summaryrefslogtreecommitdiff
path: root/src/lib/libssl/ssl_lib.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libssl/ssl_lib.c')
-rw-r--r--src/lib/libssl/ssl_lib.c3299
1 files changed, 3299 insertions, 0 deletions
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
new file mode 100644
index 0000000000..98764b82aa
--- /dev/null
+++ b/src/lib/libssl/ssl_lib.c
@@ -0,0 +1,3299 @@
1/*! \file ssl/ssl_lib.c
2 * \brief Version independent SSL functions.
3 */
4/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
5 * All rights reserved.
6 *
7 * This package is an SSL implementation written
8 * by Eric Young (eay@cryptsoft.com).
9 * The implementation was written so as to conform with Netscapes SSL.
10 *
11 * This library is free for commercial and non-commercial use as long as
12 * the following conditions are aheared to. The following conditions
13 * apply to all code found in this distribution, be it the RC4, RSA,
14 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
15 * included with this distribution is covered by the same copyright terms
16 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
17 *
18 * Copyright remains Eric Young's, and as such any Copyright notices in
19 * the code are not to be removed.
20 * If this package is used in a product, Eric Young should be given attribution
21 * as the author of the parts of the library used.
22 * This can be in the form of a textual message at program startup or
23 * in documentation (online or textual) provided with the package.
24 *
25 * Redistribution and use in source and binary forms, with or without
26 * modification, are permitted provided that the following conditions
27 * are met:
28 * 1. Redistributions of source code must retain the copyright
29 * notice, this list of conditions and the following disclaimer.
30 * 2. Redistributions in binary form must reproduce the above copyright
31 * notice, this list of conditions and the following disclaimer in the
32 * documentation and/or other materials provided with the distribution.
33 * 3. All advertising materials mentioning features or use of this software
34 * must display the following acknowledgement:
35 * "This product includes cryptographic software written by
36 * Eric Young (eay@cryptsoft.com)"
37 * The word 'cryptographic' can be left out if the rouines from the library
38 * being used are not cryptographic related :-).
39 * 4. If you include any Windows specific code (or a derivative thereof) from
40 * the apps directory (application code) you must include an acknowledgement:
41 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
42 *
43 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
44 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
45 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
46 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
47 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
48 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
49 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
50 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
51 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
52 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
53 * SUCH DAMAGE.
54 *
55 * The licence and distribution terms for any publically available version or
56 * derivative of this code cannot be changed. i.e. this code cannot simply be
57 * copied and put under another distribution licence
58 * [including the GNU Public Licence.]
59 */
60/* ====================================================================
61 * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
62 *
63 * Redistribution and use in source and binary forms, with or without
64 * modification, are permitted provided that the following conditions
65 * are met:
66 *
67 * 1. Redistributions of source code must retain the above copyright
68 * notice, this list of conditions and the following disclaimer.
69 *
70 * 2. Redistributions in binary form must reproduce the above copyright
71 * notice, this list of conditions and the following disclaimer in
72 * the documentation and/or other materials provided with the
73 * distribution.
74 *
75 * 3. All advertising materials mentioning features or use of this
76 * software must display the following acknowledgment:
77 * "This product includes software developed by the OpenSSL Project
78 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
79 *
80 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
81 * endorse or promote products derived from this software without
82 * prior written permission. For written permission, please contact
83 * openssl-core@openssl.org.
84 *
85 * 5. Products derived from this software may not be called "OpenSSL"
86 * nor may "OpenSSL" appear in their names without prior written
87 * permission of the OpenSSL Project.
88 *
89 * 6. Redistributions of any form whatsoever must retain the following
90 * acknowledgment:
91 * "This product includes software developed by the OpenSSL Project
92 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
93 *
94 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
95 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
96 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
97 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
98 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
99 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
100 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
101 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
102 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
103 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
104 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
105 * OF THE POSSIBILITY OF SUCH DAMAGE.
106 * ====================================================================
107 *
108 * This product includes cryptographic software written by Eric Young
109 * (eay@cryptsoft.com). This product includes software written by Tim
110 * Hudson (tjh@cryptsoft.com).
111 *
112 */
113/* ====================================================================
114 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
115 * ECC cipher suite support in OpenSSL originally developed by
116 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
117 */
118/* ====================================================================
119 * Copyright 2005 Nokia. All rights reserved.
120 *
121 * The portions of the attached software ("Contribution") is developed by
122 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
123 * license.
124 *
125 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
126 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
127 * support (see RFC 4279) to OpenSSL.
128 *
129 * No patent licenses or other rights except those expressly stated in
130 * the OpenSSL open source license shall be deemed granted or received
131 * expressly, by implication, estoppel, or otherwise.
132 *
133 * No assurances are provided by Nokia that the Contribution does not
134 * infringe the patent or other intellectual property rights of any third
135 * party or that the license provides you with all the necessary rights
136 * to make use of the Contribution.
137 *
138 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
139 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
140 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
141 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
142 * OTHERWISE.
143 */
144
145#ifdef REF_CHECK
146# include <assert.h>
147#endif
148#include <stdio.h>
149#include "ssl_locl.h"
150#include "kssl_lcl.h"
151#include <openssl/objects.h>
152#include <openssl/lhash.h>
153#include <openssl/x509v3.h>
154#include <openssl/rand.h>
155#include <openssl/ocsp.h>
156#ifndef OPENSSL_NO_DH
157#include <openssl/dh.h>
158#endif
159#ifndef OPENSSL_NO_ENGINE
160#include <openssl/engine.h>
161#endif
162
163const char *SSL_version_str = OPENSSL_VERSION_TEXT;
164
165SSL3_ENC_METHOD ssl3_undef_enc_method = {
166 /* evil casts, but these functions are only called if there's a library bug */
167 (int (*)(SSL *, int))ssl_undefined_function,
168 (int (*)(SSL *, unsigned char *, int))ssl_undefined_function,
169 ssl_undefined_function,
170 (int (*)(SSL *, unsigned char *, unsigned char *, int))ssl_undefined_function,
171 (int (*)(SSL*, int))ssl_undefined_function,
172 (int (*)(SSL *, const char*, int, unsigned char *))ssl_undefined_function,
173 0, /* finish_mac_length */
174 (int (*)(SSL *, int, unsigned char *))ssl_undefined_function,
175 NULL, /* client_finished_label */
176 0, /* client_finished_label_len */
177 NULL, /* server_finished_label */
178 0, /* server_finished_label_len */
179 (int (*)(int))ssl_undefined_function,
180 (int (*)(SSL *, unsigned char *, size_t, const char *,
181 size_t, const unsigned char *, size_t,
182 int use_context)) ssl_undefined_function,
183};
184
185int
186SSL_clear(SSL *s)
187{
188
189 if (s->method == NULL) {
190 SSLerr(SSL_F_SSL_CLEAR, SSL_R_NO_METHOD_SPECIFIED);
191 return (0);
192 }
193
194 if (ssl_clear_bad_session(s)) {
195 SSL_SESSION_free(s->session);
196 s->session = NULL;
197 }
198
199 s->error = 0;
200 s->hit = 0;
201 s->shutdown = 0;
202
203#if 0 /* Disabled since version 1.10 of this file (early return not
204 * needed because SSL_clear is not called when doing renegotiation) */
205 /* This is set if we are doing dynamic renegotiation so keep
206 * the old cipher. It is sort of a SSL_clear_lite :-) */
207 if (s->renegotiate)
208 return (1);
209#else
210 if (s->renegotiate) {
211 SSLerr(SSL_F_SSL_CLEAR, ERR_R_INTERNAL_ERROR);
212 return 0;
213 }
214#endif
215
216 s->type = 0;
217
218 s->state = SSL_ST_BEFORE|((s->server) ? SSL_ST_ACCEPT : SSL_ST_CONNECT);
219
220 s->version = s->method->version;
221 s->client_version = s->version;
222 s->rwstate = SSL_NOTHING;
223 s->rstate = SSL_ST_READ_HEADER;
224#if 0
225 s->read_ahead = s->ctx->read_ahead;
226#endif
227
228 if (s->init_buf != NULL) {
229 BUF_MEM_free(s->init_buf);
230 s->init_buf = NULL;
231 }
232
233 ssl_clear_cipher_ctx(s);
234 ssl_clear_hash_ctx(&s->read_hash);
235 ssl_clear_hash_ctx(&s->write_hash);
236
237 s->first_packet = 0;
238
239#if 1
240 /* Check to see if we were changed into a different method, if
241 * so, revert back if we are not doing session-id reuse. */
242 if (!s->in_handshake && (s->session == NULL) && (s->method != s->ctx->method)) {
243 s->method->ssl_free(s);
244 s->method = s->ctx->method;
245 if (!s->method->ssl_new(s))
246 return (0);
247 } else
248#endif
249 s->method->ssl_clear(s);
250 return (1);
251}
252
253/** Used to change an SSL_CTXs default SSL method type */
254int
255SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth)
256{
257 STACK_OF(SSL_CIPHER) *sk;
258
259 ctx->method = meth;
260
261 sk = ssl_create_cipher_list(ctx->method, &(ctx->cipher_list),
262 &(ctx->cipher_list_by_id),
263 meth->version == SSL2_VERSION ? "SSLv2" : SSL_DEFAULT_CIPHER_LIST);
264 if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0)) {
265 SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION, SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
266 return (0);
267 }
268 return (1);
269}
270
271SSL
272*SSL_new(SSL_CTX *ctx)
273{
274 SSL *s;
275
276 if (ctx == NULL) {
277 SSLerr(SSL_F_SSL_NEW, SSL_R_NULL_SSL_CTX);
278 return (NULL);
279 }
280 if (ctx->method == NULL) {
281 SSLerr(SSL_F_SSL_NEW, SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION);
282 return (NULL);
283 }
284
285 s = (SSL *)OPENSSL_malloc(sizeof(SSL));
286 if (s == NULL)
287 goto err;
288 memset(s, 0, sizeof(SSL));
289
290#ifndef OPENSSL_NO_KRB5
291 s->kssl_ctx = kssl_ctx_new();
292#endif /* OPENSSL_NO_KRB5 */
293
294 s->options = ctx->options;
295 s->mode = ctx->mode;
296 s->max_cert_list = ctx->max_cert_list;
297
298 if (ctx->cert != NULL) {
299 /* Earlier library versions used to copy the pointer to
300 * the CERT, not its contents; only when setting new
301 * parameters for the per-SSL copy, ssl_cert_new would be
302 * called (and the direct reference to the per-SSL_CTX
303 * settings would be lost, but those still were indirectly
304 * accessed for various purposes, and for that reason they
305 * used to be known as s->ctx->default_cert).
