549}
550
551int
552SSL_add_client_CA(SSL *ssl, X509 *x)
553{
554 return (add_client_CA(&(ssl->client_CA), x));
555}
556
557int
558SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x)
559{
560 return (add_client_CA(&(ctx->client_CA), x));
561}
562
563static int
564xname_cmp(const X509_NAME * const *a, const X509_NAME * const *b)
565{
566 return (X509_NAME_cmp(*a, *b));
567}
568
569/*!
570 * Load CA certs from a file into a ::STACK. Note that it is somewhat misnamed;
571 * it doesn't really have anything to do with clients (except that a common use
572 * for a stack of CAs is to send it to the client). Actually, it doesn't have
573 * much to do with CAs, either, since it will load any old cert.
574 * \param file the file containing one or more certs.
575 * \return a ::STACK containing the certs.
576 */
577STACK_OF(X509_NAME) *
578SSL_load_client_CA_file(const char *file)
579{
580 BIO *in;
581 X509 *x = NULL;
582 X509_NAME *xn = NULL;
583 STACK_OF(X509_NAME) *ret = NULL, *sk;
584
585 sk = sk_X509_NAME_new(xname_cmp);
586
587 in = BIO_new(BIO_s_file_internal());
588
589 if ((sk == NULL) || (in == NULL)) {
590 SSLerr(SSL_F_SSL_LOAD_CLIENT_CA_FILE, ERR_R_MALLOC_FAILURE);
591 goto err;
592 }
593
594 if (!BIO_read_filename(in, file))
595 goto err;
596
597 for (;;) {
598 if (PEM_read_bio_X509(in, &x, NULL, NULL) == NULL)
599 break;
600 if (ret == NULL) {
601 ret = sk_X509_NAME_new_null();
602 if (ret == NULL) {
603 SSLerr(SSL_F_SSL_LOAD_CLIENT_CA_FILE,
604 ERR_R_MALLOC_FAILURE);
605 goto err;
606 }
607 }
608 if ((xn = X509_get_subject_name(x)) == NULL) goto err;
609 /* check for duplicates */
610 xn = X509_NAME_dup(xn);
611 if (xn == NULL)
612 goto err;
613 if (sk_X509_NAME_find(sk, xn) >= 0)
614 X509_NAME_free(xn);
615 else {
616 sk_X509_NAME_push(sk, xn);
617 sk_X509_NAME_push(ret, xn);
618 }
619 }
620
621 if (0) {
622err:
623 if (ret != NULL)
624 sk_X509_NAME_pop_free(ret, X509_NAME_free);
625 ret = NULL;
626 }
627 if (sk != NULL)
628 sk_X509_NAME_free(sk);
629 BIO_free(in);
630 if (x != NULL)
631 X509_free(x);
632 if (ret != NULL)
633 ERR_clear_error();
634 return (ret);
635}
636
637/*!
638 * Add a file of certs to a stack.
639 * \param stack the stack to add to.
640 * \param file the file to add from. All certs in this file that are not
641 * already in the stack will be added.
642 * \return 1 for success, 0 for failure. Note that in the case of failure some
643 * certs may have been added to \c stack.
644 */
645
646int
647SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
648 const char *file)
649{
650 BIO *in;
651 X509 *x = NULL;
652 X509_NAME *xn = NULL;
653 int ret = 1;
654 int (*oldcmp)(const X509_NAME * const *a, const X509_NAME * const *b);
655
656 oldcmp = sk_X509_NAME_set_cmp_func(stack, xname_cmp);
657
658 in = BIO_new(BIO_s_file_internal());
659
660 if (in == NULL) {
661 SSLerr(SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK,
662 ERR_R_MALLOC_FAILURE);
663 goto err;
664 }
665
666 if (!BIO_read_filename(in, file))
667 goto err;
668
669 for (;;) {
670 if (PEM_read_bio_X509(in, &x, NULL, NULL) == NULL)
671 break;
672 if ((xn = X509_get_subject_name(x)) == NULL) goto err;
673 xn = X509_NAME_dup(xn);
674 if (xn == NULL)
675 goto err;
676 if (sk_X509_NAME_find(stack, xn) >= 0)
677 X509_NAME_free(xn);
678 else
679 sk_X509_NAME_push(stack, xn);
680 }
681
682 ERR_clear_error();
683
684 if (0) {
685err:
686 ret = 0;
687 }
688 BIO_free(in);
689 if (x != NULL)
690 X509_free(x);
691
692 (void)sk_X509_NAME_set_cmp_func(stack, oldcmp);
693
694 return ret;
695}
696
697/*!
698 * Add a directory of certs to a stack.
699 * \param stack the stack to append to.
700 * \param dir the directory to append from. All files in this directory will be
701 * examined as potential certs. Any that are acceptable to
702 * SSL_add_dir_cert_subjects_to_stack() that are not already in the stack will
703 * be included.
704 * \return 1 for success, 0 for failure. Note that in the case of failure some
705 * certs may have been added to \c stack.
706 */
707
708int
709SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, const char *dir)
710{
711 DIR *dirp = NULL;
712 char *path = NULL;
713 int ret = 0;
714
715 dirp = opendir(dir);
716 if (dirp) {
717 struct dirent *dp;
718 while ((dp = readdir(dirp)) != NULL) {
719 if (asprintf(&path, "%s/%s", dir, dp->d_name) != -1) {
720 ret = SSL_add_file_cert_subjects_to_stack(
721 stack, path);
722 free(path);
723 }
724 if (!ret)
725 break;
726 }
727 (void) closedir(dirp);
728 }
729 if (!ret) {
730 SYSerr(SYS_F_OPENDIR, errno);
731 ERR_asprintf_error_data("opendir ('%s')", dir);
732 SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK, ERR_R_SYS_LIB);
733 }
734 return ret;
735}
diff --git a/src/lib/libssl/ssl_ciph.c b/src/lib/libssl/ssl_ciph.c
deleted file mode 100644
index 96b4099d19..0000000000
--- a/src/lib/libssl/ssl_ciph.c
+++ /dev/null
@@ -1,1765 +0,0 @@
1/* $OpenBSD: ssl_ciph.c,v 1.81 2015/02/07 04:17:11 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111/* ====================================================================
112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113 * ECC cipher suite support in OpenSSL originally developed by
114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
115 */
116/* ====================================================================
117 * Copyright 2005 Nokia. All rights reserved.
118 *
119 * The portions of the attached software ("Contribution") is developed by
120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
121 * license.
122 *
123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
125 * support (see RFC 4279) to OpenSSL.
126 *
127 * No patent licenses or other rights except those expressly stated in
128 * the OpenSSL open source license shall be deemed granted or received
129 * expressly, by implication, estoppel, or otherwise.
130 *
131 * No assurances are provided by Nokia that the Contribution does not
132 * infringe the patent or other intellectual property rights of any third
133 * party or that the license provides you with all the necessary rights
134 * to make use of the Contribution.
135 *
136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
140 * OTHERWISE.
141 */
142
143#include <stdio.h>
144
145#include <openssl/objects.h>
146
147#ifndef OPENSSL_NO_ENGINE
148#include <openssl/engine.h>
149#endif
150
151#include "ssl_locl.h"
152
153#define SSL_ENC_DES_IDX 0
154#define SSL_ENC_3DES_IDX 1
155#define SSL_ENC_RC4_IDX 2
156#define SSL_ENC_IDEA_IDX 3
157#define SSL_ENC_NULL_IDX 4
158#define SSL_ENC_AES128_IDX 5
159#define SSL_ENC_AES256_IDX 6
160#define SSL_ENC_CAMELLIA128_IDX 7
161#define SSL_ENC_CAMELLIA256_IDX 8
162#define SSL_ENC_GOST89_IDX 9
163#define SSL_ENC_AES128GCM_IDX 10
164#define SSL_ENC_AES256GCM_IDX 11
165#define SSL_ENC_NUM_IDX 12
166
167
168static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX] = {
169 NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
170};
171
172#define SSL_MD_MD5_IDX 0
173#define SSL_MD_SHA1_IDX 1
174#define SSL_MD_GOST94_IDX 2
175#define SSL_MD_GOST89MAC_IDX 3
176#define SSL_MD_SHA256_IDX 4
177#define SSL_MD_SHA384_IDX 5
178#define SSL_MD_STREEBOG256_IDX 6
179#define SSL_MD_STREEBOG512_IDX 7
180/*Constant SSL_MAX_DIGEST equal to size of digests array should be
181 * defined in the
182 * ssl_locl.h */
183#define SSL_MD_NUM_IDX SSL_MAX_DIGEST
184static const EVP_MD *ssl_digest_methods[SSL_MD_NUM_IDX] = {
185 NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
186};
187
188static int ssl_mac_pkey_id[SSL_MD_NUM_IDX] = {
189 EVP_PKEY_HMAC, EVP_PKEY_HMAC, EVP_PKEY_HMAC, EVP_PKEY_GOSTIMIT,
190 EVP_PKEY_HMAC, EVP_PKEY_HMAC, EVP_PKEY_HMAC, EVP_PKEY_HMAC,
191};
192
193static int ssl_mac_secret_size[SSL_MD_NUM_IDX] = {
194 0, 0, 0, 0, 0, 0, 0, 0
195};
196
197static int ssl_handshake_digest_flag[SSL_MD_NUM_IDX] = {
198 SSL_HANDSHAKE_MAC_MD5, SSL_HANDSHAKE_MAC_SHA,
199 SSL_HANDSHAKE_MAC_GOST94, 0, SSL_HANDSHAKE_MAC_SHA256,
200 SSL_HANDSHAKE_MAC_SHA384, SSL_HANDSHAKE_MAC_STREEBOG256,
201 SSL_HANDSHAKE_MAC_STREEBOG512
202};
203
204#define CIPHER_ADD 1
205#define CIPHER_KILL 2
206#define CIPHER_DEL 3
207#define CIPHER_ORD 4
208#define CIPHER_SPECIAL 5
209
210typedef struct cipher_order_st {
211 const SSL_CIPHER *cipher;
212 int active;
213 int dead;
214 struct cipher_order_st *next, *prev;
215} CIPHER_ORDER;
216
217static const SSL_CIPHER cipher_aliases[] = {
218
219 /* "ALL" doesn't include eNULL (must be specifically enabled) */
220 {
221 .name = SSL_TXT_ALL,
222 .algorithm_enc = ~SSL_eNULL,
223 },
224
225 /* "COMPLEMENTOFALL" */
226 {
227 .name = SSL_TXT_CMPALL,
228 .algorithm_enc = SSL_eNULL,
229 },
230
231 /*
232 * "COMPLEMENTOFDEFAULT"
233 * (does *not* include ciphersuites not found in ALL!)
234 */
235 {
236 .name = SSL_TXT_CMPDEF,
237 .algorithm_mkey = SSL_kDHE|SSL_kECDHE,
238 .algorithm_auth = SSL_aNULL,
239 .algorithm_enc = ~SSL_eNULL,
240 },
241
242 /*
243 * key exchange aliases
244 * (some of those using only a single bit here combine multiple key
245 * exchange algs according to the RFCs, e.g. kEDH combines DHE_DSS
246 * and DHE_RSA)
247 */
248 {
249 .name = SSL_TXT_kRSA,
250 .algorithm_mkey = SSL_kRSA,
251 },
252 {
253 .name = SSL_TXT_kEDH,
254 .algorithm_mkey = SSL_kDHE,
255 },
256 {
257 .name = SSL_TXT_DH,
258 .algorithm_mkey = SSL_kDHE,
259 },
260
261 {
262 .name = SSL_TXT_kECDHr,
263 .algorithm_mkey = SSL_kECDHr,
264 },
265 {
266 .name = SSL_TXT_kECDHe,
267 .algorithm_mkey = SSL_kECDHe,
268 },
269 {
270 .name = SSL_TXT_kECDH,
271 .algorithm_mkey = SSL_kECDHr|SSL_kECDHe,
272 },
273 {
274 .name = SSL_TXT_kEECDH,
275 .algorithm_mkey = SSL_kECDHE,
276 },
277 {
278 .name = SSL_TXT_ECDH,
279 .algorithm_mkey = SSL_kECDHr|SSL_kECDHe|SSL_kECDHE,
280 },
281
282 {
283 .name = SSL_TXT_kGOST,
284 .algorithm_mkey = SSL_kGOST,
285 },
286
287 /* server authentication aliases */
288 {
289 .name = SSL_TXT_aRSA,
290 .algorithm_auth = SSL_aRSA,
291 },
292 {
293 .name = SSL_TXT_aDSS,
294 .algorithm_auth = SSL_aDSS,
295 },
296 {
297 .name = SSL_TXT_DSS,
298 .algorithm_auth = SSL_aDSS,
299 },
300 {
301 .name = SSL_TXT_aNULL,
302 .algorithm_auth = SSL_aNULL,
303 },
304 {
305 .name = SSL_TXT_aECDH,
306 .algorithm_auth = SSL_aECDH,
307 },
308 {
309 .name = SSL_TXT_aECDSA,
310 .algorithm_auth = SSL_aECDSA,
311 },
312 {
313 .name = SSL_TXT_ECDSA,
314 .algorithm_auth = SSL_aECDSA,
315 },
316 {
317 .name = SSL_TXT_aGOST01,
318 .algorithm_auth = SSL_aGOST01,
319 },
320 {
321 .name = SSL_TXT_aGOST,
322 .algorithm_auth = SSL_aGOST01,
323 },
324
325 /* aliases combining key exchange and server authentication */
326 {
327 .name = SSL_TXT_DHE,
328 .algorithm_mkey = SSL_kDHE,
329 .algorithm_auth = ~SSL_aNULL,
330 },
331 {
332 .name = SSL_TXT_EDH,
333 .algorithm_mkey = SSL_kDHE,
334 .algorithm_auth = ~SSL_aNULL,
335 },
336 {
337 .name = SSL_TXT_ECDHE,
338 .algorithm_mkey = SSL_kECDHE,
339 .algorithm_auth = ~SSL_aNULL,
340 },
341 {
342 .name = SSL_TXT_EECDH,
343 .algorithm_mkey = SSL_kECDHE,
344 .algorithm_auth = ~SSL_aNULL,
345 },
346 {
347 .name = SSL_TXT_NULL,
348 .algorithm_enc = SSL_eNULL,
349 },
350 {
351 .name = SSL_TXT_RSA,
352 .algorithm_mkey = SSL_kRSA,
353 .algorithm_auth = SSL_aRSA,
354 },
355 {
356 .name = SSL_TXT_ADH,
357 .algorithm_mkey = SSL_kDHE,
358 .algorithm_auth = SSL_aNULL,
359 },
360 {
361 .name = SSL_TXT_AECDH,
362 .algorithm_mkey = SSL_kECDHE,
363 .algorithm_auth = SSL_aNULL,
364 },
365
366 /* symmetric encryption aliases */
367 {
368 .name = SSL_TXT_DES,
369 .algorithm_enc = SSL_DES,
370 },
371 {
372 .name = SSL_TXT_3DES,
373 .algorithm_enc = SSL_3DES,
374 },
375 {
376 .name = SSL_TXT_RC4,
377 .algorithm_enc = SSL_RC4,
378 },
379 {
380 .name = SSL_TXT_IDEA,
381 .algorithm_enc = SSL_IDEA,
382 },
383 {
384 .name = SSL_TXT_eNULL,
385 .algorithm_enc = SSL_eNULL,
386 },
387 {
388 .name = SSL_TXT_AES128,
389 .algorithm_enc = SSL_AES128|SSL_AES128GCM,
390 },
391 {
392 .name = SSL_TXT_AES256,
393 .algorithm_enc = SSL_AES256|SSL_AES256GCM,
394 },
395 {
396 .name = SSL_TXT_AES,
397 .algorithm_enc = SSL_AES,
398 },
399 {
400 .name = SSL_TXT_AES_GCM,
401 .algorithm_enc = SSL_AES128GCM|SSL_AES256GCM,
402 },
403 {
404 .name = SSL_TXT_CAMELLIA128,
405 .algorithm_enc = SSL_CAMELLIA128,
406 },
407 {
408 .name = SSL_TXT_CAMELLIA256,
409 .algorithm_enc = SSL_CAMELLIA256,
410 },
411 {
412 .name = SSL_TXT_CAMELLIA,
413 .algorithm_enc = SSL_CAMELLIA128|SSL_CAMELLIA256,
414 },
415 {
416 .name = SSL_TXT_CHACHA20,
417 .algorithm_enc = SSL_CHACHA20POLY1305,
418 },
419
420 /* MAC aliases */
421 {
422 .name = SSL_TXT_AEAD,
423 .algorithm_mac = SSL_AEAD,
424 },
425 {
426 .name = SSL_TXT_MD5,
427 .algorithm_mac = SSL_MD5,
428 },
429 {
430 .name = SSL_TXT_SHA1,
431 .algorithm_mac = SSL_SHA1,
432 },
433 {
434 .name = SSL_TXT_SHA,
435 .algorithm_mac = SSL_SHA1,
436 },
437 {
438 .name = SSL_TXT_GOST94,
439 .algorithm_mac = SSL_GOST94,
440 },
441 {
442 .name = SSL_TXT_GOST89MAC,
443 .algorithm_mac = SSL_GOST89MAC,
444 },
445 {
446 .name = SSL_TXT_SHA256,
447 .algorithm_mac = SSL_SHA256,
448 },
449 {
450 .name = SSL_TXT_SHA384,
451 .algorithm_mac = SSL_SHA384,
452 },
453 {
454 .name = SSL_TXT_STREEBOG256,
455 .algorithm_mac = SSL_STREEBOG256,
456 },
457 {
458 .name = SSL_TXT_STREEBOG512,
459 .algorithm_mac = SSL_STREEBOG512,
460 },
461
462 /* protocol version aliases */
463 {
464 .name = SSL_TXT_SSLV3,
465 .algorithm_ssl = SSL_SSLV3,
466 },
467 {
468 .name = SSL_TXT_TLSV1,
469 .algorithm_ssl = SSL_TLSV1,
470 },
471 {
472 .name = SSL_TXT_TLSV1_2,
473 .algorithm_ssl = SSL_TLSV1_2,
474 },
475
476 /* strength classes */
477 {
478 .name = SSL_TXT_LOW,
479 .algo_strength = SSL_LOW,
480 },
481 {
482 .name = SSL_TXT_MEDIUM,
483 .algo_strength = SSL_MEDIUM,
484 },
485 {
486 .name = SSL_TXT_HIGH,
487 .algo_strength = SSL_HIGH,
488 },
489};
490
491void
492ssl_load_ciphers(void)
493{
494 ssl_cipher_methods[SSL_ENC_DES_IDX] =
495 EVP_get_cipherbyname(SN_des_cbc);
496 ssl_cipher_methods[SSL_ENC_3DES_IDX] =
497 EVP_get_cipherbyname(SN_des_ede3_cbc);
498 ssl_cipher_methods[SSL_ENC_RC4_IDX] =
499 EVP_get_cipherbyname(SN_rc4);
500#ifndef OPENSSL_NO_IDEA
501 ssl_cipher_methods[SSL_ENC_IDEA_IDX] =
502 EVP_get_cipherbyname(SN_idea_cbc);
503#else
504 ssl_cipher_methods[SSL_ENC_IDEA_IDX] = NULL;
505#endif
506 ssl_cipher_methods[SSL_ENC_AES128_IDX] =
507 EVP_get_cipherbyname(SN_aes_128_cbc);
508 ssl_cipher_methods[SSL_ENC_AES256_IDX] =
509 EVP_get_cipherbyname(SN_aes_256_cbc);
510 ssl_cipher_methods[SSL_ENC_CAMELLIA128_IDX] =
511 EVP_get_cipherbyname(SN_camellia_128_cbc);
512 ssl_cipher_methods[SSL_ENC_CAMELLIA256_IDX] =
513 EVP_get_cipherbyname(SN_camellia_256_cbc);
514 ssl_cipher_methods[SSL_ENC_GOST89_IDX] =
515 EVP_get_cipherbyname(SN_gost89_cnt);
516
517 ssl_cipher_methods[SSL_ENC_AES128GCM_IDX] =
518 EVP_get_cipherbyname(SN_aes_128_gcm);
519 ssl_cipher_methods[SSL_ENC_AES256GCM_IDX] =
520 EVP_get_cipherbyname(SN_aes_256_gcm);
521
522 ssl_digest_methods[SSL_MD_MD5_IDX] =
523 EVP_get_digestbyname(SN_md5);
524 ssl_mac_secret_size[SSL_MD_MD5_IDX] =
525 EVP_MD_size(ssl_digest_methods[SSL_MD_MD5_IDX]);
526 OPENSSL_assert(ssl_mac_secret_size[SSL_MD_MD5_IDX] >= 0);
527 ssl_digest_methods[SSL_MD_SHA1_IDX] =
528 EVP_get_digestbyname(SN_sha1);
529 ssl_mac_secret_size[SSL_MD_SHA1_IDX] =
530 EVP_MD_size(ssl_digest_methods[SSL_MD_SHA1_IDX]);
531 OPENSSL_assert(ssl_mac_secret_size[SSL_MD_SHA1_IDX] >= 0);
532 ssl_digest_methods[SSL_MD_GOST94_IDX] =
533 EVP_get_digestbyname(SN_id_GostR3411_94);
534 if (ssl_digest_methods[SSL_MD_GOST94_IDX]) {
535 ssl_mac_secret_size[SSL_MD_GOST94_IDX] =
536 EVP_MD_size(ssl_digest_methods[SSL_MD_GOST94_IDX]);
537 OPENSSL_assert(ssl_mac_secret_size[SSL_MD_GOST94_IDX] >= 0);
538 }
539 ssl_digest_methods[SSL_MD_GOST89MAC_IDX] =
540 EVP_get_digestbyname(SN_id_Gost28147_89_MAC);
541 if (ssl_mac_pkey_id[SSL_MD_GOST89MAC_IDX]) {
542 ssl_mac_secret_size[SSL_MD_GOST89MAC_IDX] = 32;
543 }
544
545 ssl_digest_methods[SSL_MD_SHA256_IDX] =
546 EVP_get_digestbyname(SN_sha256);
547 ssl_mac_secret_size[SSL_MD_SHA256_IDX] =
548 EVP_MD_size(ssl_digest_methods[SSL_MD_SHA256_IDX]);
549 ssl_digest_methods[SSL_MD_SHA384_IDX] =
550 EVP_get_digestbyname(SN_sha384);
551 ssl_mac_secret_size[SSL_MD_SHA384_IDX] =
552 EVP_MD_size(ssl_digest_methods[SSL_MD_SHA384_IDX]);
553 ssl_digest_methods[SSL_MD_STREEBOG256_IDX] =
554 EVP_get_digestbyname(SN_id_tc26_gost3411_2012_256);
555 ssl_mac_secret_size[SSL_MD_STREEBOG256_IDX] =
556 EVP_MD_size(ssl_digest_methods[SSL_MD_STREEBOG256_IDX]);
557 ssl_digest_methods[SSL_MD_STREEBOG512_IDX] =
558 EVP_get_digestbyname(SN_id_tc26_gost3411_2012_512);
559 ssl_mac_secret_size[SSL_MD_STREEBOG512_IDX] =
560 EVP_MD_size(ssl_digest_methods[SSL_MD_STREEBOG512_IDX]);
561}
562
563int
564ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
565 const EVP_MD **md, int *mac_pkey_type, int *mac_secret_size)
566{
567 const SSL_CIPHER *c;
568 int i;
569
570 c = s->cipher;
571 if (c == NULL)
572 return (0);
573
574 /*
575 * This function does not handle EVP_AEAD.
576 * See ssl_cipher_get_aead_evp instead.
577 */
578 if (c->algorithm2 & SSL_CIPHER_ALGORITHM2_AEAD)
579 return(0);
580
581 if ((enc == NULL) || (md == NULL))
582 return (0);
583
584 switch (c->algorithm_enc) {
585 case SSL_DES:
586 i = SSL_ENC_DES_IDX;
587 break;
588 case SSL_3DES:
589 i = SSL_ENC_3DES_IDX;
590 break;
591 case SSL_RC4:
592 i = SSL_ENC_RC4_IDX;
593 break;
594 case SSL_IDEA:
595 i = SSL_ENC_IDEA_IDX;
596 break;
597 case SSL_eNULL:
598 i = SSL_ENC_NULL_IDX;
599 break;
600 case SSL_AES128:
601 i = SSL_ENC_AES128_IDX;
602 break;
603 case SSL_AES256:
604 i = SSL_ENC_AES256_IDX;
605 break;
606 case SSL_CAMELLIA128:
607 i = SSL_ENC_CAMELLIA128_IDX;
608 break;
609 case SSL_CAMELLIA256:
610 i = SSL_ENC_CAMELLIA256_IDX;
611 break;
612 case SSL_eGOST2814789CNT:
613 i = SSL_ENC_GOST89_IDX;
614 break;
615 case SSL_AES128GCM:
616 i = SSL_ENC_AES128GCM_IDX;
617 break;
618 case SSL_AES256GCM:
619 i = SSL_ENC_AES256GCM_IDX;
620 break;
621 default:
622 i = -1;
623 break;
624 }
625
626 if ((i < 0) || (i >= SSL_ENC_NUM_IDX))
627 *enc = NULL;
628 else {
629 if (i == SSL_ENC_NULL_IDX)
630 *enc = EVP_enc_null();
631 else
632 *enc = ssl_cipher_methods[i];
633 }
634
635 switch (c->algorithm_mac) {
636 case SSL_MD5:
637 i = SSL_MD_MD5_IDX;
638 break;
639 case SSL_SHA1:
640 i = SSL_MD_SHA1_IDX;
641 break;
642 case SSL_SHA256:
643 i = SSL_MD_SHA256_IDX;
644 break;
645 case SSL_SHA384:
646 i = SSL_MD_SHA384_IDX;
647 break;
648 case SSL_GOST94:
649 i = SSL_MD_GOST94_IDX;
650 break;
651 case SSL_GOST89MAC:
652 i = SSL_MD_GOST89MAC_IDX;
653 break;
654 case SSL_STREEBOG256:
655 i = SSL_MD_STREEBOG256_IDX;
656 break;
657 case SSL_STREEBOG512:
658 i = SSL_MD_STREEBOG512_IDX;
659 break;
660 default:
661 i = -1;
662 break;
663 }
664 if ((i < 0) || (i >= SSL_MD_NUM_IDX)) {
665 *md = NULL;
666
667 if (mac_pkey_type != NULL)
668 *mac_pkey_type = NID_undef;
669 if (mac_secret_size != NULL)
670 *mac_secret_size = 0;
671 if (c->algorithm_mac == SSL_AEAD)
672 mac_pkey_type = NULL;
673 } else {
674 *md = ssl_digest_methods[i];
675 if (mac_pkey_type != NULL)
676 *mac_pkey_type = ssl_mac_pkey_id[i];
677 if (mac_secret_size != NULL)
678 *mac_secret_size = ssl_mac_secret_size[i];
679 }
680
681 if ((*enc != NULL) &&
682 (*md != NULL || (EVP_CIPHER_flags(*enc)&EVP_CIPH_FLAG_AEAD_CIPHER)) &&
683 (!mac_pkey_type || *mac_pkey_type != NID_undef)) {
684 const EVP_CIPHER *evp;
685
686 if (s->ssl_version >> 8 != TLS1_VERSION_MAJOR ||
687 s->ssl_version < TLS1_VERSION)
688 return 1;
689
690 if (c->algorithm_enc == SSL_RC4 &&
691 c->algorithm_mac == SSL_MD5 &&
692 (evp = EVP_get_cipherbyname("RC4-HMAC-MD5")))
693 *enc = evp, *md = NULL;
694 else if (c->algorithm_enc == SSL_AES128 &&
695 c->algorithm_mac == SSL_SHA1 &&
696 (evp = EVP_get_cipherbyname("AES-128-CBC-HMAC-SHA1")))
697 *enc = evp, *md = NULL;
698 else if (c->algorithm_enc == SSL_AES256 &&
699 c->algorithm_mac == SSL_SHA1 &&
700 (evp = EVP_get_cipherbyname("AES-256-CBC-HMAC-SHA1")))
701 *enc = evp, *md = NULL;
702 return (1);
703 } else
704 return (0);
705}
706
707/*
708 * ssl_cipher_get_evp_aead sets aead to point to the correct EVP_AEAD object
709 * for s->cipher. It returns 1 on success and 0 on error.
710 */
711int
712ssl_cipher_get_evp_aead(const SSL_SESSION *s, const EVP_AEAD **aead)
713{
714 const SSL_CIPHER *c = s->cipher;
715
716 *aead = NULL;
717
718 if (c == NULL)
719 return 0;
720 if ((c->algorithm2 & SSL_CIPHER_ALGORITHM2_AEAD) == 0)
721 return 0;
722
723 switch (c->algorithm_enc) {
724#ifndef OPENSSL_NO_AES
725 case SSL_AES128GCM:
726 *aead = EVP_aead_aes_128_gcm();
727 return 1;
728 case SSL_AES256GCM:
729 *aead = EVP_aead_aes_256_gcm();
730 return 1;
731#endif
732#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
733 case SSL_CHACHA20POLY1305:
734 *aead = EVP_aead_chacha20_poly1305();
735 return 1;
736#endif
737 default:
738 break;
739 }
740 return 0;
741}
742
743int
744ssl_get_handshake_digest(int idx, long *mask, const EVP_MD **md)
745{
746 if (idx < 0 || idx >= SSL_MD_NUM_IDX) {
747 return 0;
748 }
749 *mask = ssl_handshake_digest_flag[idx];
750 if (*mask)
751 *md = ssl_digest_methods[idx];
752 else
753 *md = NULL;
754 return 1;
755}
756
757#define ITEM_SEP(a) \
758 (((a) == ':') || ((a) == ' ') || ((a) == ';') || ((a) == ','))
759
760static void
761ll_append_tail(CIPHER_ORDER **head, CIPHER_ORDER *curr,
762 CIPHER_ORDER **tail)
763{
764 if (curr == *tail)
765 return;
766 if (curr == *head)
767 *head = curr->next;
768 if (curr->prev != NULL)
769 curr->prev->next = curr->next;
770 if (curr->next != NULL)
771 curr->next->prev = curr->prev;
772 (*tail)->next = curr;
773 curr->prev= *tail;
774 curr->next = NULL;
775 *tail = curr;
776}
777
778static void
779ll_append_head(CIPHER_ORDER **head, CIPHER_ORDER *curr,
780 CIPHER_ORDER **tail)
781{
782 if (curr == *head)
783 return;
784 if (curr == *tail)
785 *tail = curr->prev;
786 if (curr->next != NULL)
787 curr->next->prev = curr->prev;
788 if (curr->prev != NULL)
789 curr->prev->next = curr->next;
790 (*head)->prev = curr;
791 curr->next= *head;
792 curr->prev = NULL;
793 *head = curr;
794}
795
796static void
797ssl_cipher_get_disabled(unsigned long *mkey, unsigned long *auth,
798 unsigned long *enc, unsigned long *mac, unsigned long *ssl)
799{
800 *mkey = 0;
801 *auth = 0;
802 *enc = 0;
803 *mac = 0;
804 *ssl = 0;
805
806 /*
807 * Check for the availability of GOST 34.10 public/private key
808 * algorithms. If they are not available disable the associated
809 * authentication and key exchange algorithms.
810 */
811 if (EVP_PKEY_meth_find(NID_id_GostR3410_2001) == NULL) {
812 *auth |= SSL_aGOST01;
813 *mkey |= SSL_kGOST;
814 }
815
816#ifdef SSL_FORBID_ENULL
817 *enc |= SSL_eNULL;
818#endif
819
820 *enc |= (ssl_cipher_methods[SSL_ENC_DES_IDX ] == NULL) ? SSL_DES : 0;
821 *enc |= (ssl_cipher_methods[SSL_ENC_3DES_IDX] == NULL) ? SSL_3DES : 0;
822 *enc |= (ssl_cipher_methods[SSL_ENC_RC4_IDX ] == NULL) ? SSL_RC4 : 0;
823 *enc |= (ssl_cipher_methods[SSL_ENC_IDEA_IDX] == NULL) ? SSL_IDEA : 0;
824 *enc |= (ssl_cipher_methods[SSL_ENC_AES128_IDX] == NULL) ? SSL_AES128 : 0;
825 *enc |= (ssl_cipher_methods[SSL_ENC_AES256_IDX] == NULL) ? SSL_AES256 : 0;
826 *enc |= (ssl_cipher_methods[SSL_ENC_AES128GCM_IDX] == NULL) ? SSL_AES128GCM : 0;
827 *enc |= (ssl_cipher_methods[SSL_ENC_AES256GCM_IDX] == NULL) ? SSL_AES256GCM : 0;
828 *enc |= (ssl_cipher_methods[SSL_ENC_CAMELLIA128_IDX] == NULL) ? SSL_CAMELLIA128 : 0;
829 *enc |= (ssl_cipher_methods[SSL_ENC_CAMELLIA256_IDX] == NULL) ? SSL_CAMELLIA256 : 0;
830 *enc |= (ssl_cipher_methods[SSL_ENC_GOST89_IDX] == NULL) ? SSL_eGOST2814789CNT : 0;
831
832 *mac |= (ssl_digest_methods[SSL_MD_MD5_IDX ] == NULL) ? SSL_MD5 : 0;
833 *mac |= (ssl_digest_methods[SSL_MD_SHA1_IDX] == NULL) ? SSL_SHA1 : 0;
834 *mac |= (ssl_digest_methods[SSL_MD_SHA256_IDX] == NULL) ? SSL_SHA256 : 0;
835 *mac |= (ssl_digest_methods[SSL_MD_SHA384_IDX] == NULL) ? SSL_SHA384 : 0;
836 *mac |= (ssl_digest_methods[SSL_MD_GOST94_IDX] == NULL) ? SSL_GOST94 : 0;
837 *mac |= (ssl_digest_methods[SSL_MD_GOST89MAC_IDX] == NULL) ? SSL_GOST89MAC : 0;
838 *mac |= (ssl_digest_methods[SSL_MD_STREEBOG256_IDX] == NULL) ? SSL_STREEBOG256 : 0;
839 *mac |= (ssl_digest_methods[SSL_MD_STREEBOG512_IDX] == NULL) ? SSL_STREEBOG512 : 0;
840
841}
842
843static void
844ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method, int num_of_ciphers,
845 unsigned long disabled_mkey, unsigned long disabled_auth,
846 unsigned long disabled_enc, unsigned long disabled_mac,
847 unsigned long disabled_ssl, CIPHER_ORDER *co_list,
848 CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p)
849{
850 int i, co_list_num;
851 const SSL_CIPHER *c;
852
853 /*
854 * We have num_of_ciphers descriptions compiled in, depending on the
855 * method selected (SSLv3, TLSv1, etc). These will later be sorted in
856 * a linked list with at most num entries.
857 */
858
859 /* Get the initial list of ciphers */
860 co_list_num = 0; /* actual count of ciphers */
861 for (i = 0; i < num_of_ciphers; i++) {
862 c = ssl_method->get_cipher(i);
863 /* drop those that use any of that is not available */
864 if ((c != NULL) && c->valid &&
865 !(c->algorithm_mkey & disabled_mkey) &&
866 !(c->algorithm_auth & disabled_auth) &&
867 !(c->algorithm_enc & disabled_enc) &&
868 !(c->algorithm_mac & disabled_mac) &&
869 !(c->algorithm_ssl & disabled_ssl)) {
870 co_list[co_list_num].cipher = c;
871 co_list[co_list_num].next = NULL;
872 co_list[co_list_num].prev = NULL;
873 co_list[co_list_num].active = 0;
874 co_list_num++;
875 /*
876 if (!sk_push(ca_list,(char *)c)) goto err;
877 */
878 }
879 }
880
881 /*
882 * Prepare linked list from list entries
883 */
884 if (co_list_num > 0) {
885 co_list[0].prev = NULL;
886
887 if (co_list_num > 1) {
888 co_list[0].next = &co_list[1];
889
890 for (i = 1; i < co_list_num - 1; i++) {
891 co_list[i].prev = &co_list[i - 1];
892 co_list[i].next = &co_list[i + 1];
893 }
894
895 co_list[co_list_num - 1].prev =
896 &co_list[co_list_num - 2];
897 }
898
899 co_list[co_list_num - 1].next = NULL;
900
901 *head_p = &co_list[0];
902 *tail_p = &co_list[co_list_num - 1];
903 }
904}
905
906static void
907ssl_cipher_collect_aliases(const SSL_CIPHER **ca_list, int num_of_group_aliases,
908 unsigned long disabled_mkey, unsigned long disabled_auth,
909 unsigned long disabled_enc, unsigned long disabled_mac,
910 unsigned long disabled_ssl, CIPHER_ORDER *head)
911{
912 CIPHER_ORDER *ciph_curr;
913 const SSL_CIPHER **ca_curr;
914 int i;
915 unsigned long mask_mkey = ~disabled_mkey;
916 unsigned long mask_auth = ~disabled_auth;
917 unsigned long mask_enc = ~disabled_enc;
918 unsigned long mask_mac = ~disabled_mac;
919 unsigned long mask_ssl = ~disabled_ssl;
920
921 /*
922 * First, add the real ciphers as already collected
923 */
924 ciph_curr = head;
925 ca_curr = ca_list;
926 while (ciph_curr != NULL) {
927 *ca_curr = ciph_curr->cipher;
928 ca_curr++;
929 ciph_curr = ciph_curr->next;
930 }
931
932 /*
933 * Now we add the available ones from the cipher_aliases[] table.
934 * They represent either one or more algorithms, some of which
935 * in any affected category must be supported (set in enabled_mask),
936 * or represent a cipher strength value (will be added in any case because algorithms=0).
937 */
938 for (i = 0; i < num_of_group_aliases; i++) {
939 unsigned long algorithm_mkey = cipher_aliases[i].algorithm_mkey;
940 unsigned long algorithm_auth = cipher_aliases[i].algorithm_auth;
941 unsigned long algorithm_enc = cipher_aliases[i].algorithm_enc;
942 unsigned long algorithm_mac = cipher_aliases[i].algorithm_mac;
943 unsigned long algorithm_ssl = cipher_aliases[i].algorithm_ssl;
944
945 if (algorithm_mkey)
946 if ((algorithm_mkey & mask_mkey) == 0)
947 continue;
948
949 if (algorithm_auth)
950 if ((algorithm_auth & mask_auth) == 0)
951 continue;
952
953 if (algorithm_enc)
954 if ((algorithm_enc & mask_enc) == 0)
955 continue;
956
957 if (algorithm_mac)
958 if ((algorithm_mac & mask_mac) == 0)
959 continue;
960
961 if (algorithm_ssl)
962 if ((algorithm_ssl & mask_ssl) == 0)
963 continue;
964
965 *ca_curr = (SSL_CIPHER *)(cipher_aliases + i);
966 ca_curr++;
967 }
968
969 *ca_curr = NULL; /* end of list */
970}
971
972static void
973ssl_cipher_apply_rule(unsigned long cipher_id, unsigned long alg_mkey,
974 unsigned long alg_auth, unsigned long alg_enc, unsigned long alg_mac,
975 unsigned long alg_ssl, unsigned long algo_strength,
976 int rule, int strength_bits, CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p)
977{
978 CIPHER_ORDER *head, *tail, *curr, *next, *last;
979 const SSL_CIPHER *cp;
980 int reverse = 0;
981
982
983 if (rule == CIPHER_DEL)
984 reverse = 1; /* needed to maintain sorting between currently deleted ciphers */
985
986 head = *head_p;
987 tail = *tail_p;
988
989 if (reverse) {
990 next = tail;
991 last = head;
992 } else {
993 next = head;
994 last = tail;
995 }
996
997 curr = NULL;
998 for (;;) {
999 if (curr == last)
1000 break;
1001 curr = next;
1002 next = reverse ? curr->prev : curr->next;
1003
1004 cp = curr->cipher;
1005
1006 /*
1007 * Selection criteria is either the value of strength_bits
1008 * or the algorithms used.
1009 */
1010 if (strength_bits >= 0) {
1011 if (strength_bits != cp->strength_bits)
1012 continue;
1013 } else {
1014
1015 if (alg_mkey && !(alg_mkey & cp->algorithm_mkey))
1016 continue;
1017 if (alg_auth && !(alg_auth & cp->algorithm_auth))
1018 continue;
1019 if (alg_enc && !(alg_enc & cp->algorithm_enc))
1020 continue;
1021 if (alg_mac && !(alg_mac & cp->algorithm_mac))
1022 continue;
1023 if (alg_ssl && !(alg_ssl & cp->algorithm_ssl))
1024 continue;
1025 if ((algo_strength & SSL_STRONG_MASK) && !(algo_strength & SSL_STRONG_MASK & cp->algo_strength))
1026 continue;
1027 }
1028
1029
1030 /* add the cipher if it has not been added yet. */
1031 if (rule == CIPHER_ADD) {
1032 /* reverse == 0 */
1033 if (!curr->active) {
1034 ll_append_tail(&head, curr, &tail);
1035 curr->active = 1;
1036 }
1037 }
1038 /* Move the added cipher to this location */
1039 else if (rule == CIPHER_ORD) {
1040 /* reverse == 0 */
1041 if (curr->active) {
1042 ll_append_tail(&head, curr, &tail);
1043 }
1044 } else if (rule == CIPHER_DEL) {
1045 /* reverse == 1 */
1046 if (curr->active) {
1047 /* most recently deleted ciphersuites get best positions
1048 * for any future CIPHER_ADD (note that the CIPHER_DEL loop
1049 * works in reverse to maintain the order) */
1050 ll_append_head(&head, curr, &tail);
1051 curr->active = 0;
1052 }
1053 } else if (rule == CIPHER_KILL) {
1054 /* reverse == 0 */
1055 if (head == curr)
1056 head = curr->next;
1057 else
1058 curr->prev->next = curr->next;
1059 if (tail == curr)
1060 tail = curr->prev;
1061 curr->active = 0;
1062 if (curr->next != NULL)
1063 curr->next->prev = curr->prev;
1064 if (curr->prev != NULL)
1065 curr->prev->next = curr->next;
1066 curr->next = NULL;
1067 curr->prev = NULL;
1068 }
1069 }
1070
1071 *head_p = head;
1072 *tail_p = tail;
1073}
1074
1075static int
1076ssl_cipher_strength_sort(CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p)
1077{
1078 int max_strength_bits, i, *number_uses;
1079 CIPHER_ORDER *curr;
1080
1081 /*
1082 * This routine sorts the ciphers with descending strength. The sorting
1083 * must keep the pre-sorted sequence, so we apply the normal sorting
1084 * routine as '+' movement to the end of the list.
