projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Avoid sprintf, and harmonize indentation.
[openssl.git] / ssl / s3_lib.c
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 7c71f5e3211f6dea1d6829ca5776f29277cd5362..7ada26cbb693b3a8f5807f06d5e27d3795689fb4 100644 (file)
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -608,18 +608,9 @@ static SSL_METHOD SSLv3_data= {
        ssl_bad_method,
        ssl3_default_timeout,
        &SSLv3_enc_data,
-       };
-
-union rsa_fn_to_char_u
-       {
-       char *char_p;
-       RSA *(*fn_p)(SSL *, int, int);
-       };
-
-union dh_fn_to_char_u
-       {
-       char *char_p;
-       DH *(*fn_p)(SSL *, int, int);
+       ssl_undefined_function,
+       ssl3_callback_ctrl,
+       ssl3_ctx_callback_ctrl,
        };
 
 static long ssl3_default_timeout(void)
@@ -704,6 +695,10 @@ void ssl3_clear(SSL *s)
                Free(s->s3->rrec.comp);
                s->s3->rrec.comp=NULL;
                }
+#ifndef NO_DH
+       if (s->s3->tmp.dh != NULL)
+               DH_free(s->s3->tmp.dh);
+#endif
 
        rp=s->s3->rbuf.buf;
        wp=s->s3->wbuf.buf;
@@ -776,14 +771,16 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, char *parg)
        case SSL_CTRL_SET_TMP_RSA:
                {
                        RSA *rsa = (RSA *)parg;
-                       if (rsa == NULL) {
+                       if (rsa == NULL)
+                               {
                                SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
                                return(ret);
-                       }
-                       if ((rsa = RSAPrivateKey_dup(rsa)) == NULL) {
+                               }
+                       if ((rsa = RSAPrivateKey_dup(rsa)) == NULL)
+                               {
                                SSLerr(SSL_F_SSL3_CTRL, ERR_R_RSA_LIB);
                                return(ret);
-                       }
+                               }
                        if (s->cert->rsa_tmp != NULL)
                                RSA_free(s->cert->rsa_tmp);
                        s->cert->rsa_tmp = rsa;
@@ -792,10 +789,8 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, char *parg)
                break;
        case SSL_CTRL_SET_TMP_RSA_CB:
                {
-               union rsa_fn_to_char_u rsa_tmp_cb;
-
-               rsa_tmp_cb.char_p = parg;
-               s->cert->rsa_tmp_cb = rsa_tmp_cb.fn_p;
+               SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+               return(ret);
                }
                break;
 #endif
@@ -803,19 +798,25 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, char *parg)
        case SSL_CTRL_SET_TMP_DH:
                {
                        DH *dh = (DH *)parg;
-                       if (dh == NULL) {
+                       if (dh == NULL)
+                               {
                                SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
                                return(ret);
-                       }
-                       if ((dh = DHparams_dup(dh)) == NULL) {
+                               }
+                       if ((dh = DHparams_dup(dh)) == NULL)
+                               {
                                SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
                                return(ret);
-                       }
-                       if (!DH_generate_key(dh)) {
-                               DH_free(dh);
-                               SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
-                               return(ret);
-                       }
+                               }
+                       if (!(s->options & SSL_OP_SINGLE_DH_USE))
+                               {
+                               if (!DH_generate_key(dh))
+                                       {
+                                       DH_free(dh);
+                                       SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
+                                       return(ret);
+                                       }
+                               }
                        if (s->cert->dh_tmp != NULL)
                                DH_free(s->cert->dh_tmp);
                        s->cert->dh_tmp = dh;
@@ -824,10 +825,52 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, char *parg)
                break;
        case SSL_CTRL_SET_TMP_DH_CB:
                {
-               union dh_fn_to_char_u dh_tmp_cb;
+               SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+               return(ret);
+               }
+               break;
+#endif
+       default:
+               break;
+               }
+       return(ret);
+       }
+
+long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)())
+       {
+       int ret=0;
+
+#if !defined(NO_DSA) || !defined(NO_RSA)
+       if (
+#ifndef NO_RSA
+           cmd == SSL_CTRL_SET_TMP_RSA_CB ||
+#endif
+#ifndef NO_DSA
+           cmd == SSL_CTRL_SET_TMP_DH_CB ||
+#endif
+               0)
+               {
+               if (!ssl_cert_inst(&s->cert))
+                       {
+                       SSLerr(SSL_F_SSL3_CALLBACK_CTRL, ERR_R_MALLOC_FAILURE);
+                       return(0);
+                       }
+               }
+#endif
 
-               dh_tmp_cb.char_p = parg;
-               s->cert->dh_tmp_cb = dh_tmp_cb.fn_p;
+       switch (cmd)
+               {
+#ifndef NO_RSA
+       case SSL_CTRL_SET_TMP_RSA_CB:
+               {
+               s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
+               }
+               break;
+#endif
+#ifndef NO_DH
+       case SSL_CTRL_SET_TMP_DH_CB:
+               {
+               s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
                }
                break;
 #endif
@@ -885,10 +928,8 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, char *parg)
                /* break; */
        case SSL_CTRL_SET_TMP_RSA_CB:
                {
-               union rsa_fn_to_char_u rsa_tmp_cb;
-
-               rsa_tmp_cb.char_p = parg;
-               cert->rsa_tmp_cb = rsa_tmp_cb.fn_p;
+               SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+               return(0);
                }
                break;
 #endif
@@ -896,31 +937,32 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, char *parg)
        case SSL_CTRL_SET_TMP_DH:
                {
                DH *new=NULL,*dh;
-               int rret=0;
 
                dh=(DH *)parg;
-               if (    ((new=DHparams_dup(dh)) == NULL) ||
-                       (!DH_generate_key(new)))
+               if ((new=DHparams_dup(dh)) == NULL)
                        {
                        SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
-                       if (new != NULL) DH_free(new);
+                       return 0;
                        }
-               else
+               if (!(ctx->options & SSL_OP_SINGLE_DH_USE))
                        {
-                       if (cert->dh_tmp != NULL)
-                               DH_free(cert->dh_tmp);
-                       cert->dh_tmp=new;
-                       rret=1;
+                       if (!DH_generate_key(new))
+                               {
+                               SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
+                               DH_free(new);
+                               return 0;
+                               }
                        }
-               return(rret);
+               if (cert->dh_tmp != NULL)
+                       DH_free(cert->dh_tmp);
+               cert->dh_tmp=new;
+               return 1;
                }
                /*break; */
        case SSL_CTRL_SET_TMP_DH_CB:
                {
-               union dh_fn_to_char_u dh_tmp_cb;
-
-               dh_tmp_cb.char_p = parg;
-               cert->dh_tmp_cb = dh_tmp_cb.fn_p;
+               SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+               return(0);
                }
                break;
 #endif
@@ -940,6 +982,34 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, char *parg)
        return(1);
        }
 
+long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)())
+       {
+       CERT *cert;
+
+       cert=ctx->cert;
+
+       switch (cmd)
+               {
+#ifndef NO_RSA
+       case SSL_CTRL_SET_TMP_RSA_CB:
+               {
+               cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
+               }
+               break;
+#endif
+#ifndef NO_DH
+       case SSL_CTRL_SET_TMP_DH_CB:
+               {
+               cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
+               }
+               break;
+#endif
+       default:
+               return(0);
+               }
+       return(1);
+       }
+
 /* This function needs to check if the ciphers required are actually
  * available */
 SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
Unnamed repository; edit this file 'description' to name the repository.