X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=ssl%2Fssl_locl.h;h=4ea036dbf25067f0d18f274ecfb78c7822e1aaf6;hp=9d28b97da7ce07b29648936b4cdb7b4040c8675d;hb=a556f342201473b4bf8dbf879b03890a74e412b6;hpb=152fbc28e80f46dd1183989b3839e89031631806 diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index 9d28b97da7..4ea036dbf2 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -1,4 +1,3 @@ -/* ssl/ssl_locl.h */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -165,10 +164,13 @@ # include # include # include - +# ifndef OPENSSL_NO_CT +# include +# endif #include "record/record.h" #include "statem/statem.h" #include "packet_locl.h" +#include "internal/dane.h" # ifdef OPENSSL_BUILD_SHLIBSSL # undef OPENSSL_EXTERN @@ -229,13 +231,6 @@ *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ *((c)++)=(unsigned char)(((l) )&0xff)) -# define n2l6(c,l) (l =((BN_ULLONG)(*((c)++)))<<40, \ - l|=((BN_ULLONG)(*((c)++)))<<32, \ - l|=((BN_ULLONG)(*((c)++)))<<24, \ - l|=((BN_ULLONG)(*((c)++)))<<16, \ - l|=((BN_ULLONG)(*((c)++)))<< 8, \ - l|=((BN_ULLONG)(*((c)++)))) - /* NOTE - c is not incremented as per l2c */ # define l2cn(l1,l2,c,n) { \ c+=n; \ @@ -264,6 +259,11 @@ c[1]=(unsigned char)(((l)>> 8)&0xff), \ c[2]=(unsigned char)(((l) )&0xff)),c+=3) +#define DTLS_VERSION_GT(v1, v2) ((v1) < (v2)) +#define DTLS_VERSION_GE(v1, v2) ((v1) <= (v2)) +#define DTLS_VERSION_LT(v1, v2) ((v1) > (v2)) +#define DTLS_VERSION_LE(v1, v2) ((v1) >= (v2)) + /* LOCAL STUFF */ # define SSL_DECRYPT 0 @@ -295,32 +295,24 @@ /* Bits for algorithm_mkey (key exchange algorithm) */ /* RSA key exchange */ # define SSL_kRSA 0x00000001U -/* DH cert, RSA CA cert */ -# define SSL_kDHr 0x00000002U -/* DH cert, DSA CA cert */ -# define SSL_kDHd 0x00000004U /* tmp DH key no DH cert */ -# define SSL_kDHE 0x00000008U +# define SSL_kDHE 0x00000002U /* synonym */ # define SSL_kEDH SSL_kDHE -/* ECDH cert, RSA CA cert */ -# define SSL_kECDHr 0x00000020U -/* ECDH cert, ECDSA CA cert */ -# define SSL_kECDHe 0x00000040U /* ephemeral ECDH */ -# define SSL_kECDHE 0x00000080U +# define SSL_kECDHE 0x00000004U /* synonym */ # define SSL_kEECDH SSL_kECDHE /* PSK */ -# define SSL_kPSK 0x00000100U +# define SSL_kPSK 0x00000008U /* GOST key exchange */ -# define SSL_kGOST 0x00000200U +# define SSL_kGOST 0x00000010U /* SRP */ -# define SSL_kSRP 0x00000400U +# define SSL_kSRP 0x00000020U -# define SSL_kRSAPSK 0x00000800U -# define SSL_kECDHEPSK 0x00001000U -# define SSL_kDHEPSK 0x00002000U +# define SSL_kRSAPSK 0x00000040U +# define SSL_kECDHEPSK 0x00000080U +# define SSL_kDHEPSK 0x00000100U /* all PSK */ @@ -333,20 +325,16 @@ # define SSL_aDSS 0x00000002U /* no auth (i.e. use ADH or AECDH) */ # define SSL_aNULL 0x00000004U -/* Fixed DH auth (kDHd or kDHr) */ -# define SSL_aDH 0x00000008U -/* Fixed ECDH auth (kECDHe or kECDHr) */ -# define SSL_aECDH 0x00000010U /* ECDSA auth*/ -# define SSL_aECDSA 0x00000040U +# define SSL_aECDSA 0x00000008U /* PSK auth */ -# define SSL_aPSK 0x00000080U +# define SSL_aPSK 