1085 */
1086 max_strength_bits = 0;
1087 curr = *head_p;
1088 while (curr != NULL) {
1089 if (curr->active &&
1090 (curr->cipher->strength_bits > max_strength_bits))
1091 max_strength_bits = curr->cipher->strength_bits;
1092 curr = curr->next;
1093 }
1094
1095 number_uses = calloc((max_strength_bits + 1), sizeof(int));
1096 if (!number_uses) {
1097 SSLerr(SSL_F_SSL_CIPHER_STRENGTH_SORT, ERR_R_MALLOC_FAILURE);
1098 return (0);
1099 }
1100
1101 /*
1102 * Now find the strength_bits values actually used
1103 */
1104 curr = *head_p;
1105 while (curr != NULL) {
1106 if (curr->active)
1107 number_uses[curr->cipher->strength_bits]++;
1108 curr = curr->next;
1109 }
1110 /*
1111 * Go through the list of used strength_bits values in descending
1112 * order.
1113 */
1114 for (i = max_strength_bits; i >= 0; i--)
1115 if (number_uses[i] > 0)
1116 ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, CIPHER_ORD, i, head_p, tail_p);
1117
1118 free(number_uses);
1119 return (1);
1120}
1121
1122static int
1123ssl_cipher_process_rulestr(const char *rule_str, CIPHER_ORDER **head_p,
1124 CIPHER_ORDER **tail_p, const SSL_CIPHER **ca_list)
1125{
1126 unsigned long alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl;
1127 unsigned long algo_strength;
1128 int j, multi, found, rule, retval, ok, buflen;
1129 unsigned long cipher_id = 0;
1130 const char *l, *buf;
1131 char ch;
1132
1133 retval = 1;
1134 l = rule_str;
1135 for (;;) {
1136 ch = *l;
1137
1138 if (ch == '\0')
1139 break;
1140
1141 if (ch == '-') {
1142 rule = CIPHER_DEL;
1143 l++;
1144 } else if (ch == '+') {
1145 rule = CIPHER_ORD;
1146 l++;
1147 } else if (ch == '!') {
1148 rule = CIPHER_KILL;
1149 l++;
1150 } else if (ch == '@') {
1151 rule = CIPHER_SPECIAL;
1152 l++;
1153 } else {
1154 rule = CIPHER_ADD;
1155 }
1156
1157 if (ITEM_SEP(ch)) {
1158 l++;
1159 continue;
1160 }
1161
1162 alg_mkey = 0;
1163 alg_auth = 0;
1164 alg_enc = 0;
1165 alg_mac = 0;
1166 alg_ssl = 0;
1167 algo_strength = 0;
1168
1169 for (;;) {
1170 ch = *l;
1171 buf = l;
1172 buflen = 0;
1173 while (((ch >= 'A') && (ch <= 'Z')) ||
1174 ((ch >= '0') && (ch <= '9')) ||
1175 ((ch >= 'a') && (ch <= 'z')) ||
1176 (ch == '-') || (ch == '.')) {
1177 ch = *(++l);
1178 buflen++;
1179 }
1180
1181 if (buflen == 0) {
1182 /*
1183 * We hit something we cannot deal with,
1184 * it is no command or separator nor
1185 * alphanumeric, so we call this an error.
1186 */
1187 SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR,
1188 SSL_R_INVALID_COMMAND);
1189 retval = found = 0;
1190 l++;
1191 break;
1192 }
1193
1194 if (rule == CIPHER_SPECIAL) {
1195 /* unused -- avoid compiler warning */
1196 found = 0;
1197 /* special treatment */
1198 break;
1199 }
1200
1201 /* check for multi-part specification */
1202 if (ch == '+') {
1203 multi = 1;
1204 l++;
1205 } else
1206 multi = 0;
1207
1208 /*
1209 * Now search for the cipher alias in the ca_list.
1210 * Be careful with the strncmp, because the "buflen"
1211 * limitation will make the rule "ADH:SOME" and the
1212 * cipher "ADH-MY-CIPHER" look like a match for
1213 * buflen=3. So additionally check whether the cipher
1214 * name found has the correct length. We can save a
1215 * strlen() call: just checking for the '\0' at the
1216 * right place is sufficient, we have to strncmp()
1217 * anyway (we cannot use strcmp(), because buf is not
1218 * '\0' terminated.)
1219 */
1220 j = found = 0;
1221 cipher_id = 0;
1222 while (ca_list[j]) {
1223 if (!strncmp(buf, ca_list[j]->name, buflen) &&
1224 (ca_list[j]->name[buflen] == '\0')) {
1225 found = 1;
1226 break;
1227 } else
1228 j++;
1229 }
1230
1231 if (!found)
1232 break; /* ignore this entry */
1233
1234 if (ca_list[j]->algorithm_mkey) {
1235 if (alg_mkey) {
1236 alg_mkey &= ca_list[j]->algorithm_mkey;
1237 if (!alg_mkey) {
1238 found = 0;
1239 break;
1240 }
1241 } else
1242 alg_mkey = ca_list[j]->algorithm_mkey;
1243 }
1244
1245 if (ca_list[j]->algorithm_auth) {
1246 if (alg_auth) {
1247 alg_auth &= ca_list[j]->algorithm_auth;
1248 if (!alg_auth) {
1249 found = 0;
1250 break;
1251 }
1252 } else
1253 alg_auth = ca_list[j]->algorithm_auth;
1254 }
1255
1256 if (ca_list[j]->algorithm_enc) {
1257 if (alg_enc) {
1258 alg_enc &= ca_list[j]->algorithm_enc;
1259 if (!alg_enc) {
1260 found = 0;
1261 break;
1262 }
1263 } else
1264 alg_enc = ca_list[j]->algorithm_enc;
1265 }
1266
1267 if (ca_list[j]->algorithm_mac) {
1268 if (alg_mac) {
1269 alg_mac &= ca_list[j]->algorithm_mac;
1270 if (!alg_mac) {
1271 found = 0;
1272 break;
1273 }
1274 } else
1275 alg_mac = ca_list[j]->algorithm_mac;
1276 }
1277
1278 if (ca_list[j]->algo_strength & SSL_STRONG_MASK) {
1279 if (algo_strength & SSL_STRONG_MASK) {
1280 algo_strength &=
1281 (ca_list[j]->algo_strength &
1282 SSL_STRONG_MASK) | ~SSL_STRONG_MASK;
1283 if (!(algo_strength &
1284 SSL_STRONG_MASK)) {
1285 found = 0;
1286 break;
1287 }
1288 } else
1289 algo_strength |=
1290 ca_list[j]->algo_strength &
1291 SSL_STRONG_MASK;
1292 }
1293
1294 if (ca_list[j]->valid) {
1295 /*
1296 * explicit ciphersuite found; its protocol
1297 * version does not become part of the search
1298 * pattern!
1299 */
1300 cipher_id = ca_list[j]->id;
1301 } else {
1302 /*
1303 * not an explicit ciphersuite; only in this
1304 * case, the protocol version is considered
1305 * part of the search pattern
1306 */
1307 if (ca_list[j]->algorithm_ssl) {
1308 if (alg_ssl) {
1309 alg_ssl &=
1310 ca_list[j]->algorithm_ssl;
1311 if (!alg_ssl) {
1312 found = 0;
1313 break;
1314 }
1315 } else
1316 alg_ssl =
1317 ca_list[j]->algorithm_ssl;
1318 }
1319 }
1320
1321 if (!multi)
1322 break;
1323 }
1324
1325 /*
1326 * Ok, we have the rule, now apply it
1327 */
1328 if (rule == CIPHER_SPECIAL) {
1329 /* special command */
1330 ok = 0;
1331 if ((buflen == 8) && !strncmp(buf, "STRENGTH", 8))
1332 ok = ssl_cipher_strength_sort(head_p, tail_p);
1333 else
1334 SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR,
1335 SSL_R_INVALID_COMMAND);
1336 if (ok == 0)
1337 retval = 0;
1338 /*
1339 * We do not support any "multi" options
1340 * together with "@", so throw away the
1341 * rest of the command, if any left, until
1342 * end or ':' is found.
1343 */
1344 while ((*l != '\0') && !ITEM_SEP(*l))
1345 l++;
1346 } else if (found) {
1347 ssl_cipher_apply_rule(cipher_id, alg_mkey, alg_auth,
1348 alg_enc, alg_mac, alg_ssl, algo_strength, rule,
1349 -1, head_p, tail_p);
1350 } else {
1351 while ((*l != '\0') && !ITEM_SEP(*l))
1352 l++;
1353 }
1354 if (*l == '\0')
1355 break; /* done */
1356 }
1357
1358 return (retval);
1359}
1360
1361STACK_OF(SSL_CIPHER) *
1362ssl_create_cipher_list(const SSL_METHOD *ssl_method,
1363 STACK_OF(SSL_CIPHER) **cipher_list,
1364 STACK_OF(SSL_CIPHER) **cipher_list_by_id,
1365 const char *rule_str)
1366{
1367 int ok, num_of_ciphers, num_of_alias_max, num_of_group_aliases;
1368 unsigned long disabled_mkey, disabled_auth, disabled_enc, disabled_mac, disabled_ssl;
1369 STACK_OF(SSL_CIPHER) *cipherstack, *tmp_cipher_list;
1370 const char *rule_p;
1371 CIPHER_ORDER *co_list = NULL, *head = NULL, *tail = NULL, *curr;
1372 const SSL_CIPHER **ca_list = NULL;
1373
1374 /*
1375 * Return with error if nothing to do.
1376 */
1377 if (rule_str == NULL || cipher_list == NULL || cipher_list_by_id == NULL)
1378 return NULL;
1379
1380 /*
1381 * To reduce the work to do we only want to process the compiled
1382 * in algorithms, so we first get the mask of disabled ciphers.
1383 */
1384 ssl_cipher_get_disabled(&disabled_mkey, &disabled_auth, &disabled_enc, &disabled_mac, &disabled_ssl);
1385
1386 /*
1387 * Now we have to collect the available ciphers from the compiled
1388 * in ciphers. We cannot get more than the number compiled in, so
1389 * it is used for allocation.
1390 */
1391 num_of_ciphers = ssl_method->num_ciphers();
1392 co_list = reallocarray(NULL, num_of_ciphers, sizeof(CIPHER_ORDER));
1393 if (co_list == NULL) {
1394 SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
1395 return(NULL); /* Failure */
1396 }
1397
1398 ssl_cipher_collect_ciphers(ssl_method, num_of_ciphers,
1399 disabled_mkey, disabled_auth, disabled_enc, disabled_mac, disabled_ssl,
1400 co_list, &head, &tail);
1401
1402
1403 /* Now arrange all ciphers by preference: */
1404
1405 /* Everything else being equal, prefer ephemeral ECDH over other key exchange mechanisms */
1406 ssl_cipher_apply_rule(0, SSL_kECDHE, 0, 0, 0, 0, 0, CIPHER_ADD, -1, &head, &tail);
1407 ssl_cipher_apply_rule(0, SSL_kECDHE, 0, 0, 0, 0, 0, CIPHER_DEL, -1, &head, &tail);
1408
1409 /*
1410 * CHACHA20 is fast and safe on all hardware and is thus our preferred
1411 * symmetric cipher, with AES second.
1412 */
1413 ssl_cipher_apply_rule(0, 0, 0, SSL_CHACHA20POLY1305, 0, 0, 0, CIPHER_ADD, -1, &head, &tail);
1414 ssl_cipher_apply_rule(0, 0, 0, SSL_AES, 0, 0, 0, CIPHER_ADD, -1, &head, &tail);
1415
1416 /* Temporarily enable everything else for sorting */
1417 ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, CIPHER_ADD, -1, &head, &tail);
1418
1419 /* Low priority for MD5 */
1420 ssl_cipher_apply_rule(0, 0, 0, 0, SSL_MD5, 0, 0, CIPHER_ORD, -1, &head, &tail);
1421
1422 /* Move anonymous ciphers to the end. Usually, these will remain disabled.
1423 * (For applications that allow them, they aren't too bad, but we prefer
1424 * authenticated ciphers.) */
1425 ssl_cipher_apply_rule(0, 0, SSL_aNULL, 0, 0, 0, 0, CIPHER_ORD, -1, &head, &tail);
1426
1427 /* Move ciphers without forward secrecy to the end */
1428 ssl_cipher_apply_rule(0, 0, SSL_aECDH, 0, 0, 0, 0, CIPHER_ORD, -1, &head, &tail);
1429 ssl_cipher_apply_rule(0, SSL_kRSA, 0, 0, 0, 0, 0, CIPHER_ORD, -1, &head, &tail);
1430
1431 /* RC4 is sort-of broken -- move the the end */
1432 ssl_cipher_apply_rule(0, 0, 0, SSL_RC4, 0, 0, 0, CIPHER_ORD, -1, &head, &tail);
1433
1434 /* Now sort by symmetric encryption strength. The above ordering remains
1435 * in force within each class */
1436 if (!ssl_cipher_strength_sort(&head, &tail)) {
1437 free(co_list);
1438 return NULL;
1439 }
1440
1441 /* Now disable everything (maintaining the ordering!) */
1442 ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, CIPHER_DEL, -1, &head, &tail);
1443
1444
1445 /*
1446 * We also need cipher aliases for selecting based on the rule_str.
1447 * There might be two types of entries in the rule_str: 1) names
1448 * of ciphers themselves 2) aliases for groups of ciphers.
1449 * For 1) we need the available ciphers and for 2) the cipher
1450 * groups of cipher_aliases added together in one list (otherwise
1451 * we would be happy with just the cipher_aliases table).
1452 */
1453 num_of_group_aliases = sizeof(cipher_aliases) / sizeof(SSL_CIPHER);
1454 num_of_alias_max = num_of_ciphers + num_of_group_aliases + 1;
1455 ca_list = reallocarray(NULL, num_of_alias_max, sizeof(SSL_CIPHER *));
1456 if (ca_list == NULL) {
1457 free(co_list);
1458 SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
1459 return(NULL); /* Failure */
1460 }
1461 ssl_cipher_collect_aliases(ca_list, num_of_group_aliases,
1462 disabled_mkey, disabled_auth, disabled_enc,
1463 disabled_mac, disabled_ssl, head);
1464
1465 /*
1466 * If the rule_string begins with DEFAULT, apply the default rule
1467 * before using the (possibly available) additional rules.
1468 */
1469 ok = 1;
1470 rule_p = rule_str;
1471 if (strncmp(rule_str, "DEFAULT", 7) == 0) {
1472 ok = ssl_cipher_process_rulestr(SSL_DEFAULT_CIPHER_LIST,
1473 &head, &tail, ca_list);
1474 rule_p += 7;
1475 if (*rule_p == ':')
1476 rule_p++;
1477 }
1478
1479 if (ok && (strlen(rule_p) > 0))
1480 ok = ssl_cipher_process_rulestr(rule_p, &head, &tail, ca_list);
1481
1482 free((void *)ca_list); /* Not needed anymore */
1483
1484 if (!ok) {
1485 /* Rule processing failure */
1486 free(co_list);
1487 return (NULL);
1488 }
1489
1490 /*
1491 * Allocate new "cipherstack" for the result, return with error
1492 * if we cannot get one.
1493 */
1494 if ((cipherstack = sk_SSL_CIPHER_new_null()) == NULL) {
1495 free(co_list);
1496 return (NULL);
1497 }
1498
1499 /*
1500 * The cipher selection for the list is done. The ciphers are added
1501 * to the resulting precedence to the STACK_OF(SSL_CIPHER).
1502 */
1503 for (curr = head; curr != NULL; curr = curr->next) {
1504 if (curr->active) {
1505 sk_SSL_CIPHER_push(cipherstack, curr->cipher);
1506 }
1507 }
1508 free(co_list); /* Not needed any longer */
1509
1510 tmp_cipher_list = sk_SSL_CIPHER_dup(cipherstack);
1511 if (tmp_cipher_list == NULL) {
1512 sk_SSL_CIPHER_free(cipherstack);
1513 return NULL;
1514 }
1515 if (*cipher_list != NULL)
1516 sk_SSL_CIPHER_free(*cipher_list);
1517 *cipher_list = cipherstack;
1518 if (*cipher_list_by_id != NULL)
1519 sk_SSL_CIPHER_free(*cipher_list_by_id);
1520 *cipher_list_by_id = tmp_cipher_list;
1521 (void)sk_SSL_CIPHER_set_cmp_func(*cipher_list_by_id,
1522 ssl_cipher_ptr_id_cmp);
1523
1524 sk_SSL_CIPHER_sort(*cipher_list_by_id);
1525 return (cipherstack);
1526}
1527
1528const SSL_CIPHER *
1529SSL_CIPHER_get_by_id(unsigned int id)
1530{
1531 return ssl3_get_cipher_by_id(id);
1532}
1533
1534const SSL_CIPHER *
1535SSL_CIPHER_get_by_value(uint16_t value)
1536{
1537 return ssl3_get_cipher_by_value(value);
1538}
1539
1540char *
1541SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
1542{
1543 unsigned long alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl, alg2;
1544 const char *ver, *kx, *au, *enc, *mac;
1545 char *ret;
1546 int l;
1547
1548 alg_mkey = cipher->algorithm_mkey;
1549 alg_auth = cipher->algorithm_auth;
1550 alg_enc = cipher->algorithm_enc;
1551 alg_mac = cipher->algorithm_mac;
1552 alg_ssl = cipher->algorithm_ssl;
1553
1554 alg2 = cipher->algorithm2;
1555
1556 if (alg_ssl & SSL_SSLV3)
1557 ver = "SSLv3";
1558 else if (alg_ssl & SSL_TLSV1_2)
1559 ver = "TLSv1.2";
1560 else
1561 ver = "unknown";
1562
1563 switch (alg_mkey) {
1564 case SSL_kRSA:
1565 kx = "RSA";
1566 break;
1567 case SSL_kDHE:
1568 kx = "DH";
1569 break;
1570 case SSL_kECDHr:
1571 kx = "ECDH/RSA";
1572 break;
1573 case SSL_kECDHe:
1574 kx = "ECDH/ECDSA";
1575 break;
1576 case SSL_kECDHE:
1577 kx = "ECDH";
1578 break;
1579 case SSL_kGOST:
1580 kx = "GOST";
1581 break;
1582 default:
1583 kx = "unknown";
1584 }
1585
1586 switch (alg_auth) {
1587 case SSL_aRSA:
1588 au = "RSA";
1589 break;
1590 case SSL_aDSS:
1591 au = "DSS";
1592 break;
1593 case SSL_aECDH:
1594 au = "ECDH";
1595 break;
1596 case SSL_aNULL:
1597 au = "None";
1598 break;
1599 case SSL_aECDSA:
1600 au = "ECDSA";
1601 break;
1602 case SSL_aGOST01:
1603 au = "GOST01";
1604 break;
1605 default:
1606 au = "unknown";
1607 break;
1608 }
1609
1610 switch (alg_enc) {
1611 case SSL_DES:
1612 enc = "DES(56)";
1613 break;
1614 case SSL_3DES:
1615 enc = "3DES(168)";
1616 break;
1617 case SSL_RC4:
1618 enc = alg2 & SSL2_CF_8_BYTE_ENC ? "RC4(64)" : "RC4(128)";
1619 break;
1620 case SSL_IDEA:
1621 enc = "IDEA(128)";
1622 break;
1623 case SSL_eNULL:
1624 enc = "None";
1625 break;
1626 case SSL_AES128:
1627 enc = "AES(128)";
1628 break;
1629 case SSL_AES256:
1630 enc = "AES(256)";
1631 break;
1632 case SSL_AES128GCM:
1633 enc = "AESGCM(128)";
1634 break;
1635 case SSL_AES256GCM:
1636 enc = "AESGCM(256)";
1637 break;
1638 case SSL_CAMELLIA128:
1639 enc = "Camellia(128)";
1640 break;
1641 case SSL_CAMELLIA256:
1642 enc = "Camellia(256)";
1643 break;
1644 case SSL_CHACHA20POLY1305:
1645 enc = "ChaCha20-Poly1305";
1646 break;
1647 case SSL_eGOST2814789CNT:
1648 enc = "GOST-28178-89-CNT";
1649 break;
1650 default:
1651 enc = "unknown";
1652 break;
1653 }
1654
1655 switch (alg_mac) {
1656 case SSL_MD5:
1657 mac = "MD5";
1658 break;
1659 case SSL_SHA1:
1660 mac = "SHA1";
1661 break;
1662 case SSL_SHA256:
1663 mac = "SHA256";
1664 break;
1665 case SSL_SHA384:
1666 mac = "SHA384";
1667 break;
1668 case SSL_AEAD:
1669 mac = "AEAD";
1670 break;
1671 case SSL_GOST94:
1672 mac = "GOST94";
1673 break;
1674 case SSL_GOST89MAC:
1675 mac = "GOST89IMIT";
1676 break;
1677 case SSL_STREEBOG256:
1678 mac = "STREEBOG256";
1679 break;
1680 case SSL_STREEBOG512:
1681 mac = "STREEBOG512";
1682 break;
1683 default:
1684 mac = "unknown";
1685 break;
1686 }
1687
1688 if (asprintf(&ret, "%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s\n",
1689 cipher->name, ver, kx, au, enc, mac) == -1)
1690 return "OPENSSL_malloc Error";
1691
1692 if (buf != NULL) {
1693 l = strlcpy(buf, ret, len);
1694 free(ret);
1695 ret = buf;
1696 if (l >= len)
1697 ret = "Buffer too small";
1698 }
1699
1700 return (ret);
1701}
1702
1703char *
1704SSL_CIPHER_get_version(const SSL_CIPHER *c)
1705{
1706 if (c == NULL)
1707 return("(NONE)");
1708 if ((c->id >> 24) == 3)
1709 return("TLSv1/SSLv3");
1710 else
1711 return("unknown");
1712}
1713
1714/* return the actual cipher being used */
1715const char *
1716SSL_CIPHER_get_name(const SSL_CIPHER *c)
1717{
1718 if (c != NULL)
1719 return (c->name);
1720 return("(NONE)");
1721}
1722
1723/* number of bits for symmetric cipher */
1724int
1725SSL_CIPHER_get_bits(const SSL_CIPHER *c, int *alg_bits)
1726{
1727 int ret = 0;
1728
1729 if (c != NULL) {
1730 if (alg_bits != NULL)
1731 *alg_bits = c->alg_bits;
1732 ret = c->strength_bits;
1733 }
1734 return (ret);
1735}
1736
1737unsigned long
1738SSL_CIPHER_get_id(const SSL_CIPHER *c)
1739{
1740 return c->id;
1741}
1742
1743uint16_t
1744SSL_CIPHER_get_value(const SSL_CIPHER *c)
1745{
1746 return ssl3_cipher_get_value(c);
1747}
1748
1749void *
1750SSL_COMP_get_compression_methods(void)
1751{
1752 return NULL;
1753}
1754
1755int
1756SSL_COMP_add_compression_method(int id, void *cm)
1757{
1758 return 1;
1759}
1760
1761const char *
1762SSL_COMP_get_name(const void *comp)
1763{
1764 return NULL;
1765}
diff --git a/src/lib/libssl/ssl_err.c b/src/lib/libssl/ssl_err.c
deleted file mode 100644
index 04742b60ca..0000000000
--- a/src/lib/libssl/ssl_err.c
+++ /dev/null
@@ -1,615 +0,0 @@
1/* $OpenBSD: ssl_err.c,v 1.29 2015/02/22 15:54:27 jsing Exp $ */
2/* ====================================================================
3 * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56/* NOTE: this file was auto generated by the mkerr.pl script: any changes
57 * made to it will be overwritten when the script next updates this file,
58 * only reason strings will be preserved.
59 */
60
61#include <stdio.h>
62
63#include <openssl/err.h>
64#include <openssl/ssl.h>
65
66/* BEGIN ERROR CODES */
67#ifndef OPENSSL_NO_ERR
68
69#define ERR_FUNC(func) ERR_PACK(ERR_LIB_SSL,func,0)
70#define ERR_REASON(reason) ERR_PACK(ERR_LIB_SSL,0,reason)
71
72static ERR_STRING_DATA SSL_str_functs[]= {
73 {ERR_FUNC(SSL_F_CLIENT_CERTIFICATE), "CLIENT_CERTIFICATE"},
74 {ERR_FUNC(SSL_F_CLIENT_FINISHED), "CLIENT_FINISHED"},
75 {ERR_FUNC(SSL_F_CLIENT_HELLO), "CLIENT_HELLO"},
76 {ERR_FUNC(SSL_F_CLIENT_MASTER_KEY), "CLIENT_MASTER_KEY"},
77 {ERR_FUNC(SSL_F_D2I_SSL_SESSION), "d2i_SSL_SESSION"},
78 {ERR_FUNC(SSL_F_DO_DTLS1_WRITE), "DO_DTLS1_WRITE"},
79 {ERR_FUNC(SSL_F_DO_SSL3_WRITE), "DO_SSL3_WRITE"},
80 {ERR_FUNC(SSL_F_DTLS1_ACCEPT), "DTLS1_ACCEPT"},
81 {ERR_FUNC(SSL_F_DTLS1_ADD_CERT_TO_BUF), "DTLS1_ADD_CERT_TO_BUF"},
82 {ERR_FUNC(SSL_F_DTLS1_BUFFER_RECORD), "DTLS1_BUFFER_RECORD"},
83 {ERR_FUNC(SSL_F_DTLS1_CHECK_TIMEOUT_NUM), "DTLS1_CHECK_TIMEOUT_NUM"},
84 {ERR_FUNC(SSL_F_DTLS1_CLIENT_HELLO), "DTLS1_CLIENT_HELLO"},
85 {ERR_FUNC(SSL_F_DTLS1_CONNECT), "DTLS1_CONNECT"},
86 {ERR_FUNC(SSL_F_DTLS1_ENC), "DTLS1_ENC"},
87 {ERR_FUNC(SSL_F_DTLS1_GET_HELLO_VERIFY), "DTLS1_GET_HELLO_VERIFY"},
88 {ERR_FUNC(SSL_F_DTLS1_GET_MESSAGE), "DTLS1_GET_MESSAGE"},
89 {ERR_FUNC(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT), "DTLS1_GET_MESSAGE_FRAGMENT"},
90 {ERR_FUNC(SSL_F_DTLS1_GET_RECORD), "DTLS1_GET_RECORD"},
91 {ERR_FUNC(SSL_F_DTLS1_HANDLE_TIMEOUT), "DTLS1_HANDLE_TIMEOUT"},
92 {ERR_FUNC(SSL_F_DTLS1_HEARTBEAT), "DTLS1_HEARTBEAT"},
93 {ERR_FUNC(SSL_F_DTLS1_OUTPUT_CERT_CHAIN), "DTLS1_OUTPUT_CERT_CHAIN"},
94 {ERR_FUNC(SSL_F_DTLS1_PREPROCESS_FRAGMENT), "DTLS1_PREPROCESS_FRAGMENT"},
95 {ERR_FUNC(SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE), "DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE"},
96 {ERR_FUNC(SSL_F_DTLS1_PROCESS_RECORD), "DTLS1_PROCESS_RECORD"},
97 {ERR_FUNC(SSL_F_DTLS1_READ_BYTES), "DTLS1_READ_BYTES"},
98 {ERR_FUNC(SSL_F_DTLS1_READ_FAILED), "DTLS1_READ_FAILED"},
99 {ERR_FUNC(SSL_F_DTLS1_SEND_CERTIFICATE_REQUEST), "DTLS1_SEND_CERTIFICATE_REQUEST"},
100 {ERR_FUNC(SSL_F_DTLS1_SEND_CLIENT_CERTIFICATE), "DTLS1_SEND_CLIENT_CERTIFICATE"},
101 {ERR_FUNC(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE), "DTLS1_SEND_CLIENT_KEY_EXCHANGE"},
102 {ERR_FUNC(SSL_F_DTLS1_SEND_CLIENT_VERIFY), "DTLS1_SEND_CLIENT_VERIFY"},
103 {ERR_FUNC(SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST), "DTLS1_SEND_HELLO_VERIFY_REQUEST"},
104 {ERR_FUNC(SSL_F_DTLS1_SEND_SERVER_CERTIFICATE), "DTLS1_SEND_SERVER_CERTIFICATE"},
105 {ERR_FUNC(SSL_F_DTLS1_SEND_SERVER_HELLO), "DTLS1_SEND_SERVER_HELLO"},
106 {ERR_FUNC(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE), "DTLS1_SEND_SERVER_KEY_EXCHANGE"},
107 {ERR_FUNC(SSL_F_DTLS1_WRITE_APP_DATA_BYTES), "DTLS1_WRITE_APP_DATA_BYTES"},
108 {ERR_FUNC(SSL_F_GET_CLIENT_FINISHED), "GET_CLIENT_FINISHED"},
109 {ERR_FUNC(SSL_F_GET_CLIENT_HELLO), "GET_CLIENT_HELLO"},
110 {ERR_FUNC(SSL_F_GET_CLIENT_MASTER_KEY), "GET_CLIENT_MASTER_KEY"},
111 {ERR_FUNC(SSL_F_GET_SERVER_FINISHED), "GET_SERVER_FINISHED"},
112 {ERR_FUNC(SSL_F_GET_SERVER_HELLO), "GET_SERVER_HELLO"},
113 {ERR_FUNC(SSL_F_GET_SERVER_VERIFY), "GET_SERVER_VERIFY"},
114 {ERR_FUNC(SSL_F_I2D_SSL_SESSION), "i2d_SSL_SESSION"},
115 {ERR_FUNC(SSL_F_READ_N), "READ_N"},
116 {ERR_FUNC(SSL_F_REQUEST_CERTIFICATE), "REQUEST_CERTIFICATE"},
117 {ERR_FUNC(SSL_F_SERVER_FINISH), "SERVER_FINISH"},
118 {ERR_FUNC(SSL_F_SERVER_HELLO), "SERVER_HELLO"},
119 {ERR_FUNC(SSL_F_SERVER_VERIFY), "SERVER_VERIFY"},
120 {ERR_FUNC(SSL_F_SSL23_ACCEPT), "SSL23_ACCEPT"},
121 {ERR_FUNC(SSL_F_SSL23_CLIENT_HELLO), "SSL23_CLIENT_HELLO"},
122 {ERR_FUNC(SSL_F_SSL23_CONNECT), "SSL23_CONNECT"},
123 {ERR_FUNC(SSL_F_SSL23_GET_CLIENT_HELLO), "SSL23_GET_CLIENT_HELLO"},
124 {ERR_FUNC(SSL_F_SSL23_GET_SERVER_HELLO), "SSL23_GET_SERVER_HELLO"},
125 {ERR_FUNC(SSL_F_SSL23_PEEK), "SSL23_PEEK"},
126 {ERR_FUNC(SSL_F_SSL23_READ), "SSL23_READ"},
127 {ERR_FUNC(SSL_F_SSL23_WRITE), "SSL23_WRITE"},
128 {ERR_FUNC(SSL_F_SSL2_ACCEPT), "SSL2_ACCEPT"},
129 {ERR_FUNC(SSL_F_SSL2_CONNECT), "SSL2_CONNECT"},
130 {ERR_FUNC(SSL_F_SSL2_ENC_INIT), "SSL2_ENC_INIT"},
131 {ERR_FUNC(SSL_F_SSL2_GENERATE_KEY_MATERIAL), "SSL2_GENERATE_KEY_MATERIAL"},
132 {ERR_FUNC(SSL_F_SSL2_PEEK), "SSL2_PEEK"},
133 {ERR_FUNC(SSL_F_SSL2_READ), "SSL2_READ"},
134 {ERR_FUNC(SSL_F_SSL2_READ_INTERNAL), "SSL2_READ_INTERNAL"},
135 {ERR_FUNC(SSL_F_SSL2_SET_CERTIFICATE), "SSL2_SET_CERTIFICATE"},
136 {ERR_FUNC(SSL_F_SSL2_WRITE), "SSL2_WRITE"},
137 {ERR_FUNC(SSL_F_SSL3_ACCEPT), "SSL3_ACCEPT"},
138 {ERR_FUNC(SSL_F_SSL3_ADD_CERT_TO_BUF), "SSL3_ADD_CERT_TO_BUF"},
139 {ERR_FUNC(SSL_F_SSL3_CALLBACK_CTRL), "SSL3_CALLBACK_CTRL"},
140 {ERR_FUNC(SSL_F_SSL3_CHANGE_CIPHER_STATE), "SSL3_CHANGE_CIPHER_STATE"},
141 {ERR_FUNC(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM), "SSL3_CHECK_CERT_AND_ALGORITHM"},
142 {ERR_FUNC(SSL_F_SSL3_CHECK_CLIENT_HELLO), "SSL3_CHECK_CLIENT_HELLO"},
143 {ERR_FUNC(SSL_F_SSL3_CLIENT_HELLO), "SSL3_CLIENT_HELLO"},
144 {ERR_FUNC(SSL_F_SSL3_CONNECT), "SSL3_CONNECT"},
145 {ERR_FUNC(SSL_F_SSL3_CTRL), "SSL3_CTRL"},
146 {ERR_FUNC(SSL_F_SSL3_CTX_CTRL), "SSL3_CTX_CTRL"},
147 {ERR_FUNC(SSL_F_SSL3_DIGEST_CACHED_RECORDS), "SSL3_DIGEST_CACHED_RECORDS"},
148 {ERR_FUNC(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC), "SSL3_DO_CHANGE_CIPHER_SPEC"},
149 {ERR_FUNC(SSL_F_SSL3_ENC), "SSL3_ENC"},
150 {ERR_FUNC(SSL_F_SSL3_GENERATE_KEY_BLOCK), "SSL3_GENERATE_KEY_BLOCK"},
151 {ERR_FUNC(SSL_F_SSL3_GET_CERTIFICATE_REQUEST), "SSL3_GET_CERTIFICATE_REQUEST"},
152 {ERR_FUNC(SSL_F_SSL3_GET_CERT_STATUS), "SSL3_GET_CERT_STATUS"},
153 {ERR_FUNC(SSL_F_SSL3_GET_CERT_VERIFY), "SSL3_GET_CERT_VERIFY"},
154 {ERR_FUNC(SSL_F_SSL3_GET_CLIENT_CERTIFICATE), "SSL3_GET_CLIENT_CERTIFICATE"},
155 {ERR_FUNC(SSL_F_SSL3_GET_CLIENT_HELLO), "SSL3_GET_CLIENT_HELLO"},
156 {ERR_FUNC(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE), "SSL3_GET_CLIENT_KEY_EXCHANGE"},
157 {ERR_FUNC(SSL_F_SSL3_GET_FINISHED), "SSL3_GET_FINISHED"},
158 {ERR_FUNC(SSL_F_SSL3_GET_KEY_EXCHANGE), "SSL3_GET_KEY_EXCHANGE"},
159 {ERR_FUNC(SSL_F_SSL3_GET_MESSAGE), "SSL3_GET_MESSAGE"},
160 {ERR_FUNC(SSL_F_SSL3_GET_NEW_SESSION_TICKET), "SSL3_GET_NEW_SESSION_TICKET"},
161 {ERR_FUNC(SSL_F_SSL3_GET_NEXT_PROTO), "SSL3_GET_NEXT_PROTO"},
162 {ERR_FUNC(SSL_F_SSL3_GET_RECORD), "SSL3_GET_RECORD"},
163 {ERR_FUNC(SSL_F_SSL3_GET_SERVER_CERTIFICATE), "SSL3_GET_SERVER_CERTIFICATE"},
164 {ERR_FUNC(SSL_F_SSL3_GET_SERVER_DONE), "SSL3_GET_SERVER_DONE"},
165 {ERR_FUNC(SSL_F_SSL3_GET_SERVER_HELLO), "SSL3_GET_SERVER_HELLO"},
166 {ERR_FUNC(SSL_F_SSL3_HANDSHAKE_MAC), "ssl3_handshake_mac"},
167 {ERR_FUNC(SSL_F_SSL3_NEW_SESSION_TICKET), "SSL3_NEW_SESSION_TICKET"},
168 {ERR_FUNC(SSL_F_SSL3_OUTPUT_CERT_CHAIN), "SSL3_OUTPUT_CERT_CHAIN"},
169 {ERR_FUNC(SSL_F_SSL3_PEEK), "SSL3_PEEK"},
170 {ERR_FUNC(SSL_F_SSL3_READ_BYTES), "SSL3_READ_BYTES"},
171 {ERR_FUNC(SSL_F_SSL3_READ_N), "SSL3_READ_N"},
172 {ERR_FUNC(SSL_F_SSL3_SEND_CERTIFICATE_REQUEST), "SSL3_SEND_CERTIFICATE_REQUEST"},
173 {ERR_FUNC(SSL_F_SSL3_SEND_CLIENT_CERTIFICATE), "SSL3_SEND_CLIENT_CERTIFICATE"},
174 {ERR_FUNC(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE), "SSL3_SEND_CLIENT_KEY_EXCHANGE"},
175 {ERR_FUNC(SSL_F_SSL3_SEND_CLIENT_VERIFY), "SSL3_SEND_CLIENT_VERIFY"},
176 {ERR_FUNC(SSL_F_SSL3_SEND_SERVER_CERTIFICATE), "SSL3_SEND_SERVER_CERTIFICATE"},
177 {ERR_FUNC(SSL_F_SSL3_SEND_SERVER_HELLO), "SSL3_SEND_SERVER_HELLO"},
178 {ERR_FUNC(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE), "SSL3_SEND_SERVER_KEY_EXCHANGE"},
179 {ERR_FUNC(SSL_F_SSL3_SETUP_KEY_BLOCK), "SSL3_SETUP_KEY_BLOCK"},
180 {ERR_FUNC(SSL_F_SSL3_SETUP_READ_BUFFER), "SSL3_SETUP_READ_BUFFER"},
181 {ERR_FUNC(SSL_F_SSL3_SETUP_WRITE_BUFFER), "SSL3_SETUP_WRITE_BUFFER"},
182 {ERR_FUNC(SSL_F_SSL3_WRITE_BYTES), "SSL3_WRITE_BYTES"},
183 {ERR_FUNC(SSL_F_SSL3_WRITE_PENDING), "SSL3_WRITE_PENDING"},
184 {ERR_FUNC(SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT), "SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT"},
185 {ERR_FUNC(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT), "SSL_ADD_CLIENTHELLO_TLSEXT"},
186 {ERR_FUNC(SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT), "SSL_ADD_CLIENTHELLO_USE_SRTP_EXT"},
187 {ERR_FUNC(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK), "SSL_add_dir_cert_subjects_to_stack"},
188 {ERR_FUNC(SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK), "SSL_add_file_cert_subjects_to_stack"},
189 {ERR_FUNC(SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT), "SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT"},
190 {ERR_FUNC(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT), "SSL_ADD_SERVERHELLO_TLSEXT"},
191 {ERR_FUNC(SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT), "SSL_ADD_SERVERHELLO_USE_SRTP_EXT"},
192 {ERR_FUNC(SSL_F_SSL_BAD_METHOD), "SSL_BAD_METHOD"},
193 {ERR_FUNC(SSL_F_SSL_BYTES_TO_CIPHER_LIST), "SSL_BYTES_TO_CIPHER_LIST"},
194 {ERR_FUNC(SSL_F_SSL_CERT_DUP), "SSL_CERT_DUP"},
195 {ERR_FUNC(SSL_F_SSL_CERT_INST), "SSL_CERT_INST"},
196 {ERR_FUNC(SSL_F_SSL_CERT_INSTANTIATE), "SSL_CERT_INSTANTIATE"},
197 {ERR_FUNC(SSL_F_SSL_CERT_NEW), "SSL_CERT_NEW"},
198 {ERR_FUNC(SSL_F_SSL_CHECK_PRIVATE_KEY), "SSL_check_private_key"},
199 {ERR_FUNC(SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT), "SSL_CHECK_SERVERHELLO_TLSEXT"},
200 {ERR_FUNC(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG), "SSL_CHECK_SRVR_ECC_CERT_AND_ALG"},
201 {ERR_FUNC(SSL_F_SSL_CIPHER_PROCESS_RULESTR), "SSL_CIPHER_PROCESS_RULESTR"},
202 {ERR_FUNC(SSL_F_SSL_CIPHER_STRENGTH_SORT), "SSL_CIPHER_STRENGTH_SORT"},
203 {ERR_FUNC(SSL_F_SSL_CLEAR), "SSL_clear"},
204 {ERR_FUNC(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD), "SSL_COMP_add_compression_method"},
205 {ERR_FUNC(SSL_F_SSL_CREATE_CIPHER_LIST), "SSL_CREATE_CIPHER_LIST"},
206 {ERR_FUNC(SSL_F_SSL_CTRL), "SSL_ctrl"},
207 {ERR_FUNC(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY), "SSL_CTX_check_private_key"},
208 {ERR_FUNC(SSL_F_SSL_CTX_MAKE_PROFILES), "SSL_CTX_MAKE_PROFILES"},
209 {ERR_FUNC(SSL_F_SSL_CTX_NEW), "SSL_CTX_new"},
210 {ERR_FUNC(SSL_F_SSL_CTX_SET_CIPHER_LIST), "SSL_CTX_set_cipher_list"},
211 {ERR_FUNC(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE), "SSL_CTX_set_client_cert_engine"},
212 {ERR_FUNC(SSL_F_SSL_CTX_SET_PURPOSE), "SSL_CTX_set_purpose"},
213 {ERR_FUNC(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT), "SSL_CTX_set_session_id_context"},
214 {ERR_FUNC(SSL_F_SSL_CTX_SET_SSL_VERSION), "SSL_CTX_set_ssl_version"},
215 {ERR_FUNC(SSL_F_SSL_CTX_SET_TRUST), "SSL_CTX_set_trust"},
216 {ERR_FUNC(SSL_F_SSL_CTX_USE_CERTIFICATE), "SSL_CTX_use_certificate"},
217 {ERR_FUNC(SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1), "SSL_CTX_use_certificate_ASN1"},
218 {ERR_FUNC(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE), "SSL_CTX_use_certificate_chain_file"},
219 {ERR_FUNC(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE), "SSL_CTX_use_certificate_file"},
220 {ERR_FUNC(SSL_F_SSL_CTX_USE_PRIVATEKEY), "SSL_CTX_use_PrivateKey"},
221 {ERR_FUNC(SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1), "SSL_CTX_use_PrivateKey_ASN1"},
222 {ERR_FUNC(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE), "SSL_CTX_use_PrivateKey_file"},
223 {ERR_FUNC(SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT), "SSL_CTX_use_psk_identity_hint"},
224 {ERR_FUNC(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY), "SSL_CTX_use_RSAPrivateKey"},
225 {ERR_FUNC(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1), "SSL_CTX_use_RSAPrivateKey_ASN1"},
226 {ERR_FUNC(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE), "SSL_CTX_use_RSAPrivateKey_file"},
227 {ERR_FUNC(SSL_F_SSL_DO_HANDSHAKE), "SSL_do_handshake"},
228 {ERR_FUNC(SSL_F_SSL_GET_NEW_SESSION), "SSL_GET_NEW_SESSION"},
229 {ERR_FUNC(SSL_F_SSL_GET_PREV_SESSION), "SSL_GET_PREV_SESSION"},
230 {ERR_FUNC(SSL_F_SSL_GET_SERVER_SEND_CERT), "SSL_GET_SERVER_SEND_CERT"},
231 {ERR_FUNC(SSL_F_SSL_GET_SERVER_SEND_PKEY), "SSL_GET_SERVER_SEND_PKEY"},
232 {ERR_FUNC(SSL_F_SSL_GET_SIGN_PKEY), "SSL_GET_SIGN_PKEY"},
233 {ERR_FUNC(SSL_F_SSL_INIT_WBIO_BUFFER), "SSL_INIT_WBIO_BUFFER"},
234 {ERR_FUNC(SSL_F_SSL_LOAD_CLIENT_CA_FILE), "SSL_load_client_CA_file"},
235 {ERR_FUNC(SSL_F_SSL_NEW), "SSL_new"},
236 {ERR_FUNC(SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT), "SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT"},
237 {ERR_FUNC(SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT), "SSL_PARSE_CLIENTHELLO_TLSEXT"},
238 {ERR_FUNC(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT), "SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT"},
239 {ERR_FUNC(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT), "SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT"},
