X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=ssl%2Fssl_locl.h;h=c9c071ae6fdc871d60dc1da93f388036c184475b;hp=1e1b26569c9d20225450fb714a2b090685ec1ed6;hb=c21c7830ac2486f1c6933d9c18bff996b0ffacb1;hpb=e7f0d9210c4a421e6306cd9a0c486c3e96be4d25 diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index 1e1b26569c..c9c071ae6f 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -1,4 +1,3 @@ -/* ssl/ssl_locl.h */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -148,27 +147,25 @@ # include # include "e_os.h" +# if defined(__unix) || defined(__unix__) +# include /* struct timeval for DTLS */ +# endif # include -# ifndef OPENSSL_NO_COMP -# include -# endif +# include # include # include -# ifndef OPENSSL_NO_RSA -# include -# endif -# ifndef OPENSSL_NO_DSA -# include -# endif +# include +# include # include # include # include # include - +# include #include "record/record.h" #include "statem/statem.h" #include "packet_locl.h" +#include "internal/dane.h" # ifdef OPENSSL_BUILD_SHLIBSSL # undef OPENSSL_EXTERN @@ -229,13 +226,6 @@ *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ *((c)++)=(unsigned char)(((l) )&0xff)) -# define n2l6(c,l) (l =((BN_ULLONG)(*((c)++)))<<40, \ - l|=((BN_ULLONG)(*((c)++)))<<32, \ - l|=((BN_ULLONG)(*((c)++)))<<24, \ - l|=((BN_ULLONG)(*((c)++)))<<16, \ - l|=((BN_ULLONG)(*((c)++)))<< 8, \ - l|=((BN_ULLONG)(*((c)++)))) - /* NOTE - c is not incremented as per l2c */ # define l2cn(l1,l2,c,n) { \ c+=n; \ @@ -264,6 +254,11 @@ c[1]=(unsigned char)(((l)>> 8)&0xff), \ c[2]=(unsigned char)(((l) )&0xff)),c+=3) +#define DTLS_VERSION_GT(v1, v2) ((v1) < (v2)) +#define DTLS_VERSION_GE(v1, v2) ((v1) <= (v2)) +#define DTLS_VERSION_LT(v1, v2) ((v1) > (v2)) +#define DTLS_VERSION_LE(v1, v2) ((v1) >= (v2)) + /* LOCAL STUFF */ # define SSL_DECRYPT 0 @@ -295,32 +290,24 @@ /* Bits for algorithm_mkey (key exchange algorithm) */ /* RSA key exchange */ # define SSL_kRSA 0x00000001U -/* DH cert, RSA CA cert */ -# define SSL_kDHr 0x00000002U -/* DH cert, DSA CA cert */ -# define SSL_kDHd 0x00000004U /* tmp DH key no DH cert */ -# define SSL_kDHE 0x00000008U +# define SSL_kDHE 0x00000002U /* synonym */ # define SSL_kEDH SSL_kDHE -/* ECDH cert, RSA CA cert */ -# define SSL_kECDHr 0x00000020U -/* ECDH cert, ECDSA CA cert */ -# define SSL_kECDHe 0x00000040U /* ephemeral ECDH */ -# define SSL_kECDHE 0x00000080U +# define SSL_kECDHE 0x00000004U /* synonym */ # define SSL_kEECDH SSL_kECDHE /* PSK */ -# define SSL_kPSK 0x00000100U +# define SSL_kPSK 0x00000008U /* GOST key exchange */ -# define SSL_kGOST 0x00000200U +# define SSL_kGOST 0x00000010U /* SRP */ -# define SSL_kSRP 0x00000400U +# define SSL_kSRP 0x00000020U -# define SSL_kRSAPSK 0x00000800U -# define SSL_kECDHEPSK 0x00001000U -# define SSL_kDHEPSK 0x00002000U +# define SSL_kRSAPSK 0x00000040U +# define SSL_kECDHEPSK 0x00000080U +# define SSL_kDHEPSK 0x00000100U /* all PSK */ @@ -333,20 +320,16 @@ # define SSL_aDSS 0x00000002U /* no auth (i.e. use ADH or AECDH) */ # define SSL_aNULL 0x00000004U -/* Fixed DH auth (kDHd or kDHr) */ -# define SSL_aDH 0x00000008U -/* Fixed ECDH auth (kECDHe or kECDHr) */ -# define SSL_aECDH 0x00000010U /* ECDSA auth*/ -# define SSL_aECDSA 0x00000040U +# define SSL_aECDSA 0x00000008U /* PSK auth */ -# define SSL_aPSK 0x00000080U +# define SSL_aPSK 0x00000010U /* GOST R 34.10-2001 signature auth */ -# define SSL_aGOST01 0x00000200U +# define SSL_aGOST01 0x00000020U /* SRP auth */ -# define SSL_aSRP 0x00000400U +# define SSL_aSRP 0x00000040U /* GOST R 34.10-2012 signature auth */ -# define SSL_aGOST12 0x00000800U +# define SSL_aGOST12 0x00000080U /* Bits for algorithm_enc (symmetric encryption) */ # define SSL_DES 0x00000001U @@ -368,9 +351,13 @@ # define SSL_AES128CCM8 0x00010000U # define SSL_AES256CCM8 0x00020000U # define SSL_eGOST2814789CNT12 0x00040000U +# define SSL_CHACHA20POLY1305 0x00080000U -# define SSL_AES (SSL_AES128|SSL_AES256|SSL_AES128GCM|SSL_AES256GCM|SSL_AES128CCM|SSL_AES256CCM|SSL_AES128CCM8|SSL_AES256CCM8) +# define SSL_AESGCM (SSL_AES128GCM | SSL_AES256GCM) +# define SSL_AESCCM (SSL_AES128CCM | SSL_AES256CCM | SSL_AES128CCM8 | SSL_AES256CCM8) +# define SSL_AES (SSL_AES128|SSL_AES256|SSL_AESGCM|SSL_AESCCM) # define SSL_CAMELLIA (SSL_CAMELLIA128|SSL_CAMELLIA256) +# define SSL_CHACHA20 (SSL_CHACHA20POLY1305) /* Bits for algorithm_mac (symmetric authentication) */ @@ -386,11 +373,6 @@ # define SSL_GOST89MAC12 0x00000100U # define SSL_GOST12_512 0x00000200U -/* Bits for algorithm_ssl (protocol version) */ -# define SSL_SSLV3 0x00000002U -# define SSL_TLSV1 0x00000004U -# define SSL_TLSV1_2 0x00000008U - /* * When adding new digest in the ssl_ciph.c and increment SSL_MD_NUM_IDX make * sure to update this constant too @@ -438,6 +420,7 @@ */ # define TLS1_STREAM_MAC 0x10000 +# define SSL_STRONG_MASK 0x0000001FU # define SSL_DEFAULT_MASK 0X00000020U # define SSL_STRONG_NONE 0x00000001U @@ -471,8 +454,14 @@ * flags because it may not be set to correct version yet. */ # define SSL_CLIENT_USE_TLS1_2_CIPHERS(s) \ - ((SSL_IS_DTLS(s) && s->client_version <= DTLS1_2_VERSION) || \ - (!SSL_IS_DTLS(s) && s->client_version >= TLS1_2_VERSION)) + ((!SSL_IS_DTLS(s) && s->client_version >= TLS1_2_VERSION) || \ + (SSL_IS_DTLS(s) && DTLS_VERSION_GE(s->client_version, DTLS1_2_VERSION))) +/* + * Determine if a client should send signature algorithms extension: + * as with TLS1.2 cipher we can't rely on method flags. + */ +# define SSL_CLIENT_USE_SIGALGS(s) \ + SSL_CLIENT_USE_TLS1_2_CIPHERS(s) # ifdef TLSEXT_TYPE_encrypt_then_mac # define SSL_USE_ETM(s) (s->s3->flags & TLS1_FLAGS_ENCRYPT_THEN_MAC) @@ -484,13 +473,11 @@ # define SSL_PKEY_RSA_ENC 0 # define SSL_PKEY_RSA_SIGN 1 # define SSL_PKEY_DSA_SIGN 2 -# define SSL_PKEY_DH_RSA 3 -# define SSL_PKEY_DH_DSA 4 -# define SSL_PKEY_ECC 5 -# define SSL_PKEY_GOST01 7 -# define SSL_PKEY_GOST12_256 8 -# define SSL_PKEY_GOST12_512 9 -# define SSL_PKEY_NUM 10 +# define SSL_PKEY_ECC 3 +# define SSL_PKEY_GOST01 4 +# define SSL_PKEY_GOST12_256 5 +# define SSL_PKEY_GOST12_512 6 +# define SSL_PKEY_NUM 7 /* * Pseudo-constant. GOST cipher suites can use different certs for 1 * SSL_CIPHER. So let's see which one we have in fact. @@ -527,7 +514,10 @@ struct ssl_cipher_st { uint32_t algorithm_auth; /* server authentication */ uint32_t algorithm_enc; /* symmetric encryption */ uint32_t algorithm_mac; /* symmetric authentication */ - uint32_t algorithm_ssl; /* (major) protocol version */ + int min_tls; /* minimum SSL/TLS protocol version */ + int max_tls; /* maximum SSL/TLS protocol version */ + int min_dtls; /* minimum DTLS protocol version */ + int max_dtls; /* maximum DTLS protocol version */ uint32_t algo_strength; /* strength and export flags */ uint32_t algorithm2; /* Extra flags */ int32_t strength_bits; /* Number of bits really used */ @@ -537,6 +527,8 @@ struct ssl_cipher_st { /* Used to hold SSL/TLS functions */ struct ssl_method_st { int version; + unsigned flags; + unsigned long mask; int (*ssl_new) (SSL *s); void (*ssl_clear) (SSL *s); void (*ssl_free) (SSL *s); @@ -559,7 +551,6 @@ struct ssl_method_st { int (*ssl_pending) (const SSL *s); int (*num_ciphers) (void); const SSL_CIPHER *(*get_cipher) (unsigned ncipher); - const struct ssl_method_st *(*get_ssl_method) (int version); long (*get_timeout) (void); const struct ssl3_enc_method *ssl3_enc; /* Extra SSLv3/TLS stuff */ int (*ssl_version) (void); @@ -621,7 +612,7 @@ struct ssl_session_st { /* This is the cert and type for the other end. */ X509 *peer; int peer_type; - /* Certificate chain of peer */ + /* Certificate chain peer sent */ STACK_OF(X509) *peer_chain; /* * when app_verify_callback accepts a session where the peer's @@ -657,6 +648,7 @@ struct ssl_session_st { char *srp_username; # endif uint32_t flags; + CRYPTO_RWLOCK *lock; }; /* Extended master secret support */ @@ -684,17 +676,15 @@ typedef struct srp_ctx_st { # endif -typedef struct ssl_comp_st SSL_COMP; - struct ssl_comp_st { int id; const char *name; COMP_METHOD *method; }; -DECLARE_STACK_OF(SSL_COMP) -DECLARE_LHASH_OF(SSL_SESSION); - +DEFINE_LHASH_OF(SSL_SESSION); +/* Needed in ssl_cert.c */ +DEFINE_LHASH_OF(X509_NAME); struct ssl_ctx_st { const SSL_METHOD *method; @@ -734,7 +724,8 @@ struct ssl_ctx_st { int (*new_session_cb) (struct ssl_st *ssl, SSL_SESSION *sess); void (*remove_session_cb) (struct ssl_ctx_st *ctx, SSL_SESSION *sess); SSL_SESSION *(*get_session_cb) (struct ssl_st *ssl, - unsigned char *data, int len, int *copy); + const unsigned char *data, int len, + int *copy); struct { int sess_connect; /* SSL new conn - started */ int sess_connect_renegotiate; /* SSL reneg - requested */ @@ -803,6 +794,8 @@ struct ssl_ctx_st { uint32_t options; uint32_t mode; + int min_proto_version; + int max_proto_version; long max_cert_list; struct cert_st /* CERT */ *cert; @@ -826,12 +819,33 @@ struct ssl_ctx_st { int quiet_shutdown; +# ifndef OPENSSL_NO_CT + CTLOG_STORE *ctlog_store; /* CT Log Store */ + /* + * Validates that the SCTs (Signed Certificate Timestamps) are sufficient. + * If they are not, the connection should be aborted. + */ + ssl_ct_validation_cb ct_validation_callback; + void *ct_validation_callback_arg; +# endif + + /* + * If we're using more than one pipeline how should we divide the data + * up between the pipes? + */ + unsigned int split_send_fragment; /* * Maximum amount of data to send in one fragment. actual record size can * be more than this due to padding and MAC overheads. */ unsigned int max_send_fragment; + /* Up to how many pipelines should we use? If 0 then 1 is assumed */ + unsigned int max_pipelines; + + /* The default read buffer length to use (0 means not set) */ + size_t default_read_buf_len; + # ifndef OPENSSL_NO_ENGINE /* * Engine to pass requests for client certs to @@ -874,7 +888,6 @@ struct ssl_ctx_st { # ifndef OPENSSL_NO_NEXTPROTONEG /* Next protocol negotiation information */ - /* (for experimental NPN extension). */ /* * For a server, this contains a callback function by which the set of @@ -923,6 +936,9 @@ struct ssl_ctx_st { unsigned char *alpn_client_proto_list; unsigned alpn_client_proto_list_len; + /* Shared DANE context */ + struct dane_ctx_st dane; + /* SRTP profiles we are willing to do from RFC 5764 */ STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles; /* @@ -937,6 +953,7 @@ struct ssl_ctx_st { size_t