X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=ssl%2Fssl_lib.c;h=95e8405cd7d1919baeb5e2d0fc2afa39b0d13213;hp=554c846747f312ee04e925a90fa1cc7f464cfaf6;hb=d486601f41049b9a6366820d8c3f5b8bafd83900;hpb=7f0dae3276e8b2fb2c8bb1a3b13fd60d5f87161c diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 554c846747..95e8405cd7 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -1126,7 +1126,7 @@ void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb) ctx->default_passwd_callback=cb; } -void SSL_CTX_set_cert_verify_cb(SSL_CTX *ctx,int (*cb)(),char *arg) +void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx,int (*cb)(),char *arg) { ctx->app_verify_callback=cb; ctx->app_verify_arg=arg; @@ -1250,13 +1250,13 @@ X509 *ssl_get_server_send_cert(SSL *s) { unsigned long alg,mask,kalg; CERT *c; - int i,export; + int i,is_export; c=s->cert; ssl_set_cert_masks(c, s->s3->tmp.new_cipher); alg=s->s3->tmp.new_cipher->algorithms; - export=SSL_IS_EXPORT(alg); - mask=export?c->export_mask:c->mask; + is_export=SSL_IS_EXPORT(alg); + mask=is_export?c->export_mask:c->mask; kalg=alg&(SSL_MKEY_MASK|SSL_AUTH_MASK); if (kalg & SSL_kDHr) @@ -1396,6 +1396,15 @@ int SSL_get_error(SSL *s,int i) if (BIO_should_read(bio)) return(SSL_ERROR_WANT_READ); else if (BIO_should_write(bio)) + /* This one doesn't make too much sense ... We never try + * to write to the rbio, and an application program where + * rbio and wbio are separate couldn't even know what it + * should wait for. + * However if we ever set s->rwstate incorrectly + * (so that we have SSL_want_read(s) instead of + * SSL_want_write(s)) and rbio and wbio *are* the same, + * this test works around that bug; so it might be safer + * to keep it. */ return(SSL_ERROR_WANT_WRITE); else if (BIO_should_io_special(bio)) { @@ -1413,6 +1422,7 @@ int SSL_get_error(SSL *s,int i) if (BIO_should_write(bio)) return(SSL_ERROR_WANT_WRITE); else if (BIO_should_read(bio)) + /* See above (SSL_want_read(s) with BIO_should_write(bio)) */ return(SSL_ERROR_WANT_READ); else if (BIO_should_io_special(bio)) { @@ -1514,7 +1524,7 @@ SSL *SSL_dup(SSL *s) { STACK_OF(X509_NAME) *sk; X509_NAME *xn; - SSL *ret; + SSL *ret; int i; if ((ret=SSL_new(SSL_get_SSL_CTX(s))) == NULL) @@ -1664,9 +1674,9 @@ EVP_PKEY *SSL_get_privatekey(SSL *s) SSL_CIPHER *SSL_get_current_cipher(SSL *s) { - if ((s->session != NULL) && (s->session->cipher != NULL)) - return(s->session->cipher); - return(NULL); + if ((s->session != NULL) && (s->session->cipher != NULL)) + return(s->session->cipher); + return(NULL); } int ssl_init_wbio_buffer(SSL *s,int push) @@ -1685,7 +1695,7 @@ int ssl_init_wbio_buffer(SSL *s,int push) if (s->bbio == s->wbio) s->wbio=BIO_pop(s->wbio); } - BIO_reset(bbio); + (void)BIO_reset(bbio); /* if (!BIO_set_write_buffer_size(bbio,16*1024)) */ if (!BIO_set_read_buffer_size(bbio,1)) { @@ -1804,11 +1814,11 @@ long SSL_get_verify_result(SSL *ssl) int SSL_get_ex_new_index(long argl,char *argp,int (*new_func)(), int (*dup_func)(),void (*free_func)()) - { + { ssl_meth_num++; return(CRYPTO_get_ex_new_index(ssl_meth_num-1, &ssl_meth,argl,argp,new_func,dup_func,free_func)); - } + } int SSL_set_ex_data(SSL *s,int idx,void *arg) { @@ -1822,11 +1832,11 @@ void *SSL_get_ex_data(SSL *s,int idx) int SSL_CTX_get_ex_new_index(long argl,char *argp,int (*new_func)(), int (*dup_func)(),void (*free_func)()) - { + { ssl_ctx_meth_num++; return(CRYPTO_get_ex_new_index(ssl_ctx_meth_num-1, &ssl_ctx_meth,argl,argp,new_func,dup_func,free_func)); - } + } int SSL_CTX_set_ex_data(SSL_CTX *s,int idx,void *arg) { @@ -1867,13 +1877,14 @@ int SSL_want(SSL *s) */ #ifndef NO_RSA -void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx,RSA *(*cb)(SSL *ssl,int export, +void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx,RSA *(*cb)(SSL *ssl, + int is_export, int keylength)) { SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_RSA_CB,0,(char *)cb); } #endif #ifndef NO_RSA -void SSL_set_tmp_rsa_callback(SSL *ssl,RSA *(*cb)(SSL *ssl,int export, +void SSL_set_tmp_rsa_callback(SSL *ssl,RSA *(*cb)(SSL *ssl,int is_export, int keylength)) { SSL_ctrl(ssl,SSL_CTRL_SET_TMP_RSA_CB,0,(char *)cb); } #endif @@ -1882,14 +1893,14 @@ void SSL_set_tmp_rsa_callback(SSL *ssl,RSA *(*cb)(SSL *ssl,int export, /*! * \brief The RSA temporary key callback function. * \param ssl the SSL session. - * \param export \c TRUE if the temp RSA key is for an export ciphersuite. - * \param keylength if \c export is \c TRUE, then \c keylength is the size of - * the required key in bits. + * \param is_export \c TRUE if the temp RSA key is for an export ciphersuite. + * \param keylength if \c is_export is \c TRUE, then \c keylength is the size + * of the required key in bits. * \return the temporary RSA key. * \sa SSL_CTX_set_tmp_rsa_callback, SSL_set_tmp_rsa_callback */ -RSA *cb(SSL *ssl,int export,int keylength) +RSA *cb(SSL *ssl,int is_export,int keylength) {} #endif @@ -1900,11 +1911,11 @@ RSA *cb(SSL *ssl,int export,int keylength) */ #ifndef NO_DH -void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,DH *(*dh)(SSL *ssl,int export, +void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,DH *(*dh)(SSL *ssl,int is_export, int keylength)) { SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH_CB,0,(char *)dh); } -void SSL_set_tmp_dh_callback(SSL *ssl,DH *(*dh)(SSL *ssl,int export, +void SSL_set_tmp_dh_callback(SSL *ssl,DH *(*dh)(SSL *ssl,int is_export, int keylength)) { SSL_ctrl(ssl,SSL_CTRL_SET_TMP_DH_CB,0,(char *)dh); } #endif