240 {ERR_FUNC(SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT), "SSL_PARSE_SERVERHELLO_TLSEXT"},
241 {ERR_FUNC(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT), "SSL_PARSE_SERVERHELLO_USE_SRTP_EXT"},
242 {ERR_FUNC(SSL_F_SSL_PEEK), "SSL_peek"},
243 {ERR_FUNC(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT), "SSL_PREPARE_CLIENTHELLO_TLSEXT"},
244 {ERR_FUNC(SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT), "SSL_PREPARE_SERVERHELLO_TLSEXT"},
245 {ERR_FUNC(SSL_F_SSL_READ), "SSL_read"},
246 {ERR_FUNC(SSL_F_SSL_RSA_PRIVATE_DECRYPT), "SSL_RSA_PRIVATE_DECRYPT"},
247 {ERR_FUNC(SSL_F_SSL_RSA_PUBLIC_ENCRYPT), "SSL_RSA_PUBLIC_ENCRYPT"},
248 {ERR_FUNC(SSL_F_SSL_SESSION_NEW), "SSL_SESSION_new"},
249 {ERR_FUNC(SSL_F_SSL_SESSION_PRINT_FP), "SSL_SESSION_print_fp"},
250 {ERR_FUNC(SSL_F_SSL_SESSION_SET1_ID_CONTEXT), "SSL_SESSION_set1_id_context"},
251 {ERR_FUNC(SSL_F_SSL_SESS_CERT_NEW), "SSL_SESS_CERT_NEW"},
252 {ERR_FUNC(SSL_F_SSL_SET_CERT), "SSL_SET_CERT"},
253 {ERR_FUNC(SSL_F_SSL_SET_CIPHER_LIST), "SSL_set_cipher_list"},
254 {ERR_FUNC(SSL_F_SSL_SET_FD), "SSL_set_fd"},
255 {ERR_FUNC(SSL_F_SSL_SET_PKEY), "SSL_SET_PKEY"},
256 {ERR_FUNC(SSL_F_SSL_SET_PURPOSE), "SSL_set_purpose"},
257 {ERR_FUNC(SSL_F_SSL_SET_RFD), "SSL_set_rfd"},
258 {ERR_FUNC(SSL_F_SSL_SET_SESSION), "SSL_set_session"},
259 {ERR_FUNC(SSL_F_SSL_SET_SESSION_ID_CONTEXT), "SSL_set_session_id_context"},
260 {ERR_FUNC(SSL_F_SSL_SET_SESSION_TICKET_EXT), "SSL_set_session_ticket_ext"},
261 {ERR_FUNC(SSL_F_SSL_SET_TRUST), "SSL_set_trust"},
262 {ERR_FUNC(SSL_F_SSL_SET_WFD), "SSL_set_wfd"},
263 {ERR_FUNC(SSL_F_SSL_SHUTDOWN), "SSL_shutdown"},
264 {ERR_FUNC(SSL_F_SSL_SRP_CTX_INIT), "SSL_SRP_CTX_init"},
265 {ERR_FUNC(SSL_F_SSL_UNDEFINED_CONST_FUNCTION), "SSL_UNDEFINED_CONST_FUNCTION"},
266 {ERR_FUNC(SSL_F_SSL_UNDEFINED_FUNCTION), "SSL_UNDEFINED_FUNCTION"},
267 {ERR_FUNC(SSL_F_SSL_UNDEFINED_VOID_FUNCTION), "SSL_UNDEFINED_VOID_FUNCTION"},
268 {ERR_FUNC(SSL_F_SSL_USE_CERTIFICATE), "SSL_use_certificate"},
269 {ERR_FUNC(SSL_F_SSL_USE_CERTIFICATE_ASN1), "SSL_use_certificate_ASN1"},
270 {ERR_FUNC(SSL_F_SSL_USE_CERTIFICATE_FILE), "SSL_use_certificate_file"},
271 {ERR_FUNC(SSL_F_SSL_USE_PRIVATEKEY), "SSL_use_PrivateKey"},
272 {ERR_FUNC(SSL_F_SSL_USE_PRIVATEKEY_ASN1), "SSL_use_PrivateKey_ASN1"},
273 {ERR_FUNC(SSL_F_SSL_USE_PRIVATEKEY_FILE), "SSL_use_PrivateKey_file"},
274 {ERR_FUNC(SSL_F_SSL_USE_PSK_IDENTITY_HINT), "SSL_use_psk_identity_hint"},
275 {ERR_FUNC(SSL_F_SSL_USE_RSAPRIVATEKEY), "SSL_use_RSAPrivateKey"},
276 {ERR_FUNC(SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1), "SSL_use_RSAPrivateKey_ASN1"},
277 {ERR_FUNC(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE), "SSL_use_RSAPrivateKey_file"},
278 {ERR_FUNC(SSL_F_SSL_VERIFY_CERT_CHAIN), "SSL_VERIFY_CERT_CHAIN"},
279 {ERR_FUNC(SSL_F_SSL_WRITE), "SSL_write"},
280 {ERR_FUNC(SSL_F_TLS1_AEAD_CTX_INIT), "TLS1_AEAD_CTX_INIT"},
281 {ERR_FUNC(SSL_F_TLS1_CERT_VERIFY_MAC), "tls1_cert_verify_mac"},
282 {ERR_FUNC(SSL_F_TLS1_CHANGE_CIPHER_STATE), "TLS1_CHANGE_CIPHER_STATE"},
283 {ERR_FUNC(SSL_F_TLS1_CHANGE_CIPHER_STATE_AEAD), "TLS1_CHANGE_CIPHER_STATE_AEAD"},
284 {ERR_FUNC(SSL_F_TLS1_CHANGE_CIPHER_STATE_CIPHER), "TLS1_CHANGE_CIPHER_STATE_CIPHER"},
285 {ERR_FUNC(SSL_F_TLS1_CHECK_SERVERHELLO_TLSEXT), "TLS1_CHECK_SERVERHELLO_TLSEXT"},
286 {ERR_FUNC(SSL_F_TLS1_ENC), "TLS1_ENC"},
287 {ERR_FUNC(SSL_F_TLS1_EXPORT_KEYING_MATERIAL), "TLS1_EXPORT_KEYING_MATERIAL"},
288 {ERR_FUNC(SSL_F_TLS1_HEARTBEAT), "SSL_F_TLS1_HEARTBEAT"},
289 {ERR_FUNC(SSL_F_TLS1_PREPARE_CLIENTHELLO_TLSEXT), "TLS1_PREPARE_CLIENTHELLO_TLSEXT"},
290 {ERR_FUNC(SSL_F_TLS1_PREPARE_SERVERHELLO_TLSEXT), "TLS1_PREPARE_SERVERHELLO_TLSEXT"},
291 {ERR_FUNC(SSL_F_TLS1_PRF), "tls1_prf"},
292 {ERR_FUNC(SSL_F_TLS1_SETUP_KEY_BLOCK), "TLS1_SETUP_KEY_BLOCK"},
293 {ERR_FUNC(SSL_F_WRITE_PENDING), "WRITE_PENDING"},
294 {0, NULL}
295};
296
297static ERR_STRING_DATA SSL_str_reasons[]= {
298 {ERR_REASON(SSL_R_APP_DATA_IN_HANDSHAKE) , "app data in handshake"},
299 {ERR_REASON(SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT), "attempt to reuse session in different context"},
300 {ERR_REASON(SSL_R_BAD_ALERT_RECORD) , "bad alert record"},
301 {ERR_REASON(SSL_R_BAD_AUTHENTICATION_TYPE), "bad authentication type"},
302 {ERR_REASON(SSL_R_BAD_CHANGE_CIPHER_SPEC), "bad change cipher spec"},
303 {ERR_REASON(SSL_R_BAD_CHECKSUM) , "bad checksum"},
304 {ERR_REASON(SSL_R_BAD_DATA_RETURNED_BY_CALLBACK), "bad data returned by callback"},
305 {ERR_REASON(SSL_R_BAD_DECOMPRESSION) , "bad decompression"},
306 {ERR_REASON(SSL_R_BAD_DH_G_LENGTH) , "bad dh g length"},
307 {ERR_REASON(SSL_R_BAD_DH_PUB_KEY_LENGTH) , "bad dh pub key length"},
308 {ERR_REASON(SSL_R_BAD_DH_P_LENGTH) , "bad dh p length"},
309 {ERR_REASON(SSL_R_BAD_DIGEST_LENGTH) , "bad digest length"},
310 {ERR_REASON(SSL_R_BAD_DSA_SIGNATURE) , "bad dsa signature"},
311 {ERR_REASON(SSL_R_BAD_ECC_CERT) , "bad ecc cert"},
312 {ERR_REASON(SSL_R_BAD_ECDSA_SIGNATURE) , "bad ecdsa signature"},
313 {ERR_REASON(SSL_R_BAD_ECPOINT) , "bad ecpoint"},
314 {ERR_REASON(SSL_R_BAD_HANDSHAKE_LENGTH) , "bad handshake length"},
315 {ERR_REASON(SSL_R_BAD_HELLO_REQUEST) , "bad hello request"},
316 {ERR_REASON(SSL_R_BAD_LENGTH) , "bad length"},
317 {ERR_REASON(SSL_R_BAD_MAC_DECODE) , "bad mac decode"},
318 {ERR_REASON(SSL_R_BAD_MAC_LENGTH) , "bad mac length"},
319 {ERR_REASON(SSL_R_BAD_MESSAGE_TYPE) , "bad message type"},
320 {ERR_REASON(SSL_R_BAD_PACKET_LENGTH) , "bad packet length"},
321 {ERR_REASON(SSL_R_BAD_PROTOCOL_VERSION_NUMBER), "bad protocol version number"},
322 {ERR_REASON(SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH), "bad psk identity hint length"},
323 {ERR_REASON(SSL_R_BAD_RESPONSE_ARGUMENT) , "bad response argument"},
324 {ERR_REASON(SSL_R_BAD_RSA_DECRYPT) , "bad rsa decrypt"},
325 {ERR_REASON(SSL_R_BAD_RSA_ENCRYPT) , "bad rsa encrypt"},
326 {ERR_REASON(SSL_R_BAD_RSA_E_LENGTH) , "bad rsa e length"},
327 {ERR_REASON(SSL_R_BAD_RSA_MODULUS_LENGTH), "bad rsa modulus length"},
328 {ERR_REASON(SSL_R_BAD_RSA_SIGNATURE) , "bad rsa signature"},
329 {ERR_REASON(SSL_R_BAD_SIGNATURE) , "bad signature"},
330 {ERR_REASON(SSL_R_BAD_SRP_A_LENGTH) , "bad srp a length"},
331 {ERR_REASON(SSL_R_BAD_SRP_B_LENGTH) , "bad srp b length"},
332 {ERR_REASON(SSL_R_BAD_SRP_G_LENGTH) , "bad srp g length"},
333 {ERR_REASON(SSL_R_BAD_SRP_N_LENGTH) , "bad srp n length"},
334 {ERR_REASON(SSL_R_BAD_SRP_S_LENGTH) , "bad srp s length"},
335 {ERR_REASON(SSL_R_BAD_SRTP_MKI_VALUE) , "bad srtp mki value"},
336 {ERR_REASON(SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST), "bad srtp protection profile list"},
337 {ERR_REASON(SSL_R_BAD_SSL_FILETYPE) , "bad ssl filetype"},
338 {ERR_REASON(SSL_R_BAD_SSL_SESSION_ID_LENGTH), "bad ssl session id length"},
339 {ERR_REASON(SSL_R_BAD_STATE) , "bad state"},
340 {ERR_REASON(SSL_R_BAD_WRITE_RETRY) , "bad write retry"},
341 {ERR_REASON(SSL_R_BIO_NOT_SET) , "bio not set"},
342 {ERR_REASON(SSL_R_BLOCK_CIPHER_PAD_IS_WRONG), "block cipher pad is wrong"},
343 {ERR_REASON(SSL_R_BN_LIB) , "bn lib"},
344 {ERR_REASON(SSL_R_CA_DN_LENGTH_MISMATCH) , "ca dn length mismatch"},
345 {ERR_REASON(SSL_R_CA_DN_TOO_LONG) , "ca dn too long"},
346 {ERR_REASON(SSL_R_CCS_RECEIVED_EARLY) , "ccs received early"},
347 {ERR_REASON(SSL_R_CERTIFICATE_VERIFY_FAILED), "certificate verify failed"},
348 {ERR_REASON(SSL_R_CERT_LENGTH_MISMATCH) , "cert length mismatch"},
349 {ERR_REASON(SSL_R_CHALLENGE_IS_DIFFERENT), "challenge is different"},
350 {ERR_REASON(SSL_R_CIPHER_CODE_WRONG_LENGTH), "cipher code wrong length"},
351 {ERR_REASON(SSL_R_CIPHER_COMPRESSION_UNAVAILABLE), "cipher compression unavailable"},
352 {ERR_REASON(SSL_R_CIPHER_OR_HASH_UNAVAILABLE), "cipher or hash unavailable"},
353 {ERR_REASON(SSL_R_CIPHER_TABLE_SRC_ERROR), "cipher table src error"},
354 {ERR_REASON(SSL_R_CLIENTHELLO_TLSEXT) , "clienthello tlsext"},
355 {ERR_REASON(SSL_R_COMPRESSED_LENGTH_TOO_LONG), "compressed length too long"},
356 {ERR_REASON(SSL_R_COMPRESSION_DISABLED) , "compression disabled"},
357 {ERR_REASON(SSL_R_COMPRESSION_FAILURE) , "compression failure"},
358 {ERR_REASON(SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE), "compression id not within private range"},
359 {ERR_REASON(SSL_R_COMPRESSION_LIBRARY_ERROR), "compression library error"},
360 {ERR_REASON(SSL_R_CONNECTION_ID_IS_DIFFERENT), "connection id is different"},
361 {ERR_REASON(SSL_R_CONNECTION_TYPE_NOT_SET), "connection type not set"},
362 {ERR_REASON(SSL_R_COOKIE_MISMATCH) , "cookie mismatch"},
363 {ERR_REASON(SSL_R_DATA_BETWEEN_CCS_AND_FINISHED), "data between ccs and finished"},
364 {ERR_REASON(SSL_R_DATA_LENGTH_TOO_LONG) , "data length too long"},
365 {ERR_REASON(SSL_R_DECRYPTION_FAILED) , "decryption failed"},
366 {ERR_REASON(SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC), "decryption failed or bad record mac"},
367 {ERR_REASON(SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG), "dh public value length is wrong"},
368 {ERR_REASON(SSL_R_DIGEST_CHECK_FAILED) , "digest check failed"},
369 {ERR_REASON(SSL_R_DTLS_MESSAGE_TOO_BIG) , "dtls message too big"},
370 {ERR_REASON(SSL_R_DUPLICATE_COMPRESSION_ID), "duplicate compression id"},
371 {ERR_REASON(SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT), "ecc cert not for key agreement"},
372 {ERR_REASON(SSL_R_ECC_CERT_NOT_FOR_SIGNING), "ecc cert not for signing"},
373 {ERR_REASON(SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE), "ecc cert should have rsa signature"},
374 {ERR_REASON(SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE), "ecc cert should have sha1 signature"},
375 {ERR_REASON(SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER), "ecgroup too large for cipher"},
376 {ERR_REASON(SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST), "empty srtp protection profile list"},
377 {ERR_REASON(SSL_R_ENCRYPTED_LENGTH_TOO_LONG), "encrypted length too long"},
378 {ERR_REASON(SSL_R_ERROR_GENERATING_TMP_RSA_KEY), "error generating tmp rsa key"},
379 {ERR_REASON(SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST), "error in received cipher list"},
380 {ERR_REASON(SSL_R_EXCESSIVE_MESSAGE_SIZE), "excessive message size"},
381 {ERR_REASON(SSL_R_EXTRA_DATA_IN_MESSAGE) , "extra data in message"},
382 {ERR_REASON(SSL_R_GOT_A_FIN_BEFORE_A_CCS), "got a fin before a ccs"},
383 {ERR_REASON(SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS), "got next proto before a ccs"},
384 {ERR_REASON(SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION), "got next proto without seeing extension"},
385 {ERR_REASON(SSL_R_HTTPS_PROXY_REQUEST) , "https proxy request"},
386 {ERR_REASON(SSL_R_HTTP_REQUEST) , "http request"},
387 {ERR_REASON(SSL_R_ILLEGAL_PADDING) , "illegal padding"},
388 {ERR_REASON(SSL_R_INAPPROPRIATE_FALLBACK), "inappropriate fallback"},
389 {ERR_REASON(SSL_R_INCONSISTENT_COMPRESSION), "inconsistent compression"},
390 {ERR_REASON(SSL_R_INVALID_CHALLENGE_LENGTH), "invalid challenge length"},
391 {ERR_REASON(SSL_R_INVALID_COMMAND) , "invalid command"},
392 {ERR_REASON(SSL_R_INVALID_COMPRESSION_ALGORITHM), "invalid compression algorithm"},
393 {ERR_REASON(SSL_R_INVALID_PURPOSE) , "invalid purpose"},
394 {ERR_REASON(SSL_R_INVALID_SRP_USERNAME) , "invalid srp username"},
395 {ERR_REASON(SSL_R_INVALID_STATUS_RESPONSE), "invalid status response"},
396 {ERR_REASON(SSL_R_INVALID_TICKET_KEYS_LENGTH), "invalid ticket keys length"},
397 {ERR_REASON(SSL_R_INVALID_TRUST) , "invalid trust"},
398 {ERR_REASON(SSL_R_KEY_ARG_TOO_LONG) , "key arg too long"},
399 {ERR_REASON(SSL_R_KRB5) , "krb5"},
400 {ERR_REASON(SSL_R_KRB5_C_CC_PRINC) , "krb5 client cc principal (no tkt?)"},
401 {ERR_REASON(SSL_R_KRB5_C_GET_CRED) , "krb5 client get cred"},
402 {ERR_REASON(SSL_R_KRB5_C_INIT) , "krb5 client init"},
403 {ERR_REASON(SSL_R_KRB5_C_MK_REQ) , "krb5 client mk_req (expired tkt?)"},
404 {ERR_REASON(SSL_R_KRB5_S_BAD_TICKET) , "krb5 server bad ticket"},
405 {ERR_REASON(SSL_R_KRB5_S_INIT) , "krb5 server init"},
406 {ERR_REASON(SSL_R_KRB5_S_RD_REQ) , "krb5 server rd_req (keytab perms?)"},
407 {ERR_REASON(SSL_R_KRB5_S_TKT_EXPIRED) , "krb5 server tkt expired"},
408 {ERR_REASON(SSL_R_KRB5_S_TKT_NYV) , "krb5 server tkt not yet valid"},
409 {ERR_REASON(SSL_R_KRB5_S_TKT_SKEW) , "krb5 server tkt skew"},
410 {ERR_REASON(SSL_R_LENGTH_MISMATCH) , "length mismatch"},
411 {ERR_REASON(SSL_R_LENGTH_TOO_SHORT) , "length too short"},
412 {ERR_REASON(SSL_R_LIBRARY_BUG) , "library bug"},
413 {ERR_REASON(SSL_R_LIBRARY_HAS_NO_CIPHERS), "library has no ciphers"},
414 {ERR_REASON(SSL_R_MESSAGE_TOO_LONG) , "message too long"},
415 {ERR_REASON(SSL_R_MISSING_DH_DSA_CERT) , "missing dh dsa cert"},
416 {ERR_REASON(SSL_R_MISSING_DH_KEY) , "missing dh key"},
417 {ERR_REASON(SSL_R_MISSING_DH_RSA_CERT) , "missing dh rsa cert"},
418 {ERR_REASON(SSL_R_MISSING_DSA_SIGNING_CERT), "missing dsa signing cert"},
419 {ERR_REASON(SSL_R_MISSING_EXPORT_TMP_DH_KEY), "missing export tmp dh key"},
420 {ERR_REASON(SSL_R_MISSING_EXPORT_TMP_RSA_KEY), "missing export tmp rsa key"},
421 {ERR_REASON(SSL_R_MISSING_RSA_CERTIFICATE), "missing rsa certificate"},
422 {ERR_REASON(SSL_R_MISSING_RSA_ENCRYPTING_CERT), "missing rsa encrypting cert"},
423 {ERR_REASON(SSL_R_MISSING_RSA_SIGNING_CERT), "missing rsa signing cert"},
424 {ERR_REASON(SSL_R_MISSING_SRP_PARAM) , "can't find SRP server param"},
425 {ERR_REASON(SSL_R_MISSING_TMP_DH_KEY) , "missing tmp dh key"},
426 {ERR_REASON(SSL_R_MISSING_TMP_ECDH_KEY) , "missing tmp ecdh key"},
427 {ERR_REASON(SSL_R_MISSING_TMP_RSA_KEY) , "missing tmp rsa key"},
428 {ERR_REASON(SSL_R_MISSING_TMP_RSA_PKEY) , "missing tmp rsa pkey"},
429 {ERR_REASON(SSL_R_MISSING_VERIFY_MESSAGE), "missing verify message"},
430 {ERR_REASON(SSL_R_MULTIPLE_SGC_RESTARTS) , "multiple sgc restarts"},
431 {ERR_REASON(SSL_R_NON_SSLV2_INITIAL_PACKET), "non sslv2 initial packet"},
432 {ERR_REASON(SSL_R_NO_CERTIFICATES_RETURNED), "no certificates returned"},
433 {ERR_REASON(SSL_R_NO_CERTIFICATE_ASSIGNED), "no certificate assigned"},
434 {ERR_REASON(SSL_R_NO_CERTIFICATE_RETURNED), "no certificate returned"},
435 {ERR_REASON(SSL_R_NO_CERTIFICATE_SET) , "no certificate set"},
436 {ERR_REASON(SSL_R_NO_CERTIFICATE_SPECIFIED), "no certificate specified"},
437 {ERR_REASON(SSL_R_NO_CIPHERS_AVAILABLE) , "no ciphers available"},
438 {ERR_REASON(SSL_R_NO_CIPHERS_PASSED) , "no ciphers passed"},
439 {ERR_REASON(SSL_R_NO_CIPHERS_SPECIFIED) , "no ciphers specified"},
440 {ERR_REASON(SSL_R_NO_CIPHER_LIST) , "no cipher list"},
441 {ERR_REASON(SSL_R_NO_CIPHER_MATCH) , "no cipher match"},
442 {ERR_REASON(SSL_R_NO_CLIENT_CERT_METHOD) , "no client cert method"},
443 {ERR_REASON(SSL_R_NO_CLIENT_CERT_RECEIVED), "no client cert received"},
444 {ERR_REASON(SSL_R_NO_COMPRESSION_SPECIFIED), "no compression specified"},
445 {ERR_REASON(SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER), "Peer haven't sent GOST certificate, required for selected ciphersuite"},
446 {ERR_REASON(SSL_R_NO_METHOD_SPECIFIED) , "no method specified"},
447 {ERR_REASON(SSL_R_NO_PRIVATEKEY) , "no privatekey"},
448 {ERR_REASON(SSL_R_NO_PRIVATE_KEY_ASSIGNED), "no private key assigned"},
449 {ERR_REASON(SSL_R_NO_PROTOCOLS_AVAILABLE), "no protocols available"},
450 {ERR_REASON(SSL_R_NO_PUBLICKEY) , "no publickey"},
451 {ERR_REASON(SSL_R_NO_RENEGOTIATION) , "no renegotiation"},
452 {ERR_REASON(SSL_R_NO_REQUIRED_DIGEST) , "digest requred for handshake isn't computed"},
453 {ERR_REASON(SSL_R_NO_SHARED_CIPHER) , "no shared cipher"},
454 {ERR_REASON(SSL_R_NO_SRTP_PROFILES) , "no srtp profiles"},
455 {ERR_REASON(SSL_R_NO_VERIFY_CALLBACK) , "no verify callback"},
456 {ERR_REASON(SSL_R_NULL_SSL_CTX) , "null ssl ctx"},
457 {ERR_REASON(SSL_R_NULL_SSL_METHOD_PASSED), "null ssl method passed"},
458 {ERR_REASON(SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED), "old session cipher not returned"},
459 {ERR_REASON(SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED), "old session compression algorithm not returned"},
460 {ERR_REASON(SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE), "only tls allowed in fips mode"},
461 {ERR_REASON(SSL_R_PACKET_LENGTH_TOO_LONG), "packet length too long"},
462 {ERR_REASON(SSL_R_PARSE_TLSEXT) , "parse tlsext"},
463 {ERR_REASON(SSL_R_PATH_TOO_LONG) , "path too long"},
464 {ERR_REASON(SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE), "peer did not return a certificate"},
465 {ERR_REASON(SSL_R_PEER_ERROR) , "peer error"},
466 {ERR_REASON(SSL_R_PEER_ERROR_CERTIFICATE), "peer error certificate"},
467 {ERR_REASON(SSL_R_PEER_ERROR_NO_CERTIFICATE), "peer error no certificate"},
468 {ERR_REASON(SSL_R_PEER_ERROR_NO_CIPHER) , "peer error no cipher"},
469 {ERR_REASON(SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE), "peer error unsupported certificate type"},
470 {ERR_REASON(SSL_R_PRE_MAC_LENGTH_TOO_LONG), "pre mac length too long"},
471 {ERR_REASON(SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS), "problems mapping cipher functions"},
472 {ERR_REASON(SSL_R_PROTOCOL_IS_SHUTDOWN) , "protocol is shutdown"},
473 {ERR_REASON(SSL_R_PSK_IDENTITY_NOT_FOUND), "psk identity not found"},
474 {ERR_REASON(SSL_R_PSK_NO_CLIENT_CB) , "psk no client cb"},
475 {ERR_REASON(SSL_R_PSK_NO_SERVER_CB) , "psk no server cb"},
476 {ERR_REASON(SSL_R_PUBLIC_KEY_ENCRYPT_ERROR), "public key encrypt error"},
477 {ERR_REASON(SSL_R_PUBLIC_KEY_IS_NOT_RSA) , "public key is not rsa"},
478 {ERR_REASON(SSL_R_PUBLIC_KEY_NOT_RSA) , "public key not rsa"},
479 {ERR_REASON(SSL_R_READ_BIO_NOT_SET) , "read bio not set"},
480 {ERR_REASON(SSL_R_READ_TIMEOUT_EXPIRED) , "read timeout expired"},
481 {ERR_REASON(SSL_R_READ_WRONG_PACKET_TYPE), "read wrong packet type"},
482 {ERR_REASON(SSL_R_RECORD_LENGTH_MISMATCH), "record length mismatch"},
483 {ERR_REASON(SSL_R_RECORD_TOO_LARGE) , "record too large"},
484 {ERR_REASON(SSL_R_RECORD_TOO_SMALL) , "record too small"},
485 {ERR_REASON(SSL_R_RENEGOTIATE_EXT_TOO_LONG), "renegotiate ext too long"},
486 {ERR_REASON(SSL_R_RENEGOTIATION_ENCODING_ERR), "renegotiation encoding err"},
487 {ERR_REASON(SSL_R_RENEGOTIATION_MISMATCH), "renegotiation mismatch"},
488 {ERR_REASON(SSL_R_REQUIRED_CIPHER_MISSING), "required cipher missing"},
489 {ERR_REASON(SSL_R_REQUIRED_COMPRESSSION_ALGORITHM_MISSING), "required compresssion algorithm missing"},
490 {ERR_REASON(SSL_R_REUSE_CERT_LENGTH_NOT_ZERO), "reuse cert length not zero"},
491 {ERR_REASON(SSL_R_REUSE_CERT_TYPE_NOT_ZERO), "reuse cert type not zero"},
492 {ERR_REASON(SSL_R_REUSE_CIPHER_LIST_NOT_ZERO), "reuse cipher list not zero"},
493 {ERR_REASON(SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING), "scsv received when renegotiating"},
494 {ERR_REASON(SSL_R_SERVERHELLO_TLSEXT) , "serverhello tlsext"},
495 {ERR_REASON(SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED), "session id context uninitialized"},
496 {ERR_REASON(SSL_R_SHORT_READ) , "short read"},
497 {ERR_REASON(SSL_R_SIGNATURE_ALGORITHMS_ERROR), "signature algorithms error"},
498 {ERR_REASON(SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE), "signature for non signing certificate"},
499 {ERR_REASON(SSL_R_SRP_A_CALC) , "error with the srp params"},
500 {ERR_REASON(SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES), "srtp could not allocate profiles"},
501 {ERR_REASON(SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG), "srtp protection profile list too long"},
502 {ERR_REASON(SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE), "srtp unknown protection profile"},
503 {ERR_REASON(SSL_R_SSL23_DOING_SESSION_ID_REUSE), "ssl23 doing session id reuse"},
504 {ERR_REASON(SSL_R_SSL2_CONNECTION_ID_TOO_LONG), "ssl2 connection id too long"},
505 {ERR_REASON(SSL_R_SSL3_EXT_INVALID_ECPOINTFORMAT), "ssl3 ext invalid ecpointformat"},
506 {ERR_REASON(SSL_R_SSL3_EXT_INVALID_SERVERNAME), "ssl3 ext invalid servername"},
507 {ERR_REASON(SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE), "ssl3 ext invalid servername type"},
508 {ERR_REASON(SSL_R_SSL3_SESSION_ID_TOO_LONG), "ssl3 session id too long"},
509 {ERR_REASON(SSL_R_SSL3_SESSION_ID_TOO_SHORT), "ssl3 session id too short"},
510 {ERR_REASON(SSL_R_SSLV3_ALERT_BAD_CERTIFICATE), "sslv3 alert bad certificate"},
511 {ERR_REASON(SSL_R_SSLV3_ALERT_BAD_RECORD_MAC), "sslv3 alert bad record mac"},
512 {ERR_REASON(SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED), "sslv3 alert certificate expired"},
513 {ERR_REASON(SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED), "sslv3 alert certificate revoked"},
514 {ERR_REASON(SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN), "sslv3 alert certificate unknown"},
515 {ERR_REASON(SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE), "sslv3 alert decompression failure"},
516 {ERR_REASON(SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE), "sslv3 alert handshake failure"},
517 {ERR_REASON(SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER), "sslv3 alert illegal parameter"},
518 {ERR_REASON(SSL_R_SSLV3_ALERT_NO_CERTIFICATE), "sslv3 alert no certificate"},
519 {ERR_REASON(SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE), "sslv3 alert unexpected message"},
520 {ERR_REASON(SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE), "sslv3 alert unsupported certificate"},
521 {ERR_REASON(SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION), "ssl ctx has no default ssl version"},
522 {ERR_REASON(SSL_R_SSL_HANDSHAKE_FAILURE) , "ssl handshake failure"},
523 {ERR_REASON(SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS), "ssl library has no ciphers"},
524 {ERR_REASON(SSL_R_SSL_SESSION_ID_CALLBACK_FAILED), "ssl session id callback failed"},
525 {ERR_REASON(SSL_R_SSL_SESSION_ID_CONFLICT), "ssl session id conflict"},
526 {ERR_REASON(SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG), "ssl session id context too long"},
527 {ERR_REASON(SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH), "ssl session id has bad length"},
528 {ERR_REASON(SSL_R_SSL_SESSION_ID_IS_DIFFERENT), "ssl session id is different"},
529 {ERR_REASON(SSL_R_TLSV1_ALERT_ACCESS_DENIED), "tlsv1 alert access denied"},
530 {ERR_REASON(SSL_R_TLSV1_ALERT_DECODE_ERROR), "tlsv1 alert decode error"},
531 {ERR_REASON(SSL_R_TLSV1_ALERT_DECRYPTION_FAILED), "tlsv1 alert decryption failed"},
532 {ERR_REASON(SSL_R_TLSV1_ALERT_DECRYPT_ERROR), "tlsv1 alert decrypt error"},
533 {ERR_REASON(SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION), "tlsv1 alert export restriction"},
534 {ERR_REASON(SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK), "tlsv1 alert inappropriate fallback"},
535 {ERR_REASON(SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY), "tlsv1 alert insufficient security"},
536 {ERR_REASON(SSL_R_TLSV1_ALERT_INTERNAL_ERROR), "tlsv1 alert internal error"},
537 {ERR_REASON(SSL_R_TLSV1_ALERT_NO_RENEGOTIATION), "tlsv1 alert no renegotiation"},
538 {ERR_REASON(SSL_R_TLSV1_ALERT_PROTOCOL_VERSION), "tlsv1 alert protocol version"},
539 {ERR_REASON(SSL_R_TLSV1_ALERT_RECORD_OVERFLOW), "tlsv1 alert record overflow"},
540 {ERR_REASON(SSL_R_TLSV1_ALERT_UNKNOWN_CA), "tlsv1 alert unknown ca"},
541 {ERR_REASON(SSL_R_TLSV1_ALERT_USER_CANCELLED), "tlsv1 alert user cancelled"},
542 {ERR_REASON(SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE), "tlsv1 bad certificate hash value"},
543 {ERR_REASON(SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE), "tlsv1 bad certificate status response"},
544 {ERR_REASON(SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE), "tlsv1 certificate unobtainable"},
545 {ERR_REASON(SSL_R_TLSV1_UNRECOGNIZED_NAME), "tlsv1 unrecognized name"},
546 {ERR_REASON(SSL_R_TLSV1_UNSUPPORTED_EXTENSION), "tlsv1 unsupported extension"},
547 {ERR_REASON(SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER), "tls client cert req with anon cipher"},
548 {ERR_REASON(SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT), "peer does not accept heartbeats"},
549 {ERR_REASON(SSL_R_TLS_HEARTBEAT_PENDING) , "heartbeat request already pending"},
550 {ERR_REASON(SSL_R_TLS_ILLEGAL_EXPORTER_LABEL), "tls illegal exporter label"},
551 {ERR_REASON(SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST), "tls invalid ecpointformat list"},
552 {ERR_REASON(SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST), "tls peer did not respond with certificate list"},
553 {ERR_REASON(SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG), "tls rsa encrypted value length is wrong"},
554 {ERR_REASON(SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER), "tried to use unsupported cipher"},
555 {ERR_REASON(SSL_R_UNABLE_TO_DECODE_DH_CERTS), "unable to decode dh certs"},
556 {ERR_REASON(SSL_R_UNABLE_TO_DECODE_ECDH_CERTS), "unable to decode ecdh certs"},
557 {ERR_REASON(SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY), "unable to extract public key"},
558 {ERR_REASON(SSL_R_UNABLE_TO_FIND_DH_PARAMETERS), "unable to find dh parameters"},
559 {ERR_REASON(SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS), "unable to find ecdh parameters"},
560 {ERR_REASON(SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS), "unable to find public key parameters"},
561 {ERR_REASON(SSL_R_UNABLE_TO_FIND_SSL_METHOD), "unable to find ssl method"},
562 {ERR_REASON(SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES), "unable to load ssl2 md5 routines"},
563 {ERR_REASON(SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES), "unable to load ssl3 md5 routines"},
564 {ERR_REASON(SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES), "unable to load ssl3 sha1 routines"},
565 {ERR_REASON(SSL_R_UNEXPECTED_MESSAGE) , "unexpected message"},
566 {ERR_REASON(SSL_R_UNEXPECTED_RECORD) , "unexpected record"},
567 {ERR_REASON(SSL_R_UNINITIALIZED) , "uninitialized"},
568 {ERR_REASON(SSL_R_UNKNOWN_ALERT_TYPE) , "unknown alert type"},
569 {ERR_REASON(SSL_R_UNKNOWN_CERTIFICATE_TYPE), "unknown certificate type"},
570 {ERR_REASON(SSL_R_UNKNOWN_CIPHER_RETURNED), "unknown cipher returned"},
571 {ERR_REASON(SSL_R_UNKNOWN_CIPHER_TYPE) , "unknown cipher type"},
572 {ERR_REASON(SSL_R_UNKNOWN_DIGEST) , "unknown digest"},
573 {ERR_REASON(SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE), "unknown key exchange type"},
574 {ERR_REASON(SSL_R_UNKNOWN_PKEY_TYPE) , "unknown pkey type"},
575 {ERR_REASON(SSL_R_UNKNOWN_PROTOCOL) , "unknown protocol"},
576 {ERR_REASON(SSL_R_UNKNOWN_REMOTE_ERROR_TYPE), "unknown remote error type"},
577 {ERR_REASON(SSL_R_UNKNOWN_SSL_VERSION) , "unknown ssl version"},
578 {ERR_REASON(SSL_R_UNKNOWN_STATE) , "unknown state"},
579 {ERR_REASON(SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED), "unsafe legacy renegotiation disabled"},
580 {ERR_REASON(SSL_R_UNSUPPORTED_CIPHER) , "unsupported cipher"},
581 {ERR_REASON(SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM), "unsupported compression algorithm"},
582 {ERR_REASON(SSL_R_UNSUPPORTED_DIGEST_TYPE), "unsupported digest type"},
583 {ERR_REASON(SSL_R_UNSUPPORTED_ELLIPTIC_CURVE), "unsupported elliptic curve"},
584 {ERR_REASON(SSL_R_UNSUPPORTED_PROTOCOL) , "unsupported protocol"},
585 {ERR_REASON(SSL_R_UNSUPPORTED_SSL_VERSION), "unsupported ssl version"},
586 {ERR_REASON(SSL_R_UNSUPPORTED_STATUS_TYPE), "unsupported status type"},
587 {ERR_REASON(SSL_R_USE_SRTP_NOT_NEGOTIATED), "use srtp not negotiated"},
588 {ERR_REASON(SSL_R_WRITE_BIO_NOT_SET) , "write bio not set"},
589 {ERR_REASON(SSL_R_WRONG_CIPHER_RETURNED) , "wrong cipher returned"},
590 {ERR_REASON(SSL_R_WRONG_CURVE) , "wrong curve"},
591 {ERR_REASON(SSL_R_WRONG_MESSAGE_TYPE) , "wrong message type"},
592 {ERR_REASON(SSL_R_WRONG_NUMBER_OF_KEY_BITS), "wrong number of key bits"},
593 {ERR_REASON(SSL_R_WRONG_SIGNATURE_LENGTH), "wrong signature length"},
594 {ERR_REASON(SSL_R_WRONG_SIGNATURE_SIZE) , "wrong signature size"},
595 {ERR_REASON(SSL_R_WRONG_SIGNATURE_TYPE) , "wrong signature type"},
596 {ERR_REASON(SSL_R_WRONG_SSL_VERSION) , "wrong ssl version"},
597 {ERR_REASON(SSL_R_WRONG_VERSION_NUMBER) , "wrong version number"},
598 {ERR_REASON(SSL_R_X509_LIB) , "x509 lib"},
599 {ERR_REASON(SSL_R_X509_VERIFICATION_SETUP_PROBLEMS), "x509 verification setup problems"},
600 {0, NULL}
601};
602
603#endif
604
605void
606ERR_load_SSL_strings(void)
607{
608#ifndef OPENSSL_NO_ERR
609
610 if (ERR_func_error_string(SSL_str_functs[0].error) == NULL) {
611 ERR_load_strings(0, SSL_str_functs);
612 ERR_load_strings(0, SSL_str_reasons);
613 }
614#endif
615}
diff --git a/src/lib/libssl/ssl_err2.c b/src/lib/libssl/ssl_err2.c
deleted file mode 100644
index 9aad13cdc5..0000000000
--- a/src/lib/libssl/ssl_err2.c
+++ /dev/null
@@ -1,72 +0,0 @@
1/* $OpenBSD: ssl_err2.c,v 1.7 2014/12/14 15:30:50 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/err.h>
62#include <openssl/ssl.h>
63
64void
65SSL_load_error_strings(void)
66{
67#ifndef OPENSSL_NO_ERR
68 ERR_load_crypto_strings();
69 ERR_load_SSL_strings();
70#endif
71}
72
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
deleted file mode 100644
index 629ad03554..0000000000
--- a/src/lib/libssl/ssl_lib.c
+++ /dev/null
@@ -1,3125 +0,0 @@
1/* $OpenBSD: ssl_lib.c,v 1.105 2015/07/19 20:32:18 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111/* ====================================================================
112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113 * ECC cipher suite support in OpenSSL originally developed by
114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
115 */
116/* ====================================================================
117 * Copyright 2005 Nokia. All rights reserved.
118 *
119 * The portions of the attached software ("Contribution") is developed by
120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
121 * license.
122 *
123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
125 * support (see RFC 4279) to OpenSSL.
126 *
127 * No patent licenses or other rights except those expressly stated in
128 * the OpenSSL open source license shall be deemed granted or received
129 * expressly, by implication, estoppel, or otherwise.
130 *
131 * No assurances are provided by Nokia that the Contribution does not
132 * infringe the patent or other intellectual property rights of any third
133 * party or that the license provides you with all the necessary rights
134 * to make use of the Contribution.
135 *
136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
140 * OTHERWISE.
141 */
142
143#include <stdio.h>
144
145#include "ssl_locl.h"
146
147#include <openssl/bn.h>
148#include <openssl/dh.h>
149#include <openssl/lhash.h>
150#include <openssl/objects.h>
151#include <openssl/ocsp.h>
152#include <openssl/x509v3.h>
153
154#ifndef OPENSSL_NO_ENGINE
155#include <openssl/engine.h>
156#endif
157
158#include "bytestring.h"
159
160const char *SSL_version_str = OPENSSL_VERSION_TEXT;
161
162SSL3_ENC_METHOD ssl3_undef_enc_method = {
163 /*
164 * Evil casts, but these functions are only called if there's a
165 * library bug.
