Remove some unnecessary OPENSSL_FIPS references

[openssl.git] / ssl / ssl_lib.c

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index d529b8541f65d5908b34ea310ba2212a2d179a0f..743204cd153b027a8b7979f25f30c8d0d1a53947 100644 (file)
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -263,7 +263,7 @@ int SSL_CTX_set_ssl_version(SSL_CTX *ctx,const SSL_METHOD *meth)
 
        sk=ssl_create_cipher_list(ctx->method,&(ctx->cipher_list),
                &(ctx->cipher_list_by_id),
-               meth->version == SSL2_VERSION ? "SSLv2" : SSL_DEFAULT_CIPHER_LIST, ctx->cert);
+               SSL_DEFAULT_CIPHER_LIST, ctx->cert);
        if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0))
                {
                SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION,SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
@@ -382,6 +382,17 @@ SSL *SSL_new(SSL_CTX *ctx)
 # ifndef OPENSSL_NO_NEXTPROTONEG
        s->next_proto_negotiated = NULL;
 # endif
+
+       if (s->ctx->alpn_client_proto_list)
+               {
+               s->alpn_client_proto_list =
+                       OPENSSL_malloc(s->ctx->alpn_client_proto_list_len);
+               if (s->alpn_client_proto_list == NULL)
+                       goto err;
+               memcpy(s->alpn_client_proto_list, s->ctx->alpn_client_proto_list,
+                      s->ctx->alpn_client_proto_list_len);
+               s->alpn_client_proto_list_len = s->ctx->alpn_client_proto_list_len;
+               }
 #endif
 
        s->verify_result=X509_V_OK;
@@ -477,17 +488,6 @@ int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
        r.ssl_version = ssl->version;
        r.session_id_length = id_len;
        memcpy(r.session_id, id, id_len);
-       /* NB: SSLv2 always uses a fixed 16-byte session ID, so even if a
-        * callback is calling us to check the uniqueness of a shorter ID, it
-        * must be compared as a padded-out ID because that is what it will be
-        * converted to when the callback has finished choosing it. */
-       if((r.ssl_version == SSL2_VERSION) &&
-                       (id_len < SSL2_SSL_SESSION_ID_LENGTH))
-               {
-               memset(r.session_id + id_len, 0,
-                       SSL2_SSL_SESSION_ID_LENGTH - id_len);
-               r.session_id_length = SSL2_SSL_SESSION_ID_LENGTH;
-               }
 
        CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
        p = lh_SSL_SESSION_retrieve(ssl->ctx->sessions, &r);
@@ -525,6 +525,16 @@ int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm)
        return X509_VERIFY_PARAM_set1(ssl->param, vpm);
        }
 
+X509_VERIFY_PARAM *SSL_CTX_get0_param(SSL_CTX *ctx)
+       {
+       return ctx->param;
+       }
+
+X509_VERIFY_PARAM *SSL_get0_param(SSL *ssl)
+       {
+       return ssl->param;
+       }
+
 void SSL_certs_clear(SSL *s)
        {
        ssl_cert_clear_certs(s->cert);
@@ -606,6 +616,8 @@ void SSL_free(SSL *s)
                sk_OCSP_RESPID_pop_free(s->tlsext_ocsp_ids, OCSP_RESPID_free);
        if (s->tlsext_ocsp_resp)
                OPENSSL_free(s->tlsext_ocsp_resp);
+       if (s->alpn_client_proto_list)
+               OPENSSL_free(s->alpn_client_proto_list);
 #endif
 
        if (s->client_CA != NULL)
@@ -1106,19 +1118,6 @@ long SSL_ctrl(SSL *s,int cmd,long larg,void *parg)
                l=s->max_cert_list;
                s->max_cert_list=larg;
                return(l);
-       case SSL_CTRL_SET_MTU:
-#ifndef OPENSSL_NO_DTLS1
-               if (larg < (long)dtls1_min_mtu())
-                       return 0;
-#endif
-
-               if (SSL_version(s) == DTLS1_VERSION ||
-                   SSL_version(s) == DTLS1_BAD_VER)
-                       {
-                       s->d1->mtu = larg;
-                       return larg;
-                       }
-               return 0;
        case SSL_CTRL_SET_MAX_SEND_FRAGMENT:
                if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH)
                        return 0;
@@ -1174,8 +1173,10 @@ long SSL_CTX_ctrl(SSL_CTX *ctx,int cmd,long larg,void *parg)
                {
                switch (cmd)
                        {
+#ifndef OPENSSL_NO_EC
                case SSL_CTRL_SET_CURVES_LIST:
                        return tls1_set_curves_list(NULL, NULL, parg);
+#endif
                case SSL_CTRL_SET_SIGALGS_LIST:
                case SSL_CTRL_SET_CLIENT_SIGALGS_LIST:
                        return tls1_set_sigalgs_list(NULL, parg, 0);
@@ -1318,6 +1319,33 @@ STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s)
        return(NULL);
        }
 
