summaryrefslogtreecommitdiff
path: root/src/lib/libssl/ssl_lib.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libssl/ssl_lib.c')
-rw-r--r--src/lib/libssl/ssl_lib.c219
1 files changed, 111 insertions, 108 deletions
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
index 830f574183..21a48da182 100644
--- a/src/lib/libssl/ssl_lib.c
+++ b/src/lib/libssl/ssl_lib.c
@@ -7,21 +7,21 @@
7 * This package is an SSL implementation written 7 * This package is an SSL implementation written
8 * by Eric Young (eay@cryptsoft.com). 8 * by Eric Young (eay@cryptsoft.com).
9 * The implementation was written so as to conform with Netscapes SSL. 9 * The implementation was written so as to conform with Netscapes SSL.
10 * 10 *
11 * This library is free for commercial and non-commercial use as long as 11 * This library is free for commercial and non-commercial use as long as
12 * the following conditions are aheared to. The following conditions 12 * the following conditions are aheared to. The following conditions
13 * apply to all code found in this distribution, be it the RC4, RSA, 13 * apply to all code found in this distribution, be it the RC4, RSA,
14 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 14 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
15 * included with this distribution is covered by the same copyright terms 15 * included with this distribution is covered by the same copyright terms
16 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 16 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
17 * 17 *
18 * Copyright remains Eric Young's, and as such any Copyright notices in 18 * Copyright remains Eric Young's, and as such any Copyright notices in
19 * the code are not to be removed. 19 * the code are not to be removed.
20 * If this package is used in a product, Eric Young should be given attribution 20 * If this package is used in a product, Eric Young should be given attribution
21 * as the author of the parts of the library used. 21 * as the author of the parts of the library used.
22 * This can be in the form of a textual message at program startup or 22 * This can be in the form of a textual message at program startup or
23 * in documentation (online or textual) provided with the package. 23 * in documentation (online or textual) provided with the package.
24 * 24 *
25 * Redistribution and use in source and binary forms, with or without 25 * Redistribution and use in source and binary forms, with or without
26 * modification, are permitted provided that the following conditions 26 * modification, are permitted provided that the following conditions
27 * are met: 27 * are met:
@@ -36,10 +36,10 @@
36 * Eric Young (eay@cryptsoft.com)" 36 * Eric Young (eay@cryptsoft.com)"
37 * The word 'cryptographic' can be left out if the rouines from the library 37 * The word 'cryptographic' can be left out if the rouines from the library
38 * being used are not cryptographic related :-). 38 * being used are not cryptographic related :-).
39 * 4. If you include any Windows specific code (or a derivative thereof) from 39 * 4. If you include any Windows specific code (or a derivative thereof) from
40 * the apps directory (application code) you must include an acknowledgement: 40 * the apps directory (application code) you must include an acknowledgement:
41 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 41 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
42 * 42 *
43 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 43 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
44 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 44 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
45 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 45 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -51,7 +51,7 @@
51 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 51 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
52 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 52 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
53 * SUCH DAMAGE. 53 * SUCH DAMAGE.
54 * 54 *
55 * The licence and distribution terms for any publically available version or 55 * The licence and distribution terms for any publically available version or
56 * derivative of this code cannot be changed. i.e. this code cannot simply be 56 * derivative of this code cannot be changed. i.e. this code cannot simply be
57 * copied and put under another distribution licence 57 * copied and put under another distribution licence
@@ -65,7 +65,7 @@
65 * are met: 65 * are met:
66 * 66 *
67 * 1. Redistributions of source code must retain the above copyright 67 * 1. Redistributions of source code must retain the above copyright
68 * notice, this list of conditions and the following disclaimer. 68 * notice, this list of conditions and the following disclaimer.