166 */
167 .enc = (int (*)(SSL *, int))ssl_undefined_function,
168 .mac = (int (*)(SSL *, unsigned char *, int))ssl_undefined_function,
169 .setup_key_block = ssl_undefined_function,
170 .generate_master_secret = (int (*)(SSL *, unsigned char *,
171 unsigned char *, int))ssl_undefined_function,
172 .change_cipher_state = (int (*)(SSL*, int))ssl_undefined_function,
173 .final_finish_mac = (int (*)(SSL *, const char*, int,
174 unsigned char *))ssl_undefined_function,
175 .finish_mac_length = 0,
176 .cert_verify_mac = (int (*)(SSL *, int,
177 unsigned char *))ssl_undefined_function,
178 .client_finished_label = NULL,
179 .client_finished_label_len = 0,
180 .server_finished_label = NULL,
181 .server_finished_label_len = 0,
182 .alert_value = (int (*)(int))ssl_undefined_function,
183 .export_keying_material = (int (*)(SSL *, unsigned char *, size_t,
184 const char *, size_t, const unsigned char *, size_t,
185 int use_context))ssl_undefined_function,
186 .enc_flags = 0,
187};
188
189int
190SSL_clear(SSL *s)
191{
192 if (s->method == NULL) {
193 SSLerr(SSL_F_SSL_CLEAR, SSL_R_NO_METHOD_SPECIFIED);
194 return (0);
195 }
196
197 if (ssl_clear_bad_session(s)) {
198 SSL_SESSION_free(s->session);
199 s->session = NULL;
200 }
201
202 s->error = 0;
203 s->hit = 0;
204 s->shutdown = 0;
205
206 if (s->renegotiate) {
207 SSLerr(SSL_F_SSL_CLEAR, ERR_R_INTERNAL_ERROR);
208 return (0);
209 }
210
211 s->type = 0;
212
213 s->state = SSL_ST_BEFORE|((s->server) ? SSL_ST_ACCEPT : SSL_ST_CONNECT);
214
215 s->version = s->method->version;
216 s->client_version = s->version;
217 s->rwstate = SSL_NOTHING;
218 s->rstate = SSL_ST_READ_HEADER;
219
220 BUF_MEM_free(s->init_buf);
221 s->init_buf = NULL;
222
223 ssl_clear_cipher_ctx(s);
224 ssl_clear_hash_ctx(&s->read_hash);
225 ssl_clear_hash_ctx(&s->write_hash);
226
227 s->first_packet = 0;
228
229 /*
230 * Check to see if we were changed into a different method, if
231 * so, revert back if we are not doing session-id reuse.
232 */
233 if (!s->in_handshake && (s->session == NULL) &&
234 (s->method != s->ctx->method)) {
235 s->method->ssl_free(s);
236 s->method = s->ctx->method;
237 if (!s->method->ssl_new(s))
238 return (0);
239 } else
240 s->method->ssl_clear(s);
241
242 return (1);
243}
244
245/* Used to change an SSL_CTXs default SSL method type */
246int
247SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth)
248{
249 STACK_OF(SSL_CIPHER) *sk;
250
251 ctx->method = meth;
252
253 sk = ssl_create_cipher_list(ctx->method, &(ctx->cipher_list),
254 &(ctx->cipher_list_by_id), SSL_DEFAULT_CIPHER_LIST);
255 if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0)) {
256 SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION,
257 SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
258 return (0);
259 }
260 return (1);
261}
262
263SSL *
264SSL_new(SSL_CTX *ctx)
265{
266 SSL *s;
267
268 if (ctx == NULL) {
269 SSLerr(SSL_F_SSL_NEW,
270 SSL_R_NULL_SSL_CTX);
271 return (NULL);
272 }
273 if (ctx->method == NULL) {
274 SSLerr(SSL_F_SSL_NEW,
275 SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION);
276 return (NULL);
277 }
278
279 s = calloc(1, sizeof(SSL));
280 if (s == NULL)
281 goto err;
282
283
284 s->options = ctx->options;
285 s->mode = ctx->mode;
286 s->max_cert_list = ctx->max_cert_list;
287
288 if (ctx->cert != NULL) {
289 /*
290 * Earlier library versions used to copy the pointer to
291 * the CERT, not its contents; only when setting new
292 * parameters for the per-SSL copy, ssl_cert_new would be
293 * called (and the direct reference to the per-SSL_CTX
294 * settings would be lost, but those still were indirectly
295 * accessed for various purposes, and for that reason they
296 * used to be known as s->ctx->default_cert).
297 * Now we don't look at the SSL_CTX's CERT after having
298 * duplicated it once.
299 */
300 s->cert = ssl_cert_dup(ctx->cert);
301 if (s->cert == NULL)
302 goto err;
303 } else
304 s->cert=NULL; /* Cannot really happen (see SSL_CTX_new) */
305
306 s->read_ahead = ctx->read_ahead;
307 s->msg_callback = ctx->msg_callback;
308 s->msg_callback_arg = ctx->msg_callback_arg;
309 s->verify_mode = ctx->verify_mode;
310 s->sid_ctx_length = ctx->sid_ctx_length;
311 OPENSSL_assert(s->sid_ctx_length <= sizeof s->sid_ctx);
312 memcpy(&s->sid_ctx, &ctx->sid_ctx, sizeof(s->sid_ctx));
313 s->verify_callback = ctx->default_verify_callback;
314 s->generate_session_id = ctx->generate_session_id;
315
316 s->param = X509_VERIFY_PARAM_new();
317 if (!s->param)
318 goto err;
319 X509_VERIFY_PARAM_inherit(s->param, ctx->param);
320 s->quiet_shutdown = ctx->quiet_shutdown;
321 s->max_send_fragment = ctx->max_send_fragment;
322
323 CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
324 s->ctx = ctx;
325 s->tlsext_debug_cb = 0;
326 s->tlsext_debug_arg = NULL;
327 s->tlsext_ticket_expected = 0;
328 s->tlsext_status_type = -1;
329 s->tlsext_status_expected = 0;
330 s->tlsext_ocsp_ids = NULL;
331 s->tlsext_ocsp_exts = NULL;
332 s->tlsext_ocsp_resp = NULL;
333 s->tlsext_ocsp_resplen = -1;
334 CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
335 s->initial_ctx = ctx;
336 s->next_proto_negotiated = NULL;
337
338 if (s->ctx->alpn_client_proto_list != NULL) {
339 s->alpn_client_proto_list =
340 malloc(s->ctx->alpn_client_proto_list_len);
341 if (s->alpn_client_proto_list == NULL)
342 goto err;
343 memcpy(s->alpn_client_proto_list,
344 s->ctx->alpn_client_proto_list,
345 s->ctx->alpn_client_proto_list_len);
346 s->alpn_client_proto_list_len =
347 s->ctx->alpn_client_proto_list_len;
348 }
349
350 s->verify_result = X509_V_OK;
351
352 s->method = ctx->method;
353
354 if (!s->method->ssl_new(s))
355 goto err;
356
357 s->references = 1;
358 s->server = (ctx->method->ssl_accept == ssl_undefined_function) ? 0 : 1;
359
360 SSL_clear(s);
361
362 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
363
364
365 return (s);
366err:
367 if (s != NULL) {
368 if (s->cert != NULL)
369 ssl_cert_free(s->cert);
370 SSL_CTX_free(s->ctx); /* decrement reference count */
371 free(s);
372 }
373 SSLerr(SSL_F_SSL_NEW,
374 ERR_R_MALLOC_FAILURE);
375 return (NULL);
376}
377
378int
379SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx,
380 unsigned int sid_ctx_len)
381{
382 if (sid_ctx_len > sizeof ctx->sid_ctx) {
383 SSLerr(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT,
384 SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
385 return (0);
386 }
387 ctx->sid_ctx_length = sid_ctx_len;
388 memcpy(ctx->sid_ctx, sid_ctx, sid_ctx_len);
389
390 return (1);
391}
392
393int
394SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx,
395 unsigned int sid_ctx_len)
396{
397 if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {
398 SSLerr(SSL_F_SSL_SET_SESSION_ID_CONTEXT,
399 SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
400 return (0);
401 }
402 ssl->sid_ctx_length = sid_ctx_len;
403 memcpy(ssl->sid_ctx, sid_ctx, sid_ctx_len);
404
405 return (1);
406}
407
408int
409SSL_CTX_set_generate_session_id(SSL_CTX *ctx, GEN_SESSION_CB cb)
410{
411 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
412 ctx->generate_session_id = cb;
413 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
414 return (1);
415}
416
417int
418SSL_set_generate_session_id(SSL *ssl, GEN_SESSION_CB cb)
419{
420 CRYPTO_w_lock(CRYPTO_LOCK_SSL);
421 ssl->generate_session_id = cb;
422 CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
423 return (1);
424}
425
426int
427SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
428 unsigned int id_len)
429{
430 /*
431 * A quick examination of SSL_SESSION_hash and SSL_SESSION_cmp
432 * shows how we can "construct" a session to give us the desired
433 * check - ie. to find if there's a session in the hash table
434 * that would conflict with any new session built out of this
435 * id/id_len and the ssl_version in use by this SSL.
436 */
437 SSL_SESSION r, *p;
438
439 if (id_len > sizeof r.session_id)
440 return (0);
441
442 r.ssl_version = ssl->version;
443 r.session_id_length = id_len;
444 memcpy(r.session_id, id, id_len);
445
446 CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
447 p = lh_SSL_SESSION_retrieve(ssl->ctx->sessions, &r);
448 CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
449 return (p != NULL);
450}
451
452int
453SSL_CTX_set_purpose(SSL_CTX *s, int purpose)
454{
455 return (X509_VERIFY_PARAM_set_purpose(s->param, purpose));
456}
457
458int
459SSL_set_purpose(SSL *s, int purpose)
460{
461 return (X509_VERIFY_PARAM_set_purpose(s->param, purpose));
462}
463
464int
465SSL_CTX_set_trust(SSL_CTX *s, int trust)
466{
467 return (X509_VERIFY_PARAM_set_trust(s->param, trust));
468}
469
470int
471SSL_set_trust(SSL *s, int trust)
472{
473 return (X509_VERIFY_PARAM_set_trust(s->param, trust));
474}
475
476int
477SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm)
478{
479 return (X509_VERIFY_PARAM_set1(ctx->param, vpm));
480}
481
482int
483SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm)
484{
485 return (X509_VERIFY_PARAM_set1(ssl->param, vpm));
486}
487
488void
489SSL_free(SSL *s)
490{
491 int i;
492
493 if (s == NULL)
494 return;
495
496 i = CRYPTO_add(&s->references, -1, CRYPTO_LOCK_SSL);
497 if (i > 0)
498 return;
499
500 if (s->param)
501 X509_VERIFY_PARAM_free(s->param);
502
503 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
504
505 if (s->bbio != NULL) {
506 /* If the buffering BIO is in place, pop it off */
507 if (s->bbio == s->wbio) {
508 s->wbio = BIO_pop(s->wbio);
509 }
510 BIO_free(s->bbio);
511 s->bbio = NULL;
512 }
513 if (s->rbio != NULL)
514 BIO_free_all(s->rbio);
515 if ((s->wbio != NULL) && (s->wbio != s->rbio))
516 BIO_free_all(s->wbio);
517
518 if (s->init_buf != NULL)
519 BUF_MEM_free(s->init_buf);
520
521 /* add extra stuff */
522 if (s->cipher_list != NULL)
523 sk_SSL_CIPHER_free(s->cipher_list);
524 if (s->cipher_list_by_id != NULL)
525 sk_SSL_CIPHER_free(s->cipher_list_by_id);
526
527 /* Make the next call work :-) */
528 if (s->session != NULL) {
529 ssl_clear_bad_session(s);
530 SSL_SESSION_free(s->session);
531 }
532
533 ssl_clear_cipher_ctx(s);
534 ssl_clear_hash_ctx(&s->read_hash);
535 ssl_clear_hash_ctx(&s->write_hash);
536
537 if (s->cert != NULL)
538 ssl_cert_free(s->cert);
539 /* Free up if allocated */
540
541 free(s->tlsext_hostname);
542 SSL_CTX_free(s->initial_ctx);
543 free(s->tlsext_ecpointformatlist);
544 free(s->tlsext_ellipticcurvelist);
545 if (s->tlsext_ocsp_exts)
546 sk_X509_EXTENSION_pop_free(s->tlsext_ocsp_exts,
547 X509_EXTENSION_free);
548 if (s->tlsext_ocsp_ids)
549 sk_OCSP_RESPID_pop_free(s->tlsext_ocsp_ids, OCSP_RESPID_free);
550 free(s->tlsext_ocsp_resp);
551
552 if (s->client_CA != NULL)
553 sk_X509_NAME_pop_free(s->client_CA, X509_NAME_free);
554
555 if (s->method != NULL)
556 s->method->ssl_free(s);
557
558 SSL_CTX_free(s->ctx);
559
560
561 free(s->next_proto_negotiated);
562 free(s->alpn_client_proto_list);
563
564#ifndef OPENSSL_NO_SRTP
565 if (s->srtp_profiles)
566 sk_SRTP_PROTECTION_PROFILE_free(s->srtp_profiles);
567#endif
568
569 free(s);
570}
571
572void
573SSL_set_bio(SSL *s, BIO *rbio, BIO *wbio)
574{
575 /* If the output buffering BIO is still in place, remove it */
576 if (s->bbio != NULL) {
577 if (s->wbio == s->bbio) {
578 s->wbio = s->wbio->next_bio;
579 s->bbio->next_bio = NULL;
580 }
581 }
582 if ((s->rbio != NULL) && (s->rbio != rbio))
583 BIO_free_all(s->rbio);
584 if ((s->wbio != NULL) && (s->wbio != wbio) && (s->rbio != s->wbio))
585 BIO_free_all(s->wbio);
586 s->rbio = rbio;
587 s->wbio = wbio;
588}
589
590BIO *
591SSL_get_rbio(const SSL *s)
592{
593 return (s->rbio);
594}
595
596BIO *
597SSL_get_wbio(const SSL *s)
598{
599 return (s->wbio);
600}
601
602int
603SSL_get_fd(const SSL *s)
604{
605 return (SSL_get_rfd(s));
606}
607
608int
609SSL_get_rfd(const SSL *s)
610{
611 int ret = -1;
612 BIO *b, *r;
613
614 b = SSL_get_rbio(s);
615 r = BIO_find_type(b, BIO_TYPE_DESCRIPTOR);
616 if (r != NULL)
617 BIO_get_fd(r, &ret);
618 return (ret);
619}
620
621int
622SSL_get_wfd(const SSL *s)
623{
624 int ret = -1;
625 BIO *b, *r;
626
627 b = SSL_get_wbio(s);
628 r = BIO_find_type(b, BIO_TYPE_DESCRIPTOR);
629 if (r != NULL)
630 BIO_get_fd(r, &ret);
631 return (ret);
632}
633
634int
635SSL_set_fd(SSL *s, int fd)
636{
637 int ret = 0;
638 BIO *bio = NULL;
639
640 bio = BIO_new(BIO_s_socket());
641
642 if (bio == NULL) {
643 SSLerr(SSL_F_SSL_SET_FD,
644 ERR_R_BUF_LIB);
645 goto err;
646 }
647 BIO_set_fd(bio, fd, BIO_NOCLOSE);
648 SSL_set_bio(s, bio, bio);
649 ret = 1;
650err:
651 return (ret);
652}
653
654int
655SSL_set_wfd(SSL *s, int fd)
656{
657 int ret = 0;
658 BIO *bio = NULL;
659
660 if ((s->rbio == NULL) || (BIO_method_type(s->rbio) != BIO_TYPE_SOCKET)
661 || ((int)BIO_get_fd(s->rbio, NULL) != fd)) {
662 bio = BIO_new(BIO_s_socket());
663
664 if (bio == NULL) {
665 SSLerr(SSL_F_SSL_SET_WFD,
666 ERR_R_BUF_LIB);
667 goto err;
668 }
669 BIO_set_fd(bio, fd, BIO_NOCLOSE);
670 SSL_set_bio(s, SSL_get_rbio(s), bio);
671 } else
672 SSL_set_bio(s, SSL_get_rbio(s), SSL_get_rbio(s));
673 ret = 1;
674err:
675 return (ret);
676}
677
678int
679SSL_set_rfd(SSL *s, int fd)
680{
681 int ret = 0;
682 BIO *bio = NULL;
683
684 if ((s->wbio == NULL) || (BIO_method_type(s->wbio) != BIO_TYPE_SOCKET)
685 || ((int)BIO_get_fd(s->wbio, NULL) != fd)) {
686 bio = BIO_new(BIO_s_socket());
687
688 if (bio == NULL) {
689 SSLerr(SSL_F_SSL_SET_RFD,
690 ERR_R_BUF_LIB);
691 goto err;
692 }
693 BIO_set_fd(bio, fd, BIO_NOCLOSE);
694 SSL_set_bio(s, bio, SSL_get_wbio(s));
695 } else
696 SSL_set_bio(s, SSL_get_wbio(s), SSL_get_wbio(s));
697 ret = 1;
698err:
699 return (ret);
700}
701
702
703/* return length of latest Finished message we sent, copy to 'buf' */
704size_t
705SSL_get_finished(const SSL *s, void *buf, size_t count)
706{
707 size_t ret = 0;
708
709 if (s->s3 != NULL) {
710 ret = s->s3->tmp.finish_md_len;
711 if (count > ret)
712 count = ret;
713 memcpy(buf, s->s3->tmp.finish_md, count);
714 }
715 return (ret);
716}
717
718/* return length of latest Finished message we expected, copy to 'buf' */
719size_t
720SSL_get_peer_finished(const SSL *s, void *buf, size_t count)
721{
722 size_t ret = 0;
723
724 if (s->s3 != NULL) {
725 ret = s->s3->tmp.peer_finish_md_len;
726 if (count > ret)
727 count = ret;
728 memcpy(buf, s->s3->tmp.peer_finish_md, count);
729 }
730 return (ret);
731}
732
733
734int
735SSL_get_verify_mode(const SSL *s)
736{
737 return (s->verify_mode);
738}
739
740int
741SSL_get_verify_depth(const SSL *s)
742{
743 return (X509_VERIFY_PARAM_get_depth(s->param));
744}
745
746int
747(*SSL_get_verify_callback(const SSL *s))(int, X509_STORE_CTX *)
748{
749 return (s->verify_callback);
750}
751
752int
753SSL_CTX_get_verify_mode(const SSL_CTX *ctx)
754{
755 return (ctx->verify_mode);
756}
757
758int
759SSL_CTX_get_verify_depth(const SSL_CTX *ctx)
760{
761 return (X509_VERIFY_PARAM_get_depth(ctx->param));
762}
763
764int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))(int, X509_STORE_CTX *)
765{
766 return (ctx->default_verify_callback);
767}
768
769void
770SSL_set_verify(SSL *s, int mode,
771 int (*callback)(int ok, X509_STORE_CTX *ctx))
772{
773 s->verify_mode = mode;
774 if (callback != NULL)
775 s->verify_callback = callback;
776}
777
778void
779SSL_set_verify_depth(SSL *s, int depth)
780{
781 X509_VERIFY_PARAM_set_depth(s->param, depth);
782}
783
784void
785SSL_set_read_ahead(SSL *s, int yes)
786{
787 s->read_ahead = yes;
788}
789
790int
791SSL_get_read_ahead(const SSL *s)
792{
793 return (s->read_ahead);
794}
795
796int
797SSL_pending(const SSL *s)
798{
799 /*
800 * SSL_pending cannot work properly if read-ahead is enabled
801 * (SSL_[CTX_]ctrl(..., SSL_CTRL_SET_READ_AHEAD, 1, NULL)),
802 * and it is impossible to fix since SSL_pending cannot report
803 * errors that may be observed while scanning the new data.
804 * (Note that SSL_pending() is often used as a boolean value,
805 * so we'd better not return -1.)
806 */
807 return (s->method->ssl_pending(s));
808}
809
810X509 *
811SSL_get_peer_certificate(const SSL *s)
812{
813 X509 *r;
814
815 if ((s == NULL) || (s->session == NULL))
816 r = NULL;
817 else
818 r = s->session->peer;
819
820 if (r == NULL)
821 return (r);
822
823 CRYPTO_add(&r->references, 1, CRYPTO_LOCK_X509);
824
825 return (r);
826}
827
828STACK_OF(X509) *
829SSL_get_peer_cert_chain(const SSL *s)
830{
831 STACK_OF(X509) *r;
832
833 if ((s == NULL) || (s->session == NULL) ||
834 (s->session->sess_cert == NULL))
835 r = NULL;
836 else
837 r = s->session->sess_cert->cert_chain;
838
839 /*
840 * If we are a client, cert_chain includes the peer's own
841 * certificate;
842 * if we are a server, it does not.
843 */
844 return (r);
845}
846
847/*
848 * Now in theory, since the calling process own 't' it should be safe to
849 * modify. We need to be able to read f without being hassled
850 */
851void
852SSL_copy_session_id(SSL *t, const SSL *f)
853{
854 CERT *tmp;
855
856 /* Do we need to to SSL locking? */
857 SSL_set_session(t, SSL_get_session(f));
858
859 /*
860 * What if we are setup as SSLv2 but want to talk SSLv3 or
861 * vice-versa.
862 */
863 if (t->method != f->method) {
864 t->method->ssl_free(t); /* cleanup current */
865 t->method=f->method; /* change method */
866 t->method->ssl_new(t); /* setup new */
867 }
868
869 tmp = t->cert;
870 if (f->cert != NULL) {
871 CRYPTO_add(&f->cert->references, 1, CRYPTO_LOCK_SSL_CERT);
872 t->cert = f->cert;
873 } else
874 t->cert = NULL;
875 if (tmp != NULL)
876 ssl_cert_free(tmp);
877 SSL_set_session_id_context(t, f->sid_ctx, f->sid_ctx_length);
878}
879
880/* Fix this so it checks all the valid key/cert options */
881int
882SSL_CTX_check_private_key(const SSL_CTX *ctx)
883{
884 if ((ctx == NULL) || (ctx->cert == NULL) ||
885 (ctx->cert->key->x509 == NULL)) {
886 SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,
887 SSL_R_NO_CERTIFICATE_ASSIGNED);
888 return (0);
889 }
890 if (ctx->cert->key->privatekey == NULL) {
891 SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,
892 SSL_R_NO_PRIVATE_KEY_ASSIGNED);
893 return (0);
894 }
895 return (X509_check_private_key(ctx->cert->key->x509,
896 ctx->cert->key->privatekey));
897}
898
899/* Fix this function so that it takes an optional type parameter */
900int
901SSL_check_private_key(const SSL *ssl)
902{
903 if (ssl == NULL) {
904 SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,
905 ERR_R_PASSED_NULL_PARAMETER);
906 return (0);
907 }
908 if (ssl->cert == NULL) {
909 SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,
910 SSL_R_NO_CERTIFICATE_ASSIGNED);
911 return (0);
912 }
913 if (ssl->cert->key->x509 == NULL) {
914 SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,
915 SSL_R_NO_CERTIFICATE_ASSIGNED);
916 return (0);
917 }
918 if (ssl->cert->key->privatekey == NULL) {
919 SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,
920 SSL_R_NO_PRIVATE_KEY_ASSIGNED);
921 return (0);
922 }
923 return (X509_check_private_key(ssl->cert->key->x509,
924 ssl->cert->key->privatekey));
925}
926
927int
928SSL_accept(SSL *s)
929{
930 if (s->handshake_func == 0)
931 SSL_set_accept_state(s); /* Not properly initialized yet */
932
933 return (s->method->ssl_accept(s));
934}
935
936int
937SSL_connect(SSL *s)
938{
939 if (s->handshake_func == 0)
940 SSL_set_connect_state(s); /* Not properly initialized yet */
941
942 return (s->method->ssl_connect(s));
943}
944
945long
946SSL_get_default_timeout(const SSL *s)
947{
948 return (s->method->get_timeout());
949}
950
951int
952SSL_read(SSL *s, void *buf, int num)
953{
954 if (s->handshake_func == 0) {
955 SSLerr(SSL_F_SSL_READ,
956 SSL_R_UNINITIALIZED);
957 return (-1);
958 }
959
960 if (s->shutdown & SSL_RECEIVED_SHUTDOWN) {
961 s->rwstate = SSL_NOTHING;
962 return (0);
963 }
964 return (s->method->ssl_read(s, buf, num));
965}
966
967int
968SSL_peek(SSL *s, void *buf, int num)
969{
970 if (s->handshake_func == 0) {
971 SSLerr(SSL_F_SSL_PEEK,
972 SSL_R_UNINITIALIZED);
973 return (-1);
974 }
975
976 if (s->shutdown & SSL_RECEIVED_SHUTDOWN) {
977 return (0);
978 }
979 return (s->method->ssl_peek(s, buf, num));
980}
981
982int
983SSL_write(SSL *s, const void *buf, int num)
984{
985 if (s->handshake_func == 0) {
986 SSLerr(SSL_F_SSL_WRITE,
987 SSL_R_UNINITIALIZED);
988 return (-1);
989 }
990
991 if (s->shutdown & SSL_SENT_SHUTDOWN) {
992 s->rwstate = SSL_NOTHING;
993 SSLerr(SSL_F_SSL_WRITE,
994 SSL_R_PROTOCOL_IS_SHUTDOWN);
995 return (-1);
996 }
997 return (s->method->ssl_write(s, buf, num));
998}
999
1000int
1001SSL_shutdown(SSL *s)
1002{
1003 /*
1004 * Note that this function behaves differently from what one might
1005 * expect. Return values are 0 for no success (yet),
1006 * 1 for success; but calling it once is usually not enough,
1007 * even if blocking I/O is used (see ssl3_shutdown).
1008 */
1009
1010 if (s->handshake_func == 0) {
1011 SSLerr(SSL_F_SSL_SHUTDOWN,
1012 SSL_R_UNINITIALIZED);
1013 return (-1);
1014 }
1015
1016 if ((s != NULL) && !SSL_in_init(s))
1017 return (s->method->ssl_shutdown(s));
1018 else
1019 return (1);
1020}
1021
1022int
1023SSL_renegotiate(SSL *s)
1024{
1025 if (s->renegotiate == 0)
1026 s->renegotiate = 1;
1027
1028 s->new_session = 1;
1029
1030 return (s->method->ssl_renegotiate(s));
1031}
1032
1033int
1034SSL_renegotiate_abbreviated(SSL *s)
1035{
1036 if (s->renegotiate == 0)
1037 s->renegotiate = 1;
1038
1039 s->new_session = 0;
1040
1041 return (s->method->ssl_renegotiate(s));
1042}
1043
1044int
1045SSL_renegotiate_pending(SSL *s)
1046{
1047 /*
1048 * Becomes true when negotiation is requested;
1049 * false again once a handshake has finished.
1050 */
1051 return (s->renegotiate != 0);
1052}
1053
1054long
1055SSL_ctrl(SSL *s, int cmd, long larg, void *parg)
1056{
1057 long l;
1058
1059 switch (cmd) {
1060 case SSL_CTRL_GET_READ_AHEAD:
1061 return (s->read_ahead);
1062 case SSL_CTRL_SET_READ_AHEAD:
1063 l = s->read_ahead;
1064 s->read_ahead = larg;
1065 return (l);
1066
1067 case SSL_CTRL_SET_MSG_CALLBACK_ARG:
1068 s->msg_callback_arg = parg;
1069 return (1);
1070
1071 case SSL_CTRL_OPTIONS:
1072 return (s->options|=larg);
1073 case SSL_CTRL_CLEAR_OPTIONS:
1074 return (s->options&=~larg);
1075 case SSL_CTRL_MODE:
1076 return (s->mode|=larg);
1077 case SSL_CTRL_CLEAR_MODE:
1078 return (s->mode &=~larg);
1079 case SSL_CTRL_GET_MAX_CERT_LIST:
1080 return (s->max_cert_list);
1081 case SSL_CTRL_SET_MAX_CERT_LIST:
1082 l = s->max_cert_list;
1083 s->max_cert_list = larg;
1084 return (l);
1085 case SSL_CTRL_SET_MTU:
1086#ifndef OPENSSL_NO_DTLS1
1087 if (larg < (long)dtls1_min_mtu())
1088 return (0);
1089#endif
1090 if (SSL_IS_DTLS(s)) {
1091 s->d1->mtu = larg;
1092 return (larg);
1093 }
1094 return (0);
1095 case SSL_CTRL_SET_MAX_SEND_FRAGMENT:
1096 if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH)
1097 return (0);
1098 s->max_send_fragment = larg;
1099 return (1);
1100 case SSL_CTRL_GET_RI_SUPPORT:
1101 if (s->s3)
1102 return (s->s3->send_connection_binding);
1103 else return (0);
1104 default:
1105 return (s->method->ssl_ctrl(s, cmd, larg, parg));
1106 }
1107}
1108
1109long
1110SSL_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
1111{
1112 switch (cmd) {
1113 case SSL_CTRL_SET_MSG_CALLBACK:
1114 s->msg_callback = (void (*)(int write_p, int version,
1115 int content_type, const void *buf, size_t len,
1116 SSL *ssl, void *arg))(fp);
1117 return (1);
1118
1119 default:
1120 return (s->method->ssl_callback_ctrl(s, cmd, fp));
1121 }
1122}
1123
1124LHASH_OF(SSL_SESSION) *
1125SSL_CTX_sessions(SSL_CTX *ctx)
1126{
1127 return (ctx->sessions);
1128}
1129
1130long
1131SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
1132{
1133 long l;
1134
1135 switch (cmd) {
1136 case SSL_CTRL_GET_READ_AHEAD:
1137 return (ctx->read_ahead);
1138 case SSL_CTRL_SET_READ_AHEAD:
1139 l = ctx->read_ahead;
1140 ctx->read_ahead = larg;
1141 return (l);
1142
1143 case SSL_CTRL_SET_MSG_CALLBACK_ARG:
1144 ctx->msg_callback_arg = parg;
1145 return (1);
1146
1147 case SSL_CTRL_GET_MAX_CERT_LIST:
1148 return (ctx->max_cert_list);
1149 case SSL_CTRL_SET_MAX_CERT_LIST:
1150 l = ctx->max_cert_list;
1151 ctx->max_cert_list = larg;
1152 return (l);
1153
1154 case SSL_CTRL_SET_SESS_CACHE_SIZE:
1155 l = ctx->session_cache_size;
1156 ctx->session_cache_size = larg;
1157 return (l);
1158 case SSL_CTRL_GET_SESS_CACHE_SIZE:
1159 return (ctx->session_cache_size);
1160 case SSL_CTRL_SET_SESS_CACHE_MODE:
1161 l = ctx->session_cache_mode;
1162 ctx->session_cache_mode = larg;
1163 return (l);
1164 case SSL_CTRL_GET_SESS_CACHE_MODE:
1165 return (ctx->session_cache_mode);
1166
1167 case SSL_CTRL_SESS_NUMBER:
1168 return (lh_SSL_SESSION_num_items(ctx->sessions));
1169 case SSL_CTRL_SESS_CONNECT:
1170 return (ctx->stats.sess_connect);
1171 case SSL_CTRL_SESS_CONNECT_GOOD:
1172 return (ctx->stats.sess_connect_good);
1173 case SSL_CTRL_SESS_CONNECT_RENEGOTIATE:
1174 return (ctx->stats.sess_connect_renegotiate);
1175 case SSL_CTRL_SESS_ACCEPT:
1176 return (ctx->stats.sess_accept);
1177 case SSL_CTRL_SESS_ACCEPT_GOOD:
1178 return (ctx->stats.sess_accept_good);
1179 case SSL_CTRL_SESS_ACCEPT_RENEGOTIATE:
1180 return (ctx->stats.sess_accept_renegotiate);
1181 case SSL_CTRL_SESS_HIT:
1182 return (ctx->stats.sess_hit);
1183 case SSL_CTRL_SESS_CB_HIT:
1184 return (ctx->stats.sess_cb_hit);
1185 case SSL_CTRL_SESS_MISSES:
1186 return (ctx->stats.sess_miss);
1187 case SSL_CTRL_SESS_TIMEOUTS:
1188 return (ctx->stats.sess_timeout);
1189 case SSL_CTRL_SESS_CACHE_FULL:
1190 return (ctx->stats.sess_cache_full);
1191 case SSL_CTRL_OPTIONS:
1192 return (ctx->options|=larg);
1193 case SSL_CTRL_CLEAR_OPTIONS:
1194 return (ctx->options&=~larg);
1195 case SSL_CTRL_MODE:
1196 return (ctx->mode|=larg);
1197 case SSL_CTRL_CLEAR_MODE:
1198 return (ctx->mode&=~larg);
1199 case SSL_CTRL_SET_MAX_SEND_FRAGMENT:
1200 if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH)
1201 return (0);
1202 ctx->max_send_fragment = larg;
1203 return (1);
1204 default:
1205 return (ctx->method->ssl_ctx_ctrl(ctx, cmd, larg, parg));
1206 }
1207}
1208
1209long
1210SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
1211{
1212 switch (cmd) {
1213 case SSL_CTRL_SET_MSG_CALLBACK:
1214 ctx->msg_callback = (void (*)(int write_p, int version,
1215 int content_type, const void *buf, size_t len, SSL *ssl,
1216 void *arg))(fp);
1217 return (1);
1218
1219 default:
1220 return (ctx->method->ssl_ctx_callback_ctrl(ctx, cmd, fp));
1221 }
1222}
1223
1224int
1225ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b)
1226{
1227 long l;
1228
1229 l = a->id - b->id;
1230 if (l == 0L)
1231 return (0);
1232 else
1233 return ((l > 0) ? 1:-1);
1234}
1235
1236int
1237ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap,
1238 const SSL_CIPHER * const *bp)
1239{
1240 long l;
1241
1242 l = (*ap)->id - (*bp)->id;
1243 if (l == 0L)
1244 return (0);
1245 else
1246 return ((l > 0) ? 1:-1);
1247}
1248
1249/*
1250 * Return a STACK of the ciphers available for the SSL and in order of
1251 * preference.
1252 */
1253STACK_OF(SSL_CIPHER) *
1254SSL_get_ciphers(const SSL *s)
1255{
1256 if (s != NULL) {
1257 if (s->cipher_list != NULL) {
1258 return (s->cipher_list);
1259 } else if ((s->ctx != NULL) && (s->ctx->cipher_list != NULL)) {
1260 return (s->ctx->cipher_list);
1261 }
1262 }
1263 return (NULL);
1264}
1265
1266/*
1267 * Return a STACK of the ciphers available for the SSL and in order of
1268 * algorithm id.
1269 */
1270STACK_OF(SSL_CIPHER) *
1271ssl_get_ciphers_by_id(SSL *s)
1272{
1273 if (s != NULL) {
1274 if (s->cipher_list_by_id != NULL) {
1275 return (s->cipher_list_by_id);
1276 } else if ((s->ctx != NULL) &&
1277 (s->ctx->cipher_list_by_id != NULL)) {
1278 return (s->ctx->cipher_list_by_id);
1279 }
1280 }
1281 return (NULL);
1282}
1283
1284/* The old interface to get the same thing as SSL_get_ciphers(). */
1285const char *
1286SSL_get_cipher_list(const SSL *s, int n)
1287{
1288 SSL_CIPHER *c;
1289 STACK_OF(SSL_CIPHER) *sk;
1290
1291 if (s == NULL)
1292 return (NULL);
1293 sk = SSL_get_ciphers(s);
1294 if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= n))
1295 return (NULL);
1296 c = sk_SSL_CIPHER_value(sk, n);
1297 if (c == NULL)
1298 return (NULL);
1299 return (c->name);
1300}
1301
1302/* Specify the ciphers to be used by default by the SSL_CTX. */
1303int
1304SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str)
1305{
1306 STACK_OF(SSL_CIPHER) *sk;
1307
1308 sk = ssl_create_cipher_list(ctx->method, &ctx->cipher_list,
1309 &ctx->cipher_list_by_id, str);
1310 /*
1311 * ssl_create_cipher_list may return an empty stack if it
1312 * was unable to find a cipher matching the given rule string
1313 * (for example if the rule string specifies a cipher which
1314 * has been disabled). This is not an error as far as
1315 * ssl_create_cipher_list is concerned, and hence
1316 * ctx->cipher_list and ctx->cipher_list_by_id has been
1317 * updated.
1318 */
1319 if (sk == NULL)
1320 return (0);
1321 else if (sk_SSL_CIPHER_num(sk) == 0) {
1322 SSLerr(SSL_F_SSL_CTX_SET_CIPHER_LIST,
1323 SSL_R_NO_CIPHER_MATCH);
1324 return (0);
1325 }
1326 return (1);
1327}
1328
1329/* Specify the ciphers to be used by the SSL. */
1330int
1331SSL_set_cipher_list(SSL *s, const char *str)
1332{
1333 STACK_OF(SSL_CIPHER) *sk;
1334
1335 sk = ssl_create_cipher_list(s->ctx->method, &s->cipher_list,
1336 &s->cipher_list_by_id, str);
1337 /* see comment in SSL_CTX_set_cipher_list */
1338 if (sk == NULL)
1339 return (0);
1340 else if (sk_SSL_CIPHER_num(sk) == 0) {
1341 SSLerr(SSL_F_SSL_SET_CIPHER_LIST,
1342 SSL_R_NO_CIPHER_MATCH);
1343 return (0);
1344 }
1345 return (1);
1346}
1347
1348/* works well for SSLv2, not so good for SSLv3 */
1349char *
1350SSL_get_shared_ciphers(const SSL *s, char *buf, int len)
1351{
1352 char *end;
1353 STACK_OF(SSL_CIPHER) *sk;
1354 SSL_CIPHER *c;
1355 size_t curlen = 0;
1356 int i;
1357
1358 if (s->session == NULL || s->session->ciphers == NULL || len < 2)
1359 return (NULL);
1360
1361 sk = s->session->ciphers;
1362 if (sk_SSL_CIPHER_num(sk) == 0)
1363 return (NULL);
1364
1365 buf[0] = '\0';
1366 for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
1367 c = sk_SSL_CIPHER_value(sk, i);
1368 end = buf + curlen;
1369 if (strlcat(buf, c->name, len) >= len ||
1370 (curlen = strlcat(buf, ":", len)) >= len) {
1371 /* remove truncated cipher from list */
1372 *end = '\0';
1373 break;
1374 }
1375 }
1376 /* remove trailing colon */
1377 if ((end = strrchr(buf, ':')) != NULL)
1378 *end = '\0';
1379 return (buf);
1380}
1381
1382int
1383ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, unsigned char *p)
1384{
1385 int i;
1386 SSL_CIPHER *c;
1387 unsigned char *q;
1388
1389 if (sk == NULL)
1390 return (0);
1391 q = p;
1392
1393 for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
1394 c = sk_SSL_CIPHER_value(sk, i);
1395
1396 /* Skip TLS v1.2 only ciphersuites if lower than v1.2 */
1397 if ((c->algorithm_ssl & SSL_TLSV1_2) &&
1398 (TLS1_get_client_version(s) < TLS1_2_VERSION))
1399 continue;
1400
1401 s2n(ssl3_cipher_get_value(c), p);
1402 }
1403
1404 /*
1405 * If p == q, no ciphers and caller indicates an error. Otherwise
1406 * add SCSV if not renegotiating.
1407 */
1408 if (p != q && !s->renegotiate)
1409 s2n(SSL3_CK_SCSV & SSL3_CK_VALUE_MASK, p);
1410
1411 return (p - q);
1412}
1413
1414STACK_OF(SSL_CIPHER) *
1415ssl_bytes_to_cipher_list(SSL *s, const unsigned char *p, int num)
1416{
1417 CBS cbs;
1418 const SSL_CIPHER *c;
1419 STACK_OF(SSL_CIPHER) *sk = NULL;
1420 unsigned long cipher_id;
1421 uint16_t cipher_value, max_version;
1422
1423 if (s->s3)
1424 s->s3->send_connection_binding = 0;
1425
1426 /*
1427 * RFC 5246 section 7.4.1.2 defines the interval as [2,2^16-2].
1428 */
1429 if (num < 2 || num > 0x10000 - 2) {
1430 SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
1431 SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
1432 return (NULL);
1433 }
1434
1435 if ((sk = sk_SSL_CIPHER_new_null()) == NULL) {
1436 SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
1437 goto err;
1438 }
1439
1440 CBS_init(&cbs, p, num);
1441 while (CBS_len(&cbs) > 0) {
1442 if (!CBS_get_u16(&cbs, &cipher_value)) {
1443 SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
1444 SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
1445 goto err;
1446 }
1447
1448 cipher_id = SSL3_CK_ID | cipher_value;
1449
1450 if (s->s3 != NULL && cipher_id == SSL3_CK_SCSV) {
1451 /*
1452 * TLS_EMPTY_RENEGOTIATION_INFO_SCSV is fatal if
1453 * renegotiating.
1454 */
1455 if (s->renegotiate) {
1456 SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
1457 SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING);
1458 ssl3_send_alert(s, SSL3_AL_FATAL,
1459 SSL_AD_HANDSHAKE_FAILURE);
1460
1461 goto err;
1462 }
1463 s->s3->send_connection_binding = 1;
1464 continue;
1465 }
1466
1467 if (cipher_id == SSL3_CK_FALLBACK_SCSV) {
1468 /*
1469 * TLS_FALLBACK_SCSV indicates that the client
1470 * previously tried a higher protocol version.
1471 * Fail if the current version is an unexpected
1472 * downgrade.
1473 */
1474 max_version = ssl_max_server_version(s);
1475 if (max_version == 0 || s->version < max_version) {
1476 SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
1477 SSL_R_INAPPROPRIATE_FALLBACK);
1478 if (s->s3 != NULL)
1479 ssl3_send_alert(s, SSL3_AL_FATAL,
1480 SSL_AD_INAPPROPRIATE_FALLBACK);
1481 goto err;
1482 }
1483 continue;
1484 }
1485
1486 if ((c = ssl3_get_cipher_by_value(cipher_value)) != NULL) {
1487 if (!sk_SSL_CIPHER_push(sk, c)) {
1488 SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
1489 ERR_R_MALLOC_FAILURE);
1490 goto err;
1491 }
1492 }
1493 }
1494
1495 return (sk);
1496
1497err:
1498 sk_SSL_CIPHER_free(sk);
1499
1500 return (NULL);
1501}
1502
1503
1504/*
1505 * Return a servername extension value if provided in Client Hello, or NULL.
1506 * So far, only host_name types are defined (RFC 3546).
1507 */
1508const char *
1509SSL_get_servername(const SSL *s, const int type)
1510{
1511 if (type != TLSEXT_NAMETYPE_host_name)
1512 return (NULL);
1513
1514 return (s->session && !s->tlsext_hostname ?
1515 s->session->tlsext_hostname :
1516 s->tlsext_hostname);
1517}
1518
1519int
1520SSL_get_servername_type(const SSL *s)
1521{
1522 if (s->session &&
1523 (!s->tlsext_hostname ?
1524 s->session->tlsext_hostname : s->tlsext_hostname))
1525 return (TLSEXT_NAMETYPE_host_name);
1526 return (-1);
1527}
1528
1529/*
1530 * SSL_select_next_proto implements the standard protocol selection. It is
1531 * expected that this function is called from the callback set by
1532 * SSL_CTX_set_next_proto_select_cb.
1533 *
1534 * The protocol data is assumed to be a vector of 8-bit, length prefixed byte
1535 * strings. The length byte itself is not included in the length. A byte
1536 * string of length 0 is invalid. No byte string may be truncated.
1537 *
1538 * The current, but experimental algorithm for selecting the protocol is:
1539 *
1540 * 1) If the server doesn't support NPN then this is indicated to the
1541 * callback. In this case, the client application has to abort the connection
1542 * or have a default application level protocol.
1543 *
1544 * 2) If the server supports NPN, but advertises an empty list then the
1545 * client selects the first protcol in its list, but indicates via the
1546 * API that this fallback case was enacted.
1547 *
1548 * 3) Otherwise, the client finds the first protocol in the server's list
1549 * that it supports and selects this protocol. This is because it's
1550 * assumed that the server has better information about which protocol
1551 * a client should use.
1552 *
1553 * 4) If the client doesn't support any of the server's advertised
1554 * protocols, then this is treated the same as case 2.
1555 *
1556 * It returns either
1557 * OPENSSL_NPN_NEGOTIATED if a common protocol was found, or
1558 * OPENSSL_NPN_NO_OVERLAP if the fallback case was reached.
1559 */
1560int
1561SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
1562 const unsigned char *server, unsigned int server_len,
1563 const unsigned char *client, unsigned int client_len)
1564{
1565 unsigned int i, j;
1566 const unsigned char *result;
1567 int status = OPENSSL_NPN_UNSUPPORTED;
1568
1569 /*
1570 * For each protocol in server preference order,
1571 * see if we support it.
1572 */
1573 for (i = 0; i < server_len; ) {
1574 for (j = 0; j < client_len; ) {
1575 if (server[i] == client[j] &&
1576 memcmp(&server[i + 1],
1577 &client[j + 1], server[i]) == 0) {
1578 /* We found a match */
1579 result = &server[i];
1580 status = OPENSSL_NPN_NEGOTIATED;
1581 goto found;
1582 }
1583 j += client[j];
1584 j++;
1585 }
1586 i += server[i];
1587 i++;
1588 }
1589
1590 /* There's no overlap between our protocols and the server's list. */
1591 result = client;
1592 status = OPENSSL_NPN_NO_OVERLAP;
1593
1594found:
1595 *out = (unsigned char *) result + 1;
1596 *outlen = result[0];
1597 return (status);
1598}
1599
1600/*
1601 * SSL_get0_next_proto_negotiated sets *data and *len to point to the client's
1602 * requested protocol for this connection and returns 0. If the client didn't
1603 * request any protocol, then *data is set to NULL.
1604 *
1605 * Note that the client can request any protocol it chooses. The value returned
1606 * from this function need not be a member of the list of supported protocols
1607 * provided by the callback.
1608 */
1609void
1610SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data,
1611 unsigned *len)
1612{
1613 *data = s->next_proto_negotiated;
1614 if (!*data) {
1615 *len = 0;
1616 } else {
1617 *len = s->next_proto_negotiated_len;
1618 }
1619}
1620
1621/*
1622 * SSL_CTX_set_next_protos_advertised_cb sets a callback that is called when a
1623 * TLS server needs a list of supported protocols for Next Protocol
1624 * Negotiation. The returned list must be in wire format. The list is returned
1625 * by setting |out| to point to it and |outlen| to its length. This memory will
1626 * not be modified, but one should assume that the SSL* keeps a reference to
1627 * it.
1628 *
1629 * The callback should return SSL_TLSEXT_ERR_OK if it wishes to advertise.
1630 * Otherwise, no such extension will be included in the ServerHello.
1631 */
1632void
1633SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *ctx, int (*cb) (SSL *ssl,
1634 const unsigned char **out, unsigned int *outlen, void *arg), void *arg)
1635{
1636 ctx->next_protos_advertised_cb = cb;
1637 ctx->next_protos_advertised_cb_arg = arg;
1638}
1639
1640/*
1641 * SSL_CTX_set_next_proto_select_cb sets a callback that is called when a
1642 * client needs to select a protocol from the server's provided list. |out|
1643 * must be set to point to the selected protocol (which may be within |in|).
1644 * The length of the protocol name must be written into |outlen|. The server's
1645 * advertised protocols are provided in |in| and |inlen|. The callback can
1646 * assume that |in| is syntactically valid.
1647 *
1648 * The client must select a protocol. It is fatal to the connection if this
1649 * callback returns a value other than SSL_TLSEXT_ERR_OK.
1650 */
1651void
1652SSL_CTX_set_next_proto_select_cb(SSL_CTX *ctx, int (*cb) (SSL *s,
1653 unsigned char **out, unsigned char *outlen, const unsigned char *in,
1654 unsigned int inlen, void *arg), void *arg)
1655{
1656 ctx->next_proto_select_cb = cb;
1657 ctx->next_proto_select_cb_arg = arg;
1658}
1659
1660/*
1661 * SSL_CTX_set_alpn_protos sets the ALPN protocol list to the specified
1662 * protocols, which must be in wire-format (i.e. a series of non-empty,
1663 * 8-bit length-prefixed strings). Returns 0 on success.
1664 */
1665int
1666SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos,
1667 unsigned int protos_len)
1668{
1669 free(ctx->alpn_client_proto_list);
1670 if ((ctx->alpn_client_proto_list = malloc(protos_len)) == NULL)
1671 return (1);
1672 memcpy(ctx->alpn_client_proto_list, protos, protos_len);
1673 ctx->alpn_client_proto_list_len = protos_len;
1674
1675 return (0);
1676}
1677
1678/*
1679 * SSL_set_alpn_protos sets the ALPN protocol list to the specified
1680 * protocols, which must be in wire-format (i.e. a series of non-empty,
1681 * 8-bit length-prefixed strings). Returns 0 on success.
1682 */
1683int
1684SSL_set_alpn_protos(SSL *ssl, const unsigned char* protos,
1685 unsigned int protos_len)
1686{
1687 free(ssl->alpn_client_proto_list);
1688 if ((ssl->alpn_client_proto_list = malloc(protos_len)) == NULL)
1689 return (1);
1690 memcpy(ssl->alpn_client_proto_list, protos, protos_len);
1691 ssl->alpn_client_proto_list_len = protos_len;
1692
1693 return (0);
1694}
1695
1696/*
1697 * SSL_CTX_set_alpn_select_cb sets a callback function that is called during
1698 * ClientHello processing in order to select an ALPN protocol from the
1699 * client's list of offered protocols.
1700 */
1701void
1702SSL_CTX_set_alpn_select_cb(SSL_CTX* ctx,
1703 int (*cb) (SSL *ssl, const unsigned char **out, unsigned char *outlen,
1704 const unsigned char *in, unsigned int inlen, void *arg), void *arg)
1705{
1706 ctx->alpn_select_cb = cb;
1707 ctx->alpn_select_cb_arg = arg;
1708}
1709
1710/*
1711 * SSL_get0_alpn_selected gets the selected ALPN protocol (if any). On return
1712 * it sets data to point to len bytes of protocol name (not including the
1713 * leading length-prefix byte). If the server didn't respond with* a negotiated
1714 * protocol then len will be zero.
1715 */
1716void
1717SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
1718 unsigned *len)
1719{
1720 *data = NULL;
1721 *len = 0;
1722
1723 if (ssl->s3 != NULL) {
1724 *data = ssl->s3->alpn_selected;
1725 *len = ssl->s3->alpn_selected_len;
1726 }
1727}
1728
1729int
1730SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
1731 const char *label, size_t llen, const unsigned char *p, size_t plen,
1732 int use_context)
1733{
1734 if (s->version < TLS1_VERSION)
1735 return (-1);
1736
1737 return (s->method->ssl3_enc->export_keying_material(s, out, olen,
1738 label, llen, p, plen, use_context));
1739}
1740
1741static unsigned long
1742ssl_session_hash(const SSL_SESSION *a)
1743{
1744 unsigned long l;
1745
1746 l = (unsigned long)
1747 ((unsigned int) a->session_id[0] )|
1748 ((unsigned int) a->session_id[1]<< 8L)|
1749 ((unsigned long)a->session_id[2]<<16L)|
1750 ((unsigned long)a->session_id[3]<<24L);
1751 return (l);
1752}
1753
1754/*
1755 * NB: If this function (or indeed the hash function which uses a sort of
1756 * coarser function than this one) is changed, ensure
1757 * SSL_CTX_has_matching_session_id() is checked accordingly. It relies on being
1758 * able to construct an SSL_SESSION that will collide with any existing session
1759 * with a matching session ID.
1760 */
1761static int
1762ssl_session_cmp(const SSL_SESSION *a, const SSL_SESSION *b)
1763{
1764 if (a->ssl_version != b->ssl_version)
1765 return (1);
1766 if (a->session_id_length != b->session_id_length)
1767 return (1);
1768 if (timingsafe_memcmp(a->session_id, b->session_id, a->session_id_length) != 0)
1769 return (1);
1770 return (0);
1771}
1772
1773/*
1774 * These wrapper functions should remain rather than redeclaring
1775 * SSL_SESSION_hash and SSL_SESSION_cmp for void* types and casting each
1776 * variable. The reason is that the functions aren't static, they're exposed via
1777 * ssl.h.
1778 */
1779static
1780IMPLEMENT_LHASH_HASH_FN(ssl_session, SSL_SESSION)
1781static
1782IMPLEMENT_LHASH_COMP_FN(ssl_session, SSL_SESSION)
1783
1784SSL_CTX *
1785SSL_CTX_new(const SSL_METHOD *meth)
1786{
1787 SSL_CTX *ret = NULL;
1788
1789 if (meth == NULL) {
1790 SSLerr(SSL_F_SSL_CTX_NEW,
1791 SSL_R_NULL_SSL_METHOD_PASSED);
1792 return (NULL);
1793 }
1794
1795 if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0) {
1796 SSLerr(SSL_F_SSL_CTX_NEW,
1797 SSL_R_X509_VERIFICATION_SETUP_PROBLEMS);
1798 goto err;
1799 }
1800 ret = calloc(1, sizeof(SSL_CTX));
1801 if (ret == NULL)
1802 goto err;
1803
1804 ret->method = meth;
1805
1806 ret->cert_store = NULL;
1807 ret->session_cache_mode = SSL_SESS_CACHE_SERVER;
1808 ret->session_cache_size = SSL_SESSION_CACHE_MAX_SIZE_DEFAULT;
1809 ret->session_cache_head = NULL;
1810 ret->session_cache_tail = NULL;
1811
1812 /* We take the system default */
1813 ret->session_timeout = meth->get_timeout();
1814
1815 ret->new_session_cb = 0;
1816 ret->remove_session_cb = 0;
1817 ret->get_session_cb = 0;
1818 ret->generate_session_id = 0;
1819
1820 memset((char *)&ret->stats, 0, sizeof(ret->stats));
1821
1822 ret->references = 1;
1823 ret->quiet_shutdown = 0;
1824
1825 ret->info_callback = NULL;
1826
1827 ret->app_verify_callback = 0;
1828 ret->app_verify_arg = NULL;
1829
1830 ret->max_cert_list = SSL_MAX_CERT_LIST_DEFAULT;
1831 ret->read_ahead = 0;
1832 ret->msg_callback = 0;
1833 ret->msg_callback_arg = NULL;
1834 ret->verify_mode = SSL_VERIFY_NONE;
1835 ret->sid_ctx_length = 0;
1836 ret->default_verify_callback = NULL;
1837 if ((ret->cert = ssl_cert_new()) == NULL)
1838 goto err;
1839
1840 ret->default_passwd_callback = 0;
1841 ret->default_passwd_callback_userdata = NULL;
1842 ret->client_cert_cb = 0;
1843 ret->app_gen_cookie_cb = 0;
1844 ret->app_verify_cookie_cb = 0;
1845
1846 ret->sessions = lh_SSL_SESSION_new();
1847 if (ret->sessions == NULL)
1848 goto err;
1849 ret->cert_store = X509_STORE_new();
1850 if (ret->cert_store == NULL)
1851 goto err;
1852
1853 ssl_create_cipher_list(ret->method, &ret->cipher_list,
1854 &ret->cipher_list_by_id, SSL_DEFAULT_CIPHER_LIST);
1855 if (ret->cipher_list == NULL ||
1856 sk_SSL_CIPHER_num(ret->cipher_list) <= 0) {
1857 SSLerr(SSL_F_SSL_CTX_NEW,
1858 SSL_R_LIBRARY_HAS_NO_CIPHERS);
1859 goto err2;
1860 }
1861
1862 ret->param = X509_VERIFY_PARAM_new();
1863 if (!ret->param)
1864 goto err;
1865
1866 if ((ret->md5 = EVP_get_digestbyname("ssl3-md5")) == NULL) {
1867 SSLerr(SSL_F_SSL_CTX_NEW,
1868 SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES);
1869 goto err2;
1870 }
1871 if ((ret->sha1 = EVP_get_digestbyname("ssl3-sha1")) == NULL) {
1872 SSLerr(SSL_F_SSL_CTX_NEW,
1873 SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES);
1874 goto err2;
1875 }
1876
1877 if ((ret->client_CA = sk_X509_NAME_new_null()) == NULL)
1878 goto err;
1879
1880 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ret, &ret->ex_data);
1881
1882 ret->extra_certs = NULL;
1883
1884 ret->max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH;
1885
1886 ret->tlsext_servername_callback = 0;
1887 ret->tlsext_servername_arg = NULL;
1888
1889 /* Setup RFC4507 ticket keys */
1890 arc4random_buf(ret->tlsext_tick_key_name, 16);
1891 arc4random_buf(ret->tlsext_tick_hmac_key, 16);
1892 arc4random_buf(ret->tlsext_tick_aes_key, 16);
1893
1894 ret->tlsext_status_cb = 0;
1895 ret->tlsext_status_arg = NULL;
1896
1897 ret->next_protos_advertised_cb = 0;
1898 ret->next_proto_select_cb = 0;
1899#ifndef OPENSSL_NO_ENGINE
1900 ret->client_cert_engine = NULL;
1901#ifdef OPENSSL_SSL_CLIENT_ENGINE_AUTO
1902#define eng_strx(x) #x
1903#define eng_str(x) eng_strx(x)
1904 /* Use specific client engine automatically... ignore errors */
1905 {
1906 ENGINE *eng;
1907 eng = ENGINE_by_id(eng_str(OPENSSL_SSL_CLIENT_ENGINE_AUTO));
1908 if (!eng) {
1909 ERR_clear_error();
1910 ENGINE_load_builtin_engines();
1911 eng = ENGINE_by_id(eng_str(
1912 OPENSSL_SSL_CLIENT_ENGINE_AUTO));
1913 }
1914 if (!eng || !SSL_CTX_set_client_cert_engine(ret, eng))
1915 ERR_clear_error();
1916 }
1917#endif
1918#endif
1919 /*
1920 * Default is to connect to non-RI servers. When RI is more widely
1921 * deployed might change this.
1922 */
1923 ret->options |= SSL_OP_LEGACY_SERVER_CONNECT;
1924
1925 /* Disable SSLv3 by default. */
1926 ret->options |= SSL_OP_NO_SSLv3;
1927
1928 return (ret);
1929err:
1930 SSLerr(SSL_F_SSL_CTX_NEW,
1931 ERR_R_MALLOC_FAILURE);
1932err2:
1933 SSL_CTX_free(ret);
1934 return (NULL);
1935}
1936
1937void
1938SSL_CTX_free(SSL_CTX *a)
1939{
1940 int i;
1941
1942 if (a == NULL)
1943 return;
1944
1945 i = CRYPTO_add(&a->references, -1, CRYPTO_LOCK_SSL_CTX);
1946 if (i > 0)
1947 return;
1948
1949 if (a->param)
1950 X509_VERIFY_PARAM_free(a->param);
1951
1952 /*
1953 * Free internal session cache. However: the remove_cb() may reference
1954 * the ex_data of SSL_CTX, thus the ex_data store can only be removed
1955 * after the sessions were flushed.
1956 * As the ex_data handling routines might also touch the session cache,
1957 * the most secure solution seems to be: empty (flush) the cache, then
1958 * free ex_data, then finally free the cache.
1959 * (See ticket [openssl.org #212].)
1960 */
1961 if (a->sessions != NULL)
1962 SSL_CTX_flush_sessions(a, 0);
1963
1964 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_CTX, a, &a->ex_data);
1965
1966 if (a->sessions != NULL)
1967 lh_SSL_SESSION_free(a->sessions);
1968
1969 if (a->cert_store != NULL)
1970 X509_STORE_free(a->cert_store);
1971 if (a->cipher_list != NULL)
1972 sk_SSL_CIPHER_free(a->cipher_list);
1973 if (a->cipher_list_by_id != NULL)
1974 sk_SSL_CIPHER_free(a->cipher_list_by_id);
1975 if (a->cert != NULL)
1976 ssl_cert_free(a->cert);
1977 if (a->client_CA != NULL)
1978 sk_X509_NAME_pop_free(a->client_CA, X509_NAME_free);
1979 if (a->extra_certs != NULL)
1980 sk_X509_pop_free(a->extra_certs, X509_free);
1981
1982#ifndef OPENSSL_NO_SRTP
1983 if (a->srtp_profiles)
1984 sk_SRTP_PROTECTION_PROFILE_free(a->srtp_profiles);
1985#endif
1986
1987#ifndef OPENSSL_NO_ENGINE
1988 if (a->client_cert_engine)
1989 ENGINE_finish(a->client_cert_engine);
1990#endif
1991
1992 free(a->alpn_client_proto_list);
1993
1994 free(a);
1995}
1996
1997void
1998SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb)
1999{
2000 ctx->default_passwd_callback = cb;
2001}
2002
2003void
2004SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u)
2005{
2006 ctx->default_passwd_callback_userdata = u;
2007}
2008
2009void
2010SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, int (*cb)(X509_STORE_CTX *,
2011 void *), void *arg)
2012{
2013 ctx->app_verify_callback = cb;
2014 ctx->app_verify_arg = arg;
2015}
2016
2017void
2018SSL_CTX_set_verify(SSL_CTX *ctx, int mode, int (*cb)(int, X509_STORE_CTX *))
2019{
2020 ctx->verify_mode = mode;
2021 ctx->default_verify_callback = cb;
2022}
2023
2024void
2025SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth)
2026{
2027 X509_VERIFY_PARAM_set_depth(ctx->param, depth);
2028}
2029
2030void
2031ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
2032{
2033 CERT_PKEY *cpk;
2034 int rsa_enc, rsa_sign, dh_tmp, dsa_sign;
2035 unsigned long mask_k, mask_a;
2036 int have_ecc_cert, ecdh_ok, ecdsa_ok;
2037 int have_ecdh_tmp;
2038 X509 *x = NULL;
2039 EVP_PKEY *ecc_pkey = NULL;
2040 int signature_nid = 0, pk_nid = 0, md_nid = 0;
2041
2042 if (c == NULL)
2043 return;
2044
2045 dh_tmp = (c->dh_tmp != NULL || c->dh_tmp_cb != NULL ||
2046 c->dh_tmp_auto != 0);
2047
2048 have_ecdh_tmp = (c->ecdh_tmp != NULL || c->ecdh_tmp_cb != NULL ||
2049 c->ecdh_tmp_auto != 0);
2050 cpk = &(c->pkeys[SSL_PKEY_RSA_ENC]);
2051 rsa_enc = (cpk->x509 != NULL && cpk->privatekey != NULL);
2052 cpk = &(c->pkeys[SSL_PKEY_RSA_SIGN]);
2053 rsa_sign = (cpk->x509 != NULL && cpk->privatekey != NULL);
2054 cpk = &(c->pkeys[SSL_PKEY_DSA_SIGN]);
2055 dsa_sign = (cpk->x509 != NULL && cpk->privatekey != NULL);
2056/* FIX THIS EAY EAY EAY */
2057 cpk = &(c->pkeys[SSL_PKEY_ECC]);
2058 have_ecc_cert = (cpk->x509 != NULL && cpk->privatekey != NULL);
2059 mask_k = 0;
2060 mask_a = 0;
2061
2062 cpk = &(c->pkeys[SSL_PKEY_GOST01]);
2063 if (cpk->x509 != NULL && cpk->privatekey !=NULL) {
2064 mask_k |= SSL_kGOST;
2065 mask_a |= SSL_aGOST01;
2066 }
2067
2068 if (rsa_enc)
2069 mask_k|=SSL_kRSA;
2070
2071 if (dh_tmp)
2072 mask_k|=SSL_kDHE;
2073
2074 if (rsa_enc || rsa_sign)
2075 mask_a|=SSL_aRSA;
2076
2077 if (dsa_sign)
2078 mask_a|=SSL_aDSS;
2079
2080 mask_a|=SSL_aNULL;
2081
2082 /*
2083 * An ECC certificate may be usable for ECDH and/or
2084 * ECDSA cipher suites depending on the key usage extension.
2085 */
2086 if (have_ecc_cert) {
2087 /* This call populates extension flags (ex_flags) */
2088 x = (c->pkeys[SSL_PKEY_ECC]).x509;
2089 X509_check_purpose(x, -1, 0);
2090 ecdh_ok = (x->ex_flags & EXFLAG_KUSAGE) ?
2091 (x->ex_kusage & X509v3_KU_KEY_AGREEMENT) : 1;
2092 ecdsa_ok = (x->ex_flags & EXFLAG_KUSAGE) ?
2093 (x->ex_kusage & X509v3_KU_DIGITAL_SIGNATURE) : 1;
2094 ecc_pkey = X509_get_pubkey(x);
2095 EVP_PKEY_free(ecc_pkey);
2096 if ((x->sig_alg) && (x->sig_alg->algorithm)) {
2097 signature_nid = OBJ_obj2nid(x->sig_alg->algorithm);
2098 OBJ_find_sigid_algs(signature_nid, &md_nid, &pk_nid);
2099 }
2100 if (ecdh_ok) {
2101 if (pk_nid == NID_rsaEncryption || pk_nid == NID_rsa) {
2102 mask_k|=SSL_kECDHr;
2103 mask_a|=SSL_aECDH;
2104 }
2105 if (pk_nid == NID_X9_62_id_ecPublicKey) {
2106 mask_k|=SSL_kECDHe;
2107 mask_a|=SSL_aECDH;
2108 }
2109 }
2110 if (ecdsa_ok)
2111 mask_a|=SSL_aECDSA;
2112 }
2113
2114 if (have_ecdh_tmp) {
2115 mask_k|=SSL_kECDHE;
2116 }
2117
2118
2119 c->mask_k = mask_k;
2120 c->mask_a = mask_a;
2121 c->valid = 1;
2122}
2123
2124/* This handy macro borrowed from crypto/x509v3/v3_purp.c */
2125#define ku_reject(x, usage) \
2126 (((x)->ex_flags & EXFLAG_KUSAGE) && !((x)->ex_kusage & (usage)))
2127
2128
2129int
2130ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
2131{
2132 unsigned long alg_k, alg_a;
2133 int signature_nid = 0, md_nid = 0, pk_nid = 0;
2134 const SSL_CIPHER *cs = s->s3->tmp.new_cipher;
2135
2136 alg_k = cs->algorithm_mkey;
2137 alg_a = cs->algorithm_auth;
2138
2139 /* This call populates the ex_flags field correctly */
2140 X509_check_purpose(x, -1, 0);
2141 if ((x->sig_alg) && (x->sig_alg->algorithm)) {
2142 signature_nid = OBJ_obj2nid(x->sig_alg->algorithm);
2143 OBJ_find_sigid_algs(signature_nid, &md_nid, &pk_nid);
2144 }
2145 if (alg_k & SSL_kECDHe || alg_k & SSL_kECDHr) {
2146 /* key usage, if present, must allow key agreement */
2147 if (ku_reject(x, X509v3_KU_KEY_AGREEMENT)) {
2148 SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
2149 SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT);
2150 return (0);
2151 }
2152 if ((alg_k & SSL_kECDHe) && TLS1_get_version(s) <
2153 TLS1_2_VERSION) {
2154 /* signature alg must be ECDSA */
2155 if (pk_nid != NID_X9_62_id_ecPublicKey) {
2156 SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
2157 SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE);
2158 return (0);
2159 }
2160 }
2161 if ((alg_k & SSL_kECDHr) && TLS1_get_version(s) <
2162 TLS1_2_VERSION) {
2163 /* signature alg must be RSA */
2164 if (pk_nid != NID_rsaEncryption && pk_nid != NID_rsa) {
2165 SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
2166 SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE);
2167 return (0);
2168 }
2169 }
2170 }
2171 if (alg_a & SSL_aECDSA) {
2172 /* key usage, if present, must allow signing */
2173 if (ku_reject(x, X509v3_KU_DIGITAL_SIGNATURE)) {
2174 SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
2175 SSL_R_ECC_CERT_NOT_FOR_SIGNING);
2176 return (0);
2177 }
2178 }
2179
2180 return (1);
2181 /* all checks are ok */
2182}
2183
2184
2185/* THIS NEEDS CLEANING UP */
2186CERT_PKEY *
2187ssl_get_server_send_pkey(const SSL *s)
2188{
2189 unsigned long alg_k, alg_a;
2190 CERT *c;
2191 int i;
2192
2193 c = s->cert;
2194 ssl_set_cert_masks(c, s->s3->tmp.new_cipher);
2195
2196 alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
2197 alg_a = s->s3->tmp.new_cipher->algorithm_auth;
2198
2199 if (alg_k & (SSL_kECDHr|SSL_kECDHe)) {
2200 /*
2201 * We don't need to look at SSL_kECDHE
2202 * since no certificate is needed for
2203 * anon ECDH and for authenticated
2204 * ECDHE, the check for the auth
2205 * algorithm will set i correctly
2206 * NOTE: For ECDH-RSA, we need an ECC
2207 * not an RSA cert but for EECDH-RSA
2208 * we need an RSA cert. Placing the
2209 * checks for SSL_kECDH before RSA
2210 * checks ensures the correct cert is chosen.
2211 */
2212 i = SSL_PKEY_ECC;
2213 } else if (alg_a & SSL_aECDSA) {
2214 i = SSL_PKEY_ECC;
2215 } else if (alg_a & SSL_aDSS) {
2216 i = SSL_PKEY_DSA_SIGN;
2217 } else if (alg_a & SSL_aRSA) {
2218 if (c->pkeys[SSL_PKEY_RSA_ENC].x509 == NULL)
2219 i = SSL_PKEY_RSA_SIGN;
2220 else
2221 i = SSL_PKEY_RSA_ENC;
2222 } else if (alg_a & SSL_aGOST01) {
2223 i = SSL_PKEY_GOST01;
2224 } else { /* if (alg_a & SSL_aNULL) */
2225 SSLerr(SSL_F_SSL_GET_SERVER_SEND_PKEY, ERR_R_INTERNAL_ERROR);
2226 return (NULL);
2227 }
2228
2229 return (c->pkeys + i);
2230}
2231
2232X509 *
2233ssl_get_server_send_cert(const SSL *s)
2234{
2235 CERT_PKEY *cpk;
2236
2237 cpk = ssl_get_server_send_pkey(s);
2238 if (!cpk)
2239 return (NULL);
2240 return (cpk->x509);
2241}
2242
2243EVP_PKEY *
2244ssl_get_sign_pkey(SSL *s, const SSL_CIPHER *cipher, const EVP_MD **pmd)
2245{
2246 unsigned long alg_a;
2247 CERT *c;
2248 int idx = -1;
2249
2250 alg_a = cipher->algorithm_auth;
2251 c = s->cert;
2252
2253 if ((alg_a & SSL_aDSS) &&
2254 (c->pkeys[SSL_PKEY_DSA_SIGN].privatekey != NULL))
2255 idx = SSL_PKEY_DSA_SIGN;
2256 else if (alg_a & SSL_aRSA) {
2257 if (c->pkeys[SSL_PKEY_RSA_SIGN].privatekey != NULL)
2258 idx = SSL_PKEY_RSA_SIGN;
2259 else if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey != NULL)
2260 idx = SSL_PKEY_RSA_ENC;
2261 } else if ((alg_a & SSL_aECDSA) &&
2262 (c->pkeys[SSL_PKEY_ECC].privatekey != NULL))
2263 idx = SSL_PKEY_ECC;
2264 if (idx == -1) {
2265 SSLerr(SSL_F_SSL_GET_SIGN_PKEY, ERR_R_INTERNAL_ERROR);
2266 return (NULL);
2267 }
2268 if (pmd)
2269 *pmd = c->pkeys[idx].digest;
2270 return (c->pkeys[idx].privatekey);
2271}
2272
2273DH *
2274ssl_get_auto_dh(SSL *s)
2275{
2276 CERT_PKEY *cpk;
2277 int keylen;
2278 DH *dhp;
2279
2280 if (s->cert->dh_tmp_auto == 2) {
2281 keylen = 1024;
2282 } else if (s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) {
2283 keylen = 1024;
2284 if (s->s3->tmp.new_cipher->strength_bits == 256)
2285 keylen = 3072;
2286 } else {
2287 if ((cpk = ssl_get_server_send_pkey(s)) == NULL)
2288 return (NULL);
2289 if (cpk->privatekey == NULL || cpk->privatekey->pkey.dh == NULL)
2290 return (NULL);
2291 keylen = EVP_PKEY_bits(cpk->privatekey);
2292 }
2293
2294 if ((dhp = DH_new()) == NULL)
2295 return (NULL);
2296
2297 dhp->g = BN_new();
2298 if (dhp->g != NULL)
2299 BN_set_word(dhp->g, 2);
2300
2301 if (keylen >= 8192)
2302 dhp->p = get_rfc3526_prime_8192(NULL);
2303 else if (keylen >= 4096)
2304 dhp->p = get_rfc3526_prime_4096(NULL);
2305 else if (keylen >= 3072)
2306 dhp->p = get_rfc3526_prime_3072(NULL);
2307 else if (keylen >= 2048)
2308 dhp->p = get_rfc3526_prime_2048(NULL);
2309 else if (keylen >= 1536)
2310 dhp->p = get_rfc3526_prime_1536(NULL);
2311 else
2312 dhp->p = get_rfc2409_prime_1024(NULL);
2313
2314 if (dhp->p == NULL || dhp->g == NULL) {
2315 DH_free(dhp);
2316 return (NULL);
2317 }
2318 return (dhp);
2319}
2320
2321void
2322ssl_update_cache(SSL *s, int mode)
2323{
2324 int i;
2325
2326 /*
2327 * If the session_id_length is 0, we are not supposed to cache it,
2328 * and it would be rather hard to do anyway :-)
2329 */
2330 if (s->session->session_id_length == 0)
2331 return;
2332
2333 i = s->session_ctx->session_cache_mode;
2334 if ((i & mode) && (!s->hit) && ((i & SSL_SESS_CACHE_NO_INTERNAL_STORE)
2335 || SSL_CTX_add_session(s->session_ctx, s->session))
2336 && (s->session_ctx->new_session_cb != NULL)) {
2337 CRYPTO_add(&s->session->references, 1, CRYPTO_LOCK_SSL_SESSION);
2338 if (!s->session_ctx->new_session_cb(s, s->session))
2339 SSL_SESSION_free(s->session);
2340 }
2341
2342 /* auto flush every 255 connections */
2343 if ((!(i & SSL_SESS_CACHE_NO_AUTO_CLEAR)) &&
2344 ((i & mode) == mode)) {
2345 if ((((mode & SSL_SESS_CACHE_CLIENT) ?
2346 s->session_ctx->stats.sess_connect_good :
2347 s->session_ctx->stats.sess_accept_good) & 0xff) == 0xff) {
2348 SSL_CTX_flush_sessions(s->session_ctx, time(NULL));
2349 }
2350 }
2351}
2352
2353const SSL_METHOD *
2354SSL_get_ssl_method(SSL *s)
2355{
2356 return (s->method);
2357}
2358
2359int
2360SSL_set_ssl_method(SSL *s, const SSL_METHOD *meth)
2361{
2362 int conn = -1;
2363 int ret = 1;
2364
2365 if (s->method != meth) {
2366 if (s->handshake_func != NULL)
2367 conn = (s->handshake_func == s->method->ssl_connect);
2368
2369 if (s->method->version == meth->version)
2370 s->method = meth;
2371 else {
2372 s->method->ssl_free(s);
2373 s->method = meth;
2374 ret = s->method->ssl_new(s);
2375 }
2376
2377 if (conn == 1)
2378 s->handshake_func = meth->ssl_connect;
2379 else if (conn == 0)
2380 s->handshake_func = meth->ssl_accept;
2381 }
2382 return (ret);
2383}
2384
2385int
2386SSL_get_error(const SSL *s, int i)
2387{
2388 int reason;
2389 unsigned long l;
2390 BIO *bio;
2391
2392 if (i > 0)
2393 return (SSL_ERROR_NONE);
2394
2395 /* Make things return SSL_ERROR_SYSCALL when doing SSL_do_handshake
2396 * etc, where we do encode the error */
2397 if ((l = ERR_peek_error()) != 0) {
2398 if (ERR_GET_LIB(l) == ERR_LIB_SYS)
2399 return (SSL_ERROR_SYSCALL);
2400 else
2401 return (SSL_ERROR_SSL);
2402 }
2403
2404 if ((i < 0) && SSL_want_read(s)) {
2405 bio = SSL_get_rbio(s);
2406 if (BIO_should_read(bio)) {
2407 return (SSL_ERROR_WANT_READ);
2408 } else if (BIO_should_write(bio)) {
2409 /*
2410 * This one doesn't make too much sense... We never
2411 * try to write to the rbio, and an application
2412 * program where rbio and wbio are separate couldn't
2413 * even know what it should wait for. However if we
2414 * ever set s->rwstate incorrectly (so that we have
2415 * SSL_want_read(s) instead of SSL_want_write(s))
2416 * and rbio and wbio *are* the same, this test works
2417 * around that bug; so it might be safer to keep it.
2418 */
2419 return (SSL_ERROR_WANT_WRITE);
2420 } else if (BIO_should_io_special(bio)) {
2421 reason = BIO_get_retry_reason(bio);
2422 if (reason == BIO_RR_CONNECT)
2423 return (SSL_ERROR_WANT_CONNECT);
2424 else if (reason == BIO_RR_ACCEPT)
2425 return (SSL_ERROR_WANT_ACCEPT);
2426 else
2427 return (SSL_ERROR_SYSCALL); /* unknown */
2428 }
2429 }
2430
2431 if ((i < 0) && SSL_want_write(s)) {
2432 bio = SSL_get_wbio(s);
2433 if (BIO_should_write(bio)) {
2434 return (SSL_ERROR_WANT_WRITE);
2435 } else if (BIO_should_read(bio)) {
2436 /*
2437 * See above (SSL_want_read(s) with
2438 * BIO_should_write(bio))
2439 */
2440 return (SSL_ERROR_WANT_READ);
2441 } else if (BIO_should_io_special(bio)) {
2442 reason = BIO_get_retry_reason(bio);
2443 if (reason == BIO_RR_CONNECT)
2444 return (SSL_ERROR_WANT_CONNECT);
2445 else if (reason == BIO_RR_ACCEPT)
2446 return (SSL_ERROR_WANT_ACCEPT);
2447 else
2448 return (SSL_ERROR_SYSCALL);
2449 }
2450 }
2451 if ((i < 0) && SSL_want_x509_lookup(s)) {
2452 return (SSL_ERROR_WANT_X509_LOOKUP);
2453 }
2454
2455 if (i == 0) {
2456 if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) &&
2457 (s->s3->warn_alert == SSL_AD_CLOSE_NOTIFY))
2458 return (SSL_ERROR_ZERO_RETURN);
2459 }
2460 return (SSL_ERROR_SYSCALL);
2461}
2462
2463int
2464SSL_do_handshake(SSL *s)
2465{
2466 int ret = 1;
2467
2468 if (s->handshake_func == NULL) {
2469 SSLerr(SSL_F_SSL_DO_HANDSHAKE,
2470 SSL_R_CONNECTION_TYPE_NOT_SET);
2471 return (-1);
2472 }
2473
2474 s->method->ssl_renegotiate_check(s);
2475
2476 if (SSL_in_init(s) || SSL_in_before(s)) {
2477 ret = s->handshake_func(s);
2478 }
2479 return (ret);
2480}
2481
2482/*
2483 * For the next 2 functions, SSL_clear() sets shutdown and so
2484 * one of these calls will reset it
2485 */
2486void
2487SSL_set_accept_state(SSL *s)
2488{
2489 s->server = 1;
2490 s->shutdown = 0;
2491 s->state = SSL_ST_ACCEPT|SSL_ST_BEFORE;
2492 s->handshake_func = s->method->ssl_accept;
2493 /* clear the current cipher */
2494 ssl_clear_cipher_ctx(s);
2495 ssl_clear_hash_ctx(&s->read_hash);
2496 ssl_clear_hash_ctx(&s->write_hash);
2497}
2498
2499void
2500SSL_set_connect_state(SSL *s)
2501{
2502 s->server = 0;
2503 s->shutdown = 0;
2504 s->state = SSL_ST_CONNECT|SSL_ST_BEFORE;
2505 s->handshake_func = s->method->ssl_connect;
2506 /* clear the current cipher */
2507 ssl_clear_cipher_ctx(s);
2508 ssl_clear_hash_ctx(&s->read_hash);
2509 ssl_clear_hash_ctx(&s->write_hash);
2510}
2511
2512int
2513ssl_undefined_function(SSL *s)
2514{
2515 SSLerr(SSL_F_SSL_UNDEFINED_FUNCTION,
2516 ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2517 return (0);
2518}
2519
2520int
2521ssl_undefined_void_function(void)
2522{
2523 SSLerr(SSL_F_SSL_UNDEFINED_VOID_FUNCTION,
2524 ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2525 return (0);
2526}
2527
2528int
2529ssl_undefined_const_function(const SSL *s)
2530{
2531 SSLerr(SSL_F_SSL_UNDEFINED_CONST_FUNCTION,
2532 ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2533 return (0);
2534}
2535
2536SSL_METHOD *
2537ssl_bad_method(int ver)
2538{
2539 SSLerr(SSL_F_SSL_BAD_METHOD,
2540 ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2541 return (NULL);
2542}
2543
2544const char *
2545ssl_version_string(int ver)
2546{
2547 switch (ver) {
2548 case DTLS1_BAD_VER:
2549 return (SSL_TXT_DTLS1_BAD);
2550 case DTLS1_VERSION:
2551 return (SSL_TXT_DTLS1);
2552 case SSL3_VERSION:
2553 return (SSL_TXT_SSLV3);
2554 case TLS1_VERSION:
2555 return (SSL_TXT_TLSV1);
2556 case TLS1_1_VERSION:
2557 return (SSL_TXT_TLSV1_1);
2558 case TLS1_2_VERSION:
2559 return (SSL_TXT_TLSV1_2);
2560 default:
2561 return ("unknown");
2562 }
2563}
2564
2565const char *
2566SSL_get_version(const SSL *s)
2567{
2568 return ssl_version_string(s->version);
2569}
2570
2571uint16_t
2572ssl_max_server_version(SSL *s)
2573{
2574 uint16_t max_version;
2575
2576 /*
2577 * The SSL method will be changed during version negotiation, as such
2578 * we want to use the SSL method from the context.
2579 */
2580 max_version = s->ctx->method->version;
2581
2582 if (SSL_IS_DTLS(s))
2583 return (DTLS1_VERSION);
2584
2585 if ((s->options & SSL_OP_NO_TLSv1_2) == 0 &&
2586 max_version >= TLS1_2_VERSION)
2587 return (TLS1_2_VERSION);
2588 if ((s->options & SSL_OP_NO_TLSv1_1) == 0 &&
2589 max_version >= TLS1_1_VERSION)
2590 return (TLS1_1_VERSION);
2591 if ((s->options & SSL_OP_NO_TLSv1) == 0 &&
2592 max_version >= TLS1_VERSION)
2593 return (TLS1_VERSION);
2594 if ((s->options & SSL_OP_NO_SSLv3) == 0 &&
2595 max_version >= SSL3_VERSION)
2596 return (SSL3_VERSION);
2597
2598 return (0);
2599}
2600
2601SSL *
2602SSL_dup(SSL *s)
2603{
2604 STACK_OF(X509_NAME) *sk;
2605 X509_NAME *xn;
2606 SSL *ret;
2607 int i;
2608
2609 if ((ret = SSL_new(SSL_get_SSL_CTX(s))) == NULL)
2610 return (NULL);
2611
2612 ret->version = s->version;
2613 ret->type = s->type;
2614 ret->method = s->method;
2615
2616 if (s->session != NULL) {
2617 /* This copies session-id, SSL_METHOD, sid_ctx, and 'cert' */
2618 SSL_copy_session_id(ret, s);
2619 } else {
2620 /*
2621 * No session has been established yet, so we have to expect
2622 * that s->cert or ret->cert will be changed later --
2623 * they should not both point to the same object,
2624 * and thus we can't use SSL_copy_session_id.
