ssl_lib.c revision 296279
1280297Sjkim/*
2280297Sjkim * ! \file ssl/ssl_lib.c \brief Version independent SSL functions.
355714Skris */
455714Skris/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
555714Skris * All rights reserved.
655714Skris *
755714Skris * This package is an SSL implementation written
855714Skris * by Eric Young (eay@cryptsoft.com).
955714Skris * The implementation was written so as to conform with Netscapes SSL.
10280297Sjkim *
1155714Skris * This library is free for commercial and non-commercial use as long as
1255714Skris * the following conditions are aheared to.  The following conditions
1355714Skris * apply to all code found in this distribution, be it the RC4, RSA,
1455714Skris * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
1555714Skris * included with this distribution is covered by the same copyright terms
1655714Skris * except that the holder is Tim Hudson (tjh@cryptsoft.com).
17280297Sjkim *
1855714Skris * Copyright remains Eric Young's, and as such any Copyright notices in
1955714Skris * the code are not to be removed.
2055714Skris * If this package is used in a product, Eric Young should be given attribution
2155714Skris * as the author of the parts of the library used.
2255714Skris * This can be in the form of a textual message at program startup or
2355714Skris * in documentation (online or textual) provided with the package.
24280297Sjkim *
2555714Skris * Redistribution and use in source and binary forms, with or without
2655714Skris * modification, are permitted provided that the following conditions
2755714Skris * are met:
2855714Skris * 1. Redistributions of source code must retain the copyright
2955714Skris *    notice, this list of conditions and the following disclaimer.
3055714Skris * 2. Redistributions in binary form must reproduce the above copyright
3155714Skris *    notice, this list of conditions and the following disclaimer in the
3255714Skris *    documentation and/or other materials provided with the distribution.
3355714Skris * 3. All advertising materials mentioning features or use of this software
3455714Skris *    must display the following acknowledgement:
3555714Skris *    "This product includes cryptographic software written by
3655714Skris *     Eric Young (eay@cryptsoft.com)"
3755714Skris *    The word 'cryptographic' can be left out if the rouines from the library
3855714Skris *    being used are not cryptographic related :-).
39280297Sjkim * 4. If you include any Windows specific code (or a derivative thereof) from
4055714Skris *    the apps directory (application code) you must include an acknowledgement:
4155714Skris *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
42280297Sjkim *
4355714Skris * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
4455714Skris * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
4555714Skris * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
4655714Skris * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
4755714Skris * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
4855714Skris * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
4955714Skris * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
5055714Skris * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
5155714Skris * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
5255714Skris * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
5355714Skris * SUCH DAMAGE.
54280297Sjkim *
5555714Skris * The licence and distribution terms for any publically available version or
5655714Skris * derivative of this code cannot be changed.  i.e. this code cannot simply be
5755714Skris * copied and put under another distribution licence
5855714Skris * [including the GNU Public Licence.]
5955714Skris */
60109998Smarkm/* ====================================================================
61238405Sjkim * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
62109998Smarkm *
63109998Smarkm * Redistribution and use in source and binary forms, with or without
64109998Smarkm * modification, are permitted provided that the following conditions
65109998Smarkm * are met:
66109998Smarkm *
67109998Smarkm * 1. Redistributions of source code must retain the above copyright
68280297Sjkim *    notice, this list of conditions and the following disclaimer.
69109998Smarkm *
70109998Smarkm * 2. Redistributions in binary form must reproduce the above copyright
71109998Smarkm *    notice, this list of conditions and the following disclaimer in
72109998Smarkm *    the documentation and/or other materials provided with the
73109998Smarkm *    distribution.
74109998Smarkm *
75109998Smarkm * 3. All advertising materials mentioning features or use of this
76109998Smarkm *    software must display the following acknowledgment:
77109998Smarkm *    "This product includes software developed by the OpenSSL Project
78109998Smarkm *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
79109998Smarkm *
80109998Smarkm * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
81109998Smarkm *    endorse or promote products derived from this software without
82109998Smarkm *    prior written permission. For written permission, please contact
83109998Smarkm *    openssl-core@openssl.org.
84109998Smarkm *
85109998Smarkm * 5. Products derived from this software may not be called "OpenSSL"
86109998Smarkm *    nor may "OpenSSL" appear in their names without prior written
87109998Smarkm *    permission of the OpenSSL Project.
88109998Smarkm *
89109998Smarkm * 6. Redistributions of any form whatsoever must retain the following
90109998Smarkm *    acknowledgment:
91109998Smarkm *    "This product includes software developed by the OpenSSL Project
92109998Smarkm *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
93109998Smarkm *
94109998Smarkm * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
95109998Smarkm * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
96109998Smarkm * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
97109998Smarkm * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
98109998Smarkm * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
99109998Smarkm * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
100109998Smarkm * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
101109998Smarkm * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
102109998Smarkm * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
103109998Smarkm * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
104109998Smarkm * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
105109998Smarkm * OF THE POSSIBILITY OF SUCH DAMAGE.
106109998Smarkm * ====================================================================
107109998Smarkm *
108109998Smarkm * This product includes cryptographic software written by Eric Young
109109998Smarkm * (eay@cryptsoft.com).  This product includes software written by Tim
110109998Smarkm * Hudson (tjh@cryptsoft.com).
111109998Smarkm *
112109998Smarkm */
113160814Ssimon/* ====================================================================
114160814Ssimon * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
115280297Sjkim * ECC cipher suite support in OpenSSL originally developed by
116160814Ssimon * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
117160814Ssimon */
118238405Sjkim/* ====================================================================
119238405Sjkim * Copyright 2005 Nokia. All rights reserved.
120238405Sjkim *
121238405Sjkim * The portions of the attached software ("Contribution") is developed by
122238405Sjkim * Nokia Corporation and is licensed pursuant to the OpenSSL open source
123238405Sjkim * license.
124238405Sjkim *
125238405Sjkim * The Contribution, originally written by Mika Kousa and Pasi Eronen of
126238405Sjkim * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
127238405Sjkim * support (see RFC 4279) to OpenSSL.
128238405Sjkim *
129238405Sjkim * No patent licenses or other rights except those expressly stated in
130238405Sjkim * the OpenSSL open source license shall be deemed granted or received
131238405Sjkim * expressly, by implication, estoppel, or otherwise.
132238405Sjkim *
133238405Sjkim * No assurances are provided by Nokia that the Contribution does not
134238405Sjkim * infringe the patent or other intellectual property rights of any third
135238405Sjkim * party or that the license provides you with all the necessary rights
136238405Sjkim * to make use of the Contribution.
137238405Sjkim *
138238405Sjkim * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
139238405Sjkim * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
140238405Sjkim * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
141238405Sjkim * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
142238405Sjkim * OTHERWISE.
143238405Sjkim */
14455714Skris
145109998Smarkm#ifdef REF_CHECK
146280297Sjkim# include <assert.h>
147109998Smarkm#endif
14855714Skris#include <stdio.h>
149109998Smarkm#include "ssl_locl.h"
150109998Smarkm#include "kssl_lcl.h"
15155714Skris#include <openssl/objects.h>
15255714Skris#include <openssl/lhash.h>
15359191Skris#include <openssl/x509v3.h>
154194206Ssimon#include <openssl/rand.h>
155194206Ssimon#include <openssl/ocsp.h>
156160814Ssimon#ifndef OPENSSL_NO_DH
157280297Sjkim# include <openssl/dh.h>
158160814Ssimon#endif
159194206Ssimon#ifndef OPENSSL_NO_ENGINE
160280297Sjkim# include <openssl/engine.h>
161194206Ssimon#endif
16255714Skris
163280297Sjkimconst char *SSL_version_str = OPENSSL_VERSION_TEXT;
16455714Skris
165280297SjkimSSL3_ENC_METHOD ssl3_undef_enc_method = {
166280297Sjkim    /*
167280297Sjkim     * evil casts, but these functions are only called if there's a library
168280297Sjkim     * bug
169280297Sjkim     */
170280297Sjkim    (int (*)(SSL *, int))ssl_undefined_function,
171280297Sjkim    (int (*)(SSL *, unsigned char *, int))ssl_undefined_function,
172280297Sjkim    ssl_undefined_function,
173280297Sjkim    (int (*)(SSL *, unsigned char *, unsigned char *, int))
174280297Sjkim        ssl_undefined_function,
175280297Sjkim    (int (*)(SSL *, int))ssl_undefined_function,
176280297Sjkim    (int (*)(SSL *, const char *, int, unsigned char *))
177280297Sjkim        ssl_undefined_function,
178280297Sjkim    0,                          /* finish_mac_length */
179280297Sjkim    (int (*)(SSL *, int, unsigned char *))ssl_undefined_function,
180280297Sjkim    NULL,                       /* client_finished_label */
181280297Sjkim    0,                          /* client_finished_label_len */
182280297Sjkim    NULL,                       /* server_finished_label */
183280297Sjkim    0,                          /* server_finished_label_len */
184280297Sjkim    (int (*)(int))ssl_undefined_function,
185280297Sjkim    (int (*)(SSL *, unsigned char *, size_t, const char *,
186280297Sjkim             size_t, const unsigned char *, size_t,
187280297Sjkim             int use_context))ssl_undefined_function,
188280297Sjkim};
18955714Skris
19055714Skrisint SSL_clear(SSL *s)
191280297Sjkim{
19255714Skris
193280297Sjkim    if (s->method == NULL) {
194280297Sjkim        SSLerr(SSL_F_SSL_CLEAR, SSL_R_NO_METHOD_SPECIFIED);
195280297Sjkim        return (0);
196280297Sjkim    }
19755714Skris
198280297Sjkim    if (ssl_clear_bad_session(s)) {
199280297Sjkim        SSL_SESSION_free(s->session);
200280297Sjkim        s->session = NULL;
201280297Sjkim    }
202100928Snectar
203280297Sjkim    s->error = 0;
204280297Sjkim    s->hit = 0;
205280297Sjkim    s->shutdown = 0;
20655714Skris
207280297Sjkim#if 0
208280297Sjkim    /*
209280297Sjkim     * Disabled since version 1.10 of this file (early return not
210280297Sjkim     * needed because SSL_clear is not called when doing renegotiation)
211280297Sjkim     */
212280297Sjkim    /*
213280297Sjkim     * This is set if we are doing dynamic renegotiation so keep
214280297Sjkim     * the old cipher.  It is sort of a SSL_clear_lite :-)
215280297Sjkim     */
216280297Sjkim    if (s->renegotiate)
217280297Sjkim        return (1);
21859191Skris#else
219280297Sjkim    if (s->renegotiate) {
220280297Sjkim        SSLerr(SSL_F_SSL_CLEAR, ERR_R_INTERNAL_ERROR);
221280297Sjkim        return 0;
222280297Sjkim    }
22355714Skris#endif
22455714Skris
225280297Sjkim    s->type = 0;
22655714Skris
227280297Sjkim    s->state = SSL_ST_BEFORE | ((s->server) ? SSL_ST_ACCEPT : SSL_ST_CONNECT);
22855714Skris
229280297Sjkim    s->version = s->method->version;
230280297Sjkim    s->client_version = s->version;
231280297Sjkim    s->rwstate = SSL_NOTHING;
232280297Sjkim    s->rstate = SSL_ST_READ_HEADER;
23372613Skris#if 0
234280297Sjkim    s->read_ahead = s->ctx->read_ahead;
23572613Skris#endif
23655714Skris
237280297Sjkim    if (s->init_buf != NULL) {
238280297Sjkim        BUF_MEM_free(s->init_buf);
239280297Sjkim        s->init_buf = NULL;
240280297Sjkim    }
24155714Skris
242280297Sjkim    ssl_clear_cipher_ctx(s);
243280297Sjkim    ssl_clear_hash_ctx(&s->read_hash);
244280297Sjkim    ssl_clear_hash_ctx(&s->write_hash);
24555714Skris
246280297Sjkim    s->first_packet = 0;
24755714Skris
24855714Skris#if 1
249280297Sjkim    /*
250280297Sjkim     * Check to see if we were changed into a different method, if so, revert
251280297Sjkim     * back if we are not doing session-id reuse.
252280297Sjkim     */
253280297Sjkim    if (!s->in_handshake && (s->session == NULL)
254280297Sjkim        && (s->method != s->ctx->method)) {
255280297Sjkim        s->method->ssl_free(s);
256280297Sjkim        s->method = s->ctx->method;
257280297Sjkim        if (!s->method->ssl_new(s))
258280297Sjkim            return (0);
259280297Sjkim    } else
26055714Skris#endif
261280297Sjkim        s->method->ssl_clear(s);
262280297Sjkim    return (1);
263280297Sjkim}
26455714Skris
26555714Skris/** Used to change an SSL_CTXs default SSL method type */
266280297Sjkimint SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth)
267280297Sjkim{
268280297Sjkim    STACK_OF(SSL_CIPHER) *sk;
26955714Skris
270280297Sjkim    ctx->method = meth;
27155714Skris
272280297Sjkim    sk = ssl_create_cipher_list(ctx->method, &(ctx->cipher_list),
273280297Sjkim                                &(ctx->cipher_list_by_id),
274280297Sjkim                                meth->version ==
275280297Sjkim                                SSL2_VERSION ? "SSLv2" :
276290207Sjkim                                SSL_DEFAULT_CIPHER_LIST, ctx->cert);
277280297Sjkim    if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0)) {
278280297Sjkim        SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION,
279280297Sjkim               SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
280280297Sjkim        return (0);
281280297Sjkim    }
282280297Sjkim    return (1);
283280297Sjkim}
28455714Skris
28555714SkrisSSL *SSL_new(SSL_CTX *ctx)
286280297Sjkim{
287280297Sjkim    SSL *s;
28855714Skris
289280297Sjkim    if (ctx == NULL) {
290280297Sjkim        SSLerr(SSL_F_SSL_NEW, SSL_R_NULL_SSL_CTX);
291280297Sjkim        return (NULL);
292280297Sjkim    }
293280297Sjkim    if (ctx->method == NULL) {
294280297Sjkim        SSLerr(SSL_F_SSL_NEW, SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION);
295280297Sjkim        return (NULL);
296280297Sjkim    }
29755714Skris
298280297Sjkim    s = (SSL *)OPENSSL_malloc(sizeof(SSL));
299280297Sjkim    if (s == NULL)
300280297Sjkim        goto err;
301280297Sjkim    memset(s, 0, sizeof(SSL));
30255714Skris
303280297Sjkim#ifndef OPENSSL_NO_KRB5
304280297Sjkim    s->kssl_ctx = kssl_ctx_new();
305280297Sjkim#endif                          /* OPENSSL_NO_KRB5 */
306109998Smarkm
307280297Sjkim    s->options = ctx->options;
308280297Sjkim    s->mode = ctx->mode;
309280297Sjkim    s->max_cert_list = ctx->max_cert_list;
310291719Sjkim    s->references = 1;
311109998Smarkm
312280297Sjkim    if (ctx->cert != NULL) {
313280297Sjkim        /*
314280297Sjkim         * Earlier library versions used to copy the pointer to the CERT, not
315280297Sjkim         * its contents; only when setting new parameters for the per-SSL
316280297Sjkim         * copy, ssl_cert_new would be called (and the direct reference to
317280297Sjkim         * the per-SSL_CTX settings would be lost, but those still were
318280297Sjkim         * indirectly accessed for various purposes, and for that reason they
319280297Sjkim         * used to be known as s->ctx->default_cert). Now we don't look at the
320280297Sjkim         * SSL_CTX's CERT after having duplicated it once.
321280297Sjkim         */
32255714Skris
323280297Sjkim        s->cert = ssl_cert_dup(ctx->cert);
324280297Sjkim        if (s->cert == NULL)
325280297Sjkim            goto err;
326280297Sjkim    } else
327280297Sjkim        s->cert = NULL;         /* Cannot really happen (see SSL_CTX_new) */
328109998Smarkm
329280297Sjkim    s->read_ahead = ctx->read_ahead;
330280297Sjkim    s->msg_callback = ctx->msg_callback;
331280297Sjkim    s->msg_callback_arg = ctx->msg_callback_arg;
332280297Sjkim    s->verify_mode = ctx->verify_mode;
333160814Ssimon#if 0
334280297Sjkim    s->verify_depth = ctx->verify_depth;
335160814Ssimon#endif
336280297Sjkim    s->sid_ctx_length = ctx->sid_ctx_length;
337280297Sjkim    OPENSSL_assert(s->sid_ctx_length <= sizeof s->sid_ctx);
338280297Sjkim    memcpy(&s->sid_ctx, &ctx->sid_ctx, sizeof(s->sid_ctx));
339280297Sjkim    s->verify_callback = ctx->default_verify_callback;
340280297Sjkim    s->generate_session_id = ctx->generate_session_id;
341160814Ssimon
342280297Sjkim    s->param = X509_VERIFY_PARAM_new();
343280297Sjkim    if (!s->param)
344280297Sjkim        goto err;
345280297Sjkim    X509_VERIFY_PARAM_inherit(s->param, ctx->param);
346160814Ssimon#if 0
347280297Sjkim    s->purpose = ctx->purpose;
348280297Sjkim    s->trust = ctx->trust;
349160814Ssimon#endif
350280297Sjkim    s->quiet_shutdown = ctx->quiet_shutdown;
351280297Sjkim    s->max_send_fragment = ctx->max_send_fragment;
352109998Smarkm
353280297Sjkim    CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
354280297Sjkim    s->ctx = ctx;
355194206Ssimon#ifndef OPENSSL_NO_TLSEXT
356280297Sjkim    s->tlsext_debug_cb = 0;
357280297Sjkim    s->tlsext_debug_arg = NULL;
358280297Sjkim    s->tlsext_ticket_expected = 0;
359280297Sjkim    s->tlsext_status_type = -1;
360280297Sjkim    s->tlsext_status_expected = 0;
361280297Sjkim    s->tlsext_ocsp_ids = NULL;
362280297Sjkim    s->tlsext_ocsp_exts = NULL;
363280297Sjkim    s->tlsext_ocsp_resp = NULL;
364280297Sjkim    s->tlsext_ocsp_resplen = -1;
365280297Sjkim    CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
366280297Sjkim    s->initial_ctx = ctx;
367290207Sjkim# ifndef OPENSSL_NO_EC
368290207Sjkim    if (ctx->tlsext_ecpointformatlist) {
369290207Sjkim        s->tlsext_ecpointformatlist =
370290207Sjkim            BUF_memdup(ctx->tlsext_ecpointformatlist,
371290207Sjkim                       ctx->tlsext_ecpointformatlist_length);
372290207Sjkim        if (!s->tlsext_ecpointformatlist)
373290207Sjkim            goto err;
374290207Sjkim        s->tlsext_ecpointformatlist_length =
375290207Sjkim            ctx->tlsext_ecpointformatlist_length;
376290207Sjkim    }
377290207Sjkim    if (ctx->tlsext_ellipticcurvelist) {
378290207Sjkim        s->tlsext_ellipticcurvelist =
379290207Sjkim            BUF_memdup(ctx->tlsext_ellipticcurvelist,
380290207Sjkim                       ctx->tlsext_ellipticcurvelist_length);
381290207Sjkim        if (!s->tlsext_ellipticcurvelist)
382290207Sjkim            goto err;
383290207Sjkim        s->tlsext_ellipticcurvelist_length =
384290207Sjkim            ctx->tlsext_ellipticcurvelist_length;
385290207Sjkim    }
386290207Sjkim# endif
387238405Sjkim# ifndef OPENSSL_NO_NEXTPROTONEG
388280297Sjkim    s->next_proto_negotiated = NULL;
389238405Sjkim# endif
390290207Sjkim
391290207Sjkim    if (s->ctx->alpn_client_proto_list) {
392290207Sjkim        s->alpn_client_proto_list =
393290207Sjkim            OPENSSL_malloc(s->ctx->alpn_client_proto_list_len);
394290207Sjkim        if (s->alpn_client_proto_list == NULL)
395290207Sjkim            goto err;
396290207Sjkim        memcpy(s->alpn_client_proto_list, s->ctx->alpn_client_proto_list,
397290207Sjkim               s->ctx->alpn_client_proto_list_len);
398290207Sjkim        s->alpn_client_proto_list_len = s->ctx->alpn_client_proto_list_len;
399290207Sjkim    }
400194206Ssimon#endif
401238405Sjkim
402280297Sjkim    s->verify_result = X509_V_OK;
40355714Skris
404280297Sjkim    s->method = ctx->method;
40555714Skris
406280297Sjkim    if (!s->method->ssl_new(s))
407280297Sjkim        goto err;
40855714Skris
409280297Sjkim    s->server = (ctx->method->ssl_accept == ssl_undefined_function) ? 0 : 1;
410109998Smarkm
411280297Sjkim    SSL_clear(s);
41255714Skris
413280297Sjkim    CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
41455714Skris
415238405Sjkim#ifndef OPENSSL_NO_PSK
416280297Sjkim    s->psk_client_callback = ctx->psk_client_callback;
417280297Sjkim    s->psk_server_callback = ctx->psk_server_callback;
418238405Sjkim#endif
419238405Sjkim
420280297Sjkim    return (s);
421280297Sjkim err:
422280297Sjkim    if (s != NULL)
423280297Sjkim        SSL_free(s);
424280297Sjkim    SSLerr(SSL_F_SSL_NEW, ERR_R_MALLOC_FAILURE);
425280297Sjkim    return (NULL);
426280297Sjkim}
42755714Skris
428280297Sjkimint SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx,
429280297Sjkim                                   unsigned int sid_ctx_len)
430280297Sjkim{
431280297Sjkim    if (sid_ctx_len > sizeof ctx->sid_ctx) {
432280297Sjkim        SSLerr(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT,
433280297Sjkim               SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
434280297Sjkim        return 0;
435280297Sjkim    }
436280297Sjkim    ctx->sid_ctx_length = sid_ctx_len;
437280297Sjkim    memcpy(ctx->sid_ctx, sid_ctx, sid_ctx_len);
43855714Skris
43955714Skris    return 1;
440280297Sjkim}
441280297Sjkim
442280297Sjkimint SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx,
443280297Sjkim                               unsigned int sid_ctx_len)
444280297Sjkim{
445280297Sjkim    if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {
446280297Sjkim        SSLerr(SSL_F_SSL_SET_SESSION_ID_CONTEXT,
447280297Sjkim               SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
448280297Sjkim        return 0;
44955714Skris    }
450280297Sjkim    ssl->sid_ctx_length = sid_ctx_len;
451280297Sjkim    memcpy(ssl->sid_ctx, sid_ctx, sid_ctx_len);
45255714Skris
45355714Skris    return 1;
454280297Sjkim}
45555714Skris
456109998Smarkmint SSL_CTX_set_generate_session_id(SSL_CTX *ctx, GEN_SESSION_CB cb)
457280297Sjkim{
458280297Sjkim    CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
459280297Sjkim    ctx->generate_session_id = cb;
460280297Sjkim    CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
461280297Sjkim    return 1;
462280297Sjkim}
463109998Smarkm
464109998Smarkmint SSL_set_generate_session_id(SSL *ssl, GEN_SESSION_CB cb)
465280297Sjkim{
466280297Sjkim    CRYPTO_w_lock(CRYPTO_LOCK_SSL);
467280297Sjkim    ssl->generate_session_id = cb;
468280297Sjkim    CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
469280297Sjkim    return 1;
470280297Sjkim}
47159191Skris
472109998Smarkmint SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
473280297Sjkim                                unsigned int id_len)
474280297Sjkim{
475280297Sjkim    /*
476280297Sjkim     * A quick examination of SSL_SESSION_hash and SSL_SESSION_cmp shows how
477280297Sjkim     * we can "construct" a session to give us the desired check - ie. to
478280297Sjkim     * find if there's a session in the hash table that would conflict with
479280297Sjkim     * any new session built out of this id/id_len and the ssl_version in use
480280297Sjkim     * by this SSL.