0x00000010U /* GOST R 34.10-2001 signature auth */ -# define SSL_aGOST01 0x00000200U +# define SSL_aGOST01 0x00000020U /* SRP auth */ -# define SSL_aSRP 0x00000400U +# define SSL_aSRP 0x00000040U /* GOST R 34.10-2012 signature auth */ -# define SSL_aGOST12 0x00000800U +# define SSL_aGOST12 0x00000080U /* Bits for algorithm_enc (symmetric encryption) */ # define SSL_DES 0x00000001U @@ -368,9 +356,13 @@ # define SSL_AES128CCM8 0x00010000U # define SSL_AES256CCM8 0x00020000U # define SSL_eGOST2814789CNT12 0x00040000U +# define SSL_CHACHA20POLY1305 0x00080000U -# define SSL_AES (SSL_AES128|SSL_AES256|SSL_AES128GCM|SSL_AES256GCM|SSL_AES128CCM|SSL_AES256CCM|SSL_AES128CCM8|SSL_AES256CCM8) +# define SSL_AESGCM (SSL_AES128GCM | SSL_AES256GCM) +# define SSL_AESCCM (SSL_AES128CCM | SSL_AES256CCM | SSL_AES128CCM8 | SSL_AES256CCM8) +# define SSL_AES (SSL_AES128|SSL_AES256|SSL_AESGCM|SSL_AESCCM) # define SSL_CAMELLIA (SSL_CAMELLIA128|SSL_CAMELLIA256) +# define SSL_CHACHA20 (SSL_CHACHA20POLY1305) /* Bits for algorithm_mac (symmetric authentication) */ @@ -406,7 +398,9 @@ # define SSL_MD_GOST89MAC12_IDX 7 # define SSL_MD_GOST12_512_IDX 8 # define SSL_MD_MD5_SHA1_IDX 9 -# define SSL_MAX_DIGEST 10 +# define SSL_MD_SHA224_IDX 10 +# define SSL_MD_SHA512_IDX 11 +# define SSL_MAX_DIGEST 12 /* Bits for algorithm2 (handshake digests and other extra flags) */ @@ -436,68 +430,16 @@ */ # define TLS1_STREAM_MAC 0x10000 -/* - * Export and cipher strength information. For each cipher we have to decide - * whether it is exportable or not. This information is likely to change - * over time, since the export control rules are no static technical issue. - * - * Independent of the export flag the cipher strength is sorted into classes. - * SSL_EXP40 was denoting the 40bit US export limit of past times, which now - * is at 56bit (SSL_EXP56). If the exportable cipher class is going to change - * again (eg. to 64bit) the use of "SSL_EXP*" becomes blurred even more, - * since SSL_EXP64 could be similar to SSL_LOW. - * For this reason SSL_MICRO and SSL_MINI macros are included to widen the - * namespace of SSL_LOW-SSL_HIGH to lower values. As development of speed - * and ciphers goes, another extension to SSL_SUPER and/or SSL_ULTRA would - * be possible. - */ -# define SSL_EXP_MASK 0x00000003U -# define SSL_STRONG_MASK 0x000001fcU -# define SSL_DEFAULT_MASK 0X00000200U - -# define SSL_NOT_EXP 0x00000001U -# define SSL_EXPORT 0x00000002U +# define SSL_DEFAULT_MASK 0X00000020U -# define SSL_STRONG_NONE 0x00000004U -# define SSL_EXP40 0x00000008U -# define SSL_MICRO (SSL_EXP40) -# define SSL_EXP56 0x00000010U -# define SSL_MINI (SSL_EXP56) -# define SSL_LOW 0x00000020U -# define SSL_MEDIUM 0x00000040U -# define SSL_HIGH 0x00000080U -# define SSL_FIPS 0x00000100U +# define SSL_STRONG_NONE 0x00000001U +# define SSL_LOW 0x00000002U +# define SSL_MEDIUM 0x00000004U +# define SSL_HIGH 0x00000008U +# define SSL_FIPS 0x00000010U +# define SSL_NOT_DEFAULT 0x00000020U -# define