2625 */
2626
2627 ret->method->ssl_free(ret);
2628 ret->method = s->method;
2629 ret->method->ssl_new(ret);
2630
2631 if (s->cert != NULL) {
2632 if (ret->cert != NULL) {
2633 ssl_cert_free(ret->cert);
2634 }
2635 ret->cert = ssl_cert_dup(s->cert);
2636 if (ret->cert == NULL)
2637 goto err;
2638 }
2639
2640 SSL_set_session_id_context(ret,
2641 s->sid_ctx, s->sid_ctx_length);
2642 }
2643
2644 ret->options = s->options;
2645 ret->mode = s->mode;
2646 SSL_set_max_cert_list(ret, SSL_get_max_cert_list(s));
2647 SSL_set_read_ahead(ret, SSL_get_read_ahead(s));
2648 ret->msg_callback = s->msg_callback;
2649 ret->msg_callback_arg = s->msg_callback_arg;
2650 SSL_set_verify(ret, SSL_get_verify_mode(s),
2651 SSL_get_verify_callback(s));
2652 SSL_set_verify_depth(ret, SSL_get_verify_depth(s));
2653 ret->generate_session_id = s->generate_session_id;
2654
2655 SSL_set_info_callback(ret, SSL_get_info_callback(s));
2656
2657 ret->debug = s->debug;
2658
2659 /* copy app data, a little dangerous perhaps */
2660 if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL,
2661 &ret->ex_data, &s->ex_data))
2662 goto err;
2663
2664 /* setup rbio, and wbio */
2665 if (s->rbio != NULL) {
2666 if (!BIO_dup_state(s->rbio,(char *)&ret->rbio))
2667 goto err;
2668 }
2669 if (s->wbio != NULL) {
2670 if (s->wbio != s->rbio) {
2671 if (!BIO_dup_state(s->wbio,(char *)&ret->wbio))
2672 goto err;
2673 } else
2674 ret->wbio = ret->rbio;
2675 }
2676 ret->rwstate = s->rwstate;
2677 ret->in_handshake = s->in_handshake;
2678 ret->handshake_func = s->handshake_func;
2679 ret->server = s->server;
2680 ret->renegotiate = s->renegotiate;
2681 ret->new_session = s->new_session;
2682 ret->quiet_shutdown = s->quiet_shutdown;
2683 ret->shutdown = s->shutdown;
2684 /* SSL_dup does not really work at any state, though */
2685 ret->state=s->state;
2686 ret->rstate = s->rstate;
2687
2688 /*
2689 * Would have to copy ret->init_buf, ret->init_msg, ret->init_num,
2690 * ret->init_off
2691 */
2692 ret->init_num = 0;
2693
2694 ret->hit = s->hit;
2695
2696 X509_VERIFY_PARAM_inherit(ret->param, s->param);
2697
2698 /* dup the cipher_list and cipher_list_by_id stacks */
2699 if (s->cipher_list != NULL) {
2700 if ((ret->cipher_list =
2701 sk_SSL_CIPHER_dup(s->cipher_list)) == NULL)
2702 goto err;
2703 }
2704 if (s->cipher_list_by_id != NULL) {
2705 if ((ret->cipher_list_by_id =
2706 sk_SSL_CIPHER_dup(s->cipher_list_by_id)) == NULL)
2707 goto err;
2708 }
2709
2710 /* Dup the client_CA list */
2711 if (s->client_CA != NULL) {
2712 if ((sk = sk_X509_NAME_dup(s->client_CA)) == NULL) goto err;
2713 ret->client_CA = sk;
2714 for (i = 0; i < sk_X509_NAME_num(sk); i++) {
2715 xn = sk_X509_NAME_value(sk, i);
2716 if (sk_X509_NAME_set(sk, i,
2717 X509_NAME_dup(xn)) == NULL) {
2718 X509_NAME_free(xn);
2719 goto err;
2720 }
2721 }
2722 }
2723
2724 if (0) {
2725err:
2726 if (ret != NULL)
2727 SSL_free(ret);
2728 ret = NULL;
2729 }
2730 return (ret);
2731}
2732
2733void
2734ssl_clear_cipher_ctx(SSL *s)
2735{
2736 EVP_CIPHER_CTX_free(s->enc_read_ctx);
2737 s->enc_read_ctx = NULL;
2738 EVP_CIPHER_CTX_free(s->enc_write_ctx);
2739 s->enc_write_ctx = NULL;
2740
2741 if (s->aead_read_ctx != NULL) {
2742 EVP_AEAD_CTX_cleanup(&s->aead_read_ctx->ctx);
2743 free(s->aead_read_ctx);
2744 s->aead_read_ctx = NULL;
2745 }
2746 if (s->aead_write_ctx != NULL) {
2747 EVP_AEAD_CTX_cleanup(&s->aead_write_ctx->ctx);
2748 free(s->aead_write_ctx);
2749 s->aead_write_ctx = NULL;
2750 }
2751
2752}
2753
2754/* Fix this function so that it takes an optional type parameter */
2755X509 *
2756SSL_get_certificate(const SSL *s)
2757{
2758 if (s->cert != NULL)
2759 return (s->cert->key->x509);
2760 else
2761 return (NULL);
2762}
2763
2764/* Fix this function so that it takes an optional type parameter */
2765EVP_PKEY *
2766SSL_get_privatekey(SSL *s)
2767{
2768 if (s->cert != NULL)
2769 return (s->cert->key->privatekey);
2770 else
2771 return (NULL);
2772}
2773
2774const SSL_CIPHER *
2775SSL_get_current_cipher(const SSL *s)
2776{
2777 if ((s->session != NULL) && (s->session->cipher != NULL))
2778 return (s->session->cipher);
2779 return (NULL);
2780}
2781const void *
2782SSL_get_current_compression(SSL *s)
2783{
2784 return (NULL);
2785}
2786
2787const void *
2788SSL_get_current_expansion(SSL *s)
2789{
2790 return (NULL);
2791}
2792
2793int
2794ssl_init_wbio_buffer(SSL *s, int push)
2795{
2796 BIO *bbio;
2797
2798 if (s->bbio == NULL) {
2799 bbio = BIO_new(BIO_f_buffer());
2800 if (bbio == NULL)
2801 return (0);
2802 s->bbio = bbio;
2803 } else {
2804 bbio = s->bbio;
2805 if (s->bbio == s->wbio)
2806 s->wbio = BIO_pop(s->wbio);
2807 }
2808 (void)BIO_reset(bbio);
2809/* if (!BIO_set_write_buffer_size(bbio,16*1024)) */
2810 if (!BIO_set_read_buffer_size(bbio, 1)) {
2811 SSLerr(SSL_F_SSL_INIT_WBIO_BUFFER,
2812 ERR_R_BUF_LIB);
2813 return (0);
2814 }
2815 if (push) {
2816 if (s->wbio != bbio)
2817 s->wbio = BIO_push(bbio, s->wbio);
2818 } else {
2819 if (s->wbio == bbio)
2820 s->wbio = BIO_pop(bbio);
2821 }
2822 return (1);
2823}
2824
2825void
2826ssl_free_wbio_buffer(SSL *s)
2827{
2828 if (s == NULL)
2829 return;
2830
2831 if (s->bbio == NULL)
2832 return;
2833
2834 if (s->bbio == s->wbio) {
2835 /* remove buffering */
2836 s->wbio = BIO_pop(s->wbio);
2837 }
2838 BIO_free(s->bbio);
2839 s->bbio = NULL;
2840}
2841
2842void
2843SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode)
2844{
2845 ctx->quiet_shutdown = mode;
2846}
2847
2848int
2849SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx)
2850{
2851 return (ctx->quiet_shutdown);
2852}
2853
2854void
2855SSL_set_quiet_shutdown(SSL *s, int mode)
2856{
2857 s->quiet_shutdown = mode;
2858}
2859
2860int
2861SSL_get_quiet_shutdown(const SSL *s)
2862{
2863 return (s->quiet_shutdown);
2864}
2865
2866void
2867SSL_set_shutdown(SSL *s, int mode)
2868{
2869 s->shutdown = mode;
2870}
2871
2872int
2873SSL_get_shutdown(const SSL *s)
2874{
2875 return (s->shutdown);
2876}
2877
2878int
2879SSL_version(const SSL *s)
2880{
2881 return (s->version);
2882}
2883
2884SSL_CTX *
2885SSL_get_SSL_CTX(const SSL *ssl)
2886{
2887 return (ssl->ctx);
2888}
2889
2890SSL_CTX *
2891SSL_set_SSL_CTX(SSL *ssl, SSL_CTX* ctx)
2892{
2893 if (ssl->ctx == ctx)
2894 return (ssl->ctx);
2895 if (ctx == NULL)
2896 ctx = ssl->initial_ctx;
2897 if (ssl->cert != NULL)
2898 ssl_cert_free(ssl->cert);
2899 ssl->cert = ssl_cert_dup(ctx->cert);
2900 CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
2901 SSL_CTX_free(ssl->ctx); /* decrement reference count */
2902 ssl->ctx = ctx;
2903 return (ssl->ctx);
2904}
2905
2906int
2907SSL_CTX_set_default_verify_paths(SSL_CTX *ctx)
2908{
2909 return (X509_STORE_set_default_paths(ctx->cert_store));
2910}
2911
2912int
2913SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
2914 const char *CApath)
2915{
2916 return (X509_STORE_load_locations(ctx->cert_store, CAfile, CApath));
2917}
2918
2919int
2920SSL_CTX_load_verify_mem(SSL_CTX *ctx, void *buf, int len)
2921{
2922 return (X509_STORE_load_mem(ctx->cert_store, buf, len));
2923}
2924
2925void
2926SSL_set_info_callback(SSL *ssl, void (*cb)(const SSL *ssl, int type, int val))
2927{
2928 ssl->info_callback = cb;
2929}
2930
2931void (*SSL_get_info_callback(const SSL *ssl))(const SSL *ssl, int type, int val)
2932{
2933 return (ssl->info_callback);
2934}
2935
2936int
2937SSL_state(const SSL *ssl)
2938{
2939 return (ssl->state);
2940}
2941
2942void
2943SSL_set_state(SSL *ssl, int state)
2944{
2945 ssl->state = state;
2946}
2947
2948void
2949SSL_set_verify_result(SSL *ssl, long arg)
2950{
2951 ssl->verify_result = arg;
2952}
2953
2954long
2955SSL_get_verify_result(const SSL *ssl)
2956{
2957 return (ssl->verify_result);
2958}
2959
2960int
2961SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
2962 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
2963{
2964 return (CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL, argl, argp,
2965 new_func, dup_func, free_func));
2966}
2967
2968int
2969SSL_set_ex_data(SSL *s, int idx, void *arg)
2970{
2971 return (CRYPTO_set_ex_data(&s->ex_data, idx, arg));
2972}
2973
2974void *
2975SSL_get_ex_data(const SSL *s, int idx)
2976{
2977 return (CRYPTO_get_ex_data(&s->ex_data, idx));
2978}
2979
2980int
2981SSL_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
2982 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
2983{
2984 return (CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX, argl, argp,
2985 new_func, dup_func, free_func));
2986}
2987
2988int
2989SSL_CTX_set_ex_data(SSL_CTX *s, int idx, void *arg)
2990{
2991 return (CRYPTO_set_ex_data(&s->ex_data, idx, arg));
2992}
2993
2994void *
2995SSL_CTX_get_ex_data(const SSL_CTX *s, int idx)
2996{
2997 return (CRYPTO_get_ex_data(&s->ex_data, idx));
2998}
2999
3000int
3001ssl_ok(SSL *s)
3002{
3003 return (1);
3004}
3005
3006X509_STORE *
3007SSL_CTX_get_cert_store(const SSL_CTX *ctx)
3008{
3009 return (ctx->cert_store);
3010}
3011
3012void
3013SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *store)
3014{
3015 if (ctx->cert_store != NULL)
3016 X509_STORE_free(ctx->cert_store);
3017 ctx->cert_store = store;
3018}
3019
3020int
3021SSL_want(const SSL *s)
3022{
3023 return (s->rwstate);
3024}
3025
3026void
3027SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx, RSA *(*cb)(SSL *ssl, int is_export,
3028 int keylength))
3029{
3030 SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_RSA_CB,(void (*)(void))cb);
3031}
3032
3033void
3034SSL_set_tmp_rsa_callback(SSL *ssl, RSA *(*cb)(SSL *ssl, int is_export,
3035 int keylength))
3036{
3037 SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_RSA_CB,(void (*)(void))cb);
3038}
3039
3040void
3041SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx, DH *(*dh)(SSL *ssl, int is_export,
3042 int keylength))
3043{
3044 SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_DH_CB,(void (*)(void))dh);
3045}
3046
3047void
3048SSL_set_tmp_dh_callback(SSL *ssl, DH *(*dh)(SSL *ssl, int is_export,
3049 int keylength))
3050{
3051 SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_DH_CB,(void (*)(void))dh);
3052}
3053
3054void
3055SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx, EC_KEY *(*ecdh)(SSL *ssl,
3056 int is_export, int keylength))
3057{
3058 SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_ECDH_CB,
3059 (void (*)(void))ecdh);
3060}
3061
3062void
3063SSL_set_tmp_ecdh_callback(SSL *ssl, EC_KEY *(*ecdh)(SSL *ssl, int is_export,
3064 int keylength))
3065{
3066 SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_ECDH_CB,(void (*)(void))ecdh);
3067}
3068
3069
3070void
3071SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int version,
3072 int content_type, const void *buf, size_t len, SSL *ssl, void *arg))
3073{
3074 SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_MSG_CALLBACK,
3075 (void (*)(void))cb);
3076}
3077
3078void
3079SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version,
3080 int content_type, const void *buf, size_t len, SSL *ssl, void *arg))
3081{
3082 SSL_callback_ctrl(ssl, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb);
3083}
3084
3085/*
3086 * Allocates new EVP_MD_CTX and sets pointer to it into given pointer
3087 * variable, freeing EVP_MD_CTX previously stored in that variable, if
3088 * any. If EVP_MD pointer is passed, initializes ctx with this md
3089 * Returns newly allocated ctx;
3090 */
3091EVP_MD_CTX *
3092ssl_replace_hash(EVP_MD_CTX **hash, const EVP_MD *md)
3093{
3094 ssl_clear_hash_ctx(hash);
3095 *hash = EVP_MD_CTX_create();
3096 if (*hash != NULL && md != NULL) {
3097 if (!EVP_DigestInit_ex(*hash, md, NULL)) {
3098 ssl_clear_hash_ctx(hash);
3099 return (NULL);
3100 }
3101 }
3102 return (*hash);
3103}
3104
3105void
3106ssl_clear_hash_ctx(EVP_MD_CTX **hash)
3107{
3108 if (*hash)
3109 EVP_MD_CTX_destroy(*hash);
3110 *hash = NULL;
3111}
3112
3113void
3114SSL_set_debug(SSL *s, int debug)
3115{
3116 s->debug = debug;
3117}
3118
3119int
3120SSL_cache_hit(SSL *s)
3121{
3122 return (s->hit);
3123}
3124
3125IMPLEMENT_OBJ_BSEARCH_GLOBAL_CMP_FN(SSL_CIPHER, SSL_CIPHER, ssl_cipher_id);
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
deleted file mode 100644
index 74b699a48c..0000000000
--- a/src/lib/libssl/ssl_locl.h
+++ /dev/null
@@ -1,875 +0,0 @@
1/* $OpenBSD: ssl_locl.h,v 1.100 2015/07/24 07:57:48 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111/* ====================================================================
112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113 * ECC cipher suite support in OpenSSL originally developed by
114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
115 */
116/* ====================================================================
117 * Copyright 2005 Nokia. All rights reserved.
118 *
119 * The portions of the attached software ("Contribution") is developed by
120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
121 * license.
122 *
123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
125 * support (see RFC 4279) to OpenSSL.
126 *
127 * No patent licenses or other rights except those expressly stated in
128 * the OpenSSL open source license shall be deemed granted or received
129 * expressly, by implication, estoppel, or otherwise.
130 *
131 * No assurances are provided by Nokia that the Contribution does not
132 * infringe the patent or other intellectual property rights of any third
133 * party or that the license provides you with all the necessary rights
134 * to make use of the Contribution.
135 *
136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
140 * OTHERWISE.
141 */
142
143#ifndef HEADER_SSL_LOCL_H
144#define HEADER_SSL_LOCL_H
145
146#include <sys/types.h>
147
148#include <errno.h>
149#include <stdlib.h>
150#include <string.h>
151#include <time.h>
152#include <unistd.h>
153
154#include <openssl/opensslconf.h>
155#include <openssl/bio.h>
156#include <openssl/buffer.h>
157#include <openssl/dsa.h>
158#include <openssl/err.h>
159#include <openssl/rsa.h>
160#include <openssl/ssl.h>
161#include <openssl/stack.h>
162
163#define c2l(c,l) (l = ((unsigned long)(*((c)++))) , \
164 l|=(((unsigned long)(*((c)++)))<< 8), \
165 l|=(((unsigned long)(*((c)++)))<<16), \
166 l|=(((unsigned long)(*((c)++)))<<24))
167
168/* NOTE - c is not incremented as per c2l */
169#define c2ln(c,l1,l2,n) { \
170 c+=n; \
171 l1=l2=0; \
172 switch (n) { \
173 case 8: l2 =((unsigned long)(*(--(c))))<<24; \
174 case 7: l2|=((unsigned long)(*(--(c))))<<16; \
175 case 6: l2|=((unsigned long)(*(--(c))))<< 8; \
176 case 5: l2|=((unsigned long)(*(--(c)))); \
177 case 4: l1 =((unsigned long)(*(--(c))))<<24; \
178 case 3: l1|=((unsigned long)(*(--(c))))<<16; \
179 case 2: l1|=((unsigned long)(*(--(c))))<< 8; \
180 case 1: l1|=((unsigned long)(*(--(c)))); \
181 } \
182 }
183
184#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
185 *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
186 *((c)++)=(unsigned char)(((l)>>16)&0xff), \
187 *((c)++)=(unsigned char)(((l)>>24)&0xff))
188
189#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24, \
190 l|=((unsigned long)(*((c)++)))<<16, \
191 l|=((unsigned long)(*((c)++)))<< 8, \
192 l|=((unsigned long)(*((c)++))))
193
194#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \
195 *((c)++)=(unsigned char)(((l)>>16)&0xff), \
196 *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
197 *((c)++)=(unsigned char)(((l) )&0xff))
198
199#define l2n8(l,c) (*((c)++)=(unsigned char)(((l)>>56)&0xff), \
200 *((c)++)=(unsigned char)(((l)>>48)&0xff), \
201 *((c)++)=(unsigned char)(((l)>>40)&0xff), \
202 *((c)++)=(unsigned char)(((l)>>32)&0xff), \
203 *((c)++)=(unsigned char)(((l)>>24)&0xff), \
204 *((c)++)=(unsigned char)(((l)>>16)&0xff), \
205 *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
206 *((c)++)=(unsigned char)(((l) )&0xff))
207
208/* NOTE - c is not incremented as per l2c */
209#define l2cn(l1,l2,c,n) { \
210 c+=n; \
211 switch (n) { \
212 case 8: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
213 case 7: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
214 case 6: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
215 case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
216 case 4: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
217 case 3: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
218 case 2: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
219 case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
220 } \
221 }
222
223#define n2s(c,s) ((s=(((unsigned int)(c[0]))<< 8)| \
224 (((unsigned int)(c[1])) )),c+=2)
225#define s2n(s,c) ((c[0]=(unsigned char)(((s)>> 8)&0xff), \
226 c[1]=(unsigned char)(((s) )&0xff)),c+=2)
227
228#define n2l3(c,l) ((l =(((unsigned long)(c[0]))<<16)| \
229 (((unsigned long)(c[1]))<< 8)| \
230 (((unsigned long)(c[2])) )),c+=3)
231
232#define l2n3(l,c) ((c[0]=(unsigned char)(((l)>>16)&0xff), \
233 c[1]=(unsigned char)(((l)>> 8)&0xff), \
234 c[2]=(unsigned char)(((l) )&0xff)),c+=3)
235
236/* LOCAL STUFF */
237
238#define SSL_DECRYPT 0
239#define SSL_ENCRYPT 1
240
241/*
242 * Define the Bitmasks for SSL_CIPHER.algorithms.
243 * This bits are used packed as dense as possible. If new methods/ciphers
244 * etc will be added, the bits a likely to change, so this information
245 * is for internal library use only, even though SSL_CIPHER.algorithms
246 * can be publicly accessed.
247 * Use the according functions for cipher management instead.
248 *
249 * The bit mask handling in the selection and sorting scheme in
250 * ssl_create_cipher_list() has only limited capabilities, reflecting
251 * that the different entities within are mutually exclusive:
252 * ONLY ONE BIT PER MASK CAN BE SET AT A TIME.
253 */
254
255/* Bits for algorithm_mkey (key exchange algorithm) */
256#define SSL_kRSA 0x00000001L /* RSA key exchange */
257#define SSL_kDHE 0x00000008L /* tmp DH key no DH cert */
258#define SSL_kECDHr 0x00000020L /* ECDH cert, RSA CA cert */
259#define SSL_kECDHe 0x00000040L /* ECDH cert, ECDSA CA cert */
260#define SSL_kECDHE 0x00000080L /* ephemeral ECDH */
261#define SSL_kGOST 0x00000200L /* GOST key exchange */
262
263/* Bits for algorithm_auth (server authentication) */
264#define SSL_aRSA 0x00000001L /* RSA auth */
265#define SSL_aDSS 0x00000002L /* DSS auth */
266#define SSL_aNULL 0x00000004L /* no auth (i.e. use ADH or AECDH) */
267#define SSL_aECDH 0x00000010L /* Fixed ECDH auth (kECDHe or kECDHr) */
268#define SSL_aECDSA 0x00000040L /* ECDSA auth*/
269#define SSL_aGOST01 0x00000200L /* GOST R 34.10-2001 signature auth */
270
271
272/* Bits for algorithm_enc (symmetric encryption) */
273#define SSL_DES 0x00000001L
274#define SSL_3DES 0x00000002L
275#define SSL_RC4 0x00000004L
276#define SSL_IDEA 0x00000008L
277#define SSL_eNULL 0x00000010L
278#define SSL_AES128 0x00000020L
279#define SSL_AES256 0x00000040L
280#define SSL_CAMELLIA128 0x00000080L
281#define SSL_CAMELLIA256 0x00000100L
282#define SSL_eGOST2814789CNT 0x00000200L
283#define SSL_AES128GCM 0x00000400L
284#define SSL_AES256GCM 0x00000800L
285#define SSL_CHACHA20POLY1305 0x00001000L
286
287#define SSL_AES (SSL_AES128|SSL_AES256|SSL_AES128GCM|SSL_AES256GCM)
288#define SSL_CAMELLIA (SSL_CAMELLIA128|SSL_CAMELLIA256)
289
290
291/* Bits for algorithm_mac (symmetric authentication) */
292
293#define SSL_MD5 0x00000001L
294#define SSL_SHA1 0x00000002L
295#define SSL_GOST94 0x00000004L
296#define SSL_GOST89MAC 0x00000008L
297#define SSL_SHA256 0x00000010L
298#define SSL_SHA384 0x00000020L
299/* Not a real MAC, just an indication it is part of cipher */
300#define SSL_AEAD 0x00000040L
301#define SSL_STREEBOG256 0x00000080L
302#define SSL_STREEBOG512 0x00000100L
303
304/* Bits for algorithm_ssl (protocol version) */
305#define SSL_SSLV3 0x00000002L
306#define SSL_TLSV1 SSL_SSLV3 /* for now */
307#define SSL_TLSV1_2 0x00000004L
308
309
310/* Bits for algorithm2 (handshake digests and other extra flags) */
311
312#define SSL_HANDSHAKE_MAC_MD5 0x10
313#define SSL_HANDSHAKE_MAC_SHA 0x20
314#define SSL_HANDSHAKE_MAC_GOST94 0x40
315#define SSL_HANDSHAKE_MAC_SHA256 0x80
316#define SSL_HANDSHAKE_MAC_SHA384 0x100
317#define SSL_HANDSHAKE_MAC_STREEBOG256 0x200
318#define SSL_HANDSHAKE_MAC_STREEBOG512 0x400
319#define SSL_HANDSHAKE_MAC_DEFAULT (SSL_HANDSHAKE_MAC_MD5 | SSL_HANDSHAKE_MAC_SHA)
320
321/* When adding new digest in the ssl_ciph.c and increment SSM_MD_NUM_IDX
322 * make sure to update this constant too */
323#define SSL_MAX_DIGEST 8
324
325#define SSL3_CK_ID 0x03000000
326#define SSL3_CK_VALUE_MASK 0x0000ffff
327
328#define TLS1_PRF_DGST_MASK (0xff << TLS1_PRF_DGST_SHIFT)
329
330#define TLS1_PRF_DGST_SHIFT 10
331#define TLS1_PRF_MD5 (SSL_HANDSHAKE_MAC_MD5 << TLS1_PRF_DGST_SHIFT)
332#define TLS1_PRF_SHA1 (SSL_HANDSHAKE_MAC_SHA << TLS1_PRF_DGST_SHIFT)
333#define TLS1_PRF_SHA256 (SSL_HANDSHAKE_MAC_SHA256 << TLS1_PRF_DGST_SHIFT)
334#define TLS1_PRF_SHA384 (SSL_HANDSHAKE_MAC_SHA384 << TLS1_PRF_DGST_SHIFT)
335#define TLS1_PRF_GOST94 (SSL_HANDSHAKE_MAC_GOST94 << TLS1_PRF_DGST_SHIFT)
336#define TLS1_PRF_STREEBOG256 (SSL_HANDSHAKE_MAC_STREEBOG256 << TLS1_PRF_DGST_SHIFT)
337#define TLS1_PRF (TLS1_PRF_MD5 | TLS1_PRF_SHA1)
338
339/* Stream MAC for GOST ciphersuites from cryptopro draft
340 * (currently this also goes into algorithm2) */
341#define TLS1_STREAM_MAC 0x04
342
343/*
344 * SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_IN_RECORD is an algorithm2 flag that
345 * indicates that the variable part of the nonce is included as a prefix of
346 * the record (AES-GCM, for example, does this with an 8-byte variable nonce.)
347 */
348#define SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_IN_RECORD (1 << 22)
349
350/*
351 * SSL_CIPHER_ALGORITHM2_AEAD is an algorithm2 flag that indicates the cipher
352 * is implemented via an EVP_AEAD.
353 */
354#define SSL_CIPHER_ALGORITHM2_AEAD (1 << 23)
355
356/*
357 * SSL_CIPHER_AEAD_FIXED_NONCE_LEN returns the number of bytes of fixed nonce
358 * for an SSL_CIPHER with the SSL_CIPHER_ALGORITHM2_AEAD flag.
359 */
360#define SSL_CIPHER_AEAD_FIXED_NONCE_LEN(ssl_cipher) \
361 (((ssl_cipher->algorithm2 >> 24) & 0xf) * 2)
362
363/*
364 * Cipher strength information.
365 */
366#define SSL_STRONG_MASK 0x000001fcL
367#define SSL_STRONG_NONE 0x00000004L
368#define SSL_LOW 0x00000020L
369#define SSL_MEDIUM 0x00000040L
370#define SSL_HIGH 0x00000080L
371
372/*
373 * The keylength (measured in RSA key bits, I guess) for temporary keys.
374 * Cipher argument is so that this can be variable in the future.
375 */
376#define SSL_C_PKEYLENGTH(c) 1024
377
378/* Check if an SSL structure is using DTLS. */
379#define SSL_IS_DTLS(s) (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_DTLS)
380
381/* See if we need explicit IV. */
382#define SSL_USE_EXPLICIT_IV(s) \
383 (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_EXPLICIT_IV)
384
385/* See if we use signature algorithms extension. */
386#define SSL_USE_SIGALGS(s) \
387 (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_SIGALGS)
388
389/* Allow TLS 1.2 ciphersuites: applies to DTLS 1.2 as well as TLS 1.2. */
390#define SSL_USE_TLS1_2_CIPHERS(s) \
391 (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_TLS1_2_CIPHERS)
392
393/* Mostly for SSLv3 */
394#define SSL_PKEY_RSA_ENC 0
395#define SSL_PKEY_RSA_SIGN 1
396#define SSL_PKEY_DSA_SIGN 2
397#define SSL_PKEY_DH_RSA 3
398#define SSL_PKEY_DH_DSA 4
399#define SSL_PKEY_ECC 5
400#define SSL_PKEY_GOST01 6
401#define SSL_PKEY_NUM 7
402
403/* SSL_kRSA <- RSA_ENC | (RSA_TMP & RSA_SIGN) |
404 * <- (EXPORT & (RSA_ENC | RSA_TMP) & RSA_SIGN)
405 * SSL_kDH <- DH_ENC & (RSA_ENC | RSA_SIGN | DSA_SIGN)
406 * SSL_kDHE <- RSA_ENC | RSA_SIGN | DSA_SIGN
407 * SSL_aRSA <- RSA_ENC | RSA_SIGN
408 * SSL_aDSS <- DSA_SIGN
409 */
410
411/*
412#define CERT_INVALID 0
413#define CERT_PUBLIC_KEY 1
414#define CERT_PRIVATE_KEY 2
415*/
416
417/* From ECC-TLS draft, used in encoding the curve type in
418 * ECParameters
419 */
420#define EXPLICIT_PRIME_CURVE_TYPE 1
421#define EXPLICIT_CHAR2_CURVE_TYPE 2
422#define NAMED_CURVE_TYPE 3
423
424typedef struct cert_pkey_st {
425 X509 *x509;
426 EVP_PKEY *privatekey;
427 /* Digest to use when signing */
428 const EVP_MD *digest;
429} CERT_PKEY;
430
431typedef struct cert_st {
432 /* Current active set */
433 CERT_PKEY *key; /* ALWAYS points to an element of the pkeys array
434 * Probably it would make more sense to store
435 * an index, not a pointer. */
436
437 /* The following masks are for the key and auth
438 * algorithms that are supported by the certs below */
439 int valid;
440 unsigned long mask_k;
441 unsigned long mask_a;
442
443 DH *dh_tmp;
444 DH *(*dh_tmp_cb)(SSL *ssl, int is_export, int keysize);
445 int dh_tmp_auto;
446
447 EC_KEY *ecdh_tmp;
448 EC_KEY *(*ecdh_tmp_cb)(SSL *ssl, int is_export, int keysize);
449 int ecdh_tmp_auto;
450
451 CERT_PKEY pkeys[SSL_PKEY_NUM];
452
453 int references; /* >1 only if SSL_copy_session_id is used */
454} CERT;
455
456
457typedef struct sess_cert_st {
458 STACK_OF(X509) *cert_chain; /* as received from peer */
459
460 /* The 'peer_...' members are used only by clients. */
461 int peer_cert_type;
462
463 CERT_PKEY *peer_key; /* points to an element of peer_pkeys (never NULL!) */
464 CERT_PKEY peer_pkeys[SSL_PKEY_NUM];
465 /* Obviously we don't have the private keys of these,
466 * so maybe we shouldn't even use the CERT_PKEY type here. */
467
468 DH *peer_dh_tmp;
469 EC_KEY *peer_ecdh_tmp;
470
471 int references; /* actually always 1 at the moment */
472} SESS_CERT;
473
474
475/*#define SSL_DEBUG */
476/*#define RSA_DEBUG */
477
478/* This is for the SSLv3/TLSv1.0 differences in crypto/hash stuff
479 * It is a bit of a mess of functions, but hell, think of it as
480 * an opaque structure :-) */
481typedef struct ssl3_enc_method {
482 int (*enc)(SSL *, int);
483 int (*mac)(SSL *, unsigned char *, int);
484 int (*setup_key_block)(SSL *);
485 int (*generate_master_secret)(SSL *, unsigned char *,
486 unsigned char *, int);
487 int (*change_cipher_state)(SSL *, int);
488 int (*final_finish_mac)(SSL *, const char *, int, unsigned char *);
489 int finish_mac_length;
490 int (*cert_verify_mac)(SSL *, int, unsigned char *);
491 const char *client_finished_label;
492 int client_finished_label_len;
493 const char *server_finished_label;
494 int server_finished_label_len;
495 int (*alert_value)(int);
496 int (*export_keying_material)(SSL *, unsigned char *, size_t,
497 const char *, size_t, const unsigned char *, size_t,
498 int use_context);
499 /* Flags indicating protocol version requirements. */
500 unsigned int enc_flags;
501} SSL3_ENC_METHOD;
502
503/*
504 * Flag values for enc_flags.
505 */
506
507/* Uses explicit IV. */
508#define SSL_ENC_FLAG_EXPLICIT_IV (1 << 0)
509
510/* Uses signature algorithms extension. */
511#define SSL_ENC_FLAG_SIGALGS (1 << 1)
512
513/* Uses SHA256 default PRF. */
514#define SSL_ENC_FLAG_SHA256_PRF (1 << 2)
515
516/* Is DTLS. */
517#define SSL_ENC_FLAG_DTLS (1 << 3)
518
519/* Allow TLS 1.2 ciphersuites: applies to DTLS 1.2 as well as TLS 1.2. */
520#define SSL_ENC_FLAG_TLS1_2_CIPHERS (1 << 4)
521
522/*
523 * ssl_aead_ctx_st contains information about an AEAD that is being used to
524 * encrypt an SSL connection.
525 */
526struct ssl_aead_ctx_st {
527 EVP_AEAD_CTX ctx;
528 /*
529 * fixed_nonce contains any bytes of the nonce that are fixed for all
530 * records.
531 */
532 unsigned char fixed_nonce[8];
533 unsigned char fixed_nonce_len;
534 unsigned char variable_nonce_len;
535 unsigned char tag_len;
536 /*
537 * variable_nonce_in_record is non-zero if the variable nonce
538 * for a record is included as a prefix before the ciphertext.
539 */
540 char variable_nonce_in_record;
541};
542
543extern SSL3_ENC_METHOD ssl3_undef_enc_method;
544extern SSL_CIPHER ssl3_ciphers[];
545
546SSL_METHOD *ssl_bad_method(int ver);
547const char *ssl_version_string(int ver);
548uint16_t ssl_max_server_version(SSL *s);
549
550extern SSL3_ENC_METHOD TLSv1_enc_data;
551extern SSL3_ENC_METHOD TLSv1_1_enc_data;
552extern SSL3_ENC_METHOD TLSv1_2_enc_data;
553extern SSL3_ENC_METHOD SSLv3_enc_data;
554extern SSL3_ENC_METHOD DTLSv1_enc_data;
555
556void ssl_clear_cipher_ctx(SSL *s);
557int ssl_clear_bad_session(SSL *s);
558CERT *ssl_cert_new(void);
559CERT *ssl_cert_dup(CERT *cert);
560int ssl_cert_inst(CERT **o);
561void ssl_cert_free(CERT *c);
562SESS_CERT *ssl_sess_cert_new(void);
563void ssl_sess_cert_free(SESS_CERT *sc);
564int ssl_set_peer_cert_type(SESS_CERT *c, int type);
565int ssl_get_new_session(SSL *s, int session);
566int ssl_get_prev_session(SSL *s, unsigned char *session, int len,
567 const unsigned char *limit);
568int ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b);
569DECLARE_OBJ_BSEARCH_GLOBAL_CMP_FN(SSL_CIPHER, SSL_CIPHER, ssl_cipher_id);
570int ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap,
571 const SSL_CIPHER * const *bp);
572STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, const unsigned char *p,
573 int num);
574int ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk,
575 unsigned char *p);
576STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *meth,
577 STACK_OF(SSL_CIPHER) **pref, STACK_OF(SSL_CIPHER) **sorted,
578 const char *rule_str);
579void ssl_update_cache(SSL *s, int mode);
580int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
581 const EVP_MD **md, int *mac_pkey_type, int *mac_secret_size);
582int ssl_cipher_get_evp_aead(const SSL_SESSION *s, const EVP_AEAD **aead);
583int ssl_get_handshake_digest(int i, long *mask, const EVP_MD **md);
584
585int ssl_verify_cert_chain(SSL *s, STACK_OF(X509) *sk);
586int ssl_undefined_function(SSL *s);
587int ssl_undefined_void_function(void);
588int ssl_undefined_const_function(const SSL *s);
589CERT_PKEY *ssl_get_server_send_pkey(const SSL *s);
590X509 *ssl_get_server_send_cert(const SSL *);
591EVP_PKEY *ssl_get_sign_pkey(SSL *s, const SSL_CIPHER *c, const EVP_MD **pmd);
592DH *ssl_get_auto_dh(SSL *s);
593int ssl_cert_type(X509 *x, EVP_PKEY *pkey);
594void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher);
595STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s);
596int ssl_verify_alarm_type(long type);
597void ssl_load_ciphers(void);
598
599const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p);
600int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p);
601int ssl3_init_finished_mac(SSL *s);
602int ssl3_send_server_certificate(SSL *s);
603int ssl3_send_newsession_ticket(SSL *s);
604int ssl3_send_cert_status(SSL *s);
605int ssl3_get_finished(SSL *s, int state_a, int state_b);
606int ssl3_setup_key_block(SSL *s);
607int ssl3_send_change_cipher_spec(SSL *s, int state_a, int state_b);
608int ssl3_change_cipher_state(SSL *s, int which);
609void ssl3_cleanup_key_block(SSL *s);
610int ssl3_do_write(SSL *s, int type);
611int ssl3_send_alert(SSL *s, int level, int desc);
612int ssl3_generate_master_secret(SSL *s, unsigned char *out,
613 unsigned char *p, int len);
614int ssl3_get_req_cert_type(SSL *s, unsigned char *p);
615long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok);
616int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen);
617int ssl3_num_ciphers(void);
618const SSL_CIPHER *ssl3_get_cipher(unsigned int u);
619const SSL_CIPHER *ssl3_get_cipher_by_id(unsigned int id);
620const SSL_CIPHER *ssl3_get_cipher_by_value(uint16_t value);
621uint16_t ssl3_cipher_get_value(const SSL_CIPHER *c);
622int ssl3_renegotiate(SSL *ssl);
623
624int ssl3_renegotiate_check(SSL *ssl);
625
626int ssl3_dispatch_alert(SSL *s);
627int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek);
628int ssl3_write_bytes(SSL *s, int type, const void *buf, int len);
629int ssl3_final_finish_mac(SSL *s, const char *sender, int slen,
630 unsigned char *p);
631int ssl3_cert_verify_mac(SSL *s, int md_nid, unsigned char *p);
632void ssl3_finish_mac(SSL *s, const unsigned char *buf, int len);
633int ssl3_enc(SSL *s, int send_data);
634int n_ssl3_mac(SSL *ssl, unsigned char *md, int send_data);
635void ssl3_free_digest_list(SSL *s);
636unsigned long ssl3_output_cert_chain(SSL *s, X509 *x);
637SSL_CIPHER *ssl3_choose_cipher(SSL *ssl, STACK_OF(SSL_CIPHER) *clnt,
638 STACK_OF(SSL_CIPHER) *srvr);
639int ssl3_setup_buffers(SSL *s);
640int ssl3_setup_init_buffer(SSL *s);
641int ssl3_setup_read_buffer(SSL *s);
642int ssl3_setup_write_buffer(SSL *s);
643int ssl3_release_read_buffer(SSL *s);
644int ssl3_release_write_buffer(SSL *s);
645int ssl3_digest_cached_records(SSL *s);
646int ssl3_new(SSL *s);
647void ssl3_free(SSL *s);
648int ssl3_accept(SSL *s);
649int ssl3_connect(SSL *s);
650int ssl3_read(SSL *s, void *buf, int len);
651int ssl3_peek(SSL *s, void *buf, int len);
652int ssl3_write(SSL *s, const void *buf, int len);
653int ssl3_shutdown(SSL *s);
654void ssl3_clear(SSL *s);
655long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg);
656long ssl3_ctx_ctrl(SSL_CTX *s, int cmd, long larg, void *parg);
657long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)(void));
658long ssl3_ctx_callback_ctrl(SSL_CTX *s, int cmd, void (*fp)(void));
659int ssl3_pending(const SSL *s);
660
661unsigned char *ssl3_handshake_msg_start(SSL *s, uint8_t htype);
662void ssl3_handshake_msg_finish(SSL *s, unsigned int len);
663int ssl3_handshake_write(SSL *s);
664
665void ssl3_record_sequence_increment(unsigned char *seq);
666int ssl3_do_change_cipher_spec(SSL *ssl);
667long ssl3_default_timeout(void);
668
669int ssl23_read(SSL *s, void *buf, int len);
670int ssl23_peek(SSL *s, void *buf, int len);
671int ssl23_write(SSL *s, const void *buf, int len);
672long ssl23_default_timeout(void);
673
674long tls1_default_timeout(void);
675int dtls1_do_write(SSL *s, int type);
676int ssl3_read_n(SSL *s, int n, int max, int extend);
677int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek);
678int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
679 unsigned int len);
680unsigned char *dtls1_set_message_header(SSL *s, unsigned char *p,
681 unsigned char mt, unsigned long len, unsigned long frag_off,
682 unsigned long frag_len);
683
684int dtls1_write_app_data_bytes(SSL *s, int type, const void *buf, int len);
685int dtls1_write_bytes(SSL *s, int type, const void *buf, int len);
686
687int dtls1_send_change_cipher_spec(SSL *s, int a, int b);
688int dtls1_send_finished(SSL *s, int a, int b, const char *sender, int slen);
689unsigned long dtls1_output_cert_chain(SSL *s, X509 *x);
690int dtls1_read_failed(SSL *s, int code);
691int dtls1_buffer_message(SSL *s, int ccs);
692int dtls1_retransmit_message(SSL *s, unsigned short seq,
693 unsigned long frag_off, int *found);
694int dtls1_get_queue_priority(unsigned short seq, int is_ccs);
695int dtls1_retransmit_buffered_messages(SSL *s);
696void dtls1_clear_record_buffer(SSL *s);
697int dtls1_get_message_header(unsigned char *data,
698 struct hm_header_st *msg_hdr);
699void dtls1_get_ccs_header(unsigned char *data, struct ccs_header_st *ccs_hdr);
700void dtls1_reset_seq_numbers(SSL *s, int rw);
701void dtls1_build_sequence_number(unsigned char *dst, unsigned char *seq,
702 unsigned short epoch);
703long dtls1_default_timeout(void);
704struct timeval* dtls1_get_timeout(SSL *s, struct timeval* timeleft);
705int dtls1_check_timeout_num(SSL *s);
706int dtls1_handle_timeout(SSL *s);
707const SSL_CIPHER *dtls1_get_cipher(unsigned int u);
708void dtls1_start_timer(SSL *s);
709void dtls1_stop_timer(SSL *s);
710int dtls1_is_timer_expired(SSL *s);
711void dtls1_double_timeout(SSL *s);
712int dtls1_send_newsession_ticket(SSL *s);
713unsigned int dtls1_min_mtu(void);
714
715/* some client-only functions */
716int ssl3_client_hello(SSL *s);
717int ssl3_get_server_hello(SSL *s);
718int ssl3_get_certificate_request(SSL *s);
719int ssl3_get_new_session_ticket(SSL *s);
720int ssl3_get_cert_status(SSL *s);
721int ssl3_get_server_done(SSL *s);
722int ssl3_send_client_verify(SSL *s);
723int ssl3_send_client_certificate(SSL *s);
724int ssl_do_client_cert_cb(SSL *s, X509 **px509, EVP_PKEY **ppkey);
725int ssl3_send_client_key_exchange(SSL *s);
726int ssl3_get_key_exchange(SSL *s);
727int ssl3_get_server_certificate(SSL *s);
728int ssl3_check_cert_and_algorithm(SSL *s);
729int ssl3_check_finished(SSL *s);
730int ssl3_send_next_proto(SSL *s);
731
732int dtls1_client_hello(SSL *s);
733int dtls1_send_client_certificate(SSL *s);
734int dtls1_send_client_key_exchange(SSL *s);
735int dtls1_send_client_verify(SSL *s);
736
737/* some server-only functions */
738int ssl3_get_client_hello(SSL *s);
739int ssl3_send_server_hello(SSL *s);
740int ssl3_send_hello_request(SSL *s);
741int ssl3_send_server_key_exchange(SSL *s);
742int ssl3_send_certificate_request(SSL *s);
743int ssl3_send_server_done(SSL *s);
744int ssl3_get_client_certificate(SSL *s);
745int ssl3_get_client_key_exchange(SSL *s);
746int ssl3_get_cert_verify(SSL *s);
747int ssl3_get_next_proto(SSL *s);
748
749int dtls1_send_hello_request(SSL *s);
750int dtls1_send_server_hello(SSL *s);
751int dtls1_send_server_certificate(SSL *s);
752int dtls1_send_server_key_exchange(SSL *s);
753int dtls1_send_certificate_request(SSL *s);
754int dtls1_send_server_done(SSL *s);
755
756int ssl23_accept(SSL *s);
757int ssl23_connect(SSL *s);
758int ssl23_read_bytes(SSL *s, int n);
759int ssl23_write_bytes(SSL *s);
760int tls_any_accept(SSL *s);
761int tls_any_connect(SSL *s);
762
763int tls1_new(SSL *s);
764void tls1_free(SSL *s);
765void tls1_clear(SSL *s);
766long tls1_ctrl(SSL *s, int cmd, long larg, void *parg);
767long tls1_callback_ctrl(SSL *s, int cmd, void (*fp)(void));
768
769int dtls1_new(SSL *s);
770int dtls1_accept(SSL *s);
771int dtls1_connect(SSL *s);
772void dtls1_free(SSL *s);
773void dtls1_clear(SSL *s);
774long dtls1_ctrl(SSL *s, int cmd, long larg, void *parg);
775int dtls1_shutdown(SSL *s);
776
777long dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok);
778int dtls1_get_record(SSL *s);
779int do_dtls1_write(SSL *s, int type, const unsigned char *buf,
780 unsigned int len);
781int dtls1_dispatch_alert(SSL *s);
782int dtls1_enc(SSL *s, int snd);
783
784int ssl_init_wbio_buffer(SSL *s, int push);
785void ssl_free_wbio_buffer(SSL *s);
786
787int tls1_change_cipher_state(SSL *s, int which);
788int tls1_setup_key_block(SSL *s);
789int tls1_enc(SSL *s, int snd);
790int tls1_final_finish_mac(SSL *s, const char *str, int slen, unsigned char *p);
791int tls1_cert_verify_mac(SSL *s, int md_nid, unsigned char *p);
792int tls1_mac(SSL *ssl, unsigned char *md, int snd);
793int tls1_generate_master_secret(SSL *s, unsigned char *out,
794 unsigned char *p, int len);
795int tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen,
796 const char *label, size_t llen, const unsigned char *p, size_t plen,
797 int use_context);
798int tls1_alert_code(int code);
799int ssl3_alert_code(int code);
800int ssl_ok(SSL *s);
801
802int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s);
803
804SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n);
805
806int tls1_ec_curve_id2nid(uint16_t curve_id);
807uint16_t tls1_ec_nid2curve_id(int nid);
808int tls1_check_curve(SSL *s, const unsigned char *p, size_t len);
809int tls1_get_shared_curve(SSL *s);
810
811unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p,
812 unsigned char *limit);
813
814unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p,
815 unsigned char *limit);
816
817int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **data,
818 unsigned char *d, int n, int *al);
819int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **data,
820 unsigned char *d, int n, int *al);
821int ssl_prepare_clienthello_tlsext(SSL *s);
822int ssl_prepare_serverhello_tlsext(SSL *s);
823int ssl_check_clienthello_tlsext_early(SSL *s);
824int ssl_check_clienthello_tlsext_late(SSL *s);
825int ssl_check_serverhello_tlsext(SSL *s);
826
827#define tlsext_tick_md EVP_sha256
828int tls1_process_ticket(SSL *s, const unsigned char *session_id, int len,
829 const unsigned char *limit, SSL_SESSION **ret);
830int tls12_get_sigandhash(unsigned char *p, const EVP_PKEY *pk,
831 const EVP_MD *md);
832int tls12_get_sigid(const EVP_PKEY *pk);
833const EVP_MD *tls12_get_hash(unsigned char hash_alg);
834
835EVP_MD_CTX* ssl_replace_hash(EVP_MD_CTX **hash, const EVP_MD *md);
836void ssl_clear_hash_ctx(EVP_MD_CTX **hash);
837int ssl_add_serverhello_renegotiate_ext(SSL *s, unsigned char *p,
838 int *len, int maxlen);
839int ssl_parse_serverhello_renegotiate_ext(SSL *s, const unsigned char *d,
840 int len, int *al);
841int ssl_add_clienthello_renegotiate_ext(SSL *s, unsigned char *p,
842 int *len, int maxlen);
843int ssl_parse_clienthello_renegotiate_ext(SSL *s, const unsigned char *d,
844 int len, int *al);
845long ssl_get_algorithm2(SSL *s);
846int tls1_process_sigalgs(SSL *s, const unsigned char *data, int dsize);
847int tls12_get_req_sig_algs(SSL *s, unsigned char *p);
848
849int tls1_check_ec_server_key(SSL *s);
850int tls1_check_ec_tmp_key(SSL *s);
851
852int ssl_add_clienthello_use_srtp_ext(SSL *s, unsigned char *p,
853 int *len, int maxlen);
854int ssl_parse_clienthello_use_srtp_ext(SSL *s, const unsigned char *d,
855 int len, int *al);
856int ssl_add_serverhello_use_srtp_ext(SSL *s, unsigned char *p,
857 int *len, int maxlen);
858int ssl_parse_serverhello_use_srtp_ext(SSL *s, const unsigned char *d,
859 int len, int *al);
860
861/* s3_cbc.c */
862void ssl3_cbc_copy_mac(unsigned char *out, const SSL3_RECORD *rec,
863 unsigned md_size, unsigned orig_len);
864int ssl3_cbc_remove_padding(const SSL *s, SSL3_RECORD *rec,
865 unsigned block_size, unsigned mac_size);
866int tls1_cbc_remove_padding(const SSL *s, SSL3_RECORD *rec,
867 unsigned block_size, unsigned mac_size);
868char ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx);
869int ssl3_cbc_digest_record(const EVP_MD_CTX *ctx, unsigned char *md_out,
870 size_t *md_out_size, const unsigned char header[13],
871 const unsigned char *data, size_t data_plus_mac_size,
872 size_t data_plus_mac_plus_padding_size, const unsigned char *mac_secret,
873 unsigned mac_secret_length, char is_sslv3);
874
875#endif
diff --git a/src/lib/libssl/ssl_rsa.c b/src/lib/libssl/ssl_rsa.c
deleted file mode 100644
index 039bee7952..0000000000
--- a/src/lib/libssl/ssl_rsa.c
+++ /dev/null
@@ -1,755 +0,0 @@
1/* $OpenBSD: ssl_rsa.c,v 1.20 2015/02/06 01:37:11 reyk Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include "ssl_locl.h"
62
63#include <openssl/bio.h>
64#include <openssl/evp.h>
65#include <openssl/objects.h>
66#include <openssl/pem.h>
67#include <openssl/x509.h>
68
69static int ssl_set_cert(CERT *c, X509 *x509);
70static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey);
71static int ssl_ctx_use_certificate_chain_bio(SSL_CTX *, BIO *);
72
73int
74SSL_use_certificate(SSL *ssl, X509 *x)
75{
76 if (x == NULL) {
77 SSLerr(SSL_F_SSL_USE_CERTIFICATE, ERR_R_PASSED_NULL_PARAMETER);
78 return (0);
79 }
80 if (!ssl_cert_inst(&ssl->cert)) {
81 SSLerr(SSL_F_SSL_USE_CERTIFICATE, ERR_R_MALLOC_FAILURE);
82 return (0);
83 }
84 return (ssl_set_cert(ssl->cert, x));
85}
86
87int
88SSL_use_certificate_file(SSL *ssl, const char *file, int type)
89{
90 int j;
91 BIO *in;
92 int ret = 0;
93 X509 *x = NULL;
94
95 in = BIO_new(BIO_s_file_internal());
96 if (in == NULL) {
97 SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, ERR_R_BUF_LIB);
98 goto end;
99 }
100
101 if (BIO_read_filename(in, file) <= 0) {
102 SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, ERR_R_SYS_LIB);
103 goto end;
104 }
105 if (type == SSL_FILETYPE_ASN1) {
106 j = ERR_R_ASN1_LIB;
107 x = d2i_X509_bio(in, NULL);
108 } else if (type == SSL_FILETYPE_PEM) {
109 j = ERR_R_PEM_LIB;
110 x = PEM_read_bio_X509(in, NULL,
111 ssl->ctx->default_passwd_callback,
112 ssl->ctx->default_passwd_callback_userdata);
113 } else {
114 SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, SSL_R_BAD_SSL_FILETYPE);
115 goto end;
116 }
117
118 if (x == NULL) {
119 SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, j);
120 goto end;
121 }
122
123 ret = SSL_use_certificate(ssl, x);
124end:
125 if (x != NULL)
126 X509_free(x);
127 BIO_free(in);
128 return (ret);
129}
130
131int
132SSL_use_certificate_ASN1(SSL *ssl, const unsigned char *d, int len)
133{
134 X509 *x;
135 int ret;
136
137 x = d2i_X509(NULL, &d,(long)len);
138 if (x == NULL) {
139 SSLerr(SSL_F_SSL_USE_CERTIFICATE_ASN1, ERR_R_ASN1_LIB);
140 return (0);
141 }
142
143 ret = SSL_use_certificate(ssl, x);
144 X509_free(x);
145 return (ret);
146}
147
148int
149SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa)
150{
151 EVP_PKEY *pkey;
152 int ret;
153
154 if (rsa == NULL) {
155 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER);
156 return (0);
157 }
158 if (!ssl_cert_inst(&ssl->cert)) {
159 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY, ERR_R_MALLOC_FAILURE);
160 return (0);
161 }
162 if ((pkey = EVP_PKEY_new()) == NULL) {
163 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY, ERR_R_EVP_LIB);
164 return (0);
165 }
166
167 RSA_up_ref(rsa);
168 EVP_PKEY_assign_RSA(pkey, rsa);
169
170 ret = ssl_set_pkey(ssl->cert, pkey);
171 EVP_PKEY_free(pkey);
172 return (ret);
173}
174
175static int
176ssl_set_pkey(CERT *c, EVP_PKEY *pkey)
177{
178 int i;
179
180 i = ssl_cert_type(NULL, pkey);
181 if (i < 0) {
182 SSLerr(SSL_F_SSL_SET_PKEY, SSL_R_UNKNOWN_CERTIFICATE_TYPE);
183 return (0);
184 }
185
186 if (c->pkeys[i].x509 != NULL) {
187 EVP_PKEY *pktmp;
188 pktmp = X509_get_pubkey(c->pkeys[i].x509);
189 EVP_PKEY_copy_parameters(pktmp, pkey);
190 EVP_PKEY_free(pktmp);
191 ERR_clear_error();
192
193 /*
194 * Don't check the public/private key, this is mostly
195 * for smart cards.
