use SSL_kECDHE throughout instead of SSL_kEECDH
[openssl.git] / ssl / bio_ssl.c
index d85555a..e9552ca 100644 (file)
@@ -206,6 +206,10 @@ static int ssl_read(BIO *b, char *out, int outl)
                BIO_set_retry_special(b);
                retry_reason=BIO_RR_SSL_X509_LOOKUP;
                break;
+       case SSL_ERROR_WANT_ACCEPT:
+               BIO_set_retry_special(b);
+               retry_reason=BIO_RR_ACCEPT;
+               break;
        case SSL_ERROR_WANT_CONNECT:
                BIO_set_retry_special(b);
                retry_reason=BIO_RR_CONNECT;
@@ -344,7 +348,11 @@ static long ssl_ctrl(BIO *b, int cmd, long num, void *ptr)
                break;
        case BIO_C_SET_SSL:
                if (ssl != NULL)
+                       {
                        ssl_free(b);
+                       if (!ssl_new(b))
+                               return 0;
+                       }
                b->shutdown=(int)num;
                ssl=(SSL *)ptr;
                ((BIO_SSL *)b->ptr)->ssl=ssl;
@@ -394,13 +402,19 @@ static long ssl_ctrl(BIO *b, int cmd, long num, void *ptr)
                        }
                break;
        case BIO_CTRL_POP:
-               /* ugly bit of a hack */
-               if (ssl->rbio != ssl->wbio) /* we are in trouble :-( */
+               /* Only detach if we are the BIO explicitly being popped */
+               if (b == ptr)
                        {
-                       BIO_free_all(ssl->wbio);
+                       /* Shouldn't happen in practice because the
+                        * rbio and wbio are the same when pushed.
+                        */
+                       if (ssl->rbio != ssl->wbio)
+                               BIO_free_all(ssl->wbio);
+                       if (b->next_bio != NULL)
+                               CRYPTO_add(&b->next_bio->references,-1,CRYPTO_LOCK_BIO);
+                       ssl->wbio=NULL;
+                       ssl->rbio=NULL;
                        }
-               ssl->wbio=NULL;
-               ssl->rbio=NULL;
                break;
        case BIO_C_DO_STATE_MACHINE:
                BIO_clear_retry_flags(b);
@@ -448,7 +462,7 @@ static long ssl_ctrl(BIO *b, int cmd, long num, void *ptr)
        case BIO_CTRL_SET_CALLBACK:
                {
 #if 0 /* FIXME: Should this be used?  -- Richard Levitte */
-               BIOerr(SSL_F_SSL_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+               SSLerr(SSL_F_SSL_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
                ret = -1;
 #else
                ret=0;
@@ -457,9 +471,9 @@ static long ssl_ctrl(BIO *b, int cmd, long num, void *ptr)
                break;
        case BIO_CTRL_GET_CALLBACK:
                {
-               void (**fptr)();
+               void (**fptr)(const SSL *xssl,int type,int val);
 
-               fptr=(void (**)())ptr;
+               fptr=(void (**)(const SSL *xssl,int type,int val))ptr;
                *fptr=SSL_get_info_callback(ssl);
                }
                break;
@@ -482,7 +496,9 @@ static long ssl_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
                {
        case BIO_CTRL_SET_CALLBACK:
                {
-               SSL_set_info_callback(ssl,fp);
+               /* FIXME: setting this via a completely different prototype
+                  seems like a crap idea */
+               SSL_set_info_callback(ssl,(void (*)(const SSL *,int,int))fp);
                }
                break;
        default:
@@ -503,6 +519,7 @@ static int ssl_puts(BIO *bp, const char *str)
 
 BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx)
        {
+#ifndef OPENSSL_NO_SOCK
        BIO *ret=NULL,*buf=NULL,*ssl=NULL;
 
        if ((buf=BIO_new(BIO_f_buffer())) == NULL)
@@ -515,11 +532,13 @@ BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx)
 err:
        if (buf != NULL) BIO_free(buf);
        if (ssl != NULL) BIO_free(ssl);
+#endif
        return(NULL);
        }
 
 BIO *BIO_new_ssl_connect(SSL_CTX *ctx)
        {
+#ifndef OPENSSL_NO_SOCK
        BIO *ret=NULL,*con=NULL,*ssl=NULL;
 
        if ((con=BIO_new(BIO_s_connect())) == NULL)
@@ -531,7 +550,7 @@ BIO *BIO_new_ssl_connect(SSL_CTX *ctx)
        return(ret);
 err:
        if (con != NULL) BIO_free(con);
-       if (ret != NULL) BIO_free(ret);
+#endif
        return(NULL);
        }