306 * Now we don't look at the SSL_CTX's CERT after having
307 * duplicated it once. */
308
309 s->cert = ssl_cert_dup(ctx->cert);
310 if (s->cert == NULL)
311 goto err;
312 } else
313 s->cert=NULL; /* Cannot really happen (see SSL_CTX_new) */
314
315 s->read_ahead = ctx->read_ahead;
316 s->msg_callback = ctx->msg_callback;
317 s->msg_callback_arg = ctx->msg_callback_arg;
318 s->verify_mode = ctx->verify_mode;
319#if 0
320 s->verify_depth = ctx->verify_depth;
321#endif
322 s->sid_ctx_length = ctx->sid_ctx_length;
323 OPENSSL_assert(s->sid_ctx_length <= sizeof s->sid_ctx);
324 memcpy(&s->sid_ctx, &ctx->sid_ctx, sizeof(s->sid_ctx));
325 s->verify_callback = ctx->default_verify_callback;
326 s->generate_session_id = ctx->generate_session_id;
327
328 s->param = X509_VERIFY_PARAM_new();
329 if (!s->param)
330 goto err;
331 X509_VERIFY_PARAM_inherit(s->param, ctx->param);
332#if 0
333 s->purpose = ctx->purpose;
334 s->trust = ctx->trust;
335#endif
336 s->quiet_shutdown = ctx->quiet_shutdown;
337 s->max_send_fragment = ctx->max_send_fragment;
338
339 CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
340 s->ctx = ctx;
341#ifndef OPENSSL_NO_TLSEXT
342 s->tlsext_debug_cb = 0;
343 s->tlsext_debug_arg = NULL;
344 s->tlsext_ticket_expected = 0;
345 s->tlsext_status_type = -1;
346 s->tlsext_status_expected = 0;
347 s->tlsext_ocsp_ids = NULL;
348 s->tlsext_ocsp_exts = NULL;
349 s->tlsext_ocsp_resp = NULL;
350 s->tlsext_ocsp_resplen = -1;
351 CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
352 s->initial_ctx = ctx;
353# ifndef OPENSSL_NO_NEXTPROTONEG
354 s->next_proto_negotiated = NULL;
355# endif
356#endif
357
358 s->verify_result = X509_V_OK;
359
360 s->method = ctx->method;
361
362 if (!s->method->ssl_new(s))
363 goto err;
364
365 s->references = 1;
366 s->server = (ctx->method->ssl_accept == ssl_undefined_function) ? 0 : 1;
367
368 SSL_clear(s);
369
370 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
371
372#ifndef OPENSSL_NO_PSK
373 s->psk_client_callback = ctx->psk_client_callback;
374 s->psk_server_callback = ctx->psk_server_callback;
375#endif
376
377 return (s);
378err:
379 if (s != NULL) {
380 if (s->cert != NULL)
381 ssl_cert_free(s->cert);
382 if (s->ctx != NULL)
383 SSL_CTX_free(s->ctx); /* decrement reference count */
384 OPENSSL_free(s);
385 }
386 SSLerr(SSL_F_SSL_NEW, ERR_R_MALLOC_FAILURE);
387 return (NULL);
388}
389
390int
391SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx,
392 unsigned int sid_ctx_len)
393{
394 if (sid_ctx_len > sizeof ctx->sid_ctx) {
395 SSLerr(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT, SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
396 return 0;
397 }
398 ctx->sid_ctx_length = sid_ctx_len;
399 memcpy(ctx->sid_ctx, sid_ctx, sid_ctx_len);
400
401 return 1;
402}
403
404int
405SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx,
406 unsigned int sid_ctx_len)
407{
408 if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {
409 SSLerr(SSL_F_SSL_SET_SESSION_ID_CONTEXT, SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
410 return 0;
411 }
412 ssl->sid_ctx_length = sid_ctx_len;
413 memcpy(ssl->sid_ctx, sid_ctx, sid_ctx_len);
414
415 return 1;
416}
417
418int
419SSL_CTX_set_generate_session_id(SSL_CTX *ctx, GEN_SESSION_CB cb)
420{
421 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
422 ctx->generate_session_id = cb;
423 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
424 return 1;
425}
426
427int
428SSL_set_generate_session_id(SSL *ssl, GEN_SESSION_CB cb)
429{
430 CRYPTO_w_lock(CRYPTO_LOCK_SSL);
431 ssl->generate_session_id = cb;
432 CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
433 return 1;
434}
435
436int
437SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
438 unsigned int id_len)
439{
440 /* A quick examination of SSL_SESSION_hash and SSL_SESSION_cmp shows how
441 * we can "construct" a session to give us the desired check - ie. to
442 * find if there's a session in the hash table that would conflict with
443 * any new session built out of this id/id_len and the ssl_version in
444 * use by this SSL. */
445 SSL_SESSION r, *p;
446
447 if (id_len > sizeof r.session_id)
448 return 0;
449
450 r.ssl_version = ssl->version;
451 r.session_id_length = id_len;
452 memcpy(r.session_id, id, id_len);
453 /* NB: SSLv2 always uses a fixed 16-byte session ID, so even if a
454 * callback is calling us to check the uniqueness of a shorter ID, it
455 * must be compared as a padded-out ID because that is what it will be
456 * converted to when the callback has finished choosing it. */
457 if ((r.ssl_version == SSL2_VERSION) &&
458 (id_len < SSL2_SSL_SESSION_ID_LENGTH)) {
459 memset(r.session_id + id_len, 0,
460 SSL2_SSL_SESSION_ID_LENGTH - id_len);
461 r.session_id_length = SSL2_SSL_SESSION_ID_LENGTH;
462 }
463
464 CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
465 p = lh_SSL_SESSION_retrieve(ssl->ctx->sessions, &r);
466 CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
467 return (p != NULL);
468}
469
470int
471SSL_CTX_set_purpose(SSL_CTX *s, int purpose)
472{
473 return X509_VERIFY_PARAM_set_purpose(s->param, purpose);
474}
475
476int
477SSL_set_purpose(SSL *s, int purpose)
478{
479 return X509_VERIFY_PARAM_set_purpose(s->param, purpose);
480}
481
482int
483SSL_CTX_set_trust(SSL_CTX *s, int trust)
484{
485 return X509_VERIFY_PARAM_set_trust(s->param, trust);
486}
487
488int
489SSL_set_trust(SSL *s, int trust)
490{
491 return X509_VERIFY_PARAM_set_trust(s->param, trust);
492}
493
494int
495SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm)
496{
497 return X509_VERIFY_PARAM_set1(ctx->param, vpm);
498}
499
500int
501SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm)
502{
503 return X509_VERIFY_PARAM_set1(ssl->param, vpm);
504}
505
506void
507SSL_free(SSL *s)
508{
509 int i;
510
511 if (s == NULL)
512 return;
513
514 i = CRYPTO_add(&s->references, -1, CRYPTO_LOCK_SSL);
515#ifdef REF_PRINT
516 REF_PRINT("SSL", s);
517#endif
518 if (i > 0)
519 return;
520#ifdef REF_CHECK
521 if (i < 0) {
522 fprintf(stderr, "SSL_free, bad reference count\n");
523 abort(); /* ok */
524 }
525#endif
526
527 if (s->param)
528 X509_VERIFY_PARAM_free(s->param);
529
530 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
531
532 if (s->bbio != NULL) {
533 /* If the buffering BIO is in place, pop it off */
534 if (s->bbio == s->wbio) {
535 s->wbio = BIO_pop(s->wbio);
536 }
537 BIO_free(s->bbio);
538 s->bbio = NULL;
539 }
540 if (s->rbio != NULL)
541 BIO_free_all(s->rbio);
542 if ((s->wbio != NULL) && (s->wbio != s->rbio))
543 BIO_free_all(s->wbio);
544
545 if (s->init_buf != NULL)
546 BUF_MEM_free(s->init_buf);
547
548 /* add extra stuff */
549 if (s->cipher_list != NULL)
550 sk_SSL_CIPHER_free(s->cipher_list);
551 if (s->cipher_list_by_id != NULL)
552 sk_SSL_CIPHER_free(s->cipher_list_by_id);
553
554 /* Make the next call work :-) */
555 if (s->session != NULL) {
556 ssl_clear_bad_session(s);
557 SSL_SESSION_free(s->session);
558 }
559
560 ssl_clear_cipher_ctx(s);
561 ssl_clear_hash_ctx(&s->read_hash);
562 ssl_clear_hash_ctx(&s->write_hash);
563
564 if (s->cert != NULL)
565 ssl_cert_free(s->cert);
566 /* Free up if allocated */
567
568#ifndef OPENSSL_NO_TLSEXT
569 if (s->tlsext_hostname)
570 OPENSSL_free(s->tlsext_hostname);
571 if (s->initial_ctx)
572 SSL_CTX_free(s->initial_ctx);
573#ifndef OPENSSL_NO_EC
574 if (s->tlsext_ecpointformatlist)
575 OPENSSL_free(s->tlsext_ecpointformatlist);
576 if (s->tlsext_ellipticcurvelist)
577 OPENSSL_free(s->tlsext_ellipticcurvelist);
578#endif /* OPENSSL_NO_EC */
579 if (s->tlsext_opaque_prf_input)
580 OPENSSL_free(s->tlsext_opaque_prf_input);
581 if (s->tlsext_ocsp_exts)
582 sk_X509_EXTENSION_pop_free(s->tlsext_ocsp_exts,
583 X509_EXTENSION_free);
584 if (s->tlsext_ocsp_ids)
585 sk_OCSP_RESPID_pop_free(s->tlsext_ocsp_ids, OCSP_RESPID_free);
586 if (s->tlsext_ocsp_resp)
587 OPENSSL_free(s->tlsext_ocsp_resp);
588#endif
589
590 if (s->client_CA != NULL)
591 sk_X509_NAME_pop_free(s->client_CA, X509_NAME_free);
592
593 if (s->method != NULL)
594 s->method->ssl_free(s);
595
596 if (s->ctx)
597 SSL_CTX_free(s->ctx);
598
599#ifndef OPENSSL_NO_KRB5
600 if (s->kssl_ctx != NULL)
601 kssl_ctx_free(s->kssl_ctx);
602#endif /* OPENSSL_NO_KRB5 */
603
604#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
605 if (s->next_proto_negotiated)
606 OPENSSL_free(s->next_proto_negotiated);
607#endif
608
609#ifndef OPENSSL_NO_SRTP
610 if (s->srtp_profiles)
611 sk_SRTP_PROTECTION_PROFILE_free(s->srtp_profiles);
612#endif
613
614 OPENSSL_free(s);
615}
616
617void
618SSL_set_bio(SSL *s, BIO *rbio, BIO *wbio)
619{
620 /* If the output buffering BIO is still in place, remove it
621 */
622 if (s->bbio != NULL) {
623 if (s->wbio == s->bbio) {
624 s->wbio = s->wbio->next_bio;
625 s->bbio->next_bio = NULL;
626 }
627 }
628 if ((s->rbio != NULL) && (s->rbio != rbio))
629 BIO_free_all(s->rbio);
630 if ((s->wbio != NULL) && (s->wbio != wbio) && (s->rbio != s->wbio))
631 BIO_free_all(s->wbio);
632 s->rbio = rbio;
633 s->wbio = wbio;
634}
635
636BIO
637*SSL_get_rbio(const SSL *s)
638 { return (s->rbio);
639}
640
641BIO
642*SSL_get_wbio(const SSL *s)
643 { return (s->wbio);
644}
645
646int
647SSL_get_fd(const SSL *s)
648{
649 return (SSL_get_rfd(s));
650}
651
652int
653SSL_get_rfd(const SSL *s)
654{
655 int ret = -1;
656 BIO *b, *r;
657
658 b = SSL_get_rbio(s);
659 r = BIO_find_type(b, BIO_TYPE_DESCRIPTOR);
660 if (r != NULL)
661 BIO_get_fd(r, &ret);
662 return (ret);
663}
664
665int
666SSL_get_wfd(const SSL *s)
667{
668 int ret = -1;
669 BIO *b, *r;
670
671 b = SSL_get_wbio(s);
672 r = BIO_find_type(b, BIO_TYPE_DESCRIPTOR);
673 if (r != NULL)
674 BIO_get_fd(r, &ret);
675 return (ret);
676}
677
678#ifndef OPENSSL_NO_SOCK
679int
680SSL_set_fd(SSL *s, int fd)
681{
682 int ret = 0;
683 BIO *bio = NULL;
684
685 bio = BIO_new(BIO_s_socket());
686
687 if (bio == NULL) {
688 SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB);
689 goto err;
690 }
691 BIO_set_fd(bio, fd, BIO_NOCLOSE);
692 SSL_set_bio(s, bio, bio);
693 ret = 1;
694err:
695 return (ret);
696}
697
698int
699SSL_set_wfd(SSL *s, int fd)
700{
701 int ret = 0;
702 BIO *bio = NULL;
703
704 if ((s->rbio == NULL) || (BIO_method_type(s->rbio) != BIO_TYPE_SOCKET)
705 || ((int)BIO_get_fd(s->rbio, NULL) != fd)) {
706 bio = BIO_new(BIO_s_socket());
707
708 if (bio == NULL)
709 { SSLerr(SSL_F_SSL_SET_WFD, ERR_R_BUF_LIB);
710 goto err;
711 }
712 BIO_set_fd(bio, fd, BIO_NOCLOSE);
713 SSL_set_bio(s, SSL_get_rbio(s), bio);
714 } else
715 SSL_set_bio(s, SSL_get_rbio(s), SSL_get_rbio(s));
716 ret = 1;
717err:
718 return (ret);
719}
720
721int
722SSL_set_rfd(SSL *s, int fd)
723{
724 int ret = 0;
725 BIO *bio = NULL;
726
727 if ((s->wbio == NULL) || (BIO_method_type(s->wbio) != BIO_TYPE_SOCKET)
728 || ((int)BIO_get_fd(s->wbio, NULL) != fd)) {
729 bio = BIO_new(BIO_s_socket());
730
731 if (bio == NULL) {
732 SSLerr(SSL_F_SSL_SET_RFD, ERR_R_BUF_LIB);
733 goto err;
734 }
735 BIO_set_fd(bio, fd, BIO_NOCLOSE);
736 SSL_set_bio(s, bio, SSL_get_wbio(s));
737 } else
738 SSL_set_bio(s, SSL_get_wbio(s), SSL_get_wbio(s));
739 ret = 1;
740err:
741 return (ret);
742}
743#endif
744
745
746/* return length of latest Finished message we sent, copy to 'buf' */
747size_t
748SSL_get_finished(const SSL *s, void *buf, size_t count)
749{
750 size_t ret = 0;
751
752 if (s->s3 != NULL) {
753 ret = s->s3->tmp.finish_md_len;
754 if (count > ret)
755 count = ret;
756 memcpy(buf, s->s3->tmp.finish_md, count);
757 }
758 return ret;
759}
760
761/* return length of latest Finished message we expected, copy to 'buf' */
762size_t
763SSL_get_peer_finished(const SSL *s, void *buf, size_t count)
764{
765 size_t ret = 0;
766
767 if (s->s3 != NULL) {
768 ret = s->s3->tmp.peer_finish_md_len;
769 if (count > ret)
770 count = ret;
771 memcpy(buf, s->s3->tmp.peer_finish_md, count);
772 }
773 return ret;
774}
775
776
777int
778SSL_get_verify_mode(const SSL *s)
779{
780 return (s->verify_mode);
781}
782
783int
784SSL_get_verify_depth(const SSL *s)
785{
786 return X509_VERIFY_PARAM_get_depth(s->param);
787}
788
789int (*SSL_get_verify_callback(const SSL *s))(int, X509_STORE_CTX *)
790{
791 return (s->verify_callback);
792}
793
794int
795SSL_CTX_get_verify_mode(const SSL_CTX *ctx)
796{
797 return (ctx->verify_mode);
798}
799
800int
801SSL_CTX_get_verify_depth(const SSL_CTX *ctx)
802{
803 return X509_VERIFY_PARAM_get_depth(ctx->param);
804}
805
806int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))(int, X509_STORE_CTX *)
807{
808 return (ctx->default_verify_callback);
809}
810
811void
812SSL_set_verify(SSL *s, int mode,
813 int (*callback)(int ok, X509_STORE_CTX *ctx))
814{
815 s->verify_mode = mode;
816 if (callback != NULL)
817 s->verify_callback = callback;
818}
819
820void
821SSL_set_verify_depth(SSL *s, int depth)
822{
823 X509_VERIFY_PARAM_set_depth(s->param, depth);
824}
825
826void
827SSL_set_read_ahead(SSL *s, int yes)
828{
829 s->read_ahead = yes;
830}
831
832int
833SSL_get_read_ahead(const SSL *s)
834{
835 return (s->read_ahead);
836}
837
838int
839SSL_pending(const SSL *s)
840{
841 /* SSL_pending cannot work properly if read-ahead is enabled
842 * (SSL_[CTX_]ctrl(..., SSL_CTRL_SET_READ_AHEAD, 1, NULL)),
843 * and it is impossible to fix since SSL_pending cannot report
844 * errors that may be observed while scanning the new data.
845 * (Note that SSL_pending() is often used as a boolean value,
846 * so we'd better not return -1.)