69 * 69 *
70 * 2. Redistributions in binary form must reproduce the above copyright 70 * 2. Redistributions in binary form must reproduce the above copyright
71 * notice, this list of conditions and the following disclaimer in 71 * notice, this list of conditions and the following disclaimer in
@@ -112,7 +112,7 @@
112 */ 112 */
113/* ==================================================================== 113/* ====================================================================
114 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 114 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
115 * ECC cipher suite support in OpenSSL originally developed by 115 * ECC cipher suite support in OpenSSL originally developed by
116 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. 116 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
117 */ 117 */
118/* ==================================================================== 118/* ====================================================================
@@ -203,7 +203,7 @@ SSL_clear(SSL *s)
203 if (s->renegotiate) { 203 if (s->renegotiate) {
204 SSLerr(SSL_F_SSL_CLEAR, 204 SSLerr(SSL_F_SSL_CLEAR,
205 ERR_R_INTERNAL_ERROR); 205 ERR_R_INTERNAL_ERROR);
206 return 0; 206 return (0);
207 } 207 }
208 208
209 s->type = 0; 209 s->type = 0;
@@ -393,12 +393,12 @@ SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx,
393 if (sid_ctx_len > sizeof ctx->sid_ctx) { 393 if (sid_ctx_len > sizeof ctx->sid_ctx) {
394 SSLerr(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT, 394 SSLerr(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT,
395 SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG); 395 SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
396 return 0; 396 return (0);
397 } 397 }
398 ctx->sid_ctx_length = sid_ctx_len; 398 ctx->sid_ctx_length = sid_ctx_len;
399 memcpy(ctx->sid_ctx, sid_ctx, sid_ctx_len); 399 memcpy(ctx->sid_ctx, sid_ctx, sid_ctx_len);
400 400
401 return 1; 401 return (1);
402} 402}
403 403
404int 404int
@@ -407,13 +407,13 @@ SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx,
407{ 407{
408 if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) { 408 if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {
409 SSLerr(SSL_F_SSL_SET_SESSION_ID_CONTEXT, 409 SSLerr(SSL_F_SSL_SET_SESSION_ID_CONTEXT,
410 SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG); 410 SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
411 return 0; 411 return (0);
412 } 412 }
413 ssl->sid_ctx_length = sid_ctx_len; 413 ssl->sid_ctx_length = sid_ctx_len;
414 memcpy(ssl->sid_ctx, sid_ctx, sid_ctx_len); 414 memcpy(ssl->sid_ctx, sid_ctx, sid_ctx_len);
415 415
416 return 1; 416 return (1);
417} 417}
418 418
419int 419int
@@ -422,7 +422,7 @@ SSL_CTX_set_generate_session_id(SSL_CTX *ctx, GEN_SESSION_CB cb)
422 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX); 422 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
423 ctx->generate_session_id = cb; 423 ctx->generate_session_id = cb;
424 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX); 424 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
425 return 1; 425 return (1);
426} 426}
427 427
428int 428int
@@ -431,7 +431,7 @@ SSL_set_generate_session_id(SSL *ssl, GEN_SESSION_CB cb)
431 CRYPTO_w_lock(CRYPTO_LOCK_SSL); 431 CRYPTO_w_lock(CRYPTO_LOCK_SSL);
432 ssl->generate_session_id = cb; 432 ssl->generate_session_id = cb;
433 CRYPTO_w_unlock(CRYPTO_LOCK_SSL); 433 CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
434 return 1; 434 return (1);
435} 435}
436 436
437int 437int
@@ -448,7 +448,7 @@ SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
448 SSL_SESSION r, *p; 448 SSL_SESSION r, *p;
449 449
450 if (id_len > sizeof r.session_id) 450 if (id_len > sizeof r.session_id)
451 return 0; 451 return (0);
452 452
453 r.ssl_version = ssl->version; 453 r.ssl_version = ssl->version;
454 r.session_id_length = id_len; 454 r.session_id_length = id_len;
@@ -463,37 +463,37 @@ SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
463int 463int
464SSL_CTX_set_purpose(SSL_CTX *s, int purpose) 464SSL_CTX_set_purpose(SSL_CTX *s, int purpose)
465{ 465{
466 return X509_VERIFY_PARAM_set_purpose(s->param, purpose); 466 return (X509_VERIFY_PARAM_set_purpose(s->param, purpose));
467} 467}
468 468
469int 469int
470SSL_set_purpose(SSL *s, int purpose) 470SSL_set_purpose(SSL *s, int purpose)
471{ 471{
472 return X509_VERIFY_PARAM_set_purpose(s->param, purpose); 472 return (X509_VERIFY_PARAM_set_purpose(s->param, purpose));
473} 473}
474 474
475int 475int
476SSL_CTX_set_trust(SSL_CTX *s, int trust) 476SSL_CTX_set_trust(SSL_CTX *s, int trust)
477{ 477{
478 return X509_VERIFY_PARAM_set_trust(s->param, trust); 478 return (X509_VERIFY_PARAM_set_trust(s->param, trust));
479} 479}
480 480
481int 481int
482SSL_set_trust(SSL *s, int trust) 482SSL_set_trust(SSL *s, int trust)
483{ 483{
484 return X509_VERIFY_PARAM_set_trust(s->param, trust); 484 return (X509_VERIFY_PARAM_set_trust(s->param, trust));
485} 485}
486 486
487int 487int
488SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm) 488SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm)
489{ 489{
490 return X509_VERIFY_PARAM_set1(ctx->param, vpm); 490 return (X509_VERIFY_PARAM_set1(ctx->param, vpm));
491} 491}
492 492
493int 493int
494SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm) 494SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm)
495{ 495{
496 return X509_VERIFY_PARAM_set1(ssl->param, vpm); 496 return (X509_VERIFY_PARAM_set1(ssl->param, vpm));
497} 497}
498 498
499void 499void
@@ -743,7 +743,7 @@ SSL_get_finished(const SSL *s, void *buf, size_t count)
743 count = ret; 743 count = ret;
744 memcpy(buf, s->s3->tmp.finish_md, count); 744 memcpy(buf, s->s3->tmp.finish_md, count);
745 } 745 }
746 return ret; 746 return (ret);
747} 747}
748 748
749/* return length of latest Finished message we expected, copy to 'buf' */ 749/* return length of latest Finished message we expected, copy to 'buf' */
@@ -758,7 +758,7 @@ SSL_get_peer_finished(const SSL *s, void *buf, size_t count)
758 count = ret; 758 count = ret;
759 memcpy(buf, s->s3->tmp.peer_finish_md, count); 759 memcpy(buf, s->s3->tmp.peer_finish_md, count);
760 } 760 }
761 return ret; 761 return (ret);
762} 762}
763 763
764 764
@@ -771,10 +771,11 @@ SSL_get_verify_mode(const SSL *s)
771int 771int
772SSL_get_verify_depth(const SSL *s) 772SSL_get_verify_depth(const SSL *s)
773{ 773{
774 return X509_VERIFY_PARAM_get_depth(s->param); 774 return (X509_VERIFY_PARAM_get_depth(s->param));
775} 775}
776 776
777int (*SSL_get_verify_callback(const SSL *s))(int, X509_STORE_CTX *) 777int
778(*SSL_get_verify_callback(const SSL *s))(int, X509_STORE_CTX *)
778{ 779{
779 return (s->verify_callback); 780 return (s->verify_callback);
780} 781}
@@ -788,7 +789,7 @@ SSL_CTX_get_verify_mode(const SSL_CTX *ctx)
788int 789int
789SSL_CTX_get_verify_depth(const SSL_CTX *ctx) 790SSL_CTX_get_verify_depth(const SSL_CTX *ctx)
790{ 791{
791 return X509_VERIFY_PARAM_get_depth(ctx->param); 792 return (X509_VERIFY_PARAM_get_depth(ctx->param));
792} 793}
793 794
794int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))(int, X509_STORE_CTX *) 795int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))(int, X509_STORE_CTX *)
@@ -938,7 +939,7 @@ SSL_check_private_key(const SSL *ssl)
938 if (ssl->cert == NULL) { 939 if (ssl->cert == NULL) {
939 SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY, 940 SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,
940 SSL_R_NO_CERTIFICATE_ASSIGNED); 941 SSL_R_NO_CERTIFICATE_ASSIGNED);
941 return 0; 942 return (0);
942 } 943 }
943 if (ssl->cert->key->x509 == NULL) { 944 if (ssl->cert->key->x509 == NULL) {
944 SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY, 945 SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,
@@ -984,7 +985,7 @@ SSL_read(SSL *s, void *buf, int num)
984 if (s->handshake_func == 0) { 985 if (s->handshake_func == 0) {
985 SSLerr(SSL_F_SSL_READ, 986 SSLerr(SSL_F_SSL_READ,
986 SSL_R_UNINITIALIZED); 987 SSL_R_UNINITIALIZED);
987 return -1; 988 return (-1);
988 } 989 }
989 990
990 if (s->shutdown & SSL_RECEIVED_SHUTDOWN) { 991 if (s->shutdown & SSL_RECEIVED_SHUTDOWN) {
@@ -1000,7 +1001,7 @@ SSL_peek(SSL *s, void *buf, int num)
1000 if (s->handshake_func == 0) { 1001 if (s->handshake_func == 0) {
1001 SSLerr(SSL_F_SSL_PEEK, 1002 SSLerr(SSL_F_SSL_PEEK,
1002 SSL_R_UNINITIALIZED); 1003 SSL_R_UNINITIALIZED);
1003 return -1; 1004 return (-1);
1004 } 1005 }
1005 1006
1006 if (s->shutdown & SSL_RECEIVED_SHUTDOWN) { 1007 if (s->shutdown & SSL_RECEIVED_SHUTDOWN) {
@@ -1015,7 +1016,7 @@ SSL_write(SSL *s, const void *buf, int num)
1015 if (s->handshake_func == 0) { 1016 if (s->handshake_func == 0) {
1016 SSLerr(SSL_F_SSL_WRITE, 1017 SSLerr(SSL_F_SSL_WRITE,
1017 SSL_R_UNINITIALIZED); 1018 SSL_R_UNINITIALIZED);
1018 return -1; 1019 return (-1);
1019 } 1020 }
1020 1021
1021 if (s->shutdown & SSL_SENT_SHUTDOWN) { 1022 if (s->shutdown & SSL_SENT_SHUTDOWN) {
@@ -1040,7 +1041,7 @@ SSL_shutdown(SSL *s)
1040 if (s->handshake_func == 0) { 1041 if (s->handshake_func == 0) {
1041 SSLerr(SSL_F_SSL_SHUTDOWN, 1042 SSLerr(SSL_F_SSL_SHUTDOWN,
1042 SSL_R_UNINITIALIZED); 1043 SSL_R_UNINITIALIZED);
1043 return -1; 1044 return (-1);
1044 } 1045 }
1045 1046
1046 if ((s != NULL) && !SSL_in_init(s)) 1047 if ((s != NULL) && !SSL_in_init(s))
@@ -1096,7 +1097,7 @@ SSL_ctrl(SSL *s, int cmd, long larg, void *parg)
1096 1097
1097 case SSL_CTRL_SET_MSG_CALLBACK_ARG: 1098 case SSL_CTRL_SET_MSG_CALLBACK_ARG:
1098 s->msg_callback_arg = parg; 1099 s->msg_callback_arg = parg;
1099 return 1; 1100 return (1);
