#include <openssl/x509v3.h>
#include <openssl/rand.h>
#include <openssl/ocsp.h>
-#ifndef OPENSSL_NO_DH
-# include <openssl/dh.h>
-#endif
-#ifndef OPENSSL_NO_ENGINE
-# include <openssl/engine.h>
-#endif
+#include <openssl/dh.h>
+#include <openssl/engine.h>
#include <openssl/async.h>
-#ifndef OPENSSL_NO_CT
-# include <openssl/ct.h>
-#endif
+#include <openssl/ct.h>
const char SSL_version_str[] = OPENSSL_VERSION_TEXT;
s->split_send_fragment = s->max_send_fragment;
return 1;
case SSL_CTRL_SET_SPLIT_SEND_FRAGMENT:
- if (larg > s->max_send_fragment || larg == 0)
+ if ((unsigned int)larg > s->max_send_fragment || larg == 0)
return 0;
s->split_send_fragment = larg;
return 1;
ctx->split_send_fragment = ctx->split_send_fragment;
return 1;
case SSL_CTRL_SET_SPLIT_SEND_FRAGMENT:
- if (larg > ctx->max_send_fragment || larg == 0)
+ if ((unsigned int)larg > ctx->max_send_fragment || larg == 0)
return 0;
ctx->split_send_fragment = larg;
return 1;
return (0);
}
-SSL_METHOD *ssl_bad_method(int ver)
+const SSL_METHOD *ssl_bad_method(int ver)
{
SSLerr(SSL_F_SSL_BAD_METHOD, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return (NULL);
}
-const char *SSL_get_version(const SSL *s)
-{
- if (s->version == TLS1_2_VERSION)
- return ("TLSv1.2");
- else if (s->version == TLS1_1_VERSION)
- return ("TLSv1.1");
- else if (s->version == TLS1_VERSION)
- return ("TLSv1");
- else if (s->version == SSL3_VERSION)
- return ("SSLv3");
- else if (s->version == DTLS1_BAD_VER)
- return ("DTLSv0.9");
- else if (s->version == DTLS1_VERSION)
- return ("DTLSv1");
- else if (s->version == DTLS1_2_VERSION)
- return ("DTLSv1.2");
+const char *ssl_protocol_to_string(int version)
+{
+ if (version == TLS1_2_VERSION)
+ return "TLSv1.2";
+ else if (version == TLS1_1_VERSION)
+ return "TLSv1.1";
+ else if (version == TLS1_VERSION)
+ return "TLSv1";
+ else if (version == SSL3_VERSION)
+ return "SSLv3";
+ else if (version == DTLS1_BAD_VER)
+ return "DTLSv0.9";
+ else if (version == DTLS1_VERSION)
+ return "DTLSv1";
+ else if (version == DTLS1_2_VERSION)
+ return "DTLSv1.2";
else
return ("unknown");
}
+const char *SSL_get_version(const SSL *s)
+{
+ return ssl_protocol_to_string(s->version);
+}
+
SSL *SSL_dup(SSL *s)
{
STACK_OF(X509_NAME) *sk;
}
void SSL_set_security_callback(SSL *s,
- int (*cb) (SSL *s, SSL_CTX *ctx, int op,
+ int (*cb) (const SSL *s, const SSL_CTX *ctx, int op,
int bits, int nid, void *other,
void *ex))
{
s->cert->sec_cb = cb;
}
-int (*SSL_get_security_callback(const SSL *s)) (SSL *s, SSL_CTX *ctx, int op,
+int (*SSL_get_security_callback(const SSL *s)) (const SSL *s, const SSL_CTX *ctx, int op,
int bits, int nid,
void *other, void *ex) {
return s->cert->sec_cb;
}
void SSL_CTX_set_security_callback(SSL_CTX *ctx,
- int (*cb) (SSL *s, SSL_CTX *ctx, int op,
+ int (*cb) (const SSL *s, const SSL_CTX *ctx, int op,
int bits, int nid, void *other,
void *ex))
{
ctx->cert->sec_cb = cb;
}
-int (*SSL_CTX_get_security_callback(const SSL_CTX *ctx)) (SSL *s,
- SSL_CTX *ctx,
+int (*SSL_CTX_get_security_callback(const SSL_CTX *ctx)) (const SSL *s,
+ const SSL_CTX *ctx,
int op, int bits,
int nid,
void *other,
int SSL_CTX_set_default_ctlog_list_file(SSL_CTX *ctx)
{
- int ret = CTLOG_STORE_load_default_file(ctx->ctlog_store);
-
- /* Clear any errors if the default file does not exist */
- ERR_clear_error();
- return ret;
+ return CTLOG_STORE_load_default_file(ctx->ctlog_store);
}
int SSL_CTX_set_ctlog_list_file(SSL_CTX *ctx, const char *path)
return CTLOG_STORE_load_file(ctx->ctlog_store, path);
}
+void SSL_CTX_set0_ctlog_store(SSL_CTX *ctx, CTLOG_STORE *logs)
+{
+ CTLOG_STORE_free(ctx->ctlog_store);
+ ctx->ctlog_store = logs;
+}
+
+const CTLOG_STORE *SSL_CTX_get0_ctlog_store(const SSL_CTX *ctx)
+{
+ return ctx->ctlog_store;
+}
+
#endif