+STACK_OF(SSL_CIPHER) *SSL_get1_supported_ciphers(SSL *s)
+       {
+       STACK_OF(SSL_CIPHER) *sk = NULL, *ciphers;
+       int i;
+       ciphers = SSL_get_ciphers(s);
+       if (!ciphers)
+               return NULL;
+       ssl_set_client_disabled(s);
+       for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++)
+               {
+               const SSL_CIPHER *c = sk_SSL_CIPHER_value(ciphers, i);
+               if (!ssl_cipher_disabled(s, c, SSL_SECOP_CIPHER_SUPPORTED))
+                       {
+                       if (!sk)
+                               sk = sk_SSL_CIPHER_new_null();
+                       if (!sk)
+                               return NULL;
+                       if (!sk_SSL_CIPHER_push(sk, c))
+                               {
+                               sk_SSL_CIPHER_free(sk);
+                               return NULL;
+                               }
+                       }
+               }
+       return sk;
+       }
+
 /** return a STACK of the ciphers available for the SSL and in order of
  * algorithm id */
 STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s)
@@ -1408,6 +1436,10 @@ char *SSL_get_shared_ciphers(const SSL *s,char *buf,int len)
 
        p=buf;
        sk=s->session->ciphers;
+
+       if (sk_SSL_CIPHER_num(sk) == 0)
+               return NULL;
+
        for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
                {
                int n;
@@ -1435,49 +1467,59 @@ int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p,
        {
        int i,j=0;
        SSL_CIPHER *c;
-       CERT *ct = s->cert;
        unsigned char *q;
-       int no_scsv = s->renegotiate;
+       int empty_reneg_info_scsv = !s->renegotiate;
        /* Set disabled masks for this session */
        ssl_set_client_disabled(s);
 
        if (sk == NULL) return(0);
        q=p;
+       if (put_cb == NULL)
+               put_cb = s->method->put_cipher_by_char;
 
        for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
                {
                c=sk_SSL_CIPHER_value(sk,i);
                /* Skip disabled ciphers */
-               if (c->algorithm_ssl & ct->mask_ssl ||
-                       c->algorithm_mkey & ct->mask_k ||
-                       c->algorithm_auth & ct->mask_a)
+               if (ssl_cipher_disabled(s, c, SSL_SECOP_CIPHER_SUPPORTED))
                        continue;
 #ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL
                if (c->id == SSL3_CK_SCSV)
                        {
-                       if (no_scsv)
+                       if (!empty_reneg_info_scsv)
                                continue;
                        else
-                               no_scsv = 1;
+                               empty_reneg_info_scsv = 0;
                        }
 #endif
-               j = put_cb ? put_cb(c,p) : ssl_put_cipher_by_char(s,c,p);
+               j = put_cb(c,p);
                p+=j;
                }
-       /* If p == q, no ciphers and caller indicates an error. Otherwise
-        * add SCSV if not renegotiating.
-        */
-       if (p != q && !no_scsv)
+       /* If p == q, no ciphers; caller indicates an error.
+        * Otherwise, add applicable SCSVs. */
+       if (p != q)
                {
-               static SSL_CIPHER scsv =
+               if (empty_reneg_info_scsv)
                        {
-                       0, NULL, SSL3_CK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0
-                       };
-               j = put_cb ? put_cb(&scsv,p) : ssl_put_cipher_by_char(s,&scsv,p);
-               p+=j;
+                       static SSL_CIPHER scsv =
+                               {
+                               0, NULL, SSL3_CK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0
+                               };
+                       j = put_cb(&scsv,p);
+                       p+=j;
 #ifdef OPENSSL_RI_DEBUG
-               fprintf(stderr, "SCSV sent by client\n");
+                       fprintf(stderr, "TLS_EMPTY_RENEGOTIATION_INFO_SCSV sent by client\n");
 #endif
+                       }
+               if (s->mode & SSL_MODE_SEND_FALLBACK_SCSV)
+                       {
+                       static SSL_CIPHER scsv =
+                               {
+                               0, NULL, SSL3_CK_FALLBACK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0
+                               };
+                       j = put_cb(&scsv,p);
+                       p+=j;
+                       }
                }
 
