summaryrefslogtreecommitdiff
path: root/src/lib/libssl/ssl_locl.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libssl/ssl_locl.h')
-rw-r--r--src/lib/libssl/ssl_locl.h441
1 files changed, 44 insertions, 397 deletions
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index de94c0d0c7..6a0b7595f4 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -108,11 +108,6 @@
108 * Hudson (tjh@cryptsoft.com). 108 * Hudson (tjh@cryptsoft.com).
109 * 109 *
110 */ 110 */
111/* ====================================================================
112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113 * ECC cipher suite support in OpenSSL originally developed by
114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
115 */
116 111
117#ifndef HEADER_SSL_LOCL_H 112#ifndef HEADER_SSL_LOCL_H
118#define HEADER_SSL_LOCL_H 113#define HEADER_SSL_LOCL_H
@@ -126,13 +121,10 @@
126#include <openssl/buffer.h> 121#include <openssl/buffer.h>
127#include <openssl/comp.h> 122#include <openssl/comp.h>
128#include <openssl/bio.h> 123#include <openssl/bio.h>
124#include <openssl/crypto.h>
125#include <openssl/evp.h>
129#include <openssl/stack.h> 126#include <openssl/stack.h>
130#ifndef OPENSSL_NO_RSA 127#include <openssl/x509.h>
131#include <openssl/rsa.h>
132#endif
133#ifndef OPENSSL_NO_DSA
134#include <openssl/dsa.h>
135#endif
136#include <openssl/err.h> 128#include <openssl/err.h>
137#include <openssl/ssl.h> 129#include <openssl/ssl.h>
138#include <openssl/symhacks.h> 130#include <openssl/symhacks.h>
@@ -180,20 +172,6 @@
180 *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ 172 *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
181 *((c)++)=(unsigned char)(((l) )&0xff)) 173 *((c)++)=(unsigned char)(((l) )&0xff))
182 174
183#define l2n6(l,c) (*((c)++)=(unsigned char)(((l)>>40)&0xff), \
184 *((c)++)=(unsigned char)(((l)>>32)&0xff), \
185 *((c)++)=(unsigned char)(((l)>>24)&0xff), \
186 *((c)++)=(unsigned char)(((l)>>16)&0xff), \
187 *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
188 *((c)++)=(unsigned char)(((l) )&0xff))
189
190#define n2l6(c,l) (l =((BN_ULLONG)(*((c)++)))<<40, \
191 l|=((BN_ULLONG)(*((c)++)))<<32, \
192 l|=((BN_ULLONG)(*((c)++)))<<24, \
193 l|=((BN_ULLONG)(*((c)++)))<<16, \
194 l|=((BN_ULLONG)(*((c)++)))<< 8, \
195 l|=((BN_ULLONG)(*((c)++))))
196
197/* NOTE - c is not incremented as per l2c */ 175/* NOTE - c is not incremented as per l2c */
198#define l2cn(l1,l2,c,n) { \ 176#define l2cn(l1,l2,c,n) { \
199 c+=n; \ 177 c+=n; \
@@ -249,58 +227,52 @@
249 * that the different entities within are mutually exclusive: 227 * that the different entities within are mutually exclusive:
250 * ONLY ONE BIT PER MASK CAN BE SET AT A TIME. 228 * ONLY ONE BIT PER MASK CAN BE SET AT A TIME.