481280297Sjkim     */
482280297Sjkim    SSL_SESSION r, *p;
483109998Smarkm
484280297Sjkim    if (id_len > sizeof r.session_id)
485280297Sjkim        return 0;
486109998Smarkm
487280297Sjkim    r.ssl_version = ssl->version;
488280297Sjkim    r.session_id_length = id_len;
489280297Sjkim    memcpy(r.session_id, id, id_len);
490280297Sjkim    /*
491280297Sjkim     * NB: SSLv2 always uses a fixed 16-byte session ID, so even if a
492280297Sjkim     * callback is calling us to check the uniqueness of a shorter ID, it
493280297Sjkim     * must be compared as a padded-out ID because that is what it will be
494280297Sjkim     * converted to when the callback has finished choosing it.
495280297Sjkim     */
496280297Sjkim    if ((r.ssl_version == SSL2_VERSION) &&
497280297Sjkim        (id_len < SSL2_SSL_SESSION_ID_LENGTH)) {
498280297Sjkim        memset(r.session_id + id_len, 0, SSL2_SSL_SESSION_ID_LENGTH - id_len);
499280297Sjkim        r.session_id_length = SSL2_SSL_SESSION_ID_LENGTH;
500280297Sjkim    }
501109998Smarkm
502280297Sjkim    CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
503280297Sjkim    p = lh_SSL_SESSION_retrieve(ssl->ctx->sessions, &r);
504280297Sjkim    CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
505280297Sjkim    return (p != NULL);
506280297Sjkim}
507109998Smarkm
508109998Smarkmint SSL_CTX_set_purpose(SSL_CTX *s, int purpose)
509280297Sjkim{
510280297Sjkim    return X509_VERIFY_PARAM_set_purpose(s->param, purpose);
511280297Sjkim}
512109998Smarkm
513109998Smarkmint SSL_set_purpose(SSL *s, int purpose)
514280297Sjkim{
515280297Sjkim    return X509_VERIFY_PARAM_set_purpose(s->param, purpose);
516280297Sjkim}
517109998Smarkm
51859191Skrisint SSL_CTX_set_trust(SSL_CTX *s, int trust)
519280297Sjkim{
520280297Sjkim    return X509_VERIFY_PARAM_set_trust(s->param, trust);
521280297Sjkim}
52259191Skris
52359191Skrisint SSL_set_trust(SSL *s, int trust)
524280297Sjkim{
525280297Sjkim    return X509_VERIFY_PARAM_set_trust(s->param, trust);
526280297Sjkim}
52759191Skris
528238405Sjkimint SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm)
529280297Sjkim{
530280297Sjkim    return X509_VERIFY_PARAM_set1(ctx->param, vpm);
531280297Sjkim}
532238405Sjkim
533238405Sjkimint SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm)
534280297Sjkim{
535280297Sjkim    return X509_VERIFY_PARAM_set1(ssl->param, vpm);
536280297Sjkim}
537238405Sjkim
538290207SjkimX509_VERIFY_PARAM *SSL_CTX_get0_param(SSL_CTX *ctx)
539290207Sjkim{
540290207Sjkim    return ctx->param;
541290207Sjkim}
542290207Sjkim
543290207SjkimX509_VERIFY_PARAM *SSL_get0_param(SSL *ssl)
544290207Sjkim{
545290207Sjkim    return ssl->param;
546290207Sjkim}
547290207Sjkim
548290207Sjkimvoid SSL_certs_clear(SSL *s)
549290207Sjkim{
550290207Sjkim    ssl_cert_clear_certs(s->cert);
551290207Sjkim}
552290207Sjkim
55355714Skrisvoid SSL_free(SSL *s)
554280297Sjkim{
555280297Sjkim    int i;
55655714Skris
557280297Sjkim    if (s == NULL)
558280297Sjkim        return;
55955714Skris
560280297Sjkim    i = CRYPTO_add(&s->references, -1, CRYPTO_LOCK_SSL);
56155714Skris#ifdef REF_PRINT
562280297Sjkim    REF_PRINT("SSL", s);
56355714Skris#endif
564280297Sjkim    if (i > 0)
565280297Sjkim        return;
56655714Skris#ifdef REF_CHECK
567280297Sjkim    if (i < 0) {
568280297Sjkim        fprintf(stderr, "SSL_free, bad reference count\n");
569280297Sjkim        abort();                /* ok */
570280297Sjkim    }
57155714Skris#endif
57255714Skris
573280297Sjkim    if (s->param)
574280297Sjkim        X509_VERIFY_PARAM_free(s->param);
575160814Ssimon
576280297Sjkim    CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
57755714Skris
578280297Sjkim    if (s->bbio != NULL) {
579280297Sjkim        /* If the buffering BIO is in place, pop it off */
580280297Sjkim        if (s->bbio == s->wbio) {
581280297Sjkim            s->wbio = BIO_pop(s->wbio);
582280297Sjkim        }
583280297Sjkim        BIO_free(s->bbio);
584280297Sjkim        s->bbio = NULL;
585280297Sjkim    }
586280297Sjkim    if (s->rbio != NULL)
587280297Sjkim        BIO_free_all(s->rbio);
588280297Sjkim    if ((s->wbio != NULL) && (s->wbio != s->rbio))
589280297Sjkim        BIO_free_all(s->wbio);
59055714Skris
591280297Sjkim    if (s->init_buf != NULL)
592280297Sjkim        BUF_MEM_free(s->init_buf);
59355714Skris
594280297Sjkim    /* add extra stuff */
595280297Sjkim    if (s->cipher_list != NULL)
596280297Sjkim        sk_SSL_CIPHER_free(s->cipher_list);
597280297Sjkim    if (s->cipher_list_by_id != NULL)
598280297Sjkim        sk_SSL_CIPHER_free(s->cipher_list_by_id);
59955714Skris
600280297Sjkim    /* Make the next call work :-) */
601280297Sjkim    if (s->session != NULL) {
602280297Sjkim        ssl_clear_bad_session(s);
603280297Sjkim        SSL_SESSION_free(s->session);
604280297Sjkim    }
60555714Skris
606280297Sjkim    ssl_clear_cipher_ctx(s);
607280297Sjkim    ssl_clear_hash_ctx(&s->read_hash);
608280297Sjkim    ssl_clear_hash_ctx(&s->write_hash);
60955714Skris
610280297Sjkim    if (s->cert != NULL)
611280297Sjkim        ssl_cert_free(s->cert);
612280297Sjkim    /* Free up if allocated */
61355714Skris
614194206Ssimon#ifndef OPENSSL_NO_TLSEXT
615280297Sjkim    if (s->tlsext_hostname)
616280297Sjkim        OPENSSL_free(s->tlsext_hostname);
617280297Sjkim    if (s->initial_ctx)
618280297Sjkim        SSL_CTX_free(s->initial_ctx);
619280297Sjkim# ifndef OPENSSL_NO_EC
620280297Sjkim    if (s->tlsext_ecpointformatlist)
621280297Sjkim        OPENSSL_free(s->tlsext_ecpointformatlist);
622280297Sjkim    if (s->tlsext_ellipticcurvelist)
623280297Sjkim        OPENSSL_free(s->tlsext_ellipticcurvelist);
624280297Sjkim# endif                         /* OPENSSL_NO_EC */
625280297Sjkim    if (s->tlsext_opaque_prf_input)
626280297Sjkim        OPENSSL_free(s->tlsext_opaque_prf_input);
627280297Sjkim    if (s->tlsext_ocsp_exts)
628280297Sjkim        sk_X509_EXTENSION_pop_free(s->tlsext_ocsp_exts, X509_EXTENSION_free);
629280297Sjkim    if (s->tlsext_ocsp_ids)
630280297Sjkim        sk_OCSP_RESPID_pop_free(s->tlsext_ocsp_ids, OCSP_RESPID_free);
631280297Sjkim    if (s->tlsext_ocsp_resp)
632280297Sjkim        OPENSSL_free(s->tlsext_ocsp_resp);
633290207Sjkim    if (s->alpn_client_proto_list)
634290207Sjkim        OPENSSL_free(s->alpn_client_proto_list);
635194206Ssimon#endif
636238405Sjkim
637280297Sjkim    if (s->client_CA != NULL)
638280297Sjkim        sk_X509_NAME_pop_free(s->client_CA, X509_NAME_free);
63955714Skris
640280297Sjkim    if (s->method != NULL)
641280297Sjkim        s->method->ssl_free(s);
64255714Skris
643280297Sjkim    if (s->ctx)
644280297Sjkim        SSL_CTX_free(s->ctx);
645205128Ssimon
646280297Sjkim#ifndef OPENSSL_NO_KRB5
647280297Sjkim    if (s->kssl_ctx != NULL)
648280297Sjkim        kssl_ctx_free(s->kssl_ctx);
649280297Sjkim#endif                          /* OPENSSL_NO_KRB5 */
650120631Snectar
651238405Sjkim#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
652280297Sjkim    if (s->next_proto_negotiated)
653280297Sjkim        OPENSSL_free(s->next_proto_negotiated);
654238405Sjkim#endif
655238405Sjkim
656246772Sjkim#ifndef OPENSSL_NO_SRTP
657280297Sjkim    if (s->srtp_profiles)
658280297Sjkim        sk_SRTP_PROTECTION_PROFILE_free(s->srtp_profiles);
659246772Sjkim#endif
660238405Sjkim
661280297Sjkim    OPENSSL_free(s);
662280297Sjkim}
66355714Skris
664280297Sjkimvoid SSL_set_bio(SSL *s, BIO *rbio, BIO *wbio)
665280297Sjkim{
666280297Sjkim    /*
667280297Sjkim     * If the output buffering BIO is still in place, remove it
668280297Sjkim     */
669280297Sjkim    if (s->bbio != NULL) {
670280297Sjkim        if (s->wbio == s->bbio) {
671280297Sjkim            s->wbio = s->wbio->next_bio;
672280297Sjkim            s->bbio->next_bio = NULL;
673280297Sjkim        }
674280297Sjkim    }
675280297Sjkim    if ((s->rbio != NULL) && (s->rbio != rbio))
676280297Sjkim        BIO_free_all(s->rbio);
677280297Sjkim    if ((s->wbio != NULL) && (s->wbio != wbio) && (s->rbio != s->wbio))
678280297Sjkim        BIO_free_all(s->wbio);
679280297Sjkim    s->rbio = rbio;
680280297Sjkim    s->wbio = wbio;
681280297Sjkim}
68255714Skris
683160814SsimonBIO *SSL_get_rbio(const SSL *s)
684280297Sjkim{
685280297Sjkim    return (s->rbio);
686280297Sjkim}
68755714Skris
688160814SsimonBIO *SSL_get_wbio(const SSL *s)
689280297Sjkim{
690280297Sjkim    return (s->wbio);
691280297Sjkim}
69255714Skris
693160814Ssimonint SSL_get_fd(const SSL *s)
694280297Sjkim{
695280297Sjkim    return (SSL_get_rfd(s));
696280297Sjkim}
69789837Skris
698160814Ssimonint SSL_get_rfd(const SSL *s)
699280297Sjkim{
700280297Sjkim    int ret = -1;
701280297Sjkim    BIO *b, *r;
70255714Skris
703280297Sjkim    b = SSL_get_rbio(s);
704280297Sjkim    r = BIO_find_type(b, BIO_TYPE_DESCRIPTOR);
705280297Sjkim    if (r != NULL)
706280297Sjkim        BIO_get_fd(r, &ret);
707280297Sjkim    return (ret);
708280297Sjkim}
70955714Skris
710160814Ssimonint SSL_get_wfd(const SSL *s)
711280297Sjkim{
712280297Sjkim    int ret = -1;
713280297Sjkim    BIO *b, *r;
71489837Skris
715280297Sjkim    b = SSL_get_wbio(s);
716280297Sjkim    r = BIO_find_type(b, BIO_TYPE_DESCRIPTOR);
717280297Sjkim    if (r != NULL)
718280297Sjkim        BIO_get_fd(r, &ret);
719280297Sjkim    return (ret);
720280297Sjkim}
72189837Skris
722109998Smarkm#ifndef OPENSSL_NO_SOCK
723280297Sjkimint SSL_set_fd(SSL *s, int fd)
724280297Sjkim{
725280297Sjkim    int ret = 0;
726280297Sjkim    BIO *bio = NULL;
72755714Skris
728280297Sjkim    bio = BIO_new(BIO_s_socket());
72955714Skris
730280297Sjkim    if (bio == NULL) {
731280297Sjkim        SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB);
732280297Sjkim        goto err;
733280297Sjkim    }
734280297Sjkim    BIO_set_fd(bio, fd, BIO_NOCLOSE);
735280297Sjkim    SSL_set_bio(s, bio, bio);
736280297Sjkim    ret = 1;
737280297Sjkim err:
738280297Sjkim    return (ret);
739280297Sjkim}
74055714Skris
741280297Sjkimint SSL_set_wfd(SSL *s, int fd)
742280297Sjkim{
743280297Sjkim    int ret = 0;
744280297Sjkim    BIO *bio = NULL;
74555714Skris
746280297Sjkim    if ((s->rbio == NULL) || (BIO_method_type(s->rbio) != BIO_TYPE_SOCKET)
747280297Sjkim        || ((int)BIO_get_fd(s->rbio, NULL) != fd)) {
748280297Sjkim        bio = BIO_new(BIO_s_socket());
74955714Skris
750280297Sjkim        if (bio == NULL) {
751280297Sjkim            SSLerr(SSL_F_SSL_SET_WFD, ERR_R_BUF_LIB);
752280297Sjkim            goto err;
753280297Sjkim        }
754280297Sjkim        BIO_set_fd(bio, fd, BIO_NOCLOSE);
755280297Sjkim        SSL_set_bio(s, SSL_get_rbio(s), bio);
756280297Sjkim    } else
757280297Sjkim        SSL_set_bio(s, SSL_get_rbio(s), SSL_get_rbio(s));
758280297Sjkim    ret = 1;
759280297Sjkim err:
760280297Sjkim    return (ret);
761280297Sjkim}
76255714Skris
763280297Sjkimint SSL_set_rfd(SSL *s, int fd)
764280297Sjkim{
765280297Sjkim    int ret = 0;
766280297Sjkim    BIO *bio = NULL;
76755714Skris
768280297Sjkim    if ((s->wbio == NULL) || (BIO_method_type(s->wbio) != BIO_TYPE_SOCKET)
769280297Sjkim        || ((int)BIO_get_fd(s->wbio, NULL) != fd)) {
770280297Sjkim        bio = BIO_new(BIO_s_socket());
77155714Skris
772280297Sjkim        if (bio == NULL) {
773280297Sjkim            SSLerr(SSL_F_SSL_SET_RFD, ERR_R_BUF_LIB);
774280297Sjkim            goto err;
775280297Sjkim        }
776280297Sjkim        BIO_set_fd(bio, fd, BIO_NOCLOSE);
777280297Sjkim        SSL_set_bio(s, bio, SSL_get_wbio(s));
778280297Sjkim    } else
779280297Sjkim        SSL_set_bio(s, SSL_get_wbio(s), SSL_get_wbio(s));
780280297Sjkim    ret = 1;
781280297Sjkim err:
782280297Sjkim    return (ret);
783280297Sjkim}
78455714Skris#endif
78555714Skris
78659191Skris/* return length of latest Finished message we sent, copy to 'buf' */
787160814Ssimonsize_t SSL_get_finished(const SSL *s, void *buf, size_t count)
788280297Sjkim{
789280297Sjkim    size_t ret = 0;
79059191Skris
791280297Sjkim    if (s->s3 != NULL) {
792280297Sjkim        ret = s->s3->tmp.finish_md_len;
793280297Sjkim        if (count > ret)
794280297Sjkim            count = ret;
795280297Sjkim        memcpy(buf, s->s3->tmp.finish_md, count);
796280297Sjkim    }
797280297Sjkim    return ret;
798280297Sjkim}
799280297Sjkim
80059191Skris/* return length of latest Finished message we expected, copy to 'buf' */
801160814Ssimonsize_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count)
802280297Sjkim{
803280297Sjkim    size_t ret = 0;
80459191Skris
805280297Sjkim    if (s->s3 != NULL) {
806280297Sjkim        ret = s->s3->tmp.peer_finish_md_len;
807280297Sjkim        if (count > ret)
808280297Sjkim            count = ret;
809280297Sjkim        memcpy(buf, s->s3->tmp.peer_finish_md, count);
810280297Sjkim    }
811280297Sjkim    return ret;
812280297Sjkim}
81359191Skris
814160814Ssimonint SSL_get_verify_mode(const SSL *s)
815280297Sjkim{
816280297Sjkim    return (s->verify_mode);
817280297Sjkim}
81855714Skris
819160814Ssimonint SSL_get_verify_depth(const SSL *s)
820280297Sjkim{
821280297Sjkim    return X509_VERIFY_PARAM_get_depth(s->param);
822280297Sjkim}
82355714Skris
824280297Sjkimint (*SSL_get_verify_callback(const SSL *s)) (int, X509_STORE_CTX *) {
825280297Sjkim    return (s->verify_callback);
826280297Sjkim}
82755714Skris
828160814Ssimonint SSL_CTX_get_verify_mode(const SSL_CTX *ctx)
829280297Sjkim{
830280297Sjkim    return (ctx->verify_mode);
831280297Sjkim}
83255714Skris
833160814Ssimonint SSL_CTX_get_verify_depth(const SSL_CTX *ctx)
834280297Sjkim{
835280297Sjkim    return X509_VERIFY_PARAM_get_depth(ctx->param);
836280297Sjkim}
83755714Skris
838280297Sjkimint (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx)) (int, X509_STORE_CTX *) {
839280297Sjkim    return (ctx->default_verify_callback);
840280297Sjkim}
84155714Skris
842280297Sjkimvoid SSL_set_verify(SSL *s, int mode,
843280297Sjkim                    int (*callback) (int ok, X509_STORE_CTX *ctx))
844280297Sjkim{
845280297Sjkim    s->verify_mode = mode;
846280297Sjkim    if (callback != NULL)
847280297Sjkim        s->verify_callback = callback;
848280297Sjkim}
84955714Skris
850280297Sjkimvoid SSL_set_verify_depth(SSL *s, int depth)
851280297Sjkim{
852280297Sjkim    X509_VERIFY_PARAM_set_depth(s->param, depth);
853280297Sjkim}
85455714Skris
855280297Sjkimvoid SSL_set_read_ahead(SSL *s, int yes)
856280297Sjkim{
857280297Sjkim    s->read_ahead = yes;
858280297Sjkim}
85955714Skris
860160814Ssimonint SSL_get_read_ahead(const SSL *s)
861280297Sjkim{
862280297Sjkim    return (s->read_ahead);
863280297Sjkim}
86455714Skris
865160814Ssimonint SSL_pending(const SSL *s)
866280297Sjkim{
867280297Sjkim    /*
868280297Sjkim     * SSL_pending cannot work properly if read-ahead is enabled
869280297Sjkim     * (SSL_[CTX_]ctrl(..., SSL_CTRL_SET_READ_AHEAD, 1, NULL)), and it is
870280297Sjkim     * impossible to fix since SSL_pending cannot report errors that may be
871280297Sjkim     * observed while scanning the new data. (Note that SSL_pending() is
872280297Sjkim     * often used as a boolean value, so we'd better not return -1.)
873280297Sjkim     */
874280297Sjkim    return (s->method->ssl_pending(s));
875280297Sjkim}
87655714Skris
877160814SsimonX509 *SSL_get_peer_certificate(const SSL *s)
878280297Sjkim{
879280297Sjkim    X509 *r;
88055714Skris
881280297Sjkim    if ((s == NULL) || (s->session == NULL))
882280297Sjkim        r = NULL;
883280297Sjkim    else
884280297Sjkim        r = s->session->peer;
88555714Skris
886280297Sjkim    if (r == NULL)
887280297Sjkim        return (r);
88855714Skris
889280297Sjkim    CRYPTO_add(&r->references, 1, CRYPTO_LOCK_X509);
89055714Skris
891280297Sjkim    return (r);
892280297Sjkim}
893280297Sjkim
894160814SsimonSTACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *s)
895280297Sjkim{
896280297Sjkim    STACK_OF(X509) *r;
89755714Skris
898280297Sjkim    if ((s == NULL) || (s->session == NULL)
899280297Sjkim        || (s->session->sess_cert == NULL))
900280297Sjkim        r = NULL;
901280297Sjkim    else
902280297Sjkim        r = s->session->sess_cert->cert_chain;
90355714Skris
904280297Sjkim    /*
905280297Sjkim     * If we are a client, cert_chain includes the peer's own certificate; if
906280297Sjkim     * we are a server, it does not.