        return(p-q);
@@ -1489,11 +1531,12 @@ STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num,
        const SSL_CIPHER *c;
        STACK_OF(SSL_CIPHER) *sk;
        int i,n;
+
        if (s->s3)
                s->s3->send_connection_binding = 0;
 
        n=ssl_put_cipher_by_char(s,NULL,NULL);
-       if ((num%n) != 0)
+       if (n == 0 || (num%n) != 0)
                {
                SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
                return(NULL);
@@ -1518,7 +1561,7 @@ STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num,
 
        for (i=0; i<num; i+=n)
                {
-               /* Check for SCSV */
+               /* Check for TLS_EMPTY_RENEGOTIATION_INFO_SCSV */
                if (s->s3 && (n != 3 || !p[0]) &&
                        (p[n-2] == ((SSL3_CK_SCSV >> 8) & 0xff)) &&
                        (p[n-1] == (SSL3_CK_SCSV & 0xff)))
@@ -1538,6 +1581,24 @@ STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num,
                        continue;
                        }
 
+               /* Check for TLS_FALLBACK_SCSV */
+               if ((n != 3 || !p[0]) &&
+                       (p[n-2] == ((SSL3_CK_FALLBACK_SCSV >> 8) & 0xff)) &&
+                       (p[n-1] == (SSL3_CK_FALLBACK_SCSV & 0xff)))
+                       {
+                       /* The SCSV indicates that the client previously tried a higher version.
+                        * Fail if the current version is an unexpected downgrade. */
+                       if (!SSL_ctrl(s, SSL_CTRL_CHECK_PROTO_VERSION, 0, NULL))
+                               {
+                               SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,SSL_R_INAPPROPRIATE_FALLBACK);
+                               if (s->s3)
+                                       ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_INAPPROPRIATE_FALLBACK);
+                               goto err;
+                               }
+                       p += n;
+                       continue;
+                       }
+
                c=ssl_get_cipher_by_char(s,p);
                p+=n;
                if (c != NULL)
@@ -1582,7 +1643,6 @@ int SSL_get_servername_type(const SSL *s)
        return -1;
        }
 
-# ifndef OPENSSL_NO_NEXTPROTONEG
 /* SSL_select_next_proto implements the standard protocol selection. It is
  * expected that this function is called from the callback set by
  * SSL_CTX_set_next_proto_select_cb.
@@ -1649,6 +1709,7 @@ int SSL_select_next_proto(unsigned char **out, unsigned char *outlen, const unsi
        return status;
        }
 
