1280304Sjkim/* 2280304Sjkim * ! \file ssl/ssl_lib.c \brief Version independent SSL functions. 355714Skris */ 455714Skris/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 555714Skris * All rights reserved. 655714Skris * 755714Skris * This package is an SSL implementation written 855714Skris * by Eric Young (eay@cryptsoft.com). 955714Skris * The implementation was written so as to conform with Netscapes SSL. 10280304Sjkim * 1155714Skris * This library is free for commercial and non-commercial use as long as 1255714Skris * the following conditions are aheared to. The following conditions 1355714Skris * apply to all code found in this distribution, be it the RC4, RSA, 1455714Skris * lhash, DES, etc., code; not just the SSL code. The SSL documentation 1555714Skris * included with this distribution is covered by the same copyright terms 1655714Skris * except that the holder is Tim Hudson (tjh@cryptsoft.com). 17280304Sjkim * 1855714Skris * Copyright remains Eric Young's, and as such any Copyright notices in 1955714Skris * the code are not to be removed. 2055714Skris * If this package is used in a product, Eric Young should be given attribution 2155714Skris * as the author of the parts of the library used. 2255714Skris * This can be in the form of a textual message at program startup or 2355714Skris * in documentation (online or textual) provided with the package. 24280304Sjkim * 2555714Skris * Redistribution and use in source and binary forms, with or without 2655714Skris * modification, are permitted provided that the following conditions 2755714Skris * are met: 2855714Skris * 1. Redistributions of source code must retain the copyright 2955714Skris * notice, this list of conditions and the following disclaimer. 3055714Skris * 2. Redistributions in binary form must reproduce the above copyright 3155714Skris * notice, this list of conditions and the following disclaimer in the 3255714Skris * documentation and/or other materials provided with the distribution. 3355714Skris * 3. All advertising materials mentioning features or use of this software 3455714Skris * must display the following acknowledgement: 3555714Skris * "This product includes cryptographic software written by 3655714Skris * Eric Young (eay@cryptsoft.com)" 3755714Skris * The word 'cryptographic' can be left out if the rouines from the library 3855714Skris * being used are not cryptographic related :-). 39280304Sjkim * 4. If you include any Windows specific code (or a derivative thereof) from 4055714Skris * the apps directory (application code) you must include an acknowledgement: 4155714Skris * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 42280304Sjkim * 4355714Skris * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 4455714Skris * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 4555714Skris * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 4655714Skris * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 4755714Skris * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 4855714Skris * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 4955714Skris * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 5055714Skris * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 5155714Skris * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 5255714Skris * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 5355714Skris * SUCH DAMAGE. 54280304Sjkim * 5555714Skris * The licence and distribution terms for any publically available version or 5655714Skris * derivative of this code cannot be changed. i.e. this code cannot simply be 5755714Skris * copied and put under another distribution licence 5855714Skris * [including the GNU Public Licence.] 5955714Skris */ 60109998Smarkm/* ==================================================================== 61238405Sjkim * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved. 62109998Smarkm * 63109998Smarkm * Redistribution and use in source and binary forms, with or without 64109998Smarkm * modification, are permitted provided that the following conditions 65109998Smarkm * are met: 66109998Smarkm * 67109998Smarkm * 1. Redistributions of source code must retain the above copyright 68280304Sjkim * notice, this list of conditions and the following disclaimer. 69109998Smarkm * 70109998Smarkm * 2. Redistributions in binary form must reproduce the above copyright 71109998Smarkm * notice, this list of conditions and the following disclaimer in 72109998Smarkm * the documentation and/or other materials provided with the 73109998Smarkm * distribution. 74109998Smarkm * 75109998Smarkm * 3. All advertising materials mentioning features or use of this 76109998Smarkm * software must display the following acknowledgment: 77109998Smarkm * "This product includes software developed by the OpenSSL Project 78109998Smarkm * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 79109998Smarkm * 80109998Smarkm * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 81109998Smarkm * endorse or promote products derived from this software without 82109998Smarkm * prior written permission. For written permission, please contact 83109998Smarkm * openssl-core@openssl.org. 84109998Smarkm * 85109998Smarkm * 5. Products derived from this software may not be called "OpenSSL" 86109998Smarkm * nor may "OpenSSL" appear in their names without prior written 87109998Smarkm * permission of the OpenSSL Project. 88109998Smarkm * 89109998Smarkm * 6. Redistributions of any form whatsoever must retain the following 90109998Smarkm * acknowledgment: 91109998Smarkm * "This product includes software developed by the OpenSSL Project 92109998Smarkm * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 93109998Smarkm * 94109998Smarkm * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 95109998Smarkm * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 96109998Smarkm * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 97109998Smarkm * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 98109998Smarkm * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 99109998Smarkm * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 100109998Smarkm * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 101109998Smarkm * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 102109998Smarkm * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 103109998Smarkm * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 104109998Smarkm * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 105109998Smarkm * OF THE POSSIBILITY OF SUCH DAMAGE. 106109998Smarkm * ==================================================================== 107109998Smarkm * 108109998Smarkm * This product includes cryptographic software written by Eric Young 109109998Smarkm * (eay@cryptsoft.com). This product includes software written by Tim 110109998Smarkm * Hudson (tjh@cryptsoft.com). 111109998Smarkm * 112109998Smarkm */ 113160814Ssimon/* ==================================================================== 114160814Ssimon * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 115280304Sjkim * ECC cipher suite support in OpenSSL originally developed by 116160814Ssimon * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. 117160814Ssimon */ 118238405Sjkim/* ==================================================================== 119238405Sjkim * Copyright 2005 Nokia. All rights reserved. 120238405Sjkim * 121238405Sjkim * The portions of the attached software ("Contribution") is developed by 122238405Sjkim * Nokia Corporation and is licensed pursuant to the OpenSSL open source 123238405Sjkim * license. 124238405Sjkim * 125238405Sjkim * The Contribution, originally written by Mika Kousa and Pasi Eronen of 126238405Sjkim * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 127238405Sjkim * support (see RFC 4279) to OpenSSL. 128238405Sjkim * 129238405Sjkim * No patent licenses or other rights except those expressly stated in 130238405Sjkim * the OpenSSL open source license shall be deemed granted or received 131238405Sjkim * expressly, by implication, estoppel, or otherwise. 132238405Sjkim * 133238405Sjkim * No assurances are provided by Nokia that the Contribution does not 134238405Sjkim * infringe the patent or other intellectual property rights of any third 135238405Sjkim * party or that the license provides you with all the necessary rights 136238405Sjkim * to make use of the Contribution. 137238405Sjkim * 138238405Sjkim * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 139238405Sjkim * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 140238405Sjkim * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 141238405Sjkim * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 142238405Sjkim * OTHERWISE. 143238405Sjkim */ 14455714Skris 145109998Smarkm#ifdef REF_CHECK 146280304Sjkim# include <assert.h> 147109998Smarkm#endif 14855714Skris#include <stdio.h> 149109998Smarkm#include "ssl_locl.h" 150109998Smarkm#include "kssl_lcl.h" 15155714Skris#include <openssl/objects.h> 15255714Skris#include <openssl/lhash.h> 15359191Skris#include <openssl/x509v3.h> 154194206Ssimon#include <openssl/rand.h> 155194206Ssimon#include <openssl/ocsp.h> 156160814Ssimon#ifndef OPENSSL_NO_DH 157280304Sjkim# include <openssl/dh.h> 158160814Ssimon#endif 159194206Ssimon#ifndef OPENSSL_NO_ENGINE 160280304Sjkim# include <openssl/engine.h> 161194206Ssimon#endif 16255714Skris 163280304Sjkimconst char *SSL_version_str = OPENSSL_VERSION_TEXT; 16455714Skris 165280304SjkimSSL3_ENC_METHOD ssl3_undef_enc_method = { 166280304Sjkim /* 167280304Sjkim * evil casts, but these functions are only called if there's a library 168280304Sjkim * bug 169280304Sjkim */ 170280304Sjkim (int (*)(SSL *, int))ssl_undefined_function, 171280304Sjkim (int (*)(SSL *, unsigned char *, int))ssl_undefined_function, 172280304Sjkim ssl_undefined_function, 173280304Sjkim (int (*)(SSL *, unsigned char *, unsigned char *, int)) 174280304Sjkim ssl_undefined_function, 175280304Sjkim (int (*)(SSL *, int))ssl_undefined_function, 176280304Sjkim (int (*)(SSL *, const char *, int, unsigned char *)) 177280304Sjkim ssl_undefined_function, 178280304Sjkim 0, /* finish_mac_length */ 179280304Sjkim (int (*)(SSL *, int, unsigned char *))ssl_undefined_function, 180280304Sjkim NULL, /* client_finished_label */ 181280304Sjkim 0, /* client_finished_label_len */ 182280304Sjkim NULL, /* server_finished_label */ 183280304Sjkim 0, /* server_finished_label_len */ 184280304Sjkim (int (*)(int))ssl_undefined_function, 185280304Sjkim (int (*)(SSL *, unsigned char *, size_t, const char *, 186280304Sjkim size_t, const unsigned char *, size_t, 187280304Sjkim int use_context))ssl_undefined_function, 188280304Sjkim}; 18955714Skris 19055714Skrisint SSL_clear(SSL *s) 191280304Sjkim{ 19255714Skris 193280304Sjkim if (s->method == NULL) { 194280304Sjkim SSLerr(SSL_F_SSL_CLEAR, SSL_R_NO_METHOD_SPECIFIED); 195280304Sjkim return (0); 196280304Sjkim } 19755714Skris 198280304Sjkim if (ssl_clear_bad_session(s)) { 199280304Sjkim SSL_SESSION_free(s->session); 200280304Sjkim s->session = NULL; 201280304Sjkim } 202100928Snectar 203280304Sjkim s->error = 0; 204280304Sjkim s->hit = 0; 205280304Sjkim s->shutdown = 0; 20655714Skris 207280304Sjkim#if 0 208280304Sjkim /* 209280304Sjkim * Disabled since version 1.10 of this file (early return not 210280304Sjkim * needed because SSL_clear is not called when doing renegotiation) 211280304Sjkim */ 212280304Sjkim /* 213280304Sjkim * This is set if we are doing dynamic renegotiation so keep 214280304Sjkim * the old cipher. It is sort of a SSL_clear_lite :-) 215280304Sjkim */ 216280304Sjkim if (s->renegotiate) 217280304Sjkim return (1); 21859191Skris#else 219280304Sjkim if (s->renegotiate) { 220280304Sjkim SSLerr(SSL_F_SSL_CLEAR, ERR_R_INTERNAL_ERROR); 221280304Sjkim return 0; 222280304Sjkim } 22355714Skris#endif 22455714Skris 225280304Sjkim s->type = 0; 22655714Skris 227280304Sjkim s->state = SSL_ST_BEFORE | ((s->server) ? SSL_ST_ACCEPT : SSL_ST_CONNECT); 22855714Skris 229280304Sjkim s->version = s->method->version; 230280304Sjkim s->client_version = s->version; 231280304Sjkim s->rwstate = SSL_NOTHING; 232280304Sjkim s->rstate = SSL_ST_READ_HEADER; 23372613Skris#if 0 234280304Sjkim s->read_ahead = s->ctx->read_ahead; 23572613Skris#endif 23655714Skris 237280304Sjkim if (s->init_buf != NULL) { 238280304Sjkim BUF_MEM_free(s->init_buf); 239280304Sjkim s->init_buf = NULL; 240280304Sjkim } 24155714Skris 242280304Sjkim ssl_clear_cipher_ctx(s); 243280304Sjkim ssl_clear_hash_ctx(&s->read_hash); 244280304Sjkim ssl_clear_hash_ctx(&s->write_hash); 24555714Skris 246280304Sjkim s->first_packet = 0; 24755714Skris 24855714Skris#if 1 249280304Sjkim /* 250280304Sjkim * Check to see if we were changed into a different method, if so, revert 251280304Sjkim * back if we are not doing session-id reuse. 252280304Sjkim */ 253280304Sjkim if (!s->in_handshake && (s->session == NULL) 254280304Sjkim && (s->method != s->ctx->method)) { 255280304Sjkim s->method->ssl_free(s); 256280304Sjkim s->method = s->ctx->method; 257280304Sjkim if (!s->method->ssl_new(s)) 258280304Sjkim return (0); 259280304Sjkim } else 26055714Skris#endif 261280304Sjkim s->method->ssl_clear(s); 262280304Sjkim return (1); 263280304Sjkim} 26455714Skris 26555714Skris/** Used to change an SSL_CTXs default SSL method type */ 266280304Sjkimint SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth) 267280304Sjkim{ 268280304Sjkim STACK_OF(SSL_CIPHER) *sk; 26955714Skris 270280304Sjkim ctx->method = meth; 27155714Skris 272280304Sjkim sk = ssl_create_cipher_list(ctx->method, &(ctx->cipher_list), 273280304Sjkim &(ctx->cipher_list_by_id), 274280304Sjkim meth->version == 275280304Sjkim SSL2_VERSION ? "SSLv2" : 276280304Sjkim SSL_DEFAULT_CIPHER_LIST); 277280304Sjkim if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0)) { 278280304Sjkim SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION, 279280304Sjkim SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS); 280280304Sjkim return (0); 281280304Sjkim } 282280304Sjkim return (1); 283280304Sjkim} 28455714Skris 28555714SkrisSSL *SSL_new(SSL_CTX *ctx) 286280304Sjkim{ 287280304Sjkim SSL *s; 28855714Skris 289280304Sjkim if (ctx == NULL) { 290280304Sjkim SSLerr(SSL_F_SSL_NEW, SSL_R_NULL_SSL_CTX); 291280304Sjkim return (NULL); 292280304Sjkim } 293280304Sjkim if (ctx->method == NULL) { 294280304Sjkim SSLerr(SSL_F_SSL_NEW, SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION); 295280304Sjkim return (NULL); 296280304Sjkim } 29755714Skris 298280304Sjkim s = (SSL *)OPENSSL_malloc(sizeof(SSL)); 299280304Sjkim if (s == NULL) 300280304Sjkim goto err; 301280304Sjkim memset(s, 0, sizeof(SSL)); 30255714Skris 303280304Sjkim#ifndef OPENSSL_NO_KRB5 304280304Sjkim s->kssl_ctx = kssl_ctx_new(); 305280304Sjkim#endif /* OPENSSL_NO_KRB5 */ 306109998Smarkm 307280304Sjkim s->options = ctx->options; 308280304Sjkim s->mode = ctx->mode; 309280304Sjkim s->max_cert_list = ctx->max_cert_list; 310291721Sjkim s->references = 1; 311109998Smarkm 312280304Sjkim if (ctx->cert != NULL) { 313280304Sjkim /* 314280304Sjkim * Earlier library versions used to copy the pointer to the CERT, not 315280304Sjkim * its contents; only when setting new parameters for the per-SSL 316280304Sjkim * copy, ssl_cert_new would be called (and the direct reference to 317280304Sjkim * the per-SSL_CTX settings would be lost, but those still were 318280304Sjkim * indirectly accessed for various purposes, and for that reason they 319280304Sjkim * used to be known as s->ctx->default_cert). Now we don't look at the 320280304Sjkim * SSL_CTX's CERT after having duplicated it once. 321280304Sjkim */ 32255714Skris 323280304Sjkim s->cert = ssl_cert_dup(ctx->cert); 324280304Sjkim if (s->cert == NULL) 325280304Sjkim goto err; 326280304Sjkim } else 327280304Sjkim s->cert = NULL; /* Cannot really happen (see SSL_CTX_new) */ 328109998Smarkm 329280304Sjkim s->read_ahead = ctx->read_ahead; 330280304Sjkim s->msg_callback = ctx->msg_callback; 331280304Sjkim s->msg_callback_arg = ctx->msg_callback_arg; 332280304Sjkim s->verify_mode = ctx->verify_mode; 333160814Ssimon#if 0 334280304Sjkim s->verify_depth = ctx->verify_depth; 335160814Ssimon#endif 336280304Sjkim s->sid_ctx_length = ctx->sid_ctx_length; 337280304Sjkim OPENSSL_assert(s->sid_ctx_length <= sizeof s->sid_ctx); 338280304Sjkim memcpy(&s->sid_ctx, &ctx->sid_ctx, sizeof(s->sid_ctx)); 339280304Sjkim s->verify_callback = ctx->default_verify_callback; 340280304Sjkim s->generate_session_id = ctx->generate_session_id; 341160814Ssimon 342280304Sjkim s->param = X509_VERIFY_PARAM_new(); 343280304Sjkim if (!s->param) 344280304Sjkim goto err; 345280304Sjkim X509_VERIFY_PARAM_inherit(s->param, ctx->param); 346160814Ssimon#if 0 347280304Sjkim s->purpose = ctx->purpose; 348280304Sjkim s->trust = ctx->trust; 349160814Ssimon#endif 350280304Sjkim s->quiet_shutdown = ctx->quiet_shutdown; 351280304Sjkim s->max_send_fragment = ctx->max_send_fragment; 352109998Smarkm 353280304Sjkim CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX); 354280304Sjkim s->ctx = ctx; 355194206Ssimon#ifndef OPENSSL_NO_TLSEXT 356280304Sjkim s->tlsext_debug_cb = 0; 357280304Sjkim s->tlsext_debug_arg = NULL; 358280304Sjkim s->tlsext_ticket_expected = 0; 359280304Sjkim s->tlsext_status_type = -1; 360280304Sjkim s->tlsext_status_expected = 0; 361280304Sjkim s->tlsext_ocsp_ids = NULL; 362280304Sjkim s->tlsext_ocsp_exts = NULL; 363280304Sjkim s->tlsext_ocsp_resp = NULL; 364280304Sjkim s->tlsext_ocsp_resplen = -1; 365280304Sjkim CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX); 366280304Sjkim s->initial_ctx = ctx; 367238405Sjkim# ifndef OPENSSL_NO_NEXTPROTONEG 368280304Sjkim s->next_proto_negotiated = NULL; 369238405Sjkim# endif 370194206Ssimon#endif 371238405Sjkim 372280304Sjkim s->verify_result = X509_V_OK; 37355714Skris 374280304Sjkim s->method = ctx->method; 37555714Skris 376280304Sjkim if (!s->method->ssl_new(s)) 377280304Sjkim goto err; 37855714Skris 379280304Sjkim s->server = (ctx->method->ssl_accept == ssl_undefined_function) ? 