907280297Sjkim     */
90855714Skris
909280297Sjkim    return (r);
910280297Sjkim}
91155714Skris
912280297Sjkim/*
913280297Sjkim * Now in theory, since the calling process own 't' it should be safe to
914280297Sjkim * modify.  We need to be able to read f without being hassled
915280297Sjkim */
916280297Sjkimvoid SSL_copy_session_id(SSL *t, const SSL *f)
917280297Sjkim{
918280297Sjkim    CERT *tmp;
91955714Skris
920280297Sjkim    /* Do we need to to SSL locking? */
921280297Sjkim    SSL_set_session(t, SSL_get_session(f));
92255714Skris
923280297Sjkim    /*
924280297Sjkim     * what if we are setup as SSLv2 but want to talk SSLv3 or vice-versa
925280297Sjkim     */
926280297Sjkim    if (t->method != f->method) {
927280297Sjkim        t->method->ssl_free(t); /* cleanup current */
928280297Sjkim        t->method = f->method;  /* change method */
929280297Sjkim        t->method->ssl_new(t);  /* setup new */
930280297Sjkim    }
931280297Sjkim
932280297Sjkim    tmp = t->cert;
933280297Sjkim    if (f->cert != NULL) {
934280297Sjkim        CRYPTO_add(&f->cert->references, 1, CRYPTO_LOCK_SSL_CERT);
935280297Sjkim        t->cert = f->cert;
936280297Sjkim    } else
937280297Sjkim        t->cert = NULL;
938280297Sjkim    if (tmp != NULL)
939280297Sjkim        ssl_cert_free(tmp);
940280297Sjkim    SSL_set_session_id_context(t, f->sid_ctx, f->sid_ctx_length);
941280297Sjkim}
942280297Sjkim
94355714Skris/* Fix this so it checks all the valid key/cert options */
944160814Ssimonint SSL_CTX_check_private_key(const SSL_CTX *ctx)
945280297Sjkim{
946280297Sjkim    if ((ctx == NULL) ||
947280297Sjkim        (ctx->cert == NULL) || (ctx->cert->key->x509 == NULL)) {
948280297Sjkim        SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,
949280297Sjkim               SSL_R_NO_CERTIFICATE_ASSIGNED);
950280297Sjkim        return (0);
951280297Sjkim    }
952280297Sjkim    if (ctx->cert->key->privatekey == NULL) {
953280297Sjkim        SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,
954280297Sjkim               SSL_R_NO_PRIVATE_KEY_ASSIGNED);
955280297Sjkim        return (0);
956280297Sjkim    }
957280297Sjkim    return (X509_check_private_key
958280297Sjkim            (ctx->cert->key->x509, ctx->cert->key->privatekey));
959280297Sjkim}
96055714Skris
96155714Skris/* Fix this function so that it takes an optional type parameter */
962160814Ssimonint SSL_check_private_key(const SSL *ssl)
963280297Sjkim{
964280297Sjkim    if (ssl == NULL) {
965280297Sjkim        SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY, ERR_R_PASSED_NULL_PARAMETER);
966280297Sjkim        return (0);
967280297Sjkim    }
968280297Sjkim    if (ssl->cert == NULL) {
969280297Sjkim        SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY, SSL_R_NO_CERTIFICATE_ASSIGNED);
970280297Sjkim        return 0;
971280297Sjkim    }
972280297Sjkim    if (ssl->cert->key->x509 == NULL) {
973280297Sjkim        SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY, SSL_R_NO_CERTIFICATE_ASSIGNED);
974280297Sjkim        return (0);
975280297Sjkim    }
976280297Sjkim    if (ssl->cert->key->privatekey == NULL) {
977280297Sjkim        SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY, SSL_R_NO_PRIVATE_KEY_ASSIGNED);
978280297Sjkim        return (0);
979280297Sjkim    }
980280297Sjkim    return (X509_check_private_key(ssl->cert->key->x509,
981280297Sjkim                                   ssl->cert->key->privatekey));
982280297Sjkim}
98355714Skris
98455714Skrisint SSL_accept(SSL *s)
985280297Sjkim{
986280297Sjkim    if (s->handshake_func == 0)
987280297Sjkim        /* Not properly initialized yet */
988280297Sjkim        SSL_set_accept_state(s);
98955714Skris
990280297Sjkim    return (s->method->ssl_accept(s));
991280297Sjkim}
99255714Skris
99355714Skrisint SSL_connect(SSL *s)
994280297Sjkim{
995280297Sjkim    if (s->handshake_func == 0)
996280297Sjkim        /* Not properly initialized yet */
997280297Sjkim        SSL_set_connect_state(s);
99855714Skris
999280297Sjkim    return (s->method->ssl_connect(s));
1000280297Sjkim}
100155714Skris
1002160814Ssimonlong SSL_get_default_timeout(const SSL *s)
1003280297Sjkim{
1004280297Sjkim    return (s->method->get_timeout());
1005280297Sjkim}
100655714Skris
1007280297Sjkimint SSL_read(SSL *s, void *buf, int num)
1008280297Sjkim{
1009280297Sjkim    if (s->handshake_func == 0) {
1010280297Sjkim        SSLerr(SSL_F_SSL_READ, SSL_R_UNINITIALIZED);
1011280297Sjkim        return -1;
1012280297Sjkim    }
101355714Skris
1014280297Sjkim    if (s->shutdown & SSL_RECEIVED_SHUTDOWN) {
1015280297Sjkim        s->rwstate = SSL_NOTHING;
1016280297Sjkim        return (0);
1017280297Sjkim    }
1018280297Sjkim    return (s->method->ssl_read(s, buf, num));
1019280297Sjkim}
102055714Skris
1021280297Sjkimint SSL_peek(SSL *s, void *buf, int num)
1022280297Sjkim{
1023280297Sjkim    if (s->handshake_func == 0) {
1024280297Sjkim        SSLerr(SSL_F_SSL_PEEK, SSL_R_UNINITIALIZED);
1025280297Sjkim        return -1;
1026280297Sjkim    }
102776866Skris
1028280297Sjkim    if (s->shutdown & SSL_RECEIVED_SHUTDOWN) {
1029280297Sjkim        return (0);
1030280297Sjkim    }
1031280297Sjkim    return (s->method->ssl_peek(s, buf, num));
1032280297Sjkim}
103355714Skris
1034280297Sjkimint SSL_write(SSL *s, const void *buf, int num)
1035280297Sjkim{
1036280297Sjkim    if (s->handshake_func == 0) {
1037280297Sjkim        SSLerr(SSL_F_SSL_WRITE, SSL_R_UNINITIALIZED);
1038280297Sjkim        return -1;
1039280297Sjkim    }
104055714Skris
1041280297Sjkim    if (s->shutdown & SSL_SENT_SHUTDOWN) {
1042280297Sjkim        s->rwstate = SSL_NOTHING;
1043280297Sjkim        SSLerr(SSL_F_SSL_WRITE, SSL_R_PROTOCOL_IS_SHUTDOWN);
1044280297Sjkim        return (-1);
1045280297Sjkim    }
1046280297Sjkim    return (s->method->ssl_write(s, buf, num));
1047280297Sjkim}
104855714Skris
104955714Skrisint SSL_shutdown(SSL *s)
1050280297Sjkim{
1051280297Sjkim    /*
1052280297Sjkim     * Note that this function behaves differently from what one might
1053280297Sjkim     * expect.  Return values are 0 for no success (yet), 1 for success; but
1054280297Sjkim     * calling it once is usually not enough, even if blocking I/O is used
1055280297Sjkim     * (see ssl3_shutdown).
1056280297Sjkim     */
105755714Skris
1058280297Sjkim    if (s->handshake_func == 0) {
1059280297Sjkim        SSLerr(SSL_F_SSL_SHUTDOWN, SSL_R_UNINITIALIZED);
1060280297Sjkim        return -1;
1061280297Sjkim    }
106255714Skris
1063296279Sjkim    if (!SSL_in_init(s)) {
1064296279Sjkim        return s->method->ssl_shutdown(s);
1065296279Sjkim    } else {
1066296279Sjkim        SSLerr(SSL_F_SSL_SHUTDOWN, SSL_R_SHUTDOWN_WHILE_IN_INIT);
1067296279Sjkim        return -1;
1068296279Sjkim    }
1069280297Sjkim}
107055714Skris
107155714Skrisint SSL_renegotiate(SSL *s)
1072280297Sjkim{
1073280297Sjkim    if (s->renegotiate == 0)
1074280297Sjkim        s->renegotiate = 1;
1075238405Sjkim
1076280297Sjkim    s->new_session = 1;
1077238405Sjkim
1078280297Sjkim    return (s->method->ssl_renegotiate(s));
1079280297Sjkim}
108055714Skris
1081238405Sjkimint SSL_renegotiate_abbreviated(SSL *s)
1082280297Sjkim{
1083280297Sjkim    if (s->renegotiate == 0)
1084280297Sjkim        s->renegotiate = 1;
1085238405Sjkim
1086280297Sjkim    s->new_session = 0;
1087238405Sjkim
1088280297Sjkim    return (s->method->ssl_renegotiate(s));
1089280297Sjkim}
1090238405Sjkim
1091109998Smarkmint SSL_renegotiate_pending(SSL *s)
1092280297Sjkim{
1093280297Sjkim    /*
1094280297Sjkim     * becomes true when negotiation is requested; false again once a
1095280297Sjkim     * handshake has finished
1096280297Sjkim     */
1097280297Sjkim    return (s->renegotiate != 0);
1098280297Sjkim}
1099109998Smarkm
1100280297Sjkimlong SSL_ctrl(SSL *s, int cmd, long larg, void *parg)
1101280297Sjkim{
1102280297Sjkim    long l;
110355714Skris
1104280297Sjkim    switch (cmd) {
1105280297Sjkim    case SSL_CTRL_GET_READ_AHEAD:
1106280297Sjkim        return (s->read_ahead);
1107280297Sjkim    case SSL_CTRL_SET_READ_AHEAD:
1108280297Sjkim        l = s->read_ahead;
1109280297Sjkim        s->read_ahead = larg;
1110280297Sjkim        return (l);
1111109998Smarkm
1112280297Sjkim    case SSL_CTRL_SET_MSG_CALLBACK_ARG:
1113280297Sjkim        s->msg_callback_arg = parg;
1114280297Sjkim        return 1;
1115109998Smarkm
1116280297Sjkim    case SSL_CTRL_OPTIONS:
1117280297Sjkim        return (s->options |= larg);
1118280297Sjkim    case SSL_CTRL_CLEAR_OPTIONS:
1119280297Sjkim        return (s->options &= ~larg);
1120280297Sjkim    case SSL_CTRL_MODE:
1121280297Sjkim        return (s->mode |= larg);
1122280297Sjkim    case SSL_CTRL_CLEAR_MODE:
1123280297Sjkim        return (s->mode &= ~larg);
1124280297Sjkim    case SSL_CTRL_GET_MAX_CERT_LIST:
1125280297Sjkim        return (s->max_cert_list);
1126280297Sjkim    case SSL_CTRL_SET_MAX_CERT_LIST:
1127280297Sjkim        l = s->max_cert_list;
1128280297Sjkim        s->max_cert_list = larg;
1129280297Sjkim        return (l);
1130280297Sjkim    case SSL_CTRL_SET_MAX_SEND_FRAGMENT:
1131280297Sjkim        if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH)
1132280297Sjkim            return 0;
1133280297Sjkim        s->max_send_fragment = larg;
1134280297Sjkim        return 1;
1135280297Sjkim    case SSL_CTRL_GET_RI_SUPPORT:
1136280297Sjkim        if (s->s3)
1137280297Sjkim            return s->s3->send_connection_binding;
1138280297Sjkim        else
1139280297Sjkim            return 0;
1140290207Sjkim    case SSL_CTRL_CERT_FLAGS:
1141290207Sjkim        return (s->cert->cert_flags |= larg);
1142290207Sjkim    case SSL_CTRL_CLEAR_CERT_FLAGS:
1143290207Sjkim        return (s->cert->cert_flags &= ~larg);
1144290207Sjkim
1145290207Sjkim    case SSL_CTRL_GET_RAW_CIPHERLIST:
1146290207Sjkim        if (parg) {
1147290207Sjkim            if (s->cert->ciphers_raw == NULL)
1148290207Sjkim                return 0;
1149290207Sjkim            *(unsigned char **)parg = s->cert->ciphers_raw;
1150290207Sjkim            return (int)s->cert->ciphers_rawlen;
1151290207Sjkim        } else
1152290207Sjkim            return ssl_put_cipher_by_char(s, NULL, NULL);
1153280297Sjkim    default:
1154280297Sjkim        return (s->method->ssl_ctrl(s, cmd, larg, parg));
1155280297Sjkim    }
1156280297Sjkim}
115755714Skris
1158280297Sjkimlong SSL_callback_ctrl(SSL *s, int cmd, void (*fp) (void))
1159280297Sjkim{
1160280297Sjkim    switch (cmd) {
1161280297Sjkim    case SSL_CTRL_SET_MSG_CALLBACK:
1162280297Sjkim        s->msg_callback = (void (*)
1163280297Sjkim                           (int write_p, int version, int content_type,
1164280297Sjkim                            const void *buf, size_t len, SSL *ssl,
1165280297Sjkim                            void *arg))(fp);
1166280297Sjkim        return 1;
116759191Skris
1168280297Sjkim    default:
1169280297Sjkim        return (s->method->ssl_callback_ctrl(s, cmd, fp));
1170280297Sjkim    }
1171280297Sjkim}
1172280297Sjkim
1173238405SjkimLHASH_OF(SSL_SESSION) *SSL_CTX_sessions(SSL_CTX *ctx)
1174280297Sjkim{
1175280297Sjkim    return ctx->sessions;
1176280297Sjkim}
117759191Skris
1178280297Sjkimlong SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
1179280297Sjkim{
1180280297Sjkim    long l;
1181290207Sjkim    /* For some cases with ctx == NULL perform syntax checks */
1182290207Sjkim    if (ctx == NULL) {
1183290207Sjkim        switch (cmd) {
1184290207Sjkim#ifndef OPENSSL_NO_EC
1185290207Sjkim        case SSL_CTRL_SET_CURVES_LIST:
1186290207Sjkim            return tls1_set_curves_list(NULL, NULL, parg);
1187290207Sjkim#endif
1188290207Sjkim        case SSL_CTRL_SET_SIGALGS_LIST:
1189290207Sjkim        case SSL_CTRL_SET_CLIENT_SIGALGS_LIST:
1190290207Sjkim            return tls1_set_sigalgs_list(NULL, parg, 0);
1191290207Sjkim        default:
1192290207Sjkim            return 0;
1193290207Sjkim        }
1194290207Sjkim    }
119555714Skris
1196280297Sjkim    switch (cmd) {
1197280297Sjkim    case SSL_CTRL_GET_READ_AHEAD:
1198280297Sjkim        return (ctx->read_ahead);
1199280297Sjkim    case SSL_CTRL_SET_READ_AHEAD:
1200280297Sjkim        l = ctx->read_ahead;
1201280297Sjkim        ctx->read_ahead = larg;
1202280297Sjkim        return (l);
120355714Skris
1204280297Sjkim    case SSL_CTRL_SET_MSG_CALLBACK_ARG:
1205280297Sjkim        ctx->msg_callback_arg = parg;
1206280297Sjkim        return 1;
1207109998Smarkm
1208280297Sjkim    case SSL_CTRL_GET_MAX_CERT_LIST:
1209280297Sjkim        return (ctx->max_cert_list);
1210280297Sjkim    case SSL_CTRL_SET_MAX_CERT_LIST:
1211280297Sjkim        l = ctx->max_cert_list;
1212280297Sjkim        ctx->max_cert_list = larg;
1213280297Sjkim        return (l);
121455714Skris
1215280297Sjkim    case SSL_CTRL_SET_SESS_CACHE_SIZE:
1216280297Sjkim        l = ctx->session_cache_size;
1217280297Sjkim        ctx->session_cache_size = larg;
1218280297Sjkim        return (l);
1219280297Sjkim    case SSL_CTRL_GET_SESS_CACHE_SIZE:
1220280297Sjkim        return (ctx->session_cache_size);
1221280297Sjkim    case SSL_CTRL_SET_SESS_CACHE_MODE:
1222280297Sjkim        l = ctx->session_cache_mode;
1223280297Sjkim        ctx->session_cache_mode = larg;
1224280297Sjkim        return (l);
1225280297Sjkim    case SSL_CTRL_GET_SESS_CACHE_MODE:
1226280297Sjkim        return (ctx->session_cache_mode);
122755714Skris
1228280297Sjkim    case SSL_CTRL_SESS_NUMBER:
1229280297Sjkim        return (lh_SSL_SESSION_num_items(ctx->sessions));
1230280297Sjkim    case SSL_CTRL_SESS_CONNECT:
1231280297Sjkim        return (ctx->stats.sess_connect);
1232280297Sjkim    case SSL_CTRL_SESS_CONNECT_GOOD:
1233280297Sjkim        return (ctx->stats.sess_connect_good);
1234280297Sjkim    case SSL_CTRL_SESS_CONNECT_RENEGOTIATE:
1235280297Sjkim        return (ctx->stats.sess_connect_renegotiate);
1236280297Sjkim    case SSL_CTRL_SESS_ACCEPT:
1237280297Sjkim        return (ctx->stats.sess_accept);
1238280297Sjkim    case SSL_CTRL_SESS_ACCEPT_GOOD:
1239280297Sjkim        return (ctx->stats.sess_accept_good);
1240280297Sjkim    case SSL_CTRL_SESS_ACCEPT_RENEGOTIATE:
1241280297Sjkim        return (ctx->stats.sess_accept_renegotiate);
1242280297Sjkim    case SSL_CTRL_SESS_HIT:
1243280297Sjkim        return (ctx->stats.sess_hit);
1244280297Sjkim    case SSL_CTRL_SESS_CB_HIT:
1245280297Sjkim        return (ctx->stats.sess_cb_hit);
1246280297Sjkim    case SSL_CTRL_SESS_MISSES:
1247280297Sjkim        return (ctx->stats.sess_miss);
1248280297Sjkim    case SSL_CTRL_SESS_TIMEOUTS:
1249280297Sjkim        return (ctx->stats.sess_timeout);
1250280297Sjkim    case SSL_CTRL_SESS_CACHE_FULL:
1251280297Sjkim        return (ctx->stats.sess_cache_full);
1252280297Sjkim    case SSL_CTRL_OPTIONS:
1253280297Sjkim        return (ctx->options |= larg);
1254280297Sjkim    case SSL_CTRL_CLEAR_OPTIONS:
1255280297Sjkim        return (ctx->options &= ~larg);
1256280297Sjkim    case SSL_CTRL_MODE:
1257280297Sjkim        return (ctx->mode |= larg);
1258280297Sjkim    case SSL_CTRL_CLEAR_MODE:
1259280297Sjkim        return (ctx->mode &= ~larg);
1260280297Sjkim    case SSL_CTRL_SET_MAX_SEND_FRAGMENT:
1261280297Sjkim        if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH)
1262280297Sjkim            return 0;
1263280297Sjkim        ctx->max_send_fragment = larg;
1264280297Sjkim        return 1;
1265290207Sjkim    case SSL_CTRL_CERT_FLAGS:
1266290207Sjkim        return (ctx->cert->cert_flags |= larg);
1267290207Sjkim    case SSL_CTRL_CLEAR_CERT_FLAGS:
1268290207Sjkim        return (ctx->cert->cert_flags &= ~larg);
1269280297Sjkim    default:
1270280297Sjkim        return (ctx->method->ssl_ctx_ctrl(ctx, cmd, larg, parg));
1271280297Sjkim    }
1272280297Sjkim}
1273109998Smarkm
1274280297Sjkimlong SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void))
1275280297Sjkim{
1276280297Sjkim    switch (cmd) {
1277280297Sjkim    case SSL_CTRL_SET_MSG_CALLBACK:
1278280297Sjkim        ctx->msg_callback = (void (*)
1279280297Sjkim                             (int write_p, int version, int content_type,
1280280297Sjkim                              const void *buf, size_t len, SSL *ssl,
1281280297Sjkim                              void *arg))(fp);
1282280297Sjkim        return 1;
128359191Skris
1284280297Sjkim    default:
1285280297Sjkim        return (ctx->method->ssl_ctx_callback_ctrl(ctx, cmd, fp));
1286280297Sjkim    }
1287280297Sjkim}
1288280297Sjkim
128968651Skrisint ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b)
1290280297Sjkim{
1291280297Sjkim    long l;
129255714Skris
1293280297Sjkim    l = a->id - b->id;
1294280297Sjkim    if (l == 0L)
1295280297Sjkim        return (0);
1296280297Sjkim    else
1297280297Sjkim        return ((l > 0) ? 1 : -1);
1298280297Sjkim}
129955714Skris
1300280297Sjkimint ssl_cipher_ptr_id_cmp(const SSL_CIPHER *const *ap,
1301280297Sjkim                          const SSL_CIPHER *const *bp)
1302280297Sjkim{
1303280297Sjkim    long l;
130455714Skris
1305280297Sjkim    l = (*ap)->id - (*bp)->id;
1306280297Sjkim    if (l == 0L)
1307280297Sjkim        return (0);
1308280297Sjkim    else
1309280297Sjkim        return ((l > 0) ? 1 : -1);
1310280297Sjkim}
131155714Skris
131255714Skris/** return a STACK of the ciphers available for the SSL and in order of
131355714Skris * preference */
1314160814SsimonSTACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s)
1315280297Sjkim{
1316280297Sjkim    if (s != NULL) {
1317280297Sjkim        if (s->cipher_list != NULL) {
1318280297Sjkim            return (s->cipher_list);
1319280297Sjkim        } else if ((s->ctx != NULL) && (s->ctx->cipher_list != NULL)) {
1320280297Sjkim            return (s->ctx->cipher_list);
1321280297Sjkim        }
1322280297Sjkim    }
1323280297Sjkim    return (NULL);
1324280297Sjkim}
132555714Skris
132655714Skris/** return a STACK of the ciphers available for the SSL and in order of
132755714Skris * algorithm id */
132855714SkrisSTACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s)
1329280297Sjkim{
1330280297Sjkim    if (s != NULL) {
1331280297Sjkim        if (s->cipher_list_by_id != NULL) {
1332280297Sjkim            return (s->cipher_list_by_id);
1333280297Sjkim        } else if ((s->ctx != NULL) && (s->ctx->cipher_list_by_id != NULL)) {
1334280297Sjkim            return (s->ctx->cipher_list_by_id);
1335280297Sjkim        }
1336280297Sjkim    }
1337280297Sjkim    return (NULL);
1338280297Sjkim}
133955714Skris
134055714Skris/** The old interface to get the same thing as SSL_get_ciphers() */
1341280297Sjkimconst char *SSL_get_cipher_list(const SSL *s, int n)
1342280297Sjkim{
1343280297Sjkim    SSL_CIPHER *c;
1344280297Sjkim    STACK_OF(SSL_CIPHER) *sk;
134555714Skris
1346280297Sjkim    if (s == NULL)
1347280297Sjkim        return (NULL);
1348280297Sjkim    sk = SSL_get_ciphers(s);
1349280297Sjkim    if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= n))
1350280297Sjkim        return (NULL);
1351280297Sjkim    c = sk_SSL_CIPHER_value(sk, n);
1352280297Sjkim    if (c == NULL)
1353280297Sjkim        return (NULL);
1354280297Sjkim    return (c->name);
1355280297Sjkim}
135655714Skris
135759191Skris/** specify the ciphers to be used by default by the SSL_CTX */
135859191Skrisint SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str)
1359280297Sjkim{
1360280297Sjkim    STACK_OF(SSL_CIPHER) *sk;
136155714Skris
1362280297Sjkim    sk = ssl_create_cipher_list(ctx->method, &ctx->cipher_list,
1363290207Sjkim                                &ctx->cipher_list_by_id, str, ctx->cert);
1364280297Sjkim    /*
1365280297Sjkim     * ssl_create_cipher_list may return an empty stack if it was unable to
1366280297Sjkim     * find a cipher matching the given rule string (for example if the rule
1367280297Sjkim     * string specifies a cipher which has been disabled). This is not an
1368280297Sjkim     * error as far as ssl_create_cipher_list is concerned, and hence
1369280297Sjkim     * ctx->cipher_list and ctx->cipher_list_by_id has been updated.