+# ifndef OPENSSL_NO_NEXTPROTONEG
 /* SSL_get0_next_proto_negotiated sets *data and *len to point to the client's
  * requested protocol for this connection and returns 0. If the client didn't
  * request any protocol, then *data is set to NULL.
@@ -1698,7 +1759,80 @@ void SSL_CTX_set_next_proto_select_cb(SSL_CTX *ctx, int (*cb) (SSL *s, unsigned
        ctx->next_proto_select_cb_arg = arg;
        }
 # endif
-#endif
+
+/* SSL_CTX_set_alpn_protos sets the ALPN protocol list on |ctx| to |protos|.
+ * |protos| must be in wire-format (i.e. a series of non-empty, 8-bit
+ * length-prefixed strings).
+ *
+ * Returns 0 on success. */
+int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char* protos,
+                           unsigned protos_len)
+       {
+       if (ctx->alpn_client_proto_list)
+               OPENSSL_free(ctx->alpn_client_proto_list);
+
+       ctx->alpn_client_proto_list = OPENSSL_malloc(protos_len);
+       if (!ctx->alpn_client_proto_list)
+               return 1;
+       memcpy(ctx->alpn_client_proto_list, protos, protos_len);
+       ctx->alpn_client_proto_list_len = protos_len;
+
+       return 0;
+       }
+
+/* SSL_set_alpn_protos sets the ALPN protocol list on |ssl| to |protos|.
+ * |protos| must be in wire-format (i.e. a series of non-empty, 8-bit
+ * length-prefixed strings).
+ *
+ * Returns 0 on success. */
+int SSL_set_alpn_protos(SSL *ssl, const unsigned char* protos,
+                       unsigned protos_len)
+       {
+       if (ssl->alpn_client_proto_list)
+               OPENSSL_free(ssl->alpn_client_proto_list);
+
+       ssl->alpn_client_proto_list = OPENSSL_malloc(protos_len);
+       if (!ssl->alpn_client_proto_list)
+               return 1;
+       memcpy(ssl->alpn_client_proto_list, protos, protos_len);
+       ssl->alpn_client_proto_list_len = protos_len;
+
+       return 0;
+       }
+
+/* SSL_CTX_set_alpn_select_cb sets a callback function on |ctx| that is called
+ * during ClientHello processing in order to select an ALPN protocol from the
+ * client's list of offered protocols. */
+void SSL_CTX_set_alpn_select_cb(SSL_CTX* ctx,
+                               int (*cb) (SSL *ssl,
+                                          const unsigned char **out,
+                                          unsigned char *outlen,
+                                          const unsigned char *in,
+                                          unsigned int inlen,
+                                          void *arg),
+                               void *arg)
+       {
+       ctx->alpn_select_cb = cb;
+       ctx->alpn_select_cb_arg = arg;
+       }
+
+/* SSL_get0_alpn_selected gets the selected ALPN protocol (if any) from |ssl|.
+ * On return it sets |*data| to point to |*len| bytes of protocol name (not
+ * including the leading length-prefix byte). If the server didn't respond with
+ * a negotiated protocol then |*len| will be zero. */
+void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
+                           unsigned *len)
+       {
+       *data = NULL;
+       if (ssl->s3)
+               *data = ssl->s3->alpn_selected;
+       if (*data == NULL)
+               *len = 0;
+       else
+               *len = ssl->s3->alpn_selected_len;
+       }
+
+#endif /* !OPENSSL_NO_TLSEXT */
 
 int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
        const char *label, size_t llen, const unsigned char *p, size_t plen,
@@ -1755,13 +1889,11 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
                return(NULL);
                }
 
-#ifdef OPENSSL_FIPS
        if (FIPS_mode() && (meth->version < TLS1_VERSION))      
                {
                SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
                return NULL;
                }
-#endif
 
        if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0)
                {
@@ -1798,7 +1930,6 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
 /*     ret->cipher=NULL;*/
 /*     ret->s2->challenge=NULL;
        ret->master_key=NULL;
-       ret->key_arg=NULL;
        ret->s2->conn_id=NULL; */
 
        ret->info_callback=NULL;
@@ -1832,7 +1963,7 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
 
        ssl_create_cipher_list(ret->method,
                &ret->cipher_list,&ret->cipher_list_by_id,
-               meth->version == SSL2_VERSION ? "SSLv2" : SSL_DEFAULT_CIPHER_LIST, ret->cert);
+               SSL_DEFAULT_CIPHER_LIST, ret->cert);
        if (ret->cipher_list == NULL
            || sk_SSL_CIPHER_num(ret->cipher_list) <= 0)
                {
@@ -1844,11 +1975,6 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
        if (!ret->param)
                goto err;
 
-       if ((ret->rsa_md5=EVP_get_digestbyname("ssl2-md5")) == NULL)
-               {
-               SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES);
-               goto err2;
-               }
        if ((ret->md5=EVP_get_digestbyname("ssl3-md5")) == NULL)
                {
                SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES);
@@ -1866,7 +1992,9 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
        CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ret, &ret->ex_data);
 
        ret->extra_certs=NULL;
-       ret->comp_methods=SSL_COMP_get_compression_methods();
+       /* No compression for DTLS */
+       if (!(meth->ssl3_enc->enc_flags & SSL_ENC_FLAG_DTLS))
+               ret->comp_methods=SSL_COMP_get_compression_methods();
 
        ret->max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH;
 
@@ -2051,6 +2179,8 @@ void SSL_CTX_free(SSL_CTX *a)
        if (a->tlsext_ellipticcurvelist)
                OPENSSL_free(a->tlsext_ellipticcurvelist);
 # endif /* OPENSSL_NO_EC */
+       if (a->alpn_client_proto_list != NULL)
+               OPENSSL_free(a->alpn_client_proto_list);
 #endif
 