196 */
197 if ((pkey->type == EVP_PKEY_RSA) &&
198 (RSA_flags(pkey->pkey.rsa) & RSA_METHOD_FLAG_NO_CHECK))
199;
200 else
201 if (!X509_check_private_key(c->pkeys[i].x509, pkey)) {
202 X509_free(c->pkeys[i].x509);
203 c->pkeys[i].x509 = NULL;
204 return 0;
205 }
206 }
207
208 EVP_PKEY_free(c->pkeys[i].privatekey);
209 CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
210 c->pkeys[i].privatekey = pkey;
211 c->key = &(c->pkeys[i]);
212
213 c->valid = 0;
214 return (1);
215}
216
217int
218SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type)
219{
220 int j, ret = 0;
221 BIO *in;
222 RSA *rsa = NULL;
223
224 in = BIO_new(BIO_s_file_internal());
225 if (in == NULL) {
226 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, ERR_R_BUF_LIB);
227 goto end;
228 }
229
230 if (BIO_read_filename(in, file) <= 0) {
231 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, ERR_R_SYS_LIB);
232 goto end;
233 }
234 if (type == SSL_FILETYPE_ASN1) {
235 j = ERR_R_ASN1_LIB;
236 rsa = d2i_RSAPrivateKey_bio(in, NULL);
237 } else if (type == SSL_FILETYPE_PEM) {
238 j = ERR_R_PEM_LIB;
239 rsa = PEM_read_bio_RSAPrivateKey(in, NULL,
240 ssl->ctx->default_passwd_callback,
241 ssl->ctx->default_passwd_callback_userdata);
242 } else {
243 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE);
244 goto end;
245 }
246 if (rsa == NULL) {
247 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, j);
248 goto end;
249 }
250 ret = SSL_use_RSAPrivateKey(ssl, rsa);
251 RSA_free(rsa);
252end:
253 BIO_free(in);
254 return (ret);
255}
256
257int
258SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len)
259{
260 int ret;
261 const unsigned char *p;
262 RSA *rsa;
263
264 p = d;
265 if ((rsa = d2i_RSAPrivateKey(NULL, &p,(long)len)) == NULL) {
266 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1, ERR_R_ASN1_LIB);
267 return (0);
268 }
269
270 ret = SSL_use_RSAPrivateKey(ssl, rsa);
271 RSA_free(rsa);
272 return (ret);
273}
274
275int
276SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey)
277{
278 int ret;
279
280 if (pkey == NULL) {
281 SSLerr(SSL_F_SSL_USE_PRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER);
282 return (0);
283 }
284 if (!ssl_cert_inst(&ssl->cert)) {
285 SSLerr(SSL_F_SSL_USE_PRIVATEKEY, ERR_R_MALLOC_FAILURE);
286 return (0);
287 }
288 ret = ssl_set_pkey(ssl->cert, pkey);
289 return (ret);
290}
291
292int
293SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type)
294{
295 int j, ret = 0;
296 BIO *in;
297 EVP_PKEY *pkey = NULL;
298
299 in = BIO_new(BIO_s_file_internal());
300 if (in == NULL) {
301 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE, ERR_R_BUF_LIB);
302 goto end;
303 }
304
305 if (BIO_read_filename(in, file) <= 0) {
306 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE, ERR_R_SYS_LIB);
307 goto end;
308 }
309 if (type == SSL_FILETYPE_PEM) {
310 j = ERR_R_PEM_LIB;
311 pkey = PEM_read_bio_PrivateKey(in, NULL,
312 ssl->ctx->default_passwd_callback,
313 ssl->ctx->default_passwd_callback_userdata);
314 } else if (type == SSL_FILETYPE_ASN1) {
315 j = ERR_R_ASN1_LIB;
316 pkey = d2i_PrivateKey_bio(in, NULL);
317 } else {
318 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE);
319 goto end;
320 }
321 if (pkey == NULL) {
322 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE, j);
323 goto end;
324 }
325 ret = SSL_use_PrivateKey(ssl, pkey);
326 EVP_PKEY_free(pkey);
327end:
328 BIO_free(in);
329 return (ret);
330}
331
332int
333SSL_use_PrivateKey_ASN1(int type, SSL *ssl, const unsigned char *d, long len)
334{
335 int ret;
336 const unsigned char *p;
337 EVP_PKEY *pkey;
338
339 p = d;
340 if ((pkey = d2i_PrivateKey(type, NULL, &p,(long)len)) == NULL) {
341 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_ASN1, ERR_R_ASN1_LIB);
342 return (0);
343 }
344
345 ret = SSL_use_PrivateKey(ssl, pkey);
346 EVP_PKEY_free(pkey);
347 return (ret);
348}
349
350int
351SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x)
352{
353 if (x == NULL) {
354 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE, ERR_R_PASSED_NULL_PARAMETER);
355 return (0);
356 }
357 if (!ssl_cert_inst(&ctx->cert)) {
358 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE, ERR_R_MALLOC_FAILURE);
359 return (0);
360 }
361 return (ssl_set_cert(ctx->cert, x));
362}
363
364static int
365ssl_set_cert(CERT *c, X509 *x)
366{
367 EVP_PKEY *pkey;
368 int i;
369
370 pkey = X509_get_pubkey(x);
371 if (pkey == NULL) {
372 SSLerr(SSL_F_SSL_SET_CERT, SSL_R_X509_LIB);
373 return (0);
374 }
375
376 i = ssl_cert_type(x, pkey);
377 if (i < 0) {
378 SSLerr(SSL_F_SSL_SET_CERT, SSL_R_UNKNOWN_CERTIFICATE_TYPE);
379 EVP_PKEY_free(pkey);
380 return (0);
381 }
382
383 if (c->pkeys[i].privatekey != NULL) {
384 EVP_PKEY_copy_parameters(pkey, c->pkeys[i].privatekey);
385 ERR_clear_error();
386
387 /*
388 * Don't check the public/private key, this is mostly
389 * for smart cards.
390 */
391 if ((c->pkeys[i].privatekey->type == EVP_PKEY_RSA) &&
392 (RSA_flags(c->pkeys[i].privatekey->pkey.rsa) &
393 RSA_METHOD_FLAG_NO_CHECK))
394;
395 else
396 if (!X509_check_private_key(x, c->pkeys[i].privatekey)) {
397 /*
398 * don't fail for a cert/key mismatch, just free
399 * current private key (when switching to a different
400 * cert & key, first this function should be used,
401 * then ssl_set_pkey
402 */
403 EVP_PKEY_free(c->pkeys[i].privatekey);
404 c->pkeys[i].privatekey = NULL;
405 /* clear error queue */
406 ERR_clear_error();
407 }
408 }
409
410 EVP_PKEY_free(pkey);
411
412 if (c->pkeys[i].x509 != NULL)
413 X509_free(c->pkeys[i].x509);
414 CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
415 c->pkeys[i].x509 = x;
416 c->key = &(c->pkeys[i]);
417
418 c->valid = 0;
419 return (1);
420}
421
422int
423SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type)
424{
425 int j;
426 BIO *in;
427 int ret = 0;
428 X509 *x = NULL;
429
430 in = BIO_new(BIO_s_file_internal());
431 if (in == NULL) {
432 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, ERR_R_BUF_LIB);
433 goto end;
434 }
435
436 if (BIO_read_filename(in, file) <= 0) {
437 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, ERR_R_SYS_LIB);
438 goto end;
439 }
440 if (type == SSL_FILETYPE_ASN1) {
441 j = ERR_R_ASN1_LIB;
442 x = d2i_X509_bio(in, NULL);
443 } else if (type == SSL_FILETYPE_PEM) {
444 j = ERR_R_PEM_LIB;
445 x = PEM_read_bio_X509(in, NULL, ctx->default_passwd_callback,
446 ctx->default_passwd_callback_userdata);
447 } else {
448 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, SSL_R_BAD_SSL_FILETYPE);
449 goto end;
450 }
451
452 if (x == NULL) {
453 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, j);
454 goto end;
455 }
456
457 ret = SSL_CTX_use_certificate(ctx, x);
458end:
459 if (x != NULL)
460 X509_free(x);
461 BIO_free(in);
462 return (ret);
463}
464
465int
466SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, const unsigned char *d)
467{
468 X509 *x;
469 int ret;
470
471 x = d2i_X509(NULL, &d,(long)len);
472 if (x == NULL) {
473 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1, ERR_R_ASN1_LIB);
474 return (0);
475 }
476
477 ret = SSL_CTX_use_certificate(ctx, x);
478 X509_free(x);
479 return (ret);
480}
481
482int
483SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa)
484{
485 int ret;
486 EVP_PKEY *pkey;
487
488 if (rsa == NULL) {
489 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER);
490 return (0);
491 }
492 if (!ssl_cert_inst(&ctx->cert)) {
493 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY, ERR_R_MALLOC_FAILURE);
494 return (0);
495 }
496 if ((pkey = EVP_PKEY_new()) == NULL) {
497 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY, ERR_R_EVP_LIB);
498 return (0);
499 }
500
501 RSA_up_ref(rsa);
502 EVP_PKEY_assign_RSA(pkey, rsa);
503
504 ret = ssl_set_pkey(ctx->cert, pkey);
505 EVP_PKEY_free(pkey);
506 return (ret);
507}
508
509int
510SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type)
511{
512 int j, ret = 0;
513 BIO *in;
514 RSA *rsa = NULL;
515
516 in = BIO_new(BIO_s_file_internal());
517 if (in == NULL) {
518 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE, ERR_R_BUF_LIB);
519 goto end;
520 }
521
522 if (BIO_read_filename(in, file) <= 0) {
523 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE, ERR_R_SYS_LIB);
524 goto end;
525 }
526 if (type == SSL_FILETYPE_ASN1) {
527 j = ERR_R_ASN1_LIB;
528 rsa = d2i_RSAPrivateKey_bio(in, NULL);
529 } else if (type == SSL_FILETYPE_PEM) {
530 j = ERR_R_PEM_LIB;
531 rsa = PEM_read_bio_RSAPrivateKey(in, NULL,
532 ctx->default_passwd_callback,
533 ctx->default_passwd_callback_userdata);
534 } else {
535 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE);
536 goto end;
537 }
538 if (rsa == NULL) {
539 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE, j);
540 goto end;
541 }
542 ret = SSL_CTX_use_RSAPrivateKey(ctx, rsa);
543 RSA_free(rsa);
544end:
545 BIO_free(in);
546 return (ret);
547}
548
549int
550SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, const unsigned char *d, long len)
551{
552 int ret;
553 const unsigned char *p;
554 RSA *rsa;
555
556 p = d;
557 if ((rsa = d2i_RSAPrivateKey(NULL, &p,(long)len)) == NULL) {
558 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1, ERR_R_ASN1_LIB);
559 return (0);
560 }
561
562 ret = SSL_CTX_use_RSAPrivateKey(ctx, rsa);
563 RSA_free(rsa);
564 return (ret);
565}
566
567int
568SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey)
569{
570 if (pkey == NULL) {
571 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY,
572 ERR_R_PASSED_NULL_PARAMETER);
573 return (0);
574 }
575 if (!ssl_cert_inst(&ctx->cert)) {
576 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY, ERR_R_MALLOC_FAILURE);
577 return (0);
578 }
579 return (ssl_set_pkey(ctx->cert, pkey));
580}
581
582int
583SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type)
584{
585 int j, ret = 0;
586 BIO *in;
587 EVP_PKEY *pkey = NULL;
588
589 in = BIO_new(BIO_s_file_internal());
590 if (in == NULL) {
591 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, ERR_R_BUF_LIB);
592 goto end;
593 }
594
595 if (BIO_read_filename(in, file) <= 0) {
596 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, ERR_R_SYS_LIB);
597 goto end;
598 }
599 if (type == SSL_FILETYPE_PEM) {
600 j = ERR_R_PEM_LIB;
601 pkey = PEM_read_bio_PrivateKey(in, NULL,
602 ctx->default_passwd_callback,
603 ctx->default_passwd_callback_userdata);
604 } else if (type == SSL_FILETYPE_ASN1) {
605 j = ERR_R_ASN1_LIB;
606 pkey = d2i_PrivateKey_bio(in, NULL);
607 } else {
608 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,
609 SSL_R_BAD_SSL_FILETYPE);
610 goto end;
611 }
612 if (pkey == NULL) {
613 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, j);
614 goto end;
615 }
616 ret = SSL_CTX_use_PrivateKey(ctx, pkey);
617 EVP_PKEY_free(pkey);
618end:
619 BIO_free(in);
620 return (ret);
621}
622
623int
624SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx, const unsigned char *d,
625 long len)
626{
627 int ret;
628 const unsigned char *p;
629 EVP_PKEY *pkey;
630
631 p = d;
632 if ((pkey = d2i_PrivateKey(type, NULL, &p,(long)len)) == NULL) {
633 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1, ERR_R_ASN1_LIB);
634 return (0);
635 }
636
637 ret = SSL_CTX_use_PrivateKey(ctx, pkey);
638 EVP_PKEY_free(pkey);
639 return (ret);
640}
641
642
643/*
644 * Read a bio that contains our certificate in "PEM" format,
645 * possibly followed by a sequence of CA certificates that should be
646 * sent to the peer in the Certificate message.
647 */
648static int
649ssl_ctx_use_certificate_chain_bio(SSL_CTX *ctx, BIO *in)
650{
651 int ret = 0;
652 X509 *x = NULL;
653
654 ERR_clear_error(); /* clear error stack for SSL_CTX_use_certificate() */
655
656 x = PEM_read_bio_X509_AUX(in, NULL, ctx->default_passwd_callback,
657 ctx->default_passwd_callback_userdata);
658 if (x == NULL) {
659 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE, ERR_R_PEM_LIB);
660 goto end;
661 }
662
663 ret = SSL_CTX_use_certificate(ctx, x);
664
665 if (ERR_peek_error() != 0)
666 ret = 0;
667 /* Key/certificate mismatch doesn't imply ret==0 ... */
668 if (ret) {
669 /*
670 * If we could set up our certificate, now proceed to
671 * the CA certificates.
672 */
673 X509 *ca;
674 int r;
675 unsigned long err;
676
677 if (ctx->extra_certs != NULL) {
678 sk_X509_pop_free(ctx->extra_certs, X509_free);
679 ctx->extra_certs = NULL;
680 }
681
682 while ((ca = PEM_read_bio_X509(in, NULL,
683 ctx->default_passwd_callback,
684 ctx->default_passwd_callback_userdata)) != NULL) {
685 r = SSL_CTX_add_extra_chain_cert(ctx, ca);
686 if (!r) {
687 X509_free(ca);
688 ret = 0;
689 goto end;
690 }
691 /*
692 * Note that we must not free r if it was successfully
693 * added to the chain (while we must free the main
694 * certificate, since its reference count is increased
695 * by SSL_CTX_use_certificate).
696 */
697 }
698
699 /* When the while loop ends, it's usually just EOF. */
700 err = ERR_peek_last_error();
701 if (ERR_GET_LIB(err) == ERR_LIB_PEM &&
702 ERR_GET_REASON(err) == PEM_R_NO_START_LINE)
703 ERR_clear_error();
704 else
705 ret = 0; /* some real error */
706 }
707
708end:
709 if (x != NULL)
710 X509_free(x);
711 return (ret);
712}
713
714int
715SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file)
716{
717 BIO *in;
718 int ret = 0;
719
720 in = BIO_new(BIO_s_file_internal());
721 if (in == NULL) {
722 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE, ERR_R_BUF_LIB);
723 goto end;
724 }
725
726 if (BIO_read_filename(in, file) <= 0) {
727 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE, ERR_R_SYS_LIB);
728 goto end;
729 }
730
731 ret = ssl_ctx_use_certificate_chain_bio(ctx, in);
732
733end:
734 BIO_free(in);
735 return (ret);
736}
737
738int
739SSL_CTX_use_certificate_chain_mem(SSL_CTX *ctx, void *buf, int len)
740{
741 BIO *in;
742 int ret = 0;
743
744 in = BIO_new_mem_buf(buf, len);
745 if (in == NULL) {
746 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE, ERR_R_BUF_LIB);
747 goto end;
748 }
749
750 ret = ssl_ctx_use_certificate_chain_bio(ctx, in);
751
752end:
753 BIO_free(in);
754 return (ret);
755}
diff --git a/src/lib/libssl/ssl_sess.c b/src/lib/libssl/ssl_sess.c
deleted file mode 100644
index ef5b9be56d..0000000000
--- a/src/lib/libssl/ssl_sess.c
+++ /dev/null
@@ -1,1102 +0,0 @@
1/* $OpenBSD: ssl_sess.c,v 1.45 2015/07/21 03:34:38 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111/* ====================================================================
112 * Copyright 2005 Nokia. All rights reserved.
113 *
114 * The portions of the attached software ("Contribution") is developed by
115 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
116 * license.
117 *
118 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
119 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
120 * support (see RFC 4279) to OpenSSL.
121 *
122 * No patent licenses or other rights except those expressly stated in
123 * the OpenSSL open source license shall be deemed granted or received
124 * expressly, by implication, estoppel, or otherwise.
125 *
126 * No assurances are provided by Nokia that the Contribution does not
127 * infringe the patent or other intellectual property rights of any third
128 * party or that the license provides you with all the necessary rights
129 * to make use of the Contribution.
130 *
131 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
132 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
133 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
134 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
135 * OTHERWISE.
136 */
137
138#include <openssl/lhash.h>
139
140#ifndef OPENSSL_NO_ENGINE
141#include <openssl/engine.h>
142#endif
143
144#include "ssl_locl.h"
145
146static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s);
147static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s);
148static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck);
149
150/* aka SSL_get0_session; gets 0 objects, just returns a copy of the pointer */
151SSL_SESSION *
152SSL_get_session(const SSL *ssl)
153{
154 return (ssl->session);
155}
156
157/* variant of SSL_get_session: caller really gets something */
158SSL_SESSION *
159SSL_get1_session(SSL *ssl)
160{
161 SSL_SESSION *sess;
162
163 /*
164 * Need to lock this all up rather than just use CRYPTO_add so that
165 * somebody doesn't free ssl->session between when we check it's
166 * non-null and when we up the reference count.
167 */
168 CRYPTO_w_lock(CRYPTO_LOCK_SSL_SESSION);
169 sess = ssl->session;
170 if (sess)
171 sess->references++;
172 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_SESSION);
173
174 return (sess);
175}
176
177int
178SSL_SESSION_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
179 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
180{
181 return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_SESSION,
182 argl, argp, new_func, dup_func, free_func);
183}
184
185int
186SSL_SESSION_set_ex_data(SSL_SESSION *s, int idx, void *arg)
187{
188 return (CRYPTO_set_ex_data(&s->ex_data, idx, arg));
189}
190
191void *
192SSL_SESSION_get_ex_data(const SSL_SESSION *s, int idx)
193{
194 return (CRYPTO_get_ex_data(&s->ex_data, idx));
195}
196
197SSL_SESSION *
198SSL_SESSION_new(void)
199{
200 SSL_SESSION *ss;
201
202 ss = calloc(1, sizeof(SSL_SESSION));
203 if (ss == NULL) {
204 SSLerr(SSL_F_SSL_SESSION_NEW, ERR_R_MALLOC_FAILURE);
205 return (0);
206 }
207
208 ss->verify_result = 1; /* avoid 0 (= X509_V_OK) just in case */
209 ss->references = 1;
210 ss->timeout=60*5+4; /* 5 minute timeout by default */
211 ss->time = time(NULL);
212 ss->prev = NULL;
213 ss->next = NULL;
214 ss->tlsext_hostname = NULL;
215
216 ss->tlsext_ecpointformatlist_length = 0;
217 ss->tlsext_ecpointformatlist = NULL;
218 ss->tlsext_ellipticcurvelist_length = 0;
219 ss->tlsext_ellipticcurvelist = NULL;
220
221 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data);
222
223 return (ss);
224}
225
226const unsigned char *
227SSL_SESSION_get_id(const SSL_SESSION *s, unsigned int *len)
228{
229 if (len)
230 *len = s->session_id_length;
231 return s->session_id;
232}
233
234unsigned int
235SSL_SESSION_get_compress_id(const SSL_SESSION *s)
236{
237 return 0;
238}
239
240/*
241 * SSLv3/TLSv1 has 32 bytes (256 bits) of session ID space. As such, filling
242 * the ID with random gunk repeatedly until we have no conflict is going to
243 * complete in one iteration pretty much "most" of the time (btw:
244 * understatement). So, if it takes us 10 iterations and we still can't avoid
245 * a conflict - well that's a reasonable point to call it quits. Either the
246 * arc4random code is broken or someone is trying to open roughly very close to
247 * 2^128 (or 2^256) SSL sessions to our server. How you might store that many
248 * sessions is perhaps a more interesting question...
249 */
250
251#define MAX_SESS_ID_ATTEMPTS 10
252
253static int
254def_generate_session_id(const SSL *ssl, unsigned char *id, unsigned int *id_len)
255{
256 unsigned int retry = 0;
257
258 do {
259 arc4random_buf(id, *id_len);
260 } while (SSL_has_matching_session_id(ssl, id, *id_len) &&
261 (++retry < MAX_SESS_ID_ATTEMPTS));
262
263 if (retry < MAX_SESS_ID_ATTEMPTS)
264 return 1;
265
266 /* else - woops a session_id match */
267 /* XXX We should also check the external cache --
268 * but the probability of a collision is negligible, and
269 * we could not prevent the concurrent creation of sessions
270 * with identical IDs since we currently don't have means
271 * to atomically check whether a session ID already exists
272 * and make a reservation for it if it does not
273 * (this problem applies to the internal cache as well).
274 */
275 return 0;
276}
277
278int
279ssl_get_new_session(SSL *s, int session)
280{
281 unsigned int tmp;
282 SSL_SESSION *ss = NULL;
283 GEN_SESSION_CB cb = def_generate_session_id;
284
285 /* This gets used by clients and servers. */
286
287 if ((ss = SSL_SESSION_new()) == NULL)
288 return (0);
289
290 /* If the context has a default timeout, use it */
291 if (s->session_ctx->session_timeout == 0)
292 ss->timeout = SSL_get_default_timeout(s);
293 else
294 ss->timeout = s->session_ctx->session_timeout;
295
296 if (s->session != NULL) {
297 SSL_SESSION_free(s->session);
298 s->session = NULL;
299 }
300
301 if (session) {
302 switch (s->version) {
303 case SSL3_VERSION:
304 case TLS1_VERSION:
305 case TLS1_1_VERSION:
306 case TLS1_2_VERSION:
307 case DTLS1_BAD_VER:
308 case DTLS1_VERSION:
309 ss->ssl_version = s->version;
310 ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
311 break;
312 default:
313 SSLerr(SSL_F_SSL_GET_NEW_SESSION,
314 SSL_R_UNSUPPORTED_SSL_VERSION);
315 SSL_SESSION_free(ss);
316 return (0);
317 }
318
319 /* If RFC4507 ticket use empty session ID. */
320 if (s->tlsext_ticket_expected) {
321 ss->session_id_length = 0;
322 goto sess_id_done;
323 }
324
325 /* Choose which callback will set the session ID. */
326 CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
327 if (s->generate_session_id)
328 cb = s->generate_session_id;
329 else if (s->session_ctx->generate_session_id)
330 cb = s->session_ctx->generate_session_id;
331 CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
332
333 /* Choose a session ID. */
334 tmp = ss->session_id_length;
335 if (!cb(s, ss->session_id, &tmp)) {
336 /* The callback failed */
337 SSLerr(SSL_F_SSL_GET_NEW_SESSION,
338 SSL_R_SSL_SESSION_ID_CALLBACK_FAILED);
339 SSL_SESSION_free(ss);
340 return (0);
341 }
342
343 /*
344 * Don't allow the callback to set the session length to zero.
345 * nor set it higher than it was.
346 */
347 if (!tmp || (tmp > ss->session_id_length)) {
348 /* The callback set an illegal length */
349 SSLerr(SSL_F_SSL_GET_NEW_SESSION,
350 SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH);
351 SSL_SESSION_free(ss);
352 return (0);
353 }
354 ss->session_id_length = tmp;
355
356 /* Finally, check for a conflict. */
357 if (SSL_has_matching_session_id(s, ss->session_id,
358 ss->session_id_length)) {
359 SSLerr(SSL_F_SSL_GET_NEW_SESSION,
360 SSL_R_SSL_SESSION_ID_CONFLICT);
361 SSL_SESSION_free(ss);
362 return (0);
363 }
364
365sess_id_done:
366 if (s->tlsext_hostname) {
367 ss->tlsext_hostname = strdup(s->tlsext_hostname);
368 if (ss->tlsext_hostname == NULL) {
369 SSLerr(SSL_F_SSL_GET_NEW_SESSION,
370 ERR_R_INTERNAL_ERROR);
371 SSL_SESSION_free(ss);
372 return 0;
373 }
374 }
375 } else {
376 ss->session_id_length = 0;
377 }
378
379 if (s->sid_ctx_length > sizeof ss->sid_ctx) {
380 SSLerr(SSL_F_SSL_GET_NEW_SESSION, ERR_R_INTERNAL_ERROR);
381 SSL_SESSION_free(ss);
382 return 0;
383 }
384
385 memcpy(ss->sid_ctx, s->sid_ctx, s->sid_ctx_length);
386 ss->sid_ctx_length = s->sid_ctx_length;
387 s->session = ss;
388 ss->ssl_version = s->version;
389 ss->verify_result = X509_V_OK;
390
391 return (1);
392}
393
394/*
395 * ssl_get_prev attempts to find an SSL_SESSION to be used to resume this
396 * connection. It is only called by servers.
397 *
398 * session_id: points at the session ID in the ClientHello. This code will
399 * read past the end of this in order to parse out the session ticket
400 * extension, if any.
401 * len: the length of the session ID.
402 * limit: a pointer to the first byte after the ClientHello.
403 *
404 * Returns:
405 * -1: error
406 * 0: a session may have been found.
407 *
408 * Side effects:
409 * - If a session is found then s->session is pointed at it (after freeing
410 * an existing session if need be) and s->verify_result is set from the
411 * session.
412 * - Both for new and resumed sessions, s->tlsext_ticket_expected is set
413 * to 1 if the server should issue a new session ticket (to 0 otherwise).
414 */
415int
416ssl_get_prev_session(SSL *s, unsigned char *session_id, int len,
417 const unsigned char *limit)
418{
419 SSL_SESSION *ret = NULL;
420 int fatal = 0;
421 int try_session_cache = 1;
422 int r;
423
424 /* This is used only by servers. */
425
426 if (len > SSL_MAX_SSL_SESSION_ID_LENGTH)
427 goto err;
428
429 if (len == 0)
430 try_session_cache = 0;
431
432 /* Sets s->tlsext_ticket_expected. */
433 r = tls1_process_ticket(s, session_id, len, limit, &ret);
434 switch (r) {
435 case -1: /* Error during processing */
436 fatal = 1;
437 goto err;
438 case 0: /* No ticket found */
439 case 1: /* Zero length ticket found */
440 break; /* Ok to carry on processing session id. */
441 case 2: /* Ticket found but not decrypted. */
442 case 3: /* Ticket decrypted, *ret has been set. */
443 try_session_cache = 0;
444 break;
445 default:
446 abort();
447 }
448
449 if (try_session_cache && ret == NULL &&
450 !(s->session_ctx->session_cache_mode &
451 SSL_SESS_CACHE_NO_INTERNAL_LOOKUP)) {
452 SSL_SESSION data;
453 data.ssl_version = s->version;
454 data.session_id_length = len;
455 memcpy(data.session_id, session_id, len);
456
457 CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
458 ret = lh_SSL_SESSION_retrieve(s->session_ctx->sessions, &data);
459 if (ret != NULL) {
460 /* Don't allow other threads to steal it. */
461 CRYPTO_add(&ret->references, 1,
462 CRYPTO_LOCK_SSL_SESSION);
463 }
464 CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
465
466 if (ret == NULL)
467 s->session_ctx->stats.sess_miss++;
468 }
469
470 if (try_session_cache && ret == NULL &&
471 s->session_ctx->get_session_cb != NULL) {
472 int copy = 1;
473
474 if ((ret = s->session_ctx->get_session_cb(s, session_id,
475 len, &copy))) {
476 s->session_ctx->stats.sess_cb_hit++;
477
478 /*
479 * Increment reference count now if the session
480 * callback asks us to do so (note that if the session
481 * structures returned by the callback are shared
482 * between threads, it must handle the reference count
483 * itself [i.e. copy == 0], or things won't be
484 * thread-safe).
485 */
486 if (copy)
487 CRYPTO_add(&ret->references, 1,
488 CRYPTO_LOCK_SSL_SESSION);
489
490 /*
491 * Add the externally cached session to the internal
492 * cache as well if and only if we are supposed to.
493 */
494 if (!(s->session_ctx->session_cache_mode &
495 SSL_SESS_CACHE_NO_INTERNAL_STORE))
496 /*
497 * The following should not return 1,
498 * otherwise, things are very strange.
499 */
500 SSL_CTX_add_session(s->session_ctx, ret);
501 }
502 }
503
504 if (ret == NULL)
505 goto err;
506
507 /* Now ret is non-NULL and we own one of its reference counts. */
508
509 if (ret->sid_ctx_length != s->sid_ctx_length ||
510 timingsafe_memcmp(ret->sid_ctx,
511 s->sid_ctx, ret->sid_ctx_length) != 0) {
512 /* We have the session requested by the client, but we don't
513 * want to use it in this context. */
514 goto err; /* treat like cache miss */
515 }
516
517 if ((s->verify_mode & SSL_VERIFY_PEER) && s->sid_ctx_length == 0) {
518 /*
519 * We can't be sure if this session is being used out of
520 * context, which is especially important for SSL_VERIFY_PEER.
521 * The application should have used
522 * SSL[_CTX]_set_session_id_context.
523 *
524 * For this error case, we generate an error instead of treating
525 * the event like a cache miss (otherwise it would be easy for
526 * applications to effectively disable the session cache by
527 * accident without anyone noticing).
528 */
529 SSLerr(SSL_F_SSL_GET_PREV_SESSION,
530 SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED);
531 fatal = 1;
532 goto err;
533 }
534
535 if (ret->cipher == NULL) {
536 ret->cipher = ssl3_get_cipher_by_id(ret->cipher_id);
537 if (ret->cipher == NULL)
538 goto err;
539 }
540
541 if (ret->timeout < (time(NULL) - ret->time)) {
542 /* timeout */
543 s->session_ctx->stats.sess_timeout++;
544 if (try_session_cache) {
545 /* session was from the cache, so remove it */
546 SSL_CTX_remove_session(s->session_ctx, ret);
547 }
548 goto err;
549 }
550
551 s->session_ctx->stats.sess_hit++;
552
553 if (s->session != NULL)
554 SSL_SESSION_free(s->session);
555 s->session = ret;
556 s->verify_result = s->session->verify_result;
557 return 1;
558
559err:
560 if (ret != NULL) {
561 SSL_SESSION_free(ret);
562 if (!try_session_cache) {
563 /*
564 * The session was from a ticket, so we should
565 * issue a ticket for the new session.
566 */
567 s->tlsext_ticket_expected = 1;
568 }
569 }
570 if (fatal)
571 return -1;
572 else
573 return 0;
574}
575
576int
577SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c)
578{
579 int ret = 0;
580 SSL_SESSION *s;
581
582 /*
583 * Add just 1 reference count for the SSL_CTX's session cache
584 * even though it has two ways of access: each session is in a
585 * doubly linked list and an lhash.
586 */
587 CRYPTO_add(&c->references, 1, CRYPTO_LOCK_SSL_SESSION);
588
589 /*
590 * If session c is in already in cache, we take back the increment
591 * later.
592 */
593 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
594 s = lh_SSL_SESSION_insert(ctx->sessions, c);
595
596 /*
597 * s != NULL iff we already had a session with the given PID.
598 * In this case, s == c should hold (then we did not really modify
599 * ctx->sessions), or we're in trouble.
600 */
601 if (s != NULL && s != c) {
602 /* We *are* in trouble ... */
603 SSL_SESSION_list_remove(ctx, s);
604 SSL_SESSION_free(s);
605 /*
606 * ... so pretend the other session did not exist in cache
607 * (we cannot handle two SSL_SESSION structures with identical
608 * session ID in the same cache, which could happen e.g. when
609 * two threads concurrently obtain the same session from an
610 * external cache).
611 */
612 s = NULL;
613 }
614
615 /* Put at the head of the queue unless it is already in the cache */
616 if (s == NULL)
617 SSL_SESSION_list_add(ctx, c);
618
619 if (s != NULL) {
620 /*
621 * existing cache entry -- decrement previously incremented
622 * reference count because it already takes into account the
623 * cache.
624 */
625 SSL_SESSION_free(s); /* s == c */
626 ret = 0;
627 } else {
628 /*
629 * New cache entry -- remove old ones if cache has become
630 * too large.
