projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Update usage info
[openssl.git]
/
ssl
/
ssl_lib.c
diff --git
a/ssl/ssl_lib.c
b/ssl/ssl_lib.c
index 3770bdf0f572afb59634afc20ef7c83c500a14c6..3109708480b9fcadb02196e503a474bd8407f923 100644
(file)
--- a/
ssl/ssl_lib.c
+++ b/
ssl/ssl_lib.c
@@
-64,15
+64,15
@@
#include <openssl/x509v3.h>
#include "ssl_locl.h"
#include <openssl/x509v3.h>
#include "ssl_locl.h"
-char *SSL_version_str=OPENSSL_VERSION_TEXT;
+c
onst c
har *SSL_version_str=OPENSSL_VERSION_TEXT;
-static STACK *ssl_meth=NULL;
-static STACK *ssl_ctx_meth=NULL;
+static STACK
_OF(CRYPTO_EX_DATA_FUNCS)
*ssl_meth=NULL;
+static STACK
_OF(CRYPTO_EX_DATA_FUNCS)
*ssl_ctx_meth=NULL;
static int ssl_meth_num=0;
static int ssl_ctx_meth_num=0;
OPENSSL_GLOBAL SSL3_ENC_METHOD ssl3_undef_enc_method={
static int ssl_meth_num=0;
static int ssl_ctx_meth_num=0;
OPENSSL_GLOBAL SSL3_ENC_METHOD ssl3_undef_enc_method={
- /* evil casts, but these functions are only called if there's a library
r
bug */
+ /* evil casts, but these functions are only called if there's a library bug */
(int (*)(SSL *,int))ssl_undefined_function,
(int (*)(SSL *, unsigned char *, int))ssl_undefined_function,
ssl_undefined_function,
(int (*)(SSL *,int))ssl_undefined_function,
(int (*)(SSL *, unsigned char *, int))ssl_undefined_function,
ssl_undefined_function,
@@
-95,10
+95,17
@@
int SSL_clear(SSL *s)
s->hit=0;
s->shutdown=0;
s->hit=0;
s->shutdown=0;
-#if 0
+#if 0 /* Disabled since version 1.10 of this file (early return not
+ * needed because SSL_clear is not called when doing renegotiation) */
/* This is set if we are doing dynamic renegotiation so keep
* the old cipher. It is sort of a SSL_clear_lite :-) */
if (s->new_session) return(1);
/* This is set if we are doing dynamic renegotiation so keep
* the old cipher. It is sort of a SSL_clear_lite :-) */
if (s->new_session) return(1);
+#else
+ if (s->new_session)
+ {
+ SSLerr(SSL_F_SSL_CLEAR,SSL_R_INTERNAL_ERROR);
+ return 0;
+ }
#endif
state=s->state; /* Keep to check if we throw away the session-id */
#endif
state=s->state; /* Keep to check if we throw away the session-id */
@@
-222,7
+229,7
@@
SSL *SSL_new(SSL_CTX *ctx)
s->mode=ctx->mode;
SSL_clear(s);
s->mode=ctx->mode;
SSL_clear(s);
- CRYPTO_new_ex_data(ssl_meth,
(char *)
s,&s->ex_data);
+ CRYPTO_new_ex_data(ssl_meth,s,&s->ex_data);
return(s);
err:
return(s);
err:
@@
-368,7
+375,7
@@
void SSL_free(SSL *s)
if (s->method != NULL) s->method->ssl_free(s);
if (s->method != NULL) s->method->ssl_free(s);
- Free(
(char *)
s);
+ Free(s);
}
void SSL_set_bio(SSL *s,BIO *rbio,BIO *wbio)
}
void SSL_set_bio(SSL *s,BIO *rbio,BIO *wbio)
@@
-782,6
+789,20
@@
long SSL_ctrl(SSL *s,int cmd,long larg,char *parg)
}
}
}
}
+long SSL_callback_ctrl(SSL *s, int cmd, void (*fp)())
+ {
+ switch(cmd)
+ {
+ default:
