#endif
-static SSL_METHOD *ssl3_get_server_method(ver)
-int ver;
+static SSL_METHOD *ssl3_get_server_method(int ver)
{
if (ver == SSL3_VERSION)
return(SSLv3_server_method());
return(NULL);
}
-SSL_METHOD *SSLv3_server_method()
+SSL_METHOD *SSLv3_server_method(void)
{
static int init=1;
static SSL_METHOD SSLv3_server_data;
return(&SSLv3_server_data);
}
-int ssl3_accept(s)
-SSL *s;
+int ssl3_accept(SSL *s)
{
BUF_MEM *buf;
unsigned long l,Time=time(NULL);
return(ret);
}
-static int ssl3_send_hello_request(s)
-SSL *s;
+static int ssl3_send_hello_request(SSL *s)
{
unsigned char *p;
return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
}
-static int ssl3_get_client_hello(s)
-SSL *s;
+static int ssl3_get_client_hello(SSL *s)
{
int i,j,ok,al,ret= -1;
long n;
unsigned char *p,*d,*q;
SSL_CIPHER *c;
SSL_COMP *comp=NULL;
- STACK *ciphers=NULL;
+ STACK_OF(SSL_CIPHER) *ciphers=NULL;
/* We do this so that we will respond with our native type.
* If we are TLSv1 and we get SSLv3, we will respond with TLSv1,
#ifdef CIPHER_DEBUG
printf("client sent %d ciphers\n",sk_num(ciphers));
#endif
- for (i=0; i<sk_num(ciphers); i++)
+ for (i=0; i<sk_SSL_CIPHER_num(ciphers); i++)
{
- c=(SSL_CIPHER *)sk_value(ciphers,i);
+ c=sk_SSL_CIPHER_value(ciphers,i);
#ifdef CIPHER_DEBUG
printf("client [%2d of %2d]:%s\n",
i,sk_num(ciphers),SSL_CIPHER_get_name(c));
}
if (j == 0)
{
- if ((s->options & SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG) && (sk_num(ciphers) == 1))
+ if ((s->options & SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG) && (sk_SSL_CIPHER_num(ciphers) == 1))
{
/* Very bad for multi-threading.... */
- s->session->cipher=
- (SSL_CIPHER *)sk_value(ciphers,0);
+ s->session->cipher=sk_SSL_CIPHER_value(ciphers,
+ 0);
}
else
{
{ /* See if we have a match */
int m,nn,o,v,done=0;
- nn=sk_num(s->ctx->comp_methods);
+ nn=sk_SSL_COMP_num(s->ctx->comp_methods);
for (m=0; m<nn; m++)
{
- comp=(SSL_COMP *)sk_value(s->ctx->comp_methods,m);
+ comp=sk_SSL_COMP_value(s->ctx->comp_methods,m);
v=comp->id;
for (o=0; o<i; o++)
{
{
s->session->compress_meth=(comp == NULL)?0:comp->id;
if (s->session->ciphers != NULL)
- sk_free(s->session->ciphers);
+ sk_SSL_CIPHER_free(s->session->ciphers);
s->session->ciphers=ciphers;
if (ciphers == NULL)
{
}
ciphers=NULL;
c=ssl3_choose_cipher(s,s->session->ciphers,
- ssl_get_ciphers_by_id(s));
+ ssl_get_ciphers_by_id(s));
if (c == NULL)
{
{
/* Session-id reuse */
#ifdef REUSE_CIPHER_BUG
- STACK *sk;
+ STACK_OF(SSL_CIPHER) *sk;
SSL_CIPHER *nc=NULL;
SSL_CIPHER *ec=NULL;
if (s->options & SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG)
{
sk=s->session->ciphers;
- for (i=0; i<sk_num(sk); i++)
+ for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
{
- c=(SSL_CIPHER *)sk_value(sk,i);
+ c=sk_SSL_CIPHER_value(sk,i);
if (c->algorithms & SSL_eNULL)
nc=c;
if (SSL_C_IS_EXPORT(c))
ssl3_send_alert(s,SSL3_AL_FATAL,al);
}
err:
- if (ciphers != NULL) sk_free(ciphers);
+ if (ciphers != NULL) sk_SSL_CIPHER_free(ciphers);
return(ret);
}
-static int ssl3_send_server_hello(s)
-SSL *s;
+static int ssl3_send_server_hello(SSL *s)
{
unsigned char *buf;
unsigned char *p,*d;