0 : 1; 380109998Smarkm 381280304Sjkim SSL_clear(s); 38255714Skris 383280304Sjkim CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data); 38455714Skris 385238405Sjkim#ifndef OPENSSL_NO_PSK 386280304Sjkim s->psk_client_callback = ctx->psk_client_callback; 387280304Sjkim s->psk_server_callback = ctx->psk_server_callback; 388238405Sjkim#endif 389238405Sjkim 390280304Sjkim return (s); 391280304Sjkim err: 392280304Sjkim if (s != NULL) 393280304Sjkim SSL_free(s); 394280304Sjkim SSLerr(SSL_F_SSL_NEW, ERR_R_MALLOC_FAILURE); 395280304Sjkim return (NULL); 396280304Sjkim} 39755714Skris 398280304Sjkimint SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx, 399280304Sjkim unsigned int sid_ctx_len) 400280304Sjkim{ 401280304Sjkim if (sid_ctx_len > sizeof ctx->sid_ctx) { 402280304Sjkim SSLerr(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT, 403280304Sjkim SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG); 404280304Sjkim return 0; 405280304Sjkim } 406280304Sjkim ctx->sid_ctx_length = sid_ctx_len; 407280304Sjkim memcpy(ctx->sid_ctx, sid_ctx, sid_ctx_len); 40855714Skris 40955714Skris return 1; 410280304Sjkim} 411280304Sjkim 412280304Sjkimint SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx, 413280304Sjkim unsigned int sid_ctx_len) 414280304Sjkim{ 415280304Sjkim if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) { 416280304Sjkim SSLerr(SSL_F_SSL_SET_SESSION_ID_CONTEXT, 417280304Sjkim SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG); 418280304Sjkim return 0; 41955714Skris } 420280304Sjkim ssl->sid_ctx_length = sid_ctx_len; 421280304Sjkim memcpy(ssl->sid_ctx, sid_ctx, sid_ctx_len); 42255714Skris 42355714Skris return 1; 424280304Sjkim} 42555714Skris 426109998Smarkmint SSL_CTX_set_generate_session_id(SSL_CTX *ctx, GEN_SESSION_CB cb) 427280304Sjkim{ 428280304Sjkim CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX); 429280304Sjkim ctx->generate_session_id = cb; 430280304Sjkim CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX); 431280304Sjkim return 1; 432280304Sjkim} 433109998Smarkm 434109998Smarkmint SSL_set_generate_session_id(SSL *ssl, GEN_SESSION_CB cb) 435280304Sjkim{ 436280304Sjkim CRYPTO_w_lock(CRYPTO_LOCK_SSL); 437280304Sjkim ssl->generate_session_id = cb; 438280304Sjkim CRYPTO_w_unlock(CRYPTO_LOCK_SSL); 439280304Sjkim return 1; 440280304Sjkim} 44159191Skris 442109998Smarkmint SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id, 443280304Sjkim unsigned int id_len) 444280304Sjkim{ 445280304Sjkim /* 446280304Sjkim * A quick examination of SSL_SESSION_hash and SSL_SESSION_cmp shows how 447280304Sjkim * we can "construct" a session to give us the desired check - ie. to 448280304Sjkim * find if there's a session in the hash table that would conflict with 449280304Sjkim * any new session built out of this id/id_len and the ssl_version in use 450280304Sjkim * by this SSL. 451280304Sjkim */ 452280304Sjkim SSL_SESSION r, *p; 453109998Smarkm 454280304Sjkim if (id_len > sizeof r.session_id) 455280304Sjkim return 0; 456109998Smarkm 457280304Sjkim r.ssl_version = ssl->version; 458280304Sjkim r.session_id_length = id_len; 459280304Sjkim memcpy(r.session_id, id, id_len); 460280304Sjkim /* 461280304Sjkim * NB: SSLv2 always uses a fixed 16-byte session ID, so even if a 462280304Sjkim * callback is calling us to check the uniqueness of a shorter ID, it 463280304Sjkim * must be compared as a padded-out ID because that is what it will be 464280304Sjkim * converted to when the callback has finished choosing it. 465280304Sjkim */ 466280304Sjkim if ((r.ssl_version == SSL2_VERSION) && 467280304Sjkim (id_len < SSL2_SSL_SESSION_ID_LENGTH)) { 468280304Sjkim memset(r.session_id + id_len, 0, SSL2_SSL_SESSION_ID_LENGTH - id_len); 469280304Sjkim r.session_id_length = SSL2_SSL_SESSION_ID_LENGTH; 470280304Sjkim } 471109998Smarkm 472280304Sjkim CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX); 473280304Sjkim p = lh_SSL_SESSION_retrieve(ssl->ctx->sessions, &r); 474280304Sjkim CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX); 475280304Sjkim return (p != NULL); 476280304Sjkim} 477109998Smarkm 478109998Smarkmint SSL_CTX_set_purpose(SSL_CTX *s, int purpose) 479280304Sjkim{ 480280304Sjkim return X509_VERIFY_PARAM_set_purpose(s->param, purpose); 481280304Sjkim} 482109998Smarkm 483109998Smarkmint SSL_set_purpose(SSL *s, int purpose) 484280304Sjkim{ 485280304Sjkim return X509_VERIFY_PARAM_set_purpose(s->param, purpose); 486280304Sjkim} 487109998Smarkm 48859191Skrisint SSL_CTX_set_trust(SSL_CTX *s, int trust) 489280304Sjkim{ 490280304Sjkim return X509_VERIFY_PARAM_set_trust(s->param, trust); 491280304Sjkim} 49259191Skris 49359191Skrisint SSL_set_trust(SSL *s, int trust) 494280304Sjkim{ 495280304Sjkim return X509_VERIFY_PARAM_set_trust(s->param, trust); 496280304Sjkim} 49759191Skris 498238405Sjkimint SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm) 499280304Sjkim{ 500280304Sjkim return X509_VERIFY_PARAM_set1(ctx->param, vpm); 501280304Sjkim} 502238405Sjkim 503238405Sjkimint SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm) 504280304Sjkim{ 505280304Sjkim return X509_VERIFY_PARAM_set1(ssl->param, vpm); 506280304Sjkim} 507238405Sjkim 50855714Skrisvoid SSL_free(SSL *s) 509280304Sjkim{ 510280304Sjkim int i; 51155714Skris 512280304Sjkim if (s == NULL) 513280304Sjkim return; 51455714Skris 515280304Sjkim i = CRYPTO_add(&s->references, -1, CRYPTO_LOCK_SSL); 51655714Skris#ifdef REF_PRINT 517280304Sjkim REF_PRINT("SSL", s); 51855714Skris#endif 519280304Sjkim if (i > 0) 520280304Sjkim return; 52155714Skris#ifdef REF_CHECK 522280304Sjkim if (i < 0) { 523280304Sjkim fprintf(stderr, "SSL_free, bad reference count\n"); 524280304Sjkim abort(); /* ok */ 525280304Sjkim } 52655714Skris#endif 52755714Skris 528280304Sjkim if (s->param) 529280304Sjkim X509_VERIFY_PARAM_free(s->param); 530160814Ssimon 531280304Sjkim CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data); 53255714Skris 533280304Sjkim if (s->bbio != NULL) { 534280304Sjkim /* If the buffering BIO is in place, pop it off */ 535280304Sjkim if (s->bbio == s->wbio) { 536280304Sjkim s->wbio = BIO_pop(s->wbio); 537280304Sjkim } 538280304Sjkim BIO_free(s->bbio); 539280304Sjkim s->bbio = NULL; 540280304Sjkim } 541280304Sjkim if (s->rbio != NULL) 542280304Sjkim BIO_free_all(s->rbio); 543280304Sjkim if ((s->wbio != NULL) && (s->wbio != s->rbio)) 544280304Sjkim BIO_free_all(s->wbio); 54555714Skris 546280304Sjkim if (s->init_buf != NULL) 547280304Sjkim BUF_MEM_free(s->init_buf); 54855714Skris 549280304Sjkim /* add extra stuff */ 550280304Sjkim if (s->cipher_list != NULL) 551280304Sjkim sk_SSL_CIPHER_free(s->cipher_list); 552280304Sjkim if (s->cipher_list_by_id != NULL) 553280304Sjkim sk_SSL_CIPHER_free(s->cipher_list_by_id); 55455714Skris 555280304Sjkim /* Make the next call work :-) */ 556280304Sjkim if (s->session != NULL) { 557280304Sjkim ssl_clear_bad_session(s); 558280304Sjkim SSL_SESSION_free(s->session); 559280304Sjkim } 56055714Skris 561280304Sjkim ssl_clear_cipher_ctx(s); 562280304Sjkim ssl_clear_hash_ctx(&s->read_hash); 563280304Sjkim ssl_clear_hash_ctx(&s->write_hash); 56455714Skris 565280304Sjkim if (s->cert != NULL) 566280304Sjkim ssl_cert_free(s->cert); 567280304Sjkim /* Free up if allocated */ 56855714Skris 569194206Ssimon#ifndef OPENSSL_NO_TLSEXT 570280304Sjkim if (s->tlsext_hostname) 571280304Sjkim OPENSSL_free(s->tlsext_hostname); 572280304Sjkim if (s->initial_ctx) 573280304Sjkim SSL_CTX_free(s->initial_ctx); 574280304Sjkim# ifndef OPENSSL_NO_EC 575280304Sjkim if (s->tlsext_ecpointformatlist) 576280304Sjkim OPENSSL_free(s->tlsext_ecpointformatlist); 577280304Sjkim if (s->tlsext_ellipticcurvelist) 578280304Sjkim OPENSSL_free(s->tlsext_ellipticcurvelist); 579280304Sjkim# endif /* OPENSSL_NO_EC */ 580280304Sjkim if (s->tlsext_opaque_prf_input) 581280304Sjkim OPENSSL_free(s->tlsext_opaque_prf_input); 582280304Sjkim if (s->tlsext_ocsp_exts) 583280304Sjkim sk_X509_EXTENSION_pop_free(s->tlsext_ocsp_exts, X509_EXTENSION_free); 584280304Sjkim if (s->tlsext_ocsp_ids) 585280304Sjkim sk_OCSP_RESPID_pop_free(s->tlsext_ocsp_ids, OCSP_RESPID_free); 586280304Sjkim if (s->tlsext_ocsp_resp) 587280304Sjkim OPENSSL_free(s->tlsext_ocsp_resp); 588194206Ssimon#endif 589238405Sjkim 590280304Sjkim if (s->client_CA != NULL) 591280304Sjkim sk_X509_NAME_pop_free(s->client_CA, X509_NAME_free); 59255714Skris 593280304Sjkim if (s->method != NULL) 594280304Sjkim s->method->ssl_free(s); 59555714Skris 596280304Sjkim if (s->ctx) 597280304Sjkim SSL_CTX_free(s->ctx); 598205128Ssimon 599280304Sjkim#ifndef OPENSSL_NO_KRB5 600280304Sjkim if (s->kssl_ctx != NULL) 601280304Sjkim kssl_ctx_free(s->kssl_ctx); 602280304Sjkim#endif /* OPENSSL_NO_KRB5 */ 603120631Snectar 604238405Sjkim#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) 605280304Sjkim if (s->next_proto_negotiated) 606280304Sjkim OPENSSL_free(s->next_proto_negotiated); 607238405Sjkim#endif 608238405Sjkim 609246772Sjkim#ifndef OPENSSL_NO_SRTP 610280304Sjkim if (s->srtp_profiles) 611280304Sjkim sk_SRTP_PROTECTION_PROFILE_free(s->srtp_profiles); 612246772Sjkim#endif 613238405Sjkim 614280304Sjkim OPENSSL_free(s); 615280304Sjkim} 61655714Skris 617280304Sjkimvoid SSL_set_bio(SSL *s, BIO *rbio, BIO *wbio) 618280304Sjkim{ 619280304Sjkim /* 620280304Sjkim * If the output buffering BIO is still in place, remove it 621280304Sjkim */ 622280304Sjkim if (s->bbio != NULL) { 623280304Sjkim if (s->wbio == s->bbio) { 624280304Sjkim s->wbio = s->wbio->next_bio; 625280304Sjkim s->bbio->next_bio = NULL; 626280304Sjkim } 627280304Sjkim } 628280304Sjkim if ((s->rbio != NULL) && (s->rbio != rbio)) 629280304Sjkim BIO_free_all(s->rbio); 630280304Sjkim if ((s->wbio != NULL) && (s->wbio != wbio) && (s->rbio != s->wbio)) 631280304Sjkim BIO_free_all(s->wbio); 632280304Sjkim s->rbio = rbio; 633280304Sjkim s->wbio = wbio; 634280304Sjkim} 63555714Skris 636160814SsimonBIO *SSL_get_rbio(const SSL *s) 637280304Sjkim{ 638280304Sjkim return (s->rbio); 639280304Sjkim} 64055714Skris 641160814SsimonBIO *SSL_get_wbio(const SSL *s) 642280304Sjkim{ 643280304Sjkim return (s->wbio); 644280304Sjkim} 64555714Skris 646160814Ssimonint SSL_get_fd(const SSL *s) 647280304Sjkim{ 648280304Sjkim return (SSL_get_rfd(s)); 649280304Sjkim} 65089837Skris 651160814Ssimonint SSL_get_rfd(const SSL *s) 652280304Sjkim{ 653280304Sjkim int ret = -1; 654280304Sjkim BIO *b, *r; 65555714Skris 656280304Sjkim b = SSL_get_rbio(s); 657280304Sjkim r = BIO_find_type(b, BIO_TYPE_DESCRIPTOR); 658280304Sjkim if (r != NULL) 659280304Sjkim BIO_get_fd(r, &ret); 660280304Sjkim return (ret); 661280304Sjkim} 66255714Skris 663160814Ssimonint SSL_get_wfd(const SSL *s) 664280304Sjkim{ 665280304Sjkim int ret = -1; 666280304Sjkim BIO *b, *r; 66789837Skris 668280304Sjkim b = SSL_get_wbio(s); 669280304Sjkim r = BIO_find_type(b, BIO_TYPE_DESCRIPTOR); 670280304Sjkim if (r != NULL) 671280304Sjkim BIO_get_fd(r, &ret); 672280304Sjkim return (ret); 673280304Sjkim} 67489837Skris 675109998Smarkm#ifndef OPENSSL_NO_SOCK 676280304Sjkimint SSL_set_fd(SSL *s, int fd) 677280304Sjkim{ 678280304Sjkim int ret = 0; 679280304Sjkim BIO *bio = NULL; 68055714Skris 681280304Sjkim bio = BIO_new(BIO_s_socket()); 68255714Skris 683280304Sjkim if (bio == NULL) { 684280304Sjkim SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB); 685280304Sjkim goto err; 686280304Sjkim } 687280304Sjkim BIO_set_fd(bio, fd, BIO_NOCLOSE); 688280304Sjkim SSL_set_bio(s, bio, bio); 689280304Sjkim ret = 1; 690280304Sjkim err: 691280304Sjkim return (ret); 692280304Sjkim} 69355714Skris 694280304Sjkimint SSL_set_wfd(SSL *s, int fd) 695280304Sjkim{ 696280304Sjkim int ret = 0; 697280304Sjkim BIO *bio = NULL; 69855714Skris 699280304Sjkim if ((s->rbio == NULL) || (BIO_method_type(s->rbio) != BIO_TYPE_SOCKET) 700280304Sjkim || ((int)BIO_get_fd(s->rbio, NULL) != fd)) { 701280304Sjkim bio = BIO_new(BIO_s_socket()); 70255714Skris 703280304Sjkim if (bio == NULL) { 704280304Sjkim SSLerr(SSL_F_SSL_SET_WFD, ERR_R_BUF_LIB); 705280304Sjkim goto err; 706280304Sjkim } 707280304Sjkim BIO_set_fd(bio, fd, BIO_NOCLOSE); 708280304Sjkim SSL_set_bio(s, SSL_get_rbio(s), bio); 709280304Sjkim } else 710280304Sjkim SSL_set_bio(s, SSL_get_rbio(s), SSL_get_rbio(s)); 711280304Sjkim ret = 1; 712280304Sjkim err: 713280304Sjkim return (ret); 714280304Sjkim} 71555714Skris 716280304Sjkimint SSL_set_rfd(SSL *s, int fd) 717280304Sjkim{ 718280304Sjkim int ret = 0; 719280304Sjkim BIO *bio = NULL; 72055714Skris 721280304Sjkim if ((s->wbio == NULL) || (BIO_method_type(s->wbio) != BIO_TYPE_SOCKET) 722280304Sjkim || ((int)BIO_get_fd(s->wbio, NULL) != fd)) { 723280304Sjkim bio = BIO_new(BIO_s_socket()); 72455714Skris 725280304Sjkim if (bio == NULL) { 726280304Sjkim SSLerr(SSL_F_SSL_SET_RFD, ERR_R_BUF_LIB); 727280304Sjkim goto err; 728280304Sjkim } 729280304Sjkim BIO_set_fd(bio, fd, BIO_NOCLOSE); 730280304Sjkim SSL_set_bio(s, bio, SSL_get_wbio(s)); 731280304Sjkim } else 732280304Sjkim SSL_set_bio(s, SSL_get_wbio(s), SSL_get_wbio(s)); 733280304Sjkim ret = 1; 734280304Sjkim err: 735280304Sjkim return (ret); 736280304Sjkim} 73755714Skris#endif 73855714Skris 73959191Skris/* return length of latest Finished message we sent, copy to 'buf' */ 740160814Ssimonsize_t SSL_get_finished(const SSL *s, void *buf, size_t count) 741280304Sjkim{ 742280304Sjkim size_t ret = 0; 74359191Skris 744280304Sjkim if (s->s3 != NULL) { 745280304Sjkim ret = s->s3->tmp.finish_md_len; 746280304Sjkim if (count > ret) 747280304Sjkim count = ret; 748280304Sjkim memcpy(buf, s->s3->tmp.finish_md, count); 749280304Sjkim } 750280304Sjkim return ret; 751280304Sjkim} 752280304Sjkim 75359191Skris/* return length of latest Finished message we expected, copy to 'buf' */ 754160814Ssimonsize_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count) 755280304Sjkim{ 756280304Sjkim size_t ret = 0; 75759191Skris 758280304Sjkim if (s->s3 != NULL) { 759280304Sjkim ret = s->s3->tmp.peer_finish_md_len; 760280304Sjkim if (count > ret) 761280304Sjkim count = ret; 762280304Sjkim memcpy(buf, s->s3->tmp.peer_finish_md, count); 763280304Sjkim } 764280304Sjkim return ret; 765280304Sjkim} 76659191Skris 767160814Ssimonint SSL_get_verify_mode(const SSL *s) 768280304Sjkim{ 769280304Sjkim return (s->verify_mode); 770280304Sjkim} 77155714Skris 772160814Ssimonint SSL_get_verify_depth(const SSL *s) 773280304Sjkim{ 774280304Sjkim return X509_VERIFY_PARAM_get_depth(s->param); 775280304Sjkim} 77655714Skris 777280304Sjkimint (*SSL_get_verify_callback(const SSL *s)) (int, X509_STORE_CTX *) { 778280304Sjkim return (s->verify_callback); 779280304Sjkim} 78055714Skris 781160814Ssimonint SSL_CTX_get_verify_mode(const SSL_CTX *ctx) 782280304Sjkim{ 783280304Sjkim return (ctx->verify_mode); 784280304Sjkim} 78555714Skris 786160814Ssimonint SSL_CTX_get_verify_depth(const SSL_CTX *ctx) 787280304Sjkim{ 788280304Sjkim return X509_VERIFY_PARAM_get_depth(ctx->param); 789280304Sjkim} 79055714Skris 791280304Sjkimint (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx)) (int, X509_STORE_CTX *) { 792280304Sjkim return (ctx->default_verify_callback); 793280304Sjkim} 79455714Skris 795280304Sjkimvoid SSL_set_verify(SSL *s, int mode, 796280304Sjkim int (*callback) (int ok, X509_STORE_CTX *ctx)) 797280304Sjkim{ 798280304Sjkim s->verify_mode = mode; 799280304Sjkim if (callback != NULL) 800280304Sjkim s->verify_callback = callback; 801280304Sjkim} 80255714Skris 803280304Sjkimvoid SSL_set_verify_depth(SSL *s, int depth) 804280304Sjkim{ 805280304Sjkim X509_VERIFY_PARAM_set_depth(s->param, depth); 806280304Sjkim} 80755714Skris 808280304Sjkimvoid SSL_set_read_ahead(SSL *s, int yes) 809280304Sjkim{ 810280304Sjkim s->read_ahead = yes; 811280304Sjkim} 81255714Skris 813160814Ssimonint SSL_get_read_ahead(const SSL *s) 814280304Sjkim{ 815280304Sjkim return (s->read_ahead); 816280304Sjkim} 81755714Skris 818160814Ssimonint SSL_pending(const SSL *s) 819280304Sjkim{ 820280304Sjkim /* 821280304Sjkim * SSL_pending cannot work properly if read-ahead is enabled 822280304Sjkim * (SSL_[CTX_]ctrl(..., SSL_CTRL_SET_READ_AHEAD, 1, NULL)), and it is 823280304Sjkim * impossible to fix since SSL_pending cannot report errors that may be 824280304Sjkim * observed while scanning the new data. (Note that SSL_pending() is 825280304Sjkim * often used as a boolean value, so we'd better not return -1.) 