847 */
848 return (s->method->ssl_pending(s));
849}
850
851X509
852*SSL_get_peer_certificate(const SSL *s)
853{
854 X509 *r;
855
856 if ((s == NULL) || (s->session == NULL))
857 r = NULL;
858 else
859 r = s->session->peer;
860
861 if (r == NULL)
862 return (r);
863
864 CRYPTO_add(&r->references, 1, CRYPTO_LOCK_X509);
865
866 return (r);
867}
868
869STACK_OF(X509)
870*SSL_get_peer_cert_chain(const SSL *s)
871{
872 STACK_OF(X509) *r;
873
874 if ((s == NULL) || (s->session == NULL) || (s->session->sess_cert == NULL))
875 r = NULL;
876 else
877 r = s->session->sess_cert->cert_chain;
878
879 /* If we are a client, cert_chain includes the peer's own
880 * certificate;
881if we are a server, it does not. */
882
883 return (r);
884}
885
886/* Now in theory, since the calling process own 't' it should be safe to
887 * modify. We need to be able to read f without being hassled */
888void
889SSL_copy_session_id(SSL *t, const SSL *f)
890{
891 CERT *tmp;
892
893 /* Do we need to to SSL locking? */
894 SSL_set_session(t, SSL_get_session(f));
895
896 /* what if we are setup as SSLv2 but want to talk SSLv3 or
897 * vice-versa */
898 if (t->method != f->method) {
899 t->method->ssl_free(t); /* cleanup current */
900 t->method=f->method; /* change method */
901 t->method->ssl_new(t); /* setup new */
902 }
903
904 tmp = t->cert;
905 if (f->cert != NULL) {
906 CRYPTO_add(&f->cert->references, 1, CRYPTO_LOCK_SSL_CERT);
907 t->cert = f->cert;
908 } else
909 t->cert = NULL;
910 if (tmp != NULL)
911 ssl_cert_free(tmp);
912 SSL_set_session_id_context(t, f->sid_ctx, f->sid_ctx_length);
913}
914
915/* Fix this so it checks all the valid key/cert options */
916int
917SSL_CTX_check_private_key(const SSL_CTX *ctx)
918{
919 if ((ctx == NULL) ||
920 (ctx->cert == NULL) ||
921 (ctx->cert->key->x509 == NULL)) {
922 SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY, SSL_R_NO_CERTIFICATE_ASSIGNED);
923 return (0);
924 }
925 if (ctx->cert->key->privatekey == NULL) {
926 SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY, SSL_R_NO_PRIVATE_KEY_ASSIGNED);
927 return (0);
928 }
929 return (X509_check_private_key(ctx->cert->key->x509, ctx->cert->key->privatekey));
930}
931
932/* Fix this function so that it takes an optional type parameter */
933int
934SSL_check_private_key(const SSL *ssl)
935{
936 if (ssl == NULL) {
937 SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY, ERR_R_PASSED_NULL_PARAMETER);
938 return (0);
939 }
940 if (ssl->cert == NULL) {
941 SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY, SSL_R_NO_CERTIFICATE_ASSIGNED);
942 return 0;
943 }
944 if (ssl->cert->key->x509 == NULL) {
945 SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY, SSL_R_NO_CERTIFICATE_ASSIGNED);
946 return (0);
947 }
948 if (ssl->cert->key->privatekey == NULL) {
949 SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY, SSL_R_NO_PRIVATE_KEY_ASSIGNED);
950 return (0);
951 }
952 return(X509_check_private_key(ssl->cert->key->x509,
953 ssl->cert->key->privatekey));
954}
955
956int
957SSL_accept(SSL *s)
958{
959 if (s->handshake_func == 0)
960 /* Not properly initialized yet */
961 SSL_set_accept_state(s);
962
963 return (s->method->ssl_accept(s));
964}
965
966int
967SSL_connect(SSL *s)
968{
969 if (s->handshake_func == 0)
970 /* Not properly initialized yet */
971 SSL_set_connect_state(s);
972
973 return (s->method->ssl_connect(s));
974}
975
976long
977SSL_get_default_timeout(const SSL *s)
978{
979 return (s->method->get_timeout());
980}
981
982int
983SSL_read(SSL *s, void *buf, int num)
984{
985 if (s->handshake_func == 0) {
986 SSLerr(SSL_F_SSL_READ, SSL_R_UNINITIALIZED);
987 return -1;
988 }
989
990 if (s->shutdown & SSL_RECEIVED_SHUTDOWN) {
991 s->rwstate = SSL_NOTHING;
992 return (0);
993 }
994 return (s->method->ssl_read(s, buf, num));
995}
996
997int
998SSL_peek(SSL *s, void *buf, int num)
999{
1000 if (s->handshake_func == 0) {
1001 SSLerr(SSL_F_SSL_PEEK, SSL_R_UNINITIALIZED);
1002 return -1;
1003 }
1004
1005 if (s->shutdown & SSL_RECEIVED_SHUTDOWN) {
1006 return (0);
1007 }
1008 return (s->method->ssl_peek(s, buf, num));
1009}
1010
1011int
1012SSL_write(SSL *s, const void *buf, int num)
1013{
1014 if (s->handshake_func == 0) {
1015 SSLerr(SSL_F_SSL_WRITE, SSL_R_UNINITIALIZED);
1016 return -1;
1017 }
1018
1019 if (s->shutdown & SSL_SENT_SHUTDOWN) {
1020 s->rwstate = SSL_NOTHING;
1021 SSLerr(SSL_F_SSL_WRITE, SSL_R_PROTOCOL_IS_SHUTDOWN);
1022 return (-1);
1023 }
1024 return (s->method->ssl_write(s, buf, num));
1025}
1026
1027int
1028SSL_shutdown(SSL *s)
1029{
1030 /* Note that this function behaves differently from what one might
1031 * expect. Return values are 0 for no success (yet),
1032 * 1 for success; but calling it once is usually not enough,
1033 * even if blocking I/O is used (see ssl3_shutdown).
1034 */
1035
1036 if (s->handshake_func == 0) {
1037 SSLerr(SSL_F_SSL_SHUTDOWN, SSL_R_UNINITIALIZED);
1038 return -1;
1039 }
1040
1041 if ((s != NULL) && !SSL_in_init(s))
1042 return (s->method->ssl_shutdown(s));
1043 else
1044 return (1);
1045}
1046
1047int
1048SSL_renegotiate(SSL *s)
1049{
1050 if (s->renegotiate == 0)
1051 s->renegotiate = 1;
1052
1053 s->new_session = 1;
1054
1055 return (s->method->ssl_renegotiate(s));
1056}
1057
1058int
1059SSL_renegotiate_abbreviated(SSL *s)
1060{
1061 if (s->renegotiate == 0)
1062 s->renegotiate = 1;
1063
1064 s->new_session = 0;
1065
1066 return (s->method->ssl_renegotiate(s));
1067}
1068
1069int
1070SSL_renegotiate_pending(SSL *s)
1071{
1072 /* becomes true when negotiation is requested;
1073 * false again once a handshake has finished */
1074 return (s->renegotiate != 0);
1075}
1076
1077long
1078SSL_ctrl(SSL *s, int cmd, long larg, void *parg)
1079{
1080 long l;
1081
1082 switch (cmd) {
1083 case SSL_CTRL_GET_READ_AHEAD:
1084 return (s->read_ahead);
1085 case SSL_CTRL_SET_READ_AHEAD:
1086 l = s->read_ahead;
1087 s->read_ahead = larg;
1088 return (l);
1089
1090 case SSL_CTRL_SET_MSG_CALLBACK_ARG:
1091 s->msg_callback_arg = parg;
1092 return 1;
1093
1094 case SSL_CTRL_OPTIONS:
1095 return (s->options|=larg);
1096 case SSL_CTRL_CLEAR_OPTIONS:
1097 return (s->options&=~larg);
1098 case SSL_CTRL_MODE:
1099 return (s->mode|=larg);
1100 case SSL_CTRL_CLEAR_MODE:
1101 return (s->mode &=~larg);
1102 case SSL_CTRL_GET_MAX_CERT_LIST:
1103 return (s->max_cert_list);
1104 case SSL_CTRL_SET_MAX_CERT_LIST:
1105 l = s->max_cert_list;
1106 s->max_cert_list = larg;
1107 return (l);
1108 case SSL_CTRL_SET_MTU:
1109#ifndef OPENSSL_NO_DTLS1
1110 if (larg < (long)dtls1_min_mtu())
1111 return 0;
1112#endif
1113
1114 if (SSL_version(s) == DTLS1_VERSION ||
1115 SSL_version(s) == DTLS1_BAD_VER) {
1116 s->d1->mtu = larg;
1117 return larg;
1118 }
1119 return 0;
1120 case SSL_CTRL_SET_MAX_SEND_FRAGMENT:
1121 if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH)
1122 return 0;
1123 s->max_send_fragment = larg;
1124 return 1;
1125 case SSL_CTRL_GET_RI_SUPPORT:
1126 if (s->s3)
1127 return s->s3->send_connection_binding;
1128 else return 0;
1129 default:
1130 return (s->method->ssl_ctrl(s, cmd, larg, parg));
1131 }
1132}
1133
1134long
1135SSL_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
1136{
1137 switch (cmd) {
1138 case SSL_CTRL_SET_MSG_CALLBACK:
1139 s->msg_callback = (void (*)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg))(fp);
1140 return 1;
1141
1142 default:
1143 return (s->method->ssl_callback_ctrl(s, cmd, fp));
1144 }
1145}
1146
1147LHASH_OF(SSL_SESSION)
1148*SSL_CTX_sessions(SSL_CTX *ctx)
1149{
1150 return ctx->sessions;
1151}
1152
1153long
1154SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
1155{
1156 long l;
1157
1158 switch (cmd) {
1159 case SSL_CTRL_GET_READ_AHEAD:
1160 return (ctx->read_ahead);
1161 case SSL_CTRL_SET_READ_AHEAD:
1162 l = ctx->read_ahead;
1163 ctx->read_ahead = larg;
1164 return (l);
1165
1166 case SSL_CTRL_SET_MSG_CALLBACK_ARG:
1167 ctx->msg_callback_arg = parg;
1168 return 1;
1169
1170 case SSL_CTRL_GET_MAX_CERT_LIST:
1171 return (ctx->max_cert_list);
1172 case SSL_CTRL_SET_MAX_CERT_LIST:
1173 l = ctx->max_cert_list;
1174 ctx->max_cert_list = larg;
1175 return (l);
1176
1177 case SSL_CTRL_SET_SESS_CACHE_SIZE:
1178 l = ctx->session_cache_size;
1179 ctx->session_cache_size = larg;
1180 return (l);
1181 case SSL_CTRL_GET_SESS_CACHE_SIZE:
1182 return (ctx->session_cache_size);
1183 case SSL_CTRL_SET_SESS_CACHE_MODE:
1184 l = ctx->session_cache_mode;
1185 ctx->session_cache_mode = larg;
1186 return (l);
1187 case SSL_CTRL_GET_SESS_CACHE_MODE:
1188 return (ctx->session_cache_mode);
1189
1190 case SSL_CTRL_SESS_NUMBER:
1191 return (lh_SSL_SESSION_num_items(ctx->sessions));
1192 case SSL_CTRL_SESS_CONNECT:
1193 return (ctx->stats.sess_connect);
1194 case SSL_CTRL_SESS_CONNECT_GOOD:
1195 return (ctx->stats.sess_connect_good);
1196 case SSL_CTRL_SESS_CONNECT_RENEGOTIATE:
1197 return (ctx->stats.sess_connect_renegotiate);
1198 case SSL_CTRL_SESS_ACCEPT:
1199 return (ctx->stats.sess_accept);
1200 case SSL_CTRL_SESS_ACCEPT_GOOD:
1201 return (ctx->stats.sess_accept_good);
1202 case SSL_CTRL_SESS_ACCEPT_RENEGOTIATE:
1203 return (ctx->stats.sess_accept_renegotiate);
1204 case SSL_CTRL_SESS_HIT:
1205 return (ctx->stats.sess_hit);
1206 case SSL_CTRL_SESS_CB_HIT:
1207 return (ctx->stats.sess_cb_hit);
1208 case SSL_CTRL_SESS_MISSES:
1209 return (ctx->stats.sess_miss);
1210 case SSL_CTRL_SESS_TIMEOUTS:
1211 return (ctx->stats.sess_timeout);
1212 case SSL_CTRL_SESS_CACHE_FULL:
1213 return (ctx->stats.sess_cache_full);
1214 case SSL_CTRL_OPTIONS:
1215 return (ctx->options|=larg);
1216 case SSL_CTRL_CLEAR_OPTIONS:
1217 return (ctx->options&=~larg);
1218 case SSL_CTRL_MODE:
1219 return (ctx->mode|=larg);
1220 case SSL_CTRL_CLEAR_MODE:
1221 return (ctx->mode&=~larg);
1222 case SSL_CTRL_SET_MAX_SEND_FRAGMENT:
1223 if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH)
1224 return 0;
1225 ctx->max_send_fragment = larg;
1226 return 1;
1227 default:
1228 return (ctx->method->ssl_ctx_ctrl(ctx, cmd, larg, parg));
1229 }
1230}
1231
1232long
1233SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
1234{
1235 switch (cmd) {
1236 case SSL_CTRL_SET_MSG_CALLBACK:
1237 ctx->msg_callback = (void (*)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg))(fp);
1238 return 1;
1239
1240 default:
1241 return (ctx->method->ssl_ctx_callback_ctrl(ctx, cmd, fp));
1242 }
1243}
1244
1245int
1246ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b)
1247{
1248 long l;
1249
1250 l = a->id - b->id;
1251 if (l == 0L)
1252 return (0);
1253 else
1254 return ((l > 0) ? 1:-1);
1255}
1256
1257int
1258ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap,
1259 const SSL_CIPHER * const *bp)
1260{
1261 long l;
1262
1263 l = (*ap)->id - (*bp)->id;
1264 if (l == 0L)
1265 return (0);
1266 else
1267 return ((l > 0) ? 1:-1);
1268}
1269
1270/** return a STACK of the ciphers available for the SSL and in order of
1271 * preference */
1272STACK_OF(SSL_CIPHER)
1273*SSL_get_ciphers(const SSL *s)
1274{
1275 if (s != NULL) {
1276 if (s->cipher_list != NULL) {
1277 return (s->cipher_list);
1278 } else if ((s->ctx != NULL) &&
1279 (s->ctx->cipher_list != NULL)) {
1280 return (s->ctx->cipher_list);
1281 }
1282 }
1283 return (NULL);
1284}
1285
1286/** return a STACK of the ciphers available for the SSL and in order of
1287 * algorithm id */
1288STACK_OF(SSL_CIPHER)
1289*ssl_get_ciphers_by_id(SSL *s)
1290{
1291 if (s != NULL) {
1292 if (s->cipher_list_by_id != NULL) {
1293 return (s->cipher_list_by_id);
1294 } else if ((s->ctx != NULL) &&
1295 (s->ctx->cipher_list_by_id != NULL)) {
1296 return (s->ctx->cipher_list_by_id);
1297 }
1298 }
1299 return (NULL);
1300}
1301
1302/** The old interface to get the same thing as SSL_get_ciphers() */
1303const char
1304*SSL_get_cipher_list(const SSL *s, int n)
1305{
1306 SSL_CIPHER *c;
1307 STACK_OF(SSL_CIPHER) *sk;
1308
1309 if (s == NULL)
1310 return (NULL);
1311 sk = SSL_get_ciphers(s);
1312 if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= n))
1313 return (NULL);
1314 c = sk_SSL_CIPHER_value(sk, n);
1315 if (c == NULL)
1316 return (NULL);
1317 return (c->name);
1318}
1319
1320/** specify the ciphers to be used by default by the SSL_CTX */
1321int
1322SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str)
1323{
1324 STACK_OF(SSL_CIPHER) *sk;
1325
1326 sk = ssl_create_cipher_list(ctx->method, &ctx->cipher_list,
1327 &ctx->cipher_list_by_id, str);
1328 /* ssl_create_cipher_list may return an empty stack if it
1329 * was unable to find a cipher matching the given rule string
1330 * (for example if the rule string specifies a cipher which
1331 * has been disabled). This is not an error as far as
1332 * ssl_create_cipher_list is concerned, and hence
1333 * ctx->cipher_list and ctx->cipher_list_by_id has been
1334 * updated. */
1335 if (sk == NULL)
1336 return 0;
1337 else if (sk_SSL_CIPHER_num(sk) == 0) {
1338 SSLerr(SSL_F_SSL_CTX_SET_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH);
1339 return 0;
1340 }
1341 return 1;
1342}
1343
1344/** specify the ciphers to be used by the SSL */
1345int
1346SSL_set_cipher_list(SSL *s, const char *str)
1347{
1348 STACK_OF(SSL_CIPHER) *sk;
1349
1350 sk = ssl_create_cipher_list(s->ctx->method, &s->cipher_list,
1351 &s->cipher_list_by_id, str);
1352 /* see comment in SSL_CTX_set_cipher_list */
1353 if (sk == NULL)
1354 return 0;
1355 else if (sk_SSL_CIPHER_num(sk) == 0) {
1356 SSLerr(SSL_F_SSL_SET_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH);
1357 return 0;
1358 }
1359 return 1;
1360}
1361
1362/* works well for SSLv2, not so good for SSLv3 */
1363char
1364*SSL_get_shared_ciphers(const SSL *s, char *buf, int len)
1365{
1366 char *end;
1367 STACK_OF(SSL_CIPHER) *sk;
1368 SSL_CIPHER *c;
1369 size_t curlen = 0;
1370 int i;
1371
1372 if ((s->session == NULL) || (s->session->ciphers == NULL) ||
1373 (len < 2))
1374 return (NULL);
1375
1376 sk = s->session->ciphers;
1377 buf[0] = '\0';
1378 for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
1379 c = sk_SSL_CIPHER_value(sk, i);
1380 end = buf + curlen;
1381 if (strlcat(buf, c->name, len) >= len ||
1382 (curlen = strlcat(buf, ":", len)) >= len) {
1383 /* remove truncated cipher from list */
1384 *end = '\0';
1385 break;
1386 }
1387 }
1388 /* remove trailing colon */
1389 if ((end = strrchr(buf, ':')) != NULL)
1390 *end = '\0';
1391 return (buf);
1392}
1393
1394int
1395ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, unsigned char *p,
1396 int (*put_cb)(const SSL_CIPHER *, unsigned char *))
1397{
1398 int i, j = 0;
1399 SSL_CIPHER *c;
1400 unsigned char *q;
1401#ifndef OPENSSL_NO_KRB5
1402 int nokrb5 = !kssl_tgt_is_available(s->kssl_ctx);
1403#endif /* OPENSSL_NO_KRB5 */
1404
1405 if (sk == NULL)
1406 return (0);
1407 q = p;
1408
1409 for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
1410 c = sk_SSL_CIPHER_value(sk, i);
1411 /* Skip TLS v1.2 only ciphersuites if lower than v1.2 */
1412 if ((c->algorithm_ssl & SSL_TLSV1_2) &&
1413 (TLS1_get_client_version(s) < TLS1_2_VERSION))
1414 continue;
1415#ifndef OPENSSL_NO_KRB5
1416 if (((c->algorithm_mkey & SSL_kKRB5) || (c->algorithm_auth & SSL_aKRB5)) &&
1417 nokrb5)
1418 continue;
1419#endif /* OPENSSL_NO_KRB5 */
1420#ifndef OPENSSL_NO_PSK
1421 /* with PSK there must be client callback set */
1422 if (((c->algorithm_mkey & SSL_kPSK) || (c->algorithm_auth & SSL_aPSK)) &&
1423 s->psk_client_callback == NULL)
1424 continue;
1425#endif /* OPENSSL_NO_PSK */
1426 j = put_cb ? put_cb(c, p) : ssl_put_cipher_by_char(s, c, p);
1427 p += j;
1428 }
1429 /* If p == q, no ciphers and caller indicates an error. Otherwise
1430 * add SCSV if not renegotiating.