1100 1101
1101 case SSL_CTRL_OPTIONS: 1102 case SSL_CTRL_OPTIONS:
1102 return (s->options|=larg); 1103 return (s->options|=larg);
@@ -1115,24 +1116,24 @@ SSL_ctrl(SSL *s, int cmd, long larg, void *parg)
1115 case SSL_CTRL_SET_MTU: 1116 case SSL_CTRL_SET_MTU:
1116#ifndef OPENSSL_NO_DTLS1 1117#ifndef OPENSSL_NO_DTLS1
1117 if (larg < (long)dtls1_min_mtu()) 1118 if (larg < (long)dtls1_min_mtu())
1118 return 0; 1119 return (0);
1119#endif 1120#endif
1120 1121
1121 if (SSL_version(s) == DTLS1_VERSION || 1122 if (SSL_version(s) == DTLS1_VERSION ||
1122 SSL_version(s) == DTLS1_BAD_VER) { 1123 SSL_version(s) == DTLS1_BAD_VER) {
1123 s->d1->mtu = larg; 1124 s->d1->mtu = larg;
1124 return larg; 1125 return (larg);
1125 } 1126 }
1126 return 0; 1127 return (0);
1127 case SSL_CTRL_SET_MAX_SEND_FRAGMENT: 1128 case SSL_CTRL_SET_MAX_SEND_FRAGMENT:
1128 if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH) 1129 if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH)
1129 return 0; 1130 return (0);
1130 s->max_send_fragment = larg; 1131 s->max_send_fragment = larg;
1131 return 1; 1132 return (1);
1132 case SSL_CTRL_GET_RI_SUPPORT: 1133 case SSL_CTRL_GET_RI_SUPPORT:
1133 if (s->s3) 1134 if (s->s3)
1134 return s->s3->send_connection_binding; 1135 return (s->s3->send_connection_binding);
1135 else return 0; 1136 else return (0);
1136 default: 1137 default:
1137 return (s->method->ssl_ctrl(s, cmd, larg, parg)); 1138 return (s->method->ssl_ctrl(s, cmd, larg, parg));
1138 } 1139 }
@@ -1146,7 +1147,7 @@ SSL_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
1146 s->msg_callback = (void (*)(int write_p, int version, 1147 s->msg_callback = (void (*)(int write_p, int version,
1147 int content_type, const void *buf, size_t len, 1148 int content_type, const void *buf, size_t len,
1148 SSL *ssl, void *arg))(fp); 1149 SSL *ssl, void *arg))(fp);
1149 return 1; 1150 return (1);
1150 1151
1151 default: 1152 default:
1152 return (s->method->ssl_callback_ctrl(s, cmd, fp)); 1153 return (s->method->ssl_callback_ctrl(s, cmd, fp));
@@ -1156,7 +1157,7 @@ SSL_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
1156LHASH_OF(SSL_SESSION) * 1157LHASH_OF(SSL_SESSION) *
1157SSL_CTX_sessions(SSL_CTX *ctx) 1158SSL_CTX_sessions(SSL_CTX *ctx)
1158{ 1159{
1159 return ctx->sessions; 1160 return (ctx->sessions);
1160} 1161}
1161 1162
1162long 1163long
@@ -1174,7 +1175,7 @@ SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
1174 1175
1175 case SSL_CTRL_SET_MSG_CALLBACK_ARG: 1176 case SSL_CTRL_SET_MSG_CALLBACK_ARG:
1176 ctx->msg_callback_arg = parg; 1177 ctx->msg_callback_arg = parg;
1177 return 1; 1178 return (1);
1178 1179
1179 case SSL_CTRL_GET_MAX_CERT_LIST: 1180 case SSL_CTRL_GET_MAX_CERT_LIST:
1180 return (ctx->max_cert_list); 1181 return (ctx->max_cert_list);
@@ -1230,9 +1231,9 @@ SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
1230 return (ctx->mode&=~larg); 1231 return (ctx->mode&=~larg);
1231 case SSL_CTRL_SET_MAX_SEND_FRAGMENT: 1232 case SSL_CTRL_SET_MAX_SEND_FRAGMENT:
1232 if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH) 1233 if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH)
1233 return 0; 1234 return (0);
1234 ctx->max_send_fragment = larg; 1235 ctx->max_send_fragment = larg;
1235 return 1; 1236 return (1);
1236 default: 1237 default:
1237 return (ctx->method->ssl_ctx_ctrl(ctx, cmd, larg, parg)); 1238 return (ctx->method->ssl_ctx_ctrl(ctx, cmd, larg, parg));
1238 } 1239 }
@@ -1246,7 +1247,7 @@ SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
1246 ctx->msg_callback = (void (*)(int write_p, int version, 1247 ctx->msg_callback = (void (*)(int write_p, int version,
1247 int content_type, const void *buf, size_t len, SSL *ssl, 1248 int content_type, const void *buf, size_t len, SSL *ssl,
1248 void *arg))(fp); 1249 void *arg))(fp);
1249 return 1; 1250 return (1);
1250 1251
1251 default: 1252 default:
1252 return (ctx->method->ssl_ctx_callback_ctrl(ctx, cmd, fp)); 1253 return (ctx->method->ssl_ctx_callback_ctrl(ctx, cmd, fp));
@@ -1339,7 +1340,7 @@ SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str)
1339 1340
1340 sk = ssl_create_cipher_list(ctx->method, &ctx->cipher_list, 1341 sk = ssl_create_cipher_list(ctx->method, &ctx->cipher_list,
1341 &ctx->cipher_list_by_id, str); 1342 &ctx->cipher_list_by_id, str);
1342 /* 1343 /*
1343 * ssl_create_cipher_list may return an empty stack if it 1344 * ssl_create_cipher_list may return an empty stack if it
1344 * was unable to find a cipher matching the given rule string 1345 * was unable to find a cipher matching the given rule string
1345 * (for example if the rule string specifies a cipher which 1346 * (for example if the rule string specifies a cipher which
@@ -1349,13 +1350,13 @@ SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str)
1349 * updated. 1350 * updated.
1350 */ 1351 */
1351 if (sk == NULL) 1352 if (sk == NULL)
1352 return 0; 1353 return (0);
1353 else if (sk_SSL_CIPHER_num(sk) == 0) { 1354 else if (sk_SSL_CIPHER_num(sk) == 0) {
1354 SSLerr(SSL_F_SSL_CTX_SET_CIPHER_LIST, 1355 SSLerr(SSL_F_SSL_CTX_SET_CIPHER_LIST,
1355 SSL_R_NO_CIPHER_MATCH); 1356 SSL_R_NO_CIPHER_MATCH);
1356 return 0; 1357 return (0);
1357 } 1358 }
1358 return 1; 1359 return (1);
1359} 1360}
1360 1361
1361/* Specify the ciphers to be used by the SSL. */ 1362/* Specify the ciphers to be used by the SSL. */
@@ -1368,13 +1369,13 @@ SSL_set_cipher_list(SSL *s, const char *str)
1368 &s->cipher_list_by_id, str); 1369 &s->cipher_list_by_id, str);
1369 /* see comment in SSL_CTX_set_cipher_list */ 1370 /* see comment in SSL_CTX_set_cipher_list */
1370 if (sk == NULL) 1371 if (sk == NULL)
1371 return 0; 1372 return (0);
1372 else if (sk_SSL_CIPHER_num(sk) == 0) { 1373 else if (sk_SSL_CIPHER_num(sk) == 0) {
1373 SSLerr(SSL_F_SSL_SET_CIPHER_LIST, 1374 SSLerr(SSL_F_SSL_SET_CIPHER_LIST,
1374 SSL_R_NO_CIPHER_MATCH); 1375 SSL_R_NO_CIPHER_MATCH);
1375 return 0; 1376 return (0);
1376 } 1377 }
1377 return 1; 1378 return (1);
1378} 1379}
1379 1380
1380/* works well for SSLv2, not so good for SSLv3 */ 1381/* works well for SSLv2, not so good for SSLv3 */
@@ -1540,11 +1541,11 @@ const char *
1540SSL_get_servername(const SSL *s, const int type) 1541SSL_get_servername(const SSL *s, const int type)
1541{ 1542{
1542 if (type != TLSEXT_NAMETYPE_host_name) 1543 if (type != TLSEXT_NAMETYPE_host_name)
1543 return NULL; 1544 return (NULL);
1544 1545
1545 return s->session && !s->tlsext_hostname ? 1546 return (s->session && !s->tlsext_hostname ?
1546 s->session->tlsext_hostname : 1547 s->session->tlsext_hostname :
1547 s->tlsext_hostname; 1548 s->tlsext_hostname);
1548} 1549}
1549 1550
1550int 1551int
@@ -1553,8 +1554,8 @@ SSL_get_servername_type(const SSL *s)
1553 if (s->session && 1554 if (s->session &&
1554 (!s->tlsext_hostname ? 1555 (!s->tlsext_hostname ?
1555 s->session->tlsext_hostname : s->tlsext_hostname)) 1556 s->session->tlsext_hostname : s->tlsext_hostname))
1556 return TLSEXT_NAMETYPE_host_name; 1557 return (TLSEXT_NAMETYPE_host_name);
1557 return -1; 1558 return (-1);
1558} 1559}
1559 1560
1560# ifndef OPENSSL_NO_NEXTPROTONEG 1561# ifndef OPENSSL_NO_NEXTPROTONEG
@@ -1626,7 +1627,7 @@ SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
1626 found: 1627 found:
1627 *out = (unsigned char *) result + 1; 1628 *out = (unsigned char *) result + 1;
1628 *outlen = result[0]; 1629 *outlen = result[0];
1629 return status; 1630 return (status);
1630} 1631}
1631 1632
1632/* 1633/*
@@ -1697,10 +1698,10 @@ SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
1697 int use_context) 1698 int use_context)
1698{ 1699{
1699 if (s->version < TLS1_VERSION) 1700 if (s->version < TLS1_VERSION)
1700 return -1; 1701 return (-1);
1701 1702
1702 return s->method->ssl3_enc->export_keying_material(s, out, olen, 1703 return (s->method->ssl3_enc->export_keying_material(s, out, olen,
1703 label, llen, p, plen, use_context); 1704 label, llen, p, plen, use_context));
1704} 1705}
1705 1706
1706static unsigned long 1707static unsigned long
@@ -2087,7 +2088,8 @@ ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
2087 2088
2088 2089
2089#ifdef CIPHER_DEBUG 2090#ifdef CIPHER_DEBUG
2090 printf("rt=%d rte=%d dht=%d ecdht=%d re=%d ree=%d rs=%d ds=%d dhr=%d dhd=%d\n", 2091 printf("rt=%d rte=%d dht=%d ecdht=%d re=%d ree=%d "
2092 "rs=%d ds=%d dhr=%d dhd=%d\n",
2091 rsa_tmp, rsa_tmp_export, dh_tmp, have_ecdh_tmp, 2093 rsa_tmp, rsa_tmp_export, dh_tmp, have_ecdh_tmp,
2092 rsa_enc, rsa_enc_export, rsa_sign, dsa_sign, dh_rsa, dh_dsa); 2094 rsa_enc, rsa_enc_export, rsa_sign, dsa_sign, dh_rsa, dh_dsa);
2093#endif 2095#endif
@@ -2247,11 +2249,11 @@ ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
2247 /* ECDH key length in export ciphers must be <= 163 bits */ 2249 /* ECDH key length in export ciphers must be <= 163 bits */
2248 pkey = X509_get_pubkey(x); 2250 pkey = X509_get_pubkey(x);
2249 if (pkey == NULL) 2251 if (pkey == NULL)
2250 return 0; 2252 return (0);
2251 keysize = EVP_PKEY_bits(pkey); 2253 keysize = EVP_PKEY_bits(pkey);
2252 EVP_PKEY_free(pkey); 2254 EVP_PKEY_free(pkey);
2253 if (keysize > 163) 2255 if (keysize > 163)
2254 return 0; 2256 return (0);
2255 } 2257 }
2256 2258
