| ssl_lib.c (89837) | ssl_lib.c (100928) |
|---|---|
| 1/*! \file ssl/ssl_lib.c 2 * \brief Version independent SSL functions. 3 */ 4/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 5 * All rights reserved. 6 * 7 * This package is an SSL implementation written 8 * by Eric Young (eay@cryptsoft.com). --- 71 unchanged lines hidden (view full) --- 80 ssl_undefined_function, 81 (int (*)(SSL *, unsigned char *, unsigned char *, int))ssl_undefined_function, 82 (int (*)(SSL*, int))ssl_undefined_function, 83 (int (*)(SSL *, EVP_MD_CTX *, EVP_MD_CTX *, const char*, int, unsigned char *))ssl_undefined_function 84 }; 85 86int SSL_clear(SSL *s) 87 { | 1/*! \file ssl/ssl_lib.c 2 * \brief Version independent SSL functions. 3 */ 4/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 5 * All rights reserved. 6 * 7 * This package is an SSL implementation written 8 * by Eric Young (eay@cryptsoft.com). --- 71 unchanged lines hidden (view full) --- 80 ssl_undefined_function, 81 (int (*)(SSL *, unsigned char *, unsigned char *, int))ssl_undefined_function, 82 (int (*)(SSL*, int))ssl_undefined_function, 83 (int (*)(SSL *, EVP_MD_CTX *, EVP_MD_CTX *, const char*, int, unsigned char *))ssl_undefined_function 84 }; 85 86int SSL_clear(SSL *s) 87 { |
| 88 int state; | |
| 89 90 if (s->method == NULL) 91 { 92 SSLerr(SSL_F_SSL_CLEAR,SSL_R_NO_METHOD_SPECIFIED); 93 return(0); 94 } 95 | 88 89 if (s->method == NULL) 90 { 91 SSLerr(SSL_F_SSL_CLEAR,SSL_R_NO_METHOD_SPECIFIED); 92 return(0); 93 } 94 |
| 95 if (ssl_clear_bad_session(s)) 96 { 97 SSL_SESSION_free(s->session); 98 s->session=NULL; 99 } 100 |
|
| 96 s->error=0; 97 s->hit=0; 98 s->shutdown=0; 99 100#if 0 /* Disabled since version 1.10 of this file (early return not 101 * needed because SSL_clear is not called when doing renegotiation) */ 102 /* This is set if we are doing dynamic renegotiation so keep 103 * the old cipher. It is sort of a SSL_clear_lite :-) */ 104 if (s->new_session) return(1); 105#else 106 if (s->new_session) 107 { 108 SSLerr(SSL_F_SSL_CLEAR,SSL_R_INTERNAL_ERROR); 109 return 0; 110 } 111#endif 112 | 101 s->error=0; 102 s->hit=0; 103 s->shutdown=0; 104 105#if 0 /* Disabled since version 1.10 of this file (early return not 106 * needed because SSL_clear is not called when doing renegotiation) */ 107 /* This is set if we are doing dynamic renegotiation so keep 108 * the old cipher. It is sort of a SSL_clear_lite :-) */ 109 if (s->new_session) return(1); 110#else 111 if (s->new_session) 112 { 113 SSLerr(SSL_F_SSL_CLEAR,SSL_R_INTERNAL_ERROR); 114 return 0; 115 } 116#endif 117 |
| 113 state=s->state; /* Keep to check if we throw away the session-id */ | |
| 114 s->type=0; 115 116 s->state=SSL_ST_BEFORE|((s->server)?SSL_ST_ACCEPT:SSL_ST_CONNECT); 117 118 s->version=s->method->version; 119 s->client_version=s->version; 120 s->rwstate=SSL_NOTHING; 121 s->rstate=SSL_ST_READ_HEADER; --- 4 unchanged lines hidden (view full) --- 126 if (s->init_buf != NULL) 127 { 128 BUF_MEM_free(s->init_buf); 129 s->init_buf=NULL; 130 } 131 132 ssl_clear_cipher_ctx(s); 133 | 118 s->type=0; 119 120 s->state=SSL_ST_BEFORE|((s->server)?SSL_ST_ACCEPT:SSL_ST_CONNECT); 121 122 s->version=s->method->version; 123 s->client_version=s->version; 124 s->rwstate=SSL_NOTHING; 125 s->rstate=SSL_ST_READ_HEADER; --- 4 unchanged lines hidden (view full) --- 130 if (s->init_buf != NULL) 131 { 132 BUF_MEM_free(s->init_buf); 133 s->init_buf=NULL; 134 } 135 136 ssl_clear_cipher_ctx(s); 137 |