        OPENSSL_free(a);
@@ -2100,14 +2230,17 @@ void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
        int rsa_enc_export,dh_rsa_export,dh_dsa_export;
        int rsa_tmp_export,dh_tmp_export,kl;
        unsigned long mask_k,mask_a,emask_k,emask_a;
-       int have_ecc_cert, ecdh_ok, ecdsa_ok, ecc_pkey_size;
+#ifndef OPENSSL_NO_ECDSA
+       int have_ecc_cert, ecdsa_ok, ecc_pkey_size;
+#endif
 #ifndef OPENSSL_NO_ECDH
-       int have_ecdh_tmp;
+       int have_ecdh_tmp, ecdh_ok;
 #endif
+#ifndef OPENSSL_NO_EC
        X509 *x = NULL;
        EVP_PKEY *ecc_pkey = NULL;
        int signature_nid = 0, pk_nid = 0, md_nid = 0;
-
+#endif
        if (c == NULL) return;
 
        kl=SSL_C_EXPORT_PKEYLENGTH(cipher);
@@ -2120,8 +2253,8 @@ void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
        rsa_tmp=rsa_tmp_export=0;
 #endif
 #ifndef OPENSSL_NO_DH
-       dh_tmp=(c->dh_tmp != NULL || c->dh_tmp_cb != NULL);
-       dh_tmp_export=(c->dh_tmp_cb != NULL ||
+       dh_tmp=(c->dh_tmp != NULL || c->dh_tmp_cb != NULL || c->dh_tmp_auto);
+       dh_tmp_export= !c->dh_tmp_auto && (c->dh_tmp_cb != NULL ||
                (dh_tmp && DH_size(c->dh_tmp)*8 <= kl));
 #else
        dh_tmp=dh_tmp_export=0;
@@ -2145,7 +2278,9 @@ void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
        dh_dsa=  cpk->valid_flags & CERT_PKEY_VALID;
        dh_dsa_export=(dh_dsa && EVP_PKEY_size(cpk->privatekey)*8 <= kl);
        cpk= &(c->pkeys[SSL_PKEY_ECC]);
+#ifndef OPENSSL_NO_EC
        have_ecc_cert= cpk->valid_flags & CERT_PKEY_VALID;
+#endif
        mask_k=0;
        mask_a=0;
        emask_k=0;
@@ -2176,20 +2311,20 @@ void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
                emask_k|=SSL_kRSA;
 
 #if 0
-       /* The match needs to be both kEDH and aRSA or aDSA, so don't worry */
+       /* The match needs to be both kDHE and aRSA or aDSA, so don't worry */
        if (    (dh_tmp || dh_rsa || dh_dsa) &&
                (rsa_enc || rsa_sign || dsa_sign))
-               mask_k|=SSL_kEDH;
+               mask_k|=SSL_kDHE;
        if ((dh_tmp_export || dh_rsa_export || dh_dsa_export) &&
                (rsa_enc || rsa_sign || dsa_sign))
-               emask_k|=SSL_kEDH;
+               emask_k|=SSL_kDHE;
 #endif
 
        if (dh_tmp_export)
-               emask_k|=SSL_kEDH;
+               emask_k|=SSL_kDHE;
 
        if (dh_tmp)
-               mask_k|=SSL_kEDH;
+               mask_k|=SSL_kDHE;
 
        if (dh_rsa) mask_k|=SSL_kDHr;
        if (dh_rsa_export) emask_k|=SSL_kDHr;
@@ -2225,6 +2360,7 @@ void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
        /* An ECC certificate may be usable for ECDH and/or
         * ECDSA cipher suites depending on the key usage extension.
         */
+#ifndef OPENSSL_NO_EC
        if (have_ecc_cert)
                {
                cpk = &c->pkeys[SSL_PKEY_ECC];
@@ -2281,12 +2417,13 @@ void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
                        }
 #endif
                }
+#endif
 
 #ifndef OPENSSL_NO_ECDH
        if (have_ecdh_tmp)
                {
-               mask_k|=SSL_kEECDH;
-               emask_k|=SSL_kEECDH;
+               mask_k|=SSL_kECDHE;
+               emask_k|=SSL_kECDHE;
                }
 #endif
 
@@ -2398,13 +2535,15 @@ CERT_PKEY *ssl_get_server_send_pkey(const SSL *s)
        int i;
 
        c = s->cert;
+       if (!s->s3 || !s->s3->tmp.new_cipher)
+               return NULL;
        ssl_set_cert_masks(c, s->s3->tmp.new_cipher);
 