1431 */
1432 if (p != q && !s->renegotiate) {
1433 static SSL_CIPHER scsv = {
1434 0, NULL, SSL3_CK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0
1435 };
1436 j = put_cb ? put_cb(&scsv, p) : ssl_put_cipher_by_char(s, &scsv, p);
1437 p += j;
1438#ifdef OPENSSL_RI_DEBUG
1439 fprintf(stderr, "SCSV sent by client\n");
1440#endif
1441 }
1442
1443 return (p - q);
1444}
1445
1446STACK_OF(SSL_CIPHER)
1447*ssl_bytes_to_cipher_list(SSL *s, unsigned char *p, int num,
1448STACK_OF(SSL_CIPHER) **skp)
1449{
1450 const SSL_CIPHER *c;
1451 STACK_OF(SSL_CIPHER) *sk;
1452 int i, n;
1453 if (s->s3)
1454 s->s3->send_connection_binding = 0;
1455
1456 n = ssl_put_cipher_by_char(s, NULL, NULL);
1457 if ((num % n) != 0) {
1458 SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
1459 return (NULL);
1460 }
1461 if ((skp == NULL) || (*skp == NULL))
1462 sk=sk_SSL_CIPHER_new_null(); /* change perhaps later */
1463 else {
1464 sk= *skp;
1465 sk_SSL_CIPHER_zero(sk);
1466 }
1467
1468 for (i = 0; i < num; i += n) {
1469 /* Check for SCSV */
1470 if (s->s3 && (n != 3 || !p[0]) &&
1471 (p[n - 2] == ((SSL3_CK_SCSV >> 8) & 0xff)) &&
1472 (p[n - 1] == (SSL3_CK_SCSV & 0xff))) {
1473 /* SCSV fatal if renegotiating */
1474 if (s->renegotiate) {
1475 SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING);
1476 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
1477
1478 goto err;
1479 }
1480 s->s3->send_connection_binding = 1;
1481 p += n;
1482#ifdef OPENSSL_RI_DEBUG
1483 fprintf(stderr, "SCSV received by server\n");
1484#endif
1485 continue;
1486 }
1487
1488 c = ssl_get_cipher_by_char(s, p);
1489 p += n;
1490 if (c != NULL) {
1491 if (!sk_SSL_CIPHER_push(sk, c)) {
1492 SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
1493 goto err;
1494 }
1495 }
1496 }
1497
1498 if (skp != NULL)
1499 *skp = sk;
1500 return (sk);
1501err:
1502 if ((skp == NULL) || (*skp == NULL))
1503 sk_SSL_CIPHER_free(sk);
1504 return (NULL);
1505}
1506
1507
1508#ifndef OPENSSL_NO_TLSEXT
1509/** return a servername extension value if provided in Client Hello, or NULL.
1510 * So far, only host_name types are defined (RFC 3546).
1511 */
1512
1513const char
1514*SSL_get_servername(const SSL *s, const int type)
1515{
1516 if (type != TLSEXT_NAMETYPE_host_name)
1517 return NULL;
1518
1519 return s->session && !s->tlsext_hostname ?
1520 s->session->tlsext_hostname :
1521 s->tlsext_hostname;
1522}
1523
1524int
1525SSL_get_servername_type(const SSL *s)
1526{
1527 if (s->session && (!s->tlsext_hostname ? s->session->tlsext_hostname : s->tlsext_hostname))
1528 return TLSEXT_NAMETYPE_host_name;
1529 return -1;
1530}
1531
1532# ifndef OPENSSL_NO_NEXTPROTONEG
1533/* SSL_select_next_proto implements the standard protocol selection. It is
1534 * expected that this function is called from the callback set by
1535 * SSL_CTX_set_next_proto_select_cb.
1536 *
1537 * The protocol data is assumed to be a vector of 8-bit, length prefixed byte
1538 * strings. The length byte itself is not included in the length. A byte
1539 * string of length 0 is invalid. No byte string may be truncated.
1540 *
1541 * The current, but experimental algorithm for selecting the protocol is:
1542 *
1543 * 1) If the server doesn't support NPN then this is indicated to the
1544 * callback. In this case, the client application has to abort the connection
1545 * or have a default application level protocol.
1546 *
1547 * 2) If the server supports NPN, but advertises an empty list then the
1548 * client selects the first protcol in its list, but indicates via the
1549 * API that this fallback case was enacted.
1550 *
1551 * 3) Otherwise, the client finds the first protocol in the server's list
1552 * that it supports and selects this protocol. This is because it's
1553 * assumed that the server has better information about which protocol
1554 * a client should use.
1555 *
1556 * 4) If the client doesn't support any of the server's advertised
1557 * protocols, then this is treated the same as case 2.
1558 *
1559 * It returns either
1560 * OPENSSL_NPN_NEGOTIATED if a common protocol was found, or
1561 * OPENSSL_NPN_NO_OVERLAP if the fallback case was reached.
1562 */
1563int
1564SSL_select_next_proto(unsigned char **out, unsigned char *outlen, const unsigned char *server, unsigned int server_len, const unsigned char *client, unsigned int client_len)
1565{
1566 unsigned int i, j;
1567 const unsigned char *result;
1568 int status = OPENSSL_NPN_UNSUPPORTED;
1569
1570 /* For each protocol in server preference order, see if we support it. */
1571 for (i = 0; i < server_len; ) {
1572 for (j = 0; j < client_len; ) {
1573 if (server[i] == client[j] &&
1574 memcmp(&server[i + 1], &client[j + 1], server[i]) == 0) {
1575 /* We found a match */
1576 result = &server[i];
1577 status = OPENSSL_NPN_NEGOTIATED;
1578 goto found;
1579 }
1580 j += client[j];
1581 j++;
1582 }
1583 i += server[i];
1584 i++;
1585 }
1586
1587 /* There's no overlap between our protocols and the server's list. */
1588 result = client;
1589 status = OPENSSL_NPN_NO_OVERLAP;
1590
1591 found:
1592 *out = (unsigned char *) result + 1;
1593 *outlen = result[0];
1594 return status;
1595}
1596
1597/* SSL_get0_next_proto_negotiated sets *data and *len to point to the client's
1598 * requested protocol for this connection and returns 0. If the client didn't
1599 * request any protocol, then *data is set to NULL.
1600 *
1601 * Note that the client can request any protocol it chooses. The value returned
1602 * from this function need not be a member of the list of supported protocols
1603 * provided by the callback.
1604 */
1605void
1606SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data, unsigned *len)
1607{
1608 *data = s->next_proto_negotiated;
1609 if (!*data) {
1610 *len = 0;
1611 } else {
1612 *len = s->next_proto_negotiated_len;
1613 }
1614}
1615
1616/* SSL_CTX_set_next_protos_advertised_cb sets a callback that is called when a
1617 * TLS server needs a list of supported protocols for Next Protocol
1618 * Negotiation. The returned list must be in wire format. The list is returned
1619 * by setting |out| to point to it and |outlen| to its length. This memory will
1620 * not be modified, but one should assume that the SSL* keeps a reference to
1621 * it.
1622 *
1623 * The callback should return SSL_TLSEXT_ERR_OK if it wishes to advertise. Otherwise, no
1624 * such extension will be included in the ServerHello. */
1625void
1626SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *ctx, int (*cb) (SSL *ssl, const unsigned char **out, unsigned int *outlen, void *arg), void *arg)
1627{
1628 ctx->next_protos_advertised_cb = cb;
1629 ctx->next_protos_advertised_cb_arg = arg;
1630}
1631
1632/* SSL_CTX_set_next_proto_select_cb sets a callback that is called when a
1633 * client needs to select a protocol from the server's provided list. |out|
1634 * must be set to point to the selected protocol (which may be within |in|).
1635 * The length of the protocol name must be written into |outlen|. The server's
1636 * advertised protocols are provided in |in| and |inlen|. The callback can
1637 * assume that |in| is syntactically valid.
1638 *
1639 * The client must select a protocol. It is fatal to the connection if this
1640 * callback returns a value other than SSL_TLSEXT_ERR_OK.