+ return(s->method->ssl_callback_ctrl(s,cmd,fp));
+ }
+ }
+
+struct lhash_st *SSL_CTX_sessions(SSL_CTX *ctx)
+ {
+ return ctx->sessions;
+ }
+
long SSL_CTX_ctrl(SSL_CTX *ctx,int cmd,long larg,char *parg)
{
long l;
long SSL_CTX_ctrl(SSL_CTX *ctx,int cmd,long larg,char *parg)
{
long l;
@@
-841,6
+862,15
@@
long SSL_CTX_ctrl(SSL_CTX *ctx,int cmd,long larg,char *parg)
}
}
}
}
+long SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)())
+ {
+ switch(cmd)
+ {
+ default:
+ return(ctx->method->ssl_ctx_callback_ctrl(ctx,cmd,fp));
+ }
+ }
+
int ssl_cipher_id_cmp(SSL_CIPHER *a,SSL_CIPHER *b)
{
long l;
int ssl_cipher_id_cmp(SSL_CIPHER *a,SSL_CIPHER *b)
{
long l;
@@
-911,7
+941,7
@@
const char *SSL_get_cipher_list(SSL *s,int n)
}
/** specify the ciphers to be used by default by the SSL_CTX */
}
/** specify the ciphers to be used by default by the SSL_CTX */
-int SSL_CTX_set_cipher_list(SSL_CTX *ctx,char *str)
+int SSL_CTX_set_cipher_list(SSL_CTX *ctx,
const
char *str)
{
STACK_OF(SSL_CIPHER) *sk;
{
STACK_OF(SSL_CIPHER) *sk;
@@
-922,7
+952,7
@@
int SSL_CTX_set_cipher_list(SSL_CTX *ctx,char *str)
}
/** specify the ciphers to be used by the SSL */
}
/** specify the ciphers to be used by the SSL */
-int SSL_set_cipher_list(SSL *s,char *str)
+int SSL_set_cipher_list(SSL *s,c
onst c
har *str)
{
STACK_OF(SSL_CIPHER) *sk;
{
STACK_OF(SSL_CIPHER) *sk;
@@
-1203,7
+1233,7
@@
void SSL_CTX_free(SSL_CTX *a)
sk_X509_pop_free(a->extra_certs,X509_free);
if (a->comp_methods != NULL)
sk_SSL_COMP_pop_free(a->comp_methods,SSL_COMP_free);
sk_X509_pop_free(a->extra_certs,X509_free);
if (a->comp_methods != NULL)
sk_SSL_COMP_pop_free(a->comp_methods,SSL_COMP_free);
- Free(
(char *)
a);
+ Free(a);
}
void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb)
}
void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb)
@@
-1330,10
+1360,8
@@
void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher)
emask|=SSL_aDSS;
}
emask|=SSL_aDSS;
}
-#ifdef SSL_ALLOW_ADH
mask|=SSL_aNULL;
emask|=SSL_aNULL;
mask|=SSL_aNULL;
emask|=SSL_aNULL;
-#endif
c->mask=mask;
c->export_mask=emask;
c->mask=mask;
c->export_mask=emask;
@@
-1350,7
+1378,7
@@
X509 *ssl_get_server_send_cert(SSL *s)
c=s->cert;
ssl_set_cert_masks(c, s->s3->tmp.new_cipher);
alg=s->s3->tmp.new_cipher->algorithms;
c=s->cert;
ssl_set_cert_masks(c, s->s3->tmp.new_cipher);
alg=s->s3->tmp.new_cipher->algorithms;
- is_export=SSL_
IS_EXPORT(alg
);
+ is_export=SSL_
C_IS_EXPORT(s->s3->tmp.new_cipher
);
mask=is_export?c->export_mask:c->mask;
kalg=alg&(SSL_MKEY_MASK|SSL_AUTH_MASK);
mask=is_export?c->export_mask:c->mask;
kalg=alg&(SSL_MKEY_MASK|SSL_AUTH_MASK);
@@
-1603,7
+1631,7
@@
SSL_METHOD *ssl_bad_method(int ver)
return(NULL);
}
return(NULL);
}
-char *SSL_get_version(SSL *s)
+c
onst c
har *SSL_get_version(SSL *s)
{
if (s->version == TLS1_VERSION)
return("TLSv1");