SSL_NOT_DEFAULT 0x00000200U - -/* we have used 000003ff - 22 bits left to go */ - -/*- - * Macros to check the export status and cipher strength for export ciphers. - * Even though the macros for EXPORT and EXPORT40/56 have similar names, - * their meaning is different: - * *_EXPORT macros check the 'exportable' status. - * *_EXPORT40/56 macros are used to check whether a certain cipher strength - * is given. - * Since the SSL_IS_EXPORT* and SSL_EXPORT* macros depend on the correct - * algorithm structure element to be passed (algorithms, algo_strength) and no - * typechecking can be done as they are all of type unsigned long, their - * direct usage is discouraged. - * Use the SSL_C_* macros instead. - */ -# define SSL_IS_EXPORT(a) ((a)&SSL_EXPORT) -# define SSL_IS_EXPORT56(a) ((a)&SSL_EXP56) -# define SSL_IS_EXPORT40(a) ((a)&SSL_EXP40) -# define SSL_C_IS_EXPORT(c) SSL_IS_EXPORT((c)->algo_strength) -# define SSL_C_IS_EXPORT56(c) SSL_IS_EXPORT56((c)->algo_strength) -# define SSL_C_IS_EXPORT40(c) SSL_IS_EXPORT40((c)->algo_strength) - -# define SSL_EXPORT_KEYLENGTH(a,s) (SSL_IS_EXPORT40(s) ? 5 : \ - (a) == SSL_DES ? 8 : 7) -# define SSL_EXPORT_PKEYLENGTH(a) (SSL_IS_EXPORT40(a) ? 512 : 1024) -# define SSL_C_EXPORT_KEYLENGTH(c) SSL_EXPORT_KEYLENGTH((c)->algorithm_enc, \ - (c)->algo_strength) -# define SSL_C_EXPORT_PKEYLENGTH(c) SSL_EXPORT_PKEYLENGTH((c)->algo_strength) +/* we have used 0000003f - 26 bits left to go */ /* Check if an SSL structure is using DTLS */ # define SSL_IS_DTLS(s) (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_DTLS) @@ -521,8 +463,8 @@ * flags because it may not be set to correct version yet. */ # define SSL_CLIENT_USE_TLS1_2_CIPHERS(s) \ - ((SSL_IS_DTLS(s) && s->client_version <= DTLS1_2_VERSION) || \ - (!SSL_IS_DTLS(s) && s->client_version >= TLS1_2_VERSION)) + ((!SSL_IS_DTLS(s) && s->client_version >= TLS1_2_VERSION) || \ + (SSL_IS_DTLS(s) && DTLS_VERSION_GE(s->client_version, DTLS1_2_VERSION))) # ifdef TLSEXT_TYPE_encrypt_then_mac # define SSL_USE_ETM(s) (s->s3->flags & TLS1_FLAGS_ENCRYPT_THEN_MAC) @@ -534,13 +476,11 @@ # define SSL_PKEY_RSA_ENC 0 # define SSL_PKEY_RSA_SIGN 1 # define SSL_PKEY_DSA_SIGN 2 -# define SSL_PKEY_DH_RSA 3 -# define SSL_PKEY_DH_DSA 4 -# define SSL_PKEY_ECC 5 -# define SSL_PKEY_GOST01 7 -# define SSL_PKEY_GOST12_256 8 -# define SSL_PKEY_GOST12_512 9 -# define SSL_PKEY_NUM 10 +# define SSL_PKEY_ECC 3 +# define SSL_PKEY_GOST01 4 +# define SSL_PKEY_GOST12_256 5 +# define SSL_PKEY_GOST12_512 6 +# define SSL_PKEY_NUM 7 /* * Pseudo-constant. GOST cipher suites can use different certs for 1 * SSL_CIPHER. So let's see which one we have in fact. @@ -548,8 +488,7 @@ # define SSL_PKEY_GOST_EC SSL_PKEY_NUM+1 /*- - * SSL_kRSA <- RSA_ENC | (RSA_TMP & RSA_SIGN) | - * <- (EXPORT & (RSA_ENC | RSA_TMP) & RSA_SIGN) + * SSL_kRSA <- RSA_ENC * SSL_kDH <- DH_ENC & (RSA_ENC | RSA_SIGN | DSA_SIGN) * SSL_kDHE <- RSA_ENC | RSA_SIGN | DSA_SIGN * SSL_aRSA <- RSA_ENC | RSA_SIGN @@ -588,6 +527,8 @@ struct ssl_cipher_st { /* Used to hold SSL/TLS functions */ struct ssl_method_st { int version; + unsigned flags; + unsigned long mask; int (*ssl_new) (SSL *s); void (*ssl_clear) (SSL *s); void (*ssl_free) (SSL *s); @@ -672,7 +613,7 @@ struct ssl_session_st { /* This is the cert and type for the other end. */ X509 *peer; int peer_type; - /* Certificate chain of peer */ + /* Certificate chain peer sent */ STACK_OF(X509) *peer_chain; /* * when app_verify_callback accepts a session where the peer's @@ -735,17 +676,15 @@ typedef struct srp_ctx_st { # endif -typedef struct ssl_comp_st SSL_COMP; - struct ssl_comp_st { int id; const char *name; COMP_METHOD *method; }; -DECLARE_STACK_OF(SSL_COMP) -DECLARE_LHASH_OF(SSL_SESSION); - +DEFINE_LHASH_OF(SSL_SESSION); +/* Needed in ssl_cert.c */ +DEFINE_LHASH_OF(X509_NAME); struct ssl_ctx_st { const SSL_METHOD *method; @@ -785,7 +724,8 @@ struct ssl_ctx_st { int (*new_session_cb) (struct ssl_st *ssl, SSL_SESSION *sess); void (*remove_session_cb) (struct ssl_ctx_st *ctx, SSL_SESSION *sess); SSL_SESSION *(*get_session_cb) (struct ssl_st *ssl, - unsigned char *data, int len, int *copy); + const unsigned char *data, int len, + int *copy); struct { int sess_connect; /* SSL new conn - started */ int sess_connect_renegotiate; /* SSL reneg - requested */ @@ -854,6 +794,8 @@ struct ssl_ctx_st { uint32_t options; uint32_t mode; + int min_proto_version; + int max_proto_version; long max_cert_list; struct cert_st /* CERT */ *cert; @@ -877,6 +819,16 @@ struct ssl_ctx_st { int quiet_shutdown; +# ifndef OPENSSL_NO_CT + CTLOG_STORE *ctlog_store; /* CT Log Store */ + /* + * Validates that the SCTs (Signed Certificate Timestamps) are sufficient. + * If they are not, the connection should be aborted. + */ + ct_validation_cb ct_validation_callback; + void *ct_validation_callback_arg; +# endif + /* * Maximum amount of data to send in one fragment. actual record size can * be more than this due to padding and MAC overheads. @@ -925,7 +877,6 @@ struct ssl_ctx_st { # ifndef OPENSSL_NO_NEXTPROTONEG /* Next protocol negotiation information */ - /* (for experimental NPN extension). */ /* * For a server, this contains a callback function by which the set of @@ -974,6 +925,9 @@ struct ssl_ctx_st { unsigned char *alpn_client_proto_list; unsigned alpn_client_proto_list_len; + /* Shared DANE context */ + struct dane_ctx_st dane; + /* SRTP profiles we are willing to do from RFC 5764 */ STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles; /* @@ -1056,6 +1010,10 @@ struct ssl_st { void *msg_callback_arg; int hit; /* reusing a previous session */ X509_VERIFY_PARAM *param; + + /* Per connection DANE state */ + struct dane_st dane; + /* crypto */ STACK_OF(SSL_CIPHER) *cipher_list; STACK_OF(SSL_CIPHER) *cipher_list_by_id; @@ -1109,13 +1067,10 @@ struct ssl_st { unsigned int max_psk_len); # endif SSL_CTX *ctx; - /* - * set this flag to 1 and a sleep(1) is put into all SSL_read() and - * SSL_write() calls, good for nbio debuging :-) - */ - int