X-Git-Url: https://git.openssl.org/gitweb/?a=blobdiff_plain;f=ssl%2Fs3_lib.c;h=6c09e43463cda7c3b79445c6cc6e0da8811f834a;hb=230ec17d745d99fa37973bda8654031d90e88c02;hp=0147e413ffff0a1eb1b9257cc5f95deb9a54cea3;hpb=2ea803546046e61783da398306b4a19070c51448;p=openssl.git

diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 0147e413ff..6c09e43463 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -2011,6 +2011,22 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 	256,
 	256,
 	},
+#ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL
+	{
+	1,
+	"SCSV",
+	SSL3_CK_SCSV,
+	0,
+	0,
+	0,
+	0,
+	0,
+	0,
+	0,
+	0,
+	0
+	},
+#endif
 
 #ifndef OPENSSL_NO_ECDH
 	/* Cipher C001 */
@@ -3458,6 +3474,72 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
 	case SSL_CTRL_SET_CHAIN_CERT_STORE:
 		return ssl_cert_set_cert_store(s->cert, parg, 1, larg);
 
+	case SSL_CTRL_GET_PEER_SIGNATURE_NID:
+		if (TLS1_get_version(s) >= TLS1_2_VERSION)
+			{
+			if (s->session && s->session->sess_cert)
+				{
+				const EVP_MD *sig;
+				sig = s->session->sess_cert->peer_key->digest;
+				if (sig)
+					{
+					*(int *)parg = EVP_MD_type(sig);
+					return 1;
+					}
+				}
+			return 0;
+			}
+		/* Might want to do something here for other versions */
+		else
+			return 0;
+
+	case SSL_CTRL_GET_SERVER_TMP_KEY:
+		if (s->server || !s->session || !s->session->sess_cert)
+			return 0;
+		else
+			{
+			SESS_CERT *sc;
+			EVP_PKEY *ptmp;
+			int rv = 0;
+			sc = s->session->sess_cert;
+			if (!sc->peer_rsa_tmp && !sc->peer_dh_tmp
+							&& !sc->peer_ecdh_tmp)
+				return 0;
+			ptmp = EVP_PKEY_new();
+			if (!ptmp)
+				return 0;
+			if (0);
+#ifndef OPENSSL_NO_RSA
+			else if (sc->peer_rsa_tmp)
+				rv = EVP_PKEY_set1_RSA(ptmp, sc->peer_rsa_tmp);
+#endif
+#ifndef OPENSSL_NO_DH
+			else if (sc->peer_dh_tmp)
+				rv = EVP_PKEY_set1_DH(ptmp, sc->peer_dh_tmp);
+#endif
+#ifndef OPENSSL_NO_ECDH
+			else if (sc->peer_ecdh_tmp)
+				rv = EVP_PKEY_set1_EC_KEY(ptmp, sc->peer_ecdh_tmp);
+#endif
+			if (rv)
+				{
+				*(EVP_PKEY **)parg = ptmp;
+				return 1;
+				}
+			EVP_PKEY_free(ptmp);
+			return 0;
+			}
+
+	case SSL_CTRL_GET_EC_POINT_FORMATS:
+		{
+		SSL_SESSION *sess = s->session;
+		const unsigned char **pformat = parg;
+		if (!sess || !sess->tlsext_ecpointformatlist)
+			return 0;
+		*pformat = sess->tlsext_ecpointformatlist;
+		return (int)sess->tlsext_ecpointformatlist_length;
+		}
+
 	default:
 		break;
 		}
@@ -3909,10 +3991,7 @@ const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
 #ifdef DEBUG_PRINT_UNKNOWN_CIPHERSUITES
 if (cp == NULL) fprintf(stderr, "Unknown cipher ID %x\n", (p[0] << 8) | p[1]);
 #endif
-	if (cp == NULL || cp->valid == 0)
-		return NULL;
-	else
-		return cp;
+	return cp;
 	}
 
 int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)