251 */ 229 */
252#define SSL_MKEY_MASK 0x000000FFL 230#define SSL_MKEY_MASK 0x0000003FL
253#define SSL_kRSA 0x00000001L /* RSA key exchange */ 231#define SSL_kRSA 0x00000001L /* RSA key exchange */
254#define SSL_kDHr 0x00000002L /* DH cert RSA CA cert */ 232#define SSL_kDHr 0x00000002L /* DH cert RSA CA cert */
255#define SSL_kDHd 0x00000004L /* DH cert DSA CA cert */ 233#define SSL_kDHd 0x00000004L /* DH cert DSA CA cert */
256#define SSL_kFZA 0x00000008L 234#define SSL_kFZA 0x00000008L
257#define SSL_kEDH 0x00000010L /* tmp DH key no DH cert */ 235#define SSL_kEDH 0x00000010L /* tmp DH key no DH cert */
258#define SSL_kKRB5 0x00000020L /* Kerberos5 key exchange */ 236#define SSL_kKRB5 0x00000020L /* Kerberos5 key exchange */
259#define SSL_kECDH 0x00000040L /* ECDH w/ long-term keys */
260#define SSL_kECDHE 0x00000080L /* ephemeral ECDH */
261#define SSL_EDH (SSL_kEDH|(SSL_AUTH_MASK^SSL_aNULL)) 237#define SSL_EDH (SSL_kEDH|(SSL_AUTH_MASK^SSL_aNULL))
262 238
263#define SSL_AUTH_MASK 0x00007F00L 239#define SSL_AUTH_MASK 0x00000FC0L
264#define SSL_aRSA 0x00000100L /* Authenticate with RSA */ 240#define SSL_aRSA 0x00000040L /* Authenticate with RSA */
265#define SSL_aDSS 0x00000200L /* Authenticate with DSS */ 241#define SSL_aDSS 0x00000080L /* Authenticate with DSS */
266#define SSL_DSS SSL_aDSS 242#define SSL_DSS SSL_aDSS
267#define SSL_aFZA 0x00000400L 243#define SSL_aFZA 0x00000100L
268#define SSL_aNULL 0x00000800L /* no Authenticate, ADH */ 244#define SSL_aNULL 0x00000200L /* no Authenticate, ADH */
269#define SSL_aDH 0x00001000L /* no Authenticate, ADH */ 245#define SSL_aDH 0x00000400L /* no Authenticate, ADH */
270#define SSL_aKRB5 0x00002000L /* Authenticate with KRB5 */ 246#define SSL_aKRB5 0x00000800L /* Authenticate with KRB5 */
271#define SSL_aECDSA 0x00004000L /* Authenticate with ECDSA */
272 247
273#define SSL_NULL (SSL_eNULL) 248#define SSL_NULL (SSL_eNULL)
274#define SSL_ADH (SSL_kEDH|SSL_aNULL) 249#define SSL_ADH (SSL_kEDH|SSL_aNULL)
275#define SSL_RSA (SSL_kRSA|SSL_aRSA) 250#define SSL_RSA (SSL_kRSA|SSL_aRSA)
276#define SSL_DH (SSL_kDHr|SSL_kDHd|SSL_kEDH) 251#define SSL_DH (SSL_kDHr|SSL_kDHd|SSL_kEDH)
277#define SSL_ECDH (SSL_kECDH|SSL_kECDHE)
278#define SSL_FZA (SSL_aFZA|SSL_kFZA|SSL_eFZA) 252#define SSL_FZA (SSL_aFZA|SSL_kFZA|SSL_eFZA)
279#define SSL_KRB5 (SSL_kKRB5|SSL_aKRB5) 253#define SSL_KRB5 (SSL_kKRB5|SSL_aKRB5)
280 254
281#define SSL_ENC_MASK 0x1C3F8000L 255#define SSL_ENC_MASK 0x0087F000L
282#define SSL_DES 0x00008000L 256#define SSL_DES 0x00001000L
283#define SSL_3DES 0x00010000L 257#define SSL_3DES 0x00002000L
284#define SSL_RC4 0x00020000L 258#define SSL_RC4 0x00004000L
285#define SSL_RC2 0x00040000L 259#define SSL_RC2 0x00008000L
286#define SSL_IDEA 0x00080000L 260#define SSL_IDEA 0x00010000L
287#define SSL_eFZA 0x00100000L 261#define SSL_eFZA 0x00020000L
288#define SSL_eNULL 0x00200000L 262#define SSL_eNULL 0x00040000L
289#define SSL_AES 0x04000000L 263#define SSL_AES 0x00800000L
290#define SSL_CAMELLIA 0x08000000L 264
291#define SSL_SEED 0x10000000L 265#define SSL_MAC_MASK 0x00180000L
292 266#define SSL_MD5 0x00080000L
293#define SSL_MAC_MASK 0x00c00000L 267#define SSL_SHA1 0x00100000L
294#define SSL_MD5 0x00400000L
295#define SSL_SHA1 0x00800000L
296#define SSL_SHA (SSL_SHA1) 268#define SSL_SHA (SSL_SHA1)
297 269
298#define SSL_SSL_MASK 0x03000000L 270#define SSL_SSL_MASK 0x00600000L
299#define SSL_SSLV2 0x01000000L 271#define SSL_SSLV2 0x00200000L
300#define SSL_SSLV3 0x02000000L 272#define SSL_SSLV3 0x00400000L
301#define SSL_TLSV1 SSL_SSLV3 /* for now */ 273#define SSL_TLSV1 SSL_SSLV3 /* for now */
302 274
303/* we have used 1fffffff - 3 bits left to go. */ 275/* we have used 007fffff - 9 bits left to go */
304 276
305/* 277/*
306 * Export and cipher strength information. For each cipher we have to decide 278 * Export and cipher strength information. For each cipher we have to decide
@@ -330,8 +302,9 @@
330#define SSL_LOW 0x00000020L 302#define SSL_LOW 0x00000020L
331#define SSL_MEDIUM 0x00000040L 303#define SSL_MEDIUM 0x00000040L
332#define SSL_HIGH 0x00000080L 304#define SSL_HIGH 0x00000080L
305#define SSL_FIPS 0x00000100L
333 306
334/* we have used 000000ff - 24 bits left to go */ 307/* we have used 000001ff - 23 bits left to go */
335 308
336/* 309/*
337 * Macros to check the export status and cipher strength for export ciphers. 310 * Macros to check the export status and cipher strength for export ciphers.