debug; - /* extra application data */ + /* Verified chain of peer */ + STACK_OF(X509) *verified_chain; long verify_result; + /* extra application data */ CRYPTO_EX_DATA ex_data; /* for server side, keep the list of CA_dn we can use */ STACK_OF(X509_NAME) *client_CA; @@ -1124,6 +1079,8 @@ struct ssl_st { uint32_t options; /* API behaviour */ uint32_t mode; + int min_proto_version; + int max_proto_version; long max_cert_list; int first_packet; /* what was passed, used for SSLv3/TLS rollback check */ @@ -1132,7 +1089,7 @@ struct ssl_st { /* TLS extension debug callback */ void (*tlsext_debug_cb) (SSL *s, int client_server, int type, - unsigned char *data, int len, void *arg); + const unsigned char *data, int len, void *arg); void *tlsext_debug_arg; char *tlsext_hostname; /*- @@ -1145,6 +1102,26 @@ struct ssl_st { /* certificate status request info */ /* Status type or -1 if no status type */ int tlsext_status_type; +# ifndef OPENSSL_NO_CT + /* + * Validates that the SCTs (Signed Certificate Timestamps) are sufficient. + * If they are not, the connection should be aborted. + */ + ct_validation_cb ct_validation_callback; + /* User-supplied argument tha tis passed to the ct_validation_callback */ + void *ct_validation_callback_arg; + /* + * Consolidated stack of SCTs from all sources. + * Lazily populated by CT_get_peer_scts(SSL*) + */ + STACK_OF(SCT) *scts; + /* Raw extension data, if seen */ + unsigned char *tlsext_scts; + /* Length of raw extension data, if seen */ + uint16_t tlsext_scts_len; + /* Have we attempted to find/parse SCTs yet? */ + int scts_parsed; +# endif /* Expect OCSP CertificateStatus message */ int tlsext_status_expected; /* OCSP status request only */ @@ -1221,7 +1198,7 @@ struct ssl_st { * basis, depending on the chosen cipher. */ int (*not_resumable_session_cb) (SSL *ssl, int is_forward_secure); - + RECORD_LAYER rlayer; /* Default password callback. */ @@ -1232,6 +1209,7 @@ struct ssl_st { /* Async Job info */ ASYNC_JOB *job; + ASYNC_WAIT_CTX *waitctx; }; @@ -1246,8 +1224,6 @@ typedef struct ssl3_state_st { /* flags for countermeasure against known-IV weakness */ int need_empty_fragments; int empty_fragment_done; - /* The value of 'extra' when the buffers were initialized */ - int init_extra; /* used during startup, digest all incoming/outgoing packets */ BIO *handshake_buffer; /* @@ -1287,18 +1263,14 @@ typedef struct ssl3_state_st { int message_type; /* used to hold the new cipher we are going to use */ const SSL_CIPHER *new_cipher; -# ifndef OPENSSL_NO_DH - DH *dh; -# endif -# ifndef OPENSSL_NO_EC - EC_KEY *ecdh; /* holds short lived ECDH key */ +# if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH) + EVP_PKEY *pkey; /* holds short lived DH/ECDH key */ # endif /* used for certificate requests */ int cert_req; int ctype_num; char ctype[SSL3_CT_NUMBER]; STACK_OF(X509_NAME) *ca_names; - int use_rsa_tmp; int key_block_length; unsigned char *key_block; const EVP_CIPHER *new_sym_enc; @@ -1347,8 +1319,6 @@ typedef