{
if (s->version == TLS1_VERSION)
return("TLSv1");
@@
-1907,8
+1935,8
@@
long SSL_get_verify_result(SSL *ssl)
return(ssl->verify_result);
}
return(ssl->verify_result);
}
-int SSL_get_ex_new_index(long argl,
char *argp,int (*new_func)()
,
-
int (*dup_func)(),void (*free_func)()
)
+int SSL_get_ex_new_index(long argl,
void *argp,CRYPTO_EX_new *new_func
,
+
CRYPTO_EX_dup *dup_func,CRYPTO_EX_free *free_func
)
{
ssl_meth_num++;
return(CRYPTO_get_ex_new_index(ssl_meth_num-1,
{
ssl_meth_num++;
return(CRYPTO_get_ex_new_index(ssl_meth_num-1,
@@
-1925,8
+1953,8
@@
void *SSL_get_ex_data(SSL *s,int idx)
return(CRYPTO_get_ex_data(&s->ex_data,idx));
}
return(CRYPTO_get_ex_data(&s->ex_data,idx));
}
-int SSL_CTX_get_ex_new_index(long argl,
char *argp,int (*new_func)()
,
-
int (*dup_func)(),void (*free_func)()
)
+int SSL_CTX_get_ex_new_index(long argl,
void *argp,CRYPTO_EX_new *new_func
,
+
CRYPTO_EX_dup *dup_func,CRYPTO_EX_free *free_func
)
{
ssl_ctx_meth_num++;
return(CRYPTO_get_ex_new_index(ssl_ctx_meth_num-1,
{
ssl_ctx_meth_num++;
return(CRYPTO_get_ex_new_index(ssl_ctx_meth_num-1,
@@
-1975,13
+2003,16
@@
int SSL_want(SSL *s)
void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx,RSA *(*cb)(SSL *ssl,
int is_export,
int keylength))
void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx,RSA *(*cb)(SSL *ssl,
int is_export,
int keylength))
- { SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_RSA_CB,0,(char *)cb); }
-#endif
+ {
+ SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TMP_RSA_CB,(void (*)())cb);
+ }
-#ifndef NO_RSA
-void SSL_set_tmp_rsa_callback(SSL *ssl,RSA *(*cb)(SSL *ssl,int is_export,
- int keylength))
- { SSL_ctrl(ssl,SSL_CTRL_SET_TMP_RSA_CB,0,(char *)cb); }
+void SSL_set_tmp_rsa_callback(SSL *ssl,RSA *(*cb)(SSL *ssl,
+ int is_export,
+ int keylength))
+ {
+ SSL_callback_ctrl(ssl,SSL_CTRL_SET_TMP_RSA_CB,(void (*)())cb);
+ }
#endif
#ifdef DOXYGEN
#endif
#ifdef DOXYGEN
@@
-2008,11
+2039,15
@@
RSA *cb(SSL *ssl,int is_export,int keylength)
#ifndef NO_DH
void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,DH *(*dh)(SSL *ssl,int is_export,
int keylength))
#ifndef NO_DH
void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,DH *(*dh)(SSL *ssl,int is_export,
int keylength))
- { SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH_CB,0,(char *)dh); }
+ {
+ SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TMP_DH_CB,(void (*)())dh);
+ }
void SSL_set_tmp_dh_callback(SSL *ssl,DH *(*dh)(SSL *ssl,int is_export,
void SSL_set_tmp_dh_callback(SSL *ssl,DH *(*dh)(SSL *ssl,int is_export,
- int keylength))
- { SSL_ctrl(ssl,SSL_CTRL_SET_TMP_DH_CB,0,(char *)dh); }
+ int keylength))
+ {
+ SSL_callback_ctrl(ssl,SSL_CTRL_SET_TMP_DH_CB,(void (*)())dh);
+ }
#endif
#if defined(_WINDLL) && defined(WIN16)
#endif
#if defined(_WINDLL) && defined(WIN16)