1641 */
1642void
1643SSL_CTX_set_next_proto_select_cb(SSL_CTX *ctx, int (*cb) (SSL *s, unsigned char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen, void *arg), void *arg)
1644{
1645 ctx->next_proto_select_cb = cb;
1646 ctx->next_proto_select_cb_arg = arg;
1647}
1648# endif
1649#endif
1650
1651int
1652SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
1653 const char *label, size_t llen, const unsigned char *p, size_t plen,
1654int use_context)
1655{
1656 if (s->version < TLS1_VERSION)
1657 return -1;
1658
1659 return s->method->ssl3_enc->export_keying_material(s, out, olen, label,
1660 llen, p, plen,
1661 use_context);
1662}
1663
1664static unsigned long
1665ssl_session_hash(const SSL_SESSION *a)
1666{
1667 unsigned long l;
1668
1669 l = (unsigned long)
1670 ((unsigned int) a->session_id[0] )|
1671 ((unsigned int) a->session_id[1]<< 8L)|
1672 ((unsigned long)a->session_id[2]<<16L)|
1673 ((unsigned long)a->session_id[3]<<24L);
1674 return (l);
1675}
1676
1677/* NB: If this function (or indeed the hash function which uses a sort of
1678 * coarser function than this one) is changed, ensure
1679 * SSL_CTX_has_matching_session_id() is checked accordingly. It relies on being
1680 * able to construct an SSL_SESSION that will collide with any existing session
1681 * with a matching session ID. */
1682static int
1683ssl_session_cmp(const SSL_SESSION *a, const SSL_SESSION *b)
1684{
1685 if (a->ssl_version != b->ssl_version)
1686 return (1);
1687 if (a->session_id_length != b->session_id_length)
1688 return (1);
1689 return (memcmp(a->session_id, b->session_id, a->session_id_length));
1690}
1691
1692/* These wrapper functions should remain rather than redeclaring
1693 * SSL_SESSION_hash and SSL_SESSION_cmp for void* types and casting each
1694 * variable. The reason is that the functions aren't static, they're exposed via
1695 * ssl.h. */
1696static
1697IMPLEMENT_LHASH_HASH_FN(ssl_session, SSL_SESSION)
1698static
1699IMPLEMENT_LHASH_COMP_FN(ssl_session, SSL_SESSION)
1700
1701SSL_CTX
1702*SSL_CTX_new(const SSL_METHOD *meth)
1703{
1704 SSL_CTX *ret = NULL;
1705
1706 if (meth == NULL) {
1707 SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_NULL_SSL_METHOD_PASSED);
1708 return (NULL);
1709 }
1710
1711#ifdef OPENSSL_FIPS
1712 if (FIPS_mode() && (meth->version < TLS1_VERSION)) {
1713 SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
1714 return NULL;
1715 }
1716#endif
1717
1718 if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0) {
1719 SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_X509_VERIFICATION_SETUP_PROBLEMS);
1720 goto err;
1721 }
1722 ret = (SSL_CTX *)OPENSSL_malloc(sizeof(SSL_CTX));
1723 if (ret == NULL)
1724 goto err;
1725
1726 memset(ret, 0, sizeof(SSL_CTX));
1727
1728 ret->method = meth;
1729
1730 ret->cert_store = NULL;
1731 ret->session_cache_mode = SSL_SESS_CACHE_SERVER;
1732 ret->session_cache_size = SSL_SESSION_CACHE_MAX_SIZE_DEFAULT;
1733 ret->session_cache_head = NULL;
1734 ret->session_cache_tail = NULL;
1735
1736 /* We take the system default */
1737 ret->session_timeout = meth->get_timeout();
1738
1739 ret->new_session_cb = 0;
1740 ret->remove_session_cb = 0;
1741 ret->get_session_cb = 0;
1742 ret->generate_session_id = 0;
1743
1744 memset((char *)&ret->stats, 0, sizeof(ret->stats));
1745
1746 ret->references = 1;
1747 ret->quiet_shutdown = 0;
1748
1749/* ret->cipher=NULL;*/
1750/* ret->s2->challenge=NULL;
1751 ret->master_key=NULL;
1752 ret->key_arg=NULL;
1753 ret->s2->conn_id=NULL;
1754*/
1755
1756 ret->info_callback = NULL;
1757
1758 ret->app_verify_callback = 0;
1759 ret->app_verify_arg = NULL;
1760
1761 ret->max_cert_list = SSL_MAX_CERT_LIST_DEFAULT;
1762 ret->read_ahead = 0;
1763 ret->msg_callback = 0;
1764 ret->msg_callback_arg = NULL;
1765 ret->verify_mode = SSL_VERIFY_NONE;
1766#if 0
1767 ret->verify_depth=-1; /* Don't impose a limit (but x509_lu.c does) */
1768#endif
1769 ret->sid_ctx_length = 0;
1770 ret->default_verify_callback = NULL;
1771 if ((ret->cert = ssl_cert_new()) == NULL)
1772 goto err;
1773
1774 ret->default_passwd_callback = 0;
1775 ret->default_passwd_callback_userdata = NULL;
1776 ret->client_cert_cb = 0;
1777 ret->app_gen_cookie_cb = 0;
1778 ret->app_verify_cookie_cb = 0;
1779
1780 ret->sessions = lh_SSL_SESSION_new();
1781 if (ret->sessions == NULL)
1782 goto err;
1783 ret->cert_store = X509_STORE_new();
1784 if (ret->cert_store == NULL)
1785 goto err;
1786
1787 ssl_create_cipher_list(ret->method,
1788 &ret->cipher_list, &ret->cipher_list_by_id,
1789 meth->version == SSL2_VERSION ? "SSLv2" : SSL_DEFAULT_CIPHER_LIST);
1790 if (ret->cipher_list == NULL
1791 || sk_SSL_CIPHER_num(ret->cipher_list) <= 0) {
1792 SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_LIBRARY_HAS_NO_CIPHERS);
1793 goto err2;
1794 }
1795
1796 ret->param = X509_VERIFY_PARAM_new();
1797 if (!ret->param)
1798 goto err;
1799
1800 if ((ret->rsa_md5 = EVP_get_digestbyname("ssl2-md5")) == NULL) {
1801 SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES);
1802 goto err2;
1803 }
1804 if ((ret->md5 = EVP_get_digestbyname("ssl3-md5")) == NULL) {
1805 SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES);
1806 goto err2;
1807 }
1808 if ((ret->sha1 = EVP_get_digestbyname("ssl3-sha1")) == NULL) {
1809 SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES);
1810 goto err2;
1811 }
1812
1813 if ((ret->client_CA = sk_X509_NAME_new_null()) == NULL)
1814 goto err;
1815
1816 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ret, &ret->ex_data);
1817
1818 ret->extra_certs = NULL;
1819 /* No compression for DTLS */
1820 if (meth->version != DTLS1_VERSION)
1821 ret->comp_methods = SSL_COMP_get_compression_methods();
1822
1823 ret->max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH;
1824
1825#ifndef OPENSSL_NO_TLSEXT
1826 ret->tlsext_servername_callback = 0;
1827 ret->tlsext_servername_arg = NULL;
1828 /* Setup RFC4507 ticket keys */
1829 if ((RAND_pseudo_bytes(ret->tlsext_tick_key_name, 16) <= 0)
1830 || (RAND_bytes(ret->tlsext_tick_hmac_key, 16) <= 0)
1831 || (RAND_bytes(ret->tlsext_tick_aes_key, 16) <= 0))
1832 ret->options |= SSL_OP_NO_TICKET;
1833
1834 ret->tlsext_status_cb = 0;
1835 ret->tlsext_status_arg = NULL;
1836
1837# ifndef OPENSSL_NO_NEXTPROTONEG
1838 ret->next_protos_advertised_cb = 0;
1839 ret->next_proto_select_cb = 0;
1840# endif
1841#endif
1842#ifndef OPENSSL_NO_PSK
1843 ret->psk_identity_hint = NULL;
1844 ret->psk_client_callback = NULL;
1845 ret->psk_server_callback = NULL;
1846#endif
1847#ifndef OPENSSL_NO_SRP
1848 SSL_CTX_SRP_CTX_init(ret);
1849#endif
1850#ifndef OPENSSL_NO_BUF_FREELISTS
1851 ret->freelist_max_len = SSL_MAX_BUF_FREELIST_LEN_DEFAULT;
1852 ret->rbuf_freelist = OPENSSL_malloc(sizeof(SSL3_BUF_FREELIST));
1853 if (!ret->rbuf_freelist)
1854 goto err;
1855 ret->rbuf_freelist->chunklen = 0;
1856 ret->rbuf_freelist->len = 0;
1857 ret->rbuf_freelist->head = NULL;
1858 ret->wbuf_freelist = OPENSSL_malloc(sizeof(SSL3_BUF_FREELIST));
1859 if (!ret->wbuf_freelist) {
1860 OPENSSL_free(ret->rbuf_freelist);
1861 goto err;
1862 }
1863 ret->wbuf_freelist->chunklen = 0;
1864 ret->wbuf_freelist->len = 0;
1865 ret->wbuf_freelist->head = NULL;
1866#endif
1867#ifndef OPENSSL_NO_ENGINE
1868 ret->client_cert_engine = NULL;
1869#ifdef OPENSSL_SSL_CLIENT_ENGINE_AUTO
1870#define eng_strx(x) #x
1871#define eng_str(x) eng_strx(x)
1872 /* Use specific client engine automatically... ignore errors */
1873 {
1874 ENGINE *eng;
1875 eng = ENGINE_by_id(eng_str(OPENSSL_SSL_CLIENT_ENGINE_AUTO));
1876 if (!eng) {
1877 ERR_clear_error();
1878 ENGINE_load_builtin_engines();
1879 eng = ENGINE_by_id(eng_str(OPENSSL_SSL_CLIENT_ENGINE_AUTO));
1880 }
1881 if (!eng || !SSL_CTX_set_client_cert_engine(ret, eng))
1882 ERR_clear_error();
1883 }
1884#endif
1885#endif
1886 /* Default is to connect to non-RI servers. When RI is more widely
1887 * deployed might change this.
1888 */
1889 ret->options |= SSL_OP_LEGACY_SERVER_CONNECT;
1890
1891 return (ret);
1892err:
1893 SSLerr(SSL_F_SSL_CTX_NEW, ERR_R_MALLOC_FAILURE);
1894err2:
1895 if (ret != NULL)
1896 SSL_CTX_free(ret);
1897 return (NULL);
1898}
1899
1900#if 0
1901static void
1902SSL_COMP_free(SSL_COMP *comp)
1903 { OPENSSL_free(comp);
1904}
1905#endif
1906
1907#ifndef OPENSSL_NO_BUF_FREELISTS
1908static void
1909ssl_buf_freelist_free(SSL3_BUF_FREELIST *list)
1910{
1911 SSL3_BUF_FREELIST_ENTRY *ent, *next;
1912 for (ent = list->head; ent; ent = next) {
1913 next = ent->next;
1914 OPENSSL_free(ent);
1915 }
1916 OPENSSL_free(list);
1917}
1918#endif
1919
1920void
1921SSL_CTX_free(SSL_CTX *a)
1922{
1923 int i;
1924
1925 if (a == NULL)
1926 return;
1927
1928 i = CRYPTO_add(&a->references, -1, CRYPTO_LOCK_SSL_CTX);
1929#ifdef REF_PRINT
1930 REF_PRINT("SSL_CTX", a);
1931#endif
1932 if (i > 0)
1933 return;
1934#ifdef REF_CHECK
1935 if (i < 0) {
1936 fprintf(stderr, "SSL_CTX_free, bad reference count\n");
1937 abort(); /* ok */
1938 }
1939#endif
1940
1941 if (a->param)
1942 X509_VERIFY_PARAM_free(a->param);
1943
1944 /*
1945 * Free internal session cache. However: the remove_cb() may reference
1946 * the ex_data of SSL_CTX, thus the ex_data store can only be removed
1947 * after the sessions were flushed.
1948 * As the ex_data handling routines might also touch the session cache,
1949 * the most secure solution seems to be: empty (flush) the cache, then
1950 * free ex_data, then finally free the cache.
1951 * (See ticket [openssl.org #212].)
1952 */
1953 if (a->sessions != NULL)
1954 SSL_CTX_flush_sessions(a, 0);
1955
1956 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_CTX, a, &a->ex_data);
1957
1958 if (a->sessions != NULL)
1959 lh_SSL_SESSION_free(a->sessions);
1960
1961 if (a->cert_store != NULL)
1962 X509_STORE_free(a->cert_store);
1963 if (a->cipher_list != NULL)
1964 sk_SSL_CIPHER_free(a->cipher_list);
1965 if (a->cipher_list_by_id != NULL)
1966 sk_SSL_CIPHER_free(a->cipher_list_by_id);
1967 if (a->cert != NULL)
1968 ssl_cert_free(a->cert);
1969 if (a->client_CA != NULL)
1970 sk_X509_NAME_pop_free(a->client_CA, X509_NAME_free);
1971 if (a->extra_certs != NULL)
1972 sk_X509_pop_free(a->extra_certs, X509_free);
1973#if 0 /* This should never be done, since it removes a global database */
1974 if (a->comp_methods != NULL)
1975 sk_SSL_COMP_pop_free(a->comp_methods, SSL_COMP_free);
1976#else
1977 a->comp_methods = NULL;
1978#endif
1979
1980#ifndef OPENSSL_NO_SRTP
1981 if (a->srtp_profiles)
1982 sk_SRTP_PROTECTION_PROFILE_free(a->srtp_profiles);
1983#endif
1984
1985#ifndef OPENSSL_NO_PSK
1986 if (a->psk_identity_hint)
1987 OPENSSL_free(a->psk_identity_hint);
1988#endif
1989#ifndef OPENSSL_NO_SRP
1990 SSL_CTX_SRP_CTX_free(a);
1991#endif
1992#ifndef OPENSSL_NO_ENGINE
1993 if (a->client_cert_engine)
1994 ENGINE_finish(a->client_cert_engine);
1995#endif
1996
1997#ifndef OPENSSL_NO_BUF_FREELISTS
1998 if (a->wbuf_freelist)
1999 ssl_buf_freelist_free(a->wbuf_freelist);
2000 if (a->rbuf_freelist)
2001 ssl_buf_freelist_free(a->rbuf_freelist);
2002#endif
2003
2004 OPENSSL_free(a);
2005}
2006
2007void
2008SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb)
2009{
2010 ctx->default_passwd_callback = cb;
2011}
2012
2013void
2014SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u)
2015{
2016 ctx->default_passwd_callback_userdata = u;
2017}
2018
2019void
2020SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, int (*cb)(X509_STORE_CTX *, void *), void *arg)
2021{
2022 ctx->app_verify_callback = cb;
2023 ctx->app_verify_arg = arg;
2024}
2025
2026void
2027SSL_CTX_set_verify(SSL_CTX *ctx, int mode, int (*cb)(int, X509_STORE_CTX *))
2028{
2029 ctx->verify_mode = mode;
2030 ctx->default_verify_callback = cb;
2031}
2032
2033void
2034SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth)
2035{
2036 X509_VERIFY_PARAM_set_depth(ctx->param, depth);
2037}
2038
2039void
2040ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
2041{
2042 CERT_PKEY *cpk;
2043 int rsa_enc, rsa_tmp, rsa_sign, dh_tmp, dh_rsa, dh_dsa, dsa_sign;
2044 int rsa_enc_export, dh_rsa_export, dh_dsa_export;
2045 int rsa_tmp_export, dh_tmp_export, kl;
2046 unsigned long mask_k, mask_a, emask_k, emask_a;
2047 int have_ecc_cert, ecdh_ok, ecdsa_ok, ecc_pkey_size;
2048#ifndef OPENSSL_NO_ECDH
2049 int have_ecdh_tmp;
2050#endif
2051 X509 *x = NULL;
2052 EVP_PKEY *ecc_pkey = NULL;
2053 int signature_nid = 0, pk_nid = 0, md_nid = 0;
2054
2055 if (c == NULL)
2056 return;
2057
2058 kl = SSL_C_EXPORT_PKEYLENGTH(cipher);
2059
2060#ifndef OPENSSL_NO_RSA
2061 rsa_tmp = (c->rsa_tmp != NULL || c->rsa_tmp_cb != NULL);
2062 rsa_tmp_export = (c->rsa_tmp_cb != NULL ||
2063 (rsa_tmp && RSA_size(c->rsa_tmp)*8 <= kl));
