/* The DH ciphers */
/* Cipher 0B */
{
- 0,
+ 1,
SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
SSL3_CK_DH_DSS_DES_40_CBC_SHA,
SSL_kDHd,
/* Cipher 0C */
{
- 0, /* not implemented (non-ephemeral DH) */
+ 1,
SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
SSL3_CK_DH_DSS_DES_64_CBC_SHA,
SSL_kDHd,
/* Cipher 0D */
{
- 0, /* not implemented (non-ephemeral DH) */
+ 1,
SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
SSL_kDHd,
/* Cipher 0E */
{
- 0, /* not implemented (non-ephemeral DH) */
+ 1,
SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
SSL3_CK_DH_RSA_DES_40_CBC_SHA,
SSL_kDHr,
/* Cipher 0F */
{
- 0, /* not implemented (non-ephemeral DH) */
+ 1,
SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
SSL3_CK_DH_RSA_DES_64_CBC_SHA,
SSL_kDHr,
/* Cipher 10 */
{
- 0, /* not implemented (non-ephemeral DH) */
+ 1,
SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
SSL_kDHr,
},
/* Cipher 30 */
{
- 0,
+ 1,
TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
TLS1_CK_DH_DSS_WITH_AES_128_SHA,
SSL_kDHd,
},
/* Cipher 31 */
{
- 0,
+ 1,
TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
TLS1_CK_DH_RSA_WITH_AES_128_SHA,
SSL_kDHr,
},
/* Cipher 36 */
{
- 0,
+ 1,
TLS1_TXT_DH_DSS_WITH_AES_256_SHA,
TLS1_CK_DH_DSS_WITH_AES_256_SHA,
SSL_kDHd,
/* Cipher 37 */
{
- 0, /* not implemented (non-ephemeral DH) */
+ 1,
TLS1_TXT_DH_RSA_WITH_AES_256_SHA,
TLS1_CK_DH_RSA_WITH_AES_256_SHA,
SSL_kDHr,
/* Cipher 3E */
{
- 0, /* not implemented (non-ephemeral DH) */
+ 1,
TLS1_TXT_DH_DSS_WITH_AES_128_SHA256,
TLS1_CK_DH_DSS_WITH_AES_128_SHA256,
SSL_kDHr,
/* Cipher 3F */
{
- 0, /* not implemented (non-ephemeral DH) */
+ 1,
TLS1_TXT_DH_RSA_WITH_AES_128_SHA256,
TLS1_CK_DH_RSA_WITH_AES_128_SHA256,
SSL_kDHr,
/* Cipher 42 */
{
- 0, /* not implemented (non-ephemeral DH) */
+ 1,
TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
SSL_kDHd,
/* Cipher 43 */
{
- 0, /* not implemented (non-ephemeral DH) */
+ 1,
TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
SSL_kDHr,
/* Cipher 68 */
{
- 0, /* not implemented (non-ephemeral DH) */
+ 1,
TLS1_TXT_DH_DSS_WITH_AES_256_SHA256,
TLS1_CK_DH_DSS_WITH_AES_256_SHA256,
SSL_kDHr,
/* Cipher 69 */
{
- 0, /* not implemented (non-ephemeral DH) */
+ 1,
TLS1_TXT_DH_RSA_WITH_AES_256_SHA256,
TLS1_CK_DH_RSA_WITH_AES_256_SHA256,
SSL_kDHr,
},
/* Cipher 85 */
{
- 0, /* not implemented (non-ephemeral DH) */
+ 1,
TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
SSL_kDHd,
/* Cipher 86 */
{
- 0, /* not implemented (non-ephemeral DH) */
+ 1,
TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
SSL_kDHr,
/* Cipher 97 */
{
- 0, /* not implemented (non-ephemeral DH) */
+ 1,
TLS1_TXT_DH_DSS_WITH_SEED_SHA,
TLS1_CK_DH_DSS_WITH_SEED_SHA,
SSL_kDHd,
/* Cipher 98 */
{
- 0, /* not implemented (non-ephemeral DH) */
+ 1,
TLS1_TXT_DH_RSA_WITH_SEED_SHA,
TLS1_CK_DH_RSA_WITH_SEED_SHA,
SSL_kDHr,
/* Cipher A0 */
{
- 0,
+ 1,
TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256,
TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256,
SSL_kDHr,
/* Cipher A1 */
{
- 0,
+ 1,
TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384,
TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384,
SSL_kDHr,
/* Cipher A4 */
{
- 0,
+ 1,
TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256,
TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256,
SSL_kDHr,
/* Cipher A5 */
{
- 0,
+ 1,
TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384,
TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384,
SSL_kDHr,
SSL3_MD_CLIENT_FINISHED_CONST,4,
SSL3_MD_SERVER_FINISHED_CONST,4,
ssl3_alert_code,
- (int (*)(SSL *, unsigned char *, unsigned int, const char *,
- unsigned int, const unsigned char *, unsigned int,
+ (int (*)(SSL *, unsigned char *, size_t, const char *,
+ size_t, const unsigned char *, size_t,
int use_context))ssl_undefined_function,
};
#endif
#endif /* !OPENSSL_NO_TLSEXT */
+
+ case SSL_CTRL_CHAIN:
+ if (larg)
+ return ssl_cert_set1_chain(s->cert,
+ (STACK_OF (X509) *)parg);
+ else
+ return ssl_cert_set0_chain(s->cert,
+ (STACK_OF (X509) *)parg);
+
+ case SSL_CTRL_CHAIN_CERT:
+ if (larg)
+ return ssl_cert_add1_chain_cert(s->cert, (X509 *)parg);
+ else
+ return ssl_cert_add0_chain_cert(s->cert, (X509 *)parg);
+
default:
break;
}
ctx->srp_ctx.login = NULL;
if (parg == NULL)
break;
- if (strlen((char *)parg) > 254)
+ if (strlen((const char *)parg) > 255 || strlen((const char *)parg) < 1)
{
SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_SRP_USERNAME);
return 0;
}
break;
+ case SSL_CTRL_CHAIN:
+ if (larg)
+ return ssl_cert_set1_chain(ctx->cert,
+ (STACK_OF (X509) *)parg);
+ else
+ return ssl_cert_set0_chain(ctx->cert,
+ (STACK_OF (X509) *)parg);
+
+ case SSL_CTRL_CHAIN_CERT:
+ if (larg)
+ return ssl_cert_add1_chain_cert(ctx->cert, (X509 *)parg);
+ else
+ return ssl_cert_add0_chain_cert(ctx->cert, (X509 *)parg);
+
default:
return(0);
}