826280304Sjkim */ 827280304Sjkim return (s->method->ssl_pending(s)); 828280304Sjkim} 82955714Skris 830160814SsimonX509 *SSL_get_peer_certificate(const SSL *s) 831280304Sjkim{ 832280304Sjkim X509 *r; 83355714Skris 834280304Sjkim if ((s == NULL) || (s->session == NULL)) 835280304Sjkim r = NULL; 836280304Sjkim else 837280304Sjkim r = s->session->peer; 83855714Skris 839280304Sjkim if (r == NULL) 840280304Sjkim return (r); 84155714Skris 842280304Sjkim CRYPTO_add(&r->references, 1, CRYPTO_LOCK_X509); 84355714Skris 844280304Sjkim return (r); 845280304Sjkim} 846280304Sjkim 847160814SsimonSTACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *s) 848280304Sjkim{ 849280304Sjkim STACK_OF(X509) *r; 85055714Skris 851280304Sjkim if ((s == NULL) || (s->session == NULL) 852280304Sjkim || (s->session->sess_cert == NULL)) 853280304Sjkim r = NULL; 854280304Sjkim else 855280304Sjkim r = s->session->sess_cert->cert_chain; 85655714Skris 857280304Sjkim /* 858280304Sjkim * If we are a client, cert_chain includes the peer's own certificate; if 859280304Sjkim * we are a server, it does not. 860280304Sjkim */ 86155714Skris 862280304Sjkim return (r); 863280304Sjkim} 86455714Skris 865280304Sjkim/* 866280304Sjkim * Now in theory, since the calling process own 't' it should be safe to 867280304Sjkim * modify. We need to be able to read f without being hassled 868280304Sjkim */ 869280304Sjkimvoid SSL_copy_session_id(SSL *t, const SSL *f) 870280304Sjkim{ 871280304Sjkim CERT *tmp; 87255714Skris 873280304Sjkim /* Do we need to to SSL locking? */ 874280304Sjkim SSL_set_session(t, SSL_get_session(f)); 87555714Skris 876280304Sjkim /* 877280304Sjkim * what if we are setup as SSLv2 but want to talk SSLv3 or vice-versa 878280304Sjkim */ 879280304Sjkim if (t->method != f->method) { 880280304Sjkim t->method->ssl_free(t); /* cleanup current */ 881280304Sjkim t->method = f->method; /* change method */ 882280304Sjkim t->method->ssl_new(t); /* setup new */ 883280304Sjkim } 884280304Sjkim 885280304Sjkim tmp = t->cert; 886280304Sjkim if (f->cert != NULL) { 887280304Sjkim CRYPTO_add(&f->cert->references, 1, CRYPTO_LOCK_SSL_CERT); 888280304Sjkim t->cert = f->cert; 889280304Sjkim } else 890280304Sjkim t->cert = NULL; 891280304Sjkim if (tmp != NULL) 892280304Sjkim ssl_cert_free(tmp); 893280304Sjkim SSL_set_session_id_context(t, f->sid_ctx, f->sid_ctx_length); 894280304Sjkim} 895280304Sjkim 89655714Skris/* Fix this so it checks all the valid key/cert options */ 897160814Ssimonint SSL_CTX_check_private_key(const SSL_CTX *ctx) 898280304Sjkim{ 899280304Sjkim if ((ctx == NULL) || 900280304Sjkim (ctx->cert == NULL) || (ctx->cert->key->x509 == NULL)) { 901280304Sjkim SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY, 902280304Sjkim SSL_R_NO_CERTIFICATE_ASSIGNED); 903280304Sjkim return (0); 904280304Sjkim } 905280304Sjkim if (ctx->cert->key->privatekey == NULL) { 906280304Sjkim SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY, 907280304Sjkim SSL_R_NO_PRIVATE_KEY_ASSIGNED); 908280304Sjkim return (0); 909280304Sjkim } 910280304Sjkim return (X509_check_private_key 911280304Sjkim (ctx->cert->key->x509, ctx->cert->key->privatekey)); 912280304Sjkim} 91355714Skris 91455714Skris/* Fix this function so that it takes an optional type parameter */ 915160814Ssimonint SSL_check_private_key(const SSL *ssl) 916280304Sjkim{ 917280304Sjkim if (ssl == NULL) { 918280304Sjkim SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY, ERR_R_PASSED_NULL_PARAMETER); 919280304Sjkim return (0); 920280304Sjkim } 921280304Sjkim if (ssl->cert == NULL) { 922280304Sjkim SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY, SSL_R_NO_CERTIFICATE_ASSIGNED); 923280304Sjkim return 0; 924280304Sjkim } 925280304Sjkim if (ssl->cert->key->x509 == NULL) { 926280304Sjkim SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY, SSL_R_NO_CERTIFICATE_ASSIGNED); 927280304Sjkim return (0); 928280304Sjkim } 929280304Sjkim if (ssl->cert->key->privatekey == NULL) { 930280304Sjkim SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY, SSL_R_NO_PRIVATE_KEY_ASSIGNED); 931280304Sjkim return (0); 932280304Sjkim } 933280304Sjkim return (X509_check_private_key(ssl->cert->key->x509, 934280304Sjkim ssl->cert->key->privatekey)); 935280304Sjkim} 93655714Skris 93755714Skrisint SSL_accept(SSL *s) 938280304Sjkim{ 939280304Sjkim if (s->handshake_func == 0) 940280304Sjkim /* Not properly initialized yet */ 941280304Sjkim SSL_set_accept_state(s); 94255714Skris 943280304Sjkim return (s->method->ssl_accept(s)); 944280304Sjkim} 94555714Skris 94655714Skrisint SSL_connect(SSL *s) 947280304Sjkim{ 948280304Sjkim if (s->handshake_func == 0) 949280304Sjkim /* Not properly initialized yet */ 950280304Sjkim SSL_set_connect_state(s); 95155714Skris 952280304Sjkim return (s->method->ssl_connect(s)); 953280304Sjkim} 95455714Skris 955160814Ssimonlong SSL_get_default_timeout(const SSL *s) 956280304Sjkim{ 957280304Sjkim return (s->method->get_timeout()); 958280304Sjkim} 95955714Skris 960280304Sjkimint SSL_read(SSL *s, void *buf, int num) 961280304Sjkim{ 962280304Sjkim if (s->handshake_func == 0) { 963280304Sjkim SSLerr(SSL_F_SSL_READ, SSL_R_UNINITIALIZED); 964280304Sjkim return -1; 965280304Sjkim } 96655714Skris 967280304Sjkim if (s->shutdown & SSL_RECEIVED_SHUTDOWN) { 968280304Sjkim s->rwstate = SSL_NOTHING; 969280304Sjkim return (0); 970280304Sjkim } 971280304Sjkim return (s->method->ssl_read(s, buf, num)); 972280304Sjkim} 97355714Skris 974280304Sjkimint SSL_peek(SSL *s, void *buf, int num) 975280304Sjkim{ 976280304Sjkim if (s->handshake_func == 0) { 977280304Sjkim SSLerr(SSL_F_SSL_PEEK, SSL_R_UNINITIALIZED); 978280304Sjkim return -1; 979280304Sjkim } 98076866Skris 981280304Sjkim if (s->shutdown & SSL_RECEIVED_SHUTDOWN) { 982280304Sjkim return (0); 983280304Sjkim } 984280304Sjkim return (s->method->ssl_peek(s, buf, num)); 985280304Sjkim} 98655714Skris 987280304Sjkimint SSL_write(SSL *s, const void *buf, int num) 988280304Sjkim{ 989280304Sjkim if (s->handshake_func == 0) { 990280304Sjkim SSLerr(SSL_F_SSL_WRITE, SSL_R_UNINITIALIZED); 991280304Sjkim return -1; 992280304Sjkim } 99355714Skris 994280304Sjkim if (s->shutdown & SSL_SENT_SHUTDOWN) { 995280304Sjkim s->rwstate = SSL_NOTHING; 996280304Sjkim SSLerr(SSL_F_SSL_WRITE, SSL_R_PROTOCOL_IS_SHUTDOWN); 997280304Sjkim return (-1); 998280304Sjkim } 999280304Sjkim return (s->method->ssl_write(s, buf, num)); 1000280304Sjkim} 100155714Skris 100255714Skrisint SSL_shutdown(SSL *s) 1003280304Sjkim{ 1004280304Sjkim /* 1005280304Sjkim * Note that this function behaves differently from what one might 1006280304Sjkim * expect. Return values are 0 for no success (yet), 1 for success; but 1007280304Sjkim * calling it once is usually not enough, even if blocking I/O is used 1008280304Sjkim * (see ssl3_shutdown). 1009280304Sjkim */ 101055714Skris 1011280304Sjkim if (s->handshake_func == 0) { 1012280304Sjkim SSLerr(SSL_F_SSL_SHUTDOWN, SSL_R_UNINITIALIZED); 1013280304Sjkim return -1; 1014280304Sjkim } 101555714Skris 1016280304Sjkim if ((s != NULL) && !SSL_in_init(s)) 1017280304Sjkim return (s->method->ssl_shutdown(s)); 1018280304Sjkim else 1019280304Sjkim return (1); 1020280304Sjkim} 102155714Skris 102255714Skrisint SSL_renegotiate(SSL *s) 1023280304Sjkim{ 1024280304Sjkim if (s->renegotiate == 0) 1025280304Sjkim s->renegotiate = 1; 1026238405Sjkim 1027280304Sjkim s->new_session = 1; 1028238405Sjkim 1029280304Sjkim return (s->method->ssl_renegotiate(s)); 1030280304Sjkim} 103155714Skris 1032238405Sjkimint SSL_renegotiate_abbreviated(SSL *s) 1033280304Sjkim{ 1034280304Sjkim if (s->renegotiate == 0) 1035280304Sjkim s->renegotiate = 1; 1036238405Sjkim 1037280304Sjkim s->new_session = 0; 1038238405Sjkim 1039280304Sjkim return (s->method->ssl_renegotiate(s)); 1040280304Sjkim} 1041238405Sjkim 1042109998Smarkmint SSL_renegotiate_pending(SSL *s) 1043280304Sjkim{ 1044280304Sjkim /* 1045280304Sjkim * becomes true when negotiation is requested; false again once a 1046280304Sjkim * handshake has finished 1047280304Sjkim */ 1048280304Sjkim return (s->renegotiate != 0); 1049280304Sjkim} 1050109998Smarkm 1051280304Sjkimlong SSL_ctrl(SSL *s, int cmd, long larg, void *parg) 1052280304Sjkim{ 1053280304Sjkim long l; 105455714Skris 1055280304Sjkim switch (cmd) { 1056280304Sjkim case SSL_CTRL_GET_READ_AHEAD: 1057280304Sjkim return (s->read_ahead); 1058280304Sjkim case SSL_CTRL_SET_READ_AHEAD: 1059280304Sjkim l = s->read_ahead; 1060280304Sjkim s->read_ahead = larg; 1061280304Sjkim return (l); 1062109998Smarkm 1063280304Sjkim case SSL_CTRL_SET_MSG_CALLBACK_ARG: 1064280304Sjkim s->msg_callback_arg = parg; 1065280304Sjkim return 1; 1066109998Smarkm 1067280304Sjkim case SSL_CTRL_OPTIONS: 1068280304Sjkim return (s->options |= larg); 1069280304Sjkim case SSL_CTRL_CLEAR_OPTIONS: 1070280304Sjkim return (s->options &= ~larg); 1071280304Sjkim case SSL_CTRL_MODE: 1072280304Sjkim return (s->mode |= larg); 1073280304Sjkim case SSL_CTRL_CLEAR_MODE: 1074280304Sjkim return (s->mode &= ~larg); 1075280304Sjkim case SSL_CTRL_GET_MAX_CERT_LIST: 1076280304Sjkim return (s->max_cert_list); 1077280304Sjkim case SSL_CTRL_SET_MAX_CERT_LIST: 1078280304Sjkim l = s->max_cert_list; 1079280304Sjkim s->max_cert_list = larg; 1080280304Sjkim return (l); 1081280304Sjkim case SSL_CTRL_SET_MAX_SEND_FRAGMENT: 1082280304Sjkim if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH) 1083280304Sjkim return 0; 1084280304Sjkim s->max_send_fragment = larg; 1085280304Sjkim return 1; 1086280304Sjkim case SSL_CTRL_GET_RI_SUPPORT: 1087280304Sjkim if (s->s3) 1088280304Sjkim return s->s3->send_connection_binding; 1089280304Sjkim else 1090280304Sjkim return 0; 1091280304Sjkim default: 1092280304Sjkim return (s->method->ssl_ctrl(s, cmd, larg, parg)); 1093280304Sjkim } 1094280304Sjkim} 109555714Skris 1096280304Sjkimlong SSL_callback_ctrl(SSL *s, int cmd, void (*fp) (void)) 1097280304Sjkim{ 1098280304Sjkim switch (cmd) { 1099280304Sjkim case SSL_CTRL_SET_MSG_CALLBACK: 1100280304Sjkim s->msg_callback = (void (*) 1101280304Sjkim (int write_p, int version, int content_type, 1102280304Sjkim const void *buf, size_t len, SSL *ssl, 1103280304Sjkim void *arg))(fp); 1104280304Sjkim return 1; 110559191Skris 1106280304Sjkim default: 1107280304Sjkim return (s->method->ssl_callback_ctrl(s, cmd, fp)); 1108280304Sjkim } 1109280304Sjkim} 1110280304Sjkim 1111238405SjkimLHASH_OF(SSL_SESSION) *SSL_CTX_sessions(SSL_CTX *ctx) 1112280304Sjkim{ 1113280304Sjkim return ctx->sessions; 1114280304Sjkim} 111559191Skris 1116280304Sjkimlong SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) 1117280304Sjkim{ 1118280304Sjkim long l; 111955714Skris 1120280304Sjkim switch (cmd) { 1121280304Sjkim case SSL_CTRL_GET_READ_AHEAD: 1122280304Sjkim return (ctx->read_ahead); 1123280304Sjkim case SSL_CTRL_SET_READ_AHEAD: 1124280304Sjkim l = ctx->read_ahead; 1125280304Sjkim ctx->read_ahead = larg; 1126280304Sjkim return (l); 112755714Skris 1128280304Sjkim case SSL_CTRL_SET_MSG_CALLBACK_ARG: 1129280304Sjkim ctx->msg_callback_arg = parg; 1130280304Sjkim return 1; 1131109998Smarkm 1132280304Sjkim case SSL_CTRL_GET_MAX_CERT_LIST: 1133280304Sjkim return (ctx->max_cert_list); 1134280304Sjkim case SSL_CTRL_SET_MAX_CERT_LIST: 1135280304Sjkim l = ctx->max_cert_list; 1136280304Sjkim ctx->max_cert_list = larg; 1137280304Sjkim return (l); 113855714Skris 1139280304Sjkim case SSL_CTRL_SET_SESS_CACHE_SIZE: 1140280304Sjkim l = ctx->session_cache_size; 1141280304Sjkim ctx->session_cache_size = larg; 1142280304Sjkim return (l); 1143280304Sjkim case SSL_CTRL_GET_SESS_CACHE_SIZE: 1144280304Sjkim return (ctx->session_cache_size); 1145280304Sjkim case SSL_CTRL_SET_SESS_CACHE_MODE: 1146280304Sjkim l = ctx->session_cache_mode; 1147280304Sjkim ctx->session_cache_mode = larg; 1148280304Sjkim return (l); 1149280304Sjkim case SSL_CTRL_GET_SESS_CACHE_MODE: 1150280304Sjkim return (ctx->session_cache_mode); 115155714Skris 1152280304Sjkim case SSL_CTRL_SESS_NUMBER: 1153280304Sjkim return (lh_SSL_SESSION_num_items(ctx->sessions)); 1154280304Sjkim case SSL_CTRL_SESS_CONNECT: 1155280304Sjkim return (ctx->stats.sess_connect); 1156280304Sjkim case SSL_CTRL_SESS_CONNECT_GOOD: 1157280304Sjkim return (ctx->stats.sess_connect_good); 1158280304Sjkim case SSL_CTRL_SESS_CONNECT_RENEGOTIATE: 1159280304Sjkim return (ctx->stats.sess_connect_renegotiate); 1160280304Sjkim case SSL_CTRL_SESS_ACCEPT: 1161280304Sjkim return (ctx->stats.sess_accept); 1162280304Sjkim case SSL_CTRL_SESS_ACCEPT_GOOD: 1163280304Sjkim return (ctx->stats.sess_accept_good); 1164280304Sjkim case SSL_CTRL_SESS_ACCEPT_RENEGOTIATE: 1165280304Sjkim return (ctx->stats.sess_accept_renegotiate); 1166280304Sjkim case SSL_CTRL_SESS_HIT: 1167280304Sjkim return (ctx->stats.sess_hit); 1168280304Sjkim case SSL_CTRL_SESS_CB_HIT: 1169280304Sjkim return (ctx->stats.sess_cb_hit); 1170280304Sjkim case SSL_CTRL_SESS_MISSES: 1171280304Sjkim return (ctx->stats.sess_miss); 1172280304Sjkim case SSL_CTRL_SESS_TIMEOUTS: 1173280304Sjkim return (ctx->stats.sess_timeout); 1174280304Sjkim case SSL_CTRL_SESS_CACHE_FULL: 1175280304Sjkim return (ctx->stats.sess_cache_full); 1176280304Sjkim case SSL_CTRL_OPTIONS: 1177280304Sjkim return (ctx->options |= larg); 1178280304Sjkim case SSL_CTRL_CLEAR_OPTIONS: 1179280304Sjkim return (ctx->options &= ~larg); 1180280304Sjkim case SSL_CTRL_MODE: 1181280304Sjkim return (ctx->mode |= larg); 1182280304Sjkim case SSL_CTRL_CLEAR_MODE: 1183280304Sjkim return (ctx->mode &= ~larg); 1184280304Sjkim case SSL_CTRL_SET_MAX_SEND_FRAGMENT: 1185280304Sjkim if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH) 1186280304Sjkim return 0; 1187280304Sjkim ctx->max_send_fragment = larg; 1188280304Sjkim return 1; 1189280304Sjkim default: 1190280304Sjkim return (ctx->method->ssl_ctx_ctrl(ctx, cmd, larg, parg)); 1191280304Sjkim } 1192280304Sjkim} 1193109998Smarkm 1194280304Sjkimlong SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void)) 1195280304Sjkim{ 1196280304Sjkim switch (cmd) { 1197280304Sjkim case SSL_CTRL_SET_MSG_CALLBACK: 1198280304Sjkim ctx->msg_callback = (void (*) 1199280304Sjkim (int write_p, int version, int content_type, 1200280304Sjkim const void *buf, size_t len, SSL *ssl, 1201280304Sjkim void *arg))(fp); 1202280304Sjkim return 1; 120359191Skris 1204280304Sjkim default: 1205280304Sjkim return (ctx->method->ssl_ctx_callback_ctrl(ctx, cmd, fp)); 1206280304Sjkim } 1207280304Sjkim} 1208280304Sjkim 120968651Skrisint ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b) 1210280304Sjkim{ 1211280304Sjkim long l; 121255714Skris 1213280304Sjkim l = a->id - b->id; 1214280304Sjkim if (l == 0L) 1215280304Sjkim return (0); 1216280304Sjkim else 1217280304Sjkim return ((l > 0) ? 1 : -1); 1218280304Sjkim} 121955714Skris 1220280304Sjkimint ssl_cipher_ptr_id_cmp(const SSL_CIPHER *const *ap, 1221280304Sjkim const SSL_CIPHER *const *bp) 1222280304Sjkim{ 1223280304Sjkim long l; 122455714Skris 1225280304Sjkim l = (*ap)->id - (*bp)->id; 1226280304Sjkim if (l == 0L) 1227280304Sjkim return (0); 1228280304Sjkim else 1229280304Sjkim return ((l > 0) ? 1 : -1); 1230280304Sjkim} 123155714Skris 123255714Skris/** return a STACK of the ciphers available for the SSL and in order of 123355714Skris * preference */ 1234160814SsimonSTACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s) 1235280304Sjkim{ 1236280304Sjkim if (s != NULL) { 1237280304Sjkim if (s->cipher_list != NULL) { 1238280304Sjkim return (s->cipher_list); 1239280304Sjkim } else if ((s->ctx != NULL) && (s->ctx->cipher_list != NULL)) { 1240280304Sjkim return (s->ctx->cipher_list); 1241280304Sjkim } 1242280304Sjkim } 1243280304Sjkim return (NULL); 1244280304Sjkim} 124555714Skris 124655714Skris/** return a STACK of the ciphers available for the SSL and in order of 124755714Skris * algorithm id */ 124855714SkrisSTACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s) 1249280304Sjkim{ 1250280304Sjkim if (s != NULL) { 1251280304Sjkim if (s->cipher_list_by_id != NULL) { 1252280304Sjkim return (s->cipher_list_by_id); 1253280304Sjkim } else if ((s->ctx != NULL) && (s->ctx->cipher_list_by_id != NULL)) { 1254280304Sjkim return (s->ctx->cipher_list_by_id); 1255280304Sjkim } 1256280304Sjkim } 1257280304Sjkim return (NULL); 1258280304Sjkim} 125955714Skris 126055714Skris/** The old interface to get the same thing as SSL_get_ciphers() */ 1261280304Sjkimconst char *SSL_get_cipher_list(const SSL *s, int n) 1262280304Sjkim{ 1263280304Sjkim SSL_CIPHER *c; 1264280304Sjkim STACK_OF(SSL_CIPHER) *sk; 126555714Skris 1266280304Sjkim if (s == NULL) 1267280304Sjkim return (NULL); 1268280304Sjkim sk = SSL_get_ciphers(s); 1269280304Sjkim if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= n)) 1270280304Sjkim return (NULL); 1271280304Sjkim c = sk_SSL_CIPHER_value(sk, n); 1272280304Sjkim if (c == NULL) 1273280304Sjkim return (NULL); 1274280304Sjkim return (c->name); 1275280304Sjkim} 127655714Skris 127759191Skris/** specify the ciphers to be used by default by the SSL_CTX */ 127859191Skrisint SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str) 1279280304Sjkim{ 1280280304Sjkim STACK_OF(SSL_CIPHER) *sk; 128155714Skris 1282280304Sjkim sk = ssl_create_cipher_list(ctx->method, &ctx->cipher_list, 1283280304Sjkim &ctx->cipher_list_by_id, str); 1284280304Sjkim /* 1285280304Sjkim * ssl_create_cipher_list may return an empty stack if it was unable to 1286280304Sjkim * find a cipher matching the given rule string (for example if the rule 1287280304Sjkim * string specifies a cipher which has been disabled). This is not an 1288280304Sjkim * error as far as ssl_create_cipher_list is concerned, and hence 1289280304Sjkim * ctx->cipher_list and ctx->cipher_list_by_id has been updated. 1290280304Sjkim */ 1291280304Sjkim if (sk == NULL) 1292280304Sjkim return 0; 1293280304Sjkim else if (sk_SSL_CIPHER_num(sk) == 0) { 1294280304Sjkim SSLerr(SSL_F_SSL_CTX_SET_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH); 1295280304Sjkim return 0; 1296280304Sjkim } 1297280304Sjkim return 1; 1298280304Sjkim} 1299280304Sjkim 130055714Skris/** specify the ciphers to be used by the SSL */ 1301280304Sjkimint SSL_set_cipher_list(SSL *s, const char *str) 1302280304Sjkim{ 1303280304Sjkim STACK_OF(SSL_CIPHER) *sk; 130455714Skris 1305280304Sjkim sk = ssl_create_cipher_list(s->ctx->method, &s->cipher_list, 1306280304Sjkim &s->cipher_list_by_id, str); 1307280304Sjkim /* see comment in SSL_CTX_set_cipher_list */ 1308280304Sjkim if (sk == NULL) 1309280304Sjkim return 0; 1310280304Sjkim else if (sk_SSL_CIPHER_num(sk) == 0) { 1311280304Sjkim SSLerr(SSL_F_SSL_SET_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH); 1312280304Sjkim return 0; 1313280304Sjkim } 1314280304Sjkim return 1; 1315280304Sjkim} 1316280304Sjkim 131755714Skris/* works well for SSLv2, not so good for SSLv3 */ 1318280304Sjkimchar *SSL_get_shared_ciphers(const SSL *s, char *buf, int len) 1319280304Sjkim{ 1320280304Sjkim char *p; 1321280304Sjkim STACK_OF(SSL_CIPHER) *sk; 1322280304Sjkim SSL_CIPHER *c; 1323280304Sjkim int i; 132455714Skris 1325280304Sjkim if ((s->session == NULL) || (s->session->ciphers == NULL) || (len < 2)) 1326280304Sjkim return (NULL); 132755714Skris 1328280304Sjkim p = buf; 1329280304Sjkim sk = s->session->ciphers; 1330267258Sjkim 1331280304Sjkim if (sk_SSL_CIPHER_num(sk) == 0) 1332280304Sjkim return NULL; 1333267258Sjkim 1334280304Sjkim for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) { 1335280304Sjkim int n; 1336172429Ssimon 1337280304Sjkim c = sk_SSL_CIPHER_value(sk, i); 1338280304Sjkim n = strlen(c->name); 1339280304Sjkim if (n + 1 > len) { 1340280304Sjkim if (p != buf) 1341280304Sjkim --p; 1342280304Sjkim *p = '\0'; 1343280304Sjkim return buf; 1344280304Sjkim } 1345280304Sjkim strcpy(p, c->name); 1346280304Sjkim p += n; 1347280304Sjkim *(p++) = ':'; 1348280304Sjkim len -= n + 1; 1349280304Sjkim } 1350280304Sjkim p[-1] = '\0'; 1351280304Sjkim return (buf); 1352280304Sjkim} 135355714Skris 1354280304Sjkimint ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, 1355280304Sjkim unsigned char *p, 1356280304Sjkim int (*put_cb) (const SSL_CIPHER *, 1357280304Sjkim unsigned char *)) 1358280304Sjkim{ 1359280304Sjkim int i, j = 0; 1360280304Sjkim SSL_CIPHER *c; 1361280304Sjkim unsigned char *q; 1362109998Smarkm#ifndef OPENSSL_NO_KRB5 1363280304Sjkim int nokrb5 = !kssl_tgt_is_available(s->kssl_ctx); 1364280304Sjkim#endif /* OPENSSL_NO_KRB5 */ 136555714Skris 1366280304Sjkim if (sk == NULL) 1367280304Sjkim return (0); 1368280304Sjkim q = p; 1369280304Sjkim if (put_cb == NULL) 1370280304Sjkim put_cb = s->method->put_cipher_by_char; 137155714Skris 1372280304Sjkim for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) { 1373280304Sjkim c = sk_SSL_CIPHER_value(sk, i); 1374280304Sjkim /* Skip TLS v1.2 only ciphersuites if lower than v1.2 */ 1375280304Sjkim if ((c->algorithm_ssl & SSL_TLSV1_2) && 1376280304Sjkim (TLS1_get_client_version(s) < TLS1_2_VERSION)) 1377280304Sjkim continue; 1378109998Smarkm#ifndef OPENSSL_NO_KRB5 1379280304Sjkim if (((c->algorithm_mkey & SSL_kKRB5) 1380280304Sjkim || (c->algorithm_auth & SSL_aKRB5)) && nokrb5) 1381280304Sjkim continue; 1382280304Sjkim#endif /* OPENSSL_NO_KRB5 */ 1383238405Sjkim#ifndef OPENSSL_NO_PSK 1384280304Sjkim /* with PSK there must be client callback set */ 1385280304Sjkim if (((c->algorithm_mkey & SSL_kPSK) || (c->algorithm_auth & SSL_aPSK)) 1386280304Sjkim && s->psk_client_callback == NULL) 1387280304Sjkim continue; 1388280304Sjkim#endif /* OPENSSL_NO_PSK */ 1389269686Sjkim#ifndef OPENSSL_NO_SRP 1390280304Sjkim if (((c->algorithm_mkey & SSL_kSRP) || (c->algorithm_auth & SSL_aSRP)) 1391280304Sjkim && !(s->srp_ctx.srp_Mask & SSL_kSRP)) 1392280304Sjkim continue; 1393280304Sjkim#endif /* OPENSSL_NO_SRP */ 1394280304Sjkim j = put_cb(c, p); 1395280304Sjkim p += j; 1396280304Sjkim } 1397280304Sjkim /* 1398280304Sjkim * If p == q, no ciphers; caller indicates an error. Otherwise, add 1399280304Sjkim * applicable SCSVs. 1400280304Sjkim */ 1401280304Sjkim if (p != q) { 1402280304Sjkim if (!s->renegotiate) { 1403280304Sjkim static SSL_CIPHER scsv = { 1404280304Sjkim 0, NULL, SSL3_CK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0 1405280304Sjkim }; 1406280304Sjkim j = put_cb(&scsv, p); 1407280304Sjkim p += j; 1408205128Ssimon#ifdef OPENSSL_RI_DEBUG 1409280304Sjkim fprintf(stderr, 1410280304Sjkim "TLS_EMPTY_RENEGOTIATION_INFO_SCSV sent by client\n"); 1411205128Ssimon#endif 1412280304Sjkim } 1413205128Ssimon 1414280304Sjkim if (s->mode & SSL_MODE_SEND_FALLBACK_SCSV) { 1415280304Sjkim static SSL_CIPHER scsv = { 1416280304Sjkim 0, NULL, SSL3_CK_FALLBACK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0 1417280304Sjkim }; 1418280304Sjkim j = put_cb(&scsv, p); 1419280304Sjkim p += j; 1420280304Sjkim } 1421280304Sjkim } 1422273149Sjkim 1423280304Sjkim return (p - q); 1424280304Sjkim} 142555714Skris 1426280304SjkimSTACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, unsigned char *p, 1427280304Sjkim int num, 1428280304Sjkim STACK_OF(SSL_CIPHER) **skp) 1429280304Sjkim{ 1430280304Sjkim const SSL_CIPHER *c; 1431280304Sjkim STACK_OF(SSL_CIPHER) *sk; 1432280304Sjkim int i, n; 1433273149Sjkim 1434280304Sjkim if (s->s3) 1435280304Sjkim s->s3->send_connection_binding = 0; 143655714Skris 1437280304Sjkim n = ssl_put_cipher_by_char(s, NULL, NULL); 1438280304Sjkim if (n == 0 || (num % n) != 0) { 1439280304Sjkim SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, 1440280304Sjkim SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST); 1441280304Sjkim return (NULL); 1442280304Sjkim } 1443284285Sjkim if ((skp == NULL) || (*skp == NULL)) { 1444280304Sjkim sk = sk_SSL_CIPHER_new_null(); /* change perhaps later */ 1445284285Sjkim if(sk == NULL) { 1446284285Sjkim SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, ERR_R_MALLOC_FAILURE); 1447284285Sjkim return NULL; 1448284285Sjkim } 1449284285Sjkim } else { 1450280304Sjkim sk = *skp; 1451280304Sjkim sk_SSL_CIPHER_zero(sk); 1452280304Sjkim } 145355714Skris 1454280304Sjkim for (i = 0; i < num; i += n) { 1455280304Sjkim /* Check for TLS_EMPTY_RENEGOTIATION_INFO_SCSV */ 1456280304Sjkim if (s->s3 && (n != 3 || !p[0]) && 1457280304Sjkim (p[n - 2] == ((SSL3_CK_SCSV >> 8) & 0xff)) && 1458280304Sjkim (p[n - 1] == (SSL3_CK_SCSV & 0xff))) { 1459280304Sjkim /* SCSV fatal if renegotiating */ 1460280304Sjkim if (s->renegotiate) { 1461280304Sjkim SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, 1462280304Sjkim SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING); 1463280304Sjkim ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE); 1464280304Sjkim goto err; 1465280304Sjkim } 1466280304Sjkim s->s3->send_connection_binding = 1; 1467280304Sjkim p += n; 1468205128Ssimon#ifdef OPENSSL_RI_DEBUG 1469280304Sjkim fprintf(stderr, "SCSV received by server\n"); 1470205128Ssimon#endif 1471280304Sjkim continue; 1472280304Sjkim } 1473205128Ssimon 1474280304Sjkim /* Check for TLS_FALLBACK_SCSV */ 1475280304Sjkim if ((n != 3 || !p[0]) && 1476280304Sjkim (p[n - 2] == ((SSL3_CK_FALLBACK_SCSV >> 8) & 0xff)) && 1477280304Sjkim (p[n - 1] == (SSL3_CK_FALLBACK_SCSV & 0xff))) { 1478280304Sjkim /* 1479280304Sjkim * The SCSV indicates that the client previously tried a higher 1480280304Sjkim * version. Fail if the current version is an unexpected 1481280304Sjkim * downgrade. 1482280304Sjkim */ 1483280304Sjkim if (!SSL_ctrl(s, SSL_CTRL_CHECK_PROTO_VERSION, 0, NULL)) { 1484280304Sjkim SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, 1485280304Sjkim SSL_R_INAPPROPRIATE_FALLBACK); 1486280304Sjkim if (s->s3) 1487280304Sjkim ssl3_send_alert(s, SSL3_AL_FATAL, 1488280304Sjkim SSL_AD_INAPPROPRIATE_FALLBACK); 1489280304Sjkim goto err; 1490280304Sjkim } 1491280304Sjkim p += n; 1492280304Sjkim continue; 1493280304Sjkim } 1494273149Sjkim 1495280304Sjkim c = ssl_get_cipher_by_char(s, p); 1496280304Sjkim p += n; 1497280304Sjkim if (c != NULL) { 1498280304Sjkim if (!sk_SSL_CIPHER_push(sk, c)) { 1499280304Sjkim SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, ERR_R_MALLOC_FAILURE); 1500280304Sjkim goto err; 1501280304Sjkim } 1502280304Sjkim } 1503280304Sjkim } 150455714Skris 1505280304Sjkim if (skp != NULL) 1506280304Sjkim *skp = sk; 1507280304Sjkim return (sk); 1508280304Sjkim err: 1509280304Sjkim if ((skp == NULL) || (*skp == NULL)) 1510280304Sjkim sk_SSL_CIPHER_free(sk); 1511280304Sjkim return (NULL); 1512280304Sjkim} 151355714Skris 1514194206Ssimon#ifndef OPENSSL_NO_TLSEXT 1515194206Ssimon/** return a servername extension value if provided in Client Hello, or NULL. 1516194206Ssimon * So far, only host_name types are defined (RFC 3546). 1517194206Ssimon */ 1518194206Ssimon 1519194206Ssimonconst char *SSL_get_servername(const SSL *s, const int type) 1520280304Sjkim{ 1521280304Sjkim if (type != TLSEXT_NAMETYPE_host_name) 1522280304Sjkim return NULL; 1523194206Ssimon 1524280304Sjkim return s->session && !s->tlsext_hostname ? 1525280304Sjkim s->session->tlsext_hostname : s->tlsext_hostname; 1526280304Sjkim} 1527194206Ssimon 1528194206Ssimonint SSL_get_servername_type(const SSL *s) 1529280304Sjkim{ 1530280304Sjkim if (s->session 1531280304Sjkim && (!s->tlsext_hostname ? s->session-> 1532280304Sjkim tlsext_hostname : s->tlsext_hostname)) 1533280304Sjkim return TLSEXT_NAMETYPE_host_name; 1534280304Sjkim return -1; 1535280304Sjkim} 1536238405Sjkim 1537238405Sjkim# ifndef OPENSSL_NO_NEXTPROTONEG 1538280304Sjkim/* 1539280304Sjkim * SSL_select_next_proto implements the standard protocol selection. It is 1540238405Sjkim * expected that this function is called from the callback set by 1541280304Sjkim * SSL_CTX_set_next_proto_select_cb. The protocol data is assumed to be a 1542280304Sjkim * vector of 8-bit, length prefixed byte strings. The length byte itself is 1543280304Sjkim * not included in the length. A byte string of length 0 is invalid. No byte 1544280304Sjkim * string may be truncated. The current, but experimental algorithm for 1545280304Sjkim * selecting the protocol is: 1) If the server doesn't support NPN then this 1546280304Sjkim * is indicated to the callback. In this case, the client application has to 1547280304Sjkim * abort the connection or have a default application level protocol. 2) If 1548280304Sjkim * the server supports NPN, but advertises an empty list then the client 1549280304Sjkim * selects the first protcol in its list, but indicates via the API that this 1550280304Sjkim * fallback case was enacted. 3) Otherwise, the client finds the first 1551280304Sjkim * protocol in the server's list that it supports and selects this protocol. 1552280304Sjkim * This is because it's assumed that the server has better information about 1553280304Sjkim * which protocol a client should use. 4) If the client doesn't support any 1554280304Sjkim * of the server's advertised protocols, then this is treated the same as 1555280304Sjkim * case 2. It returns either OPENSSL_NPN_NEGOTIATED if a common protocol was 1556280304Sjkim * found, or OPENSSL_NPN_NO_OVERLAP if the fallback case was reached. 1557238405Sjkim */ 1558280304Sjkimint SSL_select_next_proto(unsigned char **out, unsigned char *outlen, 1559280304Sjkim const unsigned char *server, 1560280304Sjkim unsigned int server_len, 1561280304Sjkim const unsigned char *client, 1562280304Sjkim unsigned int client_len) 1563280304Sjkim{ 1564280304Sjkim unsigned int i, j; 1565280304Sjkim const unsigned char *result; 1566280304Sjkim int status = OPENSSL_NPN_UNSUPPORTED; 1567238405Sjkim 1568280304Sjkim /* 1569280304Sjkim * For each protocol in server preference order, see if we support it. 1570280304Sjkim */ 1571280304Sjkim for (i = 0; i < server_len;) { 1572280304Sjkim for (j = 0; j < client_len;) { 1573280304Sjkim if (server[i] == client[j] && 1574280304Sjkim memcmp(&server[i + 1], &client[j + 1], server[i]) == 0) { 1575280304Sjkim /* We found a match */ 1576280304Sjkim result = &server[i]; 1577280304Sjkim status = OPENSSL_NPN_NEGOTIATED; 1578280304Sjkim goto found; 1579280304Sjkim } 1580280304Sjkim j += client[j]; 1581280304Sjkim j++; 1582280304Sjkim } 1583280304Sjkim i += server[i]; 1584280304Sjkim i++; 1585280304Sjkim } 1586238405Sjkim 1587280304Sjkim /* There's no overlap between our protocols and the server's list. */ 1588280304Sjkim result = client; 1589280304Sjkim status = OPENSSL_NPN_NO_OVERLAP; 1590238405Sjkim 1591280304Sjkim found: 1592280304Sjkim *out = (unsigned char *)result + 1; 1593280304Sjkim *outlen = result[0]; 1594280304Sjkim return status; 1595280304Sjkim} 1596238405Sjkim 1597280304Sjkim/* 1598280304Sjkim * SSL_get0_next_proto_negotiated sets *data and *len to point to the 1599280304Sjkim * client's requested protocol for this connection and returns 0. If the 1600280304Sjkim * client didn't request any protocol, then *data is set to NULL. Note that 1601280304Sjkim * the client can request any protocol it chooses. The value returned from 1602280304Sjkim * this function need not be a member of the list of supported protocols 1603238405Sjkim * provided by the callback. 1604238405Sjkim */ 1605280304Sjkimvoid SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data, 1606280304Sjkim unsigned *len) 1607280304Sjkim{ 1608280304Sjkim *data = s->next_proto_negotiated; 1609280304Sjkim if (!*data) { 1610280304Sjkim *len = 0; 1611280304Sjkim } else { 1612280304Sjkim *len = s->next_proto_negotiated_len; 1613280304Sjkim } 1614238405Sjkim} 1615238405Sjkim 1616280304Sjkim/* 1617280304Sjkim * SSL_CTX_set_next_protos_advertised_cb sets a callback that is called when 1618280304Sjkim * a TLS server needs a list of supported protocols for Next Protocol 1619280304Sjkim * Negotiation. The returned list must be in wire format. The list is 1620280304Sjkim * returned by setting |out| to point to it and |outlen| to its length. This 1621280304Sjkim * memory will not be modified, but one should assume that the SSL* keeps a 1622280304Sjkim * reference to it. The callback should return SSL_TLSEXT_ERR_OK if it 1623280304Sjkim * wishes to advertise. Otherwise, no such extension will be included in the 1624280304Sjkim * ServerHello. 1625280304Sjkim */ 1626280304Sjkimvoid SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *ctx, 1627280304Sjkim int (*cb) (SSL *ssl, 1628280304Sjkim const unsigned char 1629280304Sjkim **out, 1630280304Sjkim unsigned int *outlen, 1631280304Sjkim void *arg), void *arg) 1632280304Sjkim{ 1633280304Sjkim ctx->next_protos_advertised_cb = cb; 1634280304Sjkim ctx->next_protos_advertised_cb_arg = arg; 1635280304Sjkim} 1636238405Sjkim 1637280304Sjkim/* 1638280304Sjkim * SSL_CTX_set_next_proto_select_cb sets a callback that is called when a 1639238405Sjkim * client needs to select a protocol from the server's provided list. |out| 1640238405Sjkim * must be set to point to the selected protocol (which may be within |in|). 