s->first_packet = 0;
-#if 1
/*
* Check to see if we were changed into a different method, if so, revert
* back if we are not doing session-id reuse.
if (!s->method->ssl_new(s))
return (0);
} else
-#endif
s->method->ssl_clear(s);
return (1);
}
if (s->tlsext_ellipticcurvelist)
OPENSSL_free(s->tlsext_ellipticcurvelist);
# endif /* OPENSSL_NO_EC */
- if (s->tlsext_opaque_prf_input)
- OPENSSL_free(s->tlsext_opaque_prf_input);
if (s->tlsext_ocsp_exts)
sk_X509_EXTENSION_pop_free(s->tlsext_ocsp_exts, X509_EXTENSION_free);
if (s->tlsext_ocsp_ids)
return (int)s->cert->ciphers_rawlen;
} else
return ssl_put_cipher_by_char(s, NULL, NULL);
+ case SSL_CTRL_GET_EXTMS_SUPPORT:
+ if (!s->session || SSL_in_init(s) || s->in_handshake)
+ return -1;
+ if (s->session->flags & SSL_SESS_FLAG_EXTMS)
+ return 1;
+ else
+ return 0;
default:
return (s->method->ssl_ctrl(s, cmd, larg, parg));
}
#ifndef OPENSSL_NO_SRP
SSL_CTX_SRP_CTX_init(ret);
#endif
-#ifndef OPENSSL_NO_BUF_FREELISTS
- ret->freelist_max_len = SSL_MAX_BUF_FREELIST_LEN_DEFAULT;
- ret->rbuf_freelist = OPENSSL_malloc(sizeof(SSL3_BUF_FREELIST));
- if (!ret->rbuf_freelist)
- goto err;
- ret->rbuf_freelist->chunklen = 0;
- ret->rbuf_freelist->len = 0;
- ret->rbuf_freelist->head = NULL;
- ret->wbuf_freelist = OPENSSL_malloc(sizeof(SSL3_BUF_FREELIST));
- if (!ret->wbuf_freelist) {
- OPENSSL_free(ret->rbuf_freelist);
- goto err;
- }
- ret->wbuf_freelist->chunklen = 0;
- ret->wbuf_freelist->len = 0;
- ret->wbuf_freelist->head = NULL;
-#endif
#ifndef OPENSSL_NO_ENGINE
ret->client_cert_engine = NULL;
# ifdef OPENSSL_SSL_CLIENT_ENGINE_AUTO
return (NULL);
}
-#if 0
-static void SSL_COMP_free(SSL_COMP *comp)
-{
- OPENSSL_free(comp);
-}
-#endif
-
-#ifndef OPENSSL_NO_BUF_FREELISTS
-static void ssl_buf_freelist_free(SSL3_BUF_FREELIST *list)
-{
- SSL3_BUF_FREELIST_ENTRY *ent, *next;
- for (ent = list->head; ent; ent = next) {
- next = ent->next;
- OPENSSL_free(ent);
- }
- OPENSSL_free(list);
-}
-#endif
-
void SSL_CTX_free(SSL_CTX *a)
{
int i;
ENGINE_finish(a->client_cert_engine);
#endif
-#ifndef OPENSSL_NO_BUF_FREELISTS
- if (a->wbuf_freelist)
- ssl_buf_freelist_free(a->wbuf_freelist);
- if (a->rbuf_freelist)
- ssl_buf_freelist_free(a->rbuf_freelist);
-#endif
#ifndef OPENSSL_NO_TLSEXT
# ifndef OPENSSL_NO_EC
if (a->tlsext_ecpointformatlist)
*hash = NULL;
}
+/* Retrieve handshake hashes */
+int ssl_handshake_hash(SSL *s, unsigned char *out, int outlen)
+{
+ unsigned char *p = out;
+ int idx, ret = 0;
+ long mask;
+ EVP_MD_CTX ctx;
+ const EVP_MD *md;
+ EVP_MD_CTX_init(&ctx);
+ for (idx = 0; ssl_get_handshake_digest(idx, &mask, &md); idx++) {
+ if (mask & ssl_get_algorithm2(s)) {
+ int hashsize = EVP_MD_size(md);
+ EVP_MD_CTX *hdgst = s->s3->handshake_dgst[idx];
+ if (!hdgst || hashsize < 0 || hashsize > outlen)
+ goto err;
+ if (!EVP_MD_CTX_copy_ex(&ctx, hdgst))
+ goto err;
+ if (!EVP_DigestFinal_ex(&ctx, p, NULL))
+ goto err;
+ p += hashsize;
+ outlen -= hashsize;
+ }
+ }
+ ret = p - out;
+ err:
+ EVP_MD_CTX_cleanup(&ctx);
+ return ret;
+}
+
void SSL_set_debug(SSL *s, int debug)
{
s->debug = debug;
return ctx->cert->sec_ex;
}
-IMPLEMENT_STACK_OF(SSL_CIPHER)
-
-IMPLEMENT_STACK_OF(SSL_COMP)
-
IMPLEMENT_OBJ_BSEARCH_GLOBAL_CMP_FN(SSL_CIPHER, SSL_CIPHER, ssl_cipher_id);