summaryrefslogtreecommitdiff
path: root/src/lib/libssl/ssl_lib.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libssl/ssl_lib.c')
-rw-r--r--src/lib/libssl/ssl_lib.c26
1 files changed, 20 insertions, 6 deletions
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
index c91f0018e4..f052deeb97 100644
--- a/src/lib/libssl/ssl_lib.c
+++ b/src/lib/libssl/ssl_lib.c
@@ -597,8 +597,10 @@ void SSL_free(SSL *s)
597 OPENSSL_free(s->next_proto_negotiated); 597 OPENSSL_free(s->next_proto_negotiated);
598#endif 598#endif
599 599
600#ifndef OPENSSL_NO_SRTP
600 if (s->srtp_profiles) 601 if (s->srtp_profiles)
601 sk_SRTP_PROTECTION_PROFILE_free(s->srtp_profiles); 602 sk_SRTP_PROTECTION_PROFILE_free(s->srtp_profiles);
603#endif
602 604
603 OPENSSL_free(s); 605 OPENSSL_free(s);
604 } 606 }
@@ -1792,7 +1794,9 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
1792 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ret, &ret->ex_data); 1794 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ret, &ret->ex_data);
1793 1795
1794 ret->extra_certs=NULL; 1796 ret->extra_certs=NULL;
1795 ret->comp_methods=SSL_COMP_get_compression_methods(); 1797 /* No compression for DTLS */
1798 if (meth->version != DTLS1_VERSION)
1799 ret->comp_methods=SSL_COMP_get_compression_methods();
1796 1800
1797 ret->max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH; 1801 ret->max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH;
1798 1802
@@ -1949,8 +1953,10 @@ void SSL_CTX_free(SSL_CTX *a)
1949 a->comp_methods = NULL; 1953 a->comp_methods = NULL;
1950#endif 1954#endif
1951 1955
1956#ifndef OPENSSL_NO_SRTP
1952 if (a->srtp_profiles) 1957 if (a->srtp_profiles)
1953 sk_SRTP_PROTECTION_PROFILE_free(a->srtp_profiles); 1958 sk_SRTP_PROTECTION_PROFILE_free(a->srtp_profiles);
1959#endif
1954 1960
1955#ifndef OPENSSL_NO_PSK 1961#ifndef OPENSSL_NO_PSK
1956 if (a->psk_identity_hint) 1962 if (a->psk_identity_hint)
@@ -2284,7 +2290,7 @@ int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
2284#endif 2290#endif
2285 2291
2286/* THIS NEEDS CLEANING UP */ 2292/* THIS NEEDS CLEANING UP */
2287X509 *ssl_get_server_send_cert(SSL *s) 2293CERT_PKEY *ssl_get_server_send_pkey(const SSL *s)
2288 { 2294 {
2289 unsigned long alg_k,alg_a; 2295 unsigned long alg_k,alg_a;
2290 CERT *c; 2296 CERT *c;
@@ -2339,12 +2345,20 @@ X509 *ssl_get_server_send_cert(SSL *s)
2339 i=SSL_PKEY_GOST01; 2345 i=SSL_PKEY_GOST01;
2340 else /* if (alg_a & SSL_aNULL) */ 2346 else /* if (alg_a & SSL_aNULL) */
2341 { 2347 {
2342 SSLerr(SSL_F_SSL_GET_SERVER_SEND_CERT,ERR_R_INTERNAL_ERROR); 2348 SSLerr(SSL_F_SSL_GET_SERVER_SEND_PKEY,ERR_R_INTERNAL_ERROR);
2343 return(NULL); 2349 return(NULL);
2344 } 2350 }
2345 if (c->pkeys[i].x509 == NULL) return(NULL);
2346 2351
2347 return(c->pkeys[i].x509); 2352 return c->pkeys + i;
2353 }
2354
2355X509 *ssl_get_server_send_cert(const SSL *s)
2356 {
2357 CERT_PKEY *cpk;
2358 cpk = ssl_get_server_send_pkey(s);
2359 if (!cpk)
2360 return NULL;
2361 return cpk->x509;
2348 } 2362 }
2349 2363
2350EVP_PKEY *ssl_get_sign_pkey(SSL *s,const SSL_CIPHER *cipher, const EVP_MD **pmd) 2364EVP_PKEY *ssl_get_sign_pkey(SSL *s,const SSL_CIPHER *cipher, const EVP_MD **pmd)
@@ -2605,7 +2619,7 @@ const char *SSL_get_version(const SSL *s)
2605 return("TLSv1.2"); 2619 return("TLSv1.2");
2606 else if (s->version == TLS1_1_VERSION) 2620 else if (s->version == TLS1_1_VERSION)
2607 return("TLSv1.1"); 2621 return("TLSv1.1");
2608 if (s->version == TLS1_VERSION) 2622 else if (s->version == TLS1_VERSION)
2609 return("TLSv1"); 2623 return("TLSv1");
2610 else if (s->version == SSL3_VERSION) 2624 else if (s->version == SSL3_VERSION)
2611 return("SSLv3"); 2625 return("SSLv3");
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-10-25 16:19:40 +0000