@@ -372,8 +345,7 @@
372#define SSL_PKEY_DSA_SIGN 2 345#define SSL_PKEY_DSA_SIGN 2
373#define SSL_PKEY_DH_RSA 3 346#define SSL_PKEY_DH_RSA 3
374#define SSL_PKEY_DH_DSA 4 347#define SSL_PKEY_DH_DSA 4
375#define SSL_PKEY_ECC 5 348#define SSL_PKEY_NUM 5
376#define SSL_PKEY_NUM 6
377 349
378/* SSL_kRSA <- RSA_ENC | (RSA_TMP & RSA_SIGN) | 350/* SSL_kRSA <- RSA_ENC | (RSA_TMP & RSA_SIGN) |
379 * <- (EXPORT & (RSA_ENC | RSA_TMP) & RSA_SIGN) 351 * <- (EXPORT & (RSA_ENC | RSA_TMP) & RSA_SIGN)
@@ -389,15 +361,6 @@
389#define CERT_PRIVATE_KEY 2 361#define CERT_PRIVATE_KEY 2
390*/ 362*/
391 363
392#ifndef OPENSSL_NO_EC
393/* From ECC-TLS draft, used in encoding the curve type in
394 * ECParameters
395 */
396#define EXPLICIT_PRIME_CURVE_TYPE 1
397#define EXPLICIT_CHAR2_CURVE_TYPE 2
398#define NAMED_CURVE_TYPE 3
399#endif /* OPENSSL_NO_EC */
400
401typedef struct cert_pkey_st 364typedef struct cert_pkey_st
402 { 365 {
403 X509 *x509; 366 X509 *x509;
@@ -424,11 +387,6 @@ typedef struct cert_st
424 DH *dh_tmp; 387 DH *dh_tmp;
425 DH *(*dh_tmp_cb)(SSL *ssl,int is_export,int keysize); 388 DH *(*dh_tmp_cb)(SSL *ssl,int is_export,int keysize);
426#endif 389#endif
427#ifndef OPENSSL_NO_ECDH
428 EC_KEY *ecdh_tmp;
429 /* Callback for generating ephemeral ECDH keys */
430 EC_KEY *(*ecdh_tmp_cb)(SSL *ssl,int is_export,int keysize);
431#endif
432 390
433 CERT_PKEY pkeys[SSL_PKEY_NUM]; 391 CERT_PKEY pkeys[SSL_PKEY_NUM];
434 392
@@ -454,9 +412,6 @@ typedef struct sess_cert_st
454#ifndef OPENSSL_NO_DH 412#ifndef OPENSSL_NO_DH
455 DH *peer_dh_tmp; /* not used for SSL 2 */ 413 DH *peer_dh_tmp; /* not used for SSL 2 */
456#endif 414#endif
457#ifndef OPENSSL_NO_ECDH
458 EC_KEY *peer_ecdh_tmp;
459#endif
460 415
461 int references; /* actually always 1 at the moment */ 416 int references; /* actually always 1 at the moment */
462 } SESS_CERT; 417 } SESS_CERT;
@@ -511,201 +466,17 @@ extern SSL3_ENC_METHOD ssl3_undef_enc_method;
511OPENSSL_EXTERN SSL_CIPHER ssl2_ciphers[]; 466OPENSSL_EXTERN SSL_CIPHER ssl2_ciphers[];
512OPENSSL_EXTERN SSL_CIPHER ssl3_ciphers[]; 467OPENSSL_EXTERN SSL_CIPHER ssl3_ciphers[];
513 468
469#ifdef OPENSSL_SYS_VMS
470#undef SSL_COMP_get_compression_methods
471#define SSL_COMP_get_compression_methods SSL_COMP_get_compress_methods
472#endif
473
514 474
515SSL_METHOD *ssl_bad_method(int ver); 475SSL_METHOD *ssl_bad_method(int ver);
516SSL_METHOD *sslv2_base_method(void); 476SSL_METHOD *sslv2_base_method(void);
517SSL_METHOD *sslv23_base_method(void); 477SSL_METHOD *sslv23_base_method(void);
518SSL_METHOD *sslv3_base_method(void); 478SSL_METHOD *sslv3_base_method(void);
519 479
520extern SSL3_ENC_METHOD TLSv1_enc_data;
521extern SSL3_ENC_METHOD SSLv3_enc_data;
522extern SSL3_ENC_METHOD DTLSv1_enc_data;
523
524#define IMPLEMENT_tls1_meth_func(func_name, s_accept, s_connect, s_get_meth) \
525SSL_METHOD *func_name(void) \
526 { \
527 static SSL_METHOD func_name##_data= { \
528 TLS1_VERSION, \
529 tls1_new, \
530 tls1_clear, \
531 tls1_free, \
532 s_accept, \
533 s_connect, \
534 ssl3_read, \
535 ssl3_peek, \
536 ssl3_write, \
537 ssl3_shutdown, \
538 ssl3_renegotiate, \
539 ssl3_renegotiate_check, \
540 ssl3_get_message, \
