if (s->srtp_profiles)
sk_SRTP_PROTECTION_PROFILE_free(s->srtp_profiles);
-#ifndef OPENSSL_NO_DANE
- if (s->tlsa_record && s->tlsa_record!=(void *)-1)
- OPENSSL_free(s->tlsa_record);
-#endif
-
OPENSSL_free(s);
}
}
else
return ssl_put_cipher_by_char(s,NULL,NULL);
-#ifndef OPENSSL_NO_DANE
- case SSL_CTRL_PULL_TLSA_RECORD:
- parg = SSL_get_tlsa_record_byname (parg,larg,s->version<0xF000?1:0);
- /* yes, fall through */
- case SSL_CTRL_SET_TLSA_RECORD:
- s->tlsa_record = parg;
- return 1;
-#endif
default:
return(s->method->ssl_ctrl(s,cmd,larg,parg));
}
p=buf;
sk=s->session->ciphers;
+
+ if (sk_SSL_CIPHER_num(sk) == 0)
+ return NULL;
+
for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
{
int n;
else
*len = ssl->s3->alpn_selected_len;
}
+
#endif /* !OPENSSL_NO_TLSEXT */
int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
int i;
c = s->cert;
+ if (!s->s3 || !s->s3->tmp.new_cipher)
+ return NULL;
ssl_set_cert_masks(c, s->s3->tmp.new_cipher);
#ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL
}
#ifndef OPENSSL_NO_TLSEXT
-unsigned char *ssl_get_authz_data(SSL *s, size_t *authz_length)
- {
- CERT *c;
- int i;
-
- c = s->cert;
- i = ssl_get_server_cert_index(s);
-
- if (i == -1)
- return NULL;
-
- *authz_length = 0;
- if (c->pkeys[i].authz == NULL)
- return(NULL);
- *authz_length = c->pkeys[i].authz_length;
-
- return c->pkeys[i].authz;
- }
-
int ssl_get_server_cert_serverinfo(SSL *s, const unsigned char **serverinfo,
size_t *serverinfo_length)
{
}
}
+const SSL_METHOD *SSL_CTX_get_ssl_method(SSL_CTX *ctx)
+ {
+ return ctx->method;
+ }
+
const SSL_METHOD *SSL_get_ssl_method(SSL *s)
{
return(s->method);