 #ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL
        /* Broken protocol test: return last used certificate: which may
         * mismatch the one expected.
         */
-       if (c->cert_flags & SSL_CERT_FLAG_BROKEN_PROTCOL)
+       if (c->cert_flags & SSL_CERT_FLAG_BROKEN_PROTOCOL)
                return c->key;
 #endif
 
@@ -2431,7 +2570,7 @@ EVP_PKEY *ssl_get_sign_pkey(SSL *s,const SSL_CIPHER *cipher, const EVP_MD **pmd)
        /* Broken protocol test: use last key: which may
         * mismatch the one expected.
         */
-       if (c->cert_flags & SSL_CERT_FLAG_BROKEN_PROTCOL)
+       if (c->cert_flags & SSL_CERT_FLAG_BROKEN_PROTOCOL)
                idx = c->key - c->pkeys;
        else
 #endif
@@ -2460,23 +2599,24 @@ EVP_PKEY *ssl_get_sign_pkey(SSL *s,const SSL_CIPHER *cipher, const EVP_MD **pmd)
        }
 
 #ifndef OPENSSL_NO_TLSEXT
-unsigned char *ssl_get_authz_data(SSL *s, size_t *authz_length)
+int ssl_get_server_cert_serverinfo(SSL *s, const unsigned char **serverinfo,
+                                  size_t *serverinfo_length)
        {
-       CERT *c;
-       int i;
+       CERT *c = NULL;
+       int i = 0;
+       *serverinfo_length = 0;
 
        c = s->cert;
        i = ssl_get_server_cert_index(s);
 
        if (i == -1)
-               return NULL;
-
-       *authz_length = 0;
-       if (c->pkeys[i].authz == NULL)
-               return(NULL);
-       *authz_length = c->pkeys[i].authz_length;
+               return 0;
+       if (c->pkeys[i].serverinfo == NULL)
+               return 0;
 
-       return c->pkeys[i].authz;
+       *serverinfo = c->pkeys[i].serverinfo;
+       *serverinfo_length = c->pkeys[i].serverinfo_length;
+       return 1;
        }
 #endif
 
@@ -2512,6 +2652,11 @@ void ssl_update_cache(SSL *s,int mode)
                }
        }
 
+const SSL_METHOD *SSL_CTX_get_ssl_method(SSL_CTX *ctx)
+       {
+       return ctx->method;
+       }
+
 const SSL_METHOD *SSL_get_ssl_method(SSL *s)
        {
        return(s->method);
@@ -2616,17 +2761,9 @@ int SSL_get_error(const SSL *s,int i)
 
        if (i == 0)
                {
-               if (s->version == SSL2_VERSION)
-                       {
-                       /* assume it is the socket being closed */
+               if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) &&
+                       (s->s3->warn_alert == SSL_AD_CLOSE_NOTIFY))
                        return(SSL_ERROR_ZERO_RETURN);
-                       }
-               else
-                       {
-                       if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) &&
-                               (s->s3->warn_alert == SSL_AD_CLOSE_NOTIFY))
-                               return(SSL_ERROR_ZERO_RETURN);
-                       }
                }
        return(SSL_ERROR_SYSCALL);
        }
@@ -2710,8 +2847,6 @@ const char *SSL_get_version(const SSL *s)
                return("TLSv1");
        else if (s->version == SSL3_VERSION)
                return("SSLv3");
-       else if (s->version == SSL2_VERSION)
-               return("SSLv2");
        else
                return("unknown");
        }
@@ -2875,7 +3010,6 @@ void ssl_clear_cipher_ctx(SSL *s)
 #endif
        }
 
-/* Fix this function so that it takes an optional type parameter */
 X509 *SSL_get_certificate(const SSL *s)
        {
        if (s->cert != NULL)
@@ -2884,8 +3018,7 @@ X509 *SSL_get_certificate(const SSL *s)
                return(NULL);
        }
 
-/* Fix this function so that it takes an optional type parameter */
-EVP_PKEY *SSL_get_privatekey(SSL *s)
+EVP_PKEY *SSL_get_privatekey(const SSL *s)
        {
        if (s->cert != NULL)
                return(s->cert->key->privatekey);
@@ -2893,6 +3026,22 @@ EVP_PKEY *SSL_get_privatekey(SSL *s)
                return(NULL);
        }
 
