s->first_packet = 0;
-#if 1
/*
* Check to see if we were changed into a different method, if so, revert
* back if we are not doing session-id reuse.
if (!s->method->ssl_new(s))
return (0);
} else
-#endif
s->method->ssl_clear(s);
return (1);
}
if (s->tlsext_ellipticcurvelist)
OPENSSL_free(s->tlsext_ellipticcurvelist);
# endif /* OPENSSL_NO_EC */
- if (s->tlsext_opaque_prf_input)
- OPENSSL_free(s->tlsext_opaque_prf_input);
if (s->tlsext_ocsp_exts)
sk_X509_EXTENSION_pop_free(s->tlsext_ocsp_exts, X509_EXTENSION_free);
if (s->tlsext_ocsp_ids)
return (int)s->cert->ciphers_rawlen;
} else
return ssl_put_cipher_by_char(s, NULL, NULL);
+ case SSL_CTRL_GET_EXTMS_SUPPORT:
+ if (!s->session || SSL_in_init(s) || s->in_handshake)
+ return -1;
+ if (s->session->flags & SSL_SESS_FLAG_EXTMS)
+ return 1;
+ else
+ return 0;
default:
return (s->method->ssl_ctrl(s, cmd, larg, parg));
}
*hash = NULL;
}
+/* Retrieve handshake hashes */
+int ssl_handshake_hash(SSL *s, unsigned char *out, int outlen)
+{
+ unsigned char *p = out;
+ int idx, ret = 0;
+ long mask;
+ EVP_MD_CTX ctx;
+ const EVP_MD *md;
+ EVP_MD_CTX_init(&ctx);
+ for (idx = 0; ssl_get_handshake_digest(idx, &mask, &md); idx++) {
+ if (mask & ssl_get_algorithm2(s)) {
+ int hashsize = EVP_MD_size(md);
+ EVP_MD_CTX *hdgst = s->s3->handshake_dgst[idx];
+ if (!hdgst || hashsize < 0 || hashsize > outlen)
+ goto err;
+ if (!EVP_MD_CTX_copy_ex(&ctx, hdgst))
+ goto err;
+ if (!EVP_DigestFinal_ex(&ctx, p, NULL))
+ goto err;
+ p += hashsize;
+ outlen -= hashsize;
+ }
+ }
+ ret = p - out;
+ err:
+ EVP_MD_CTX_cleanup(&ctx);
+ return ret;
+}
+
void SSL_set_debug(SSL *s, int debug)
{
s->debug = debug;
return ctx->cert->sec_ex;
}
-IMPLEMENT_STACK_OF(SSL_CIPHER)
-
-IMPLEMENT_STACK_OF(SSL_COMP)
-
IMPLEMENT_OBJ_BSEARCH_GLOBAL_CMP_FN(SSL_CIPHER, SSL_CIPHER, ssl_cipher_id);