1370280297Sjkim     */
1371280297Sjkim    if (sk == NULL)
1372280297Sjkim        return 0;
1373280297Sjkim    else if (sk_SSL_CIPHER_num(sk) == 0) {
1374280297Sjkim        SSLerr(SSL_F_SSL_CTX_SET_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH);
1375280297Sjkim        return 0;
1376280297Sjkim    }
1377280297Sjkim    return 1;
1378280297Sjkim}
1379280297Sjkim
138055714Skris/** specify the ciphers to be used by the SSL */
1381280297Sjkimint SSL_set_cipher_list(SSL *s, const char *str)
1382280297Sjkim{
1383280297Sjkim    STACK_OF(SSL_CIPHER) *sk;
138455714Skris
1385280297Sjkim    sk = ssl_create_cipher_list(s->ctx->method, &s->cipher_list,
1386290207Sjkim                                &s->cipher_list_by_id, str, s->cert);
1387280297Sjkim    /* see comment in SSL_CTX_set_cipher_list */
1388280297Sjkim    if (sk == NULL)
1389280297Sjkim        return 0;
1390280297Sjkim    else if (sk_SSL_CIPHER_num(sk) == 0) {
1391280297Sjkim        SSLerr(SSL_F_SSL_SET_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH);
1392280297Sjkim        return 0;
1393280297Sjkim    }
1394280297Sjkim    return 1;
1395280297Sjkim}
1396280297Sjkim
139755714Skris/* works well for SSLv2, not so good for SSLv3 */
1398280297Sjkimchar *SSL_get_shared_ciphers(const SSL *s, char *buf, int len)
1399280297Sjkim{
1400280297Sjkim    char *p;
1401280297Sjkim    STACK_OF(SSL_CIPHER) *sk;
1402280297Sjkim    SSL_CIPHER *c;
1403280297Sjkim    int i;
140455714Skris
1405280297Sjkim    if ((s->session == NULL) || (s->session->ciphers == NULL) || (len < 2))
1406280297Sjkim        return (NULL);
140755714Skris
1408280297Sjkim    p = buf;
1409280297Sjkim    sk = s->session->ciphers;
1410267256Sjkim
1411280297Sjkim    if (sk_SSL_CIPHER_num(sk) == 0)
1412280297Sjkim        return NULL;
1413267256Sjkim
1414280297Sjkim    for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
1415280297Sjkim        int n;
1416172429Ssimon
1417280297Sjkim        c = sk_SSL_CIPHER_value(sk, i);
1418280297Sjkim        n = strlen(c->name);
1419280297Sjkim        if (n + 1 > len) {
1420280297Sjkim            if (p != buf)
1421280297Sjkim                --p;
1422280297Sjkim            *p = '\0';
1423280297Sjkim            return buf;
1424280297Sjkim        }
1425280297Sjkim        strcpy(p, c->name);
1426280297Sjkim        p += n;
1427280297Sjkim        *(p++) = ':';
1428280297Sjkim        len -= n + 1;
1429280297Sjkim    }
1430280297Sjkim    p[-1] = '\0';
1431280297Sjkim    return (buf);
1432280297Sjkim}
143355714Skris
1434280297Sjkimint ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk,
1435280297Sjkim                             unsigned char *p,
1436280297Sjkim                             int (*put_cb) (const SSL_CIPHER *,
1437280297Sjkim                                            unsigned char *))
1438280297Sjkim{
1439280297Sjkim    int i, j = 0;
1440280297Sjkim    SSL_CIPHER *c;
1441290207Sjkim    CERT *ct = s->cert;
1442280297Sjkim    unsigned char *q;
1443290207Sjkim    int empty_reneg_info_scsv = !s->renegotiate;
1444290207Sjkim    /* Set disabled masks for this session */
1445290207Sjkim    ssl_set_client_disabled(s);
144655714Skris
1447280297Sjkim    if (sk == NULL)
1448280297Sjkim        return (0);
1449280297Sjkim    q = p;
1450280297Sjkim    if (put_cb == NULL)
1451280297Sjkim        put_cb = s->method->put_cipher_by_char;
145255714Skris
1453280297Sjkim    for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
1454280297Sjkim        c = sk_SSL_CIPHER_value(sk, i);
1455290207Sjkim        /* Skip disabled ciphers */
1456290207Sjkim        if (c->algorithm_ssl & ct->mask_ssl ||
1457290207Sjkim            c->algorithm_mkey & ct->mask_k || c->algorithm_auth & ct->mask_a)
1458280297Sjkim            continue;
1459290207Sjkim#ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL
1460290207Sjkim        if (c->id == SSL3_CK_SCSV) {
1461290207Sjkim            if (!empty_reneg_info_scsv)
1462290207Sjkim                continue;
1463290207Sjkim            else
1464290207Sjkim                empty_reneg_info_scsv = 0;
1465290207Sjkim        }
1466290207Sjkim#endif
1467280297Sjkim        j = put_cb(c, p);
1468280297Sjkim        p += j;
1469280297Sjkim    }
1470280297Sjkim    /*
1471280297Sjkim     * If p == q, no ciphers; caller indicates an error. Otherwise, add
1472280297Sjkim     * applicable SCSVs.
1473280297Sjkim     */
1474280297Sjkim    if (p != q) {
1475290207Sjkim        if (empty_reneg_info_scsv) {
1476280297Sjkim            static SSL_CIPHER scsv = {
1477280297Sjkim                0, NULL, SSL3_CK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0
1478280297Sjkim            };
1479280297Sjkim            j = put_cb(&scsv, p);
1480280297Sjkim            p += j;
1481205128Ssimon#ifdef OPENSSL_RI_DEBUG
1482280297Sjkim            fprintf(stderr,
1483280297Sjkim                    "TLS_EMPTY_RENEGOTIATION_INFO_SCSV sent by client\n");
1484205128Ssimon#endif
1485280297Sjkim        }
1486280297Sjkim        if (s->mode & SSL_MODE_SEND_FALLBACK_SCSV) {
1487280297Sjkim            static SSL_CIPHER scsv = {
1488280297Sjkim                0, NULL, SSL3_CK_FALLBACK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0
1489280297Sjkim            };
1490280297Sjkim            j = put_cb(&scsv, p);
1491280297Sjkim            p += j;
1492280297Sjkim        }
1493280297Sjkim    }
1494273144Sjkim
1495280297Sjkim    return (p - q);
1496280297Sjkim}
149755714Skris
1498280297SjkimSTACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, unsigned char *p,
1499280297Sjkim                                               int num,
1500280297Sjkim                                               STACK_OF(SSL_CIPHER) **skp)
1501280297Sjkim{
1502280297Sjkim    const SSL_CIPHER *c;
1503280297Sjkim    STACK_OF(SSL_CIPHER) *sk;
1504280297Sjkim    int i, n;
1505273144Sjkim
1506280297Sjkim    if (s->s3)
1507280297Sjkim        s->s3->send_connection_binding = 0;
150855714Skris
1509280297Sjkim    n = ssl_put_cipher_by_char(s, NULL, NULL);
1510280297Sjkim    if (n == 0 || (num % n) != 0) {
1511280297Sjkim        SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
1512280297Sjkim               SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
1513280297Sjkim        return (NULL);
1514280297Sjkim    }
1515284283Sjkim    if ((skp == NULL) || (*skp == NULL)) {
1516280297Sjkim        sk = sk_SSL_CIPHER_new_null(); /* change perhaps later */
1517284283Sjkim        if(sk == NULL) {
1518284283Sjkim            SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
1519284283Sjkim            return NULL;
1520284283Sjkim        }
1521284283Sjkim    } else {
1522280297Sjkim        sk = *skp;
1523280297Sjkim        sk_SSL_CIPHER_zero(sk);
1524280297Sjkim    }
152555714Skris
1526290207Sjkim    if (s->cert->ciphers_raw)
1527290207Sjkim        OPENSSL_free(s->cert->ciphers_raw);
1528290207Sjkim    s->cert->ciphers_raw = BUF_memdup(p, num);
1529290207Sjkim    if (s->cert->ciphers_raw == NULL) {
1530290207Sjkim        SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
1531290207Sjkim        goto err;
1532290207Sjkim    }
1533290207Sjkim    s->cert->ciphers_rawlen = (size_t)num;
1534290207Sjkim
1535280297Sjkim    for (i = 0; i < num; i += n) {
1536280297Sjkim        /* Check for TLS_EMPTY_RENEGOTIATION_INFO_SCSV */
1537280297Sjkim        if (s->s3 && (n != 3 || !p[0]) &&
1538280297Sjkim            (p[n - 2] == ((SSL3_CK_SCSV >> 8) & 0xff)) &&
1539280297Sjkim            (p[n - 1] == (SSL3_CK_SCSV & 0xff))) {
1540280297Sjkim            /* SCSV fatal if renegotiating */
1541280297Sjkim            if (s->renegotiate) {
1542280297Sjkim                SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
1543280297Sjkim                       SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING);
1544280297Sjkim                ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
1545280297Sjkim                goto err;
1546280297Sjkim            }
1547280297Sjkim            s->s3->send_connection_binding = 1;
1548280297Sjkim            p += n;
1549205128Ssimon#ifdef OPENSSL_RI_DEBUG
1550280297Sjkim            fprintf(stderr, "SCSV received by server\n");
1551205128Ssimon#endif
1552280297Sjkim            continue;
1553280297Sjkim        }
1554205128Ssimon
1555280297Sjkim        /* Check for TLS_FALLBACK_SCSV */
1556280297Sjkim        if ((n != 3 || !p[0]) &&
1557280297Sjkim            (p[n - 2] == ((SSL3_CK_FALLBACK_SCSV >> 8) & 0xff)) &&
1558280297Sjkim            (p[n - 1] == (SSL3_CK_FALLBACK_SCSV & 0xff))) {
1559280297Sjkim            /*
1560280297Sjkim             * The SCSV indicates that the client previously tried a higher
1561280297Sjkim             * version. Fail if the current version is an unexpected
1562280297Sjkim             * downgrade.
1563280297Sjkim             */
1564280297Sjkim            if (!SSL_ctrl(s, SSL_CTRL_CHECK_PROTO_VERSION, 0, NULL)) {
1565280297Sjkim                SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
1566280297Sjkim                       SSL_R_INAPPROPRIATE_FALLBACK);
1567280297Sjkim                if (s->s3)
1568280297Sjkim                    ssl3_send_alert(s, SSL3_AL_FATAL,
1569280297Sjkim                                    SSL_AD_INAPPROPRIATE_FALLBACK);
1570280297Sjkim                goto err;
1571280297Sjkim            }
1572280297Sjkim            p += n;
1573280297Sjkim            continue;
1574280297Sjkim        }
1575273144Sjkim
1576280297Sjkim        c = ssl_get_cipher_by_char(s, p);
1577280297Sjkim        p += n;
1578280297Sjkim        if (c != NULL) {
1579280297Sjkim            if (!sk_SSL_CIPHER_push(sk, c)) {
1580280297Sjkim                SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
1581280297Sjkim                goto err;
1582280297Sjkim            }
1583280297Sjkim        }
1584280297Sjkim    }
158555714Skris
1586280297Sjkim    if (skp != NULL)
1587280297Sjkim        *skp = sk;
1588280297Sjkim    return (sk);
1589280297Sjkim err:
1590280297Sjkim    if ((skp == NULL) || (*skp == NULL))
1591280297Sjkim        sk_SSL_CIPHER_free(sk);
1592280297Sjkim    return (NULL);
1593280297Sjkim}
159455714Skris
1595194206Ssimon#ifndef OPENSSL_NO_TLSEXT
1596194206Ssimon/** return a servername extension value if provided in Client Hello, or NULL.
1597194206Ssimon * So far, only host_name types are defined (RFC 3546).
1598194206Ssimon */
1599194206Ssimon
1600194206Ssimonconst char *SSL_get_servername(const SSL *s, const int type)
1601280297Sjkim{
1602280297Sjkim    if (type != TLSEXT_NAMETYPE_host_name)
1603280297Sjkim        return NULL;
1604194206Ssimon
1605280297Sjkim    return s->session && !s->tlsext_hostname ?
1606280297Sjkim        s->session->tlsext_hostname : s->tlsext_hostname;
1607280297Sjkim}
1608194206Ssimon
1609194206Ssimonint SSL_get_servername_type(const SSL *s)
1610280297Sjkim{
1611280297Sjkim    if (s->session
1612280297Sjkim        && (!s->tlsext_hostname ? s->session->
1613280297Sjkim            tlsext_hostname : s->tlsext_hostname))
1614280297Sjkim        return TLSEXT_NAMETYPE_host_name;
1615280297Sjkim    return -1;
1616280297Sjkim}
1617238405Sjkim
1618280297Sjkim/*
1619280297Sjkim * SSL_select_next_proto implements the standard protocol selection. It is
1620238405Sjkim * expected that this function is called from the callback set by
1621280297Sjkim * SSL_CTX_set_next_proto_select_cb. The protocol data is assumed to be a
1622280297Sjkim * vector of 8-bit, length prefixed byte strings. The length byte itself is
1623280297Sjkim * not included in the length. A byte string of length 0 is invalid. No byte
1624280297Sjkim * string may be truncated. The current, but experimental algorithm for
1625280297Sjkim * selecting the protocol is: 1) If the server doesn't support NPN then this
1626280297Sjkim * is indicated to the callback. In this case, the client application has to
1627280297Sjkim * abort the connection or have a default application level protocol. 2) If
1628280297Sjkim * the server supports NPN, but advertises an empty list then the client
1629280297Sjkim * selects the first protcol in its list, but indicates via the API that this
1630280297Sjkim * fallback case was enacted. 3) Otherwise, the client finds the first
1631280297Sjkim * protocol in the server's list that it supports and selects this protocol.
1632280297Sjkim * This is because it's assumed that the server has better information about
1633280297Sjkim * which protocol a client should use. 4) If the client doesn't support any
1634280297Sjkim * of the server's advertised protocols, then this is treated the same as
1635280297Sjkim * case 2. It returns either OPENSSL_NPN_NEGOTIATED if a common protocol was
1636280297Sjkim * found, or OPENSSL_NPN_NO_OVERLAP if the fallback case was reached.
1637238405Sjkim */
1638280297Sjkimint SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
1639280297Sjkim                          const unsigned char *server,
1640280297Sjkim                          unsigned int server_len,
1641280297Sjkim                          const unsigned char *client,
1642280297Sjkim                          unsigned int client_len)
1643280297Sjkim{
1644280297Sjkim    unsigned int i, j;
1645280297Sjkim    const unsigned char *result;
1646280297Sjkim    int status = OPENSSL_NPN_UNSUPPORTED;
1647238405Sjkim
1648280297Sjkim    /*
1649280297Sjkim     * For each protocol in server preference order, see if we support it.
1650280297Sjkim     */
1651280297Sjkim    for (i = 0; i < server_len;) {
1652280297Sjkim        for (j = 0; j < client_len;) {
1653280297Sjkim            if (server[i] == client[j] &&
1654280297Sjkim                memcmp(&server[i + 1], &client[j + 1], server[i]) == 0) {
1655280297Sjkim                /* We found a match */
1656280297Sjkim                result = &server[i];
1657280297Sjkim                status = OPENSSL_NPN_NEGOTIATED;
1658280297Sjkim                goto found;
1659280297Sjkim            }
1660280297Sjkim            j += client[j];
1661280297Sjkim            j++;
1662280297Sjkim        }
1663280297Sjkim        i += server[i];
1664280297Sjkim        i++;
1665280297Sjkim    }
1666238405Sjkim
1667280297Sjkim    /* There's no overlap between our protocols and the server's list. */
1668280297Sjkim    result = client;
1669280297Sjkim    status = OPENSSL_NPN_NO_OVERLAP;
1670238405Sjkim
1671280297Sjkim found:
1672280297Sjkim    *out = (unsigned char *)result + 1;
1673280297Sjkim    *outlen = result[0];
1674280297Sjkim    return status;
1675280297Sjkim}
1676238405Sjkim
1677290207Sjkim# ifndef OPENSSL_NO_NEXTPROTONEG
1678280297Sjkim/*
1679280297Sjkim * SSL_get0_next_proto_negotiated sets *data and *len to point to the
1680280297Sjkim * client's requested protocol for this connection and returns 0. If the
1681280297Sjkim * client didn't request any protocol, then *data is set to NULL. Note that
1682280297Sjkim * the client can request any protocol it chooses. The value returned from
1683280297Sjkim * this function need not be a member of the list of supported protocols
1684238405Sjkim * provided by the callback.
1685238405Sjkim */
1686280297Sjkimvoid SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data,
1687280297Sjkim                                    unsigned *len)
1688280297Sjkim{
1689280297Sjkim    *data = s->next_proto_negotiated;
1690280297Sjkim    if (!*data) {
1691280297Sjkim        *len = 0;
1692280297Sjkim    } else {
1693280297Sjkim        *len = s->next_proto_negotiated_len;
1694280297Sjkim    }
1695238405Sjkim}
1696238405Sjkim
1697280297Sjkim/*
1698280297Sjkim * SSL_CTX_set_next_protos_advertised_cb sets a callback that is called when
1699280297Sjkim * a TLS server needs a list of supported protocols for Next Protocol
1700280297Sjkim * Negotiation. The returned list must be in wire format.  The list is
1701280297Sjkim * returned by setting |out| to point to it and |outlen| to its length. This
1702280297Sjkim * memory will not be modified, but one should assume that the SSL* keeps a
1703280297Sjkim * reference to it. The callback should return SSL_TLSEXT_ERR_OK if it
1704280297Sjkim * wishes to advertise. Otherwise, no such extension will be included in the
1705280297Sjkim * ServerHello.
1706280297Sjkim */
1707280297Sjkimvoid SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *ctx,
1708280297Sjkim                                           int (*cb) (SSL *ssl,
1709280297Sjkim                                                      const unsigned char
1710280297Sjkim                                                      **out,
1711280297Sjkim                                                      unsigned int *outlen,
1712280297Sjkim                                                      void *arg), void *arg)
1713280297Sjkim{
1714280297Sjkim    ctx->next_protos_advertised_cb = cb;
1715280297Sjkim    ctx->next_protos_advertised_cb_arg = arg;
1716280297Sjkim}
1717238405Sjkim
1718280297Sjkim/*
1719280297Sjkim * SSL_CTX_set_next_proto_select_cb sets a callback that is called when a
1720238405Sjkim * client needs to select a protocol from the server's provided list. |out|
1721238405Sjkim * must be set to point to the selected protocol (which may be within |in|).
1722280297Sjkim * The length of the protocol name must be written into |outlen|. The
1723280297Sjkim * server's advertised protocols are provided in |in| and |inlen|. The
1724280297Sjkim * callback can assume that |in| is syntactically valid. The client must
1725280297Sjkim * select a protocol. It is fatal to the connection if this callback returns
1726280297Sjkim * a value other than SSL_TLSEXT_ERR_OK.
1727238405Sjkim */
1728280297Sjkimvoid SSL_CTX_set_next_proto_select_cb(SSL_CTX *ctx,
1729280297Sjkim                                      int (*cb) (SSL *s, unsigned char **out,
1730280297Sjkim                                                 unsigned char *outlen,
1731280297Sjkim                                                 const unsigned char *in,
1732280297Sjkim                                                 unsigned int inlen,
1733280297Sjkim                                                 void *arg), void *arg)
1734280297Sjkim{
1735280297Sjkim    ctx->next_proto_select_cb = cb;
1736280297Sjkim    ctx->next_proto_select_cb_arg = arg;
1737280297Sjkim}
1738238405Sjkim# endif
1739194206Ssimon
1740290207Sjkim/*
1741290207Sjkim * SSL_CTX_set_alpn_protos sets the ALPN protocol list on |ctx| to |protos|.
1742290207Sjkim * |protos| must be in wire-format (i.e. a series of non-empty, 8-bit
1743290207Sjkim * length-prefixed strings). Returns 0 on success.
1744290207Sjkim */
1745290207Sjkimint SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos,
1746290207Sjkim                            unsigned protos_len)
1747290207Sjkim{
1748290207Sjkim    if (ctx->alpn_client_proto_list)
1749290207Sjkim        OPENSSL_free(ctx->alpn_client_proto_list);
1750290207Sjkim
1751290207Sjkim    ctx->alpn_client_proto_list = OPENSSL_malloc(protos_len);
1752290207Sjkim    if (!ctx->alpn_client_proto_list)
1753290207Sjkim        return 1;
1754290207Sjkim    memcpy(ctx->alpn_client_proto_list, protos, protos_len);
1755290207Sjkim    ctx->alpn_client_proto_list_len = protos_len;
1756290207Sjkim
1757290207Sjkim    return 0;
1758290207Sjkim}
1759290207Sjkim
1760290207Sjkim/*
1761290207Sjkim * SSL_set_alpn_protos sets the ALPN protocol list on |ssl| to |protos|.
1762290207Sjkim * |protos| must be in wire-format (i.e. a series of non-empty, 8-bit
1763290207Sjkim * length-prefixed strings). Returns 0 on success.
1764290207Sjkim */
1765290207Sjkimint SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos,
1766290207Sjkim                        unsigned protos_len)
1767290207Sjkim{
1768290207Sjkim    if (ssl->alpn_client_proto_list)
1769290207Sjkim        OPENSSL_free(ssl->alpn_client_proto_list);
1770290207Sjkim
1771290207Sjkim    ssl->alpn_client_proto_list = OPENSSL_malloc(protos_len);
1772290207Sjkim    if (!ssl->alpn_client_proto_list)
1773290207Sjkim        return 1;
1774290207Sjkim    memcpy(ssl->alpn_client_proto_list, protos, protos_len);
1775290207Sjkim    ssl->alpn_client_proto_list_len = protos_len;
1776290207Sjkim
1777290207Sjkim    return 0;
1778290207Sjkim}
1779290207Sjkim
1780290207Sjkim/*
1781290207Sjkim * SSL_CTX_set_alpn_select_cb sets a callback function on |ctx| that is
1782290207Sjkim * called during ClientHello processing in order to select an ALPN protocol
1783290207Sjkim * from the client's list of offered protocols.
1784290207Sjkim */
1785290207Sjkimvoid SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx,
1786290207Sjkim                                int (*cb) (SSL *ssl,
1787290207Sjkim                                           const unsigned char **out,
1788290207Sjkim                                           unsigned char *outlen,
1789290207Sjkim                                           const unsigned char *in,
1790290207Sjkim                                           unsigned int inlen,
1791290207Sjkim                                           void *arg), void *arg)
1792290207Sjkim{
1793290207Sjkim    ctx->alpn_select_cb = cb;
1794290207Sjkim    ctx->alpn_select_cb_arg = arg;
1795290207Sjkim}
1796290207Sjkim
1797290207Sjkim/*
1798290207Sjkim * SSL_get0_alpn_selected gets the selected ALPN protocol (if any) from
1799290207Sjkim * |ssl|. On return it sets |*data| to point to |*len| bytes of protocol name
1800290207Sjkim * (not including the leading length-prefix byte). If the server didn't
1801290207Sjkim * respond with a negotiated protocol then |*len| will be zero.
1802290207Sjkim */
1803290207Sjkimvoid SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
1804290207Sjkim                            unsigned *len)
1805290207Sjkim{
1806290207Sjkim    *data = NULL;
1807290207Sjkim    if (ssl->s3)
1808290207Sjkim        *data = ssl->s3->alpn_selected;
1809290207Sjkim    if (*data == NULL)
1810290207Sjkim        *len = 0;
1811290207Sjkim    else
1812290207Sjkim        *len = ssl->s3->alpn_selected_len;
1813290207Sjkim}
1814290207Sjkim
1815290207Sjkim#endif                          /* !OPENSSL_NO_TLSEXT */
1816290207Sjkim
1817238405Sjkimint SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
1818280297Sjkim                               const char *label, size_t llen,
1819280297Sjkim                               const unsigned char *p, size_t plen,
1820280297Sjkim                               int use_context)
1821280297Sjkim{
1822280297Sjkim    if (s->version < TLS1_VERSION)
1823280297Sjkim        return -1;
1824238405Sjkim
1825280297Sjkim    return s->method->ssl3_enc->export_keying_material(s, out, olen, label,
1826280297Sjkim                                                       llen, p, plen,
1827280297Sjkim                                                       use_context);
1828280297Sjkim}
1829238405Sjkim
1830238405Sjkimstatic unsigned long ssl_session_hash(const SSL_SESSION *a)
1831280297Sjkim{
1832280297Sjkim    unsigned long l;
183355714Skris
1834280297Sjkim    l = (unsigned long)
1835280297Sjkim        ((unsigned int)a->session_id[0]) |
1836280297Sjkim        ((unsigned int)a->session_id[1] << 8L) |
1837280297Sjkim        ((unsigned long)a->session_id[2] << 16L) |
1838280297Sjkim        ((unsigned long)a->session_id[3] << 24L);
1839280297Sjkim    return (l);
1840280297Sjkim}
184155714Skris
1842280297Sjkim/*
1843280297Sjkim * NB: If this function (or indeed the hash function which uses a sort of
1844109998Smarkm * coarser function than this one) is changed, ensure
1845280297Sjkim * SSL_CTX_has_matching_session_id() is checked accordingly. It relies on
1846280297Sjkim * being able to construct an SSL_SESSION that will collide with any existing
1847280297Sjkim * session with a matching session ID.