541 ssl3_read_bytes, \
542 ssl3_write_bytes, \
543 ssl3_dispatch_alert, \
544 ssl3_ctrl, \
545 ssl3_ctx_ctrl, \
546 ssl3_get_cipher_by_char, \
547 ssl3_put_cipher_by_char, \
548 ssl3_pending, \
549 ssl3_num_ciphers, \
550 ssl3_get_cipher, \
551 s_get_meth, \
552 tls1_default_timeout, \
553 &TLSv1_enc_data, \
554 ssl_undefined_void_function, \
555 ssl3_callback_ctrl, \
556 ssl3_ctx_callback_ctrl, \
557 }; \
558 return &func_name##_data; \
559 }
560
561#define IMPLEMENT_ssl3_meth_func(func_name, s_accept, s_connect, s_get_meth) \
562SSL_METHOD *func_name(void) \
563 { \
564 static SSL_METHOD func_name##_data= { \
565 SSL3_VERSION, \
566 ssl3_new, \
567 ssl3_clear, \
568 ssl3_free, \
569 s_accept, \
570 s_connect, \
571 ssl3_read, \
572 ssl3_peek, \
573 ssl3_write, \
574 ssl3_shutdown, \
575 ssl3_renegotiate, \
576 ssl3_renegotiate_check, \
577 ssl3_get_message, \
578 ssl3_read_bytes, \
579 ssl3_write_bytes, \
580 ssl3_dispatch_alert, \
581 ssl3_ctrl, \
582 ssl3_ctx_ctrl, \
583 ssl3_get_cipher_by_char, \
584 ssl3_put_cipher_by_char, \
585 ssl3_pending, \
586 ssl3_num_ciphers, \
587 ssl3_get_cipher, \
588 s_get_meth, \
589 ssl3_default_timeout, \
590 &SSLv3_enc_data, \
591 ssl_undefined_void_function, \
592 ssl3_callback_ctrl, \
593 ssl3_ctx_callback_ctrl, \
594 }; \
595 return &func_name##_data; \
596 }
597
598#define IMPLEMENT_ssl23_meth_func(func_name, s_accept, s_connect, s_get_meth) \
599SSL_METHOD *func_name(void) \
600 { \
601 static SSL_METHOD func_name##_data= { \
602 TLS1_VERSION, \
603 tls1_new, \
604 tls1_clear, \
605 tls1_free, \
606 s_accept, \
607 s_connect, \
608 ssl23_read, \
609 ssl23_peek, \
610 ssl23_write, \
611 ssl_undefined_function, \
612 ssl_undefined_function, \
613 ssl_ok, \
614 ssl3_get_message, \
615 ssl3_read_bytes, \
616 ssl3_write_bytes, \
617 ssl3_dispatch_alert, \
618 ssl3_ctrl, \
619 ssl3_ctx_ctrl, \
620 ssl23_get_cipher_by_char, \
621 ssl23_put_cipher_by_char, \
622 ssl_undefined_const_function, \
623 ssl23_num_ciphers, \
624 ssl23_get_cipher, \
625 s_get_meth, \
626 ssl23_default_timeout, \
627 &ssl3_undef_enc_method, \
628 ssl_undefined_void_function, \
629 ssl3_callback_ctrl, \
630 ssl3_ctx_callback_ctrl, \
631 }; \
632 return &func_name##_data; \
633 }
634
635#define IMPLEMENT_ssl2_meth_func(func_name, s_accept, s_connect, s_get_meth) \
636SSL_METHOD *func_name(void) \
637 { \
638 static SSL_METHOD func_name##_data= { \
639 SSL2_VERSION, \
640 ssl2_new, /* local */ \
641 ssl2_clear, /* local */ \
642 ssl2_free, /* local */ \
643 s_accept, \
644 s_connect, \
645 ssl2_read, \
646 ssl2_peek, \
647 ssl2_write, \
648 ssl2_shutdown, \
649 ssl_ok, /* NULL - renegotiate */ \
650 ssl_ok, /* NULL - check renegotiate */ \
651 NULL, /* NULL - ssl_get_message */ \
652 NULL, /* NULL - ssl_get_record */ \
653 NULL, /* NULL - ssl_write_bytes */ \
654 NULL, /* NULL - dispatch_alert */ \
655 ssl2_ctrl, /* local */ \
656 ssl2_ctx_ctrl, /* local */ \
657 ssl2_get_cipher_by_char, \
658 ssl2_put_cipher_by_char, \
659 ssl2_pending, \
660 ssl2_num_ciphers, \
661 ssl2_get_cipher, \
662 s_get_meth, \
663 ssl2_default_timeout, \
664 &ssl3_undef_enc_method, \
665 ssl_undefined_void_function, \
