long SSL_ctrl(SSL *s,int cmd,long larg,void *parg)
{
long l;
-#ifndef OPENSSL_NO_DANE
- const char *hostname = NULL;
-#endif
switch (cmd)
{
}
else
return ssl_put_cipher_by_char(s,NULL,NULL);
-#ifndef OPENSSL_NO_DANE
- case SSL_CTRL_PULL_TLSA_RECORD:
- hostname = parg;
- parg = SSL_get_tlsa_record_byname (parg,larg,s->version<0xF000?1:0);
- /* yes, fall through */
- case SSL_CTRL_SET_TLSA_RECORD:
- if (parg!=NULL)
- {
- TLSA_EX_DATA *ex = SSL_get_TLSA_ex_data(s);
- unsigned char *tlsa_rec = parg;
- int tlsa_len = 0;
-
- if (hostname==NULL)
- {
- while (1)
- {
- int dlen;
-
- memcpy(&dlen,tlsa_rec,sizeof(dlen));
- tlsa_rec += sizeof(dlen)+dlen;
-
- if (dlen==0) break;
- }
- if ((tlsa_rec = OPENSSL_malloc(tlsa_len)))
- memcpy(tlsa_rec,parg,tlsa_len);
- else
- {
- SSLerr(SSL_F_SSL_CTRL,SSL_R_UNINITIALIZED);
- return 0;
- }
- }
- ex->tlsa_record = tlsa_rec;
- }
- return 1;
-#endif
default:
return(s->method->ssl_ctrl(s,cmd,larg,parg));
}
p=buf;
sk=s->session->ciphers;
+
+ if (sk_SSL_CIPHER_num(sk) == 0)
+ return NULL;
+
for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
{
int n;
*len = ssl->s3->alpn_selected_len;
}
-int SSL_CTX_set_cli_supp_data(SSL_CTX *ctx,
- unsigned short supp_data_type,
- cli_supp_data_first_cb_fn fn1,
- cli_supp_data_second_cb_fn fn2, void* arg)
- {
- size_t i;
- cli_supp_data_record* record;
-
- /* Check for duplicates */
- for (i=0; i < ctx->cli_supp_data_records_count; i++)
- if (supp_data_type == ctx->cli_supp_data_records[i].supp_data_type)
- return 0;
-
- ctx->cli_supp_data_records = OPENSSL_realloc(ctx->cli_supp_data_records,
- (ctx->cli_supp_data_records_count+1) * sizeof(cli_supp_data_record));
- if (!ctx->cli_supp_data_records)
- {
- ctx->cli_supp_data_records_count = 0;
- return 0;
- }
- ctx->cli_supp_data_records_count++;
- record = &ctx->cli_supp_data_records[ctx->cli_supp_data_records_count - 1];
- record->supp_data_type = supp_data_type;
- record->fn1 = fn1;
- record->fn2 = fn2;
- record->arg = arg;
- return 1;
- }
-
-int SSL_CTX_set_srv_supp_data(SSL_CTX *ctx,
- unsigned short supp_data_type,
- srv_supp_data_first_cb_fn fn1,
- srv_supp_data_second_cb_fn fn2, void* arg)
- {
- size_t i;
- srv_supp_data_record* record;
-
- /* Check for duplicates */
- for (i=0; i < ctx->srv_supp_data_records_count; i++)
- if (supp_data_type == ctx->srv_supp_data_records[i].supp_data_type)
- return 0;
-
- ctx->srv_supp_data_records = OPENSSL_realloc(ctx->srv_supp_data_records,
- (ctx->srv_supp_data_records_count+1) * sizeof(srv_supp_data_record));
- if (!ctx->srv_supp_data_records)
- {
- ctx->srv_supp_data_records_count = 0;
- return 0;
- }
- ctx->srv_supp_data_records_count++;
- record = &ctx->srv_supp_data_records[ctx->srv_supp_data_records_count - 1];
- record->supp_data_type = supp_data_type;
- record->fn1 = fn1;
- record->fn2 = fn2;
- record->arg = arg;
-
- return 1;
- }
-
#endif /* !OPENSSL_NO_TLSEXT */
int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
ret->custom_cli_ext_records_count = 0;
ret->custom_srv_ext_records = NULL;
ret->custom_srv_ext_records_count = 0;
- ret->cli_supp_data_records = NULL;
- ret->cli_supp_data_records_count = 0;
- ret->srv_supp_data_records = NULL;
- ret->srv_supp_data_records_count = 0;
#ifndef OPENSSL_NO_BUF_FREELISTS
ret->freelist_max_len = SSL_MAX_BUF_FREELIST_LEN_DEFAULT;
ret->rbuf_freelist = OPENSSL_malloc(sizeof(SSL3_BUF_FREELIST));
#ifndef OPENSSL_NO_TLSEXT
OPENSSL_free(a->custom_cli_ext_records);
OPENSSL_free(a->custom_srv_ext_records);
- OPENSSL_free(a->cli_supp_data_records);
- OPENSSL_free(a->srv_supp_data_records);
#endif
#ifndef OPENSSL_NO_ENGINE
if (a->client_cert_engine)
int i;
c = s->cert;
+ if (!s->s3 || !s->s3->tmp.new_cipher)
+ return NULL;
ssl_set_cert_masks(c, s->s3->tmp.new_cipher);
#ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL