SSL_CONNECTION_IS_DTLS(s) ? DTLS_ANY_VERSION
: TLS_ANY_VERSION,
OSSL_RECORD_DIRECTION_READ,
- OSSL_RECORD_PROTECTION_LEVEL_NONE,
+ OSSL_RECORD_PROTECTION_LEVEL_NONE, NULL, 0,
NULL, 0, NULL, 0, NULL, 0, NULL, 0,
- NID_undef, NULL, NULL);
+ NID_undef, NULL, NULL, NULL);
ret &= ssl_set_new_record_layer(s,
SSL_CONNECTION_IS_DTLS(s) ? DTLS_ANY_VERSION
: TLS_ANY_VERSION,
OSSL_RECORD_DIRECTION_WRITE,
- OSSL_RECORD_PROTECTION_LEVEL_NONE,
+ OSSL_RECORD_PROTECTION_LEVEL_NONE, NULL, 0,
NULL, 0, NULL, 0, NULL, 0, NULL, 0,
- NID_undef, NULL, NULL);
+ NID_undef, NULL, NULL, NULL);
+
/* SSLfatal already called in the event of failure */
return ret;
}
* Check to see if we were changed into a different method, if so, revert
* back.
*/
- if (s->method != SSL_CONNECTION_GET_CTX(sc)->method) {
+ if (s->method != s->defltmeth) {
s->method->ssl_deinit(s);
- s->method = SSL_CONNECTION_GET_CTX(sc)->method;
+ s->method = s->defltmeth;
if (!s->method->ssl_init(s))
return 0;
} else {
return ctx->method->ssl_new(ctx);
}
-int ossl_ssl_init(SSL *ssl, SSL_CTX *ctx, int type)
+int ossl_ssl_init(SSL *ssl, SSL_CTX *ctx, const SSL_METHOD *method, int type)
{
ssl->type = type;
SSL_CTX_up_ref(ctx);
ssl->ctx = ctx;
- ssl->method = ctx->method;
+ ssl->defltmeth = ssl->method = method;
if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, ssl, &ssl->ex_data))
return 0;
return 1;
}
-SSL *ossl_ssl_connection_new(SSL_CTX *ctx)
+SSL *ossl_ssl_connection_new_int(SSL_CTX *ctx, const SSL_METHOD *method)
{
SSL_CONNECTION *s;
SSL *ssl;
return NULL;
ssl = &s->ssl;
- if (!ossl_ssl_init(ssl, ctx, SSL_TYPE_SSL_CONNECTION)) {
+ if (!ossl_ssl_init(ssl, ctx, method, SSL_TYPE_SSL_CONNECTION)) {
OPENSSL_free(s);
s = NULL;
goto sslerr;
}
-#ifndef OPENSSL_NO_QUIC
- /* set the parent (user visible) ssl to self */
- s->user_ssl = ssl;
-#endif
-
RECORD_LAYER_init(&s->rlayer, s);
s->options = ctx->options;
s->allow_early_data_cb = ctx->allow_early_data_cb;
s->allow_early_data_cb_data = ctx->allow_early_data_cb_data;
- if (!ssl->method->ssl_init(ssl))
+ if (!method->ssl_init(ssl))
goto sslerr;
- s->server = (ctx->method->ssl_accept == ssl_undefined_function) ? 0 : 1;
+ s->server = (method->ssl_accept == ssl_undefined_function) ? 0 : 1;
- if (!SSL_clear(ssl))
+ if (!method->ssl_reset(ssl))
goto sslerr;
#ifndef OPENSSL_NO_PSK
return NULL;
}
+SSL *ossl_ssl_connection_new(SSL_CTX *ctx)
+{
+ return ossl_ssl_connection_new_int(ctx, ctx->method);
+}
+
int SSL_is_dtls(const SSL *s)
{
SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s);
* (see ssl3_shutdown).
*/
SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s);
+#ifndef OPENSSL_NO_QUIC
+ QUIC_CONNECTION *qc = QUIC_CONNECTION_FROM_SSL(s);
+
+ if (qc != NULL)
+ return ossl_quic_conn_shutdown(qc, 0, NULL, 0);
+#endif
if (sc == NULL)
return -1;
return 0;
case SSL_CTRL_SET_MIN_PROTO_VERSION:
return ssl_check_allowed_versions(larg, sc->max_proto_version)
- && ssl_set_version_bound(s->ctx->method->version, (int)larg,
+ && ssl_set_version_bound(s->defltmeth->version, (int)larg,
&sc->min_proto_version);
case SSL_CTRL_GET_MIN_PROTO_VERSION:
return sc->min_proto_version;
case SSL_CTRL_SET_MAX_PROTO_VERSION:
return ssl_check_allowed_versions(sc->min_proto_version, larg)
- && ssl_set_version_bound(s->ctx->method->version, (int)larg,
+ && ssl_set_version_bound(s->defltmeth->version, (int)larg,
&sc->max_proto_version);
case SSL_CTRL_GET_MAX_PROTO_VERSION:
return sc->max_proto_version;
if (i > 0)
return SSL_ERROR_NONE;
+#ifndef OPENSSL_NO_QUIC
+ if (qc != NULL) {
+ reason = ossl_quic_get_error(qc, i);
+ if (reason != SSL_ERROR_NONE)
+ return reason;
+ }
+#endif
+
if (sc == NULL)
return SSL_ERROR_SSL;
return SSL_ERROR_SSL;
}
-#ifndef OPENSSL_NO_QUIC
- if (qc != NULL) {
- reason = ossl_quic_get_error(qc, i);
- if (reason != SSL_ERROR_NONE)
- return reason;
- }
-#endif
-
#ifndef OPENSSL_NO_QUIC
if (qc == NULL)
#endif
#endif
}
-int SSL_want_net_read(SSL *s)
+int SSL_net_read_desired(SSL *s)
{
#ifndef OPENSSL_NO_QUIC
QUIC_CONNECTION *qc = QUIC_CONNECTION_FROM_SSL(s);
if (qc == NULL)
return 0;
- return ossl_quic_get_want_net_read(qc);
+ return ossl_quic_get_net_read_desired(qc);
#else
return 0;
#endif
}
-int SSL_want_net_write(SSL *s)
+int SSL_net_write_desired(SSL *s)
{
#ifndef OPENSSL_NO_QUIC
QUIC_CONNECTION *qc = QUIC_CONNECTION_FROM_SSL(s);
if (qc == NULL)
return 0;
- return ossl_quic_get_want_net_write(qc);
+ return ossl_quic_get_net_write_desired(qc);
#else
return 0;
#endif
QUIC_CONNECTION *qc = QUIC_CONNECTION_FROM_SSL(s);
if (qc == NULL)
- return -1;
+ return 0;
return ossl_quic_conn_set_initial_peer_addr(qc, peer_addr);
#else
- return -1;
+ return 0;
+#endif
+}
+
+int SSL_shutdown_ex(SSL *ssl, uint64_t flags,
+ const SSL_SHUTDOWN_EX_ARGS *args,
+ size_t args_len)
+{
+#ifndef OPENSSL_NO_QUIC
+ QUIC_CONNECTION *qc = QUIC_CONNECTION_FROM_SSL(ssl);
+
+ if (qc == NULL)
+ return SSL_shutdown(ssl);
+
+ return ossl_quic_conn_shutdown(qc, flags, args, args_len);
+#else
+ return SSL_shutdown(ssl);
#endif
}
projects / openssl.git / blobdiff