2257 /* This call populates the ex_flags field correctly */ 2259 /* This call populates the ex_flags field correctly */
@@ -2265,7 +2267,7 @@ ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
2265 if (ku_reject(x, X509v3_KU_KEY_AGREEMENT)) { 2267 if (ku_reject(x, X509v3_KU_KEY_AGREEMENT)) {
2266 SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG, 2268 SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
2267 SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT); 2269 SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT);
2268 return 0; 2270 return (0);
2269 } 2271 }
2270 if ((alg_k & SSL_kECDHe) && TLS1_get_version(s) < 2272 if ((alg_k & SSL_kECDHe) && TLS1_get_version(s) <
2271 TLS1_2_VERSION) { 2273 TLS1_2_VERSION) {
@@ -2273,7 +2275,7 @@ ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
2273 if (pk_nid != NID_X9_62_id_ecPublicKey) { 2275 if (pk_nid != NID_X9_62_id_ecPublicKey) {
2274 SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG, 2276 SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
2275 SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE); 2277 SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE);
2276 return 0; 2278 return (0);
2277 } 2279 }
2278 } 2280 }
2279 if ((alg_k & SSL_kECDHr) && TLS1_get_version(s) < 2281 if ((alg_k & SSL_kECDHr) && TLS1_get_version(s) <
@@ -2282,7 +2284,7 @@ ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
2282 if (pk_nid != NID_rsaEncryption && pk_nid != NID_rsa) { 2284 if (pk_nid != NID_rsaEncryption && pk_nid != NID_rsa) {
2283 SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG, 2285 SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
2284 SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE); 2286 SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE);
2285 return 0; 2287 return (0);
2286 } 2288 }
2287 } 2289 }
2288 } 2290 }
@@ -2291,11 +2293,11 @@ ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
2291 if (ku_reject(x, X509v3_KU_DIGITAL_SIGNATURE)) { 2293 if (ku_reject(x, X509v3_KU_DIGITAL_SIGNATURE)) {
2292 SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG, 2294 SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
2293 SSL_R_ECC_CERT_NOT_FOR_SIGNING); 2295 SSL_R_ECC_CERT_NOT_FOR_SIGNING);
2294 return 0; 2296 return (0);
2295 } 2297 }
2296 } 2298 }
2297 2299
2298 return 1; 2300 return (1);
2299 /* all checks are ok */ 2301 /* all checks are ok */
2300} 2302}
2301 2303
@@ -2355,7 +2357,7 @@ ssl_get_server_send_pkey(const SSL *s)
2355 return (NULL); 2357 return (NULL);
2356 } 2358 }
2357 2359
2358 return c->pkeys + i; 2360 return (c->pkeys + i);
2359} 2361}
2360 2362
2361X509 * 2363X509 *
@@ -2365,8 +2367,8 @@ ssl_get_server_send_cert(const SSL *s)
2365 2367
2366 cpk = ssl_get_server_send_pkey(s); 2368 cpk = ssl_get_server_send_pkey(s);
2367 if (!cpk) 2369 if (!cpk)
2368 return NULL; 2370 return (NULL);
2369 return cpk->x509; 2371 return (cpk->x509);
2370} 2372}
2371 2373
2372EVP_PKEY * 2374EVP_PKEY *
@@ -2397,7 +2399,7 @@ ssl_get_sign_pkey(SSL *s, const SSL_CIPHER *cipher, const EVP_MD **pmd)
2397 } 2399 }
2398 if (pmd) 2400 if (pmd)
2399 *pmd = c->pkeys[idx].digest; 2401 *pmd = c->pkeys[idx].digest;
2400 return c->pkeys[idx].privatekey; 2402 return (c->pkeys[idx].privatekey);
2401} 2403}
2402 2404
2403void 2405void
@@ -2506,7 +2508,7 @@ SSL_get_error(const SSL *s, int i)
2506 else if (reason == BIO_RR_ACCEPT) 2508 else if (reason == BIO_RR_ACCEPT)
2507 return (SSL_ERROR_WANT_ACCEPT); 2509 return (SSL_ERROR_WANT_ACCEPT);
2508 else 2510 else
2509 return(SSL_ERROR_SYSCALL); /* unknown */ 2511 return (SSL_ERROR_SYSCALL); /* unknown */
2510 } 2512 }
2511 } 2513 }
2512 2514
@@ -2514,13 +2516,13 @@ SSL_get_error(const SSL *s, int i)
2514 bio = SSL_get_wbio(s); 2516 bio = SSL_get_wbio(s);
2515 if (BIO_should_write(bio)) 2517 if (BIO_should_write(bio))
2516 return (SSL_ERROR_WANT_WRITE); 2518 return (SSL_ERROR_WANT_WRITE);
2517 else if (BIO_should_read(bio)) 2519 else if (BIO_should_read(bio)) {
2518 return (SSL_ERROR_WANT_READ);
2519 /* 2520 /*
2520 * See above (SSL_want_read(s) with 2521 * See above (SSL_want_read(s) with
2521 * BIO_should_write(bio)) 2522 * BIO_should_write(bio))
2522 */ 2523 */
2523 else if (BIO_should_io_special(bio)) { 2524 return (SSL_ERROR_WANT_READ);
2525 } else if (BIO_should_io_special(bio)) {
2524 reason = BIO_get_retry_reason(bio); 2526 reason = BIO_get_retry_reason(bio);
2525 if (reason == BIO_RR_CONNECT) 2527 if (reason == BIO_RR_CONNECT)
