CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
s->ctx = ctx;
-#ifndef OPENSSL_NO_TLSEXT
s->tlsext_debug_cb = 0;
s->tlsext_debug_arg = NULL;
s->tlsext_ticket_expected = 0;
s->ctx->alpn_client_proto_list_len);
s->alpn_client_proto_list_len = s->ctx->alpn_client_proto_list_len;
}
-#endif
s->verify_result = X509_V_OK;
ssl_cert_free(s->cert);
/* Free up if allocated */
-#ifndef OPENSSL_NO_TLSEXT
OPENSSL_free(s->tlsext_hostname);
SSL_CTX_free(s->initial_ctx);
-# ifndef OPENSSL_NO_EC
+#ifndef OPENSSL_NO_EC
OPENSSL_free(s->tlsext_ecpointformatlist);
OPENSSL_free(s->tlsext_ellipticcurvelist);
-# endif /* OPENSSL_NO_EC */
+#endif /* OPENSSL_NO_EC */
sk_X509_EXTENSION_pop_free(s->tlsext_ocsp_exts, X509_EXTENSION_free);
sk_OCSP_RESPID_pop_free(s->tlsext_ocsp_ids, OCSP_RESPID_free);
OPENSSL_free(s->tlsext_ocsp_resp);
OPENSSL_free(s->alpn_client_proto_list);
-#endif
sk_X509_NAME_pop_free(s->client_CA, X509_NAME_free);
SSL_CTX_free(s->ctx);
-#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
+#if !defined(OPENSSL_NO_NEXTPROTONEG)
OPENSSL_free(s->next_proto_negotiated);
#endif
return (NULL);
}
+STACK_OF(SSL_CIPHER) *SSL_get_client_ciphers(const SSL *s)
+{
+ if ((s == NULL) || (s->session == NULL) || !s->server)
+ return NULL;
+ return s->session->ciphers;
+}
+
STACK_OF(SSL_CIPHER) *SSL_get1_supported_ciphers(SSL *s)
{
STACK_OF(SSL_CIPHER) *sk = NULL, *ciphers;
return (buf);
}
-#ifndef OPENSSL_NO_TLSEXT
/** return a servername extension value if provided in Client Hello, or NULL.
* So far, only host_name types are defined (RFC 3546).
*/
return status;
}
-# ifndef OPENSSL_NO_NEXTPROTONEG
+#ifndef OPENSSL_NO_NEXTPROTONEG
/*
* SSL_get0_next_proto_negotiated sets *data and *len to point to the
* client's requested protocol for this connection and returns 0. If the
ctx->next_proto_select_cb = cb;
ctx->next_proto_select_cb_arg = arg;
}
-# endif
+#endif
/*
* SSL_CTX_set_alpn_protos sets the ALPN protocol list on |ctx| to |protos|.
*len = ssl->s3->alpn_selected_len;
}
-#endif /* !OPENSSL_NO_TLSEXT */
int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
const char *label, size_t llen,
ret->max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH;
-#ifndef OPENSSL_NO_TLSEXT
ret->tlsext_servername_callback = 0;
ret->tlsext_servername_arg = NULL;
/* Setup RFC4507 ticket keys */
ret->tlsext_status_cb = 0;
ret->tlsext_status_arg = NULL;
-# ifndef OPENSSL_NO_NEXTPROTONEG
+#ifndef OPENSSL_NO_NEXTPROTONEG
ret->next_protos_advertised_cb = 0;
ret->next_proto_select_cb = 0;
-# endif
#endif
#ifndef OPENSSL_NO_PSK
ret->psk_identity_hint = NULL;
ENGINE_finish(a->client_cert_engine);
#endif
-#ifndef OPENSSL_NO_TLSEXT
-# ifndef OPENSSL_NO_EC
+#ifndef OPENSSL_NO_EC
OPENSSL_free(a->tlsext_ecpointformatlist);
OPENSSL_free(a->tlsext_ellipticcurvelist);
-# endif
- OPENSSL_free(a->alpn_client_proto_list);
#endif
+ OPENSSL_free(a->alpn_client_proto_list);
OPENSSL_free(a);
}
if (dh_dsa_export)
emask_k |= SSL_kDHd;
- if (emask_k & (SSL_kDHr | SSL_kDHd))
+ if (mask_k & (SSL_kDHr | SSL_kDHd))
mask_a |= SSL_aDH;
if (rsa_enc || rsa_sign) {
return c->pkeys[idx].privatekey;
}
-#ifndef OPENSSL_NO_TLSEXT
int ssl_get_server_cert_serverinfo(SSL *s, const unsigned char **serverinfo,
size_t *serverinfo_length)
{
*serverinfo_length = c->pkeys[i].serverinfo_length;
return 1;
}
-#endif
void ssl_update_cache(SSL *s, int mode)
{
CERT *new_cert;
if (ssl->ctx == ctx)
return ssl->ctx;
-#ifndef OPENSSL_NO_TLSEXT
if (ctx == NULL)
ctx = ssl->initial_ctx;
-#endif
new_cert = ssl_cert_dup(ctx->cert);
if (new_cert == NULL) {
return NULL;
return (ssl->verify_result);
}
+int SSL_get_client_random(const SSL *ssl, unsigned char *out, int outlen)
+{
+ if (outlen < 0)
+ return sizeof(ssl->s3->client_random);
+ if (outlen > sizeof(ssl->s3->client_random))
+ outlen = sizeof(ssl->s3->client_random);
+ memcpy(out, ssl->s3->client_random, outlen);
+ return (outlen);
+}
+
+int SSL_get_server_random(const SSL *ssl, unsigned char *out, int outlen)
+{
+ if (outlen < 0)
+ return sizeof(ssl->s3->server_random);
+ if (outlen > sizeof(ssl->s3->server_random))
+ outlen = sizeof(ssl->s3->server_random);
+ memcpy(out, ssl->s3->server_random, outlen);
+ return (outlen);
+}
+
+int SSL_SESSION_get_master_key(const SSL_SESSION *session,
+ unsigned char *out, int outlen)
+{
+ if (outlen < 0)
+ return session->master_key_length;
+ if (outlen > session->master_key_length)
+ outlen = session->master_key_length;
+ memcpy(out, session->master_key, outlen);
+ return (outlen);
+}
+
int SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
{