666 ssl2_callback_ctrl, /* local */ \
667 ssl2_ctx_callback_ctrl, /* local */ \
668 }; \
669 return &func_name##_data; \
670 }
671
672#define IMPLEMENT_dtls1_meth_func(func_name, s_accept, s_connect, s_get_meth) \
673SSL_METHOD *func_name(void) \
674 { \
675 static SSL_METHOD func_name##_data= { \
676 DTLS1_VERSION, \
677 dtls1_new, \
678 dtls1_clear, \
679 dtls1_free, \
680 s_accept, \
681 s_connect, \
682 ssl3_read, \
683 ssl3_peek, \
684 ssl3_write, \
685 ssl3_shutdown, \
686 ssl3_renegotiate, \
687 ssl3_renegotiate_check, \
688 dtls1_get_message, \
689 dtls1_read_bytes, \
690 dtls1_write_app_data_bytes, \
691 dtls1_dispatch_alert, \
692 ssl3_ctrl, \
693 ssl3_ctx_ctrl, \
694 ssl3_get_cipher_by_char, \
695 ssl3_put_cipher_by_char, \
696 ssl3_pending, \
697 ssl3_num_ciphers, \
698 dtls1_get_cipher, \
699 s_get_meth, \
700 dtls1_default_timeout, \
701 &DTLSv1_enc_data, \
702 ssl_undefined_void_function, \
703 ssl3_callback_ctrl, \
704 ssl3_ctx_callback_ctrl, \
705 }; \
706 return &func_name##_data; \
707 }
708
709void ssl_clear_cipher_ctx(SSL *s); 480void ssl_clear_cipher_ctx(SSL *s);
710int ssl_clear_bad_session(SSL *s); 481int ssl_clear_bad_session(SSL *s);
711CERT *ssl_cert_new(void); 482CERT *ssl_cert_new(void);
@@ -716,7 +487,7 @@ SESS_CERT *ssl_sess_cert_new(void);
716void ssl_sess_cert_free(SESS_CERT *sc); 487void ssl_sess_cert_free(SESS_CERT *sc);
717int ssl_set_peer_cert_type(SESS_CERT *c, int type); 488int ssl_set_peer_cert_type(SESS_CERT *c, int type);
718int ssl_get_new_session(SSL *s, int session); 489int ssl_get_new_session(SSL *s, int session);
719int ssl_get_prev_session(SSL *s, unsigned char *session,int len, const unsigned char *limit); 490int ssl_get_prev_session(SSL *s, unsigned char *session,int len);
720int ssl_cipher_id_cmp(const SSL_CIPHER *a,const SSL_CIPHER *b); 491int ssl_cipher_id_cmp(const SSL_CIPHER *a,const SSL_CIPHER *b);
721int ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap, 492int ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap,
722 const SSL_CIPHER * const *bp); 493 const SSL_CIPHER * const *bp);
@@ -733,7 +504,6 @@ int ssl_cipher_get_evp(const SSL_SESSION *s,const EVP_CIPHER **enc,
733 const EVP_MD **md,SSL_COMP **comp); 504 const EVP_MD **md,SSL_COMP **comp);
734int ssl_verify_cert_chain(SSL *s,STACK_OF(X509) *sk); 505int ssl_verify_cert_chain(SSL *s,STACK_OF(X509) *sk);
735int ssl_undefined_function(SSL *s); 506int ssl_undefined_function(SSL *s);
736int ssl_undefined_void_function(void);
737int ssl_undefined_const_function(const SSL *s); 507int ssl_undefined_const_function(const SSL *s);
738X509 *ssl_get_server_send_cert(SSL *); 508X509 *ssl_get_server_send_cert(SSL *);
739EVP_PKEY *ssl_get_sign_pkey(SSL *,SSL_CIPHER *); 509EVP_PKEY *ssl_get_sign_pkey(SSL *,SSL_CIPHER *);
@@ -741,7 +511,6 @@ int ssl_cert_type(X509 *x,EVP_PKEY *pkey);
741void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher); 511void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher);
742STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s); 512STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s);
743int ssl_verify_alarm_type(long type); 513int ssl_verify_alarm_type(long type);