tlsext_ellipticcurvelist_length; unsigned char *tlsext_ellipticcurvelist; # endif /* OPENSSL_NO_EC */ + CRYPTO_RWLOCK *lock; }; @@ -1005,6 +1022,10 @@ struct ssl_st { void *msg_callback_arg; int hit; /* reusing a previous session */ X509_VERIFY_PARAM *param; + + /* Per connection DANE state */ + SSL_DANE dane; + /* crypto */ STACK_OF(SSL_CIPHER) *cipher_list; STACK_OF(SSL_CIPHER) *cipher_list_by_id; @@ -1058,13 +1079,10 @@ struct ssl_st { unsigned int max_psk_len); # endif SSL_CTX *ctx; - /* - * set this flag to 1 and a sleep(1) is put into all SSL_read() and - * SSL_write() calls, good for nbio debuging :-) - */ - int debug; - /* extra application data */ + /* Verified chain of peer */ + STACK_OF(X509) *verified_chain; long verify_result; + /* extra application data */ CRYPTO_EX_DATA ex_data; /* for server side, keep the list of CA_dn we can use */ STACK_OF(X509_NAME) *client_CA; @@ -1073,15 +1091,30 @@ struct ssl_st { uint32_t options; /* API behaviour */ uint32_t mode; + int min_proto_version; + int max_proto_version; long max_cert_list; int first_packet; /* what was passed, used for SSLv3/TLS rollback check */ int client_version; + + /* + * If we're using more than one pipeline how should we divide the data + * up between the pipes? + */ + unsigned int split_send_fragment; + /* + * Maximum amount of data to send in one fragment. actual record size can + * be more than this due to padding and MAC overheads. + */ unsigned int max_send_fragment; + /* Up to how many pipelines should we use? If 0 then 1 is assumed */ + unsigned int max_pipelines; + /* TLS extension debug callback */ void (*tlsext_debug_cb) (SSL *s, int client_server, int type, - unsigned char *data, int len, void *arg); + const unsigned char *data, int len, void *arg); void *tlsext_debug_arg; char *tlsext_hostname; /*- @@ -1094,6 +1127,26 @@ struct ssl_st { /* certificate status request info */ /* Status type or -1 if no status type */ int tlsext_status_type; +# ifndef OPENSSL_NO_CT + /* + * Validates that the SCTs (Signed Certificate Timestamps) are sufficient. + * If they are not, the connection should be aborted. + */ + ssl_ct_validation_cb ct_validation_callback; + /* User-supplied argument tha tis passed to the ct_validation_callback */ + void *ct_validation_callback_arg; + /* + * Consolidated stack of SCTs from all sources. + * Lazily populated by CT_get_peer_scts(SSL*) + */ + STACK_OF(SCT) *scts; + /* Raw extension data, if seen */ + unsigned char *tlsext_scts; + /* Length of raw extension data, if seen */ + uint16_t tlsext_scts_len; + /* Have we attempted to find/parse SCTs yet? */ + int scts_parsed; +# endif /* Expect OCSP CertificateStatus message */ int tlsext_status_expected; /* OCSP status request only */ @@ -1170,7 +1223,7 @@ struct ssl_st { * basis, depending on the chosen cipher. */ int (*not_resumable_session_cb) (SSL *ssl, int is_forward_secure); - + RECORD_LAYER rlayer; /* Default password callback. */ @@ -1181,6 +1234,9 @@ struct ssl_st { /* Async Job info */ ASYNC_JOB *job; + ASYNC_WAIT_CTX *waitctx; + + CRYPTO_RWLOCK *lock; }; @@ -1195,8 +1251,6 @@ typedef struct ssl3_state_st { /* flags for countermeasure against known-IV weakness */ int need_empty_fragments; int empty_fragment_done; - /* The value of 'extra' when the buffers were initialized */ - int init_extra; /* used during startup, digest all incoming/outgoing packets */ BIO *handshake_buffer; /* @@ -1236,11 +1290,8 @@ typedef struct ssl3_state_st { int message_type; /* used to hold the new cipher we are going to use */ const SSL_CIPHER *new_cipher; -# ifndef OPENSSL_NO_DH - DH *dh; -# endif -# ifndef OPENSSL_NO_EC - EC_KEY *ecdh; /* holds short lived ECDH key */ +# if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH) + EVP_PKEY *pkey; /* holds short lived DH/ECDH key */ # endif /* used for certificate requests */ int cert_req; @@ -1295,8 +1346,13 @@ typedef struct ssl3_state_st { */ uint32_t mask_k; uint32_t mask_a; - /* Client only */ - uint32_t mask_ssl; + /* + * The following are used by the client to see if a cipher is allowed or + * not. It contains the minimum and maximum version the client's using + * based on what it knows so far. + */ + int min_ver; + int max_ver; } tmp; /* Connection binding to prevent renegotiation attacks */ @@ -1324,7 +1380,12 @@ typedef struct ssl3_state_st { * that the server selected once the ServerHello has been processed. */ unsigned char *alpn_selected; - unsigned alpn_selected_len; + size_t alpn_selected_len; + /* used by the server to know what options were proposed */ + unsigned char *alpn_proposed; + size_t alpn_proposed_len; + /* used by the client to know if it actually sent alpn */ + int alpn_sent; # ifndef OPENSSL_NO_EC /* @@ -1336,11 +1397,8 @@ typedef struct ssl3_state_st { # endif /* !OPENSSL_NO_EC */ /* For clients: peer temporary key */ -# ifndef OPENSSL_NO_DH - DH *peer_dh_tmp; -# endif -# ifndef OPENSSL_NO_EC - EC_KEY *peer_ecdh_tmp; +# if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH) + EVP_PKEY *peer_tmp; # endif } SSL3_STATE; @@ -1394,6 +1452,29 @@ typedef struct hm_fragment_st { unsigned char *reassembly; } hm_fragment; +typedef struct pqueue_st pqueue; +typedef struct pitem_st pitem; + +struct pitem_st { + unsigned char priority[8]; /* 64-bit value in big-endian encoding */ + void *data; + pitem *next; +}; + +typedef struct pitem_st *piterator; + +pitem *pitem_new(unsigned char *prio64be, void *data); +void pitem_free(pitem *item); +pqueue* pqueue_new(void); +void pqueue_free(pqueue *pq); +pitem *pqueue_insert(pqueue *pq, pitem *item); +pitem *pqueue_peek(pqueue *pq); +pitem *pqueue_pop(pqueue *pq); +pitem *pqueue_find(pqueue *pq, unsigned char *prio64be); +pitem *pqueue_iterator(pqueue *pq); +pitem *pqueue_next(piterator *iter); +int pqueue_size(pqueue *pq); + typedef struct dtls1_state_st { unsigned char cookie[DTLS1_COOKIE_LENGTH]; unsigned int cookie_len; @@ -1405,9 +1486,9 @@ typedef struct dtls1_state_st { unsigned short handshake_read_seq; /* Buffered handshake messages */ - pqueue buffered_messages; + pqueue *buffered_messages; /* Buffered (sent) handshake records */ - pqueue sent_messages; + pqueue *sent_messages; unsigned int link_mtu; /* max on-the-wire DTLS packet size */ unsigned int mtu; /* max DTLS packet size */ @@ -1501,7 +1582,7 @@ typedef struct cert_st { */ CERT_PKEY *key; # ifndef OPENSSL_NO_DH - DH *dh_tmp; + EVP_PKEY *dh_tmp; DH *(*dh_tmp_cb) (SSL *ssl, int is_export, int keysize); int dh_tmp_auto; # endif @@ -1558,7 +1639,7 @@ typedef struct cert_st { custom_ext_methods cli_ext; custom_ext_methods srv_ext; /* Security callback */ - int (*sec_cb) (SSL *s, SSL_CTX *ctx, int op, int bits, int nid, + int (*sec_cb) (const SSL *s, const SSL_CTX *ctx, int op, int bits, int nid, void *other, void *ex); /* Security level */ int sec_level; @@ -1568,6 +1649,7 @@ typedef struct cert_st { char *psk_identity_hint; #endif int references; /* >1 only if SSL_copy_session_id is used */ + CRYPTO_RWLOCK *lock; } CERT; /* Structure containing decoded values of signature algorithms extension */ @@ -1583,35 +1665,6 @@ struct tls_sigalgs_st { unsigned char rhash; }; -/* - * #define MAC_DEBUG - */ - -/* - * #define ERR_DEBUG - */ -/* - * #define ABORT_DEBUG - */ -/* - * #define PKT_DEBUG 1 - */ -/* - * #define DES_DEBUG - */ -/* - * #define DES_OFB_DEBUG - */ -/* - * #define SSL_DEBUG - */ -/* - * #define RSA_DEBUG - */ -/* - * #define IDEA_DEBUG - */ - # define FP_ICC (int (*)(const void *,const void *)) /* @@ -1619,8 +1672,8 @@ struct tls_sigalgs_st { * of a mess of functions, but hell, think of it as an opaque structure :-) */ typedef struct ssl3_enc_method { - int (*enc) (SSL *, int); - int (*mac) (SSL *, unsigned char *, int); + int (*enc) (SSL *, SSL3_RECORD *, unsigned int, int); + int (*mac) (SSL *, SSL3_RECORD *, unsigned char *, int); int (*setup_key_block) (SSL *); int (*generate_master_secret) (SSL *, unsigned char *, unsigned char *, int); @@ -1680,9 +1733,26 @@ typedef struct ssl3_comp_st { # endif extern SSL3_ENC_METHOD ssl3_undef_enc_method; -OPENSSL_EXTERN const SSL_CIPHER ssl3_ciphers[]; -SSL_METHOD *ssl_bad_method(int ver); +__owur const SSL_METHOD *ssl_bad_method(int ver); +__owur const SSL_METHOD *sslv3_method(void); +__owur const SSL_METHOD *sslv3_server_method(void); +__owur const SSL_METHOD *sslv3_client_method(void); +__owur const SSL_METHOD *tlsv1_method(void); +__owur const SSL_METHOD *tlsv1_server_method(void); +__owur const SSL_METHOD *tlsv1_client_method(void); +__owur const SSL_METHOD *tlsv1_1_method(void); +__owur const SSL_METHOD *tlsv1_1_server_method(void); +__owur const SSL_METHOD *tlsv1_1_client_method(void); +__owur const SSL_METHOD *tlsv1_2_method(void); +__owur const SSL_METHOD *tlsv1_2_server_method(void); +__owur const SSL_METHOD *tlsv1_2_client_method(void); +__owur const SSL_METHOD *dtlsv1_method(void); +__owur const SSL_METHOD *dtlsv1_server_method(void); +__owur const SSL_METHOD *dtlsv1_client_method(void); +__owur const SSL_METHOD *dtlsv1_2_method(void); +__owur const SSL_METHOD *dtlsv1_2_server_method(void); +__owur const SSL_METHOD *dtlsv1_2_client_method(void); extern const SSL3_ENC_METHOD TLSv1_enc_data; extern const SSL3_ENC_METHOD TLSv1_1_enc_data; @@ -1691,12 +1761,20 @@ extern const SSL3_ENC_METHOD SSLv3_enc_data; extern const SSL3_ENC_METHOD DTLSv1_enc_data; extern const SSL3_ENC_METHOD DTLSv1_2_enc_data; -# define IMPLEMENT_tls_meth_func(version, func_name, s_accept, s_connect, \ - s_get_meth, enc_data) \ +/* + * Flags for SSL methods + */ +#define SSL_METHOD_NO_FIPS (1U<<0) +#define SSL_METHOD_NO_SUITEB (1U<<1) + +# define IMPLEMENT_tls_meth_func(version, flags, mask, func_name, s_accept, \ + s_connect, enc_data) \ const SSL_METHOD *func_name(void) \ { \ static const SSL_METHOD func_name##_data= { \ version, \ + flags, \ + mask, \ tls1_new, \ tls1_clear, \ tls1_free, \ @@ -1718,7 +1796,6 @@ const SSL_METHOD *func_name(void) \ ssl3_pending, \ ssl3_num_ciphers, \ ssl3_get_cipher, \ - s_get_meth, \ tls1_default_timeout, \ &enc_data, \ ssl_undefined_void_function, \ @@ -1728,11 +1805,13 @@ const SSL_METHOD *func_name(void) \ return &func_name##_data; \ } -# define IMPLEMENT_ssl3_meth_func(func_name, s_accept, s_connect, s_get_meth) \ +# define IMPLEMENT_ssl3_meth_func(func_name, s_accept, s_connect) \ const SSL_METHOD *func_name(void) \ { \ static const SSL_METHOD func_name##_data= { \ SSL3_VERSION, \ + SSL_METHOD_NO_FIPS | SSL_METHOD_NO_SUITEB, \ + SSL_OP_NO_SSLv3, \ ssl3_new, \ ssl3_clear, \ ssl3_free, \ @@ -1754,7 +1833,6 @@ const SSL_METHOD *func_name(void) \ ssl3_pending, \ ssl3_num_ciphers, \ ssl3_get_cipher, \ - s_get_meth, \ ssl3_default_timeout, \ &SSLv3_enc_data, \ ssl_undefined_void_function, \ @@ -1764,12 +1842,14 @@ const SSL_METHOD *func_name(void) \ return &func_name##_data; \ } -# define IMPLEMENT_dtls1_meth_func(version, func_name, s_accept, s_connect, \ - s_get_meth, enc_data) \ +# define IMPLEMENT_dtls1_meth_func(version, flags, mask, func_name, s_accept, \ + s_connect, enc_data) \ const SSL_METHOD *func_name(void) \ { \ static const SSL_METHOD func_name##_data= { \ version, \ + flags, \ + mask, \ dtls1_new, \ dtls1_clear, \ dtls1_free, \ @@ -1790,8 +1870,7 @@ const SSL_METHOD *func_name(void) \ ssl3_put_cipher_by_char, \ ssl3_pending, \ ssl3_num_ciphers, \ - dtls1_get_cipher, \ - s_get_meth, \ + ssl3_get_cipher, \ dtls1_default_timeout, \ &enc_data, \ ssl_undefined_void_function, \ @@ -1804,12 +1883,14 @@ const SSL_METHOD *func_name(void) \ struct openssl_ssl_test_functions { int (*p_ssl_init_wbio_buffer) (SSL *s, int push); int (*p_ssl3_setup_buffers) (SSL *s); - int (*p_tls1_process_heartbeat) (SSL *s, - unsigned char *p, unsigned int length); +# ifndef OPENSSL_NO_HEARTBEATS int (*p_dtls1_process_heartbeat) (SSL *s, unsigned char *p, unsigned int length); +# endif }; +const char *ssl_protocol_to_string(int version); + # ifndef OPENSSL_UNIT_TEST void ssl_clear_cipher_ctx(SSL *s); @@ -1851,8 +1932,8 @@ __owur int ssl_add_cert_chain(SSL *s, CERT_PKEY *cpk, unsigned long *l); __owur int ssl_build_cert_chain(SSL *s, SSL_CTX *ctx, int flags); __owur int ssl_cert_set_cert_store(CERT *c, X509_STORE *store, int chain, int ref); -__owur int ssl_security(SSL *s, int op, int bits, int nid, void *other); -__owur int ssl_ctx_security(SSL_CTX *ctx, int op, int bits, int nid, void *other); +__owur int ssl_security(const SSL *s, int op, int bits, int nid, void *other); +__owur int ssl_ctx_security(const SSL_CTX *ctx, int op, int bits, int nid, void *other); int ssl_undefined_function(SSL *s); __owur int ssl_undefined_void_function(void); @@ -1862,13 +1943,17 @@ __owur int ssl_get_server_cert_serverinfo(SSL *s, const unsigned char **serverin size_t *serverinfo_length); __owur EVP_PKEY *ssl_get_sign_pkey(SSL *s, const SSL_CIPHER *c, const EVP_MD **pmd); __owur int ssl_cert_type(X509 *x, EVP_PKEY *pkey); -void ssl_set_masks(SSL *s, const SSL_CIPHER *cipher); +void ssl_set_masks(SSL *s); __owur STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s); __owur int ssl_verify_alarm_type(long type); +void ssl_sort_cipher_list(void); void ssl_load_ciphers(void); __owur int ssl_fill_hello_random(SSL *s, int server, unsigned char *field, int len); __owur int ssl_generate_master_secret(SSL *s, unsigned char *pms, size_t pmslen, int free_pms); +__owur EVP_PKEY *ssl_generate_pkey(EVP_PKEY *pm, int nid); +__owur int ssl_derive(SSL *s, EVP_PKEY *privkey, EVP_PKEY *pubkey); +__owur EVP_PKEY *ssl_dh_to_pkey(DH *dh); __owur const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p); __owur int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p); @@ -1891,8 +1976,9 @@ __owur int ssl3_final_finish_mac(SSL *s, const char *sender, int slen, void ssl3_finish_mac(SSL *s, const unsigned char *buf, int len); void ssl3_free_digest_list(SSL *s); __owur unsigned long ssl3_output_cert_chain(SSL *s, CERT_PKEY *cpk); -__owur SSL_CIPHER *ssl3_choose_cipher(SSL *ssl, STACK_OF(SSL_CIPHER) *clnt, - STACK_OF(SSL_CIPHER) *srvr); +__owur const SSL_CIPHER *ssl3_choose_cipher(SSL *ssl, + STACK_OF(SSL_CIPHER) *clnt, + STACK_OF(SSL_CIPHER) *srvr); __owur int ssl3_digest_cached_records(SSL *s, int keep); __owur int ssl3_new(SSL *s); void ssl3_free(SSL *s); @@ -1914,10 +2000,19 @@ __owur int ssl3_handshake_write(SSL *s); __owur int ssl_allow_compression(SSL *s); +__owur int ssl_version_supported(const SSL *s, int version); + +__owur int ssl_set_client_hello_version(SSL *s); +__owur int ssl_check_version_downgrade(SSL *s); +__owur int ssl_set_version_bound(int method_version, int version, int *bound); +__owur int ssl_choose_server_version(SSL *s); +__owur int ssl_choose_client_version(SSL *s, int version); +int ssl_get_client_min_max_version(const SSL *s, int *min_version, int *max_version); + __owur long tls1_default_timeout(void); __owur int dtls1_do_write(SSL *s, int type); void dtls1_set_message_header(SSL *s, - unsigned char *p, unsigned char mt, + unsigned char mt, unsigned long len, unsigned long frag_off, unsigned long frag_len); @@ -1926,8 +2021,7 @@ __owur int dtls1_write_app_data_bytes(SSL *s, int type, const void *buf, int len __owur int dtls1_read_failed(SSL *s, int code); __owur int dtls1_buffer_message(SSL *s, int ccs); -__owur int dtls1_retransmit_message(SSL *s, unsigned short seq, - unsigned long frag_off, int *found); +__owur int dtls1_retransmit_message(SSL *s, unsigned short seq, int *found); __owur int dtls1_get_queue_priority(unsigned short seq, int is_ccs); int dtls1_retransmit_buffered_messages(SSL *s); void dtls1_clear_record_buffer(SSL *s); @@ -1937,7 +2031,6 @@ __owur long dtls1_default_timeout(void); __owur struct timeval *dtls1_get_timeout(SSL *s, struct timeval *timeleft); __owur int dtls1_check_timeout_num(SSL *s); __owur int dtls1_handle_timeout(SSL *s); -__owur const SSL_CIPHER *dtls1_get_cipher(unsigned int u); void dtls1_start_timer(SSL *s); void dtls1_stop_timer(SSL *s); __owur int dtls1_is_timer_expired(SSL *s); @@ -2015,9 +2108,7 @@ __owur int ssl_prepare_clienthello_tlsext(SSL *s); __owur int ssl_prepare_serverhello_tlsext(SSL *s); # ifndef OPENSSL_NO_HEARTBEATS -__owur int tls1_heartbeat(SSL *s); __owur int dtls1_heartbeat(SSL *s); -__owur int tls1_process_heartbeat(SSL *s, unsigned char *p, unsigned int length); __owur int dtls1_process_heartbeat(SSL *s, unsigned char *p, unsigned int length); # endif @@ -2037,6 +2128,10 @@ int tls1_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain, int idx); void tls1_set_cert_validity(SSL *s); +#ifndef OPENSSL_NO_CT +__owur int ssl_validate_ct(SSL *s); +#endif + # ifndef OPENSSL_NO_DH __owur DH *ssl_get_auto_dh(SSL *s); # endif @@ -2109,11 +2204,12 @@ __owur int custom_ext_add(SSL *s, int server, __owur int custom_exts_copy(custom_ext_methods *dst, const custom_ext_methods *src); void custom_exts_free(custom_ext_methods *exts); +void ssl_comp_free_compression_methods_int(void); + # else # define ssl_init_wbio_buffer SSL_test_functions()->p_ssl_init_wbio_buffer # define ssl3_setup_buffers SSL_test_functions()->p_ssl3_setup_buffers -# define tls1_process_heartbeat SSL_test_functions()->p_tls1_process_heartbeat # define dtls1_process_heartbeat SSL_test_functions()->p_dtls1_process_heartbeat # endif