| 134 if (ssl_clear_bad_session(s)) 135 { 136 SSL_SESSION_free(s->session); 137 s->session=NULL; 138 } 139 | |
| 140 s->first_packet=0; 141 142#if 1 143 /* Check to see if we were changed into a different method, if 144 * so, revert back if we are not doing session-id reuse. */ 145 if (!s->in_handshake && (s->session == NULL) && (s->method != s->ctx->method)) 146 { 147 s->method->ssl_free(s); --- 642 unchanged lines hidden (view full) --- 790 if ((s != NULL) && !SSL_in_init(s)) 791 return(s->method->ssl_shutdown(s)); 792 else 793 return(1); 794 } 795 796int SSL_renegotiate(SSL *s) 797 { | 138 s->first_packet=0; 139 140#if 1 141 /* Check to see if we were changed into a different method, if 142 * so, revert back if we are not doing session-id reuse. */ 143 if (!s->in_handshake && (s->session == NULL) && (s->method != s->ctx->method)) 144 { 145 s->method->ssl_free(s); --- 642 unchanged lines hidden (view full) --- 788 if ((s != NULL) && !SSL_in_init(s)) 789 return(s->method->ssl_shutdown(s)); 790 else 791 return(1); 792 } 793 794int SSL_renegotiate(SSL *s) 795 { |
| 798 s->new_session=1; | 796 if (s->new_session == 0) 797 { 798 s->new_session=1; 799 } |
| 799 return(s->method->ssl_renegotiate(s)); 800 } 801 802long SSL_ctrl(SSL *s,int cmd,long larg,char *parg) 803 { 804 long l; 805 806 switch (cmd) --- 657 unchanged lines hidden (view full) --- 1464void ssl_update_cache(SSL *s,int mode) 1465 { 1466 int i; 1467 1468 /* If the session_id_length is 0, we are not supposed to cache it, 1469 * and it would be rather hard to do anyway :-) */ 1470 if (s->session->session_id_length == 0) return; 1471 | 800 return(s->method->ssl_renegotiate(s)); 801 } 802 803long SSL_ctrl(SSL *s,int cmd,long larg,char *parg) 804 { 805 long l; 806 807 switch (cmd) --- 657 unchanged lines hidden (view full) --- 1465void ssl_update_cache(SSL *s,int mode) 1466 { 1467 int i; 1468 1469 /* If the session_id_length is 0, we are not supposed to cache it, 1470 * and it would be rather hard to do anyway :-) */ 1471 if (s->session->session_id_length == 0) return; 1472 |
| 1472 if ((s->ctx->session_cache_mode & mode) 1473 && (!s->hit) 1474 && SSL_CTX_add_session(s->ctx,s->session) | 1473 i=s->ctx->session_cache_mode; 1474 if ((i & mode) && (!s->hit) 1475 && ((i & SSL_SESS_CACHE_NO_INTERNAL_LOOKUP) 1476 || SSL_CTX_add_session(s->ctx,s->session)) |
| 1475 && (s->ctx->new_session_cb != NULL)) 1476 { 1477 CRYPTO_add(&s->session->references,1,CRYPTO_LOCK_SSL_SESSION); 1478 if (!s->ctx->new_session_cb(s,s->session)) 1479 SSL_SESSION_free(s->session); 1480 } 1481 1482 /* auto flush every 255 connections */ | 1477 && (s->ctx->new_session_cb != NULL)) 1478 { 1479 CRYPTO_add(&s->session->references,1,CRYPTO_LOCK_SSL_SESSION); 1480 if (!s->ctx->new_session_cb(s,s->session)) 1481 SSL_SESSION_free(s->session); 1482 } 1483 1484 /* auto flush every 255 connections */ |
| 1483 i=s->ctx->session_cache_mode; | |
| 1484 if ((!(i & SSL_SESS_CACHE_NO_AUTO_CLEAR)) && 1485 ((i & mode) == mode)) 1486 { 1487 if ( (((mode & SSL_SESS_CACHE_CLIENT) 1488 ?s->ctx->stats.sess_connect_good 1489 :s->ctx->stats.sess_accept_good) & 0xff) == 0xff) 1490 { 1491 SSL_CTX_flush_sessions(s->ctx,time(NULL)); --- 598 unchanged lines hidden --- | 1485 if ((!(i & SSL_SESS_CACHE_NO_AUTO_CLEAR)) && 1486 ((i & mode) == mode)) 1487 { 1488 if ( (((mode & SSL_SESS_CACHE_CLIENT) 1489 ?s->ctx->stats.sess_connect_good 1490 :s->ctx->stats.sess_accept_good) & 0xff) == 0xff) 1491 { 1492 SSL_CTX_flush_sessions(s->ctx,time(NULL)); --- 598 unchanged lines hidden --- |