744void ssl_load_ciphers(void);
745 514
746int ssl2_enc_init(SSL *s, int client); 515int ssl2_enc_init(SSL *s, int client);
747int ssl2_generate_key_material(SSL *s); 516int ssl2_generate_key_material(SSL *s);
@@ -751,7 +520,7 @@ SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p);
751int ssl2_put_cipher_by_char(const SSL_CIPHER *c,unsigned char *p); 520int ssl2_put_cipher_by_char(const SSL_CIPHER *c,unsigned char *p);
752int ssl2_part_read(SSL *s, unsigned long f, int i); 521int ssl2_part_read(SSL *s, unsigned long f, int i);
753int ssl2_do_write(SSL *s); 522int ssl2_do_write(SSL *s);
754int ssl2_set_certificate(SSL *s, int type, int len, const unsigned char *data); 523int ssl2_set_certificate(SSL *s, int type, int len, unsigned char *data);
755void ssl2_return_error(SSL *s,int reason); 524void ssl2_return_error(SSL *s,int reason);
756void ssl2_write_error(SSL *s); 525void ssl2_write_error(SSL *s);
757int ssl2_num_ciphers(void); 526int ssl2_num_ciphers(void);
@@ -767,17 +536,14 @@ int ssl2_shutdown(SSL *s);
767void ssl2_clear(SSL *s); 536void ssl2_clear(SSL *s);
768long ssl2_ctrl(SSL *s,int cmd, long larg, void *parg); 537long ssl2_ctrl(SSL *s,int cmd, long larg, void *parg);
769long ssl2_ctx_ctrl(SSL_CTX *s,int cmd, long larg, void *parg); 538long ssl2_ctx_ctrl(SSL_CTX *s,int cmd, long larg, void *parg);
770long ssl2_callback_ctrl(SSL *s,int cmd, void (*fp)(void)); 539long ssl2_callback_ctrl(SSL *s,int cmd, void (*fp)());
771long ssl2_ctx_callback_ctrl(SSL_CTX *s,int cmd, void (*fp)(void)); 540long ssl2_ctx_callback_ctrl(SSL_CTX *s,int cmd, void (*fp)());
772int ssl2_pending(const SSL *s); 541int ssl2_pending(const SSL *s);
773long ssl2_default_timeout(void );
774 542
775SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p); 543SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p);
776int ssl3_put_cipher_by_char(const SSL_CIPHER *c,unsigned char *p); 544int ssl3_put_cipher_by_char(const SSL_CIPHER *c,unsigned char *p);
777void ssl3_init_finished_mac(SSL *s); 545void ssl3_init_finished_mac(SSL *s);
778int ssl3_send_server_certificate(SSL *s); 546int ssl3_send_server_certificate(SSL *s);
779int ssl3_send_newsession_ticket(SSL *s);
780int ssl3_send_cert_status(SSL *s);
781int ssl3_get_finished(SSL *s,int state_a,int state_b); 547int ssl3_get_finished(SSL *s,int state_a,int state_b);
782int ssl3_setup_key_block(SSL *s); 548int ssl3_setup_key_block(SSL *s);
783int ssl3_send_change_cipher_spec(SSL *s,int state_a,int state_b); 549int ssl3_send_change_cipher_spec(SSL *s,int state_a,int state_b);
@@ -818,94 +584,10 @@ int ssl3_shutdown(SSL *s);
818void ssl3_clear(SSL *s); 584void ssl3_clear(SSL *s);
819long ssl3_ctrl(SSL *s,int cmd, long larg, void *parg); 585long ssl3_ctrl(SSL *s,int cmd, long larg, void *parg);
820long ssl3_ctx_ctrl(SSL_CTX *s,int cmd, long larg, void *parg); 586long ssl3_ctx_ctrl(SSL_CTX *s,int cmd, long larg, void *parg);
821long ssl3_callback_ctrl(SSL *s,int cmd, void (*fp)(void)); 587long ssl3_callback_ctrl(SSL *s,int cmd, void (*fp)());
822long ssl3_ctx_callback_ctrl(SSL_CTX *s,int cmd, void (*fp)(void)); 588long ssl3_ctx_callback_ctrl(SSL_CTX *s,int cmd, void (*fp)());