1641280304Sjkim * The length of the protocol name must be written into |outlen|. The 1642280304Sjkim * server's advertised protocols are provided in |in| and |inlen|. The 1643280304Sjkim * callback can assume that |in| is syntactically valid. The client must 1644280304Sjkim * select a protocol. It is fatal to the connection if this callback returns 1645280304Sjkim * a value other than SSL_TLSEXT_ERR_OK. 1646238405Sjkim */ 1647280304Sjkimvoid SSL_CTX_set_next_proto_select_cb(SSL_CTX *ctx, 1648280304Sjkim int (*cb) (SSL *s, unsigned char **out, 1649280304Sjkim unsigned char *outlen, 1650280304Sjkim const unsigned char *in, 1651280304Sjkim unsigned int inlen, 1652280304Sjkim void *arg), void *arg) 1653280304Sjkim{ 1654280304Sjkim ctx->next_proto_select_cb = cb; 1655280304Sjkim ctx->next_proto_select_cb_arg = arg; 1656280304Sjkim} 1657238405Sjkim# endif 1658194206Ssimon#endif 1659194206Ssimon 1660238405Sjkimint SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen, 1661280304Sjkim const char *label, size_t llen, 1662280304Sjkim const unsigned char *p, size_t plen, 1663280304Sjkim int use_context) 1664280304Sjkim{ 1665306196Sjkim if (s->version < TLS1_VERSION && s->version != DTLS1_BAD_VER) 1666280304Sjkim return -1; 1667238405Sjkim 1668280304Sjkim return s->method->ssl3_enc->export_keying_material(s, out, olen, label, 1669280304Sjkim llen, p, plen, 1670280304Sjkim use_context); 1671280304Sjkim} 1672238405Sjkim 1673238405Sjkimstatic unsigned long ssl_session_hash(const SSL_SESSION *a) 1674280304Sjkim{ 1675280304Sjkim unsigned long l; 167655714Skris 1677280304Sjkim l = (unsigned long) 1678280304Sjkim ((unsigned int)a->session_id[0]) | 1679280304Sjkim ((unsigned int)a->session_id[1] << 8L) | 1680280304Sjkim ((unsigned long)a->session_id[2] << 16L) | 1681280304Sjkim ((unsigned long)a->session_id[3] << 24L); 1682280304Sjkim return (l); 1683280304Sjkim} 168455714Skris 1685280304Sjkim/* 1686280304Sjkim * NB: If this function (or indeed the hash function which uses a sort of 1687109998Smarkm * coarser function than this one) is changed, ensure 1688280304Sjkim * SSL_CTX_has_matching_session_id() is checked accordingly. It relies on 1689280304Sjkim * being able to construct an SSL_SESSION that will collide with any existing 1690280304Sjkim * session with a matching session ID. 1691280304Sjkim */ 1692280304Sjkimstatic int ssl_session_cmp(const SSL_SESSION *a, const SSL_SESSION *b) 1693280304Sjkim{ 1694280304Sjkim if (a->ssl_version != b->ssl_version) 1695280304Sjkim return (1); 1696280304Sjkim if (a->session_id_length != b->session_id_length) 1697280304Sjkim return (1); 1698280304Sjkim return (memcmp(a->session_id, b->session_id, a->session_id_length)); 1699280304Sjkim} 170055714Skris 1701280304Sjkim/* 1702280304Sjkim * These wrapper functions should remain rather than redeclaring 1703109998Smarkm * SSL_SESSION_hash and SSL_SESSION_cmp for void* types and casting each 1704280304Sjkim * variable. The reason is that the functions aren't static, they're exposed 1705280304Sjkim * via ssl.h. 1706280304Sjkim */ 1707238405Sjkimstatic IMPLEMENT_LHASH_HASH_FN(ssl_session, SSL_SESSION) 1708238405Sjkimstatic IMPLEMENT_LHASH_COMP_FN(ssl_session, SSL_SESSION) 1709109998Smarkm 1710238405SjkimSSL_CTX *SSL_CTX_new(const SSL_METHOD *meth) 1711280304Sjkim{ 1712280304Sjkim SSL_CTX *ret = NULL; 1713238405Sjkim 1714280304Sjkim if (meth == NULL) { 1715280304Sjkim SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_NULL_SSL_METHOD_PASSED); 1716280304Sjkim return (NULL); 1717280304Sjkim } 1718194206Ssimon#ifdef OPENSSL_FIPS 1719280304Sjkim if (FIPS_mode() && (meth->version < TLS1_VERSION)) { 1720280304Sjkim SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE); 1721280304Sjkim return NULL; 1722280304Sjkim } 1723194206Ssimon#endif 1724194206Ssimon 1725280304Sjkim if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0) { 1726280304Sjkim SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_X509_VERIFICATION_SETUP_PROBLEMS); 1727280304Sjkim goto err; 1728280304Sjkim } 1729280304Sjkim ret = (SSL_CTX *)OPENSSL_malloc(sizeof(SSL_CTX)); 1730280304Sjkim if (ret == NULL) 1731280304Sjkim goto err; 173255714Skris 1733280304Sjkim memset(ret, 0, sizeof(SSL_CTX)); 173455714Skris 1735280304Sjkim ret->method = meth; 173655714Skris 1737280304Sjkim ret->cert_store = NULL; 1738280304Sjkim ret->session_cache_mode = SSL_SESS_CACHE_SERVER; 1739280304Sjkim ret->session_cache_size = SSL_SESSION_CACHE_MAX_SIZE_DEFAULT; 1740280304Sjkim ret->session_cache_head = NULL; 1741280304Sjkim ret->session_cache_tail = NULL; 174255714Skris 1743280304Sjkim /* We take the system default */ 1744280304Sjkim ret->session_timeout = meth->get_timeout(); 174555714Skris 1746280304Sjkim ret->new_session_cb = 0; 1747280304Sjkim ret->remove_session_cb = 0; 1748280304Sjkim ret->get_session_cb = 0; 1749280304Sjkim ret->generate_session_id = 0; 175055714Skris 1751280304Sjkim memset((char *)&ret->stats, 0, sizeof(ret->stats)); 175255714Skris 1753280304Sjkim ret->references = 1; 1754280304Sjkim ret->quiet_shutdown = 0; 175555714Skris 1756280304Sjkim/* ret->cipher=NULL;*/ 1757280304Sjkim/*- 1758280304Sjkim ret->s2->challenge=NULL; 1759280304Sjkim ret->master_key=NULL; 1760280304Sjkim ret->key_arg=NULL; 1761280304Sjkim ret->s2->conn_id=NULL; */ 176255714Skris 1763280304Sjkim ret->info_callback = NULL; 176455714Skris 1765280304Sjkim ret->app_verify_callback = 0; 1766280304Sjkim ret->app_verify_arg = NULL; 176755714Skris 1768280304Sjkim ret->max_cert_list = SSL_MAX_CERT_LIST_DEFAULT; 1769280304Sjkim ret->read_ahead = 0; 1770280304Sjkim ret->msg_callback = 0; 1771280304Sjkim ret->msg_callback_arg = NULL; 1772280304Sjkim ret->verify_mode = SSL_VERIFY_NONE; 1773160814Ssimon#if 0 1774280304Sjkim ret->verify_depth = -1; /* Don't impose a limit (but x509_lu.c does) */ 1775160814Ssimon#endif 1776280304Sjkim ret->sid_ctx_length = 0; 1777280304Sjkim ret->default_verify_callback = NULL; 1778280304Sjkim if ((ret->cert = ssl_cert_new()) == NULL) 1779280304Sjkim goto err; 178055714Skris 1781280304Sjkim ret->default_passwd_callback = 0; 1782280304Sjkim ret->default_passwd_callback_userdata = NULL; 1783280304Sjkim ret->client_cert_cb = 0; 1784280304Sjkim ret->app_gen_cookie_cb = 0; 1785280304Sjkim ret->app_verify_cookie_cb = 0; 178655714Skris 1787280304Sjkim ret->sessions = lh_SSL_SESSION_new(); 1788280304Sjkim if (ret->sessions == NULL) 1789280304Sjkim goto err; 1790280304Sjkim ret->cert_store = X509_STORE_new(); 1791280304Sjkim if (ret->cert_store == NULL) 1792280304Sjkim goto err; 179355714Skris 1794280304Sjkim ssl_create_cipher_list(ret->method, 1795280304Sjkim &ret->cipher_list, &ret->cipher_list_by_id, 1796280304Sjkim meth->version == 1797280304Sjkim SSL2_VERSION ? "SSLv2" : SSL_DEFAULT_CIPHER_LIST); 1798280304Sjkim if (ret->cipher_list == NULL || sk_SSL_CIPHER_num(ret->cipher_list) <= 0) { 1799280304Sjkim SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_LIBRARY_HAS_NO_CIPHERS); 1800280304Sjkim goto err2; 1801280304Sjkim } 180255714Skris 1803280304Sjkim ret->param = X509_VERIFY_PARAM_new(); 1804280304Sjkim if (!ret->param) 1805280304Sjkim goto err; 1806160814Ssimon 1807280304Sjkim if ((ret->rsa_md5 = EVP_get_digestbyname("ssl2-md5")) == NULL) { 1808280304Sjkim SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES); 1809280304Sjkim goto err2; 1810280304Sjkim } 1811280304Sjkim if ((ret->md5 = EVP_get_digestbyname("ssl3-md5")) == NULL) { 1812280304Sjkim SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES); 1813280304Sjkim goto err2; 1814280304Sjkim } 1815280304Sjkim if ((ret->sha1 = EVP_get_digestbyname("ssl3-sha1")) == NULL) { 1816280304Sjkim SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES); 1817280304Sjkim goto err2; 1818280304Sjkim } 181955714Skris 1820280304Sjkim if ((ret->client_CA = sk_X509_NAME_new_null()) == NULL) 1821280304Sjkim goto err; 182255714Skris 1823280304Sjkim CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ret, &ret->ex_data); 182455714Skris 1825280304Sjkim ret->extra_certs = NULL; 1826280304Sjkim /* No compression for DTLS */ 1827280304Sjkim if (meth->version != DTLS1_VERSION) 1828280304Sjkim ret->comp_methods = SSL_COMP_get_compression_methods(); 182955714Skris 1830280304Sjkim ret->max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH; 1831238405Sjkim 1832194206Ssimon#ifndef OPENSSL_NO_TLSEXT 1833280304Sjkim ret->tlsext_servername_callback = 0; 1834280304Sjkim ret->tlsext_servername_arg = NULL; 1835280304Sjkim /* Setup RFC4507 ticket keys */ 1836306196Sjkim if ((RAND_bytes(ret->tlsext_tick_key_name, 16) <= 0) 1837280304Sjkim || (RAND_bytes(ret->tlsext_tick_hmac_key, 16) <= 0) 1838280304Sjkim || (RAND_bytes(ret->tlsext_tick_aes_key, 16) <= 0)) 1839280304Sjkim ret->options |= SSL_OP_NO_TICKET; 1840194206Ssimon 1841280304Sjkim ret->tlsext_status_cb = 0; 1842280304Sjkim ret->tlsext_status_arg = NULL; 1843194206Ssimon 1844238405Sjkim# ifndef OPENSSL_NO_NEXTPROTONEG 1845280304Sjkim ret->next_protos_advertised_cb = 0; 1846280304Sjkim ret->next_proto_select_cb = 0; 1847238405Sjkim# endif 1848194206Ssimon#endif 1849238405Sjkim#ifndef OPENSSL_NO_PSK 1850280304Sjkim ret->psk_identity_hint = NULL; 1851280304Sjkim ret->psk_client_callback = NULL; 1852280304Sjkim ret->psk_server_callback = NULL; 1853238405Sjkim#endif 1854238405Sjkim#ifndef OPENSSL_NO_SRP 1855280304Sjkim SSL_CTX_SRP_CTX_init(ret); 1856238405Sjkim#endif 1857238405Sjkim#ifndef OPENSSL_NO_BUF_FREELISTS 1858280304Sjkim ret->freelist_max_len = SSL_MAX_BUF_FREELIST_LEN_DEFAULT; 1859280304Sjkim ret->rbuf_freelist = OPENSSL_malloc(sizeof(SSL3_BUF_FREELIST)); 1860280304Sjkim if (!ret->rbuf_freelist) 1861280304Sjkim goto err; 1862280304Sjkim ret->rbuf_freelist->chunklen = 0; 1863280304Sjkim ret->rbuf_freelist->len = 0; 1864280304Sjkim ret->rbuf_freelist->head = NULL; 1865280304Sjkim ret->wbuf_freelist = OPENSSL_malloc(sizeof(SSL3_BUF_FREELIST)); 1866280304Sjkim if (!ret->wbuf_freelist) { 1867280304Sjkim OPENSSL_free(ret->rbuf_freelist); 1868280304Sjkim goto err; 1869280304Sjkim } 1870280304Sjkim ret->wbuf_freelist->chunklen = 0; 1871280304Sjkim ret->wbuf_freelist->len = 0; 1872280304Sjkim ret->wbuf_freelist->head = NULL; 1873238405Sjkim#endif 1874194206Ssimon#ifndef OPENSSL_NO_ENGINE 1875280304Sjkim ret->client_cert_engine = NULL; 1876280304Sjkim# ifdef OPENSSL_SSL_CLIENT_ENGINE_AUTO 1877280304Sjkim# define eng_strx(x) #x 1878280304Sjkim# define eng_str(x) eng_strx(x) 1879280304Sjkim /* Use specific client engine automatically... ignore errors */ 1880280304Sjkim { 1881280304Sjkim ENGINE *eng; 1882280304Sjkim eng = ENGINE_by_id(eng_str(OPENSSL_SSL_CLIENT_ENGINE_AUTO)); 1883280304Sjkim if (!eng) { 1884280304Sjkim ERR_clear_error(); 1885280304Sjkim ENGINE_load_builtin_engines(); 1886280304Sjkim eng = ENGINE_by_id(eng_str(OPENSSL_SSL_CLIENT_ENGINE_AUTO)); 1887280304Sjkim } 1888280304Sjkim if (!eng || !SSL_CTX_set_client_cert_engine(ret, eng)) 1889280304Sjkim ERR_clear_error(); 1890280304Sjkim } 1891280304Sjkim# endif 1892194206Ssimon#endif 1893280304Sjkim /* 1894280304Sjkim * Default is to connect to non-RI servers. When RI is more widely 1895280304Sjkim * deployed might change this. 1896280304Sjkim */ 1897280304Sjkim ret->options |= SSL_OP_LEGACY_SERVER_CONNECT; 1898194206Ssimon 1899296317Sdelphij /* 1900296317Sdelphij * Disable SSLv2 by default, callers that want to enable SSLv2 will have to 1901296317Sdelphij * explicitly clear this option via either of SSL_CTX_clear_options() or 1902296317Sdelphij * SSL_clear_options(). 1903296317Sdelphij */ 1904296317Sdelphij ret->options |= SSL_OP_NO_SSLv2; 1905296317Sdelphij 1906280304Sjkim return (ret); 1907280304Sjkim err: 1908280304Sjkim SSLerr(SSL_F_SSL_CTX_NEW, ERR_R_MALLOC_FAILURE); 1909280304Sjkim err2: 1910280304Sjkim if (ret != NULL) 1911280304Sjkim SSL_CTX_free(ret); 1912280304Sjkim return (NULL); 1913280304Sjkim} 191455714Skris 1915109998Smarkm#if 0 191655714Skrisstatic void SSL_COMP_free(SSL_COMP *comp) 1917280304Sjkim{ 1918280304Sjkim OPENSSL_free(comp); 1919280304Sjkim} 1920109998Smarkm#endif 192155714Skris 1922238405Sjkim#ifndef OPENSSL_NO_BUF_FREELISTS 1923280304Sjkimstatic void ssl_buf_freelist_free(SSL3_BUF_FREELIST *list) 1924280304Sjkim{ 1925280304Sjkim SSL3_BUF_FREELIST_ENTRY *ent, *next; 1926280304Sjkim for (ent = list->head; ent; ent = next) { 1927280304Sjkim next = ent->next; 1928280304Sjkim OPENSSL_free(ent); 1929280304Sjkim } 1930280304Sjkim OPENSSL_free(list); 1931280304Sjkim} 1932238405Sjkim#endif 1933238405Sjkim 193455714Skrisvoid SSL_CTX_free(SSL_CTX *a) 1935280304Sjkim{ 1936280304Sjkim int i; 193755714Skris 1938280304Sjkim if (a == NULL) 1939280304Sjkim return; 194055714Skris 1941280304Sjkim i = CRYPTO_add(&a->references, -1, CRYPTO_LOCK_SSL_CTX); 194255714Skris#ifdef REF_PRINT 1943280304Sjkim REF_PRINT("SSL_CTX", a); 194455714Skris#endif 1945280304Sjkim if (i > 0) 1946280304Sjkim return; 194755714Skris#ifdef REF_CHECK 1948280304Sjkim if (i < 0) { 1949280304Sjkim fprintf(stderr, "SSL_CTX_free, bad reference count\n"); 1950280304Sjkim abort(); /* ok */ 1951280304Sjkim } 195255714Skris#endif 195355714Skris 1954280304Sjkim if (a->param) 1955280304Sjkim X509_VERIFY_PARAM_free(a->param); 1956160814Ssimon 1957280304Sjkim /* 1958280304Sjkim * Free internal session cache. However: the remove_cb() may reference 1959280304Sjkim * the ex_data of SSL_CTX, thus the ex_data store can only be removed 1960280304Sjkim * after the sessions were flushed. 1961280304Sjkim * As the ex_data handling routines might also touch the session cache, 1962280304Sjkim * the most secure solution seems to be: empty (flush) the cache, then 1963280304Sjkim * free ex_data, then finally free the cache. 1964280304Sjkim * (See ticket [openssl.org #212].) 1965280304Sjkim */ 1966280304Sjkim if (a->sessions != NULL) 1967280304Sjkim SSL_CTX_flush_sessions(a, 0); 1968109998Smarkm 1969280304Sjkim CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_CTX, a, &a->ex_data); 1970109998Smarkm 1971280304Sjkim if (a->sessions != NULL) 1972280304Sjkim lh_SSL_SESSION_free(a->sessions); 1973109998Smarkm 1974280304Sjkim if (a->cert_store != NULL) 1975280304Sjkim X509_STORE_free(a->cert_store); 1976280304Sjkim if (a->cipher_list != NULL) 1977280304Sjkim sk_SSL_CIPHER_free(a->cipher_list); 1978280304Sjkim if (a->cipher_list_by_id != NULL) 1979280304Sjkim sk_SSL_CIPHER_free(a->cipher_list_by_id); 1980280304Sjkim if (a->cert != NULL) 1981280304Sjkim ssl_cert_free(a->cert); 1982280304Sjkim if (a->client_CA != NULL) 1983280304Sjkim sk_X509_NAME_pop_free(a->client_CA, X509_NAME_free); 1984280304Sjkim if (a->extra_certs != NULL) 1985280304Sjkim sk_X509_pop_free(a->extra_certs, X509_free); 1986280304Sjkim#if 0 /* This should never be done, since it 1987280304Sjkim * removes a global database */ 1988280304Sjkim if (a->comp_methods != NULL) 1989280304Sjkim sk_SSL_COMP_pop_free(a->comp_methods, SSL_COMP_free); 1990109998Smarkm#else 1991280304Sjkim a->comp_methods = NULL; 1992109998Smarkm#endif 1993238405Sjkim 1994246772Sjkim#ifndef OPENSSL_NO_SRTP 1995280304Sjkim if (a->srtp_profiles) 1996280304Sjkim sk_SRTP_PROTECTION_PROFILE_free(a->srtp_profiles); 1997246772Sjkim#endif 1998238405Sjkim 1999238405Sjkim#ifndef OPENSSL_NO_PSK 2000280304Sjkim if (a->psk_identity_hint) 2001280304Sjkim OPENSSL_free(a->psk_identity_hint); 2002238405Sjkim#endif 2003238405Sjkim#ifndef OPENSSL_NO_SRP 2004280304Sjkim SSL_CTX_SRP_CTX_free(a); 2005238405Sjkim#endif 2006194206Ssimon#ifndef OPENSSL_NO_ENGINE 2007280304Sjkim if (a->client_cert_engine) 2008280304Sjkim ENGINE_finish(a->client_cert_engine); 2009194206Ssimon#endif 2010238405Sjkim 2011238405Sjkim#ifndef OPENSSL_NO_BUF_FREELISTS 2012280304Sjkim if (a->wbuf_freelist) 2013280304Sjkim ssl_buf_freelist_free(a->wbuf_freelist); 2014280304Sjkim if (a->rbuf_freelist) 2015280304Sjkim ssl_buf_freelist_free(a->rbuf_freelist); 2016238405Sjkim#endif 2017238405Sjkim 2018280304Sjkim OPENSSL_free(a); 2019280304Sjkim} 202055714Skris 202155714Skrisvoid SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb) 2022280304Sjkim{ 2023280304Sjkim ctx->default_passwd_callback = cb; 2024280304Sjkim} 202555714Skris 2026280304Sjkimvoid SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u) 2027280304Sjkim{ 2028280304Sjkim ctx->default_passwd_callback_userdata = u; 2029280304Sjkim} 203055714Skris 2031280304Sjkimvoid SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, 2032280304Sjkim int (*cb) (X509_STORE_CTX *, void *), 2033280304Sjkim void *arg) 2034280304Sjkim{ 2035280304Sjkim ctx->app_verify_callback = cb; 2036280304Sjkim ctx->app_verify_arg = arg; 2037280304Sjkim} 203855714Skris 