2064#else
2065 rsa_tmp = rsa_tmp_export = 0;
2066#endif
2067#ifndef OPENSSL_NO_DH
2068 dh_tmp = (c->dh_tmp != NULL || c->dh_tmp_cb != NULL);
2069 dh_tmp_export = (c->dh_tmp_cb != NULL ||
2070 (dh_tmp && DH_size(c->dh_tmp)*8 <= kl));
2071#else
2072 dh_tmp = dh_tmp_export = 0;
2073#endif
2074
2075#ifndef OPENSSL_NO_ECDH
2076 have_ecdh_tmp = (c->ecdh_tmp != NULL || c->ecdh_tmp_cb != NULL);
2077#endif
2078 cpk = &(c->pkeys[SSL_PKEY_RSA_ENC]);
2079 rsa_enc = (cpk->x509 != NULL && cpk->privatekey != NULL);
2080 rsa_enc_export = (rsa_enc && EVP_PKEY_size(cpk->privatekey)*8 <= kl);
2081 cpk = &(c->pkeys[SSL_PKEY_RSA_SIGN]);
2082 rsa_sign = (cpk->x509 != NULL && cpk->privatekey != NULL);
2083 cpk = &(c->pkeys[SSL_PKEY_DSA_SIGN]);
2084 dsa_sign = (cpk->x509 != NULL && cpk->privatekey != NULL);
2085 cpk = &(c->pkeys[SSL_PKEY_DH_RSA]);
2086 dh_rsa = (cpk->x509 != NULL && cpk->privatekey != NULL);
2087 dh_rsa_export = (dh_rsa && EVP_PKEY_size(cpk->privatekey)*8 <= kl);
2088 cpk = &(c->pkeys[SSL_PKEY_DH_DSA]);
2089/* FIX THIS EAY EAY EAY */
2090 dh_dsa = (cpk->x509 != NULL && cpk->privatekey != NULL);
2091 dh_dsa_export = (dh_dsa && EVP_PKEY_size(cpk->privatekey)*8 <= kl);
2092 cpk = &(c->pkeys[SSL_PKEY_ECC]);
2093 have_ecc_cert = (cpk->x509 != NULL && cpk->privatekey != NULL);
2094 mask_k = 0;
2095 mask_a = 0;
2096 emask_k = 0;
2097 emask_a = 0;
2098
2099
2100
2101#ifdef CIPHER_DEBUG
2102 printf("rt=%d rte=%d dht=%d ecdht=%d re=%d ree=%d rs=%d ds=%d dhr=%d dhd=%d\n",
2103 rsa_tmp, rsa_tmp_export, dh_tmp, have_ecdh_tmp,
2104 rsa_enc, rsa_enc_export, rsa_sign, dsa_sign, dh_rsa, dh_dsa);
2105#endif
2106
2107 cpk = &(c->pkeys[SSL_PKEY_GOST01]);
2108 if (cpk->x509 != NULL && cpk->privatekey !=NULL) {
2109 mask_k |= SSL_kGOST;
2110 mask_a |= SSL_aGOST01;
2111 }
2112 cpk = &(c->pkeys[SSL_PKEY_GOST94]);
2113 if (cpk->x509 != NULL && cpk->privatekey !=NULL) {
2114 mask_k |= SSL_kGOST;
2115 mask_a |= SSL_aGOST94;
2116 }
2117
2118 if (rsa_enc || (rsa_tmp && rsa_sign))
2119 mask_k|=SSL_kRSA;
2120 if (rsa_enc_export || (rsa_tmp_export && (rsa_sign || rsa_enc)))
2121 emask_k|=SSL_kRSA;
2122
2123#if 0
2124 /* The match needs to be both kEDH and aRSA or aDSA, so don't worry */
2125 if ((dh_tmp || dh_rsa || dh_dsa) &&
2126 (rsa_enc || rsa_sign || dsa_sign))
2127 mask_k|=SSL_kEDH;
2128 if ((dh_tmp_export || dh_rsa_export || dh_dsa_export) &&
2129 (rsa_enc || rsa_sign || dsa_sign))
2130 emask_k|=SSL_kEDH;
2131#endif
2132
2133 if (dh_tmp_export)
2134 emask_k|=SSL_kEDH;
2135
2136 if (dh_tmp)
2137 mask_k|=SSL_kEDH;
2138
2139 if (dh_rsa)
2140 mask_k|=SSL_kDHr;
2141 if (dh_rsa_export)
2142 emask_k|=SSL_kDHr;
2143
2144 if (dh_dsa)
2145 mask_k|=SSL_kDHd;
2146 if (dh_dsa_export)
2147 emask_k|=SSL_kDHd;
2148
2149 if (rsa_enc || rsa_sign) {
2150 mask_a|=SSL_aRSA;
2151 emask_a|=SSL_aRSA;
2152 }
2153
2154 if (dsa_sign) {
2155 mask_a|=SSL_aDSS;
2156 emask_a|=SSL_aDSS;
2157 }
2158
2159 mask_a|=SSL_aNULL;
2160 emask_a|=SSL_aNULL;
2161
2162#ifndef OPENSSL_NO_KRB5
2163 mask_k|=SSL_kKRB5;
2164 mask_a|=SSL_aKRB5;
2165 emask_k|=SSL_kKRB5;
2166 emask_a|=SSL_aKRB5;
2167#endif
2168
2169 /* An ECC certificate may be usable for ECDH and/or
2170 * ECDSA cipher suites depending on the key usage extension.
2171 */
2172 if (have_ecc_cert) {
2173 /* This call populates extension flags (ex_flags) */
2174 x = (c->pkeys[SSL_PKEY_ECC]).x509;
2175 X509_check_purpose(x, -1, 0);
2176 ecdh_ok = (x->ex_flags & EXFLAG_KUSAGE) ?
2177 (x->ex_kusage & X509v3_KU_KEY_AGREEMENT) : 1;
2178 ecdsa_ok = (x->ex_flags & EXFLAG_KUSAGE) ?
2179 (x->ex_kusage & X509v3_KU_DIGITAL_SIGNATURE) : 1;
2180 ecc_pkey = X509_get_pubkey(x);
2181 ecc_pkey_size = (ecc_pkey != NULL) ?
2182 EVP_PKEY_bits(ecc_pkey) : 0;
2183 EVP_PKEY_free(ecc_pkey);
2184 if ((x->sig_alg) && (x->sig_alg->algorithm)) {
2185 signature_nid = OBJ_obj2nid(x->sig_alg->algorithm);
2186 OBJ_find_sigid_algs(signature_nid, &md_nid, &pk_nid);
2187 }
2188#ifndef OPENSSL_NO_ECDH
2189 if (ecdh_ok) {
2190
2191 if (pk_nid == NID_rsaEncryption || pk_nid == NID_rsa) {
2192 mask_k|=SSL_kECDHr;
2193 mask_a|=SSL_aECDH;
2194 if (ecc_pkey_size <= 163) {
2195 emask_k|=SSL_kECDHr;
2196 emask_a|=SSL_aECDH;
2197 }
2198 }
2199
2200 if (pk_nid == NID_X9_62_id_ecPublicKey) {
2201 mask_k|=SSL_kECDHe;
2202 mask_a|=SSL_aECDH;
2203 if (ecc_pkey_size <= 163) {
2204 emask_k|=SSL_kECDHe;
2205 emask_a|=SSL_aECDH;
2206 }
2207 }
2208 }
2209#endif
2210#ifndef OPENSSL_NO_ECDSA
2211 if (ecdsa_ok) {
2212 mask_a|=SSL_aECDSA;
2213 emask_a|=SSL_aECDSA;
2214 }
2215#endif
2216 }
2217
2218#ifndef OPENSSL_NO_ECDH
2219 if (have_ecdh_tmp) {
2220 mask_k|=SSL_kEECDH;
2221 emask_k|=SSL_kEECDH;
2222 }
2223#endif
2224
2225#ifndef OPENSSL_NO_PSK
2226 mask_k |= SSL_kPSK;
2227 mask_a |= SSL_aPSK;
2228 emask_k |= SSL_kPSK;
2229 emask_a |= SSL_aPSK;
2230#endif
2231
2232 c->mask_k = mask_k;
2233 c->mask_a = mask_a;
2234 c->export_mask_k = emask_k;
2235 c->export_mask_a = emask_a;
2236 c->valid = 1;
2237}
2238
2239/* This handy macro borrowed from crypto/x509v3/v3_purp.c */
2240#define ku_reject(x, usage) \
2241 (((x)->ex_flags & EXFLAG_KUSAGE) && !((x)->ex_kusage & (usage)))
2242
2243#ifndef OPENSSL_NO_EC
2244
2245int
2246ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
2247{
2248 unsigned long alg_k, alg_a;
2249 EVP_PKEY *pkey = NULL;
2250 int keysize = 0;
2251 int signature_nid = 0, md_nid = 0, pk_nid = 0;
2252 const SSL_CIPHER *cs = s->s3->tmp.new_cipher;
2253
2254 alg_k = cs->algorithm_mkey;
2255 alg_a = cs->algorithm_auth;
2256
2257 if (SSL_C_IS_EXPORT(cs)) {
2258 /* ECDH key length in export ciphers must be <= 163 bits */
2259 pkey = X509_get_pubkey(x);
2260 if (pkey == NULL)
2261 return 0;
2262 keysize = EVP_PKEY_bits(pkey);
2263 EVP_PKEY_free(pkey);
2264 if (keysize > 163)
2265 return 0;
2266 }
2267
2268 /* This call populates the ex_flags field correctly */
2269 X509_check_purpose(x, -1, 0);
2270 if ((x->sig_alg) && (x->sig_alg->algorithm)) {
2271 signature_nid = OBJ_obj2nid(x->sig_alg->algorithm);
2272 OBJ_find_sigid_algs(signature_nid, &md_nid, &pk_nid);
2273 }
2274 if (alg_k & SSL_kECDHe || alg_k & SSL_kECDHr) {
2275 /* key usage, if present, must allow key agreement */
2276 if (ku_reject(x, X509v3_KU_KEY_AGREEMENT)) {
2277 SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG, SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT);
2278 return 0;
2279 }
2280 if ((alg_k & SSL_kECDHe) && TLS1_get_version(s) < TLS1_2_VERSION) {
2281 /* signature alg must be ECDSA */
2282 if (pk_nid != NID_X9_62_id_ecPublicKey) {
2283 SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG, SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE);
2284 return 0;
2285 }
2286 }
2287 if ((alg_k & SSL_kECDHr) && TLS1_get_version(s) < TLS1_2_VERSION) {
2288 /* signature alg must be RSA */
2289
2290 if (pk_nid != NID_rsaEncryption && pk_nid != NID_rsa) {
2291 SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG, SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE);
2292 return 0;
2293 }
2294 }
2295 }
2296 if (alg_a & SSL_aECDSA) {
2297 /* key usage, if present, must allow signing */
2298 if (ku_reject(x, X509v3_KU_DIGITAL_SIGNATURE)) {
2299 SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG, SSL_R_ECC_CERT_NOT_FOR_SIGNING);
2300 return 0;
2301 }
2302 }
2303
2304 return 1;
2305 /* all checks are ok */
2306}
2307
2308#endif
2309
2310/* THIS NEEDS CLEANING UP */
2311CERT_PKEY
2312*ssl_get_server_send_pkey(const SSL *s)
2313{
2314 unsigned long alg_k, alg_a;
2315 CERT *c;
2316 int i;
2317
2318 c = s->cert;
2319 ssl_set_cert_masks(c, s->s3->tmp.new_cipher);
2320
2321 alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
2322 alg_a = s->s3->tmp.new_cipher->algorithm_auth;
2323
2324 if (alg_k & (SSL_kECDHr|SSL_kECDHe)) {
2325 /* we don't need to look at SSL_kEECDH
2326 * since no certificate is needed for
2327 * anon ECDH and for authenticated
2328 * EECDH, the check for the auth
2329 * algorithm will set i correctly
2330 * NOTE: For ECDH-RSA, we need an ECC
2331 * not an RSA cert but for EECDH-RSA
2332 * we need an RSA cert. Placing the
2333 * checks for SSL_kECDH before RSA
2334 * checks ensures the correct cert is chosen.
2335 */
2336 i = SSL_PKEY_ECC;
2337 } else if (alg_a & SSL_aECDSA) {
2338 i = SSL_PKEY_ECC;
2339 } else if (alg_k & SSL_kDHr)
2340 i = SSL_PKEY_DH_RSA;
2341 else if (alg_k & SSL_kDHd)
2342 i = SSL_PKEY_DH_DSA;
2343 else if (alg_a & SSL_aDSS)
2344 i = SSL_PKEY_DSA_SIGN;
2345 else if (alg_a & SSL_aRSA) {
2346 if (c->pkeys[SSL_PKEY_RSA_ENC].x509 == NULL)
2347 i = SSL_PKEY_RSA_SIGN;
2348 else
2349 i = SSL_PKEY_RSA_ENC;
2350 } else if (alg_a & SSL_aKRB5) {
2351 /* VRS something else here? */
2352 return (NULL);
2353 } else if (alg_a & SSL_aGOST94)
2354 i = SSL_PKEY_GOST94;
2355 else if (alg_a & SSL_aGOST01)
2356 i = SSL_PKEY_GOST01;
2357 else /* if (alg_a & SSL_aNULL) */
2358 {
2359 SSLerr(SSL_F_SSL_GET_SERVER_SEND_PKEY, ERR_R_INTERNAL_ERROR);
2360 return (NULL);
2361 }
2362
2363 return c->pkeys + i;
2364}
2365
2366X509
2367*ssl_get_server_send_cert(const SSL *s)
2368{
2369 CERT_PKEY *cpk;
2370 cpk = ssl_get_server_send_pkey(s);
2371 if (!cpk)
2372 return NULL;
2373 return cpk->x509;
2374}
2375
2376EVP_PKEY
2377*ssl_get_sign_pkey(SSL *s, const SSL_CIPHER *cipher, const EVP_MD **pmd)
2378{
2379 unsigned long alg_a;
2380 CERT *c;
2381 int idx = -1;
2382
2383 alg_a = cipher->algorithm_auth;
2384 c = s->cert;
2385
2386 if ((alg_a & SSL_aDSS) &&
2387 (c->pkeys[SSL_PKEY_DSA_SIGN].privatekey != NULL))
2388 idx = SSL_PKEY_DSA_SIGN;
2389 else if (alg_a & SSL_aRSA) {
2390 if (c->pkeys[SSL_PKEY_RSA_SIGN].privatekey != NULL)
2391 idx = SSL_PKEY_RSA_SIGN;
2392 else if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey != NULL)
2393 idx = SSL_PKEY_RSA_ENC;
2394 } else if ((alg_a & SSL_aECDSA) &&
2395 (c->pkeys[SSL_PKEY_ECC].privatekey != NULL))
2396 idx = SSL_PKEY_ECC;
2397 if (idx == -1) {
2398 SSLerr(SSL_F_SSL_GET_SIGN_PKEY, ERR_R_INTERNAL_ERROR);
2399 return (NULL);
2400 }
2401 if (pmd)
2402 *pmd = c->pkeys[idx].digest;
2403 return c->pkeys[idx].privatekey;
2404}
2405
2406void
2407ssl_update_cache(SSL *s, int mode)
2408{
2409 int i;
2410
2411 /* If the session_id_length is 0, we are not supposed to cache it,
2412 * and it would be rather hard to do anyway :-) */
2413 if (s->session->session_id_length == 0)
2414 return;
2415
2416 i = s->session_ctx->session_cache_mode;
2417 if ((i & mode) && (!s->hit)
2418 && ((i & SSL_SESS_CACHE_NO_INTERNAL_STORE)
2419 || SSL_CTX_add_session(s->session_ctx, s->session))
2420 && (s->session_ctx->new_session_cb != NULL)) {
2421 CRYPTO_add(&s->session->references, 1, CRYPTO_LOCK_SSL_SESSION);
2422 if (!s->session_ctx->new_session_cb(s, s->session))
2423 SSL_SESSION_free(s->session);
2424 }
2425
2426 /* auto flush every 255 connections */
2427 if ((!(i & SSL_SESS_CACHE_NO_AUTO_CLEAR)) &&
2428 ((i & mode) == mode)) {
2429 if ((((mode & SSL_SESS_CACHE_CLIENT)
2430 ?s->session_ctx->stats.sess_connect_good
2431 :s->session_ctx->stats.sess_accept_good) & 0xff) == 0xff) {
2432 SSL_CTX_flush_sessions(s->session_ctx,(unsigned long)time(NULL));
2433 }
2434 }
2435}
2436
2437const SSL_METHOD
2438*SSL_get_ssl_method(SSL *s)
2439{
2440 return (s->method);
2441}
2442
2443int
2444SSL_set_ssl_method(SSL *s, const SSL_METHOD *meth)
2445{
2446 int conn = -1;
2447 int ret = 1;
2448
2449 if (s->method != meth) {
2450 if (s->handshake_func != NULL)
2451 conn = (s->handshake_func == s->method->ssl_connect);
2452
2453 if (s->method->version == meth->version)
2454 s->method = meth;
2455 else {
2456 s->method->ssl_free(s);
2457 s->method = meth;
2458 ret = s->method->ssl_new(s);
2459 }
2460
2461 if (conn == 1)
2462 s->handshake_func = meth->ssl_connect;
2463 else if (conn == 0)
2464 s->handshake_func = meth->ssl_accept;
2465 }
2466 return (ret);
2467}
2468
2469int
2470SSL_get_error(const SSL *s, int i)
2471{
2472 int reason;
2473 unsigned long l;
2474 BIO *bio;
2475
2476 if (i > 0)
2477 return (SSL_ERROR_NONE);
2478
2479 /* Make things return SSL_ERROR_SYSCALL when doing SSL_do_handshake
2480 * etc, where we do encode the error */
2481 if ((l = ERR_peek_error()) != 0) {
2482 if (ERR_GET_LIB(l) == ERR_LIB_SYS)
2483 return (SSL_ERROR_SYSCALL);
2484 else
2485 return (SSL_ERROR_SSL);
2486 }
2487
2488 if ((i < 0) && SSL_want_read(s)) {
2489 bio = SSL_get_rbio(s);
2490 if (BIO_should_read(bio))
2491 return (SSL_ERROR_WANT_READ);
2492 else if (BIO_should_write(bio))
2493 /* This one doesn't make too much sense ... We never try
2494 * to write to the rbio, and an application program where
2495 * rbio and wbio are separate couldn't even know what it
2496 * should wait for.