2526 return (SSL_ERROR_WANT_CONNECT); 2528 return (SSL_ERROR_WANT_CONNECT);
@@ -2561,7 +2563,7 @@ SSL_do_handshake(SSL *s)
2561 return (ret); 2563 return (ret);
2562} 2564}
2563 2565
2564/* 2566/*
2565 * For the next 2 functions, SSL_clear() sets shutdown and so 2567 * For the next 2 functions, SSL_clear() sets shutdown and so
2566 * one of these calls will reset it 2568 * one of these calls will reset it
2567 */ 2569 */
@@ -2627,15 +2629,15 @@ const char *
2627SSL_get_version(const SSL *s) 2629SSL_get_version(const SSL *s)
2628{ 2630{
2629 if (s->version == TLS1_2_VERSION) 2631 if (s->version == TLS1_2_VERSION)
2630 return("TLSv1.2"); 2632 return ("TLSv1.2");
2631 else if (s->version == TLS1_1_VERSION) 2633 else if (s->version == TLS1_1_VERSION)
2632 return("TLSv1.1"); 2634 return ("TLSv1.1");
2633 else if (s->version == TLS1_VERSION) 2635 else if (s->version == TLS1_VERSION)
2634 return("TLSv1"); 2636 return ("TLSv1");
2635 else if (s->version == SSL3_VERSION) 2637 else if (s->version == SSL3_VERSION)
2636 return("SSLv3"); 2638 return ("SSLv3");
2637 else 2639 else
2638 return("unknown"); 2640 return ("unknown");
2639} 2641}
2640 2642
2641SSL * 2643SSL *
@@ -2722,14 +2724,14 @@ SSL_dup(SSL *s)
2722 ret->quiet_shutdown = s->quiet_shutdown; 2724 ret->quiet_shutdown = s->quiet_shutdown;
2723 ret->shutdown = s->shutdown; 2725 ret->shutdown = s->shutdown;
2724 /* SSL_dup does not really work at any state, though */ 2726 /* SSL_dup does not really work at any state, though */
2725 ret->state=s->state; 2727 ret->state=s->state;
2726 ret->rstate = s->rstate; 2728 ret->rstate = s->rstate;
2727 2729
2728 /* 2730 /*
2729 * Would have to copy ret->init_buf, ret->init_msg, ret->init_num, 2731 * Would have to copy ret->init_buf, ret->init_msg, ret->init_num,
2730 * ret->init_off 2732 * ret->init_off
2731 */ 2733 */
2732 ret->init_num = 0; 2734 ret->init_num = 0;
2733 2735
2734 ret->hit = s->hit; 2736 ret->hit = s->hit;
2735 2737
@@ -2741,10 +2743,11 @@ SSL_dup(SSL *s)
2741 sk_SSL_CIPHER_dup(s->cipher_list)) == NULL) 2743 sk_SSL_CIPHER_dup(s->cipher_list)) == NULL)
2742 goto err; 2744 goto err;
2743 } 2745 }
2744 if (s->cipher_list_by_id != NULL) 2746 if (s->cipher_list_by_id != NULL) {
2745 if ((ret->cipher_list_by_id = 2747 if ((ret->cipher_list_by_id =
2746 sk_SSL_CIPHER_dup(s->cipher_list_by_id)) == NULL) 2748 sk_SSL_CIPHER_dup(s->cipher_list_by_id)) == NULL)
2747 goto err; 2749 goto err;
2750 }
2748 2751
2749 /* Dup the client_CA list */ 2752 /* Dup the client_CA list */
2750 if (s->client_CA != NULL) { 2753 if (s->client_CA != NULL) {
@@ -2825,13 +2828,13 @@ SSL_get_current_cipher(const SSL *s)
2825const void * 2828const void *
2826SSL_get_current_compression(SSL *s) 2829SSL_get_current_compression(SSL *s)
2827{ 2830{
2828 return NULL; 2831 return (NULL);
2829} 2832}
2830 2833
2831const void * 2834const void *
2832SSL_get_current_expansion(SSL *s) 2835SSL_get_current_expansion(SSL *s)
2833{ 2836{
2834 return NULL; 2837 return (NULL);
2835} 2838}
2836#else 2839#else
2837 2840
@@ -2950,7 +2953,7 @@ SSL_CTX *
2950SSL_set_SSL_CTX(SSL *ssl, SSL_CTX* ctx) 2953SSL_set_SSL_CTX(SSL *ssl, SSL_CTX* ctx)
2951{ 2954{
2952 if (ssl->ctx == ctx) 2955 if (ssl->ctx == ctx)
2953 return ssl->ctx; 2956 return (ssl->ctx);
2954#ifndef OPENSSL_NO_TLSEXT 2957#ifndef OPENSSL_NO_TLSEXT
2955 if (ctx == NULL) 2958 if (ctx == NULL)
2956 ctx = ssl->initial_ctx; 2959 ctx = ssl->initial_ctx;
@@ -2993,7 +2996,7 @@ SSL_set_info_callback(SSL *ssl,
2993 */ 2996 */
2994void (*SSL_get_info_callback(const SSL *ssl))(const SSL * /*ssl*/,int /*type*/,int /*val*/) 2997void (*SSL_get_info_callback(const SSL *ssl))(const SSL * /*ssl*/,int /*type*/,int /*val*/)
2995{ 2998{
2996 return ssl->info_callback; 2999 return (ssl->info_callback);
2997} 3000}
2998 3001
2999int 3002int
@@ -3024,8 +3027,8 @@ int
3024SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, 3027SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
3025 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) 3028 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
3026{ 3029{
3027 return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL, argl, argp, 3030 return (CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL, argl, argp,
3028 new_func, dup_func, free_func); 3031 new_func, dup_func, free_func));
3029} 3032}
3030 3033
3031int 3034int
@@ -3044,8 +3047,8 @@ int
