* [including the GNU Public Licence.]
*/
/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
CRYPTO_add(&ctx->references,1,CRYPTO_LOCK_SSL_CTX);
s->ctx=ctx;
+#ifndef OPENSSL_NO_TLSEXT
+ CRYPTO_add(&ctx->references,1,CRYPTO_LOCK_SSL_CTX);
+ s->initial_ctx=ctx;
+#endif
s->verify_result=X509_V_OK;
/* Free up if allocated */
if (s->ctx) SSL_CTX_free(s->ctx);
+#ifndef OPENSSL_NO_TLSEXT
+ if (s->initial_ctx) SSL_CTX_free(s->initial_ctx);
+#endif
if (s->client_CA != NULL)
sk_X509_NAME_pop_free(s->client_CA,X509_NAME_free);
return(NULL);
}
+
#ifndef OPENSSL_TLSEXT
-/** return a servername extension value if provided in CLIENT HELLO
- * or NULL.
- * For the moment, only hostname types are supported.
+/** return a servername extension value if provided in Client Hello, or NULL.
+ * So far, only host_name types are defined (RFC 3546).
*/
-const char *SSL_get_servername(const SSL *s, const int type) {
-
- if (type != TLSEXT_TYPE_SERVER_host)
+const char *SSL_get_servername(const SSL *s, const int type)
+ {
+ if (type != TLSEXT_NAMETYPE_host_name)
return NULL;
- return s->session /*&&s->session->tlsext_hostname*/?s->session->tlsext_hostname:s->tlsext_hostname;
-}
-
-int SSL_get_servername_type(const SSL *s) {
+ /* XXX cf. SSL_CTRL_GET_TLSEXT_HOSTNAME case in ssl3_ctrl (s3_lib.c) */
+ return s->session /*&&s->session->tlsext_hostname*/ ?
+ s->session->tlsext_hostname :
+ s->tlsext_hostname;
+ }
- if (s->session &&s->session->tlsext_hostname ?s->session->tlsext_hostname:s->tlsext_hostname)
- return TLSEXT_TYPE_SERVER_host;
+int SSL_get_servername_type(const SSL *s)
+ {
+ if (s->session &&s->session->tlsext_hostname ? s->session->tlsext_hostname : s->tlsext_hostname)
+ return TLSEXT_NAMETYPE_host_name;
return -1;
-}
-
+ }
#endif
+
unsigned long SSL_SESSION_hash(const SSL_SESSION *a)
{
unsigned long l;
ret->max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH;
#ifndef OPENSSL_NO_TLSEXT
- ret->tlsext_servername_callback = NULL;
+ ret->tlsext_servername_callback = 0;
ret->tlsext_servername_arg = NULL;
#endif
return(ret);
SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX* ctx)
{
-
if (ssl->cert != NULL)
ssl_cert_free(ssl->cert);
ssl->cert = ssl_cert_dup(ctx->cert);