2497 * However if we ever set s->rwstate incorrectly
2498 * (so that we have SSL_want_read(s) instead of
2499 * SSL_want_write(s)) and rbio and wbio *are* the same,
2500 * this test works around that bug; so it might be safer
2501 * to keep it. */
2502 return (SSL_ERROR_WANT_WRITE);
2503 else if (BIO_should_io_special(bio)) {
2504 reason = BIO_get_retry_reason(bio);
2505 if (reason == BIO_RR_CONNECT)
2506 return (SSL_ERROR_WANT_CONNECT);
2507 else if (reason == BIO_RR_ACCEPT)
2508 return (SSL_ERROR_WANT_ACCEPT);
2509 else
2510 return(SSL_ERROR_SYSCALL); /* unknown */
2511 }
2512 }
2513
2514 if ((i < 0) && SSL_want_write(s)) {
2515 bio = SSL_get_wbio(s);
2516 if (BIO_should_write(bio))
2517 return (SSL_ERROR_WANT_WRITE);
2518 else if (BIO_should_read(bio))
2519 /* See above (SSL_want_read(s) with BIO_should_write(bio)) */
2520 return (SSL_ERROR_WANT_READ);
2521 else if (BIO_should_io_special(bio)) {
2522 reason = BIO_get_retry_reason(bio);
2523 if (reason == BIO_RR_CONNECT)
2524 return (SSL_ERROR_WANT_CONNECT);
2525 else if (reason == BIO_RR_ACCEPT)
2526 return (SSL_ERROR_WANT_ACCEPT);
2527 else
2528 return (SSL_ERROR_SYSCALL);
2529 }
2530 }
2531 if ((i < 0) && SSL_want_x509_lookup(s)) {
2532 return (SSL_ERROR_WANT_X509_LOOKUP);
2533 }
2534
2535 if (i == 0) {
2536 if (s->version == SSL2_VERSION) {
2537 /* assume it is the socket being closed */
2538 return (SSL_ERROR_ZERO_RETURN);
2539 } else {
2540 if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) &&
2541 (s->s3->warn_alert == SSL_AD_CLOSE_NOTIFY))
2542 return (SSL_ERROR_ZERO_RETURN);
2543 }
2544 }
2545 return (SSL_ERROR_SYSCALL);
2546}
2547
2548int
2549SSL_do_handshake(SSL *s)
2550{
2551 int ret = 1;
2552
2553 if (s->handshake_func == NULL) {
2554 SSLerr(SSL_F_SSL_DO_HANDSHAKE, SSL_R_CONNECTION_TYPE_NOT_SET);
2555 return (-1);
2556 }
2557
2558 s->method->ssl_renegotiate_check(s);
2559
2560 if (SSL_in_init(s) || SSL_in_before(s)) {
2561 ret = s->handshake_func(s);
2562 }
2563 return (ret);
2564}
2565
2566/* For the next 2 functions, SSL_clear() sets shutdown and so
2567 * one of these calls will reset it */
2568void
2569SSL_set_accept_state(SSL *s)
2570{
2571 s->server = 1;
2572 s->shutdown = 0;
2573 s->state = SSL_ST_ACCEPT|SSL_ST_BEFORE;
2574 s->handshake_func = s->method->ssl_accept;
2575 /* clear the current cipher */
2576 ssl_clear_cipher_ctx(s);
2577 ssl_clear_hash_ctx(&s->read_hash);
2578 ssl_clear_hash_ctx(&s->write_hash);
2579}
2580
2581void
2582SSL_set_connect_state(SSL *s)
2583{
2584 s->server = 0;
2585 s->shutdown = 0;
2586 s->state = SSL_ST_CONNECT|SSL_ST_BEFORE;
2587 s->handshake_func = s->method->ssl_connect;
2588 /* clear the current cipher */
2589 ssl_clear_cipher_ctx(s);
2590 ssl_clear_hash_ctx(&s->read_hash);
2591 ssl_clear_hash_ctx(&s->write_hash);
2592}
2593
2594int
2595ssl_undefined_function(SSL *s)
2596{
2597 SSLerr(SSL_F_SSL_UNDEFINED_FUNCTION, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2598 return (0);
2599}
2600
2601int
2602ssl_undefined_void_function(void)
2603{
2604 SSLerr(SSL_F_SSL_UNDEFINED_VOID_FUNCTION, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2605 return (0);
2606}
2607
2608int
2609ssl_undefined_const_function(const SSL *s)
2610{
2611 SSLerr(SSL_F_SSL_UNDEFINED_CONST_FUNCTION, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2612 return (0);
2613}
2614
2615SSL_METHOD
2616*ssl_bad_method(int ver)
2617{
2618 SSLerr(SSL_F_SSL_BAD_METHOD, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2619 return (NULL);
2620}
2621
2622const char
2623*SSL_get_version(const SSL *s)
2624{
2625 if (s->version == TLS1_2_VERSION)
2626 return("TLSv1.2");
2627 else if (s->version == TLS1_1_VERSION)
2628 return("TLSv1.1");
2629 else if (s->version == TLS1_VERSION)
2630 return("TLSv1");
2631 else if (s->version == SSL3_VERSION)
2632 return("SSLv3");
2633 else if (s->version == SSL2_VERSION)
2634 return("SSLv2");
2635 else
2636 return("unknown");
2637}
2638
2639SSL
2640*SSL_dup(SSL *s)
2641{
2642 STACK_OF(X509_NAME) *sk;
2643 X509_NAME *xn;
2644 SSL *ret;
2645 int i;
2646
2647 if ((ret = SSL_new(SSL_get_SSL_CTX(s))) == NULL)
2648 return (NULL);
2649
2650 ret->version = s->version;
2651 ret->type = s->type;
2652 ret->method = s->method;
2653
2654 if (s->session != NULL) {
2655 /* This copies session-id, SSL_METHOD, sid_ctx, and 'cert' */
2656 SSL_copy_session_id(ret, s);
2657 } else {
2658 /* No session has been established yet, so we have to expect
2659 * that s->cert or ret->cert will be changed later --
2660 * they should not both point to the same object,
2661 * and thus we can't use SSL_copy_session_id. */
2662
2663 ret->method->ssl_free(ret);
2664 ret->method = s->method;
2665 ret->method->ssl_new(ret);
2666
2667 if (s->cert != NULL) {
2668 if (ret->cert != NULL) {
2669 ssl_cert_free(ret->cert);
2670 }
2671 ret->cert = ssl_cert_dup(s->cert);
2672 if (ret->cert == NULL)
2673 goto err;
2674 }
2675
2676 SSL_set_session_id_context(ret,
2677 s->sid_ctx, s->sid_ctx_length);
2678 }
2679
2680 ret->options = s->options;
2681 ret->mode = s->mode;
2682 SSL_set_max_cert_list(ret, SSL_get_max_cert_list(s));
2683 SSL_set_read_ahead(ret, SSL_get_read_ahead(s));
2684 ret->msg_callback = s->msg_callback;
2685 ret->msg_callback_arg = s->msg_callback_arg;
2686 SSL_set_verify(ret, SSL_get_verify_mode(s),
2687 SSL_get_verify_callback(s));
2688 SSL_set_verify_depth(ret, SSL_get_verify_depth(s));
2689 ret->generate_session_id = s->generate_session_id;
2690
2691 SSL_set_info_callback(ret, SSL_get_info_callback(s));
2692
2693 ret->debug = s->debug;
2694
2695 /* copy app data, a little dangerous perhaps */
2696 if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL, &ret->ex_data, &s->ex_data))
2697 goto err;
2698
2699 /* setup rbio, and wbio */
2700 if (s->rbio != NULL) {
2701 if (!BIO_dup_state(s->rbio,(char *)&ret->rbio))
2702 goto err;
2703 }
2704 if (s->wbio != NULL) {
2705 if (s->wbio != s->rbio) {
2706 if (!BIO_dup_state(s->wbio,(char *)&ret->wbio))
2707 goto err;
2708 } else
2709 ret->wbio = ret->rbio;
2710 }
2711 ret->rwstate = s->rwstate;
2712 ret->in_handshake = s->in_handshake;
2713 ret->handshake_func = s->handshake_func;
2714 ret->server = s->server;
2715 ret->renegotiate = s->renegotiate;
2716 ret->new_session = s->new_session;
2717 ret->quiet_shutdown = s->quiet_shutdown;
2718 ret->shutdown = s->shutdown;
2719 ret->state=s->state; /* SSL_dup does not really work at any state, though */
2720 ret->rstate = s->rstate;
2721 ret->init_num = 0; /* would have to copy ret->init_buf, ret->init_msg, ret->init_num, ret->init_off */
2722 ret->hit = s->hit;
2723
2724 X509_VERIFY_PARAM_inherit(ret->param, s->param);
2725
2726 /* dup the cipher_list and cipher_list_by_id stacks */
2727 if (s->cipher_list != NULL) {
2728 if ((ret->cipher_list = sk_SSL_CIPHER_dup(s->cipher_list)) == NULL)
2729 goto err;
2730 }
2731 if (s->cipher_list_by_id != NULL)
2732 if ((ret->cipher_list_by_id = sk_SSL_CIPHER_dup(s->cipher_list_by_id))
2733 == NULL)
2734 goto err;
2735
2736 /* Dup the client_CA list */
2737 if (s->client_CA != NULL) {
2738 if ((sk = sk_X509_NAME_dup(s->client_CA)) == NULL) goto err;
2739 ret->client_CA = sk;
2740 for (i = 0; i < sk_X509_NAME_num(sk); i++) {
2741 xn = sk_X509_NAME_value(sk, i);
2742 if (sk_X509_NAME_set(sk, i, X509_NAME_dup(xn)) == NULL) {
2743 X509_NAME_free(xn);
2744 goto err;
2745 }
2746 }
2747 }
2748
2749 if (0) {
2750err:
2751 if (ret != NULL)
2752 SSL_free(ret);
2753 ret = NULL;
2754 }
2755 return (ret);
2756}
2757
2758void
2759ssl_clear_cipher_ctx(SSL *s)
2760{
2761 if (s->enc_read_ctx != NULL) {
2762 EVP_CIPHER_CTX_cleanup(s->enc_read_ctx);
2763 OPENSSL_free(s->enc_read_ctx);
2764 s->enc_read_ctx = NULL;
2765 }
2766 if (s->enc_write_ctx != NULL) {
2767 EVP_CIPHER_CTX_cleanup(s->enc_write_ctx);
2768 OPENSSL_free(s->enc_write_ctx);
2769 s->enc_write_ctx = NULL;
2770 }
2771#ifndef OPENSSL_NO_COMP
2772 if (s->expand != NULL) {
2773 COMP_CTX_free(s->expand);
2774 s->expand = NULL;
2775 }
2776 if (s->compress != NULL) {
2777 COMP_CTX_free(s->compress);
2778 s->compress = NULL;
2779 }
2780#endif
2781}
2782
2783/* Fix this function so that it takes an optional type parameter */
2784X509
2785*SSL_get_certificate(const SSL *s)
2786{
2787 if (s->cert != NULL)
2788 return (s->cert->key->x509);
2789 else
2790 return (NULL);
2791}
2792
2793/* Fix this function so that it takes an optional type parameter */
2794EVP_PKEY
2795*SSL_get_privatekey(SSL *s)
2796{
2797 if (s->cert != NULL)
2798 return (s->cert->key->privatekey);
2799 else
2800 return (NULL);
2801}
2802
2803const SSL_CIPHER
2804*SSL_get_current_cipher(const SSL *s)
2805{
2806 if ((s->session != NULL) && (s->session->cipher != NULL))
2807 return (s->session->cipher);
2808 return (NULL);
2809}
2810#ifdef OPENSSL_NO_COMP
2811const void
2812*SSL_get_current_compression(SSL *s)
2813{
2814 return NULL;
2815}
2816
2817const void
2818*SSL_get_current_expansion(SSL *s)
2819{
2820 return NULL;
2821}
2822#else
2823
2824const COMP_METHOD
2825*SSL_get_current_compression(SSL *s)
2826{
2827 if (s->compress != NULL)
2828 return (s->compress->meth);
2829 return (NULL);
2830}
2831
2832const COMP_METHOD
2833*SSL_get_current_expansion(SSL *s)
2834{
2835 if (s->expand != NULL)
2836 return (s->expand->meth);
2837 return (NULL);
2838}
2839#endif
2840
2841int
2842ssl_init_wbio_buffer(SSL *s, int push)
2843{
2844 BIO *bbio;
2845
2846 if (s->bbio == NULL) {
2847 bbio = BIO_new(BIO_f_buffer());
2848 if (bbio == NULL)
2849 return (0);
2850 s->bbio = bbio;
2851 } else {
2852 bbio = s->bbio;
2853 if (s->bbio == s->wbio)
2854 s->wbio = BIO_pop(s->wbio);
2855 }
2856 (void)BIO_reset(bbio);
2857/* if (!BIO_set_write_buffer_size(bbio,16*1024)) */
2858 if (!BIO_set_read_buffer_size(bbio, 1)) {
2859 SSLerr(SSL_F_SSL_INIT_WBIO_BUFFER, ERR_R_BUF_LIB);
2860 return (0);
2861 }
2862 if (push) {
2863 if (s->wbio != bbio)
2864 s->wbio = BIO_push(bbio, s->wbio);
2865 } else {
2866 if (s->wbio == bbio)
2867 s->wbio = BIO_pop(bbio);
2868 }
2869 return (1);
2870}
2871
2872void
2873ssl_free_wbio_buffer(SSL *s)
2874{
2875 if (s->bbio == NULL)
2876 return;
2877
2878 if (s->bbio == s->wbio) {
2879 /* remove buffering */
2880 s->wbio = BIO_pop(s->wbio);
2881#ifdef REF_CHECK /* not the usual REF_CHECK, but this avoids adding one more preprocessor symbol */
2882 assert(s->wbio != NULL);
