SSL_aRSA,
SSL_eNULL,
SSL_SHA256,
- SSL_SSLV3,
+ SSL_TLSV1_2,
SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
0,
SSL_aRSA,
SSL_AES128,
SSL_SHA256,
- SSL_TLSV1,
+ SSL_TLSV1_2,
SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
128,
SSL_aRSA,
SSL_AES256,
SSL_SHA256,
- SSL_TLSV1,
+ SSL_TLSV1_2,
SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
256,
1,
TLS1_TXT_DH_DSS_WITH_AES_128_SHA256,
TLS1_CK_DH_DSS_WITH_AES_128_SHA256,
- SSL_kDHr,
+ SSL_kDHd,
SSL_aDH,
SSL_AES128,
SSL_SHA256,
- SSL_TLSV1,
+ SSL_TLSV1_2,
SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
128,
SSL_aDH,
SSL_AES128,
SSL_SHA256,
- SSL_TLSV1,
+ SSL_TLSV1_2,
SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
128,
SSL_aDSS,
SSL_AES128,
SSL_SHA256,
- SSL_TLSV1,
+ SSL_TLSV1_2,
SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
128,
SSL_aRSA,
SSL_AES128,
SSL_SHA256,
- SSL_TLSV1,
+ SSL_TLSV1_2,
SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
128,
1,
TLS1_TXT_DH_DSS_WITH_AES_256_SHA256,
TLS1_CK_DH_DSS_WITH_AES_256_SHA256,
- SSL_kDHr,
+ SSL_kDHd,
SSL_aDH,
SSL_AES256,
SSL_SHA256,
- SSL_TLSV1,
+ SSL_TLSV1_2,
SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
256,
SSL_aDH,
SSL_AES256,
SSL_SHA256,
- SSL_TLSV1,
+ SSL_TLSV1_2,
SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
256,
SSL_aDSS,
SSL_AES256,
SSL_SHA256,
- SSL_TLSV1,
+ SSL_TLSV1_2,
SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
256,
SSL_aRSA,
SSL_AES256,
SSL_SHA256,
- SSL_TLSV1,
+ SSL_TLSV1_2,
SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
256,
SSL_aNULL,
SSL_AES128,
SSL_SHA256,
- SSL_TLSV1,
+ SSL_TLSV1_2,
SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
128,
SSL_aNULL,
SSL_AES256,
SSL_SHA256,
- SSL_TLSV1,
+ SSL_TLSV1_2,
SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
256,
1,
TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256,
TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256,
- SSL_kDHr,
+ SSL_kDHd,
SSL_aDH,
SSL_AES128GCM,
SSL_AEAD,
1,
TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384,
TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384,
- SSL_kDHr,
+ SSL_kDHd,
SSL_aDH,
SSL_AES256GCM,
SSL_AEAD,
1,
TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256,
TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256,
- SSL_kECDHe,
+ SSL_kECDHr,
SSL_aECDH,
SSL_AES128,
SSL_SHA256,
1,
TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384,
TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384,
- SSL_kECDHe,
+ SSL_kECDHr,
SSL_aECDH,
SSL_AES256,
SSL_SHA384,
1,
TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256,
TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256,
- SSL_kECDHe,
+ SSL_kECDHr,
SSL_aECDH,
SSL_AES128GCM,
SSL_AEAD,
1,
TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384,
TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384,
- SSL_kECDHe,
+ SSL_kECDHr,
SSL_aECDH,
SSL_AES256GCM,
SSL_AEAD,
if (s->s3->handshake_dgst) ssl3_free_digest_list(s);
#ifndef OPENSSL_NO_SRP
SSL_SRP_CTX_free(s);
+#endif
+#ifndef OPENSSL_NO_TLSEXT
+ if (s->s3->tlsext_authz_client_types != NULL)
+ OPENSSL_free(s->s3->tlsext_authz_client_types);
#endif
OPENSSL_cleanse(s->s3,sizeof *s->s3);
OPENSSL_free(s->s3);
s->s3->tmp.ecdh = NULL;
}
#endif
+#ifndef OPENSSL_NO_TLSEXT
+ if (s->s3->tlsext_authz_client_types != NULL)
+ {
+ OPENSSL_free(s->s3->tlsext_authz_client_types);
+ s->s3->tlsext_authz_client_types = NULL;
+ }
+#endif
rp = s->s3->rbuf.buf;
wp = s->s3->wbuf.buf;
case SSL_CTRL_GET_SHARED_CURVE:
return tls1_shared_curve(s, larg);
-
+
+ case SSL_CTRL_SET_ECDH_AUTO:
+ s->cert->ecdh_tmp_auto = larg;
+ break;
default:
break;
return tls1_set_curves_list(&ctx->tlsext_ellipticcurvelist,
&ctx->tlsext_ellipticcurvelist_length,
parg);
+ case SSL_CTRL_SET_ECDH_AUTO:
+ ctx->cert->ecdh_tmp_auto = larg;
+ break;
+
+ case SSL_CTRL_SET_TLSEXT_AUTHZ_SERVER_AUDIT_PROOF_CB_ARG:
+ ctx->tlsext_authz_server_audit_proof_cb_arg = parg;
+ break;
+
#endif /* !OPENSSL_NO_TLSEXT */
/* A Thawte special :-) */
ctx->srp_ctx.SRP_give_srp_client_pwd_callback=(char *(*)(SSL *,void *))fp;
break;
#endif
+
+ case SSL_CTRL_SET_TLSEXT_AUTHZ_SERVER_AUDIT_PROOF_CB:
+ ctx->tlsext_authz_server_audit_proof_cb =
+ (int (*)(SSL *, void *))fp;
+ break;
+
#endif
case SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB:
{
projects / openssl.git / blobdiff