+X509 *SSL_CTX_get0_certificate(const SSL_CTX *ctx)
+       {
+       if (ctx->cert != NULL)
+               return ctx->cert->key->x509;
+       else
+               return NULL;
+       }
+
+EVP_PKEY *SSL_CTX_get0_privatekey(const SSL_CTX *ctx)
+       {
+       if (ctx->cert != NULL)
+               return ctx->cert->key->privatekey;
+       else
+               return NULL ;
+       }
+
 const SSL_CIPHER *SSL_get_current_cipher(const SSL *s)
        {
        if ((s->session != NULL) && (s->session->cipher != NULL))
@@ -3019,15 +3168,28 @@ SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl)
 
 SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX* ctx)
        {
+       CERT *ocert = ssl->cert;
        if (ssl->ctx == ctx)
                return ssl->ctx;
 #ifndef OPENSSL_NO_TLSEXT
        if (ctx == NULL)
                ctx = ssl->initial_ctx;
 #endif
-       if (ssl->cert != NULL)
-               ssl_cert_free(ssl->cert);
        ssl->cert = ssl_cert_dup(ctx->cert);
+       if (ocert)
+               {
+               /* Preserve any already negotiated parameters */
+               if (ssl->server)
+                       {
+                       ssl->cert->peer_sigalgs = ocert->peer_sigalgs;
+                       ssl->cert->peer_sigalgslen = ocert->peer_sigalgslen;
+                       ocert->peer_sigalgs = NULL;
+                       ssl->cert->ciphers_raw = ocert->ciphers_raw;
+                       ssl->cert->ciphers_rawlen = ocert->ciphers_rawlen;
+                       ocert->ciphers_raw = NULL;
+                       }
+               ssl_cert_free(ocert);
+               }
        CRYPTO_add(&ctx->references,1,CRYPTO_LOCK_SSL_CTX);
        if (ssl->ctx != NULL)
                SSL_CTX_free(ssl->ctx); /* decrement reference count */
@@ -3357,6 +3519,66 @@ int SSL_is_server(SSL *s)
        return s->server;
        }
 
+void SSL_set_security_level(SSL *s, int level)
+       {
+       s->cert->sec_level = level;
+       }
+
+int SSL_get_security_level(const SSL *s)
+       {
+       return s->cert->sec_level;
+       }
+
+void SSL_set_security_callback(SSL *s, int (*cb)(SSL *s, SSL_CTX *ctx, int op, int bits, int nid, void *other, void *ex))
+       {
+       s->cert->sec_cb = cb;
+       }
+
+int (*SSL_get_security_callback(const SSL *s))(SSL *s, SSL_CTX *ctx, int op, int bits, int nid, void *other, void *ex)
+       {
+       return s->cert->sec_cb;
+       }
+
+void SSL_set0_security_ex_data(SSL *s, void *ex)
+       {
+       s->cert->sec_ex = ex;
+       }
+
+void *SSL_get0_security_ex_data(const SSL *s)
+       {
+       return s->cert->sec_ex;
+       }
+
+void SSL_CTX_set_security_level(SSL_CTX *ctx, int level)
+       {
+       ctx->cert->sec_level = level;
+       }
+
+int SSL_CTX_get_security_level(const SSL_CTX *ctx)
+       {
+       return ctx->cert->sec_level;
+       }
+
+void SSL_CTX_set_security_callback(SSL_CTX *ctx, int (*cb)(SSL *s, SSL_CTX *ctx, int op, int bits, int nid, void *other, void *ex))
+       {
+       ctx->cert->sec_cb = cb;
+       }
+
+int (*SSL_CTX_get_security_callback(const SSL_CTX *ctx))(SSL *s, SSL_CTX *ctx, int op, int bits, int nid, void *other, void *ex)
+       {
+       return ctx->cert->sec_cb;
+       }
+
+void SSL_CTX_set0_security_ex_data(SSL_CTX *ctx, void *ex)
+       {
+       ctx->cert->sec_ex = ex;
+       }
+
+void *SSL_CTX_get0_security_ex_data(const SSL_CTX *ctx)
+       {
+       return ctx->cert->sec_ex;
+       }
+
 #if defined(_WINDLL) && defined(OPENSSL_SYS_WIN16)
 #include "../crypto/bio/bss_file.c"
 #endif