struct ssl3_state_st { */ uint32_t mask_k; uint32_t mask_a; - uint32_t export_mask_k; - uint32_t export_mask_a; /* Client only */ uint32_t mask_ssl; } tmp; @@ -1390,14 +1360,8 @@ typedef struct ssl3_state_st { # endif /* !OPENSSL_NO_EC */ /* For clients: peer temporary key */ -# ifndef OPENSSL_NO_RSA - RSA *peer_rsa_tmp; -# endif -# ifndef OPENSSL_NO_DH - DH *peer_dh_tmp; -# endif -# ifndef OPENSSL_NO_EC - EC_KEY *peer_ecdh_tmp; +# if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH) + EVP_PKEY *peer_tmp; # endif } SSL3_STATE; @@ -1451,6 +1415,30 @@ typedef struct hm_fragment_st { unsigned char *reassembly; } hm_fragment; +typedef struct pqueue_st pqueue; +typedef struct pitem_st pitem; + +struct pitem_st { + unsigned char priority[8]; /* 64-bit value in big-endian encoding */ + void *data; + pitem *next; +}; + +typedef struct pitem_st *piterator; + +pitem *pitem_new(unsigned char *prio64be, void *data); +void pitem_free(pitem *item); +pqueue* pqueue_new(void); +void pqueue_free(pqueue *pq); +pitem *pqueue_insert(pqueue *pq, pitem *item); +pitem *pqueue_peek(pqueue *pq); +pitem *pqueue_pop(pqueue *pq); +pitem *pqueue_find(pqueue *pq, unsigned char *prio64be); +pitem *pqueue_iterator(pqueue *pq); +pitem *pqueue_next(piterator *iter); +void pqueue_print(pqueue *pq); +int pqueue_size(pqueue *pq); + typedef struct dtls1_state_st { unsigned char cookie[DTLS1_COOKIE_LENGTH]; unsigned int cookie_len; @@ -1462,9 +1450,9 @@ typedef struct dtls1_state_st { unsigned short handshake_read_seq; /* Buffered handshake messages */ - pqueue buffered_messages; + pqueue *buffered_messages; /* Buffered (sent) handshake records */ - pqueue sent_messages; + pqueue *sent_messages; unsigned int link_mtu; /* max on-the-wire DTLS packet size */ unsigned int mtu; /* max DTLS packet size */ @@ -1557,21 +1545,10 @@ typedef struct cert_st { * an index, not a pointer. */ CERT_PKEY *key; -# ifndef OPENSSL_NO_RSA - RSA *rsa_tmp; - RSA *(*rsa_tmp_cb) (SSL *ssl, int is_export, int keysize); -# endif # ifndef OPENSSL_NO_DH - DH *dh_tmp; + EVP_PKEY *dh_tmp; DH *(*dh_tmp_cb) (SSL *ssl, int is_export, int keysize); int dh_tmp_auto; -# endif -# ifndef OPENSSL_NO_EC - EC_KEY *ecdh_tmp; - /* Callback for generating ephemeral ECDH keys */ - EC_KEY *(*ecdh_tmp_cb) (SSL *ssl, int is_export, int keysize); - /* Select ECDH parameters automatically */ - int ecdh_tmp_auto; # endif /* Flags related to certificates */ uint32_t cert_flags; @@ -1651,35 +1628,6 @@ struct tls_sigalgs_st { unsigned char rhash; }; -/* - * #define MAC_DEBUG - */ - -/* - * #define ERR_DEBUG - */ -/* - * #define ABORT_DEBUG - */ -/* - * #define PKT_DEBUG 1 - */ -/* - * #define DES_DEBUG - */ -/* - * #define DES_OFB_DEBUG - */ -/* - * #define SSL_DEBUG - */ -/* - * #define RSA_DEBUG - */ -/* - * #define IDEA_DEBUG - */ - # define FP_ICC (int (*)(const void *,const void *)) /* @@ -1748,7 +1696,6 @@ typedef struct ssl3_comp_st { # endif extern SSL3_ENC_METHOD ssl3_undef_enc_method; -OPENSSL_EXTERN const SSL_CIPHER