1848280297Sjkim */
1849280297Sjkimstatic int ssl_session_cmp(const SSL_SESSION *a, const SSL_SESSION *b)
1850280297Sjkim{
1851280297Sjkim    if (a->ssl_version != b->ssl_version)
1852280297Sjkim        return (1);
1853280297Sjkim    if (a->session_id_length != b->session_id_length)
1854280297Sjkim        return (1);
1855280297Sjkim    return (memcmp(a->session_id, b->session_id, a->session_id_length));
1856280297Sjkim}
185755714Skris
1858280297Sjkim/*
1859280297Sjkim * These wrapper functions should remain rather than redeclaring
1860109998Smarkm * SSL_SESSION_hash and SSL_SESSION_cmp for void* types and casting each
1861280297Sjkim * variable. The reason is that the functions aren't static, they're exposed
1862280297Sjkim * via ssl.h.
1863280297Sjkim */
1864238405Sjkimstatic IMPLEMENT_LHASH_HASH_FN(ssl_session, SSL_SESSION)
1865238405Sjkimstatic IMPLEMENT_LHASH_COMP_FN(ssl_session, SSL_SESSION)
1866109998Smarkm
1867238405SjkimSSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
1868280297Sjkim{
1869280297Sjkim    SSL_CTX *ret = NULL;
1870238405Sjkim
1871280297Sjkim    if (meth == NULL) {
1872280297Sjkim        SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_NULL_SSL_METHOD_PASSED);
1873280297Sjkim        return (NULL);
1874280297Sjkim    }
1875194206Ssimon#ifdef OPENSSL_FIPS
1876280297Sjkim    if (FIPS_mode() && (meth->version < TLS1_VERSION)) {
1877280297Sjkim        SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
1878280297Sjkim        return NULL;
1879280297Sjkim    }
1880194206Ssimon#endif
1881194206Ssimon
1882280297Sjkim    if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0) {
1883280297Sjkim        SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_X509_VERIFICATION_SETUP_PROBLEMS);
1884280297Sjkim        goto err;
1885280297Sjkim    }
1886280297Sjkim    ret = (SSL_CTX *)OPENSSL_malloc(sizeof(SSL_CTX));
1887280297Sjkim    if (ret == NULL)
1888280297Sjkim        goto err;
188955714Skris
1890280297Sjkim    memset(ret, 0, sizeof(SSL_CTX));
189155714Skris
1892280297Sjkim    ret->method = meth;
189355714Skris
1894280297Sjkim    ret->cert_store = NULL;
1895280297Sjkim    ret->session_cache_mode = SSL_SESS_CACHE_SERVER;
1896280297Sjkim    ret->session_cache_size = SSL_SESSION_CACHE_MAX_SIZE_DEFAULT;
1897280297Sjkim    ret->session_cache_head = NULL;
1898280297Sjkim    ret->session_cache_tail = NULL;
189955714Skris
1900280297Sjkim    /* We take the system default */
1901280297Sjkim    ret->session_timeout = meth->get_timeout();
190255714Skris
1903280297Sjkim    ret->new_session_cb = 0;
1904280297Sjkim    ret->remove_session_cb = 0;
1905280297Sjkim    ret->get_session_cb = 0;
1906280297Sjkim    ret->generate_session_id = 0;
190755714Skris
1908280297Sjkim    memset((char *)&ret->stats, 0, sizeof(ret->stats));
190955714Skris
1910280297Sjkim    ret->references = 1;
1911280297Sjkim    ret->quiet_shutdown = 0;
191255714Skris
1913280297Sjkim/*  ret->cipher=NULL;*/
1914280297Sjkim/*-
1915280297Sjkim    ret->s2->challenge=NULL;
1916280297Sjkim    ret->master_key=NULL;
1917280297Sjkim    ret->key_arg=NULL;
1918280297Sjkim    ret->s2->conn_id=NULL; */
191955714Skris
1920280297Sjkim    ret->info_callback = NULL;
192155714Skris
1922280297Sjkim    ret->app_verify_callback = 0;
1923280297Sjkim    ret->app_verify_arg = NULL;
192455714Skris
1925280297Sjkim    ret->max_cert_list = SSL_MAX_CERT_LIST_DEFAULT;
1926280297Sjkim    ret->read_ahead = 0;
1927280297Sjkim    ret->msg_callback = 0;
1928280297Sjkim    ret->msg_callback_arg = NULL;
1929280297Sjkim    ret->verify_mode = SSL_VERIFY_NONE;
1930160814Ssimon#if 0
1931280297Sjkim    ret->verify_depth = -1;     /* Don't impose a limit (but x509_lu.c does) */
1932160814Ssimon#endif
1933280297Sjkim    ret->sid_ctx_length = 0;
1934280297Sjkim    ret->default_verify_callback = NULL;
1935280297Sjkim    if ((ret->cert = ssl_cert_new()) == NULL)
1936280297Sjkim        goto err;
193755714Skris
1938280297Sjkim    ret->default_passwd_callback = 0;
1939280297Sjkim    ret->default_passwd_callback_userdata = NULL;
1940280297Sjkim    ret->client_cert_cb = 0;
1941280297Sjkim    ret->app_gen_cookie_cb = 0;
1942280297Sjkim    ret->app_verify_cookie_cb = 0;
194355714Skris
1944280297Sjkim    ret->sessions = lh_SSL_SESSION_new();
1945280297Sjkim    if (ret->sessions == NULL)
1946280297Sjkim        goto err;
1947280297Sjkim    ret->cert_store = X509_STORE_new();
1948280297Sjkim    if (ret->cert_store == NULL)
1949280297Sjkim        goto err;
195055714Skris
1951280297Sjkim    ssl_create_cipher_list(ret->method,
1952280297Sjkim                           &ret->cipher_list, &ret->cipher_list_by_id,
1953280297Sjkim                           meth->version ==
1954290207Sjkim                           SSL2_VERSION ? "SSLv2" : SSL_DEFAULT_CIPHER_LIST,
1955290207Sjkim                           ret->cert);
1956280297Sjkim    if (ret->cipher_list == NULL || sk_SSL_CIPHER_num(ret->cipher_list) <= 0) {
1957280297Sjkim        SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_LIBRARY_HAS_NO_CIPHERS);
1958280297Sjkim        goto err2;
1959280297Sjkim    }
196055714Skris
1961280297Sjkim    ret->param = X509_VERIFY_PARAM_new();
1962280297Sjkim    if (!ret->param)
1963280297Sjkim        goto err;
1964160814Ssimon
1965280297Sjkim    if ((ret->rsa_md5 = EVP_get_digestbyname("ssl2-md5")) == NULL) {
1966280297Sjkim        SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES);
1967280297Sjkim        goto err2;
1968280297Sjkim    }
1969280297Sjkim    if ((ret->md5 = EVP_get_digestbyname("ssl3-md5")) == NULL) {
1970280297Sjkim        SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES);
1971280297Sjkim        goto err2;
1972280297Sjkim    }
1973280297Sjkim    if ((ret->sha1 = EVP_get_digestbyname("ssl3-sha1")) == NULL) {
1974280297Sjkim        SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES);
1975280297Sjkim        goto err2;
1976280297Sjkim    }
197755714Skris
1978280297Sjkim    if ((ret->client_CA = sk_X509_NAME_new_null()) == NULL)
1979280297Sjkim        goto err;
198055714Skris
1981280297Sjkim    CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ret, &ret->ex_data);
198255714Skris
1983280297Sjkim    ret->extra_certs = NULL;
1984280297Sjkim    /* No compression for DTLS */
1985291719Sjkim    if (!(meth->ssl3_enc->enc_flags & SSL_ENC_FLAG_DTLS))
1986280297Sjkim        ret->comp_methods = SSL_COMP_get_compression_methods();
198755714Skris
1988280297Sjkim    ret->max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH;
1989238405Sjkim
1990194206Ssimon#ifndef OPENSSL_NO_TLSEXT
1991280297Sjkim    ret->tlsext_servername_callback = 0;
1992280297Sjkim    ret->tlsext_servername_arg = NULL;
1993280297Sjkim    /* Setup RFC4507 ticket keys */
1994280297Sjkim    if ((RAND_pseudo_bytes(ret->tlsext_tick_key_name, 16) <= 0)
1995280297Sjkim        || (RAND_bytes(ret->tlsext_tick_hmac_key, 16) <= 0)
1996280297Sjkim        || (RAND_bytes(ret->tlsext_tick_aes_key, 16) <= 0))
1997280297Sjkim        ret->options |= SSL_OP_NO_TICKET;
1998194206Ssimon
1999280297Sjkim    ret->tlsext_status_cb = 0;
2000280297Sjkim    ret->tlsext_status_arg = NULL;
2001194206Ssimon
2002238405Sjkim# ifndef OPENSSL_NO_NEXTPROTONEG
2003280297Sjkim    ret->next_protos_advertised_cb = 0;
2004280297Sjkim    ret->next_proto_select_cb = 0;
2005238405Sjkim# endif
2006194206Ssimon#endif
2007238405Sjkim#ifndef OPENSSL_NO_PSK
2008280297Sjkim    ret->psk_identity_hint = NULL;
2009280297Sjkim    ret->psk_client_callback = NULL;
2010280297Sjkim    ret->psk_server_callback = NULL;
2011238405Sjkim#endif
2012238405Sjkim#ifndef OPENSSL_NO_SRP
2013280297Sjkim    SSL_CTX_SRP_CTX_init(ret);
2014238405Sjkim#endif
2015238405Sjkim#ifndef OPENSSL_NO_BUF_FREELISTS
2016280297Sjkim    ret->freelist_max_len = SSL_MAX_BUF_FREELIST_LEN_DEFAULT;
2017280297Sjkim    ret->rbuf_freelist = OPENSSL_malloc(sizeof(SSL3_BUF_FREELIST));
2018280297Sjkim    if (!ret->rbuf_freelist)
2019280297Sjkim        goto err;
2020280297Sjkim    ret->rbuf_freelist->chunklen = 0;
2021280297Sjkim    ret->rbuf_freelist->len = 0;
2022280297Sjkim    ret->rbuf_freelist->head = NULL;
2023280297Sjkim    ret->wbuf_freelist = OPENSSL_malloc(sizeof(SSL3_BUF_FREELIST));
2024280297Sjkim    if (!ret->wbuf_freelist) {
2025280297Sjkim        OPENSSL_free(ret->rbuf_freelist);
2026280297Sjkim        goto err;
2027280297Sjkim    }
2028280297Sjkim    ret->wbuf_freelist->chunklen = 0;
2029280297Sjkim    ret->wbuf_freelist->len = 0;
2030280297Sjkim    ret->wbuf_freelist->head = NULL;
2031238405Sjkim#endif
2032194206Ssimon#ifndef OPENSSL_NO_ENGINE
2033280297Sjkim    ret->client_cert_engine = NULL;
2034280297Sjkim# ifdef OPENSSL_SSL_CLIENT_ENGINE_AUTO
2035280297Sjkim#  define eng_strx(x)     #x
2036280297Sjkim#  define eng_str(x)      eng_strx(x)
2037280297Sjkim    /* Use specific client engine automatically... ignore errors */
2038280297Sjkim    {
2039280297Sjkim        ENGINE *eng;
2040280297Sjkim        eng = ENGINE_by_id(eng_str(OPENSSL_SSL_CLIENT_ENGINE_AUTO));
2041280297Sjkim        if (!eng) {
2042280297Sjkim            ERR_clear_error();
2043280297Sjkim            ENGINE_load_builtin_engines();
2044280297Sjkim            eng = ENGINE_by_id(eng_str(OPENSSL_SSL_CLIENT_ENGINE_AUTO));
2045280297Sjkim        }
2046280297Sjkim        if (!eng || !SSL_CTX_set_client_cert_engine(ret, eng))
2047280297Sjkim            ERR_clear_error();
2048280297Sjkim    }
2049280297Sjkim# endif
2050194206Ssimon#endif
2051280297Sjkim    /*
2052280297Sjkim     * Default is to connect to non-RI servers. When RI is more widely
2053280297Sjkim     * deployed might change this.
2054280297Sjkim     */
2055280297Sjkim    ret->options |= SSL_OP_LEGACY_SERVER_CONNECT;
2056194206Ssimon
2057296279Sjkim    /*
2058296279Sjkim     * Disable SSLv2 by default, callers that want to enable SSLv2 will have to
2059296279Sjkim     * explicitly clear this option via either of SSL_CTX_clear_options() or
2060296279Sjkim     * SSL_clear_options().
2061296279Sjkim     */
2062296279Sjkim    ret->options |= SSL_OP_NO_SSLv2;
2063296279Sjkim
2064280297Sjkim    return (ret);
2065280297Sjkim err:
2066280297Sjkim    SSLerr(SSL_F_SSL_CTX_NEW, ERR_R_MALLOC_FAILURE);
2067280297Sjkim err2:
2068280297Sjkim    if (ret != NULL)
2069280297Sjkim        SSL_CTX_free(ret);
2070280297Sjkim    return (NULL);
2071280297Sjkim}
207255714Skris
2073109998Smarkm#if 0
207455714Skrisstatic void SSL_COMP_free(SSL_COMP *comp)
2075280297Sjkim{
2076280297Sjkim    OPENSSL_free(comp);
2077280297Sjkim}
2078109998Smarkm#endif
207955714Skris
2080238405Sjkim#ifndef OPENSSL_NO_BUF_FREELISTS
2081280297Sjkimstatic void ssl_buf_freelist_free(SSL3_BUF_FREELIST *list)
2082280297Sjkim{
2083280297Sjkim    SSL3_BUF_FREELIST_ENTRY *ent, *next;
2084280297Sjkim    for (ent = list->head; ent; ent = next) {
2085280297Sjkim        next = ent->next;
2086280297Sjkim        OPENSSL_free(ent);
2087280297Sjkim    }
2088280297Sjkim    OPENSSL_free(list);
2089280297Sjkim}
2090238405Sjkim#endif
2091238405Sjkim
209255714Skrisvoid SSL_CTX_free(SSL_CTX *a)
2093280297Sjkim{
2094280297Sjkim    int i;
209555714Skris
2096280297Sjkim    if (a == NULL)
2097280297Sjkim        return;
209855714Skris
2099280297Sjkim    i = CRYPTO_add(&a->references, -1, CRYPTO_LOCK_SSL_CTX);
210055714Skris#ifdef REF_PRINT
2101280297Sjkim    REF_PRINT("SSL_CTX", a);
210255714Skris#endif
2103280297Sjkim    if (i > 0)
2104280297Sjkim        return;
210555714Skris#ifdef REF_CHECK
2106280297Sjkim    if (i < 0) {
2107280297Sjkim        fprintf(stderr, "SSL_CTX_free, bad reference count\n");
2108280297Sjkim        abort();                /* ok */
2109280297Sjkim    }
211055714Skris#endif
211155714Skris
2112280297Sjkim    if (a->param)
2113280297Sjkim        X509_VERIFY_PARAM_free(a->param);
2114160814Ssimon
2115280297Sjkim    /*
2116280297Sjkim     * Free internal session cache. However: the remove_cb() may reference
2117280297Sjkim     * the ex_data of SSL_CTX, thus the ex_data store can only be removed
2118280297Sjkim     * after the sessions were flushed.
2119280297Sjkim     * As the ex_data handling routines might also touch the session cache,
2120280297Sjkim     * the most secure solution seems to be: empty (flush) the cache, then
2121280297Sjkim     * free ex_data, then finally free the cache.
2122280297Sjkim     * (See ticket [openssl.org #212].)
2123280297Sjkim     */
2124280297Sjkim    if (a->sessions != NULL)
2125280297Sjkim        SSL_CTX_flush_sessions(a, 0);
2126109998Smarkm
2127280297Sjkim    CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_CTX, a, &a->ex_data);
2128109998Smarkm
2129280297Sjkim    if (a->sessions != NULL)
2130280297Sjkim        lh_SSL_SESSION_free(a->sessions);
2131109998Smarkm
2132280297Sjkim    if (a->cert_store != NULL)
2133280297Sjkim        X509_STORE_free(a->cert_store);
2134280297Sjkim    if (a->cipher_list != NULL)
2135280297Sjkim        sk_SSL_CIPHER_free(a->cipher_list);
2136280297Sjkim    if (a->cipher_list_by_id != NULL)
2137280297Sjkim        sk_SSL_CIPHER_free(a->cipher_list_by_id);
2138280297Sjkim    if (a->cert != NULL)
2139280297Sjkim        ssl_cert_free(a->cert);
2140280297Sjkim    if (a->client_CA != NULL)
2141280297Sjkim        sk_X509_NAME_pop_free(a->client_CA, X509_NAME_free);
2142280297Sjkim    if (a->extra_certs != NULL)
2143280297Sjkim        sk_X509_pop_free(a->extra_certs, X509_free);
2144280297Sjkim#if 0                           /* This should never be done, since it
2145280297Sjkim                                 * removes a global database */
2146280297Sjkim    if (a->comp_methods != NULL)
2147280297Sjkim        sk_SSL_COMP_pop_free(a->comp_methods, SSL_COMP_free);
2148109998Smarkm#else
2149280297Sjkim    a->comp_methods = NULL;
2150109998Smarkm#endif
2151238405Sjkim
2152246772Sjkim#ifndef OPENSSL_NO_SRTP
2153280297Sjkim    if (a->srtp_profiles)
2154280297Sjkim        sk_SRTP_PROTECTION_PROFILE_free(a->srtp_profiles);
2155246772Sjkim#endif
2156238405Sjkim
2157238405Sjkim#ifndef OPENSSL_NO_PSK
2158280297Sjkim    if (a->psk_identity_hint)
2159280297Sjkim        OPENSSL_free(a->psk_identity_hint);
2160238405Sjkim#endif
2161238405Sjkim#ifndef OPENSSL_NO_SRP
2162280297Sjkim    SSL_CTX_SRP_CTX_free(a);
2163238405Sjkim#endif
2164194206Ssimon#ifndef OPENSSL_NO_ENGINE
2165280297Sjkim    if (a->client_cert_engine)
2166280297Sjkim        ENGINE_finish(a->client_cert_engine);
2167194206Ssimon#endif
2168238405Sjkim
2169238405Sjkim#ifndef OPENSSL_NO_BUF_FREELISTS
2170280297Sjkim    if (a->wbuf_freelist)
2171280297Sjkim        ssl_buf_freelist_free(a->wbuf_freelist);
2172280297Sjkim    if (a->rbuf_freelist)
2173280297Sjkim        ssl_buf_freelist_free(a->rbuf_freelist);
2174238405Sjkim#endif
2175290207Sjkim#ifndef OPENSSL_NO_TLSEXT
2176290207Sjkim# ifndef OPENSSL_NO_EC
2177290207Sjkim    if (a->tlsext_ecpointformatlist)
2178290207Sjkim        OPENSSL_free(a->tlsext_ecpointformatlist);
2179290207Sjkim    if (a->tlsext_ellipticcurvelist)
2180290207Sjkim        OPENSSL_free(a->tlsext_ellipticcurvelist);
2181290207Sjkim# endif                         /* OPENSSL_NO_EC */
2182290207Sjkim    if (a->alpn_client_proto_list != NULL)
2183290207Sjkim        OPENSSL_free(a->alpn_client_proto_list);
2184290207Sjkim#endif
2185238405Sjkim
2186280297Sjkim    OPENSSL_free(a);
2187280297Sjkim}
218855714Skris
218955714Skrisvoid SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb)
2190280297Sjkim{
2191280297Sjkim    ctx->default_passwd_callback = cb;
2192280297Sjkim}
219355714Skris
2194280297Sjkimvoid SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u)
2195280297Sjkim{
2196280297Sjkim    ctx->default_passwd_callback_userdata = u;
2197280297Sjkim}
219855714Skris
2199280297Sjkimvoid SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx,
2200280297Sjkim                                      int (*cb) (X509_STORE_CTX *, void *),
2201280297Sjkim                                      void *arg)
2202280297Sjkim{
2203280297Sjkim    ctx->app_verify_callback = cb;
2204280297Sjkim    ctx->app_verify_arg = arg;
2205280297Sjkim}
220655714Skris
2207280297Sjkimvoid SSL_CTX_set_verify(SSL_CTX *ctx, int mode,
2208280297Sjkim                        int (*cb) (int, X509_STORE_CTX *))
2209280297Sjkim{
2210280297Sjkim    ctx->verify_mode = mode;
2211280297Sjkim    ctx->default_verify_callback = cb;
2212280297Sjkim}
221355714Skris
2214280297Sjkimvoid SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth)
2215280297Sjkim{
2216280297Sjkim    X509_VERIFY_PARAM_set_depth(ctx->param, depth);
2217280297Sjkim}
221855714Skris
2219290207Sjkimvoid SSL_CTX_set_cert_cb(SSL_CTX *c, int (*cb) (SSL *ssl, void *arg),
2220290207Sjkim                         void *arg)
2221290207Sjkim{
2222290207Sjkim    ssl_cert_set_cert_cb(c->cert, cb, arg);
2223290207Sjkim}
2224290207Sjkim
2225290207Sjkimvoid SSL_set_cert_cb(SSL *s, int (*cb) (SSL *ssl, void *arg), void *arg)
2226290207Sjkim{
2227290207Sjkim    ssl_cert_set_cert_cb(s->cert, cb, arg);
2228290207Sjkim}
2229290207Sjkim
2230238405Sjkimvoid ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
2231280297Sjkim{
2232280297Sjkim    CERT_PKEY *cpk;
2233280297Sjkim    int rsa_enc, rsa_tmp, rsa_sign, dh_tmp, dh_rsa, dh_dsa, dsa_sign;
2234280297Sjkim    int rsa_enc_export, dh_rsa_export, dh_dsa_export;
2235280297Sjkim    int rsa_tmp_export, dh_tmp_export, kl;
2236280297Sjkim    unsigned long mask_k, mask_a, emask_k, emask_a;
2237280297Sjkim#ifndef OPENSSL_NO_ECDSA
2238280297Sjkim    int have_ecc_cert, ecdsa_ok, ecc_pkey_size;
2239280297Sjkim#endif
2240160814Ssimon#ifndef OPENSSL_NO_ECDH
2241280297Sjkim    int have_ecdh_tmp, ecdh_ok;
2242160814Ssimon#endif
2243280297Sjkim#ifndef OPENSSL_NO_EC
2244280297Sjkim    X509 *x = NULL;
2245280297Sjkim    EVP_PKEY *ecc_pkey = NULL;
2246280297Sjkim    int signature_nid = 0, pk_nid = 0, md_nid = 0;
2247280297Sjkim#endif
2248280297Sjkim    if (c == NULL)
2249280297Sjkim        return;
225055714Skris
2251280297Sjkim    kl = SSL_C_EXPORT_PKEYLENGTH(cipher);
225255714Skris
2253109998Smarkm#ifndef OPENSSL_NO_RSA
2254280297Sjkim    rsa_tmp = (c->rsa_tmp != NULL || c->rsa_tmp_cb != NULL);
2255280297Sjkim    rsa_tmp_export = (c->rsa_tmp_cb != NULL ||
2256280297Sjkim                      (rsa_tmp && RSA_size(c->rsa_tmp) * 8 <= kl));
225755714Skris#else
2258280297Sjkim    rsa_tmp = rsa_tmp_export = 0;
225955714Skris#endif
2260109998Smarkm#ifndef OPENSSL_NO_DH
2261280297Sjkim    dh_tmp = (c->dh_tmp != NULL || c->dh_tmp_cb != NULL);
2262280297Sjkim    dh_tmp_export = (c->dh_tmp_cb != NULL ||
2263280297Sjkim                     (dh_tmp && DH_size(c->dh_tmp) * 8 <= kl));
226455714Skris#else
2265280297Sjkim    dh_tmp = dh_tmp_export = 0;
226655714Skris#endif
226755714Skris
2268160814Ssimon#ifndef OPENSSL_NO_ECDH
2269290207Sjkim    have_ecdh_tmp = (c->ecdh_tmp || c->ecdh_tmp_cb || c->ecdh_tmp_auto);
2270160814Ssimon#endif
2271280297Sjkim    cpk = &(c->pkeys[SSL_PKEY_RSA_ENC]);
2272290207Sjkim    rsa_enc = cpk->valid_flags & CERT_PKEY_VALID;
2273280297Sjkim    rsa_enc_export = (rsa_enc && EVP_PKEY_size(cpk->privatekey) * 8 <= kl);
2274280297Sjkim    cpk = &(c->pkeys[SSL_PKEY_RSA_SIGN]);
2275290207Sjkim    rsa_sign = cpk->valid_flags & CERT_PKEY_SIGN;
2276280297Sjkim    cpk = &(c->pkeys[SSL_PKEY_DSA_SIGN]);
