#include <stdio.h>
#include <openssl/objects.h>
#include <openssl/lhash.h>
+#include <openssl/x509v3.h>
#include "ssl_locl.h"
char *SSL_version_str=OPENSSL_VERSION_TEXT;
static int ssl_ctx_meth_num=0;
OPENSSL_GLOBAL SSL3_ENC_METHOD ssl3_undef_enc_method={
+ /* evil casts, but these functions are only called if there's a libraryr bug */
+ (int (*)(SSL *,int))ssl_undefined_function,
+ (int (*)(SSL *, unsigned char *, int))ssl_undefined_function,
ssl_undefined_function,
- ssl_undefined_function,
- ssl_undefined_function,
- ssl_undefined_function,
- ssl_undefined_function,
- ssl_undefined_function,
+ (int (*)(SSL *, unsigned char *, unsigned char *, int))ssl_undefined_function,
+ (int (*)(SSL*, int))ssl_undefined_function,
+ (int (*)(SSL *, EVP_MD_CTX *, EVP_MD_CTX *, const char*, int, unsigned char *))ssl_undefined_function
};
int SSL_clear(SSL *s)
s->verify_mode=ctx->verify_mode;
s->verify_depth=ctx->verify_depth;
s->verify_callback=ctx->default_verify_callback;
+ s->purpose = ctx->purpose;
+ s->trust = ctx->trust;
CRYPTO_add(&ctx->references,1,CRYPTO_LOCK_SSL_CTX);
s->ctx=ctx;
return 1;
}
+int SSL_CTX_set_purpose(SSL_CTX *s, int purpose)
+{
+ if(X509_PURPOSE_get_by_id(purpose) == -1) {
+ SSLerr(SSL_F_SSL_CTX_SET_PURPOSE, SSL_R_INVALID_PURPOSE);
+ return 0;
+ }
+ s->purpose = purpose;
+ return 1;
+}
+
+int SSL_set_purpose(SSL *s, int purpose)
+{
+ if(X509_PURPOSE_get_by_id(purpose) == -1) {
+ SSLerr(SSL_F_SSL_SET_PURPOSE, SSL_R_INVALID_PURPOSE);
+ return 0;
+ }
+ s->purpose = purpose;
+ return 1;
+}
+
+int SSL_CTX_set_trust(SSL_CTX *s, int trust)
+{
+ if(X509_TRUST_get_by_id(trust) == -1) {
+ SSLerr(SSL_F_SSL_CTX_SET_TRUST, SSL_R_INVALID_TRUST);
+ return 0;
+ }
+ s->trust = trust;
+ return 1;
+}
+
+int SSL_set_trust(SSL *s, int trust)
+{
+ if(X509_TRUST_get_by_id(trust) == -1) {
+ SSLerr(SSL_F_SSL_SET_TRUST, SSL_R_INVALID_TRUST);
+ return 0;
+ }
+ s->trust = trust;
+ return 1;
+}
+
void SSL_free(SSL *s)
{
int i;
}
#endif
+
+/* return length of latest Finished message we sent, copy to 'buf' */
+size_t SSL_get_finished(SSL *s, void *buf, size_t count)
+ {
+ size_t ret = 0;
+
+ if (s->s3 != NULL)
+ {
+ ret = s->s3->tmp.finish_md_len;
+ if (count > ret)
+ count = ret;
+ memcpy(buf, s->s3->tmp.finish_md, count);
+ }
+ return ret;
+ }
+
+/* return length of latest Finished message we expected, copy to 'buf' */
+size_t SSL_get_peer_finished(SSL *s, void *buf, size_t count)
+ {
+ size_t ret = 0;
+
+ if (s->s3 != NULL)
+ {
+ ret = s->s3->tmp.peer_finish_md_len;
+ if (count > ret)
+ count = ret;
+ memcpy(buf, s->s3->tmp.peer_finish_md, count);
+ }
+ return ret;
+ }
+
+
int SSL_get_verify_mode(SSL *s)
{
return(s->verify_mode);
return(c->name);
}
-/** specify the ciphers to be used by defaut by the SSL_CTX */
+/** specify the ciphers to be used by default by the SSL_CTX */
int SSL_CTX_set_cipher_list(SSL_CTX *ctx,char *str)
{
STACK_OF(SSL_CIPHER) *sk;
void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx,int (*cb)(),char *arg)
{
+ /* now
+ * int (*cb)(X509_STORE_CTX *),
+ * but should be
+ * int (*cb)(X509_STORE_CTX *, void *arg)
+ */
ctx->app_verify_callback=cb;
ctx->app_verify_arg=arg; /* never used */
}