ssl3_ciphers[]; SSL_METHOD *ssl_bad_method(int ver); @@ -1759,12 +1706,20 @@ extern const SSL3_ENC_METHOD SSLv3_enc_data; extern const SSL3_ENC_METHOD DTLSv1_enc_data; extern const SSL3_ENC_METHOD DTLSv1_2_enc_data; -# define IMPLEMENT_tls_meth_func(version, func_name, s_accept, s_connect, \ - s_get_meth, enc_data) \ +/* + * Flags for SSL methods + */ +#define SSL_METHOD_NO_FIPS (1U<<0) +#define SSL_METHOD_NO_SUITEB (1U<<1) + +# define IMPLEMENT_tls_meth_func(version, flags, mask, func_name, s_accept, \ + s_connect, s_get_meth, enc_data) \ const SSL_METHOD *func_name(void) \ { \ static const SSL_METHOD func_name##_data= { \ version, \ + flags, \ + mask, \ tls1_new, \ tls1_clear, \ tls1_free, \ @@ -1801,6 +1756,8 @@ const SSL_METHOD *func_name(void) \ { \ static const SSL_METHOD func_name##_data= { \ SSL3_VERSION, \ + SSL_METHOD_NO_FIPS | SSL_METHOD_NO_SUITEB, \ + SSL_OP_NO_SSLv3, \ ssl3_new, \ ssl3_clear, \ ssl3_free, \ @@ -1832,12 +1789,14 @@ const SSL_METHOD *func_name(void) \ return &func_name##_data; \ } -# define IMPLEMENT_dtls1_meth_func(version, func_name, s_accept, s_connect, \ - s_get_meth, enc_data) \ +# define IMPLEMENT_dtls1_meth_func(version, flags, mask, func_name, s_accept, \ + s_connect, s_get_meth, enc_data) \ const SSL_METHOD *func_name(void) \ { \ static const SSL_METHOD func_name##_data= { \ version, \ + flags, \ + mask, \ dtls1_new, \ dtls1_clear, \ dtls1_free, \ @@ -1872,10 +1831,10 @@ const SSL_METHOD *func_name(void) \ struct openssl_ssl_test_functions { int (*p_ssl_init_wbio_buffer) (SSL *s, int push); int (*p_ssl3_setup_buffers) (SSL *s); - int (*p_tls1_process_heartbeat) (SSL *s, - unsigned char *p, unsigned int length); +# ifndef OPENSSL_NO_HEARTBEATS int (*p_dtls1_process_heartbeat) (SSL *s, unsigned char *p, unsigned int length); +# endif }; # ifndef OPENSSL_UNIT_TEST @@ -1930,13 +1889,16 @@ __owur int ssl_get_server_cert_serverinfo(SSL *s, const unsigned char **serverin size_t *serverinfo_length); __owur EVP_PKEY *ssl_get_sign_pkey(SSL *s, const SSL_CIPHER *c, const EVP_MD **pmd); __owur int ssl_cert_type(X509 *x, EVP_PKEY *pkey); -void ssl_set_masks(SSL *s, const SSL_CIPHER *cipher); +void ssl_set_masks(SSL *s); __owur STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s); __owur int ssl_verify_alarm_type(long type); void ssl_load_ciphers(void); __owur int ssl_fill_hello_random(SSL *s, int server, unsigned char *field, int len); __owur int ssl_generate_master_secret(SSL *s, unsigned char *pms, size_t pmslen, int free_pms); +__owur EVP_PKEY *ssl_generate_pkey(EVP_PKEY *pm, int nid); +__owur int ssl_derive(SSL *s, EVP_PKEY *privkey, EVP_PKEY *pubkey); +__owur EVP_PKEY *ssl_dh_to_pkey(DH *dh); __owur const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p); __owur int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p); @@ -1959,8 +1921,9 @@ __owur int ssl3_final_finish_mac(SSL *s, const char *sender, int slen, void ssl3_finish_mac(SSL *s, const unsigned char *buf, int len); void