631 */
632
633 ret = 1;
634
635 if (SSL_CTX_sess_get_cache_size(ctx) > 0) {
636 while (SSL_CTX_sess_number(ctx) >
637 SSL_CTX_sess_get_cache_size(ctx)) {
638 if (!remove_session_lock(ctx,
639 ctx->session_cache_tail, 0))
640 break;
641 else
642 ctx->stats.sess_cache_full++;
643 }
644 }
645 }
646 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
647 return (ret);
648}
649
650int
651SSL_CTX_remove_session(SSL_CTX *ctx, SSL_SESSION *c)
652{
653 return remove_session_lock(ctx, c, 1);
654}
655
656static int
657remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck)
658{
659 SSL_SESSION *r;
660 int ret = 0;
661
662 if ((c != NULL) && (c->session_id_length != 0)) {
663 if (lck)
664 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
665 if ((r = lh_SSL_SESSION_retrieve(ctx->sessions, c)) == c) {
666 ret = 1;
667 r = lh_SSL_SESSION_delete(ctx->sessions, c);
668 SSL_SESSION_list_remove(ctx, c);
669 }
670 if (lck)
671 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
672
673 if (ret) {
674 r->not_resumable = 1;
675 if (ctx->remove_session_cb != NULL)
676 ctx->remove_session_cb(ctx, r);
677 SSL_SESSION_free(r);
678 }
679 } else
680 ret = 0;
681 return (ret);
682}
683
684void
685SSL_SESSION_free(SSL_SESSION *ss)
686{
687 int i;
688
689 if (ss == NULL)
690 return;
691
692 i = CRYPTO_add(&ss->references, -1, CRYPTO_LOCK_SSL_SESSION);
693 if (i > 0)
694 return;
695
696 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data);
697
698 OPENSSL_cleanse(ss->master_key, sizeof ss->master_key);
699 OPENSSL_cleanse(ss->session_id, sizeof ss->session_id);
700 if (ss->sess_cert != NULL)
701 ssl_sess_cert_free(ss->sess_cert);
702 if (ss->peer != NULL)
703 X509_free(ss->peer);
704 if (ss->ciphers != NULL)
705 sk_SSL_CIPHER_free(ss->ciphers);
706 free(ss->tlsext_hostname);
707 free(ss->tlsext_tick);
708 ss->tlsext_ecpointformatlist_length = 0;
709 free(ss->tlsext_ecpointformatlist);
710 ss->tlsext_ellipticcurvelist_length = 0;
711 free(ss->tlsext_ellipticcurvelist);
712 OPENSSL_cleanse(ss, sizeof(*ss));
713 free(ss);
714}
715
716int
717SSL_set_session(SSL *s, SSL_SESSION *session)
718{
719 int ret = 0;
720 const SSL_METHOD *meth;
721
722 if (session != NULL) {
723 meth = s->ctx->method->get_ssl_method(session->ssl_version);
724 if (meth == NULL)
725 meth = s->method->get_ssl_method(session->ssl_version);
726 if (meth == NULL) {
727 SSLerr(SSL_F_SSL_SET_SESSION,
728 SSL_R_UNABLE_TO_FIND_SSL_METHOD);
729 return (0);
730 }
731
732 if (meth != s->method) {
733 if (!SSL_set_ssl_method(s, meth))
734 return (0);
735 }
736
737
738 /* CRYPTO_w_lock(CRYPTO_LOCK_SSL);*/
739 CRYPTO_add(&session->references, 1, CRYPTO_LOCK_SSL_SESSION);
740 if (s->session != NULL)
741 SSL_SESSION_free(s->session);
742 s->session = session;
743 s->verify_result = s->session->verify_result;
744 /* CRYPTO_w_unlock(CRYPTO_LOCK_SSL);*/
745 ret = 1;
746 } else {
747 if (s->session != NULL) {
748 SSL_SESSION_free(s->session);
749 s->session = NULL;
750 }
751
752 meth = s->ctx->method;
753 if (meth != s->method) {
754 if (!SSL_set_ssl_method(s, meth))
755 return (0);
756 }
757 ret = 1;
758 }
759 return (ret);
760}
761
762long
763SSL_SESSION_set_timeout(SSL_SESSION *s, long t)
764{
765 if (s == NULL)
766 return (0);
767 s->timeout = t;
768 return (1);
769}
770
771long
772SSL_SESSION_get_timeout(const SSL_SESSION *s)
773{
774 if (s == NULL)
775 return (0);
776 return (s->timeout);
777}
778
779/* XXX 2038 */
780long
781SSL_SESSION_get_time(const SSL_SESSION *s)
782{
783 if (s == NULL)
784 return (0);
785 return (s->time);
786}
787
788/* XXX 2038 */
789long
790SSL_SESSION_set_time(SSL_SESSION *s, long t)
791{
792 if (s == NULL)
793 return (0);
794 s->time = t;
795 return (t);
796}
797
798X509 *
799SSL_SESSION_get0_peer(SSL_SESSION *s)
800{
801 return s->peer;
802}
803
804int
805SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx,
806 unsigned int sid_ctx_len)
807{
808 if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {
809 SSLerr(SSL_F_SSL_SESSION_SET1_ID_CONTEXT,
810 SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
811 return 0;
812 }
813 s->sid_ctx_length = sid_ctx_len;
814 memcpy(s->sid_ctx, sid_ctx, sid_ctx_len);
815
816 return 1;
817}
818
819long
820SSL_CTX_set_timeout(SSL_CTX *s, long t)
821{
822 long l;
823
824 if (s == NULL)
825 return (0);
826 l = s->session_timeout;
827 s->session_timeout = t;
828
829 return (l);
830}
831
832long
833SSL_CTX_get_timeout(const SSL_CTX *s)
834{
835 if (s == NULL)
836 return (0);
837 return (s->session_timeout);
838}
839
840int
841SSL_set_session_secret_cb(SSL *s, int (*tls_session_secret_cb)(SSL *s,
842 void *secret, int *secret_len, STACK_OF(SSL_CIPHER) *peer_ciphers,
843 SSL_CIPHER **cipher, void *arg), void *arg)
844{
845 if (s == NULL)
846 return (0);
847 s->tls_session_secret_cb = tls_session_secret_cb;
848 s->tls_session_secret_cb_arg = arg;
849 return (1);
850}
851
852int
853SSL_set_session_ticket_ext_cb(SSL *s, tls_session_ticket_ext_cb_fn cb,
854 void *arg)
855{
856 if (s == NULL)
857 return (0);
858 s->tls_session_ticket_ext_cb = cb;
859 s->tls_session_ticket_ext_cb_arg = arg;
860 return (1);
861}
862
863int
864SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len)
865{
866 if (s->version >= TLS1_VERSION) {
867 free(s->tlsext_session_ticket);
868 s->tlsext_session_ticket =
869 malloc(sizeof(TLS_SESSION_TICKET_EXT) + ext_len);
870 if (!s->tlsext_session_ticket) {
871 SSLerr(SSL_F_SSL_SET_SESSION_TICKET_EXT,
872 ERR_R_MALLOC_FAILURE);
873 return 0;
874 }
875
876 if (ext_data) {
877 s->tlsext_session_ticket->length = ext_len;
878 s->tlsext_session_ticket->data =
879 s->tlsext_session_ticket + 1;
880 memcpy(s->tlsext_session_ticket->data,
881 ext_data, ext_len);
882 } else {
883 s->tlsext_session_ticket->length = 0;
884 s->tlsext_session_ticket->data = NULL;
885 }
886
887 return 1;
888 }
889
890 return 0;
891}
892
893typedef struct timeout_param_st {
894 SSL_CTX *ctx;
895 long time;
896 LHASH_OF(SSL_SESSION) *cache;
897} TIMEOUT_PARAM;
898
899static void
900timeout_doall_arg(SSL_SESSION *s, TIMEOUT_PARAM *p)
901{
902 if ((p->time == 0) || (p->time > (s->time + s->timeout))) {
903 /* timeout */
904 /* The reason we don't call SSL_CTX_remove_session() is to
905 * save on locking overhead */
906 (void)lh_SSL_SESSION_delete(p->cache, s);
907 SSL_SESSION_list_remove(p->ctx, s);
908 s->not_resumable = 1;
909 if (p->ctx->remove_session_cb != NULL)
910 p->ctx->remove_session_cb(p->ctx, s);
911 SSL_SESSION_free(s);
912 }
913}
914
915static
916IMPLEMENT_LHASH_DOALL_ARG_FN(timeout, SSL_SESSION, TIMEOUT_PARAM)
917
918/* XXX 2038 */
919void
920SSL_CTX_flush_sessions(SSL_CTX *s, long t)
921{
922 unsigned long i;
923 TIMEOUT_PARAM tp;
924
925 tp.ctx = s;
926 tp.cache = s->sessions;
927 if (tp.cache == NULL)
928 return;
929 tp.time = t;
930 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
931 i = CHECKED_LHASH_OF(SSL_SESSION, tp.cache)->down_load;
932 CHECKED_LHASH_OF(SSL_SESSION, tp.cache)->down_load = 0;
933 lh_SSL_SESSION_doall_arg(tp.cache, LHASH_DOALL_ARG_FN(timeout),
934 TIMEOUT_PARAM, &tp);
935 CHECKED_LHASH_OF(SSL_SESSION, tp.cache)->down_load = i;
936 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
937}
938
939int
940ssl_clear_bad_session(SSL *s)
941{
942 if ((s->session != NULL) && !(s->shutdown & SSL_SENT_SHUTDOWN) &&
943 !(SSL_in_init(s) || SSL_in_before(s))) {
944 SSL_CTX_remove_session(s->ctx, s->session);
945 return (1);
946 } else
947 return (0);
948}
949
950/* locked by SSL_CTX in the calling function */
951static void
952SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s)
953{
954 if ((s->next == NULL) || (s->prev == NULL))
955 return;
956
957 if (s->next == (SSL_SESSION *)&(ctx->session_cache_tail)) {
958 /* last element in list */
959 if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head)) {
960 /* only one element in list */
961 ctx->session_cache_head = NULL;
962 ctx->session_cache_tail = NULL;
963 } else {
964 ctx->session_cache_tail = s->prev;
965 s->prev->next =
966 (SSL_SESSION *)&(ctx->session_cache_tail);
967 }
968 } else {
969 if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head)) {
970 /* first element in list */
971 ctx->session_cache_head = s->next;
972 s->next->prev =
973 (SSL_SESSION *)&(ctx->session_cache_head);
974 } else {
975 /* middle of list */
976 s->next->prev = s->prev;
977 s->prev->next = s->next;
978 }
979 }
980 s->prev = s->next = NULL;
981}
982
983static void
984SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s)
985{
986 if ((s->next != NULL) && (s->prev != NULL))
987 SSL_SESSION_list_remove(ctx, s);
988
989 if (ctx->session_cache_head == NULL) {
990 ctx->session_cache_head = s;
991 ctx->session_cache_tail = s;
992 s->prev = (SSL_SESSION *)&(ctx->session_cache_head);
993 s->next = (SSL_SESSION *)&(ctx->session_cache_tail);
994 } else {
995 s->next = ctx->session_cache_head;
996 s->next->prev = s;
997 s->prev = (SSL_SESSION *)&(ctx->session_cache_head);
998 ctx->session_cache_head = s;
999 }
1000}
1001
1002void
1003SSL_CTX_sess_set_new_cb(SSL_CTX *ctx,
1004 int (*cb)(struct ssl_st *ssl, SSL_SESSION *sess)) {
1005 ctx->new_session_cb = cb;
1006}
1007
1008int
1009(*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx))(SSL *ssl, SSL_SESSION *sess)
1010{
1011 return ctx->new_session_cb;
1012}
1013
1014void
1015SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx,
1016 void (*cb)(SSL_CTX *ctx, SSL_SESSION *sess))
1017{
1018 ctx->remove_session_cb = cb;
1019}
1020
1021void
1022(*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx))(SSL_CTX * ctx, SSL_SESSION *sess)
1023{
1024 return ctx->remove_session_cb;
1025}
1026
1027void
1028SSL_CTX_sess_set_get_cb(SSL_CTX *ctx, SSL_SESSION *(*cb)(struct ssl_st *ssl,
1029 unsigned char *data, int len, int *copy))
1030{
1031 ctx->get_session_cb = cb;
1032}
1033
1034SSL_SESSION *
1035(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx))(SSL *ssl, unsigned char *data,
1036 int len, int *copy)
1037{
1038 return ctx->get_session_cb;
1039}
1040
1041void
1042SSL_CTX_set_info_callback(SSL_CTX *ctx,
1043 void (*cb)(const SSL *ssl, int type, int val))
1044{
1045 ctx->info_callback = cb;
1046}
1047
1048void
1049(*SSL_CTX_get_info_callback(SSL_CTX *ctx))(const SSL *ssl, int type, int val)
1050{
1051 return ctx->info_callback;
1052}
1053
1054void
1055SSL_CTX_set_client_cert_cb(SSL_CTX *ctx,
1056 int (*cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey))
1057{
1058 ctx->client_cert_cb = cb;
1059}
1060
1061int
1062(*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx))(SSL * ssl, X509 ** x509,
1063 EVP_PKEY **pkey)
1064{
1065 return ctx->client_cert_cb;
1066}
1067
1068#ifndef OPENSSL_NO_ENGINE
1069int
1070SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e)
1071{
1072 if (!ENGINE_init(e)) {
1073 SSLerr(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE,
1074 ERR_R_ENGINE_LIB);
1075 return 0;
1076 }
1077 if (!ENGINE_get_ssl_client_cert_function(e)) {
1078 SSLerr(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE,
1079 SSL_R_NO_CLIENT_CERT_METHOD);
1080 ENGINE_finish(e);
1081 return 0;
1082 }
1083 ctx->client_cert_engine = e;
1084 return 1;
1085}
1086#endif
1087
1088void
1089SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx,
1090 int (*cb)(SSL *ssl, unsigned char *cookie, unsigned int *cookie_len))
1091{
1092 ctx->app_gen_cookie_cb = cb;
1093}
1094
1095void
1096SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx,
1097 int (*cb)(SSL *ssl, unsigned char *cookie, unsigned int cookie_len))
1098{
1099 ctx->app_verify_cookie_cb = cb;
1100}
1101
1102IMPLEMENT_PEM_rw(SSL_SESSION, SSL_SESSION, PEM_STRING_SSL_SESSION, SSL_SESSION)
diff --git a/src/lib/libssl/ssl_stat.c b/src/lib/libssl/ssl_stat.c
deleted file mode 100644
index 6d67d19c25..0000000000
--- a/src/lib/libssl/ssl_stat.c
+++ /dev/null
@@ -1,801 +0,0 @@
1/* $OpenBSD: ssl_stat.c,v 1.12 2014/11/16 14:12:47 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright 2005 Nokia. All rights reserved.
60 *
61 * The portions of the attached software ("Contribution") is developed by
62 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
63 * license.
64 *
65 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
66 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
67 * support (see RFC 4279) to OpenSSL.
68 *
69 * No patent licenses or other rights except those expressly stated in
70 * the OpenSSL open source license shall be deemed granted or received
71 * expressly, by implication, estoppel, or otherwise.
72 *
73 * No assurances are provided by Nokia that the Contribution does not
74 * infringe the patent or other intellectual property rights of any third
75 * party or that the license provides you with all the necessary rights
76 * to make use of the Contribution.
77 *
78 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
79 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
80 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
81 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
82 * OTHERWISE.
83 */
84
85#include <stdio.h>
86
87#include "ssl_locl.h"
88
89const char *
90SSL_state_string_long(const SSL *s)
91{
92 const char *str;
93
94 switch (s->state) {
95 case SSL_ST_BEFORE:
96 str = "before SSL initialization";
97 break;
98 case SSL_ST_ACCEPT:
99 str = "before accept initialization";
100 break;
101 case SSL_ST_CONNECT:
102 str = "before connect initialization";
103 break;
104 case SSL_ST_OK:
105 str = "SSL negotiation finished successfully";
106 break;
107 case SSL_ST_RENEGOTIATE:
108 str = "SSL renegotiate ciphers";
109 break;
110 case SSL_ST_BEFORE|SSL_ST_CONNECT:
111 str = "before/connect initialization";
112 break;
113 case SSL_ST_OK|SSL_ST_CONNECT:
114 str = "ok/connect SSL initialization";
115 break;
116 case SSL_ST_BEFORE|SSL_ST_ACCEPT:
117 str = "before/accept initialization";
118 break;
119 case SSL_ST_OK|SSL_ST_ACCEPT:
120 str = "ok/accept SSL initialization";
121 break;
122
123 /* SSLv3 additions */
124 case SSL3_ST_CW_CLNT_HELLO_A:
125 str = "SSLv3 write client hello A";
126 break;
127 case SSL3_ST_CW_CLNT_HELLO_B:
128 str = "SSLv3 write client hello B";
129 break;
130 case SSL3_ST_CR_SRVR_HELLO_A:
131 str = "SSLv3 read server hello A";
132 break;
133 case SSL3_ST_CR_SRVR_HELLO_B:
134 str = "SSLv3 read server hello B";
135 break;
136 case SSL3_ST_CR_CERT_A:
137 str = "SSLv3 read server certificate A";
138 break;
139 case SSL3_ST_CR_CERT_B:
140 str = "SSLv3 read server certificate B";
141 break;
142 case SSL3_ST_CR_KEY_EXCH_A:
143 str = "SSLv3 read server key exchange A";
144 break;
145 case SSL3_ST_CR_KEY_EXCH_B:
146 str = "SSLv3 read server key exchange B";
147 break;
148 case SSL3_ST_CR_CERT_REQ_A:
149 str = "SSLv3 read server certificate request A";
150 break;
151 case SSL3_ST_CR_CERT_REQ_B:
152 str = "SSLv3 read server certificate request B";
153 break;
154 case SSL3_ST_CR_SESSION_TICKET_A:
155 str = "SSLv3 read server session ticket A";
156 break;
157 case SSL3_ST_CR_SESSION_TICKET_B:
158 str = "SSLv3 read server session ticket B";
159 break;
160 case SSL3_ST_CR_SRVR_DONE_A:
161 str = "SSLv3 read server done A";
162 break;
163 case SSL3_ST_CR_SRVR_DONE_B:
164 str = "SSLv3 read server done B";
165 break;
166 case SSL3_ST_CW_CERT_A:
167 str = "SSLv3 write client certificate A";
168 break;
169 case SSL3_ST_CW_CERT_B:
170 str = "SSLv3 write client certificate B";
171 break;
172 case SSL3_ST_CW_CERT_C:
173 str = "SSLv3 write client certificate C";
174 break;
175 case SSL3_ST_CW_CERT_D:
176 str = "SSLv3 write client certificate D";
177 break;
178 case SSL3_ST_CW_KEY_EXCH_A:
179 str = "SSLv3 write client key exchange A";
180 break;
181 case SSL3_ST_CW_KEY_EXCH_B:
182 str = "SSLv3 write client key exchange B";
183 break;
184 case SSL3_ST_CW_CERT_VRFY_A:
185 str = "SSLv3 write certificate verify A";
186 break;
187 case SSL3_ST_CW_CERT_VRFY_B:
188 str = "SSLv3 write certificate verify B";
189 break;
190
191 case SSL3_ST_CW_CHANGE_A:
192 case SSL3_ST_SW_CHANGE_A:
193 str = "SSLv3 write change cipher spec A";
194 break;
195 case SSL3_ST_CW_CHANGE_B:
196 case SSL3_ST_SW_CHANGE_B:
197 str = "SSLv3 write change cipher spec B";
198 break;
199 case SSL3_ST_CW_FINISHED_A:
200 case SSL3_ST_SW_FINISHED_A:
201 str = "SSLv3 write finished A";
202 break;
203 case SSL3_ST_CW_FINISHED_B:
204 case SSL3_ST_SW_FINISHED_B:
205 str = "SSLv3 write finished B";
206 break;
207 case SSL3_ST_CR_CHANGE_A:
208 case SSL3_ST_SR_CHANGE_A:
209 str = "SSLv3 read change cipher spec A";
210 break;
211 case SSL3_ST_CR_CHANGE_B:
212 case SSL3_ST_SR_CHANGE_B:
213 str = "SSLv3 read change cipher spec B";
214 break;
215 case SSL3_ST_CR_FINISHED_A:
216 case SSL3_ST_SR_FINISHED_A:
217 str = "SSLv3 read finished A";
218 break;
219 case SSL3_ST_CR_FINISHED_B:
220 case SSL3_ST_SR_FINISHED_B:
221 str = "SSLv3 read finished B";
222 break;
223
224 case SSL3_ST_CW_FLUSH:
225 case SSL3_ST_SW_FLUSH:
226 str = "SSLv3 flush data";
227 break;
228
229 case SSL3_ST_SR_CLNT_HELLO_A:
230 str = "SSLv3 read client hello A";
231 break;
232 case SSL3_ST_SR_CLNT_HELLO_B:
233 str = "SSLv3 read client hello B";
234 break;
235 case SSL3_ST_SR_CLNT_HELLO_C:
236 str = "SSLv3 read client hello C";
237 break;
238 case SSL3_ST_SW_HELLO_REQ_A:
239 str = "SSLv3 write hello request A";
240 break;
241 case SSL3_ST_SW_HELLO_REQ_B:
242 str = "SSLv3 write hello request B";
243 break;
244 case SSL3_ST_SW_HELLO_REQ_C:
245 str = "SSLv3 write hello request C";
246 break;
247 case SSL3_ST_SW_SRVR_HELLO_A:
248 str = "SSLv3 write server hello A";
249 break;
250 case SSL3_ST_SW_SRVR_HELLO_B:
251 str = "SSLv3 write server hello B";
252 break;
253 case SSL3_ST_SW_CERT_A:
254 str = "SSLv3 write certificate A";
255 break;
256 case SSL3_ST_SW_CERT_B:
257 str = "SSLv3 write certificate B";
258 break;
259 case SSL3_ST_SW_KEY_EXCH_A:
260 str = "SSLv3 write key exchange A";
261 break;
262 case SSL3_ST_SW_KEY_EXCH_B:
263 str = "SSLv3 write key exchange B";
264 break;
265 case SSL3_ST_SW_CERT_REQ_A:
266 str = "SSLv3 write certificate request A";
267 break;
268 case SSL3_ST_SW_CERT_REQ_B:
269 str = "SSLv3 write certificate request B";
270 break;
271 case SSL3_ST_SW_SESSION_TICKET_A:
272 str = "SSLv3 write session ticket A";
273 break;
274 case SSL3_ST_SW_SESSION_TICKET_B:
275 str = "SSLv3 write session ticket B";
276 break;
277 case SSL3_ST_SW_SRVR_DONE_A:
278 str = "SSLv3 write server done A";
279 break;
280 case SSL3_ST_SW_SRVR_DONE_B:
281 str = "SSLv3 write server done B";
282 break;
283 case SSL3_ST_SR_CERT_A:
284 str = "SSLv3 read client certificate A";
285 break;
286 case SSL3_ST_SR_CERT_B:
287 str = "SSLv3 read client certificate B";
288 break;
289 case SSL3_ST_SR_KEY_EXCH_A:
290 str = "SSLv3 read client key exchange A";
291 break;
292 case SSL3_ST_SR_KEY_EXCH_B:
293 str = "SSLv3 read client key exchange B";
294 break;
295 case SSL3_ST_SR_CERT_VRFY_A:
296 str = "SSLv3 read certificate verify A";
297 break;
298 case SSL3_ST_SR_CERT_VRFY_B:
299 str = "SSLv3 read certificate verify B";
300 break;
301
302 /* DTLS */
303 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A:
304 str = "DTLS1 read hello verify request A";
305 break;
306 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B:
307 str = "DTLS1 read hello verify request B";
308 break;
309 case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A:
310 str = "DTLS1 write hello verify request A";
311 break;
312 case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B:
313 str = "DTLS1 write hello verify request B";
314 break;
315
316 default:
317 str = "unknown state";
318 break;
319 }
320 return (str);
321}
322
323const char *
324SSL_rstate_string_long(const SSL *s)
325{
326 const char *str;
327
328 switch (s->rstate) {
329 case SSL_ST_READ_HEADER:
330 str = "read header";
331 break;
332 case SSL_ST_READ_BODY:
333 str = "read body";
334 break;
335 case SSL_ST_READ_DONE:
336 str = "read done";
337 break;
338 default:
339 str = "unknown";
340 break;
341 }
342 return (str);
343}
344
345const char *
346SSL_state_string(const SSL *s)
347{
348 const char *str;
349
350 switch (s->state) {
351 case SSL_ST_BEFORE:
352 str = "PINIT ";
353 break;
354 case SSL_ST_ACCEPT:
355 str = "AINIT ";
356 break;
357 case SSL_ST_CONNECT:
358 str = "CINIT ";
359 break;
360 case SSL_ST_OK:
361 str = "SSLOK ";
362 break;
363
364 /* SSLv3 additions */
365 case SSL3_ST_SW_FLUSH:
366 case SSL3_ST_CW_FLUSH:
367 str = "3FLUSH";
368 break;
369 case SSL3_ST_CW_CLNT_HELLO_A:
370 str = "3WCH_A";
371 break;
372 case SSL3_ST_CW_CLNT_HELLO_B:
373 str = "3WCH_B";
374 break;
375 case SSL3_ST_CR_SRVR_HELLO_A:
376 str = "3RSH_A";
377 break;
378 case SSL3_ST_CR_SRVR_HELLO_B:
379 str = "3RSH_B";
380 break;
381 case SSL3_ST_CR_CERT_A:
382 str = "3RSC_A";
383 break;
384 case SSL3_ST_CR_CERT_B:
385 str = "3RSC_B";
386 break;
387 case SSL3_ST_CR_KEY_EXCH_A:
388 str = "3RSKEA";
389 break;
390 case SSL3_ST_CR_KEY_EXCH_B:
391 str = "3RSKEB";
392 break;
393 case SSL3_ST_CR_CERT_REQ_A:
394 str = "3RCR_A";
395 break;
396 case SSL3_ST_CR_CERT_REQ_B:
397 str = "3RCR_B";
398 break;
399 case SSL3_ST_CR_SRVR_DONE_A:
400 str = "3RSD_A";
401 break;
402 case SSL3_ST_CR_SRVR_DONE_B:
403 str = "3RSD_B";
404 break;
405 case SSL3_ST_CW_CERT_A:
406 str = "3WCC_A";
407 break;
408 case SSL3_ST_CW_CERT_B:
409 str = "3WCC_B";
410 break;
411 case SSL3_ST_CW_CERT_C:
412 str = "3WCC_C";
413 break;
414 case SSL3_ST_CW_CERT_D:
415 str = "3WCC_D";
416 break;
417 case SSL3_ST_CW_KEY_EXCH_A:
418 str = "3WCKEA";
419 break;
420 case SSL3_ST_CW_KEY_EXCH_B:
421 str = "3WCKEB";
422 break;
423 case SSL3_ST_CW_CERT_VRFY_A:
424 str = "3WCV_A";
425 break;
426 case SSL3_ST_CW_CERT_VRFY_B:
427 str = "3WCV_B";
428 break;
429
430 case SSL3_ST_SW_CHANGE_A:
431 case SSL3_ST_CW_CHANGE_A:
432 str = "3WCCSA";
433 break;
434 case SSL3_ST_SW_CHANGE_B:
435 case SSL3_ST_CW_CHANGE_B:
436 str = "3WCCSB";
437 break;
438 case SSL3_ST_SW_FINISHED_A:
439 case SSL3_ST_CW_FINISHED_A:
440 str = "3WFINA";
441 break;
442 case SSL3_ST_SW_FINISHED_B:
443 case SSL3_ST_CW_FINISHED_B:
444 str = "3WFINB";
445 break;
446 case SSL3_ST_SR_CHANGE_A:
447 case SSL3_ST_CR_CHANGE_A:
448 str = "3RCCSA";
449 break;
450 case SSL3_ST_SR_CHANGE_B:
451 case SSL3_ST_CR_CHANGE_B:
452 str = "3RCCSB";
453 break;
454 case SSL3_ST_SR_FINISHED_A:
455 case SSL3_ST_CR_FINISHED_A:
456 str = "3RFINA";
457 break;
458 case SSL3_ST_SR_FINISHED_B:
459 case SSL3_ST_CR_FINISHED_B:
460 str = "3RFINB";
461 break;
462
463 case SSL3_ST_SW_HELLO_REQ_A:
464 str = "3WHR_A";
465 break;
466 case SSL3_ST_SW_HELLO_REQ_B:
467 str = "3WHR_B";
468 break;
469 case SSL3_ST_SW_HELLO_REQ_C:
470 str = "3WHR_C";
471 break;
472 case SSL3_ST_SR_CLNT_HELLO_A:
473 str = "3RCH_A";
474 break;
475 case SSL3_ST_SR_CLNT_HELLO_B:
476 str = "3RCH_B";
477 break;
478 case SSL3_ST_SR_CLNT_HELLO_C:
479 str = "3RCH_C";
480 break;
481 case SSL3_ST_SW_SRVR_HELLO_A:
482 str = "3WSH_A";
483 break;
484 case SSL3_ST_SW_SRVR_HELLO_B:
485 str = "3WSH_B";
486 break;
487 case SSL3_ST_SW_CERT_A:
488 str = "3WSC_A";
489 break;
490 case SSL3_ST_SW_CERT_B:
491 str = "3WSC_B";
492 break;
493 case SSL3_ST_SW_KEY_EXCH_A:
494 str = "3WSKEA";
495 break;
496 case SSL3_ST_SW_KEY_EXCH_B:
497 str = "3WSKEB";
498 break;
499 case SSL3_ST_SW_CERT_REQ_A:
500 str = "3WCR_A";
501 break;
502 case SSL3_ST_SW_CERT_REQ_B:
503 str = "3WCR_B";
504 break;
505 case SSL3_ST_SW_SRVR_DONE_A:
506 str = "3WSD_A";
507 break;
508 case SSL3_ST_SW_SRVR_DONE_B:
509 str = "3WSD_B";
510 break;
511 case SSL3_ST_SR_CERT_A:
512 str = "3RCC_A";
513 break;
514 case SSL3_ST_SR_CERT_B:
515 str = "3RCC_B";
516 break;
517 case SSL3_ST_SR_KEY_EXCH_A:
518 str = "3RCKEA";
519 break;
520 case SSL3_ST_SR_KEY_EXCH_B:
521 str = "3RCKEB";
522 break;
523 case SSL3_ST_SR_CERT_VRFY_A:
524 str = "3RCV_A";
525 break;
526 case SSL3_ST_SR_CERT_VRFY_B:
527 str = "3RCV_B";
528 break;
529
530 /* DTLS */
531 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A:
532 str = "DRCHVA";
533 break;
534 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B:
535 str = "DRCHVB";
536 break;
537 case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A:
538 str = "DWCHVA";
539 break;
540 case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B:
541 str = "DWCHVB";
542 break;
543
544 default:
545 str = "UNKWN ";
546 break;
547 }
548 return (str);
549}
550
551const char *
552SSL_alert_type_string_long(int value)
553{
554 value >>= 8;
555 if (value == SSL3_AL_WARNING)
556 return ("warning");
557 else if (value == SSL3_AL_FATAL)
558 return ("fatal");
559 else
560 return ("unknown");
561}
562
563const char *
564SSL_alert_type_string(int value)
565{
566 value >>= 8;
567 if (value == SSL3_AL_WARNING)
568 return ("W");
569 else if (value == SSL3_AL_FATAL)
570 return ("F");
571 else
572 return ("U");
573}
574
575const char *
576SSL_alert_desc_string(int value)
577{
578 const char *str;
579
580 switch (value & 0xff) {
581 case SSL3_AD_CLOSE_NOTIFY:
582 str = "CN";
583 break;
584 case SSL3_AD_UNEXPECTED_MESSAGE:
585 str = "UM";
586 break;
587 case SSL3_AD_BAD_RECORD_MAC:
588 str = "BM";
589 break;
590 case SSL3_AD_DECOMPRESSION_FAILURE:
591 str = "DF";
592 break;
593 case SSL3_AD_HANDSHAKE_FAILURE:
594 str = "HF";
595 break;
596 case SSL3_AD_NO_CERTIFICATE:
597 str = "NC";
598 break;
599 case SSL3_AD_BAD_CERTIFICATE:
600 str = "BC";
601 break;
602 case SSL3_AD_UNSUPPORTED_CERTIFICATE:
603 str = "UC";
604 break;
605 case SSL3_AD_CERTIFICATE_REVOKED:
606 str = "CR";
607 break;
608 case SSL3_AD_CERTIFICATE_EXPIRED:
609 str = "CE";
610 break;
611 case SSL3_AD_CERTIFICATE_UNKNOWN:
612 str = "CU";
613 break;
614 case SSL3_AD_ILLEGAL_PARAMETER:
615 str = "IP";
616 break;
617 case TLS1_AD_DECRYPTION_FAILED:
618 str = "DC";
619 break;
620 case TLS1_AD_RECORD_OVERFLOW:
621 str = "RO";
622 break;
623 case TLS1_AD_UNKNOWN_CA:
624 str = "CA";
625 break;
626 case TLS1_AD_ACCESS_DENIED:
627 str = "AD";
628 break;
629 case TLS1_AD_DECODE_ERROR:
630 str = "DE";
631 break;
632 case TLS1_AD_DECRYPT_ERROR:
633 str = "CY";
634 break;
635 case TLS1_AD_EXPORT_RESTRICTION:
636 str = "ER";
637 break;
638 case TLS1_AD_PROTOCOL_VERSION:
639 str = "PV";
640 break;
641 case TLS1_AD_INSUFFICIENT_SECURITY:
642 str = "IS";
643 break;
644 case TLS1_AD_INTERNAL_ERROR:
645 str = "IE";
646 break;
647 case TLS1_AD_USER_CANCELLED:
648 str = "US";
649 break;
650 case TLS1_AD_NO_RENEGOTIATION:
651 str = "NR";
652 break;
653 case TLS1_AD_UNSUPPORTED_EXTENSION:
654 str = "UE";
655 break;
656 case TLS1_AD_CERTIFICATE_UNOBTAINABLE:
657 str = "CO";
658 break;
659 case TLS1_AD_UNRECOGNIZED_NAME:
660 str = "UN";
661 break;
662 case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE:
663 str = "BR";
664 break;
665 case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE:
666 str = "BH";
667 break;
668 case TLS1_AD_UNKNOWN_PSK_IDENTITY:
669 str = "UP";
670 break;
671 default:
672 str = "UK";
673 break;
674 }
675 return (str);
676}
677
678const char *
679SSL_alert_desc_string_long(int value)
680{
681 const char *str;
682
683 switch (value & 0xff) {
684 case SSL3_AD_CLOSE_NOTIFY:
685 str = "close notify";
686 break;
687 case SSL3_AD_UNEXPECTED_MESSAGE:
688 str = "unexpected_message";
689 break;
690 case SSL3_AD_BAD_RECORD_MAC:
691 str = "bad record mac";
692 break;
693 case SSL3_AD_DECOMPRESSION_FAILURE:
694 str = "decompression failure";
695 break;
696 case SSL3_AD_HANDSHAKE_FAILURE:
697 str = "handshake failure";
698 break;
699 case SSL3_AD_NO_CERTIFICATE:
700 str = "no certificate";
701 break;
702 case SSL3_AD_BAD_CERTIFICATE:
703 str = "bad certificate";
704 break;
705 case SSL3_AD_UNSUPPORTED_CERTIFICATE:
706 str = "unsupported certificate";
707 break;
708 case SSL3_AD_CERTIFICATE_REVOKED:
709 str = "certificate revoked";
710 break;
711 case SSL3_AD_CERTIFICATE_EXPIRED:
712 str = "certificate expired";
713 break;
714 case SSL3_AD_CERTIFICATE_UNKNOWN:
715 str = "certificate unknown";
716 break;
717 case SSL3_AD_ILLEGAL_PARAMETER:
718 str = "illegal parameter";
719 break;
720 case TLS1_AD_DECRYPTION_FAILED:
721 str = "decryption failed";
722 break;
723 case TLS1_AD_RECORD_OVERFLOW:
724 str = "record overflow";
725 break;
726 case TLS1_AD_UNKNOWN_CA:
727 str = "unknown CA";
728 break;
729 case TLS1_AD_ACCESS_DENIED:
730 str = "access denied";
731 break;
732 case TLS1_AD_DECODE_ERROR:
733 str = "decode error";
734 break;
735 case TLS1_AD_DECRYPT_ERROR:
736 str = "decrypt error";
737 break;
738 case TLS1_AD_EXPORT_RESTRICTION:
739 str = "export restriction";
740 break;
741 case TLS1_AD_PROTOCOL_VERSION:
742 str = "protocol version";
743 break;
744 case TLS1_AD_INSUFFICIENT_SECURITY:
745 str = "insufficient security";
746 break;
747 case TLS1_AD_INTERNAL_ERROR:
748 str = "internal error";
749 break;
750 case TLS1_AD_USER_CANCELLED:
751 str = "user canceled";
752 break;
753 case TLS1_AD_NO_RENEGOTIATION:
754 str = "no renegotiation";
755 break;
756 case TLS1_AD_UNSUPPORTED_EXTENSION:
757 str = "unsupported extension";
758 break;
759 case TLS1_AD_CERTIFICATE_UNOBTAINABLE:
760 str = "certificate unobtainable";
761 break;
762 case TLS1_AD_UNRECOGNIZED_NAME:
763 str = "unrecognized name";
764 break;
765 case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE:
766 str = "bad certificate status response";
767 break;
768 case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE:
769 str = "bad certificate hash value";
770 break;
771 case TLS1_AD_UNKNOWN_PSK_IDENTITY:
772 str = "unknown PSK identity";
773 break;
774 default:
775 str = "unknown";
776 break;
777 }
778 return (str);
779}
780
781const char *
782SSL_rstate_string(const SSL *s)
783{
784 const char *str;
785
786 switch (s->rstate) {
787 case SSL_ST_READ_HEADER:
788 str = "RH";
789 break;
790 case SSL_ST_READ_BODY:
791 str = "RB";
792 break;
793 case SSL_ST_READ_DONE:
794 str = "RD";
795 break;
796 default:
797 str = "unknown";
798 break;
799 }
800 return (str);
801}
diff --git a/src/lib/libssl/ssl_txt.c b/src/lib/libssl/ssl_txt.c
deleted file mode 100644
index c3626dc03a..0000000000
--- a/src/lib/libssl/ssl_txt.c
+++ /dev/null
@@ -1,187 +0,0 @@
1/* $OpenBSD: ssl_txt.c,v 1.26 2014/12/14 15:30:50 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright 2005 Nokia. All rights reserved.
60 *
61 * The portions of the attached software ("Contribution") is developed by
62 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
63 * license.
64 *
65 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
66 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
67 * support (see RFC 4279) to OpenSSL.
68 *
69 * No patent licenses or other rights except those expressly stated in
70 * the OpenSSL open source license shall be deemed granted or received
71 * expressly, by implication, estoppel, or otherwise.
72 *
73 * No assurances are provided by Nokia that the Contribution does not
74 * infringe the patent or other intellectual property rights of any third
75 * party or that the license provides you with all the necessary rights
76 * to make use of the Contribution.
77 *
78 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
79 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
80 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
81 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
82 * OTHERWISE.
83 */
84
85#include <stdio.h>
86
87#include <openssl/buffer.h>
88
89#include "ssl_locl.h"
90
91int
92SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *x)
93{
94 BIO *b;
95 int ret;
96
97 if ((b = BIO_new(BIO_s_file_internal())) == NULL) {
98 SSLerr(SSL_F_SSL_SESSION_PRINT_FP, ERR_R_BUF_LIB);
99 return (0);
100 }
101 BIO_set_fp(b, fp, BIO_NOCLOSE);
102 ret = SSL_SESSION_print(b, x);
103 BIO_free(b);
104 return (ret);
105}
106
107int
108SSL_SESSION_print(BIO *bp, const SSL_SESSION *x)
109{
110 unsigned int i;
111 const char *s;
112
113 if (x == NULL)
114 goto err;
115 if (BIO_puts(bp, "SSL-Session:\n") <= 0)
116 goto err;
117
118 s = ssl_version_string(x->ssl_version);
119 if (BIO_printf(bp, " Protocol : %s\n", s) <= 0)
120 goto err;
121
122 if (x->cipher == NULL) {
123 if (((x->cipher_id) & 0xff000000) == 0x02000000) {
124 if (BIO_printf(bp, " Cipher : %06lX\n", x->cipher_id&0xffffff) <= 0)
125 goto err;
126 } else {
127 if (BIO_printf(bp, " Cipher : %04lX\n", x->cipher_id&0xffff) <= 0)
128 goto err;
129 }
130 } else {
131 if (BIO_printf(bp, " Cipher : %s\n",((x->cipher == NULL)?"unknown":x->cipher->name)) <= 0)
132 goto err;
133 }
134 if (BIO_puts(bp, " Session-ID: ") <= 0)
135 goto err;
136 for (i = 0; i < x->session_id_length; i++) {
137 if (BIO_printf(bp, "%02X", x->session_id[i]) <= 0)
138 goto err;
139 }
140 if (BIO_puts(bp, "\n Session-ID-ctx: ") <= 0)
141 goto err;
142 for (i = 0; i < x->sid_ctx_length; i++) {
143 if (BIO_printf(bp, "%02X", x->sid_ctx[i]) <= 0)
144 goto err;
145 }
146 if (BIO_puts(bp, "\n Master-Key: ") <= 0)
147 goto err;
148 for (i = 0; i < (unsigned int)x->master_key_length; i++) {
149 if (BIO_printf(bp, "%02X", x->master_key[i]) <= 0)
150 goto err;
151 }
152 if (x->tlsext_tick_lifetime_hint) {
153 if (BIO_printf(bp,
154 "\n TLS session ticket lifetime hint: %ld (seconds)",
155 x->tlsext_tick_lifetime_hint) <= 0)
156 goto err;
157 }
158 if (x->tlsext_tick) {
159 if (BIO_puts(bp, "\n TLS session ticket:\n") <= 0)
160 goto err;
161 if (BIO_dump_indent(bp, (char *)x->tlsext_tick, x->tlsext_ticklen, 4) <= 0)
162 goto err;
163 }
164
165 if (x->time != 0) {
166 if (BIO_printf(bp, "\n Start Time: %lld", (long long)x->time) <= 0)
167 goto err;
168 }
169 if (x->timeout != 0L) {
170 if (BIO_printf(bp, "\n Timeout : %ld (sec)", x->timeout) <= 0)
171 goto err;
172 }
173 if (BIO_puts(bp, "\n") <= 0)
174 goto err;
175
176 if (BIO_puts(bp, " Verify return code: ") <= 0)
177 goto err;
178
179 if (BIO_printf(bp, "%ld (%s)\n", x->verify_result,
180 X509_verify_cert_error_string(x->verify_result)) <= 0)
181 goto err;
182
183 return (1);
184err:
185 return (0);
186}
187
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2026-02-09 03:12:38 +0000