X-Git-Url: https://git.openssl.org/?a=blobdiff_plain;f=ssl%2Fstatem%2Fstatem_lib.c;h=ab860f6146e731f53d569bdfb2101313f4aec445;hb=2a9b96548afc0d540ab873a31dc1a72c66cba434;hp=75d151e5e0b8d566e2a565a0dbeed30957f9f763;hpb=8ba708e5166b02ab61f2762d36b3e7b7455e9c06;p=openssl.git diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c index 75d151e5e0..ab860f6146 100644 --- a/ssl/statem/statem_lib.c +++ b/ssl/statem/statem_lib.c @@ -118,6 +118,7 @@ #include #include #include "../ssl_locl.h" +#include "statem_locl.h" #include #include #include @@ -224,7 +225,7 @@ static void ssl3_take_mac(SSL *s) } #endif -enum MSG_PROCESS_RETURN tls_process_change_cipher_spec(SSL *s, PACKET *pkt) +MSG_PROCESS_RETURN tls_process_change_cipher_spec(SSL *s, PACKET *pkt) { int al; long remain; @@ -287,11 +288,11 @@ enum MSG_PROCESS_RETURN tls_process_change_cipher_spec(SSL *s, PACKET *pkt) return MSG_PROCESS_CONTINUE_READING; f_err: ssl3_send_alert(s, SSL3_AL_FATAL, al); - statem_set_error(s); + ossl_statem_set_error(s); return MSG_PROCESS_ERROR; } -enum MSG_PROCESS_RETURN tls_process_finished(SSL *s, PACKET *pkt) +MSG_PROCESS_RETURN tls_process_finished(SSL *s, PACKET *pkt) { int al, i; @@ -305,7 +306,7 @@ enum MSG_PROCESS_RETURN tls_process_finished(SSL *s, PACKET *pkt) i = s->s3->tmp.peer_finish_md_len; - if (i < 0 || (unsigned long)i != PACKET_remaining(pkt)) { + if ((unsigned long)i != PACKET_remaining(pkt)) { al = SSL_AD_DECODE_ERROR; SSLerr(SSL_F_TLS_PROCESS_FINISHED, SSL_R_BAD_DIGEST_LENGTH); goto f_err; @@ -330,10 +331,10 @@ enum MSG_PROCESS_RETURN tls_process_finished(SSL *s, PACKET *pkt) s->s3->previous_server_finished_len = i; } - return MSG_PROCESS_CONTINUE_PROCESSING; + return MSG_PROCESS_FINISHED_READING; f_err: ssl3_send_alert(s, SSL3_AL_FATAL, al); - statem_set_error(s); + ossl_statem_set_error(s); return MSG_PROCESS_ERROR; } @@ -369,13 +370,13 @@ unsigned long ssl3_output_cert_chain(SSL *s, CERT_PKEY *cpk) return l + SSL_HM_HEADER_LENGTH(s); } -enum WORK_STATE tls_finish_handshake(SSL *s, enum WORK_STATE wst) +WORK_STATE tls_finish_handshake(SSL *s, WORK_STATE wst) { void (*cb) (const SSL *ssl, int type, int val) = NULL; #ifndef OPENSSL_NO_SCTP if (SSL_IS_DTLS(s) && BIO_dgram_is_sctp(SSL_get_wbio(s))) { - enum WORK_STATE ret; + WORK_STATE ret; ret = dtls_wait_for_dry(s); if (ret != WORK_FINISHED_CONTINUE) return ret; @@ -404,19 +405,16 @@ enum WORK_STATE tls_finish_handshake(SSL *s, enum WORK_STATE wst) s->new_session = 0; if (s->server) { - s->renegotiate = 0; - s->new_session = 0; - ssl_update_cache(s, SSL_SESS_CACHE_SERVER); s->ctx->stats.sess_accept_good++; - s->handshake_func = statem_accept; + s->handshake_func = ossl_statem_accept; } else { ssl_update_cache(s, SSL_SESS_CACHE_CLIENT); if (s->hit) s->ctx->stats.sess_hit++; - s->handshake_func = statem_connect; + s->handshake_func = ossl_statem_connect; s->ctx->stats.sess_connect_good++; } @@ -625,9 +623,16 @@ int ssl_cert_type(X509 *x, EVP_PKEY *pkey) ret = SSL_PKEY_ECC; } #endif +#ifndef OPENSSL_NO_GOST else if (i == NID_id_GostR3410_2001) { ret = SSL_PKEY_GOST01; - } else if (x && (i == EVP_PKEY_DH || i == EVP_PKEY_DHX)) { + } else if (i == NID_id_GostR3410_2012_256) { + ret = SSL_PKEY_GOST12_256; + } else if (i == NID_id_GostR3410_2012_512) { + ret = SSL_PKEY_GOST12_512; + } +#endif + else if (x && (i == EVP_PKEY_DH || i == EVP_PKEY_DHX)) { /* * For DH two cases: DH certificate signed with RSA and DH * certificate signed with DSA.