ssl3_free_digest_list(SSL *s); __owur unsigned long ssl3_output_cert_chain(SSL *s, CERT_PKEY *cpk); -__owur SSL_CIPHER *ssl3_choose_cipher(SSL *ssl, STACK_OF(SSL_CIPHER) *clnt, - STACK_OF(SSL_CIPHER) *srvr); +__owur const SSL_CIPHER *ssl3_choose_cipher(SSL *ssl, + STACK_OF(SSL_CIPHER) *clnt, + STACK_OF(SSL_CIPHER) *srvr); __owur int ssl3_digest_cached_records(SSL *s, int keep); __owur int ssl3_new(SSL *s); void ssl3_free(SSL *s); @@ -1982,10 +1945,16 @@ __owur int ssl3_handshake_write(SSL *s); __owur int ssl_allow_compression(SSL *s); +__owur int ssl_set_client_hello_version(SSL *s); +__owur int ssl_check_version_downgrade(SSL *s); +__owur int ssl_set_version_bound(int method_version, int version, int *bound); +__owur int ssl_choose_server_version(SSL *s); +__owur int ssl_choose_client_version(SSL *s, int version); + __owur long tls1_default_timeout(void); __owur int dtls1_do_write(SSL *s, int type); void dtls1_set_message_header(SSL *s, - unsigned char *p, unsigned char mt, + unsigned char mt, unsigned long len, unsigned long frag_off, unsigned long frag_len); @@ -1994,8 +1963,7 @@ __owur int dtls1_write_app_data_bytes(SSL *s, int type, const void *buf, int len __owur int dtls1_read_failed(SSL *s, int code); __owur int dtls1_buffer_message(SSL *s, int ccs); -__owur int dtls1_retransmit_message(SSL *s, unsigned short seq, - unsigned long frag_off, int *found); +__owur int dtls1_retransmit_message(SSL *s, unsigned short seq, int *found); __owur int dtls1_get_queue_priority(unsigned short seq, int is_ccs); int dtls1_retransmit_buffered_messages(SSL *s); void dtls1_clear_record_buffer(SSL *s); @@ -2083,14 +2051,13 @@ __owur int ssl_prepare_clienthello_tlsext(SSL *s); __owur int ssl_prepare_serverhello_tlsext(SSL *s); # ifndef OPENSSL_NO_HEARTBEATS -__owur int tls1_heartbeat(SSL *s); __owur int dtls1_heartbeat(SSL *s); -__owur int tls1_process_heartbeat(SSL *s, unsigned char *p, unsigned int length); __owur int dtls1_process_heartbeat(SSL *s, unsigned char *p, unsigned int length); # endif -__owur int tls1_process_ticket(SSL *s, const PACKET *ext, - const PACKET *session_id, SSL_SESSION **ret); +__owur int tls_check_serverhello_tlsext_early(SSL *s, const PACKET *ext, + const PACKET *session_id, + SSL_SESSION **ret); __owur int tls12_get_sigandhash(unsigned char *p, const EVP_PKEY *pk, const EVP_MD *md); @@ -2104,6 +2071,10 @@ int tls1_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain, int idx); void tls1_set_cert_validity(SSL *s); +#ifndef OPENSSL_NO_CT +__owur int SSL_validate_ct(SSL *s); +#endif + # ifndef OPENSSL_NO_DH __owur DH *ssl_get_auto_dh(SSL *s); # endif @@ -2180,7 +2151,6 @@ void custom_exts_free(custom_ext_methods *exts); # define ssl_init_wbio_buffer SSL_test_functions()->p_ssl_init_wbio_buffer # define ssl3_setup_buffers SSL_test_functions()->p_ssl3_setup_buffers -# define tls1_process_heartbeat SSL_test_functions()->p_tls1_process_heartbeat # define dtls1_process_heartbeat SSL_test_functions()->p_dtls1_process_heartbeat # endif