3044SSL_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, 3047SSL_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
3045 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) 3048 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
3046{ 3049{
3047 return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX, argl, argp, 3050 return (CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX, argl, argp,
3048 new_func, dup_func, free_func); 3051 new_func, dup_func, free_func));
3049} 3052}
3050 3053
3051int 3054int
@@ -3171,50 +3174,50 @@ SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *identity_hint)
3171 PSK_MAX_IDENTITY_LEN) { 3174 PSK_MAX_IDENTITY_LEN) {
3172 SSLerr(SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT, 3175 SSLerr(SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT,
3173 SSL_R_DATA_LENGTH_TOO_LONG); 3176 SSL_R_DATA_LENGTH_TOO_LONG);
3174 return 0; 3177 return (0);
3175 } 3178 }
3176 if (ctx->psk_identity_hint != NULL) 3179 if (ctx->psk_identity_hint != NULL)
3177 free(ctx->psk_identity_hint); 3180 free(ctx->psk_identity_hint);
3178 if (identity_hint != NULL) { 3181 if (identity_hint != NULL) {
3179 ctx->psk_identity_hint = BUF_strdup(identity_hint); 3182 ctx->psk_identity_hint = BUF_strdup(identity_hint);
3180 if (ctx->psk_identity_hint == NULL) 3183 if (ctx->psk_identity_hint == NULL)
3181 return 0; 3184 return (0);
3182 } else 3185 } else
3183 ctx->psk_identity_hint = NULL; 3186 ctx->psk_identity_hint = NULL;
3184 return 1; 3187 return (1);
3185} 3188}
3186 3189
3187int 3190int
3188SSL_use_psk_identity_hint(SSL *s, const char *identity_hint) 3191SSL_use_psk_identity_hint(SSL *s, const char *identity_hint)
3189{ 3192{
3190 if (s == NULL) 3193 if (s == NULL)
3191 return 0; 3194 return (0);
3192 3195
3193 if (s->session == NULL) 3196 if (s->session == NULL)
3194 return 1; /* session not created yet, ignored */ 3197 return (1); /* session not created yet, ignored */
3195 3198
3196 if (identity_hint != NULL && strlen(identity_hint) > 3199 if (identity_hint != NULL && strlen(identity_hint) >
3197 PSK_MAX_IDENTITY_LEN) { 3200 PSK_MAX_IDENTITY_LEN) {
3198 SSLerr(SSL_F_SSL_USE_PSK_IDENTITY_HINT, 3201 SSLerr(SSL_F_SSL_USE_PSK_IDENTITY_HINT,
3199 SSL_R_DATA_LENGTH_TOO_LONG); 3202 SSL_R_DATA_LENGTH_TOO_LONG);
3200 return 0; 3203 return (0);
3201 } 3204 }
3202 if (s->session->psk_identity_hint != NULL) 3205 if (s->session->psk_identity_hint != NULL)
3203 free(s->session->psk_identity_hint); 3206 free(s->session->psk_identity_hint);
3204 if (identity_hint != NULL) { 3207 if (identity_hint != NULL) {
3205 s->session->psk_identity_hint = BUF_strdup(identity_hint); 3208 s->session->psk_identity_hint = BUF_strdup(identity_hint);
3206 if (s->session->psk_identity_hint == NULL) 3209 if (s->session->psk_identity_hint == NULL)
3207 return 0; 3210 return (0);
3208 } else 3211 } else
3209 s->session->psk_identity_hint = NULL; 3212 s->session->psk_identity_hint = NULL;
3210 return 1; 3213 return (1);
3211} 3214}
3212 3215
3213const char * 3216const char *
3214SSL_get_psk_identity_hint(const SSL *s) 3217SSL_get_psk_identity_hint(const SSL *s)
3215{ 3218{
3216 if (s == NULL || s->session == NULL) 3219 if (s == NULL || s->session == NULL)
3217 return NULL; 3220 return (NULL);
3218 return (s->session->psk_identity_hint); 3221 return (s->session->psk_identity_hint);
3219} 3222}
3220 3223
@@ -3222,7 +3225,7 @@ const char *
3222SSL_get_psk_identity(const SSL *s) 3225SSL_get_psk_identity(const SSL *s)
3223{ 3226{
3224 if (s == NULL || s->session == NULL) 3227 if (s == NULL || s->session == NULL)
3225 return NULL; 3228 return (NULL);
3226 return (s->session->psk_identity); 3229 return (s->session->psk_identity);
3227} 3230}
3228 3231
@@ -3289,7 +3292,7 @@ ssl_replace_hash(EVP_MD_CTX **hash, const EVP_MD *md)
3289 *hash = EVP_MD_CTX_create(); 3292 *hash = EVP_MD_CTX_create();
3290 if (md) 3293 if (md)
3291 EVP_DigestInit_ex(*hash, md, NULL); 3294 EVP_DigestInit_ex(*hash, md, NULL);
3292 return *hash; 3295 return (*hash);
3293} 3296}
3294 3297
3295void 3298void
@@ -3309,7 +3312,7 @@ SSL_set_debug(SSL *s, int debug)
3309int 3312int
3310SSL_cache_hit(SSL *s) 3313SSL_cache_hit(SSL *s)
3311{ 3314{
3312 return s->hit; 3315 return (s->hit);
3313} 3316}
3314 3317
3315IMPLEMENT_STACK_OF(SSL_CIPHER) 3318IMPLEMENT_STACK_OF(SSL_CIPHER)
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 13:56:00 +0000