2277290207Sjkim    dsa_sign = cpk->valid_flags & CERT_PKEY_SIGN;
2278280297Sjkim    cpk = &(c->pkeys[SSL_PKEY_DH_RSA]);
2279290207Sjkim    dh_rsa = cpk->valid_flags & CERT_PKEY_VALID;
2280280297Sjkim    dh_rsa_export = (dh_rsa && EVP_PKEY_size(cpk->privatekey) * 8 <= kl);
2281280297Sjkim    cpk = &(c->pkeys[SSL_PKEY_DH_DSA]);
228255714Skris/* FIX THIS EAY EAY EAY */
2283290207Sjkim    dh_dsa = cpk->valid_flags & CERT_PKEY_VALID;
2284280297Sjkim    dh_dsa_export = (dh_dsa && EVP_PKEY_size(cpk->privatekey) * 8 <= kl);
2285280297Sjkim    cpk = &(c->pkeys[SSL_PKEY_ECC]);
2286280297Sjkim#ifndef OPENSSL_NO_EC
2287290207Sjkim    have_ecc_cert = cpk->valid_flags & CERT_PKEY_VALID;
2288280297Sjkim#endif
2289280297Sjkim    mask_k = 0;
2290280297Sjkim    mask_a = 0;
2291280297Sjkim    emask_k = 0;
2292280297Sjkim    emask_a = 0;
229355714Skris
229455714Skris#ifdef CIPHER_DEBUG
2295280297Sjkim    fprintf(stderr,
2296280297Sjkim            "rt=%d rte=%d dht=%d ecdht=%d re=%d ree=%d rs=%d ds=%d dhr=%d dhd=%d\n",
2297280297Sjkim            rsa_tmp, rsa_tmp_export, dh_tmp, have_ecdh_tmp, rsa_enc,
2298280297Sjkim            rsa_enc_export, rsa_sign, dsa_sign, dh_rsa, dh_dsa);
229955714Skris#endif
230055714Skris
2301280297Sjkim    cpk = &(c->pkeys[SSL_PKEY_GOST01]);
2302280297Sjkim    if (cpk->x509 != NULL && cpk->privatekey != NULL) {
2303280297Sjkim        mask_k |= SSL_kGOST;
2304280297Sjkim        mask_a |= SSL_aGOST01;
2305280297Sjkim    }
2306280297Sjkim    cpk = &(c->pkeys[SSL_PKEY_GOST94]);
2307280297Sjkim    if (cpk->x509 != NULL && cpk->privatekey != NULL) {
2308280297Sjkim        mask_k |= SSL_kGOST;
2309280297Sjkim        mask_a |= SSL_aGOST94;
2310280297Sjkim    }
231155714Skris
2312280297Sjkim    if (rsa_enc || (rsa_tmp && rsa_sign))
2313280297Sjkim        mask_k |= SSL_kRSA;
2314280297Sjkim    if (rsa_enc_export || (rsa_tmp_export && (rsa_sign || rsa_enc)))
2315280297Sjkim        emask_k |= SSL_kRSA;
2316280297Sjkim
231755714Skris#if 0
2318280297Sjkim    /* The match needs to be both kEDH and aRSA or aDSA, so don't worry */
2319280297Sjkim    if ((dh_tmp || dh_rsa || dh_dsa) && (rsa_enc || rsa_sign || dsa_sign))
2320280297Sjkim        mask_k |= SSL_kEDH;
2321280297Sjkim    if ((dh_tmp_export || dh_rsa_export || dh_dsa_export) &&
2322280297Sjkim        (rsa_enc || rsa_sign || dsa_sign))
2323280297Sjkim        emask_k |= SSL_kEDH;
232455714Skris#endif
232555714Skris
2326280297Sjkim    if (dh_tmp_export)
2327280297Sjkim        emask_k |= SSL_kEDH;
232855714Skris
2329280297Sjkim    if (dh_tmp)
2330280297Sjkim        mask_k |= SSL_kEDH;
233155714Skris
2332280297Sjkim    if (dh_rsa)
2333280297Sjkim        mask_k |= SSL_kDHr;
2334280297Sjkim    if (dh_rsa_export)
2335280297Sjkim        emask_k |= SSL_kDHr;
233655714Skris
2337280297Sjkim    if (dh_dsa)
2338280297Sjkim        mask_k |= SSL_kDHd;
2339280297Sjkim    if (dh_dsa_export)
2340280297Sjkim        emask_k |= SSL_kDHd;
234155714Skris
2342290207Sjkim    if (mask_k & (SSL_kDHr | SSL_kDHd))
2343290207Sjkim        mask_a |= SSL_aDH;
2344290207Sjkim
2345280297Sjkim    if (rsa_enc || rsa_sign) {
2346280297Sjkim        mask_a |= SSL_aRSA;
2347280297Sjkim        emask_a |= SSL_aRSA;
2348280297Sjkim    }
234955714Skris
2350280297Sjkim    if (dsa_sign) {
2351280297Sjkim        mask_a |= SSL_aDSS;
2352280297Sjkim        emask_a |= SSL_aDSS;
2353280297Sjkim    }
235455714Skris
2355280297Sjkim    mask_a |= SSL_aNULL;
2356280297Sjkim    emask_a |= SSL_aNULL;
235755714Skris
2358109998Smarkm#ifndef OPENSSL_NO_KRB5
2359280297Sjkim    mask_k |= SSL_kKRB5;
2360280297Sjkim    mask_a |= SSL_aKRB5;
2361280297Sjkim    emask_k |= SSL_kKRB5;
2362280297Sjkim    emask_a |= SSL_aKRB5;
2363109998Smarkm#endif
2364109998Smarkm
2365280297Sjkim    /*
2366280297Sjkim     * An ECC certificate may be usable for ECDH and/or ECDSA cipher suites
2367280297Sjkim     * depending on the key usage extension.
2368280297Sjkim     */
2369280297Sjkim#ifndef OPENSSL_NO_EC
2370280297Sjkim    if (have_ecc_cert) {
2371290207Sjkim        cpk = &c->pkeys[SSL_PKEY_ECC];
2372290207Sjkim        x = cpk->x509;
2373280297Sjkim        /* This call populates extension flags (ex_flags) */
2374280297Sjkim        X509_check_purpose(x, -1, 0);
2375290207Sjkim# ifndef OPENSSL_NO_ECDH
2376280297Sjkim        ecdh_ok = (x->ex_flags & EXFLAG_KUSAGE) ?
2377280297Sjkim            (x->ex_kusage & X509v3_KU_KEY_AGREEMENT) : 1;
2378290207Sjkim# endif
2379280297Sjkim        ecdsa_ok = (x->ex_flags & EXFLAG_KUSAGE) ?
2380280297Sjkim            (x->ex_kusage & X509v3_KU_DIGITAL_SIGNATURE) : 1;
2381290207Sjkim        if (!(cpk->valid_flags & CERT_PKEY_SIGN))
2382290207Sjkim            ecdsa_ok = 0;
2383280297Sjkim        ecc_pkey = X509_get_pubkey(x);
2384280297Sjkim        ecc_pkey_size = (ecc_pkey != NULL) ? EVP_PKEY_bits(ecc_pkey) : 0;
2385280297Sjkim        EVP_PKEY_free(ecc_pkey);
2386280297Sjkim        if ((x->sig_alg) && (x->sig_alg->algorithm)) {
2387280297Sjkim            signature_nid = OBJ_obj2nid(x->sig_alg->algorithm);
2388280297Sjkim            OBJ_find_sigid_algs(signature_nid, &md_nid, &pk_nid);
2389280297Sjkim        }
2390290207Sjkim# ifndef OPENSSL_NO_ECDH
2391280297Sjkim        if (ecdh_ok) {
2392238405Sjkim
2393280297Sjkim            if (pk_nid == NID_rsaEncryption || pk_nid == NID_rsa) {
2394280297Sjkim                mask_k |= SSL_kECDHr;
2395280297Sjkim                mask_a |= SSL_aECDH;
2396280297Sjkim                if (ecc_pkey_size <= 163) {
2397280297Sjkim                    emask_k |= SSL_kECDHr;
2398280297Sjkim                    emask_a |= SSL_aECDH;
2399280297Sjkim                }
2400280297Sjkim            }
2401238405Sjkim
2402280297Sjkim            if (pk_nid == NID_X9_62_id_ecPublicKey) {
2403280297Sjkim                mask_k |= SSL_kECDHe;
2404280297Sjkim                mask_a |= SSL_aECDH;
2405280297Sjkim                if (ecc_pkey_size <= 163) {
2406280297Sjkim                    emask_k |= SSL_kECDHe;
2407280297Sjkim                    emask_a |= SSL_aECDH;
2408280297Sjkim                }
2409280297Sjkim            }
2410280297Sjkim        }
2411290207Sjkim# endif
2412290207Sjkim# ifndef OPENSSL_NO_ECDSA
2413280297Sjkim        if (ecdsa_ok) {
2414280297Sjkim            mask_a |= SSL_aECDSA;
2415280297Sjkim            emask_a |= SSL_aECDSA;
2416280297Sjkim        }
2417290207Sjkim# endif
2418280297Sjkim    }
2419280297Sjkim#endif
2420290207Sjkim
2421160814Ssimon#ifndef OPENSSL_NO_ECDH
2422280297Sjkim    if (have_ecdh_tmp) {
2423280297Sjkim        mask_k |= SSL_kEECDH;
2424280297Sjkim        emask_k |= SSL_kEECDH;
2425280297Sjkim    }
2426160814Ssimon#endif
2427238405Sjkim
2428238405Sjkim#ifndef OPENSSL_NO_PSK
2429280297Sjkim    mask_k |= SSL_kPSK;
2430280297Sjkim    mask_a |= SSL_aPSK;
2431280297Sjkim    emask_k |= SSL_kPSK;
2432280297Sjkim    emask_a |= SSL_aPSK;
2433238405Sjkim#endif
2434238405Sjkim
2435280297Sjkim    c->mask_k = mask_k;
2436280297Sjkim    c->mask_a = mask_a;
2437280297Sjkim    c->export_mask_k = emask_k;
2438280297Sjkim    c->export_mask_a = emask_a;
2439280297Sjkim    c->valid = 1;
2440280297Sjkim}
244155714Skris
2442160814Ssimon/* This handy macro borrowed from crypto/x509v3/v3_purp.c */
2443160814Ssimon#define ku_reject(x, usage) \
2444280297Sjkim        (((x)->ex_flags & EXFLAG_KUSAGE) && !((x)->ex_kusage & (usage)))
2445160814Ssimon
2446238405Sjkim#ifndef OPENSSL_NO_EC
2447238405Sjkim
2448238405Sjkimint ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
2449280297Sjkim{
2450280297Sjkim    unsigned long alg_k, alg_a;
2451280297Sjkim    EVP_PKEY *pkey = NULL;
2452280297Sjkim    int keysize = 0;
2453280297Sjkim    int signature_nid = 0, md_nid = 0, pk_nid = 0;
2454280297Sjkim    const SSL_CIPHER *cs = s->s3->tmp.new_cipher;
2455160814Ssimon
2456280297Sjkim    alg_k = cs->algorithm_mkey;
2457280297Sjkim    alg_a = cs->algorithm_auth;
2458238405Sjkim
2459280297Sjkim    if (SSL_C_IS_EXPORT(cs)) {
2460280297Sjkim        /* ECDH key length in export ciphers must be <= 163 bits */
2461280297Sjkim        pkey = X509_get_pubkey(x);
2462280297Sjkim        if (pkey == NULL)
2463280297Sjkim            return 0;
2464280297Sjkim        keysize = EVP_PKEY_bits(pkey);
2465280297Sjkim        EVP_PKEY_free(pkey);
2466280297Sjkim        if (keysize > 163)
2467280297Sjkim            return 0;
2468280297Sjkim    }
2469160814Ssimon
2470280297Sjkim    /* This call populates the ex_flags field correctly */
2471280297Sjkim    X509_check_purpose(x, -1, 0);
2472280297Sjkim    if ((x->sig_alg) && (x->sig_alg->algorithm)) {
2473280297Sjkim        signature_nid = OBJ_obj2nid(x->sig_alg->algorithm);
2474280297Sjkim        OBJ_find_sigid_algs(signature_nid, &md_nid, &pk_nid);
2475280297Sjkim    }
2476280297Sjkim    if (alg_k & SSL_kECDHe || alg_k & SSL_kECDHr) {
2477280297Sjkim        /* key usage, if present, must allow key agreement */
2478280297Sjkim        if (ku_reject(x, X509v3_KU_KEY_AGREEMENT)) {
2479280297Sjkim            SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
2480280297Sjkim                   SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT);
2481280297Sjkim            return 0;
2482280297Sjkim        }
2483280297Sjkim        if ((alg_k & SSL_kECDHe) && TLS1_get_version(s) < TLS1_2_VERSION) {
2484280297Sjkim            /* signature alg must be ECDSA */
2485280297Sjkim            if (pk_nid != NID_X9_62_id_ecPublicKey) {
2486280297Sjkim                SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
2487280297Sjkim                       SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE);
2488280297Sjkim                return 0;
2489280297Sjkim            }
2490280297Sjkim        }
2491280297Sjkim        if ((alg_k & SSL_kECDHr) && TLS1_get_version(s) < TLS1_2_VERSION) {
2492280297Sjkim            /* signature alg must be RSA */
2493238405Sjkim
2494280297Sjkim            if (pk_nid != NID_rsaEncryption && pk_nid != NID_rsa) {
2495280297Sjkim                SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
2496280297Sjkim                       SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE);
2497280297Sjkim                return 0;
2498280297Sjkim            }
2499280297Sjkim        }
2500280297Sjkim    }
2501280297Sjkim    if (alg_a & SSL_aECDSA) {
2502280297Sjkim        /* key usage, if present, must allow signing */
2503280297Sjkim        if (ku_reject(x, X509v3_KU_DIGITAL_SIGNATURE)) {
2504280297Sjkim            SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
2505280297Sjkim                   SSL_R_ECC_CERT_NOT_FOR_SIGNING);
2506280297Sjkim            return 0;
2507280297Sjkim        }
2508280297Sjkim    }
2509160814Ssimon
2510280297Sjkim    return 1;                   /* all checks are ok */
2511280297Sjkim}
2512160814Ssimon
2513238405Sjkim#endif
2514238405Sjkim
2515290207Sjkimstatic int ssl_get_server_cert_index(const SSL *s)
2516290207Sjkim{
2517290207Sjkim    int idx;
2518290207Sjkim    idx = ssl_cipher_get_cert_index(s->s3->tmp.new_cipher);
2519290207Sjkim    if (idx == SSL_PKEY_RSA_ENC && !s->cert->pkeys[SSL_PKEY_RSA_ENC].x509)
2520290207Sjkim        idx = SSL_PKEY_RSA_SIGN;
2521290207Sjkim    if (idx == -1)
2522290207Sjkim        SSLerr(SSL_F_SSL_GET_SERVER_CERT_INDEX, ERR_R_INTERNAL_ERROR);
2523290207Sjkim    return idx;
2524290207Sjkim}
2525290207Sjkim
2526246772SjkimCERT_PKEY *ssl_get_server_send_pkey(const SSL *s)
2527280297Sjkim{
2528280297Sjkim    CERT *c;
2529280297Sjkim    int i;
253055714Skris
2531280297Sjkim    c = s->cert;
2532290207Sjkim    if (!s->s3 || !s->s3->tmp.new_cipher)
2533290207Sjkim        return NULL;
2534280297Sjkim    ssl_set_cert_masks(c, s->s3->tmp.new_cipher);
253555714Skris
2536290207Sjkim#ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL
2537290207Sjkim    /*
2538290207Sjkim     * Broken protocol test: return last used certificate: which may mismatch
2539290207Sjkim     * the one expected.
2540290207Sjkim     */
2541290207Sjkim    if (c->cert_flags & SSL_CERT_FLAG_BROKEN_PROTOCOL)
2542290207Sjkim        return c->key;
2543290207Sjkim#endif
2544160814Ssimon
2545290207Sjkim    i = ssl_get_server_cert_index(s);
254655714Skris
2547290207Sjkim    /* This may or may not be an error. */
2548290207Sjkim    if (i < 0)
2549290207Sjkim        return NULL;
2550280297Sjkim
2551290207Sjkim    /* May be NULL. */
2552290207Sjkim    return &c->pkeys[i];
2553280297Sjkim}
2554280297Sjkim
2555280297SjkimEVP_PKEY *ssl_get_sign_pkey(SSL *s, const SSL_CIPHER *cipher,
2556280297Sjkim                            const EVP_MD **pmd)
2557280297Sjkim{
2558280297Sjkim    unsigned long alg_a;
2559280297Sjkim    CERT *c;
2560280297Sjkim    int idx = -1;
256155714Skris
2562280297Sjkim    alg_a = cipher->algorithm_auth;
2563280297Sjkim    c = s->cert;
256455714Skris
2565290207Sjkim#ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL
2566290207Sjkim    /*
2567290207Sjkim     * Broken protocol test: use last key: which may mismatch the one
2568290207Sjkim     * expected.
2569290207Sjkim     */
2570290207Sjkim    if (c->cert_flags & SSL_CERT_FLAG_BROKEN_PROTOCOL)
2571290207Sjkim        idx = c->key - c->pkeys;
2572290207Sjkim    else
2573290207Sjkim#endif
2574290207Sjkim
2575280297Sjkim    if ((alg_a & SSL_aDSS) &&
2576290207Sjkim            (c->pkeys[SSL_PKEY_DSA_SIGN].privatekey != NULL))
2577280297Sjkim        idx = SSL_PKEY_DSA_SIGN;
2578280297Sjkim    else if (alg_a & SSL_aRSA) {
2579280297Sjkim        if (c->pkeys[SSL_PKEY_RSA_SIGN].privatekey != NULL)
2580280297Sjkim            idx = SSL_PKEY_RSA_SIGN;
2581280297Sjkim        else if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey != NULL)
2582280297Sjkim            idx = SSL_PKEY_RSA_ENC;
2583280297Sjkim    } else if ((alg_a & SSL_aECDSA) &&
2584280297Sjkim               (c->pkeys[SSL_PKEY_ECC].privatekey != NULL))
2585280297Sjkim        idx = SSL_PKEY_ECC;
2586280297Sjkim    if (idx == -1) {
2587280297Sjkim        SSLerr(SSL_F_SSL_GET_SIGN_PKEY, ERR_R_INTERNAL_ERROR);
2588280297Sjkim        return (NULL);
2589280297Sjkim    }
2590280297Sjkim    if (pmd)
2591280297Sjkim        *pmd = c->pkeys[idx].digest;
2592280297Sjkim    return c->pkeys[idx].privatekey;
2593280297Sjkim}
259455714Skris
2595290207Sjkim#ifndef OPENSSL_NO_TLSEXT
2596290207Sjkimint ssl_get_server_cert_serverinfo(SSL *s, const unsigned char **serverinfo,
2597290207Sjkim                                   size_t *serverinfo_length)
2598290207Sjkim{
2599290207Sjkim    CERT *c = NULL;
2600290207Sjkim    int i = 0;
2601290207Sjkim    *serverinfo_length = 0;
2602290207Sjkim
2603290207Sjkim    c = s->cert;
2604290207Sjkim    i = ssl_get_server_cert_index(s);
2605290207Sjkim
2606290207Sjkim    if (i == -1)
2607290207Sjkim        return 0;
2608290207Sjkim    if (c->pkeys[i].serverinfo == NULL)
2609290207Sjkim        return 0;
2610290207Sjkim
2611290207Sjkim    *serverinfo = c->pkeys[i].serverinfo;
2612290207Sjkim    *serverinfo_length = c->pkeys[i].serverinfo_length;
2613290207Sjkim    return 1;
2614290207Sjkim}
2615290207Sjkim#endif
2616290207Sjkim
2617280297Sjkimvoid ssl_update_cache(SSL *s, int mode)
2618280297Sjkim{
2619280297Sjkim    int i;
262055714Skris
2621280297Sjkim    /*
2622280297Sjkim     * If the session_id_length is 0, we are not supposed to cache it, and it
2623280297Sjkim     * would be rather hard to do anyway :-)
2624280297Sjkim     */
2625280297Sjkim    if (s->session->session_id_length == 0)
2626280297Sjkim        return;
262755714Skris
2628280297Sjkim    i = s->session_ctx->session_cache_mode;
2629280297Sjkim    if ((i & mode) && (!s->hit)
2630280297Sjkim        && ((i & SSL_SESS_CACHE_NO_INTERNAL_STORE)
2631280297Sjkim            || SSL_CTX_add_session(s->session_ctx, s->session))
2632280297Sjkim        && (s->session_ctx->new_session_cb != NULL)) {
2633280297Sjkim        CRYPTO_add(&s->session->references, 1, CRYPTO_LOCK_SSL_SESSION);
2634280297Sjkim        if (!s->session_ctx->new_session_cb(s, s->session))
2635280297Sjkim            SSL_SESSION_free(s->session);
2636280297Sjkim    }
263755714Skris
2638280297Sjkim    /* auto flush every 255 connections */
2639280297Sjkim    if ((!(i & SSL_SESS_CACHE_NO_AUTO_CLEAR)) && ((i & mode) == mode)) {
2640280297Sjkim        if ((((mode & SSL_SESS_CACHE_CLIENT)
2641280297Sjkim              ? s->session_ctx->stats.sess_connect_good
2642280297Sjkim              : s->session_ctx->stats.sess_accept_good) & 0xff) == 0xff) {
2643280297Sjkim            SSL_CTX_flush_sessions(s->session_ctx, (unsigned long)time(NULL));
2644280297Sjkim        }
2645280297Sjkim    }
2646280297Sjkim}
264755714Skris
2648290207Sjkimconst SSL_METHOD *SSL_CTX_get_ssl_method(SSL_CTX *ctx)
2649290207Sjkim{
2650290207Sjkim    return ctx->method;
2651290207Sjkim}
2652290207Sjkim
2653238405Sjkimconst SSL_METHOD *SSL_get_ssl_method(SSL *s)
2654280297Sjkim{
2655280297Sjkim    return (s->method);
2656280297Sjkim}
265755714Skris
2658238405Sjkimint SSL_set_ssl_method(SSL *s, const SSL_METHOD *meth)
2659280297Sjkim{
2660280297Sjkim    int conn = -1;
2661280297Sjkim    int ret = 1;
266255714Skris
2663280297Sjkim    if (s->method != meth) {
2664280297Sjkim        if (s->handshake_func != NULL)
2665280297Sjkim            conn = (s->handshake_func == s->method->ssl_connect);
266655714Skris
2667280297Sjkim        if (s->method->version == meth->version)
2668280297Sjkim            s->method = meth;
2669280297Sjkim        else {
2670280297Sjkim            s->method->ssl_free(s);
2671280297Sjkim            s->method = meth;
2672280297Sjkim            ret = s->method->ssl_new(s);
2673280297Sjkim        }
267455714Skris
2675280297Sjkim        if (conn == 1)
2676280297Sjkim            s->handshake_func = meth->ssl_connect;
2677280297Sjkim        else if (conn == 0)
2678280297Sjkim            s->handshake_func = meth->ssl_accept;
2679280297Sjkim    }
2680280297Sjkim    return (ret);
2681280297Sjkim}
268255714Skris
2683280297Sjkimint SSL_get_error(const SSL *s, int i)
2684280297Sjkim{
2685280297Sjkim    int reason;
2686280297Sjkim    unsigned long l;
2687280297Sjkim    BIO *bio;
268855714Skris
2689280297Sjkim    if (i > 0)
2690280297Sjkim        return (SSL_ERROR_NONE);
269155714Skris
2692280297Sjkim    /*
2693280297Sjkim     * Make things return SSL_ERROR_SYSCALL when doing SSL_do_handshake etc,
2694280297Sjkim     * where we do encode the error
2695280297Sjkim     */
2696280297Sjkim    if ((l = ERR_peek_error()) != 0) {
2697280297Sjkim        if (ERR_GET_LIB(l) == ERR_LIB_SYS)
2698280297Sjkim            return (SSL_ERROR_SYSCALL);
2699280297Sjkim        else
2700280297Sjkim            return (SSL_ERROR_SSL);
2701280297Sjkim    }
270255714Skris
2703280297Sjkim    if ((i < 0) && SSL_want_read(s)) {
2704280297Sjkim        bio = SSL_get_rbio(s);
2705280297Sjkim        if (BIO_should_read(bio))
2706280297Sjkim            return (SSL_ERROR_WANT_READ);
2707280297Sjkim        else if (BIO_should_write(bio))
2708280297Sjkim            /*
2709280297Sjkim             * This one doesn't make too much sense ... We never try to write
2710280297Sjkim             * to the rbio, and an application program where rbio and wbio
2711280297Sjkim             * are separate couldn't even know what it should wait for.