2039280304Sjkimvoid SSL_CTX_set_verify(SSL_CTX *ctx, int mode, 2040280304Sjkim int (*cb) (int, X509_STORE_CTX *)) 2041280304Sjkim{ 2042280304Sjkim ctx->verify_mode = mode; 2043280304Sjkim ctx->default_verify_callback = cb; 2044280304Sjkim} 204555714Skris 2046280304Sjkimvoid SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth) 2047280304Sjkim{ 2048280304Sjkim X509_VERIFY_PARAM_set_depth(ctx->param, depth); 2049280304Sjkim} 205055714Skris 2051238405Sjkimvoid ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher) 2052280304Sjkim{ 2053280304Sjkim CERT_PKEY *cpk; 2054280304Sjkim int rsa_enc, rsa_tmp, rsa_sign, dh_tmp, dh_rsa, dh_dsa, dsa_sign; 2055280304Sjkim int rsa_enc_export, dh_rsa_export, dh_dsa_export; 2056280304Sjkim int rsa_tmp_export, dh_tmp_export, kl; 2057280304Sjkim unsigned long mask_k, mask_a, emask_k, emask_a; 2058280304Sjkim#ifndef OPENSSL_NO_ECDSA 2059280304Sjkim int have_ecc_cert, ecdsa_ok, ecc_pkey_size; 2060280304Sjkim#endif 2061160814Ssimon#ifndef OPENSSL_NO_ECDH 2062280304Sjkim int have_ecdh_tmp, ecdh_ok; 2063160814Ssimon#endif 2064280304Sjkim#ifndef OPENSSL_NO_EC 2065280304Sjkim X509 *x = NULL; 2066280304Sjkim EVP_PKEY *ecc_pkey = NULL; 2067280304Sjkim int signature_nid = 0, pk_nid = 0, md_nid = 0; 2068280304Sjkim#endif 2069280304Sjkim if (c == NULL) 2070280304Sjkim return; 207155714Skris 2072280304Sjkim kl = SSL_C_EXPORT_PKEYLENGTH(cipher); 207355714Skris 2074109998Smarkm#ifndef OPENSSL_NO_RSA 2075280304Sjkim rsa_tmp = (c->rsa_tmp != NULL || c->rsa_tmp_cb != NULL); 2076280304Sjkim rsa_tmp_export = (c->rsa_tmp_cb != NULL || 2077280304Sjkim (rsa_tmp && RSA_size(c->rsa_tmp) * 8 <= kl)); 207855714Skris#else 2079280304Sjkim rsa_tmp = rsa_tmp_export = 0; 208055714Skris#endif 2081109998Smarkm#ifndef OPENSSL_NO_DH 2082280304Sjkim dh_tmp = (c->dh_tmp != NULL || c->dh_tmp_cb != NULL); 2083280304Sjkim dh_tmp_export = (c->dh_tmp_cb != NULL || 2084280304Sjkim (dh_tmp && DH_size(c->dh_tmp) * 8 <= kl)); 208555714Skris#else 2086280304Sjkim dh_tmp = dh_tmp_export = 0; 208755714Skris#endif 208855714Skris 2089160814Ssimon#ifndef OPENSSL_NO_ECDH 2090280304Sjkim have_ecdh_tmp = (c->ecdh_tmp != NULL || c->ecdh_tmp_cb != NULL); 2091160814Ssimon#endif 2092280304Sjkim cpk = &(c->pkeys[SSL_PKEY_RSA_ENC]); 2093280304Sjkim rsa_enc = (cpk->x509 != NULL && cpk->privatekey != NULL); 2094280304Sjkim rsa_enc_export = (rsa_enc && EVP_PKEY_size(cpk->privatekey) * 8 <= kl); 2095280304Sjkim cpk = &(c->pkeys[SSL_PKEY_RSA_SIGN]); 2096280304Sjkim rsa_sign = (cpk->x509 != NULL && cpk->privatekey != NULL); 2097280304Sjkim cpk = &(c->pkeys[SSL_PKEY_DSA_SIGN]); 2098280304Sjkim dsa_sign = (cpk->x509 != NULL && cpk->privatekey != NULL); 2099280304Sjkim cpk = &(c->pkeys[SSL_PKEY_DH_RSA]); 2100280304Sjkim dh_rsa = (cpk->x509 != NULL && cpk->privatekey != NULL); 2101280304Sjkim dh_rsa_export = (dh_rsa && EVP_PKEY_size(cpk->privatekey) * 8 <= kl); 2102280304Sjkim cpk = &(c->pkeys[SSL_PKEY_DH_DSA]); 210355714Skris/* FIX THIS EAY EAY EAY */ 2104280304Sjkim dh_dsa = (cpk->x509 != NULL && cpk->privatekey != NULL); 2105280304Sjkim dh_dsa_export = (dh_dsa && EVP_PKEY_size(cpk->privatekey) * 8 <= kl); 2106280304Sjkim cpk = &(c->pkeys[SSL_PKEY_ECC]); 2107280304Sjkim#ifndef OPENSSL_NO_EC 2108280304Sjkim have_ecc_cert = (cpk->x509 != NULL && cpk->privatekey != NULL); 2109280304Sjkim#endif 2110280304Sjkim mask_k = 0; 2111280304Sjkim mask_a = 0; 2112280304Sjkim emask_k = 0; 2113280304Sjkim emask_a = 0; 211455714Skris 211555714Skris#ifdef CIPHER_DEBUG 2116280304Sjkim fprintf(stderr, 2117280304Sjkim "rt=%d rte=%d dht=%d ecdht=%d re=%d ree=%d rs=%d ds=%d dhr=%d dhd=%d\n", 2118280304Sjkim rsa_tmp, rsa_tmp_export, dh_tmp, have_ecdh_tmp, rsa_enc, 2119280304Sjkim rsa_enc_export, rsa_sign, dsa_sign, dh_rsa, dh_dsa); 212055714Skris#endif 212155714Skris 2122280304Sjkim cpk = &(c->pkeys[SSL_PKEY_GOST01]); 2123280304Sjkim if (cpk->x509 != NULL && cpk->privatekey != NULL) { 2124280304Sjkim mask_k |= SSL_kGOST; 2125280304Sjkim mask_a |= SSL_aGOST01; 2126280304Sjkim } 2127280304Sjkim cpk = &(c->pkeys[SSL_PKEY_GOST94]); 2128280304Sjkim if (cpk->x509 != NULL && cpk->privatekey != NULL) { 2129280304Sjkim mask_k |= SSL_kGOST; 2130280304Sjkim mask_a |= SSL_aGOST94; 2131280304Sjkim } 213255714Skris 2133280304Sjkim if (rsa_enc || (rsa_tmp && rsa_sign)) 2134280304Sjkim mask_k |= SSL_kRSA; 2135280304Sjkim if (rsa_enc_export || (rsa_tmp_export && (rsa_sign || rsa_enc))) 2136280304Sjkim emask_k |= SSL_kRSA; 2137280304Sjkim 213855714Skris#if 0 2139280304Sjkim /* The match needs to be both kEDH and aRSA or aDSA, so don't worry */ 2140280304Sjkim if ((dh_tmp || dh_rsa || dh_dsa) && (rsa_enc || rsa_sign || dsa_sign)) 2141280304Sjkim mask_k |= SSL_kEDH; 2142280304Sjkim if ((dh_tmp_export || dh_rsa_export || dh_dsa_export) && 2143280304Sjkim (rsa_enc || rsa_sign || dsa_sign)) 2144280304Sjkim emask_k |= SSL_kEDH; 214555714Skris#endif 214655714Skris 2147280304Sjkim if (dh_tmp_export) 2148280304Sjkim emask_k |= SSL_kEDH; 214955714Skris 2150280304Sjkim if (dh_tmp) 2151280304Sjkim mask_k |= SSL_kEDH; 215255714Skris 2153280304Sjkim if (dh_rsa) 2154280304Sjkim mask_k |= SSL_kDHr; 2155280304Sjkim if (dh_rsa_export) 2156280304Sjkim emask_k |= SSL_kDHr; 215755714Skris 2158280304Sjkim if (dh_dsa) 2159280304Sjkim mask_k |= SSL_kDHd; 2160280304Sjkim if (dh_dsa_export) 2161280304Sjkim emask_k |= SSL_kDHd; 216255714Skris 2163280304Sjkim if (rsa_enc || rsa_sign) { 2164280304Sjkim mask_a |= SSL_aRSA; 2165280304Sjkim emask_a |= SSL_aRSA; 2166280304Sjkim } 216755714Skris 2168280304Sjkim if (dsa_sign) { 2169280304Sjkim mask_a |= SSL_aDSS; 2170280304Sjkim emask_a |= SSL_aDSS; 2171280304Sjkim } 217255714Skris 2173280304Sjkim mask_a |= SSL_aNULL; 2174280304Sjkim emask_a |= SSL_aNULL; 217555714Skris 2176109998Smarkm#ifndef OPENSSL_NO_KRB5 2177280304Sjkim mask_k |= SSL_kKRB5; 2178280304Sjkim mask_a |= SSL_aKRB5; 2179280304Sjkim emask_k |= SSL_kKRB5; 2180280304Sjkim emask_a |= SSL_aKRB5; 2181109998Smarkm#endif 2182109998Smarkm 2183280304Sjkim /* 2184280304Sjkim * An ECC certificate may be usable for ECDH and/or ECDSA cipher suites 2185280304Sjkim * depending on the key usage extension. 2186280304Sjkim */ 2187280304Sjkim#ifndef OPENSSL_NO_EC 2188280304Sjkim if (have_ecc_cert) { 2189280304Sjkim /* This call populates extension flags (ex_flags) */ 2190280304Sjkim x = (c->pkeys[SSL_PKEY_ECC]).x509; 2191280304Sjkim X509_check_purpose(x, -1, 0); 2192280304Sjkim ecdh_ok = (x->ex_flags & EXFLAG_KUSAGE) ? 2193280304Sjkim (x->ex_kusage & X509v3_KU_KEY_AGREEMENT) : 1; 2194280304Sjkim ecdsa_ok = (x->ex_flags & EXFLAG_KUSAGE) ? 2195280304Sjkim (x->ex_kusage & X509v3_KU_DIGITAL_SIGNATURE) : 1; 2196280304Sjkim ecc_pkey = X509_get_pubkey(x); 2197280304Sjkim ecc_pkey_size = (ecc_pkey != NULL) ? EVP_PKEY_bits(ecc_pkey) : 0; 2198280304Sjkim EVP_PKEY_free(ecc_pkey); 2199280304Sjkim if ((x->sig_alg) && (x->sig_alg->algorithm)) { 2200280304Sjkim signature_nid = OBJ_obj2nid(x->sig_alg->algorithm); 2201280304Sjkim OBJ_find_sigid_algs(signature_nid, &md_nid, &pk_nid); 2202280304Sjkim } 2203160814Ssimon#ifndef OPENSSL_NO_ECDH 2204280304Sjkim if (ecdh_ok) { 2205238405Sjkim 2206280304Sjkim if (pk_nid == NID_rsaEncryption || pk_nid == NID_rsa) { 2207280304Sjkim mask_k |= SSL_kECDHr; 2208280304Sjkim mask_a |= SSL_aECDH; 2209280304Sjkim if (ecc_pkey_size <= 163) { 2210280304Sjkim emask_k |= SSL_kECDHr; 2211280304Sjkim emask_a |= SSL_aECDH; 2212280304Sjkim } 2213280304Sjkim } 2214238405Sjkim 2215280304Sjkim if (pk_nid == NID_X9_62_id_ecPublicKey) { 2216280304Sjkim mask_k |= SSL_kECDHe; 2217280304Sjkim mask_a |= SSL_aECDH; 2218280304Sjkim if (ecc_pkey_size <= 163) { 2219280304Sjkim emask_k |= SSL_kECDHe; 2220280304Sjkim emask_a |= SSL_aECDH; 2221280304Sjkim } 2222280304Sjkim } 2223280304Sjkim } 2224160814Ssimon#endif 2225160814Ssimon#ifndef OPENSSL_NO_ECDSA 2226280304Sjkim if (ecdsa_ok) { 2227280304Sjkim mask_a |= SSL_aECDSA; 2228280304Sjkim emask_a |= SSL_aECDSA; 2229280304Sjkim } 2230160814Ssimon#endif 2231280304Sjkim } 2232280304Sjkim#endif 2233160814Ssimon#ifndef OPENSSL_NO_ECDH 2234280304Sjkim if (have_ecdh_tmp) { 2235280304Sjkim mask_k |= SSL_kEECDH; 2236280304Sjkim emask_k |= SSL_kEECDH; 2237280304Sjkim } 2238160814Ssimon#endif 2239238405Sjkim 2240238405Sjkim#ifndef OPENSSL_NO_PSK 2241280304Sjkim mask_k |= SSL_kPSK; 2242280304Sjkim mask_a |= SSL_aPSK; 2243280304Sjkim emask_k |= SSL_kPSK; 2244280304Sjkim emask_a |= SSL_aPSK; 2245238405Sjkim#endif 2246238405Sjkim 2247280304Sjkim c->mask_k = mask_k; 2248280304Sjkim c->mask_a = mask_a; 2249280304Sjkim c->export_mask_k = emask_k; 2250280304Sjkim c->export_mask_a = emask_a; 2251280304Sjkim c->valid = 1; 2252280304Sjkim} 225355714Skris 2254160814Ssimon/* This handy macro borrowed from crypto/x509v3/v3_purp.c */ 2255160814Ssimon#define ku_reject(x, usage) \ 2256280304Sjkim (((x)->ex_flags & EXFLAG_KUSAGE) && !((x)->ex_kusage & (usage))) 2257160814Ssimon 2258238405Sjkim#ifndef OPENSSL_NO_EC 2259238405Sjkim 2260238405Sjkimint ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s) 2261280304Sjkim{ 2262280304Sjkim unsigned long alg_k, alg_a; 2263280304Sjkim EVP_PKEY *pkey = NULL; 2264280304Sjkim int keysize = 0; 2265280304Sjkim int signature_nid = 0, md_nid = 0, pk_nid = 0; 2266280304Sjkim const SSL_CIPHER *cs = s->s3->tmp.new_cipher; 2267160814Ssimon 2268280304Sjkim alg_k = cs->algorithm_mkey; 2269280304Sjkim alg_a = cs->algorithm_auth; 2270238405Sjkim 2271280304Sjkim if (SSL_C_IS_EXPORT(cs)) { 2272280304Sjkim /* ECDH key length in export ciphers must be <= 163 bits */ 2273280304Sjkim pkey = X509_get_pubkey(x); 2274280304Sjkim if (pkey == NULL) 2275280304Sjkim return 0; 2276280304Sjkim keysize = EVP_PKEY_bits(pkey); 2277280304Sjkim EVP_PKEY_free(pkey); 2278280304Sjkim if (keysize > 163) 2279280304Sjkim return 0; 2280280304Sjkim } 2281160814Ssimon 2282280304Sjkim /* This call populates the ex_flags field correctly */ 2283280304Sjkim X509_check_purpose(x, -1, 0); 2284280304Sjkim if ((x->sig_alg) && (x->sig_alg->algorithm)) { 2285280304Sjkim signature_nid = OBJ_obj2nid(x->sig_alg->algorithm); 2286280304Sjkim OBJ_find_sigid_algs(signature_nid, &md_nid, &pk_nid); 2287280304Sjkim } 2288280304Sjkim if (alg_k & SSL_kECDHe || alg_k & SSL_kECDHr) { 2289280304Sjkim /* key usage, if present, must allow key agreement */ 2290280304Sjkim if (ku_reject(x, X509v3_KU_KEY_AGREEMENT)) { 2291280304Sjkim SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG, 2292280304Sjkim SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT); 2293280304Sjkim return 0; 2294280304Sjkim } 2295280304Sjkim if ((alg_k & SSL_kECDHe) && TLS1_get_version(s) < TLS1_2_VERSION) { 2296280304Sjkim /* signature alg must be ECDSA */ 2297280304Sjkim if (pk_nid != NID_X9_62_id_ecPublicKey) { 2298280304Sjkim SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG, 2299280304Sjkim SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE); 2300280304Sjkim return 0; 2301280304Sjkim } 2302280304Sjkim } 2303280304Sjkim if ((alg_k & SSL_kECDHr) && TLS1_get_version(s) < TLS1_2_VERSION) { 2304280304Sjkim /* signature alg must be RSA */ 2305238405Sjkim 2306280304Sjkim if (pk_nid != NID_rsaEncryption && pk_nid != NID_rsa) { 2307280304Sjkim SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG, 2308280304Sjkim SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE); 2309280304Sjkim return 0; 2310280304Sjkim } 2311280304Sjkim } 2312280304Sjkim } 2313280304Sjkim if (alg_a & SSL_aECDSA) { 2314280304Sjkim /* key usage, if present, must allow signing */ 2315280304Sjkim if (ku_reject(x, X509v3_KU_DIGITAL_SIGNATURE)) { 2316280304Sjkim SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG, 2317280304Sjkim SSL_R_ECC_CERT_NOT_FOR_SIGNING); 2318280304Sjkim return 0; 2319280304Sjkim } 2320280304Sjkim } 2321160814Ssimon 2322280304Sjkim return 1; /* all checks are ok */ 2323280304Sjkim} 2324160814Ssimon 2325238405Sjkim#endif 2326238405Sjkim 232755714Skris/* THIS NEEDS CLEANING UP */ 2328246772SjkimCERT_PKEY *ssl_get_server_send_pkey(const SSL *s) 2329280304Sjkim{ 2330280304Sjkim unsigned long alg_k, alg_a; 2331280304Sjkim CERT *c; 2332280304Sjkim int i; 233355714Skris 2334280304Sjkim c = s->cert; 2335280304Sjkim ssl_set_cert_masks(c, s->s3->tmp.new_cipher); 233655714Skris 2337280304Sjkim alg_k = s->s3->tmp.new_cipher->algorithm_mkey; 2338280304Sjkim alg_a = s->s3->tmp.new_cipher->algorithm_auth; 2339160814Ssimon 2340280304Sjkim if (alg_k & (SSL_kECDHr | SSL_kECDHe)) { 2341280304Sjkim /* 2342280304Sjkim * we don't need to look at SSL_kEECDH since no certificate is needed 2343280304Sjkim * for anon ECDH and for authenticated EECDH, the check for the auth 2344280304Sjkim * algorithm will set i correctly NOTE: For ECDH-RSA, we need an ECC 2345280304Sjkim * not an RSA cert but for EECDH-RSA we need an RSA cert. Placing the 2346280304Sjkim * checks for SSL_kECDH before RSA checks ensures the correct cert is 2347280304Sjkim * chosen. 2348280304Sjkim */ 2349280304Sjkim i = SSL_PKEY_ECC; 2350280304Sjkim } else if (alg_a & SSL_aECDSA) { 2351280304Sjkim i = SSL_PKEY_ECC; 2352280304Sjkim } else if (alg_k & SSL_kDHr) 2353280304Sjkim i = SSL_PKEY_DH_RSA; 2354280304Sjkim else if (alg_k & SSL_kDHd) 2355280304Sjkim i = SSL_PKEY_DH_DSA; 2356280304Sjkim else if (alg_a & SSL_aDSS) 2357280304Sjkim i = SSL_PKEY_DSA_SIGN; 2358280304Sjkim else if (alg_a & SSL_aRSA) { 2359280304Sjkim if (c->pkeys[SSL_PKEY_RSA_ENC].x509 == NULL) 2360280304Sjkim i = SSL_PKEY_RSA_SIGN; 2361280304Sjkim else 2362280304Sjkim i = SSL_PKEY_RSA_ENC; 2363280304Sjkim } else if (alg_a & SSL_aKRB5) { 2364280304Sjkim /* VRS something else here? */ 2365280304Sjkim return (NULL); 2366280304Sjkim } else if (alg_a & SSL_aGOST94) 2367280304Sjkim i = SSL_PKEY_GOST94; 2368280304Sjkim else if (alg_a & SSL_aGOST01) 2369280304Sjkim i = SSL_PKEY_GOST01; 2370280304Sjkim else { /* if (alg_a & SSL_aNULL) */ 237155714Skris 2372280304Sjkim SSLerr(SSL_F_SSL_GET_SERVER_SEND_PKEY, ERR_R_INTERNAL_ERROR); 2373280304Sjkim return (NULL); 2374280304Sjkim } 2375280304Sjkim 2376280304Sjkim return c->pkeys + i; 2377280304Sjkim} 2378280304Sjkim 2379246772SjkimX509 *ssl_get_server_send_cert(const SSL *s) 2380280304Sjkim{ 2381280304Sjkim CERT_PKEY *cpk; 2382280304Sjkim cpk = ssl_get_server_send_pkey(s); 2383280304Sjkim if (!cpk) 2384280304Sjkim return NULL; 2385280304Sjkim return cpk->x509; 2386280304Sjkim} 2387246772Sjkim 2388280304SjkimEVP_PKEY *ssl_get_sign_pkey(SSL *s, const SSL_CIPHER *cipher, 2389280304Sjkim const EVP_MD **pmd) 2390280304Sjkim{ 2391280304Sjkim unsigned long alg_a; 2392280304Sjkim CERT *c; 2393280304Sjkim int idx = -1; 239455714Skris 2395280304Sjkim alg_a = cipher->algorithm_auth; 2396280304Sjkim c = s->cert; 239755714Skris 2398280304Sjkim if ((alg_a & SSL_aDSS) && 2399280304Sjkim (c->pkeys[SSL_PKEY_DSA_SIGN].privatekey != NULL)) 2400280304Sjkim idx = SSL_PKEY_DSA_SIGN; 2401280304Sjkim else if (alg_a & SSL_aRSA) { 2402280304Sjkim if (c->pkeys[SSL_PKEY_RSA_SIGN].privatekey != NULL) 2403280304Sjkim idx = SSL_PKEY_RSA_SIGN; 2404280304Sjkim else if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey != NULL) 2405280304Sjkim idx = SSL_PKEY_RSA_ENC; 2406280304Sjkim } else if ((alg_a & SSL_aECDSA) && 2407280304Sjkim (c->pkeys[SSL_PKEY_ECC].privatekey != NULL)) 2408280304Sjkim idx = SSL_PKEY_ECC; 2409280304Sjkim if (idx == -1) { 2410280304Sjkim SSLerr(SSL_F_SSL_GET_SIGN_PKEY, ERR_R_INTERNAL_ERROR); 2411280304Sjkim return (NULL); 2412280304Sjkim } 2413280304Sjkim if (pmd) 2414280304Sjkim *pmd = c->pkeys[idx].digest; 2415280304Sjkim return c->pkeys[idx].privatekey; 2416280304Sjkim} 241755714Skris 2418280304Sjkimvoid ssl_update_cache(SSL *s, int mode) 2419280304Sjkim{ 2420280304Sjkim int i; 242155714Skris 2422280304Sjkim /* 2423280304Sjkim * If the session_id_length is 0, we are not supposed to cache it, and it 2424280304Sjkim * would be rather hard to do anyway :-) 2425280304Sjkim */ 2426280304Sjkim if (s->session->session_id_length == 0) 2427280304Sjkim return; 242855714Skris 2429280304Sjkim i = s->session_ctx->session_cache_mode; 2430280304Sjkim if ((i & mode) && (!s->hit) 2431280304Sjkim && ((i & SSL_SESS_CACHE_NO_INTERNAL_STORE) 2432280304Sjkim || SSL_CTX_add_session(s->session_ctx, s->session)) 2433280304Sjkim && (s->session_ctx->new_session_cb != NULL)) { 2434280304Sjkim CRYPTO_add(&s->session->references, 1, CRYPTO_LOCK_SSL_SESSION); 2435280304Sjkim if (!s->session_ctx->new_session_cb(s, s->session)) 2436280304Sjkim SSL_SESSION_free(s->session); 2437280304Sjkim } 243855714Skris 2439280304Sjkim /* auto flush every 255 connections */ 2440280304Sjkim if ((!