2883#endif
2884 }
2885 BIO_free(s->bbio);
2886 s->bbio = NULL;
2887}
2888
2889void
2890SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode)
2891{
2892 ctx->quiet_shutdown = mode;
2893}
2894
2895int
2896SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx)
2897{
2898 return (ctx->quiet_shutdown);
2899}
2900
2901void
2902SSL_set_quiet_shutdown(SSL *s, int mode)
2903{
2904 s->quiet_shutdown = mode;
2905}
2906
2907int
2908SSL_get_quiet_shutdown(const SSL *s)
2909{
2910 return (s->quiet_shutdown);
2911}
2912
2913void
2914SSL_set_shutdown(SSL *s, int mode)
2915{
2916 s->shutdown = mode;
2917}
2918
2919int
2920SSL_get_shutdown(const SSL *s)
2921{
2922 return (s->shutdown);
2923}
2924
2925int
2926SSL_version(const SSL *s)
2927{
2928 return (s->version);
2929}
2930
2931SSL_CTX
2932*SSL_get_SSL_CTX(const SSL *ssl)
2933{
2934 return (ssl->ctx);
2935}
2936
2937SSL_CTX
2938*SSL_set_SSL_CTX(SSL *ssl, SSL_CTX* ctx)
2939{
2940 if (ssl->ctx == ctx)
2941 return ssl->ctx;
2942#ifndef OPENSSL_NO_TLSEXT
2943 if (ctx == NULL)
2944 ctx = ssl->initial_ctx;
2945#endif
2946 if (ssl->cert != NULL)
2947 ssl_cert_free(ssl->cert);
2948 ssl->cert = ssl_cert_dup(ctx->cert);
2949 CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
2950 if (ssl->ctx != NULL)
2951 SSL_CTX_free(ssl->ctx); /* decrement reference count */
2952 ssl->ctx = ctx;
2953 return (ssl->ctx);
2954}
2955
2956#ifndef OPENSSL_NO_STDIO
2957int
2958SSL_CTX_set_default_verify_paths(SSL_CTX *ctx)
2959{
2960 return (X509_STORE_set_default_paths(ctx->cert_store));
2961}
2962
2963int
2964SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
2965 const char *CApath)
2966{
2967 return (X509_STORE_load_locations(ctx->cert_store, CAfile, CApath));
2968}
2969#endif
2970
2971void
2972SSL_set_info_callback(SSL *ssl,
2973 void (*cb)(const SSL *ssl, int type, int val))
2974{
2975 ssl->info_callback = cb;
2976}
2977
2978/* One compiler (Diab DCC) doesn't like argument names in returned
2979 function pointer. */
2980void (*SSL_get_info_callback(const SSL *ssl))(const SSL * /*ssl*/,int /*type*/,int /*val*/)
2981{
2982 return ssl->info_callback;
2983}
2984
2985int
2986SSL_state(const SSL *ssl)
2987{
2988 return (ssl->state);
2989}
2990
2991void
2992SSL_set_state(SSL *ssl, int state)
2993{
2994 ssl->state = state;
2995}
2996
2997void
2998SSL_set_verify_result(SSL *ssl, long arg)
2999{
3000 ssl->verify_result = arg;
3001}
3002
3003long
3004SSL_get_verify_result(const SSL *ssl)
3005{
3006 return (ssl->verify_result);
3007}
3008
3009int
3010SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
3011 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
3012{
3013 return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL, argl, argp,
3014 new_func, dup_func, free_func);
3015}
3016
3017int
3018SSL_set_ex_data(SSL *s, int idx, void *arg)
3019{
3020 return (CRYPTO_set_ex_data(&s->ex_data, idx, arg));
3021}
3022
3023void
3024*SSL_get_ex_data(const SSL *s, int idx)
3025{
3026 return (CRYPTO_get_ex_data(&s->ex_data, idx));
3027}
3028
3029int
3030SSL_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
3031 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
3032{
3033 return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX, argl, argp,
3034 new_func, dup_func, free_func);
3035}
3036
3037int
3038SSL_CTX_set_ex_data(SSL_CTX *s, int idx, void *arg)
3039{
3040 return (CRYPTO_set_ex_data(&s->ex_data, idx, arg));
3041}
3042
3043void
3044*SSL_CTX_get_ex_data(const SSL_CTX *s, int idx)
3045{
3046 return (CRYPTO_get_ex_data(&s->ex_data, idx));
3047}
3048
3049int
3050ssl_ok(SSL *s)
3051{
3052 return (1);
3053}
3054
3055X509_STORE
3056*SSL_CTX_get_cert_store(const SSL_CTX *ctx)
3057{
3058 return (ctx->cert_store);
3059}
3060
3061void
3062SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *store)
3063{
3064 if (ctx->cert_store != NULL)
3065 X509_STORE_free(ctx->cert_store);
3066 ctx->cert_store = store;
3067}
3068
3069int
3070SSL_want(const SSL *s)
3071{
3072 return (s->rwstate);
3073}
3074
3075/*!
3076 * \brief Set the callback for generating temporary RSA keys.
3077 * \param ctx the SSL context.
3078 * \param cb the callback
3079 */
3080
3081#ifndef OPENSSL_NO_RSA
3082void
3083SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx, RSA *(*cb)(SSL *ssl,
3084 int is_export,
3085int keylength))
3086{
3087 SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_RSA_CB,(void (*)(void))cb);
3088}
3089
3090void
3091SSL_set_tmp_rsa_callback(SSL *ssl, RSA *(*cb)(SSL *ssl,
3092 int is_export,
3093int keylength))
3094{
3095 SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_RSA_CB,(void (*)(void))cb);
3096}
3097#endif
3098
3099#ifdef DOXYGEN
3100/*!
3101 * \brief The RSA temporary key callback function.
3102 * \param ssl the SSL session.
3103 * \param is_export \c TRUE if the temp RSA key is for an export ciphersuite.
3104 * \param keylength if \c is_export is \c TRUE, then \c keylength is the size
3105 * of the required key in bits.
3106 * \return the temporary RSA key.
3107 * \sa SSL_CTX_set_tmp_rsa_callback, SSL_set_tmp_rsa_callback
3108 */
3109
3110RSA
3111*cb(SSL *ssl, int is_export, int keylength)
3112{}
3113#endif
3114
3115/*!
3116 * \brief Set the callback for generating temporary DH keys.
3117 * \param ctx the SSL context.
3118 * \param dh the callback
3119 */
3120
3121#ifndef OPENSSL_NO_DH
3122void
3123SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx, DH *(*dh)(SSL *ssl, int is_export,
3124 int keylength))
3125{
3126 SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_DH_CB,(void (*)(void))dh);
3127}
3128
3129void
3130SSL_set_tmp_dh_callback(SSL *ssl, DH *(*dh)(SSL *ssl, int is_export,
3131 int keylength))
3132{
3133 SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_DH_CB,(void (*)(void))dh);
3134}
3135#endif
3136
3137#ifndef OPENSSL_NO_ECDH
3138void
3139SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx, EC_KEY *(*ecdh)(SSL *ssl, int is_export,
3140 int keylength))
3141{
3142 SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_ECDH_CB,(void (*)(void))ecdh);
3143}
3144
3145void
3146SSL_set_tmp_ecdh_callback(SSL *ssl, EC_KEY *(*ecdh)(SSL *ssl, int is_export,
3147 int keylength))
3148{
3149 SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_ECDH_CB,(void (*)(void))ecdh);
3150}
3151#endif
3152
3153#ifndef OPENSSL_NO_PSK
3154int
3155SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *identity_hint)
3156{
3157 if (identity_hint != NULL && strlen(identity_hint) > PSK_MAX_IDENTITY_LEN) {
3158 SSLerr(SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT, SSL_R_DATA_LENGTH_TOO_LONG);
3159 return 0;
3160 }
3161 if (ctx->psk_identity_hint != NULL)
3162 OPENSSL_free(ctx->psk_identity_hint);
3163 if (identity_hint != NULL) {
3164 ctx->psk_identity_hint = BUF_strdup(identity_hint);
3165 if (ctx->psk_identity_hint == NULL)
3166 return 0;
3167 } else
3168 ctx->psk_identity_hint = NULL;
3169 return 1;
3170}
3171
3172int
3173SSL_use_psk_identity_hint(SSL *s, const char *identity_hint)
3174{
3175 if (s == NULL)
3176 return 0;
3177
3178 if (s->session == NULL)
3179 return 1; /* session not created yet, ignored */
3180
3181 if (identity_hint != NULL && strlen(identity_hint) > PSK_MAX_IDENTITY_LEN) {
3182 SSLerr(SSL_F_SSL_USE_PSK_IDENTITY_HINT, SSL_R_DATA_LENGTH_TOO_LONG);
3183 return 0;
3184 }
3185 if (s->session->psk_identity_hint != NULL)
3186 OPENSSL_free(s->session->psk_identity_hint);
3187 if (identity_hint != NULL) {
3188 s->session->psk_identity_hint = BUF_strdup(identity_hint);
3189 if (s->session->psk_identity_hint == NULL)
3190 return 0;
3191 } else
3192 s->session->psk_identity_hint = NULL;
3193 return 1;
3194}
3195
3196const char
3197*SSL_get_psk_identity_hint(const SSL *s)
3198{
3199 if (s == NULL || s->session == NULL)
3200 return NULL;
3201 return (s->session->psk_identity_hint);
3202}
3203
3204const char
3205*SSL_get_psk_identity(const SSL *s)
3206{
3207 if (s == NULL || s->session == NULL)
3208 return NULL;
3209 return (s->session->psk_identity);
3210}
3211
3212void
3213SSL_set_psk_client_callback(SSL *s,
3214 unsigned int (*cb)(SSL *ssl, const char *hint,
3215char *identity, unsigned int max_identity_len, unsigned char *psk,
3216 unsigned int max_psk_len))
3217{
3218 s->psk_client_callback = cb;
3219}
3220
3221void
3222SSL_CTX_set_psk_client_callback(SSL_CTX *ctx,
3223 unsigned int (*cb)(SSL *ssl, const char *hint,
3224char *identity, unsigned int max_identity_len, unsigned char *psk,
3225 unsigned int max_psk_len))
3226{
3227 ctx->psk_client_callback = cb;
3228}
3229
3230void
3231SSL_set_psk_server_callback(SSL *s,
3232 unsigned int (*cb)(SSL *ssl, const char *identity,
3233unsigned char *psk, unsigned int max_psk_len))
3234{
3235 s->psk_server_callback = cb;
3236}
3237
3238void
3239SSL_CTX_set_psk_server_callback(SSL_CTX *ctx,
3240 unsigned int (*cb)(SSL *ssl, const char *identity,
3241unsigned char *psk, unsigned int max_psk_len))
3242{
3243 ctx->psk_server_callback = cb;
3244}
3245#endif
3246
3247void
3248SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg))
3249{
3250 SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb);
3251}
3252
3253void
3254SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg))
3255{
3256 SSL_callback_ctrl(ssl, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb);
3257}
3258
3259/* Allocates new EVP_MD_CTX and sets pointer to it into given pointer
3260 * vairable, freeing EVP_MD_CTX previously stored in that variable, if
3261 * any. If EVP_MD pointer is passed, initializes ctx with this md
3262 * Returns newly allocated ctx;
3263 */
3264
3265EVP_MD_CTX
3266*ssl_replace_hash(EVP_MD_CTX **hash, const EVP_MD *md)
3267{
3268 ssl_clear_hash_ctx(hash);
3269 *hash = EVP_MD_CTX_create();
3270 if (md)
3271 EVP_DigestInit_ex(*hash, md, NULL);
3272 return *hash;
3273}
3274
3275void
3276ssl_clear_hash_ctx(EVP_MD_CTX **hash)
3277{
3278
3279 if (*hash)
3280 EVP_MD_CTX_destroy(*hash);
3281 *hash = NULL;
3282}
3283
3284void
3285SSL_set_debug(SSL *s, int debug)
3286{
3287 s->debug = debug;
3288}
3289
3290int
3291SSL_cache_hit(SSL *s)
3292{
3293 return s->hit;
3294}
3295
3296IMPLEMENT_STACK_OF(SSL_CIPHER)
3297IMPLEMENT_STACK_OF(SSL_COMP)
3298IMPLEMENT_OBJ_BSEARCH_GLOBAL_CMP_FN(SSL_CIPHER, SSL_CIPHER,
3299ssl_cipher_id);
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-10-24 03:58:57 +0000