2712280297Sjkim             * However if we ever set s->rwstate incorrectly (so that we have
2713280297Sjkim             * SSL_want_read(s) instead of SSL_want_write(s)) and rbio and
2714280297Sjkim             * wbio *are* the same, this test works around that bug; so it
2715280297Sjkim             * might be safer to keep it.
2716280297Sjkim             */
2717280297Sjkim            return (SSL_ERROR_WANT_WRITE);
2718280297Sjkim        else if (BIO_should_io_special(bio)) {
2719280297Sjkim            reason = BIO_get_retry_reason(bio);
2720280297Sjkim            if (reason == BIO_RR_CONNECT)
2721280297Sjkim                return (SSL_ERROR_WANT_CONNECT);
2722280297Sjkim            else if (reason == BIO_RR_ACCEPT)
2723280297Sjkim                return (SSL_ERROR_WANT_ACCEPT);
2724280297Sjkim            else
2725280297Sjkim                return (SSL_ERROR_SYSCALL); /* unknown */
2726280297Sjkim        }
2727280297Sjkim    }
272855714Skris
2729280297Sjkim    if ((i < 0) && SSL_want_write(s)) {
2730280297Sjkim        bio = SSL_get_wbio(s);
2731280297Sjkim        if (BIO_should_write(bio))
2732280297Sjkim            return (SSL_ERROR_WANT_WRITE);
2733280297Sjkim        else if (BIO_should_read(bio))
2734280297Sjkim            /*
2735280297Sjkim             * See above (SSL_want_read(s) with BIO_should_write(bio))
2736280297Sjkim             */
2737280297Sjkim            return (SSL_ERROR_WANT_READ);
2738280297Sjkim        else if (BIO_should_io_special(bio)) {
2739280297Sjkim            reason = BIO_get_retry_reason(bio);
2740280297Sjkim            if (reason == BIO_RR_CONNECT)
2741280297Sjkim                return (SSL_ERROR_WANT_CONNECT);
2742280297Sjkim            else if (reason == BIO_RR_ACCEPT)
2743280297Sjkim                return (SSL_ERROR_WANT_ACCEPT);
2744280297Sjkim            else
2745280297Sjkim                return (SSL_ERROR_SYSCALL);
2746280297Sjkim        }
2747280297Sjkim    }
2748280297Sjkim    if ((i < 0) && SSL_want_x509_lookup(s)) {
2749280297Sjkim        return (SSL_ERROR_WANT_X509_LOOKUP);
2750280297Sjkim    }
275155714Skris
2752280297Sjkim    if (i == 0) {
2753280297Sjkim        if (s->version == SSL2_VERSION) {
2754280297Sjkim            /* assume it is the socket being closed */
2755280297Sjkim            return (SSL_ERROR_ZERO_RETURN);
2756280297Sjkim        } else {
2757280297Sjkim            if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) &&
2758280297Sjkim                (s->s3->warn_alert == SSL_AD_CLOSE_NOTIFY))
2759280297Sjkim                return (SSL_ERROR_ZERO_RETURN);
2760280297Sjkim        }
2761280297Sjkim    }
2762280297Sjkim    return (SSL_ERROR_SYSCALL);
2763280297Sjkim}
276455714Skris
276555714Skrisint SSL_do_handshake(SSL *s)
2766280297Sjkim{
2767280297Sjkim    int ret = 1;
276855714Skris
2769280297Sjkim    if (s->handshake_func == NULL) {
2770280297Sjkim        SSLerr(SSL_F_SSL_DO_HANDSHAKE, SSL_R_CONNECTION_TYPE_NOT_SET);
2771280297Sjkim        return (-1);
2772280297Sjkim    }
277355714Skris
2774280297Sjkim    s->method->ssl_renegotiate_check(s);
277555714Skris
2776280297Sjkim    if (SSL_in_init(s) || SSL_in_before(s)) {
2777280297Sjkim        ret = s->handshake_func(s);
2778280297Sjkim    }
2779280297Sjkim    return (ret);
2780280297Sjkim}
278155714Skris
2782280297Sjkim/*
2783280297Sjkim * For the next 2 functions, SSL_clear() sets shutdown and so one of these
2784280297Sjkim * calls will reset it
2785280297Sjkim */
278655714Skrisvoid SSL_set_accept_state(SSL *s)
2787280297Sjkim{
2788280297Sjkim    s->server = 1;
2789280297Sjkim    s->shutdown = 0;
2790280297Sjkim    s->state = SSL_ST_ACCEPT | SSL_ST_BEFORE;
2791280297Sjkim    s->handshake_func = s->method->ssl_accept;
2792280297Sjkim    /* clear the current cipher */
2793280297Sjkim    ssl_clear_cipher_ctx(s);
2794280297Sjkim    ssl_clear_hash_ctx(&s->read_hash);
2795280297Sjkim    ssl_clear_hash_ctx(&s->write_hash);
2796280297Sjkim}
279755714Skris
279855714Skrisvoid SSL_set_connect_state(SSL *s)
2799280297Sjkim{
2800280297Sjkim    s->server = 0;
2801280297Sjkim    s->shutdown = 0;
2802280297Sjkim    s->state = SSL_ST_CONNECT | SSL_ST_BEFORE;
2803280297Sjkim    s->handshake_func = s->method->ssl_connect;
2804280297Sjkim    /* clear the current cipher */
2805280297Sjkim    ssl_clear_cipher_ctx(s);
2806280297Sjkim    ssl_clear_hash_ctx(&s->read_hash);
2807280297Sjkim    ssl_clear_hash_ctx(&s->write_hash);
2808280297Sjkim}
280955714Skris
281055714Skrisint ssl_undefined_function(SSL *s)
2811280297Sjkim{
2812280297Sjkim    SSLerr(SSL_F_SSL_UNDEFINED_FUNCTION, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2813280297Sjkim    return (0);
2814280297Sjkim}
281555714Skris
2816160814Ssimonint ssl_undefined_void_function(void)
2817280297Sjkim{
2818280297Sjkim    SSLerr(SSL_F_SSL_UNDEFINED_VOID_FUNCTION,
2819280297Sjkim           ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2820280297Sjkim    return (0);
2821280297Sjkim}
2822160814Ssimon
2823160814Ssimonint ssl_undefined_const_function(const SSL *s)
2824280297Sjkim{
2825280297Sjkim    SSLerr(SSL_F_SSL_UNDEFINED_CONST_FUNCTION,
2826280297Sjkim           ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2827280297Sjkim    return (0);
2828280297Sjkim}
2829160814Ssimon
283055714SkrisSSL_METHOD *ssl_bad_method(int ver)
2831280297Sjkim{
2832280297Sjkim    SSLerr(SSL_F_SSL_BAD_METHOD, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2833280297Sjkim    return (NULL);
2834280297Sjkim}
283555714Skris
2836160814Ssimonconst char *SSL_get_version(const SSL *s)
2837280297Sjkim{
2838280297Sjkim    if (s->version == TLS1_2_VERSION)
2839280297Sjkim        return ("TLSv1.2");
2840280297Sjkim    else if (s->version == TLS1_1_VERSION)
2841280297Sjkim        return ("TLSv1.1");
2842280297Sjkim    else if (s->version == TLS1_VERSION)
2843280297Sjkim        return ("TLSv1");
2844280297Sjkim    else if (s->version == SSL3_VERSION)
2845280297Sjkim        return ("SSLv3");
2846280297Sjkim    else if (s->version == SSL2_VERSION)
2847280297Sjkim        return ("SSLv2");
2848290207Sjkim    else if (s->version == DTLS1_BAD_VER)
2849290207Sjkim        return ("DTLSv0.9");
2850290207Sjkim    else if (s->version == DTLS1_VERSION)
2851290207Sjkim        return ("DTLSv1");
2852290207Sjkim    else if (s->version == DTLS1_2_VERSION)
2853290207Sjkim        return ("DTLSv1.2");
2854280297Sjkim    else
2855280297Sjkim        return ("unknown");
2856280297Sjkim}
285755714Skris
285855714SkrisSSL *SSL_dup(SSL *s)
2859280297Sjkim{
2860280297Sjkim    STACK_OF(X509_NAME) *sk;
2861280297Sjkim    X509_NAME *xn;
2862280297Sjkim    SSL *ret;
2863280297Sjkim    int i;
2864109998Smarkm
2865280297Sjkim    if ((ret = SSL_new(SSL_get_SSL_CTX(s))) == NULL)
2866280297Sjkim        return (NULL);
2867109998Smarkm
2868280297Sjkim    ret->version = s->version;
2869280297Sjkim    ret->type = s->type;
2870280297Sjkim    ret->method = s->method;
287155714Skris
2872280297Sjkim    if (s->session != NULL) {
2873280297Sjkim        /* This copies session-id, SSL_METHOD, sid_ctx, and 'cert' */
2874280297Sjkim        SSL_copy_session_id(ret, s);
2875280297Sjkim    } else {
2876280297Sjkim        /*
2877280297Sjkim         * No session has been established yet, so we have to expect that
2878280297Sjkim         * s->cert or ret->cert will be changed later -- they should not both
2879280297Sjkim         * point to the same object, and thus we can't use
2880280297Sjkim         * SSL_copy_session_id.
2881280297Sjkim         */
288255714Skris
2883280297Sjkim        ret->method->ssl_free(ret);
2884280297Sjkim        ret->method = s->method;
2885280297Sjkim        ret->method->ssl_new(ret);
288655714Skris
2887280297Sjkim        if (s->cert != NULL) {
2888280297Sjkim            if (ret->cert != NULL) {
2889280297Sjkim                ssl_cert_free(ret->cert);
2890280297Sjkim            }
2891280297Sjkim            ret->cert = ssl_cert_dup(s->cert);
2892280297Sjkim            if (ret->cert == NULL)
2893280297Sjkim                goto err;
2894280297Sjkim        }
289555714Skris
2896280297Sjkim        SSL_set_session_id_context(ret, s->sid_ctx, s->sid_ctx_length);
2897280297Sjkim    }
289855714Skris
2899280297Sjkim    ret->options = s->options;
2900280297Sjkim    ret->mode = s->mode;
2901280297Sjkim    SSL_set_max_cert_list(ret, SSL_get_max_cert_list(s));
2902280297Sjkim    SSL_set_read_ahead(ret, SSL_get_read_ahead(s));
2903280297Sjkim    ret->msg_callback = s->msg_callback;
2904280297Sjkim    ret->msg_callback_arg = s->msg_callback_arg;
2905280297Sjkim    SSL_set_verify(ret, SSL_get_verify_mode(s), SSL_get_verify_callback(s));
2906280297Sjkim    SSL_set_verify_depth(ret, SSL_get_verify_depth(s));
2907280297Sjkim    ret->generate_session_id = s->generate_session_id;
290855714Skris
2909280297Sjkim    SSL_set_info_callback(ret, SSL_get_info_callback(s));
291055714Skris
2911280297Sjkim    ret->debug = s->debug;
2912160814Ssimon
2913280297Sjkim    /* copy app data, a little dangerous perhaps */
2914280297Sjkim    if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL, &ret->ex_data, &s->ex_data))
2915280297Sjkim        goto err;
291655714Skris
2917280297Sjkim    /* setup rbio, and wbio */
2918280297Sjkim    if (s->rbio != NULL) {
2919280297Sjkim        if (!BIO_dup_state(s->rbio, (char *)&ret->rbio))
2920280297Sjkim            goto err;
2921280297Sjkim    }
2922280297Sjkim    if (s->wbio != NULL) {
2923280297Sjkim        if (s->wbio != s->rbio) {
2924280297Sjkim            if (!BIO_dup_state(s->wbio, (char *)&ret->wbio))
2925280297Sjkim                goto err;
2926280297Sjkim        } else
2927280297Sjkim            ret->wbio = ret->rbio;
2928280297Sjkim    }
2929280297Sjkim    ret->rwstate = s->rwstate;
2930280297Sjkim    ret->in_handshake = s->in_handshake;
2931280297Sjkim    ret->handshake_func = s->handshake_func;
2932280297Sjkim    ret->server = s->server;
2933280297Sjkim    ret->renegotiate = s->renegotiate;
2934280297Sjkim    ret->new_session = s->new_session;
2935280297Sjkim    ret->quiet_shutdown = s->quiet_shutdown;
2936280297Sjkim    ret->shutdown = s->shutdown;
2937280297Sjkim    ret->state = s->state;      /* SSL_dup does not really work at any state,
2938280297Sjkim                                 * though */
2939280297Sjkim    ret->rstate = s->rstate;
2940280297Sjkim    ret->init_num = 0;          /* would have to copy ret->init_buf,
2941280297Sjkim                                 * ret->init_msg, ret->init_num,
2942280297Sjkim                                 * ret->init_off */
2943280297Sjkim    ret->hit = s->hit;
294455714Skris
2945280297Sjkim    X509_VERIFY_PARAM_inherit(ret->param, s->param);
294655714Skris
2947280297Sjkim    /* dup the cipher_list and cipher_list_by_id stacks */
2948280297Sjkim    if (s->cipher_list != NULL) {
2949280297Sjkim        if ((ret->cipher_list = sk_SSL_CIPHER_dup(s->cipher_list)) == NULL)
2950280297Sjkim            goto err;
2951280297Sjkim    }
2952280297Sjkim    if (s->cipher_list_by_id != NULL)
2953280297Sjkim        if ((ret->cipher_list_by_id = sk_SSL_CIPHER_dup(s->cipher_list_by_id))
2954280297Sjkim            == NULL)
2955280297Sjkim            goto err;
2956280297Sjkim
2957280297Sjkim    /* Dup the client_CA list */
2958280297Sjkim    if (s->client_CA != NULL) {
2959280297Sjkim        if ((sk = sk_X509_NAME_dup(s->client_CA)) == NULL)
2960280297Sjkim            goto err;
2961280297Sjkim        ret->client_CA = sk;
2962280297Sjkim        for (i = 0; i < sk_X509_NAME_num(sk); i++) {
2963280297Sjkim            xn = sk_X509_NAME_value(sk, i);
2964280297Sjkim            if (sk_X509_NAME_set(sk, i, X509_NAME_dup(xn)) == NULL) {
2965280297Sjkim                X509_NAME_free(xn);
2966280297Sjkim                goto err;
2967280297Sjkim            }
2968280297Sjkim        }
2969280297Sjkim    }
2970280297Sjkim
2971280297Sjkim    if (0) {
2972280297Sjkim err:
2973280297Sjkim        if (ret != NULL)
2974280297Sjkim            SSL_free(ret);
2975280297Sjkim        ret = NULL;
2976280297Sjkim    }
2977280297Sjkim    return (ret);
2978280297Sjkim}
2979280297Sjkim
298055714Skrisvoid ssl_clear_cipher_ctx(SSL *s)
2981280297Sjkim{
2982280297Sjkim    if (s->enc_read_ctx != NULL) {
2983280297Sjkim        EVP_CIPHER_CTX_cleanup(s->enc_read_ctx);
2984280297Sjkim        OPENSSL_free(s->enc_read_ctx);
2985280297Sjkim        s->enc_read_ctx = NULL;
2986280297Sjkim    }
2987280297Sjkim    if (s->enc_write_ctx != NULL) {
2988280297Sjkim        EVP_CIPHER_CTX_cleanup(s->enc_write_ctx);
2989280297Sjkim        OPENSSL_free(s->enc_write_ctx);
2990280297Sjkim        s->enc_write_ctx = NULL;
2991280297Sjkim    }
2992160814Ssimon#ifndef OPENSSL_NO_COMP
2993280297Sjkim    if (s->expand != NULL) {
2994280297Sjkim        COMP_CTX_free(s->expand);
2995280297Sjkim        s->expand = NULL;
2996280297Sjkim    }
2997280297Sjkim    if (s->compress != NULL) {
2998280297Sjkim        COMP_CTX_free(s->compress);
2999280297Sjkim        s->compress = NULL;
3000280297Sjkim    }
3001160814Ssimon#endif
3002280297Sjkim}
300355714Skris
3004160814SsimonX509 *SSL_get_certificate(const SSL *s)
3005280297Sjkim{
3006280297Sjkim    if (s->cert != NULL)
3007280297Sjkim        return (s->cert->key->x509);
3008280297Sjkim    else
3009280297Sjkim        return (NULL);
3010280297Sjkim}
301155714Skris
3012290207SjkimEVP_PKEY *SSL_get_privatekey(const SSL *s)
3013280297Sjkim{
3014280297Sjkim    if (s->cert != NULL)
3015280297Sjkim        return (s->cert->key->privatekey);
3016280297Sjkim    else
3017280297Sjkim        return (NULL);
3018280297Sjkim}
301955714Skris
3020290207SjkimX509 *SSL_CTX_get0_certificate(const SSL_CTX *ctx)
3021290207Sjkim{
3022290207Sjkim    if (ctx->cert != NULL)
3023290207Sjkim        return ctx->cert->key->x509;
3024290207Sjkim    else
3025290207Sjkim        return NULL;
3026290207Sjkim}
3027290207Sjkim
3028290207SjkimEVP_PKEY *SSL_CTX_get0_privatekey(const SSL_CTX *ctx)
3029290207Sjkim{
3030290207Sjkim    if (ctx->cert != NULL)
3031290207Sjkim        return ctx->cert->key->privatekey;
3032290207Sjkim    else
3033290207Sjkim        return NULL;
3034290207Sjkim}
3035290207Sjkim
3036238405Sjkimconst SSL_CIPHER *SSL_get_current_cipher(const SSL *s)
3037280297Sjkim{
3038280297Sjkim    if ((s->session != NULL) && (s->session->cipher != NULL))
3039280297Sjkim        return (s->session->cipher);
3040280297Sjkim    return (NULL);
3041280297Sjkim}
3042280297Sjkim
3043160814Ssimon#ifdef OPENSSL_NO_COMP
3044160814Ssimonconst void *SSL_get_current_compression(SSL *s)
3045280297Sjkim{
3046280297Sjkim    return NULL;
3047280297Sjkim}
3048280297Sjkim
3049160814Ssimonconst void *SSL_get_current_expansion(SSL *s)
3050280297Sjkim{
3051280297Sjkim    return NULL;
3052280297Sjkim}
3053160814Ssimon#else
305455714Skris
3055160814Ssimonconst COMP_METHOD *SSL_get_current_compression(SSL *s)
3056280297Sjkim{
3057280297Sjkim    if (s->compress != NULL)
3058280297Sjkim        return (s->compress->meth);
3059280297Sjkim    return (NULL);
3060280297Sjkim}
3061160814Ssimon
3062160814Ssimonconst COMP_METHOD *SSL_get_current_expansion(SSL *s)
3063280297Sjkim{
3064280297Sjkim    if (s->expand != NULL)
3065280297Sjkim        return (s->expand->meth);
3066280297Sjkim    return (NULL);
3067280297Sjkim}
3068160814Ssimon#endif
3069160814Ssimon
3070280297Sjkimint ssl_init_wbio_buffer(SSL *s, int push)
3071280297Sjkim{
3072280297Sjkim    BIO *bbio;
307355714Skris
3074280297Sjkim    if (s->bbio == NULL) {
3075280297Sjkim        bbio = BIO_new(BIO_f_buffer());
3076280297Sjkim        if (bbio == NULL)
3077280297Sjkim            return (0);
3078280297Sjkim        s->bbio = bbio;
3079280297Sjkim    } else {
3080280297Sjkim        bbio = s->bbio;
3081280297Sjkim        if (s->bbio == s->wbio)
3082280297Sjkim            s->wbio = BIO_pop(s->wbio);
3083280297Sjkim    }
3084280297Sjkim    (void)BIO_reset(bbio);
3085280297Sjkim/*      if (!BIO_set_write_buffer_size(bbio,16*1024)) */
3086280297Sjkim    if (!BIO_set_read_buffer_size(bbio, 1)) {
3087280297Sjkim        SSLerr(SSL_F_SSL_INIT_WBIO_BUFFER, ERR_R_BUF_LIB);
3088280297Sjkim        return (0);
3089280297Sjkim    }
3090280297Sjkim    if (push) {
3091280297Sjkim        if (s->wbio != bbio)
3092280297Sjkim            s->wbio = BIO_push(bbio, s->wbio);
3093280297Sjkim    } else {
3094280297Sjkim        if (s->wbio == bbio)
3095280297Sjkim            s->wbio = BIO_pop(bbio);
3096280297Sjkim    }
3097280297Sjkim    return (1);
3098280297Sjkim}
309955714Skris
310055714Skrisvoid ssl_free_wbio_buffer(SSL *s)
3101280297Sjkim{
3102280297Sjkim    if (s->bbio == NULL)
3103280297Sjkim        return;
310455714Skris
3105280297Sjkim    if (s->bbio == s->wbio) {
3106280297Sjkim        /* remove buffering */
3107280297Sjkim        s->wbio = BIO_pop(s->wbio);
3108280297Sjkim#ifdef REF_CHECK                /* not the usual REF_CHECK, but this avoids
3109280297Sjkim                                 * adding one more preprocessor symbol */
3110280297Sjkim        assert(s->wbio != NULL);
3111238405Sjkim#endif
3112280297Sjkim    }
3113280297Sjkim    BIO_free(s->bbio);
3114280297Sjkim    s->bbio = NULL;
3115280297Sjkim}
311655714Skris
3117280297Sjkimvoid SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode)
3118280297Sjkim{
3119280297Sjkim    ctx->quiet_shutdown = mode;
3120280297Sjkim}
3121280297Sjkim
3122160814Ssimonint SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx)
3123280297Sjkim{
3124280297Sjkim    return (ctx->quiet_shutdown);
3125280297Sjkim}
312655714Skris
3127280297Sjkimvoid SSL_set_quiet_shutdown(SSL *s, int mode)
3128280297Sjkim{
3129280297Sjkim    s->quiet_shutdown = mode;
3130280297Sjkim}
313155714Skris
3132160814Ssimonint SSL_get_quiet_shutdown(const SSL *s)
3133280297Sjkim{
3134280297Sjkim    return (s->quiet_shutdown);
3135280297Sjkim}
313655714Skris
3137280297Sjkimvoid SSL_set_shutdown(SSL *s, int mode)
3138280297Sjkim{
3139280297Sjkim    s->shutdown = mode;
3140280297Sjkim}
314155714Skris
3142160814Ssimonint SSL_get_shutdown(const SSL *s)
3143280297Sjkim{
3144280297Sjkim    return (s->shutdown);
3145280297Sjkim}
314655714Skris
3147160814Ssimonint SSL_version(const SSL *s)
3148280297Sjkim{
3149280297Sjkim    return (s->version);
3150280297Sjkim}
315155714Skris
3152160814SsimonSSL_CTX *SSL_get_SSL_CTX(const SSL *ssl)
3153280297Sjkim{
3154280297Sjkim    return (ssl->ctx);
3155280297Sjkim}
315655714Skris
3157280297SjkimSSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX *ctx)
3158280297Sjkim{
3159280297Sjkim    CERT *ocert = ssl->cert;
3160280297Sjkim    if (ssl->ctx == ctx)
3161280297Sjkim        return ssl->ctx;
3162194206Ssimon#ifndef OPENSSL_NO_TLSEXT
3163280297Sjkim    if (ctx == NULL)
3164280297Sjkim        ctx = ssl->initial_ctx;
3165194206Ssimon#endif
3166280297Sjkim    ssl->cert = ssl_cert_dup(ctx->cert);
3167290207Sjkim    if (ocert) {
3168290207Sjkim        /* Preserve any already negotiated parameters */
3169290207Sjkim        if (ssl->server) {
3170290207Sjkim            ssl->cert->peer_sigalgs = ocert->peer_sigalgs;
3171290207Sjkim            ssl->cert->peer_sigalgslen = ocert->peer_sigalgslen;
3172290207Sjkim            ocert->peer_sigalgs = NULL;
3173290207Sjkim            ssl->cert->ciphers_raw = ocert->ciphers_raw;
3174290207Sjkim            ssl->cert->ciphers_rawlen = ocert->ciphers_rawlen;
3175290207Sjkim            ocert->ciphers_raw = NULL;
3176280297Sjkim        }
3177280297Sjkim        ssl_cert_free(ocert);
3178280297Sjkim    }
3179276861Sjkim
3180280297Sjkim    /*
3181280297Sjkim     * Program invariant: |sid_ctx| has fixed size (SSL_MAX_SID_CTX_LENGTH),
3182280297Sjkim     * so setter APIs must prevent invalid lengths from entering the system.