(i & SSL_SESS_CACHE_NO_AUTO_CLEAR)) && ((i & mode) == mode)) { 2441280304Sjkim if ((((mode & SSL_SESS_CACHE_CLIENT) 2442280304Sjkim ? s->session_ctx->stats.sess_connect_good 2443280304Sjkim : s->session_ctx->stats.sess_accept_good) & 0xff) == 0xff) { 2444280304Sjkim SSL_CTX_flush_sessions(s->session_ctx, (unsigned long)time(NULL)); 2445280304Sjkim } 2446280304Sjkim } 2447280304Sjkim} 244855714Skris 2449238405Sjkimconst SSL_METHOD *SSL_get_ssl_method(SSL *s) 2450280304Sjkim{ 2451280304Sjkim return (s->method); 2452280304Sjkim} 245355714Skris 2454238405Sjkimint SSL_set_ssl_method(SSL *s, const SSL_METHOD *meth) 2455280304Sjkim{ 2456280304Sjkim int conn = -1; 2457280304Sjkim int ret = 1; 245855714Skris 2459280304Sjkim if (s->method != meth) { 2460280304Sjkim if (s->handshake_func != NULL) 2461280304Sjkim conn = (s->handshake_func == s->method->ssl_connect); 246255714Skris 2463280304Sjkim if (s->method->version == meth->version) 2464280304Sjkim s->method = meth; 2465280304Sjkim else { 2466280304Sjkim s->method->ssl_free(s); 2467280304Sjkim s->method = meth; 2468280304Sjkim ret = s->method->ssl_new(s); 2469280304Sjkim } 247055714Skris 2471280304Sjkim if (conn == 1) 2472280304Sjkim s->handshake_func = meth->ssl_connect; 2473280304Sjkim else if (conn == 0) 2474280304Sjkim s->handshake_func = meth->ssl_accept; 2475280304Sjkim } 2476280304Sjkim return (ret); 2477280304Sjkim} 247855714Skris 2479280304Sjkimint SSL_get_error(const SSL *s, int i) 2480280304Sjkim{ 2481280304Sjkim int reason; 2482280304Sjkim unsigned long l; 2483280304Sjkim BIO *bio; 248455714Skris 2485280304Sjkim if (i > 0) 2486280304Sjkim return (SSL_ERROR_NONE); 248755714Skris 2488280304Sjkim /* 2489280304Sjkim * Make things return SSL_ERROR_SYSCALL when doing SSL_do_handshake etc, 2490280304Sjkim * where we do encode the error 2491280304Sjkim */ 2492280304Sjkim if ((l = ERR_peek_error()) != 0) { 2493280304Sjkim if (ERR_GET_LIB(l) == ERR_LIB_SYS) 2494280304Sjkim return (SSL_ERROR_SYSCALL); 2495280304Sjkim else 2496280304Sjkim return (SSL_ERROR_SSL); 2497280304Sjkim } 249855714Skris 2499280304Sjkim if ((i < 0) && SSL_want_read(s)) { 2500280304Sjkim bio = SSL_get_rbio(s); 2501280304Sjkim if (BIO_should_read(bio)) 2502280304Sjkim return (SSL_ERROR_WANT_READ); 2503280304Sjkim else if (BIO_should_write(bio)) 2504280304Sjkim /* 2505280304Sjkim * This one doesn't make too much sense ... We never try to write 2506280304Sjkim * to the rbio, and an application program where rbio and wbio 2507280304Sjkim * are separate couldn't even know what it should wait for. 2508280304Sjkim * However if we ever set s->rwstate incorrectly (so that we have 2509280304Sjkim * SSL_want_read(s) instead of SSL_want_write(s)) and rbio and 2510280304Sjkim * wbio *are* the same, this test works around that bug; so it 2511280304Sjkim * might be safer to keep it. 2512280304Sjkim */ 2513280304Sjkim return (SSL_ERROR_WANT_WRITE); 2514280304Sjkim else if (BIO_should_io_special(bio)) { 2515280304Sjkim reason = BIO_get_retry_reason(bio); 2516280304Sjkim if (reason == BIO_RR_CONNECT) 2517280304Sjkim return (SSL_ERROR_WANT_CONNECT); 2518280304Sjkim else if (reason == BIO_RR_ACCEPT) 2519280304Sjkim return (SSL_ERROR_WANT_ACCEPT); 2520280304Sjkim else 2521280304Sjkim return (SSL_ERROR_SYSCALL); /* unknown */ 2522280304Sjkim } 2523280304Sjkim } 252455714Skris 2525280304Sjkim if ((i < 0) && SSL_want_write(s)) { 2526280304Sjkim bio = SSL_get_wbio(s); 2527280304Sjkim if (BIO_should_write(bio)) 2528280304Sjkim return (SSL_ERROR_WANT_WRITE); 2529280304Sjkim else if (BIO_should_read(bio)) 2530280304Sjkim /* 2531280304Sjkim * See above (SSL_want_read(s) with BIO_should_write(bio)) 2532280304Sjkim */ 2533280304Sjkim return (SSL_ERROR_WANT_READ); 2534280304Sjkim else if (BIO_should_io_special(bio)) { 2535280304Sjkim reason = BIO_get_retry_reason(bio); 2536280304Sjkim if (reason == BIO_RR_CONNECT) 2537280304Sjkim return (SSL_ERROR_WANT_CONNECT); 2538280304Sjkim else if (reason == BIO_RR_ACCEPT) 2539280304Sjkim return (SSL_ERROR_WANT_ACCEPT); 2540280304Sjkim else 2541280304Sjkim return (SSL_ERROR_SYSCALL); 2542280304Sjkim } 2543280304Sjkim } 2544280304Sjkim if ((i < 0) && SSL_want_x509_lookup(s)) { 2545280304Sjkim return (SSL_ERROR_WANT_X509_LOOKUP); 2546280304Sjkim } 254755714Skris 2548280304Sjkim if (i == 0) { 2549280304Sjkim if (s->version == SSL2_VERSION) { 2550280304Sjkim /* assume it is the socket being closed */ 2551280304Sjkim return (SSL_ERROR_ZERO_RETURN); 2552280304Sjkim } else { 2553280304Sjkim if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) && 2554280304Sjkim (s->s3->warn_alert == SSL_AD_CLOSE_NOTIFY)) 2555280304Sjkim return (SSL_ERROR_ZERO_RETURN); 2556280304Sjkim } 2557280304Sjkim } 2558280304Sjkim return (SSL_ERROR_SYSCALL); 2559280304Sjkim} 256055714Skris 256155714Skrisint SSL_do_handshake(SSL *s) 2562280304Sjkim{ 2563280304Sjkim int ret = 1; 256455714Skris 2565280304Sjkim if (s->handshake_func == NULL) { 2566280304Sjkim SSLerr(SSL_F_SSL_DO_HANDSHAKE, SSL_R_CONNECTION_TYPE_NOT_SET); 2567280304Sjkim return (-1); 2568280304Sjkim } 256955714Skris 2570280304Sjkim s->method->ssl_renegotiate_check(s); 257155714Skris 2572280304Sjkim if (SSL_in_init(s) || SSL_in_before(s)) { 2573280304Sjkim ret = s->handshake_func(s); 2574280304Sjkim } 2575280304Sjkim return (ret); 2576280304Sjkim} 257755714Skris 2578280304Sjkim/* 2579280304Sjkim * For the next 2 functions, SSL_clear() sets shutdown and so one of these 2580280304Sjkim * calls will reset it 2581280304Sjkim */ 258255714Skrisvoid SSL_set_accept_state(SSL *s) 2583280304Sjkim{ 2584280304Sjkim s->server = 1; 2585280304Sjkim s->shutdown = 0; 2586280304Sjkim s->state = SSL_ST_ACCEPT | SSL_ST_BEFORE; 2587280304Sjkim s->handshake_func = s->method->ssl_accept; 2588280304Sjkim /* clear the current cipher */ 2589280304Sjkim ssl_clear_cipher_ctx(s); 2590280304Sjkim ssl_clear_hash_ctx(&s->read_hash); 2591280304Sjkim ssl_clear_hash_ctx(&s->write_hash); 2592280304Sjkim} 259355714Skris 259455714Skrisvoid SSL_set_connect_state(SSL *s) 2595280304Sjkim{ 2596280304Sjkim s->server = 0; 2597280304Sjkim s->shutdown = 0; 2598280304Sjkim s->state = SSL_ST_CONNECT | SSL_ST_BEFORE; 2599280304Sjkim s->handshake_func = s->method->ssl_connect; 2600280304Sjkim /* clear the current cipher */ 2601280304Sjkim ssl_clear_cipher_ctx(s); 2602280304Sjkim ssl_clear_hash_ctx(&s->read_hash); 2603280304Sjkim ssl_clear_hash_ctx(&s->write_hash); 2604280304Sjkim} 260555714Skris 260655714Skrisint ssl_undefined_function(SSL *s) 2607280304Sjkim{ 2608280304Sjkim SSLerr(SSL_F_SSL_UNDEFINED_FUNCTION, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 2609280304Sjkim return (0); 2610280304Sjkim} 261155714Skris 2612160814Ssimonint ssl_undefined_void_function(void) 2613280304Sjkim{ 2614280304Sjkim SSLerr(SSL_F_SSL_UNDEFINED_VOID_FUNCTION, 2615280304Sjkim ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 2616280304Sjkim return (0); 2617280304Sjkim} 2618160814Ssimon 2619160814Ssimonint ssl_undefined_const_function(const SSL *s) 2620280304Sjkim{ 2621280304Sjkim SSLerr(SSL_F_SSL_UNDEFINED_CONST_FUNCTION, 2622280304Sjkim ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 2623280304Sjkim return (0); 2624280304Sjkim} 2625160814Ssimon 262655714SkrisSSL_METHOD *ssl_bad_method(int ver) 2627280304Sjkim{ 2628280304Sjkim SSLerr(SSL_F_SSL_BAD_METHOD, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 2629280304Sjkim return (NULL); 2630280304Sjkim} 263155714Skris 2632160814Ssimonconst char *SSL_get_version(const SSL *s) 2633280304Sjkim{ 2634280304Sjkim if (s->version == TLS1_2_VERSION) 2635280304Sjkim return ("TLSv1.2"); 2636280304Sjkim else if (s->version == TLS1_1_VERSION) 2637280304Sjkim return ("TLSv1.1"); 2638280304Sjkim else if (s->version == TLS1_VERSION) 2639280304Sjkim return ("TLSv1"); 2640280304Sjkim else if (s->version == SSL3_VERSION) 2641280304Sjkim return ("SSLv3"); 2642280304Sjkim else if (s->version == SSL2_VERSION) 2643280304Sjkim return ("SSLv2"); 2644280304Sjkim else 2645280304Sjkim return ("unknown"); 2646280304Sjkim} 264755714Skris 264855714SkrisSSL *SSL_dup(SSL *s) 2649280304Sjkim{ 2650280304Sjkim STACK_OF(X509_NAME) *sk; 2651280304Sjkim X509_NAME *xn; 2652280304Sjkim SSL *ret; 2653280304Sjkim int i; 2654109998Smarkm 2655280304Sjkim if ((ret = SSL_new(SSL_get_SSL_CTX(s))) == NULL) 2656280304Sjkim return (NULL); 2657109998Smarkm 2658280304Sjkim ret->version = s->version; 2659280304Sjkim ret->type = s->type; 2660280304Sjkim ret->method = s->method; 266155714Skris 2662280304Sjkim if (s->session != NULL) { 2663280304Sjkim /* This copies session-id, SSL_METHOD, sid_ctx, and 'cert' */ 2664280304Sjkim SSL_copy_session_id(ret, s); 2665280304Sjkim } else { 2666280304Sjkim /* 2667280304Sjkim * No session has been established yet, so we have to expect that 2668280304Sjkim * s->cert or ret->cert will be changed later -- they should not both 2669280304Sjkim * point to the same object, and thus we can't use 2670280304Sjkim * SSL_copy_session_id. 2671280304Sjkim */ 267255714Skris 2673280304Sjkim ret->method->ssl_free(ret); 2674280304Sjkim ret->method = s->method; 2675280304Sjkim ret->method->ssl_new(ret); 267655714Skris 2677280304Sjkim if (s->cert != NULL) { 2678280304Sjkim if (ret->cert != NULL) { 2679280304Sjkim ssl_cert_free(ret->cert); 2680280304Sjkim } 2681280304Sjkim ret->cert = ssl_cert_dup(s->cert); 2682280304Sjkim if (ret->cert == NULL) 2683280304Sjkim goto err; 2684280304Sjkim } 268555714Skris 2686280304Sjkim SSL_set_session_id_context(ret, s->sid_ctx, s->sid_ctx_length); 2687280304Sjkim } 268855714Skris 2689280304Sjkim ret->options = s->options; 2690280304Sjkim ret->mode = s->mode; 2691280304Sjkim SSL_set_max_cert_list(ret, SSL_get_max_cert_list(s)); 2692280304Sjkim SSL_set_read_ahead(ret, SSL_get_read_ahead(s)); 2693280304Sjkim ret->msg_callback = s->msg_callback; 2694280304Sjkim ret->msg_callback_arg = s->msg_callback_arg; 2695280304Sjkim SSL_set_verify(ret, SSL_get_verify_mode(s), SSL_get_verify_callback(s)); 2696280304Sjkim SSL_set_verify_depth(ret, SSL_get_verify_depth(s)); 2697280304Sjkim ret->generate_session_id = s->generate_session_id; 269855714Skris 2699280304Sjkim SSL_set_info_callback(ret, SSL_get_info_callback(s)); 270055714Skris 2701280304Sjkim ret->debug = s->debug; 2702160814Ssimon 2703280304Sjkim /* copy app data, a little dangerous perhaps */ 2704280304Sjkim if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL, &ret->ex_data, &s->ex_data)) 2705280304Sjkim goto err; 270655714Skris 2707280304Sjkim /* setup rbio, and wbio */ 2708280304Sjkim if (s->rbio != NULL) { 2709280304Sjkim if (!BIO_dup_state(s->rbio, (char *)&ret->rbio)) 2710280304Sjkim goto err; 2711280304Sjkim } 2712280304Sjkim if (s->wbio != NULL) { 2713280304Sjkim if (s->wbio != s->rbio) { 2714280304Sjkim if (!BIO_dup_state(s->wbio, (char *)&ret->wbio)) 2715280304Sjkim goto err; 2716280304Sjkim } else 2717280304Sjkim ret->wbio = ret->rbio; 2718280304Sjkim } 2719280304Sjkim ret->rwstate = s->rwstate; 2720280304Sjkim ret->in_handshake = s->in_handshake; 2721280304Sjkim ret->handshake_func = s->handshake_func; 2722280304Sjkim ret->server = s->server; 2723280304Sjkim ret->renegotiate = s->renegotiate; 2724280304Sjkim ret->new_session = s->new_session; 2725280304Sjkim ret->quiet_shutdown = s->quiet_shutdown; 2726280304Sjkim ret->shutdown = s->shutdown; 2727280304Sjkim ret->state = s->state; /* SSL_dup does not really work at any state, 2728280304Sjkim * though */ 2729280304Sjkim ret->rstate = s->rstate; 2730280304Sjkim ret->init_num = 0; /* would have to copy ret->init_buf, 2731280304Sjkim * ret->init_msg, ret->init_num, 2732280304Sjkim * ret->init_off */ 2733280304Sjkim ret->hit = s->hit; 273455714Skris 2735280304Sjkim X509_VERIFY_PARAM_inherit(ret->param, s->param); 273655714Skris 2737280304Sjkim /* dup the cipher_list and cipher_list_by_id stacks */ 2738280304Sjkim if (s->cipher_list != NULL) { 2739280304Sjkim if ((ret->cipher_list = sk_SSL_CIPHER_dup(s->cipher_list)) == NULL) 2740280304Sjkim goto err; 2741280304Sjkim } 2742280304Sjkim if (s->cipher_list_by_id != NULL) 2743280304Sjkim if ((ret->cipher_list_by_id = sk_SSL_CIPHER_dup(s->cipher_list_by_id)) 2744280304Sjkim == NULL) 2745280304Sjkim goto err; 2746280304Sjkim 2747280304Sjkim /* Dup the client_CA list */ 2748280304Sjkim if (s->client_CA != NULL) { 2749280304Sjkim if ((sk = sk_X509_NAME_dup(s->client_CA)) == NULL) 2750280304Sjkim goto err; 2751280304Sjkim ret->client_CA = sk; 2752280304Sjkim for (i = 0; i < sk_X509_NAME_num(sk); i++) { 2753280304Sjkim xn = sk_X509_NAME_value(sk, i); 2754280304Sjkim if (sk_X509_NAME_set(sk, i, X509_NAME_dup(xn)) == NULL) { 2755280304Sjkim X509_NAME_free(xn); 2756280304Sjkim goto err; 2757280304Sjkim } 2758280304Sjkim } 2759280304Sjkim } 2760280304Sjkim 2761280304Sjkim if (0) { 2762280304Sjkim err: 2763280304Sjkim if (ret != NULL) 2764280304Sjkim SSL_free(ret); 2765280304Sjkim ret = NULL; 2766280304Sjkim } 2767280304Sjkim return (ret); 2768280304Sjkim} 2769280304Sjkim 277055714Skrisvoid ssl_clear_cipher_ctx(SSL *s) 2771280304Sjkim{ 2772280304Sjkim if (s->enc_read_ctx != NULL) { 2773280304Sjkim EVP_CIPHER_CTX_cleanup(s->enc_read_ctx); 2774280304Sjkim OPENSSL_free(s->enc_read_ctx); 2775280304Sjkim s->enc_read_ctx = NULL; 2776280304Sjkim } 2777280304Sjkim if (s->enc_write_ctx != NULL) { 2778280304Sjkim EVP_CIPHER_CTX_cleanup(s->enc_write_ctx); 2779280304Sjkim OPENSSL_free(s->enc_write_ctx); 2780280304Sjkim s->enc_write_ctx = NULL; 2781280304Sjkim } 2782160814Ssimon#ifndef OPENSSL_NO_COMP 2783280304Sjkim if (s->expand != NULL) { 2784280304Sjkim COMP_CTX_free(s->expand); 2785280304Sjkim s->expand = NULL; 2786280304Sjkim } 2787280304Sjkim if (s->compress != NULL) { 2788280304Sjkim COMP_CTX_free(s->compress); 2789280304Sjkim s->compress = NULL; 2790280304Sjkim } 2791160814Ssimon#endif 2792280304Sjkim} 279355714Skris 279455714Skris/* Fix this function so that it takes an optional type parameter */ 2795160814SsimonX509 *SSL_get_certificate(const SSL *s) 2796280304Sjkim{ 2797280304Sjkim if (s->cert != NULL) 2798280304Sjkim return (s->cert->key->x509); 2799280304Sjkim else 2800280304Sjkim return (NULL); 2801280304Sjkim} 280255714Skris 280355714Skris/* Fix this function so that it takes an optional type parameter */ 280455714SkrisEVP_PKEY *SSL_get_privatekey(SSL *s) 2805280304Sjkim{ 2806280304Sjkim if (s->cert != NULL) 2807280304Sjkim return (s->cert->key->privatekey); 2808280304Sjkim else 2809280304Sjkim return (NULL); 2810280304Sjkim} 281155714Skris 2812238405Sjkimconst SSL_CIPHER *SSL_get_current_cipher(const SSL *s) 2813280304Sjkim{ 2814280304Sjkim if ((s->session != NULL) && (s->session->cipher != NULL)) 2815280304Sjkim return (s->session->cipher); 2816280304Sjkim return (NULL); 2817280304Sjkim} 2818280304Sjkim 2819160814Ssimon#ifdef OPENSSL_NO_COMP 2820160814Ssimonconst void *SSL_get_current_compression(SSL *s) 2821280304Sjkim{ 2822280304Sjkim return NULL; 2823280304Sjkim} 2824280304Sjkim 2825160814Ssimonconst void *SSL_get_current_expansion(SSL *s) 2826280304Sjkim{ 2827280304Sjkim return NULL; 2828280304Sjkim} 2829160814Ssimon#else 283055714Skris 2831160814Ssimonconst COMP_METHOD *SSL_get_current_compression(SSL *s) 2832280304Sjkim{ 2833280304Sjkim if (s->compress != NULL) 2834280304Sjkim return (s->compress->meth); 2835280304Sjkim return (NULL); 2836280304Sjkim} 2837160814Ssimon 2838160814Ssimonconst COMP_METHOD *SSL_get_current_expansion(SSL *s) 2839280304Sjkim{ 2840280304Sjkim if (s->expand != NULL) 2841280304Sjkim return (s->expand->meth); 2842280304Sjkim return (NULL); 2843280304Sjkim} 2844160814Ssimon#endif 2845160814Ssimon 2846280304Sjkimint ssl_init_wbio_buffer(SSL *s, int push) 2847280304Sjkim{ 2848280304Sjkim BIO *bbio; 284955714Skris 2850280304Sjkim if (s->bbio == NULL) { 2851280304Sjkim bbio = BIO_new(BIO_f_buffer()); 2852280304Sjkim if (bbio == NULL) 2853280304Sjkim return (0); 2854280304Sjkim s->bbio = bbio; 2855280304Sjkim } else { 2856280304Sjkim bbio = s->bbio; 2857280304Sjkim if (s->bbio == s->wbio) 2858280304Sjkim s->wbio = BIO_pop(s->wbio); 2859280304Sjkim } 2860280304Sjkim (void)BIO_reset(bbio); 2861280304Sjkim/* if (!BIO_set_write_buffer_size(bbio,16*1024)) */ 2862280304Sjkim if (!BIO_set_read_buffer_size(bbio, 1)) { 2863280304Sjkim SSLerr(SSL_F_SSL_INIT_WBIO_BUFFER, ERR_R_BUF_LIB); 2864280304Sjkim return (0); 2865280304Sjkim } 2866280304Sjkim if (push) { 2867280304Sjkim if (s->wbio != bbio) 2868280304Sjkim s->wbio = BIO_push(bbio, s->wbio); 2869280304Sjkim } else { 2870280304Sjkim if (s->wbio == bbio) 2871280304Sjkim s->wbio = BIO_pop(bbio); 2872280304Sjkim } 2873280304Sjkim return (1); 2874280304Sjkim} 287555714Skris 287655714Skrisvoid ssl_free_wbio_buffer(SSL *s) 2877280304Sjkim{ 2878280304Sjkim if (s->bbio == NULL) 2879280304Sjkim return; 288055714Skris 2881280304Sjkim if (s->bbio == s->wbio) { 2882280304Sjkim /* remove buffering */ 2883280304Sjkim s->wbio = BIO_pop(s->wbio); 