#include <openssl/objects.h>
#include "ssl_locl.h"
-static int ssl23_num_ciphers(void );
-static SSL_CIPHER *ssl23_get_cipher(unsigned int u);
-static int ssl23_read(SSL *s, void *buf, int len);
-static int ssl23_peek(SSL *s, void *buf, int len);
-static int ssl23_write(SSL *s, const void *buf, int len);
-static long ssl23_default_timeout(void );
-static int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p);
-static SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p);
-const char *SSL23_version_str="SSLv2/3 compatibility" OPENSSL_VERSION_PTEXT;
-
-static SSL_METHOD SSLv23_data= {
- TLS1_VERSION,
- tls1_new,
- tls1_clear,
- tls1_free,
- ssl_undefined_function,
- ssl_undefined_function,
- ssl23_read,
- ssl23_peek,
- ssl23_write,
- ssl_undefined_function,
- ssl_undefined_function,
- ssl_ok,
- ssl3_get_message,
- ssl3_read_bytes,
- ssl3_write_bytes,
- ssl3_dispatch_alert,
- ssl3_ctrl,
- ssl3_ctx_ctrl,
- ssl23_get_cipher_by_char,
- ssl23_put_cipher_by_char,
- ssl_undefined_const_function,
- ssl23_num_ciphers,
- ssl23_get_cipher,
- ssl_bad_method,
- ssl23_default_timeout,
- &ssl3_undef_enc_method,
- ssl_undefined_void_function,
- ssl3_callback_ctrl,
- ssl3_ctx_callback_ctrl,
- };
-
-static long ssl23_default_timeout(void)
+long ssl23_default_timeout(void)
{
return(300);
}
-SSL_METHOD *sslv23_base_method(void)
- {
- return(&SSLv23_data);
- }
-
-static int ssl23_num_ciphers(void)
+int ssl23_num_ciphers(void)
{
return(ssl3_num_ciphers()
#ifndef OPENSSL_NO_SSL2
);
}
-static SSL_CIPHER *ssl23_get_cipher(unsigned int u)
+const SSL_CIPHER *ssl23_get_cipher(unsigned int u)
{
unsigned int uu=ssl3_num_ciphers();
/* This function needs to check if the ciphers required are actually
* available */
-static SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p)
+const SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p)
{
- SSL_CIPHER c,*cp;
- unsigned long id;
- int n;
+ const SSL_CIPHER *cp;
- n=ssl3_num_ciphers();
- id=0x03000000|((unsigned long)p[0]<<16L)|
- ((unsigned long)p[1]<<8L)|(unsigned long)p[2];
- c.id=id;
cp=ssl3_get_cipher_by_char(p);
#ifndef OPENSSL_NO_SSL2
if (cp == NULL)
return(cp);
}
-static int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
+int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
{
long l;
/* We can write SSLv2 and SSLv3 ciphers */
+ /* but no ECC ciphers */
+ if (c->algorithm_mkey == SSL_kECDHr ||
+ c->algorithm_mkey == SSL_kECDHe ||
+ c->algorithm_mkey == SSL_kEECDH ||
+ c->algorithm_auth == SSL_aECDH ||
+ c->algorithm_auth == SSL_aECDSA)
+ return 0;
if (p != NULL)
{
l=c->id;
return(3);
}
-static int ssl23_read(SSL *s, void *buf, int len)
+int ssl23_read(SSL *s, void *buf, int len)
{
int n;
}
}
-static int ssl23_peek(SSL *s, void *buf, int len)
+int ssl23_peek(SSL *s, void *buf, int len)
{
int n;
}
}
-static int ssl23_write(SSL *s, const void *buf, int len)
+int ssl23_write(SSL *s, const void *buf, int len)
{
int n;
projects / openssl.git / blobdiff