823int ssl3_pending(const SSL *s); 589int ssl3_pending(const SSL *s);
824 590
825void ssl3_record_sequence_update(unsigned char *seq);
826int ssl3_do_change_cipher_spec(SSL *ssl);
827long ssl3_default_timeout(void );
828
829int ssl23_num_ciphers(void );
830SSL_CIPHER *ssl23_get_cipher(unsigned int u);
831int ssl23_read(SSL *s, void *buf, int len);
832int ssl23_peek(SSL *s, void *buf, int len);
833int ssl23_write(SSL *s, const void *buf, int len);
834int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p);
835SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p);
836long ssl23_default_timeout(void );
837
838long tls1_default_timeout(void);
839int dtls1_do_write(SSL *s,int type);
840int ssl3_read_n(SSL *s, int n, int max, int extend);
841int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek);
842int ssl3_do_compress(SSL *ssl);
843int ssl3_do_uncompress(SSL *ssl);
844int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
845 unsigned int len);
846unsigned char *dtls1_set_message_header(SSL *s,
847 unsigned char *p, unsigned char mt, unsigned long len,
848 unsigned long frag_off, unsigned long frag_len);
849
850int dtls1_write_app_data_bytes(SSL *s, int type, const void *buf, int len);
851int dtls1_write_bytes(SSL *s, int type, const void *buf, int len);
852
853int dtls1_send_change_cipher_spec(SSL *s, int a, int b);
854int dtls1_send_finished(SSL *s, int a, int b, const char *sender, int slen);
855unsigned long dtls1_output_cert_chain(SSL *s, X509 *x);
856int dtls1_read_failed(SSL *s, int code);
857int dtls1_buffer_message(SSL *s, int ccs);
858int dtls1_retransmit_message(SSL *s, unsigned short seq,
859 unsigned long frag_off, int *found);
860void dtls1_clear_record_buffer(SSL *s);
861void dtls1_get_message_header(unsigned char *data, struct hm_header_st *msg_hdr);
862void dtls1_get_ccs_header(unsigned char *data, struct ccs_header_st *ccs_hdr);
863void dtls1_reset_seq_numbers(SSL *s, int rw);
864long dtls1_default_timeout(void);
865SSL_CIPHER *dtls1_get_cipher(unsigned int u);
866
867
868
869/* some client-only functions */
870int ssl3_client_hello(SSL *s);
871int ssl3_get_server_hello(SSL *s);
872int ssl3_get_certificate_request(SSL *s);
873int ssl3_get_new_session_ticket(SSL *s);
874int ssl3_get_cert_status(SSL *s);
875int ssl3_get_server_done(SSL *s);
876int ssl3_send_client_verify(SSL *s);
877int ssl3_send_client_certificate(SSL *s);
878int ssl3_send_client_key_exchange(SSL *s);
879int ssl3_get_key_exchange(SSL *s);
880int ssl3_get_server_certificate(SSL *s);
881int ssl3_check_cert_and_algorithm(SSL *s);
882
883int dtls1_client_hello(SSL *s);
884int dtls1_send_client_certificate(SSL *s);
885int dtls1_send_client_key_exchange(SSL *s);
886int dtls1_send_client_verify(SSL *s);
887
888/* some server-only functions */
889int ssl3_get_client_hello(SSL *s);
890int ssl3_send_server_hello(SSL *s);
891int ssl3_send_hello_request(SSL *s);
892int ssl3_send_server_key_exchange(SSL *s);
893int ssl3_send_certificate_request(SSL *s);
894int ssl3_send_server_done(SSL *s);
895int ssl3_check_client_hello(SSL *s);
896int ssl3_get_client_certificate(SSL *s);
897int ssl3_get_client_key_exchange(SSL *s);
