return 0;
}
- s->type = 0;
-
- statem_clear(s);
+ ossl_statem_clear(s);
s->version = s->method->version;
s->client_version = s->version;
s->init_buf = NULL;
clear_ciphers(s);
s->first_packet = 0;
- s->no_cert_verify = 0;
/*
* Check to see if we were changed into a different method, if so, revert
* back if we are not doing session-id reuse.
*/
- if (!s->in_handshake && (s->session == NULL)
+ if (!ossl_statem_get_in_handshake(s) && (s->session == NULL)
&& (s->method != s->ctx->method)) {
s->method->ssl_free(s);
s->method = s->ctx->method;
s->generate_session_id = ctx->generate_session_id;
s->param = X509_VERIFY_PARAM_new();
- if (!s->param)
+ if (s->param == NULL)
goto err;
X509_VERIFY_PARAM_inherit(s->param, ctx->param);
s->quiet_shutdown = ctx->quiet_shutdown;
s->verify_result = X509_V_OK;
+ s->default_passwd_callback = ctx->default_passwd_callback;
+ s->default_passwd_callback_userdata = ctx->default_passwd_callback_userdata;
+
s->method = ctx->method;
if (!s->method->ssl_new(s))
}
/*
- * what if we are setup as SSLv2 but want to talk SSLv3 or vice-versa
+ * what if we are setup for one protocol version but want to talk another
*/
if (t->method != f->method) {
t->method->ssl_free(t); /* cleanup current */
return -1;
}
- if ((s != NULL) && !SSL_in_init(s))
+ if (!SSL_in_init(s))
return (s->method->ssl_shutdown(s));
else
return (1);
return TLS_CIPHER_LEN;
}
case SSL_CTRL_GET_EXTMS_SUPPORT:
- if (!s->session || SSL_in_init(s) || s->in_handshake)
+ if (!s->session || SSL_in_init(s) || ossl_statem_get_in_handshake(s))
return -1;
if (s->session->flags & SSL_SESS_FLAG_EXTMS)
return 1;
int ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b)
{
- long l;
-
- l = a->id - b->id;
- if (l == 0L)
- return (0);
- else
- return ((l > 0) ? 1 : -1);
+ if (a->id > b->id)
+ return 1;
+ if (a->id < b->id)
+ return -1;
+ return 0;
}
int ssl_cipher_ptr_id_cmp(const SSL_CIPHER *const *ap,
const SSL_CIPHER *const *bp)
{
- long l;
-
- l = (*ap)->id - (*bp)->id;
- if (l == 0L)
- return (0);
- else
- return ((l > 0) ? 1 : -1);
+ if ((*ap)->id > (*bp)->id)
+ return 1;
+ if ((*ap)->id < (*bp)->id)
+ return -1;
+ return 0;
}
/** return a STACK of the ciphers available for the SSL and in order of
return 1;
}
-/* works well for SSLv2, not so good for SSLv3 */
char *SSL_get_shared_ciphers(const SSL *s, char *buf, int len)
{
char *p;
{
OPENSSL_free(ctx->alpn_client_proto_list);
ctx->alpn_client_proto_list = OPENSSL_malloc(protos_len);
- if (!ctx->alpn_client_proto_list)
+ if (ctx->alpn_client_proto_list == NULL)
return 1;
memcpy(ctx->alpn_client_proto_list, protos, protos_len);
ctx->alpn_client_proto_list_len = protos_len;
{
OPENSSL_free(ssl->alpn_client_proto_list);
ssl->alpn_client_proto_list = OPENSSL_malloc(protos_len);
- if (!ssl->alpn_client_proto_list)
+ if (ssl->alpn_client_proto_list == NULL)
return 1;
memcpy(ssl->alpn_client_proto_list, protos, protos_len);
ssl->alpn_client_proto_list_len = protos_len;
}
ret->param = X509_VERIFY_PARAM_new();
- if (!ret->param)
+ if (ret->param == NULL)
goto err;
if ((ret->md5 = EVP_get_digestbyname("ssl3-md5")) == NULL) {
ctx->default_passwd_callback_userdata = u;
}
+void SSL_set_default_passwd_cb(SSL *s, pem_password_cb *cb)
+{
+ s->default_passwd_callback = cb;
+}
+
+void SSL_set_default_passwd_cb_userdata(SSL *s, void *u)
+{
+ s->default_passwd_callback_userdata = u;
+}
+
void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx,
int (*cb) (X509_STORE_CTX *, void *),
void *arg)
{
s->server = 1;
s->shutdown = 0;
- statem_clear(s);
+ ossl_statem_clear(s);
s->handshake_func = s->method->ssl_accept;
clear_ciphers(s);
}
{
s->server = 0;
s->shutdown = 0;
- statem_clear(s);
+ ossl_statem_clear(s);
s->handshake_func = s->method->ssl_connect;
clear_ciphers(s);
}
return (NULL);
ret->version = s->version;
- ret->type = s->type;
ret->method = s->method;
if (s->session != NULL) {
ret->wbio = ret->rbio;
}
ret->rwstate = s->rwstate;
- ret->in_handshake = s->in_handshake;
ret->handshake_func = s->handshake_func;
ret->server = s->server;
ret->renegotiate = s->renegotiate;
* ret->init_off */
ret->hit = s->hit;
+ ret->default_passwd_callback = s->default_passwd_callback;
+ ret->default_passwd_callback_userdata = s->default_passwd_callback_userdata;
+
X509_VERIFY_PARAM_inherit(ret->param, s->param);
/* dup the cipher_list and cipher_list_by_id stacks */
{
ssl_clear_hash_ctx(hash);
*hash = EVP_MD_CTX_create();
- if (md)
- EVP_DigestInit_ex(*hash, md, NULL);
+ if (*hash == NULL || (md && EVP_DigestInit_ex(*hash, md, NULL) <= 0)) {
+ EVP_MD_CTX_destroy(*hash);
+ *hash = NULL;
+ return NULL;
+ }
return *hash;
}
projects / openssl.git / blobdiff