return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
}
-static int ssl3_send_server_done(s)
-SSL *s;
+static int ssl3_send_server_done(SSL *s)
{
unsigned char *p;
return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
}
-static int ssl3_send_server_key_exchange(s)
-SSL *s;
+static int ssl3_send_server_key_exchange(SSL *s)
{
#ifndef NO_RSA
unsigned char *q;
if ((rsa == NULL) && (s->ctx->default_cert->rsa_tmp_cb != NULL))
{
rsa=s->ctx->default_cert->rsa_tmp_cb(s,
- !SSL_C_IS_EXPORT(s->s3->tmp.new_cipher));
+ SSL_C_IS_EXPORT(s->s3->tmp.new_cipher),
+ SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher));
CRYPTO_add(&rsa->references,1,CRYPTO_LOCK_RSA);
cert->rsa_tmp=rsa;
}
dhp=cert->dh_tmp;
if ((dhp == NULL) && (cert->dh_tmp_cb != NULL))
dhp=cert->dh_tmp_cb(s,
- !SSL_C_IS_EXPORT(s->s3->tmp.new_cipher));
+ !SSL_C_IS_EXPORT(s->s3->tmp.new_cipher),
+ SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher));
if (dhp == NULL)
{
al=SSL_AD_HANDSHAKE_FAILURE;
return(-1);
}
-static int ssl3_send_certificate_request(s)
-SSL *s;
+static int ssl3_send_certificate_request(SSL *s)
{
unsigned char *p,*d;
int i,j,nl,off,n;
- STACK *sk=NULL;
+ STACK_OF(X509_NAME) *sk=NULL;
X509_NAME *name;
BUF_MEM *buf;
nl=0;
if (sk != NULL)
{
- for (i=0; i<sk_num(sk); i++)
+ for (i=0; i<sk_X509_NAME_num(sk); i++)
{
- name=(X509_NAME *)sk_value(sk,i);
+ name=sk_X509_NAME_value(sk,i);
j=i2d_X509_NAME(name,NULL);
if (!BUF_MEM_grow(buf,4+n+j+2))
{
return(-1);
}
-static int ssl3_get_client_key_exchange(s)
-SSL *s;
+static int ssl3_get_client_key_exchange(SSL *s)
{
int i,al,ok;
long n;
return(-1);
}
-static int ssl3_get_cert_verify(s)
-SSL *s;
+static int ssl3_get_cert_verify(SSL *s)
{
EVP_PKEY *pkey=NULL;
unsigned char *p;
return(ret);
}
-static int ssl3_get_client_certificate(s)
-SSL *s;
+static int ssl3_get_client_certificate(SSL *s)
{
int i,ok,al,ret= -1;
X509 *x=NULL;
unsigned long l,nc,llen,n;
unsigned char *p,*d,*q;
- STACK *sk=NULL;
+ STACK_OF(X509) *sk=NULL;
n=ssl3_get_message(s,
SSL3_ST_SR_CERT_A,
}
d=p=(unsigned char *)s->init_buf->data;
- if ((sk=sk_new_null()) == NULL)
+ if ((sk=sk_X509_new_null()) == NULL)
{
SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,ERR_R_MALLOC_FAILURE);
goto err;
SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH);
goto f_err;
}
- if (!sk_push(sk,(char *)x))
+ if (!sk_X509_push(sk,x))
{
SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,ERR_R_MALLOC_FAILURE);
goto err;
nc+=l+3;
}
- if (sk_num(sk) <= 0)
+ if (sk_X509_num(sk) <= 0)
{
/* TLS does not mind 0 certs returned */
if (s->version == SSL3_VERSION)
/* This should not be needed */
if (s->session->peer != NULL)
X509_free(s->session->peer);
- s->session->peer=(X509 *)sk_shift(sk);
+ s->session->peer=sk_X509_shift(sk);
+ s->session->cert->cert_chain=sk;
+ sk=NULL;
ret=1;
if (0)
}
err:
if (x != NULL) X509_free(x);
- if (sk != NULL) sk_pop_free(sk,X509_free);
+ if (sk != NULL) sk_X509_pop_free(sk,X509_free);
return(ret);
}
-int ssl3_send_server_certificate(s)
-SSL *s;
+int ssl3_send_server_certificate(SSL *s)
{
unsigned long l;
X509 *x;
projects / openssl.git / blobdiff