898int ssl3_get_cert_verify(SSL *s);
899
900int dtls1_send_hello_request(SSL *s);
901int dtls1_send_server_hello(SSL *s);
902int dtls1_send_server_certificate(SSL *s);
903int dtls1_send_server_key_exchange(SSL *s);
904int dtls1_send_certificate_request(SSL *s);
905int dtls1_send_server_done(SSL *s);
906
907
908
909int ssl23_accept(SSL *s); 591int ssl23_accept(SSL *s);
910int ssl23_connect(SSL *s); 592int ssl23_connect(SSL *s);
911int ssl23_read_bytes(SSL *s, int n); 593int ssl23_read_bytes(SSL *s, int n);
@@ -915,24 +597,9 @@ int tls1_new(SSL *s);
915void tls1_free(SSL *s); 597void tls1_free(SSL *s);
916void tls1_clear(SSL *s); 598void tls1_clear(SSL *s);
917long tls1_ctrl(SSL *s,int cmd, long larg, void *parg); 599long tls1_ctrl(SSL *s,int cmd, long larg, void *parg);
918long tls1_callback_ctrl(SSL *s,int cmd, void (*fp)(void)); 600long tls1_callback_ctrl(SSL *s,int cmd, void (*fp)());
919SSL_METHOD *tlsv1_base_method(void ); 601SSL_METHOD *tlsv1_base_method(void );
920 602
921int dtls1_new(SSL *s);
922int dtls1_accept(SSL *s);
923int dtls1_connect(SSL *s);
924void dtls1_free(SSL *s);
925void dtls1_clear(SSL *s);
926long dtls1_ctrl(SSL *s,int cmd, long larg, void *parg);
927SSL_METHOD *dtlsv1_base_method(void );
928
929long dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok);
930int dtls1_get_record(SSL *s);
931int do_dtls1_write(SSL *s, int type, const unsigned char *buf,
932 unsigned int len, int create_empty_fragement);
933int dtls1_dispatch_alert(SSL *s);
934int dtls1_enc(SSL *s, int snd);
935
936int ssl_init_wbio_buffer(SSL *s, int push); 603int ssl_init_wbio_buffer(SSL *s, int push);
937void ssl_free_wbio_buffer(SSL *s); 604void ssl_free_wbio_buffer(SSL *s);
938 605
@@ -949,28 +616,8 @@ int tls1_alert_code(int code);
949int ssl3_alert_code(int code); 616int ssl3_alert_code(int code);
950int ssl_ok(SSL *s); 617int ssl_ok(SSL *s);
951 618
952int check_srvr_ecc_cert_and_alg(X509 *x, SSL_CIPHER *cs);
953
954SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n); 619SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n);
620STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void);
955 621
956#ifndef OPENSSL_NO_TLSEXT
957unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned char *limit);
958unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned char *limit);
959int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **data, unsigned char *d, int n, int *al);
960int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **data, unsigned char *d, int n, int *al);
961int ssl_prepare_clienthello_tlsext(SSL *s);
962int ssl_prepare_serverhello_tlsext(SSL *s);
963int ssl_check_clienthello_tlsext(SSL *s);
964int ssl_check_serverhello_tlsext(SSL *s);
965#ifdef OPENSSL_NO_SHA256
966#define tlsext_tick_md EVP_sha1
967#else
968#define tlsext_tick_md EVP_sha256
969#endif
970int tls1_process_ticket(SSL *s, unsigned char *session_id, int len,
971 const unsigned char *limit, SSL_SESSION **ret);
972EVP_MD_CTX* ssl_replace_hash(EVP_MD_CTX **hash,const EVP_MD *md) ;
973void ssl_clear_hash_ctx(EVP_MD_CTX **hash);
974#endif
975 622
976#endif 623#endif
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-12-09 11:52:24 +0000