3183280297Sjkim     */
3184280297Sjkim    OPENSSL_assert(ssl->sid_ctx_length <= sizeof(ssl->sid_ctx));
3185276861Sjkim
3186280297Sjkim    /*
3187280297Sjkim     * If the session ID context matches that of the parent SSL_CTX,
3188280297Sjkim     * inherit it from the new SSL_CTX as well. If however the context does
3189280297Sjkim     * not match (i.e., it was set per-ssl with SSL_set_session_id_context),
3190280297Sjkim     * leave it unchanged.
3191280297Sjkim     */
3192280297Sjkim    if ((ssl->ctx != NULL) &&
3193280297Sjkim        (ssl->sid_ctx_length == ssl->ctx->sid_ctx_length) &&
3194280297Sjkim        (memcmp(ssl->sid_ctx, ssl->ctx->sid_ctx, ssl->sid_ctx_length) == 0)) {
3195280297Sjkim        ssl->sid_ctx_length = ctx->sid_ctx_length;
3196280297Sjkim        memcpy(&ssl->sid_ctx, &ctx->sid_ctx, sizeof(ssl->sid_ctx));
3197280297Sjkim    }
3198276861Sjkim
3199280297Sjkim    CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
3200280297Sjkim    if (ssl->ctx != NULL)
3201280297Sjkim        SSL_CTX_free(ssl->ctx); /* decrement reference count */
3202280297Sjkim    ssl->ctx = ctx;
3203276861Sjkim
3204280297Sjkim    return (ssl->ctx);
3205280297Sjkim}
3206194206Ssimon
3207109998Smarkm#ifndef OPENSSL_NO_STDIO
320855714Skrisint SSL_CTX_set_default_verify_paths(SSL_CTX *ctx)
3209280297Sjkim{
3210280297Sjkim    return (X509_STORE_set_default_paths(ctx->cert_store));
3211280297Sjkim}
321255714Skris
321355714Skrisint SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
3214280297Sjkim                                  const char *CApath)
3215280297Sjkim{
3216280297Sjkim    return (X509_STORE_load_locations(ctx->cert_store, CAfile, CApath));
3217280297Sjkim}
321855714Skris#endif
321955714Skris
3220109998Smarkmvoid SSL_set_info_callback(SSL *ssl,
3221280297Sjkim                           void (*cb) (const SSL *ssl, int type, int val))
3222280297Sjkim{
3223280297Sjkim    ssl->info_callback = cb;
3224280297Sjkim}
322555714Skris
3226280297Sjkim/*
3227280297Sjkim * One compiler (Diab DCC) doesn't like argument names in returned function
3228280297Sjkim * pointer.
3229280297Sjkim */
3230280297Sjkimvoid (*SSL_get_info_callback(const SSL *ssl)) (const SSL * /* ssl */ ,
3231280297Sjkim                                               int /* type */ ,
3232280297Sjkim                                               int /* val */ ) {
3233280297Sjkim    return ssl->info_callback;
3234280297Sjkim}
323555714Skris
3236160814Ssimonint SSL_state(const SSL *ssl)
3237280297Sjkim{
3238280297Sjkim    return (ssl->state);
3239280297Sjkim}
324055714Skris
3241238405Sjkimvoid SSL_set_state(SSL *ssl, int state)
3242280297Sjkim{
3243280297Sjkim    ssl->state = state;
3244280297Sjkim}
3245238405Sjkim
3246280297Sjkimvoid SSL_set_verify_result(SSL *ssl, long arg)
3247280297Sjkim{
3248280297Sjkim    ssl->verify_result = arg;
3249280297Sjkim}
325055714Skris
3251160814Ssimonlong SSL_get_verify_result(const SSL *ssl)
3252280297Sjkim{
3253280297Sjkim    return (ssl->verify_result);
3254280297Sjkim}
325555714Skris
3256280297Sjkimint SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
3257280297Sjkim                         CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
3258280297Sjkim{
3259280297Sjkim    return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL, argl, argp,
3260280297Sjkim                                   new_func, dup_func, free_func);
3261280297Sjkim}
326255714Skris
3263280297Sjkimint SSL_set_ex_data(SSL *s, int idx, void *arg)
3264280297Sjkim{
3265280297Sjkim    return (CRYPTO_set_ex_data(&s->ex_data, idx, arg));
3266280297Sjkim}
326755714Skris
3268280297Sjkimvoid *SSL_get_ex_data(const SSL *s, int idx)
3269280297Sjkim{
3270280297Sjkim    return (CRYPTO_get_ex_data(&s->ex_data, idx));
3271280297Sjkim}
327255714Skris
3273280297Sjkimint SSL_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
3274280297Sjkim                             CRYPTO_EX_dup *dup_func,
3275280297Sjkim                             CRYPTO_EX_free *free_func)
3276280297Sjkim{
3277280297Sjkim    return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX, argl, argp,
3278280297Sjkim                                   new_func, dup_func, free_func);
3279280297Sjkim}
328055714Skris
3281280297Sjkimint SSL_CTX_set_ex_data(SSL_CTX *s, int idx, void *arg)
3282280297Sjkim{
3283280297Sjkim    return (CRYPTO_set_ex_data(&s->ex_data, idx, arg));
3284280297Sjkim}
328555714Skris
3286280297Sjkimvoid *SSL_CTX_get_ex_data(const SSL_CTX *s, int idx)
3287280297Sjkim{
3288280297Sjkim    return (CRYPTO_get_ex_data(&s->ex_data, idx));
3289280297Sjkim}
329055714Skris
329155714Skrisint ssl_ok(SSL *s)
3292280297Sjkim{
3293280297Sjkim    return (1);
3294280297Sjkim}
329555714Skris
3296160814SsimonX509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *ctx)
3297280297Sjkim{
3298280297Sjkim    return (ctx->cert_store);
3299280297Sjkim}
330055714Skris
3301280297Sjkimvoid SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *store)
3302280297Sjkim{
3303280297Sjkim    if (ctx->cert_store != NULL)
3304280297Sjkim        X509_STORE_free(ctx->cert_store);
3305280297Sjkim    ctx->cert_store = store;
3306280297Sjkim}
330755714Skris
3308160814Ssimonint SSL_want(const SSL *s)
3309280297Sjkim{
3310280297Sjkim    return (s->rwstate);
3311280297Sjkim}
331255714Skris
3313280297Sjkim/**
331455714Skris * \brief Set the callback for generating temporary RSA keys.
331555714Skris * \param ctx the SSL context.
331655714Skris * \param cb the callback
331755714Skris */
331855714Skris
3319109998Smarkm#ifndef OPENSSL_NO_RSA
3320280297Sjkimvoid SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx, RSA *(*cb) (SSL *ssl,
3321280297Sjkim                                                            int is_export,
3322280297Sjkim                                                            int keylength))
3323280297Sjkim{
3324280297Sjkim    SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_RSA_CB, (void (*)(void))cb);
3325280297Sjkim}
332655714Skris
3327280297Sjkimvoid SSL_set_tmp_rsa_callback(SSL *ssl, RSA *(*cb) (SSL *ssl,
3328280297Sjkim                                                    int is_export,
3329280297Sjkim                                                    int keylength))
3330280297Sjkim{
3331280297Sjkim    SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_RSA_CB, (void (*)(void))cb);
3332280297Sjkim}
333355714Skris#endif
333455714Skris
333555714Skris#ifdef DOXYGEN
3336280297Sjkim/**
333755714Skris * \brief The RSA temporary key callback function.
333855714Skris * \param ssl the SSL session.
333955714Skris * \param is_export \c TRUE if the temp RSA key is for an export ciphersuite.
334055714Skris * \param keylength if \c is_export is \c TRUE, then \c keylength is the size
334155714Skris * of the required key in bits.
334255714Skris * \return the temporary RSA key.
334355714Skris * \sa SSL_CTX_set_tmp_rsa_callback, SSL_set_tmp_rsa_callback
334455714Skris */
334555714Skris
3346280297SjkimRSA *cb(SSL *ssl, int is_export, int keylength)
3347280297Sjkim{
3348280297Sjkim}
334955714Skris#endif
335055714Skris
3351280297Sjkim/**
335255714Skris * \brief Set the callback for generating temporary DH keys.
335355714Skris * \param ctx the SSL context.
335455714Skris * \param dh the callback
335555714Skris */
335655714Skris
3357109998Smarkm#ifndef OPENSSL_NO_DH
3358280297Sjkimvoid SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
3359280297Sjkim                                 DH *(*dh) (SSL *ssl, int is_export,
3360280297Sjkim                                            int keylength))
3361280297Sjkim{
3362280297Sjkim    SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_DH_CB, (void (*)(void))dh);
3363280297Sjkim}
336455714Skris
3365280297Sjkimvoid SSL_set_tmp_dh_callback(SSL *ssl, DH *(*dh) (SSL *ssl, int is_export,
3366280297Sjkim                                                  int keylength))
3367280297Sjkim{
3368280297Sjkim    SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_DH_CB, (void (*)(void))dh);
3369280297Sjkim}
337055714Skris#endif
337155714Skris
3372160814Ssimon#ifndef OPENSSL_NO_ECDH
3373280297Sjkimvoid SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx,
3374280297Sjkim                                   EC_KEY *(*ecdh) (SSL *ssl, int is_export,
3375280297Sjkim                                                    int keylength))
3376280297Sjkim{
3377280297Sjkim    SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_ECDH_CB,
3378280297Sjkim                          (void (*)(void))ecdh);
3379280297Sjkim}
3380109998Smarkm
3381280297Sjkimvoid SSL_set_tmp_ecdh_callback(SSL *ssl,
3382280297Sjkim                               EC_KEY *(*ecdh) (SSL *ssl, int is_export,
3383280297Sjkim                                                int keylength))
3384280297Sjkim{
3385280297Sjkim    SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_ECDH_CB, (void (*)(void))ecdh);
3386280297Sjkim}
3387160814Ssimon#endif
3388160814Ssimon
3389238405Sjkim#ifndef OPENSSL_NO_PSK
3390238405Sjkimint SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *identity_hint)
3391280297Sjkim{
3392280297Sjkim    if (identity_hint != NULL && strlen(identity_hint) > PSK_MAX_IDENTITY_LEN) {
3393280297Sjkim        SSLerr(SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT,
3394280297Sjkim               SSL_R_DATA_LENGTH_TOO_LONG);
3395280297Sjkim        return 0;
3396280297Sjkim    }
3397280297Sjkim    if (ctx->psk_identity_hint != NULL)
3398280297Sjkim        OPENSSL_free(ctx->psk_identity_hint);
3399280297Sjkim    if (identity_hint != NULL) {
3400280297Sjkim        ctx->psk_identity_hint = BUF_strdup(identity_hint);
3401280297Sjkim        if (ctx->psk_identity_hint == NULL)
3402280297Sjkim            return 0;
3403280297Sjkim    } else
3404280297Sjkim        ctx->psk_identity_hint = NULL;
3405280297Sjkim    return 1;
3406280297Sjkim}
3407160814Ssimon
3408238405Sjkimint SSL_use_psk_identity_hint(SSL *s, const char *identity_hint)
3409280297Sjkim{
3410280297Sjkim    if (s == NULL)
3411280297Sjkim        return 0;
3412238405Sjkim
3413280297Sjkim    if (s->session == NULL)
3414280297Sjkim        return 1;               /* session not created yet, ignored */
3415238405Sjkim
3416280297Sjkim    if (identity_hint != NULL && strlen(identity_hint) > PSK_MAX_IDENTITY_LEN) {
3417280297Sjkim        SSLerr(SSL_F_SSL_USE_PSK_IDENTITY_HINT, SSL_R_DATA_LENGTH_TOO_LONG);
3418280297Sjkim        return 0;
3419280297Sjkim    }
3420280297Sjkim    if (s->session->psk_identity_hint != NULL)
3421280297Sjkim        OPENSSL_free(s->session->psk_identity_hint);
3422280297Sjkim    if (identity_hint != NULL) {
3423280297Sjkim        s->session->psk_identity_hint = BUF_strdup(identity_hint);
3424280297Sjkim        if (s->session->psk_identity_hint == NULL)
3425280297Sjkim            return 0;
3426280297Sjkim    } else
3427280297Sjkim        s->session->psk_identity_hint = NULL;
3428280297Sjkim    return 1;
3429280297Sjkim}
3430238405Sjkim
3431238405Sjkimconst char *SSL_get_psk_identity_hint(const SSL *s)
3432280297Sjkim{
3433280297Sjkim    if (s == NULL || s->session == NULL)
3434280297Sjkim        return NULL;
3435280297Sjkim    return (s->session->psk_identity_hint);
3436280297Sjkim}
3437238405Sjkim
3438238405Sjkimconst char *SSL_get_psk_identity(const SSL *s)
3439280297Sjkim{
3440280297Sjkim    if (s == NULL || s->session == NULL)
3441280297Sjkim        return NULL;
3442280297Sjkim    return (s->session->psk_identity);
3443280297Sjkim}
3444238405Sjkim
3445238405Sjkimvoid SSL_set_psk_client_callback(SSL *s,
3446280297Sjkim                                 unsigned int (*cb) (SSL *ssl,
3447280297Sjkim                                                     const char *hint,
3448280297Sjkim                                                     char *identity,
3449280297Sjkim                                                     unsigned int
3450280297Sjkim                                                     max_identity_len,
3451280297Sjkim                                                     unsigned char *psk,
3452280297Sjkim                                                     unsigned int
3453280297Sjkim                                                     max_psk_len))
3454280297Sjkim{
3455280297Sjkim    s->psk_client_callback = cb;
3456280297Sjkim}
3457238405Sjkim
3458238405Sjkimvoid SSL_CTX_set_psk_client_callback(SSL_CTX *ctx,
3459280297Sjkim                                     unsigned int (*cb) (SSL *ssl,
3460280297Sjkim                                                         const char *hint,
3461280297Sjkim                                                         char *identity,
3462280297Sjkim                                                         unsigned int
3463280297Sjkim                                                         max_identity_len,
3464280297Sjkim                                                         unsigned char *psk,
3465280297Sjkim                                                         unsigned int
3466280297Sjkim                                                         max_psk_len))
3467280297Sjkim{
3468280297Sjkim    ctx->psk_client_callback = cb;
3469280297Sjkim}
3470238405Sjkim
3471238405Sjkimvoid SSL_set_psk_server_callback(SSL *s,
3472280297Sjkim                                 unsigned int (*cb) (SSL *ssl,
3473280297Sjkim                                                     const char *identity,
3474280297Sjkim                                                     unsigned char *psk,
3475280297Sjkim                                                     unsigned int
3476280297Sjkim                                                     max_psk_len))
3477280297Sjkim{
3478280297Sjkim    s->psk_server_callback = cb;
3479280297Sjkim}
3480238405Sjkim
3481238405Sjkimvoid SSL_CTX_set_psk_server_callback(SSL_CTX *ctx,
3482280297Sjkim                                     unsigned int (*cb) (SSL *ssl,
3483280297Sjkim                                                         const char *identity,
3484280297Sjkim                                                         unsigned char *psk,
3485280297Sjkim                                                         unsigned int
3486280297Sjkim                                                         max_psk_len))
3487280297Sjkim{
3488280297Sjkim    ctx->psk_server_callback = cb;
3489280297Sjkim}
3490238405Sjkim#endif
3491238405Sjkim
3492280297Sjkimvoid SSL_CTX_set_msg_callback(SSL_CTX *ctx,
3493280297Sjkim                              void (*cb) (int write_p, int version,
3494280297Sjkim                                          int content_type, const void *buf,
3495280297Sjkim                                          size_t len, SSL *ssl, void *arg))
3496280297Sjkim{
3497280297Sjkim    SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb);
3498280297Sjkim}
3499109998Smarkm
3500280297Sjkimvoid SSL_set_msg_callback(SSL *ssl,
3501280297Sjkim                          void (*cb) (int write_p, int version,
3502280297Sjkim                                      int content_type, const void *buf,
3503280297Sjkim                                      size_t len, SSL *ssl, void *arg))
3504280297Sjkim{
3505280297Sjkim    SSL_callback_ctrl(ssl, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb);
3506280297Sjkim}
3507280297Sjkim
3508280297Sjkim/*
3509280297Sjkim * Allocates new EVP_MD_CTX and sets pointer to it into given pointer
3510280297Sjkim * vairable, freeing EVP_MD_CTX previously stored in that variable, if any.
3511280297Sjkim * If EVP_MD pointer is passed, initializes ctx with this md Returns newly
3512280297Sjkim * allocated ctx;
3513238405Sjkim */
3514109998Smarkm
3515280297SjkimEVP_MD_CTX *ssl_replace_hash(EVP_MD_CTX **hash, const EVP_MD *md)
3516238405Sjkim{
3517280297Sjkim    ssl_clear_hash_ctx(hash);
3518280297Sjkim    *hash = EVP_MD_CTX_create();
3519291719Sjkim    if (*hash == NULL || (md && EVP_DigestInit_ex(*hash, md, NULL) <= 0)) {
3520291719Sjkim        EVP_MD_CTX_destroy(*hash);
3521291719Sjkim        *hash = NULL;
3522291719Sjkim        return NULL;
3523291719Sjkim    }
3524280297Sjkim    return *hash;
3525238405Sjkim}
3526280297Sjkim
3527280297Sjkimvoid ssl_clear_hash_ctx(EVP_MD_CTX **hash)
3528238405Sjkim{
3529109998Smarkm
3530280297Sjkim    if (*hash)
3531280297Sjkim        EVP_MD_CTX_destroy(*hash);
3532280297Sjkim    *hash = NULL;
3533238405Sjkim}
3534238405Sjkim
3535238405Sjkimvoid SSL_set_debug(SSL *s, int debug)
3536280297Sjkim{
3537280297Sjkim    s->debug = debug;
3538280297Sjkim}
3539238405Sjkim
3540238405Sjkimint SSL_cache_hit(SSL *s)
3541280297Sjkim{
3542280297Sjkim    return s->hit;
3543280297Sjkim}
3544238405Sjkim
3545290207Sjkimint SSL_is_server(SSL *s)
3546290207Sjkim{
3547290207Sjkim    return s->server;
3548290207Sjkim}
3549290207Sjkim
3550109998Smarkm#if defined(_WINDLL) && defined(OPENSSL_SYS_WIN16)
3551280297Sjkim# include "../crypto/bio/bss_file.c"
355255714Skris#endif
355355714Skris
355455714SkrisIMPLEMENT_STACK_OF(SSL_CIPHER)
355555714SkrisIMPLEMENT_STACK_OF(SSL_COMP)
3556280297SjkimIMPLEMENT_OBJ_BSEARCH_GLOBAL_CMP_FN(SSL_CIPHER, SSL_CIPHER, ssl_cipher_id);
3557