summaryrefslogtreecommitdiff
path: root/src/lib/libssl/ssl_lib.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libssl/ssl_lib.c')
-rw-r--r--src/lib/libssl/ssl_lib.c26
1 files changed, 20 insertions, 6 deletions
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
index f82d071d6e..6dbc3c1f7d 100644
--- a/src/lib/libssl/ssl_lib.c
+++ b/src/lib/libssl/ssl_lib.c
@@ -597,8 +597,10 @@ void SSL_free(SSL *s)
597 OPENSSL_free(s->next_proto_negotiated); 597 OPENSSL_free(s->next_proto_negotiated);
598#endif 598#endif
599 599
600#ifndef OPENSSL_NO_SRTP
600 if (s->srtp_profiles) 601 if (s->srtp_profiles)
601 sk_SRTP_PROTECTION_PROFILE_free(s->srtp_profiles); 602 sk_SRTP_PROTECTION_PROFILE_free(s->srtp_profiles);
603#endif
602 604
603 OPENSSL_free(s); 605 OPENSSL_free(s);
604 } 606 }
@@ -1795,7 +1797,9 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
1795 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ret, &ret->ex_data); 1797 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ret, &ret->ex_data);
1796 1798
1797 ret->extra_certs=NULL; 1799 ret->extra_certs=NULL;
1798 ret->comp_methods=SSL_COMP_get_compression_methods(); 1800 /* No compression for DTLS */
1801 if (meth->version != DTLS1_VERSION)
1802 ret->comp_methods=SSL_COMP_get_compression_methods();
1799 1803
1800 ret->max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH; 1804 ret->max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH;
1801 1805
@@ -1952,8 +1956,10 @@ void SSL_CTX_free(SSL_CTX *a)
1952 a->comp_methods = NULL; 1956 a->comp_methods = NULL;
1953#endif 1957#endif
1954 1958
1959#ifndef OPENSSL_NO_SRTP
1955 if (a->srtp_profiles) 1960 if (a->srtp_profiles)
1956 sk_SRTP_PROTECTION_PROFILE_free(a->srtp_profiles); 1961 sk_SRTP_PROTECTION_PROFILE_free(a->srtp_profiles);
1962#endif
1957 1963
1958#ifndef OPENSSL_NO_PSK 1964#ifndef OPENSSL_NO_PSK
1959 if (a->psk_identity_hint) 1965 if (a->psk_identity_hint)
@@ -2287,7 +2293,7 @@ int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
2287#endif 2293#endif
2288 2294
2289/* THIS NEEDS CLEANING UP */ 2295/* THIS NEEDS CLEANING UP */
2290X509 *ssl_get_server_send_cert(SSL *s) 2296CERT_PKEY *ssl_get_server_send_pkey(const SSL *s)
2291 { 2297 {
2292 unsigned long alg_k,alg_a; 2298 unsigned long alg_k,alg_a;
2293 CERT *c; 2299 CERT *c;
@@ -2342,12 +2348,20 @@ X509 *ssl_get_server_send_cert(SSL *s)
2342 i=SSL_PKEY_GOST01; 2348 i=SSL_PKEY_GOST01;
2343 else /* if (alg_a & SSL_aNULL) */ 2349 else /* if (alg_a & SSL_aNULL) */
2344 { 2350 {
2345 SSLerr(SSL_F_SSL_GET_SERVER_SEND_CERT,ERR_R_INTERNAL_ERROR); 2351 SSLerr(SSL_F_SSL_GET_SERVER_SEND_PKEY,ERR_R_INTERNAL_ERROR);
2346 return(NULL); 2352 return(NULL);
2347 } 2353 }
2348 if (c->pkeys[i].x509 == NULL) return(NULL);
2349 2354
2350 return(c->pkeys[i].x509); 2355 return c->pkeys + i;
2356 }
2357
2358X509 *ssl_get_server_send_cert(const SSL *s)
2359 {
2360 CERT_PKEY *cpk;
2361 cpk = ssl_get_server_send_pkey(s);
2362 if (!cpk)
2363 return NULL;
2364 return cpk->x509;
2351 } 2365 }
2352 2366
2353EVP_PKEY *ssl_get_sign_pkey(SSL *s,const SSL_CIPHER *cipher, const EVP_MD **pmd) 2367EVP_PKEY *ssl_get_sign_pkey(SSL *s,const SSL_CIPHER *cipher, const EVP_MD **pmd)
@@ -2608,7 +2622,7 @@ const char *SSL_get_version(const SSL *s)
2608 return("TLSv1.2"); 2622 return("TLSv1.2");
2609 else if (s->version == TLS1_1_VERSION) 2623 else if (s->version == TLS1_1_VERSION)
2610 return("TLSv1.1"); 2624 return("TLSv1.1");
2611 if (s->version == TLS1_VERSION) 2625 else if (s->version == TLS1_VERSION)
2612 return("TLSv1"); 2626 return("TLSv1");
2613 else if (s->version == SSL3_VERSION) 2627 else if (s->version == SSL3_VERSION)
2614 return("SSLv3"); 2628 return("SSLv3");
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-27 16:19:38 +0000