2884280304Sjkim#ifdef REF_CHECK /* not the usual REF_CHECK, but this avoids 2885280304Sjkim * adding one more preprocessor symbol */ 2886280304Sjkim assert(s->wbio != NULL); 2887238405Sjkim#endif 2888280304Sjkim } 2889280304Sjkim BIO_free(s->bbio); 2890280304Sjkim s->bbio = NULL; 2891280304Sjkim} 289255714Skris 2893280304Sjkimvoid SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode) 2894280304Sjkim{ 2895280304Sjkim ctx->quiet_shutdown = mode; 2896280304Sjkim} 2897280304Sjkim 2898160814Ssimonint SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx) 2899280304Sjkim{ 2900280304Sjkim return (ctx->quiet_shutdown); 2901280304Sjkim} 290255714Skris 2903280304Sjkimvoid SSL_set_quiet_shutdown(SSL *s, int mode) 2904280304Sjkim{ 2905280304Sjkim s->quiet_shutdown = mode; 2906280304Sjkim} 290755714Skris 2908160814Ssimonint SSL_get_quiet_shutdown(const SSL *s) 2909280304Sjkim{ 2910280304Sjkim return (s->quiet_shutdown); 2911280304Sjkim} 291255714Skris 2913280304Sjkimvoid SSL_set_shutdown(SSL *s, int mode) 2914280304Sjkim{ 2915280304Sjkim s->shutdown = mode; 2916280304Sjkim} 291755714Skris 2918160814Ssimonint SSL_get_shutdown(const SSL *s) 2919280304Sjkim{ 2920280304Sjkim return (s->shutdown); 2921280304Sjkim} 292255714Skris 2923160814Ssimonint SSL_version(const SSL *s) 2924280304Sjkim{ 2925280304Sjkim return (s->version); 2926280304Sjkim} 292755714Skris 2928160814SsimonSSL_CTX *SSL_get_SSL_CTX(const SSL *ssl) 2929280304Sjkim{ 2930280304Sjkim return (ssl->ctx); 2931280304Sjkim} 293255714Skris 2933280304SjkimSSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX *ctx) 2934280304Sjkim{ 2935280304Sjkim CERT *ocert = ssl->cert; 2936280304Sjkim if (ssl->ctx == ctx) 2937280304Sjkim return ssl->ctx; 2938194206Ssimon#ifndef OPENSSL_NO_TLSEXT 2939280304Sjkim if (ctx == NULL) 2940280304Sjkim ctx = ssl->initial_ctx; 2941194206Ssimon#endif 2942280304Sjkim ssl->cert = ssl_cert_dup(ctx->cert); 2943280304Sjkim if (ocert != NULL) { 2944280304Sjkim int i; 2945280304Sjkim /* Copy negotiated digests from original */ 2946280304Sjkim for (i = 0; i < SSL_PKEY_NUM; i++) { 2947280304Sjkim CERT_PKEY *cpk = ocert->pkeys + i; 2948280304Sjkim CERT_PKEY *rpk = ssl->cert->pkeys + i; 2949280304Sjkim rpk->digest = cpk->digest; 2950280304Sjkim } 2951280304Sjkim ssl_cert_free(ocert); 2952280304Sjkim } 2953276864Sjkim 2954280304Sjkim /* 2955280304Sjkim * Program invariant: |sid_ctx| has fixed size (SSL_MAX_SID_CTX_LENGTH), 2956280304Sjkim * so setter APIs must prevent invalid lengths from entering the system. 2957280304Sjkim */ 2958280304Sjkim OPENSSL_assert(ssl->sid_ctx_length <= sizeof(ssl->sid_ctx)); 2959276864Sjkim 2960280304Sjkim /* 2961280304Sjkim * If the session ID context matches that of the parent SSL_CTX, 2962280304Sjkim * inherit it from the new SSL_CTX as well. If however the context does 2963280304Sjkim * not match (i.e., it was set per-ssl with SSL_set_session_id_context), 2964280304Sjkim * leave it unchanged. 2965280304Sjkim */ 2966280304Sjkim if ((ssl->ctx != NULL) && 2967280304Sjkim (ssl->sid_ctx_length == ssl->ctx->sid_ctx_length) && 2968280304Sjkim (memcmp(ssl->sid_ctx, ssl->ctx->sid_ctx, ssl->sid_ctx_length) == 0)) { 2969280304Sjkim ssl->sid_ctx_length = ctx->sid_ctx_length; 2970280304Sjkim memcpy(&ssl->sid_ctx, &ctx->sid_ctx, sizeof(ssl->sid_ctx)); 2971280304Sjkim } 2972276864Sjkim 2973280304Sjkim CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX); 2974280304Sjkim if (ssl->ctx != NULL) 2975280304Sjkim SSL_CTX_free(ssl->ctx); /* decrement reference count */ 2976280304Sjkim ssl->ctx = ctx; 2977276864Sjkim 2978280304Sjkim return (ssl->ctx); 2979280304Sjkim} 2980194206Ssimon 2981109998Smarkm#ifndef OPENSSL_NO_STDIO 298255714Skrisint SSL_CTX_set_default_verify_paths(SSL_CTX *ctx) 2983280304Sjkim{ 2984280304Sjkim return (X509_STORE_set_default_paths(ctx->cert_store)); 2985280304Sjkim} 298655714Skris 298755714Skrisint SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile, 2988280304Sjkim const char *CApath) 2989280304Sjkim{ 2990280304Sjkim return (X509_STORE_load_locations(ctx->cert_store, CAfile, CApath)); 2991280304Sjkim} 299255714Skris#endif 299355714Skris 2994109998Smarkmvoid SSL_set_info_callback(SSL *ssl, 2995280304Sjkim void (*cb) (const SSL *ssl, int type, int val)) 2996280304Sjkim{ 2997280304Sjkim ssl->info_callback = cb; 2998280304Sjkim} 299955714Skris 3000280304Sjkim/* 3001280304Sjkim * One compiler (Diab DCC) doesn't like argument names in returned function 3002280304Sjkim * pointer. 3003280304Sjkim */ 3004280304Sjkimvoid (*SSL_get_info_callback(const SSL *ssl)) (const SSL * /* ssl */ , 3005280304Sjkim int /* type */ , 3006280304Sjkim int /* val */ ) { 3007280304Sjkim return ssl->info_callback; 3008280304Sjkim} 300955714Skris 3010160814Ssimonint SSL_state(const SSL *ssl) 3011280304Sjkim{ 3012280304Sjkim return (ssl->state); 3013280304Sjkim} 301455714Skris 3015238405Sjkimvoid SSL_set_state(SSL *ssl, int state) 3016280304Sjkim{ 3017280304Sjkim ssl->state = state; 3018280304Sjkim} 3019238405Sjkim 3020280304Sjkimvoid SSL_set_verify_result(SSL *ssl, long arg) 3021280304Sjkim{ 3022280304Sjkim ssl->verify_result = arg; 3023280304Sjkim} 302455714Skris 3025160814Ssimonlong SSL_get_verify_result(const SSL *ssl) 3026280304Sjkim{ 3027280304Sjkim return (ssl->verify_result); 3028280304Sjkim} 302955714Skris 3030280304Sjkimint SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, 3031280304Sjkim CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) 3032280304Sjkim{ 3033280304Sjkim return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL, argl, argp, 3034280304Sjkim new_func, dup_func, free_func); 3035280304Sjkim} 303655714Skris 3037280304Sjkimint SSL_set_ex_data(SSL *s, int idx, void *arg) 3038280304Sjkim{ 3039280304Sjkim return (CRYPTO_set_ex_data(&s->ex_data, idx, arg)); 3040280304Sjkim} 304155714Skris 3042280304Sjkimvoid *SSL_get_ex_data(const SSL *s, int idx) 3043280304Sjkim{ 3044280304Sjkim return (CRYPTO_get_ex_data(&s->ex_data, idx)); 3045280304Sjkim} 304655714Skris 3047280304Sjkimint SSL_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, 3048280304Sjkim CRYPTO_EX_dup *dup_func, 3049280304Sjkim CRYPTO_EX_free *free_func) 3050280304Sjkim{ 3051280304Sjkim return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX, argl, argp, 3052280304Sjkim new_func, dup_func, free_func); 3053280304Sjkim} 305455714Skris 3055280304Sjkimint SSL_CTX_set_ex_data(SSL_CTX *s, int idx, void *arg) 3056280304Sjkim{ 3057280304Sjkim return (CRYPTO_set_ex_data(&s->ex_data, idx, arg)); 3058280304Sjkim} 305955714Skris 3060280304Sjkimvoid *SSL_CTX_get_ex_data(const SSL_CTX *s, int idx) 3061280304Sjkim{ 3062280304Sjkim return (CRYPTO_get_ex_data(&s->ex_data, idx)); 3063280304Sjkim} 306455714Skris 306555714Skrisint ssl_ok(SSL *s) 3066280304Sjkim{ 3067280304Sjkim return (1); 3068280304Sjkim} 306955714Skris 3070160814SsimonX509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *ctx) 3071280304Sjkim{ 3072280304Sjkim return (ctx->cert_store); 3073280304Sjkim} 307455714Skris 3075280304Sjkimvoid SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *store) 3076280304Sjkim{ 3077280304Sjkim if (ctx->cert_store != NULL) 3078280304Sjkim X509_STORE_free(ctx->cert_store); 3079280304Sjkim ctx->cert_store = store; 3080280304Sjkim} 308155714Skris 3082160814Ssimonint SSL_want(const SSL *s) 3083280304Sjkim{ 3084280304Sjkim return (s->rwstate); 3085280304Sjkim} 308655714Skris 3087280304Sjkim/** 308855714Skris * \brief Set the callback for generating temporary RSA keys. 308955714Skris * \param ctx the SSL context. 309055714Skris * \param cb the callback 309155714Skris */ 309255714Skris 3093109998Smarkm#ifndef OPENSSL_NO_RSA 3094280304Sjkimvoid SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx, RSA *(*cb) (SSL *ssl, 3095280304Sjkim int is_export, 3096280304Sjkim int keylength)) 3097280304Sjkim{ 3098280304Sjkim SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_RSA_CB, (void (*)(void))cb); 3099280304Sjkim} 310055714Skris 3101280304Sjkimvoid SSL_set_tmp_rsa_callback(SSL *ssl, RSA *(*cb) (SSL *ssl, 3102280304Sjkim int is_export, 3103280304Sjkim int keylength)) 3104280304Sjkim{ 3105280304Sjkim SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_RSA_CB, (void (*)(void))cb); 3106280304Sjkim} 310755714Skris#endif 310855714Skris 310955714Skris#ifdef DOXYGEN 3110280304Sjkim/** 311155714Skris * \brief The RSA temporary key callback function. 311255714Skris * \param ssl the SSL session. 311355714Skris * \param is_export \c TRUE if the temp RSA key is for an export ciphersuite. 311455714Skris * \param keylength if \c is_export is \c TRUE, then \c keylength is the size 311555714Skris * of the required key in bits. 311655714Skris * \return the temporary RSA key. 311755714Skris * \sa SSL_CTX_set_tmp_rsa_callback, SSL_set_tmp_rsa_callback 311855714Skris */ 311955714Skris 3120280304SjkimRSA *cb(SSL *ssl, int is_export, int keylength) 3121280304Sjkim{ 3122280304Sjkim} 312355714Skris#endif 312455714Skris 3125280304Sjkim/** 312655714Skris * \brief Set the callback for generating temporary DH keys. 312755714Skris * \param ctx the SSL context. 312855714Skris * \param dh the callback 312955714Skris */ 313055714Skris 3131109998Smarkm#ifndef OPENSSL_NO_DH 3132280304Sjkimvoid SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx, 3133280304Sjkim DH *(*dh) (SSL *ssl, int is_export, 3134280304Sjkim int keylength)) 3135280304Sjkim{ 3136280304Sjkim SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_DH_CB, (void (*)(void))dh); 3137280304Sjkim} 313855714Skris 3139280304Sjkimvoid SSL_set_tmp_dh_callback(SSL *ssl, DH *(*dh) (SSL *ssl, int is_export, 3140280304Sjkim int keylength)) 3141280304Sjkim{ 3142280304Sjkim SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_DH_CB, (void (*)(void))dh); 3143280304Sjkim} 314455714Skris#endif 314555714Skris 3146160814Ssimon#ifndef OPENSSL_NO_ECDH 3147280304Sjkimvoid SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx, 3148280304Sjkim EC_KEY *(*ecdh) (SSL *ssl, int is_export, 3149280304Sjkim int keylength)) 3150280304Sjkim{ 3151280304Sjkim SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_ECDH_CB, 3152280304Sjkim (void (*)(void))ecdh); 3153280304Sjkim} 3154109998Smarkm 3155280304Sjkimvoid SSL_set_tmp_ecdh_callback(SSL *ssl, 3156280304Sjkim EC_KEY *(*ecdh) (SSL *ssl, int is_export, 3157280304Sjkim int keylength)) 3158280304Sjkim{ 3159280304Sjkim SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_ECDH_CB, (void (*)(void))ecdh); 3160280304Sjkim} 3161160814Ssimon#endif 3162160814Ssimon 3163238405Sjkim#ifndef OPENSSL_NO_PSK 3164238405Sjkimint SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *identity_hint) 3165280304Sjkim{ 3166280304Sjkim if (identity_hint != NULL && strlen(identity_hint) > PSK_MAX_IDENTITY_LEN) { 3167280304Sjkim SSLerr(SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT, 3168280304Sjkim SSL_R_DATA_LENGTH_TOO_LONG); 3169280304Sjkim return 0; 3170280304Sjkim } 3171280304Sjkim if (ctx->psk_identity_hint != NULL) 3172280304Sjkim OPENSSL_free(ctx->psk_identity_hint); 3173280304Sjkim if (identity_hint != NULL) { 3174280304Sjkim ctx->psk_identity_hint = BUF_strdup(identity_hint); 3175280304Sjkim if (ctx->psk_identity_hint == NULL) 3176280304Sjkim return 0; 3177280304Sjkim } else 3178280304Sjkim ctx->psk_identity_hint = NULL; 3179280304Sjkim return 1; 3180280304Sjkim} 3181160814Ssimon 3182238405Sjkimint SSL_use_psk_identity_hint(SSL *s, const char *identity_hint) 3183280304Sjkim{ 3184280304Sjkim if (s == NULL) 3185280304Sjkim return 0; 3186238405Sjkim 3187280304Sjkim if (s->session == NULL) 3188280304Sjkim return 1; /* session not created yet, ignored */ 3189238405Sjkim 3190280304Sjkim if (identity_hint != NULL && strlen(identity_hint) > PSK_MAX_IDENTITY_LEN) { 3191280304Sjkim SSLerr(SSL_F_SSL_USE_PSK_IDENTITY_HINT, SSL_R_DATA_LENGTH_TOO_LONG); 3192280304Sjkim return 0; 3193280304Sjkim } 3194280304Sjkim if (s->session->psk_identity_hint != NULL) 3195280304Sjkim OPENSSL_free(s->session->psk_identity_hint); 3196280304Sjkim if (identity_hint != NULL) { 3197280304Sjkim s->session->psk_identity_hint = BUF_strdup(identity_hint); 3198280304Sjkim if (s->session->psk_identity_hint == NULL) 3199280304Sjkim return 0; 3200280304Sjkim } else 3201280304Sjkim s->session->psk_identity_hint = NULL; 3202280304Sjkim return 1; 3203280304Sjkim} 3204238405Sjkim 3205238405Sjkimconst char *SSL_get_psk_identity_hint(const SSL *s) 3206280304Sjkim{ 3207280304Sjkim if (s == NULL || s->session == NULL) 3208280304Sjkim return NULL; 3209280304Sjkim return (s->session->psk_identity_hint); 3210280304Sjkim} 3211238405Sjkim 3212238405Sjkimconst char *SSL_get_psk_identity(const SSL *s) 3213280304Sjkim{ 3214280304Sjkim if (s == NULL || s->session == NULL) 3215280304Sjkim return NULL; 3216280304Sjkim return (s->session->psk_identity); 3217280304Sjkim} 3218238405Sjkim 3219238405Sjkimvoid SSL_set_psk_client_callback(SSL *s, 3220280304Sjkim unsigned int (*cb) (SSL *ssl, 3221280304Sjkim const char *hint, 3222280304Sjkim char *identity, 3223280304Sjkim unsigned int 3224280304Sjkim max_identity_len, 3225280304Sjkim unsigned char *psk, 3226280304Sjkim unsigned int 3227280304Sjkim max_psk_len)) 3228280304Sjkim{ 3229280304Sjkim s->psk_client_callback = cb; 3230280304Sjkim} 3231238405Sjkim 3232238405Sjkimvoid SSL_CTX_set_psk_client_callback(SSL_CTX *ctx, 3233280304Sjkim unsigned int (*cb) (SSL *ssl, 3234280304Sjkim const char *hint, 3235280304Sjkim char *identity, 3236280304Sjkim unsigned int 3237280304Sjkim max_identity_len, 3238280304Sjkim unsigned char *psk, 3239280304Sjkim unsigned int 3240280304Sjkim max_psk_len)) 3241280304Sjkim{ 3242280304Sjkim ctx->psk_client_callback = cb; 3243280304Sjkim} 3244238405Sjkim 3245238405Sjkimvoid SSL_set_psk_server_callback(SSL *s, 3246280304Sjkim unsigned int (*cb) (SSL *ssl, 3247280304Sjkim const char *identity, 3248280304Sjkim unsigned char *psk, 3249280304Sjkim unsigned int 3250280304Sjkim max_psk_len)) 3251280304Sjkim{ 3252280304Sjkim s->psk_server_callback = cb; 3253280304Sjkim} 3254238405Sjkim 3255238405Sjkimvoid SSL_CTX_set_psk_server_callback(SSL_CTX *ctx, 3256280304Sjkim unsigned int (*cb) (SSL *ssl, 3257280304Sjkim const char *identity, 3258280304Sjkim unsigned char *psk, 3259280304Sjkim unsigned int 3260280304Sjkim max_psk_len)) 3261280304Sjkim{ 3262280304Sjkim ctx->psk_server_callback = cb; 3263280304Sjkim} 3264238405Sjkim#endif 3265238405Sjkim 3266280304Sjkimvoid SSL_CTX_set_msg_callback(SSL_CTX *ctx, 3267280304Sjkim void (*cb) (int write_p, int version, 3268280304Sjkim int content_type, const void *buf, 3269280304Sjkim size_t len, SSL *ssl, void *arg)) 3270280304Sjkim{ 3271280304Sjkim SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb); 3272280304Sjkim} 3273109998Smarkm 3274280304Sjkimvoid SSL_set_msg_callback(SSL *ssl, 3275280304Sjkim void (*cb) (int write_p, int version, 3276280304Sjkim int content_type, const void *buf, 3277280304Sjkim size_t len, SSL *ssl, void *arg)) 3278280304Sjkim{ 3279280304Sjkim SSL_callback_ctrl(ssl, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb); 3280280304Sjkim} 3281280304Sjkim 3282280304Sjkim/* 3283280304Sjkim * Allocates new EVP_MD_CTX and sets pointer to it into given pointer 3284280304Sjkim * vairable, freeing EVP_MD_CTX previously stored in that variable, if any. 3285280304Sjkim * If EVP_MD pointer is passed, initializes ctx with this md Returns newly 3286280304Sjkim * allocated ctx; 3287238405Sjkim */ 3288109998Smarkm 3289280304SjkimEVP_MD_CTX *ssl_replace_hash(EVP_MD_CTX **hash, const EVP_MD *md) 3290238405Sjkim{ 3291280304Sjkim ssl_clear_hash_ctx(hash); 3292280304Sjkim *hash = EVP_MD_CTX_create(); 3293291721Sjkim if (*hash == NULL || (md && EVP_DigestInit_ex(*hash, md, NULL) <= 0)) { 3294291721Sjkim EVP_MD_CTX_destroy(*hash); 3295291721Sjkim *hash = NULL; 3296291721Sjkim return NULL; 3297291721Sjkim } 3298280304Sjkim return *hash; 3299238405Sjkim} 3300280304Sjkim 3301280304Sjkimvoid ssl_clear_hash_ctx(EVP_MD_CTX **hash) 3302238405Sjkim{ 3303109998Smarkm 3304280304Sjkim if (*hash) 3305280304Sjkim EVP_MD_CTX_destroy(*hash); 3306280304Sjkim *hash = NULL; 3307238405Sjkim} 3308238405Sjkim 3309238405Sjkimvoid SSL_set_debug(SSL *s, int debug) 3310280304Sjkim{ 3311280304Sjkim s->debug = debug; 3312280304Sjkim} 3313238405Sjkim 3314238405Sjkimint SSL_cache_hit(SSL *s) 3315280304Sjkim{ 3316280304Sjkim return s->hit; 3317280304Sjkim} 3318238405Sjkim 3319109998Smarkm#if defined(_WINDLL) && defined(OPENSSL_SYS_WIN16) 3320280304Sjkim# include "../crypto/bio/bss_file.c" 332155714Skris#endif 332255714Skris 332355714SkrisIMPLEMENT_STACK_OF(SSL_CIPHER) 332455714SkrisIMPLEMENT_STACK_OF(SSL_COMP) 3325280304SjkimIMPLEMENT_OBJ_BSEARCH_GLOBAL_CMP_FN(SSL_CIPHER, SSL_CIPHER, ssl_cipher_id); 3326