return(NULL);
}
+STACK_OF(SSL_CIPHER) *SSL_get1_supported_ciphers(SSL *s)
+ {
+ STACK_OF(SSL_CIPHER) *sk = NULL, *ciphers;
+ int i;
+ ciphers = SSL_get_ciphers(s);
+ if (!ciphers)
+ return NULL;
+ ssl_set_client_disabled(s);
+ for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++)
+ {
+ const SSL_CIPHER *c = sk_SSL_CIPHER_value(ciphers, i);
+ if (!ssl_cipher_disabled(s, c, SSL_SECOP_CIPHER_SUPPORTED))
+ {
+ if (!sk)
+ sk = sk_SSL_CIPHER_new_null();
+ if (!sk)
+ return NULL;
+ if (!sk_SSL_CIPHER_push(sk, c))
+ {
+ sk_SSL_CIPHER_free(sk);
+ return NULL;
+ }
+ }
+ }
+ return sk;
+ }
+
/** return a STACK of the ciphers available for the SSL and in order of
* algorithm id */
STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s)
{
int i,j=0;
SSL_CIPHER *c;
- CERT *ct = s->cert;
unsigned char *q;
int no_scsv = s->renegotiate;
/* Set disabled masks for this session */
{
c=sk_SSL_CIPHER_value(sk,i);
/* Skip disabled ciphers */
- if (c->algorithm_ssl & ct->mask_ssl ||
- c->algorithm_mkey & ct->mask_k ||
- c->algorithm_auth & ct->mask_a)
+ if (ssl_cipher_disabled(s, c, SSL_SECOP_CIPHER_SUPPORTED))
continue;
#ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL
if (c->id == SSL3_CK_SCSV)
return s->server;
}
+void SSL_set_security_level(SSL *s, int level)
+ {
+ s->cert->sec_level = level;
+ }
+
+int SSL_get_security_level(const SSL *s)
+ {
+ return s->cert->sec_level;
+ }
+
+void SSL_set_security_callback(SSL *s, int (*cb)(SSL *s, SSL_CTX *ctx, int op, int bits, int nid, void *other, void *ex))
+ {
+ s->cert->sec_cb = cb;
+ }
+
+int (*SSL_get_security_callback(const SSL *s))(SSL *s, SSL_CTX *ctx, int op, int bits, int nid, void *other, void *ex)
+ {
+ return s->cert->sec_cb;
+ }
+
+void SSL_set0_security_ex_data(SSL *s, void *ex)
+ {
+ s->cert->sec_ex = ex;
+ }
+
+void *SSL_get0_security_ex_data(const SSL *s)
+ {
+ return s->cert->sec_ex;
+ }
+
+void SSL_CTX_set_security_level(SSL_CTX *ctx, int level)
+ {
+ ctx->cert->sec_level = level;
+ }
+
+int SSL_CTX_get_security_level(const SSL_CTX *ctx)
+ {
+ return ctx->cert->sec_level;
+ }
+
+void SSL_CTX_set_security_callback(SSL_CTX *ctx, int (*cb)(SSL *s, SSL_CTX *ctx, int op, int bits, int nid, void *other, void *ex))
+ {
+ ctx->cert->sec_cb = cb;
+ }
+
+int (*SSL_CTX_get_security_callback(const SSL_CTX *ctx))(SSL *s, SSL_CTX *ctx, int op, int bits, int nid, void *other, void *ex)
+ {
+ return ctx->cert->sec_cb;
+ }
+
+void SSL_CTX_set0_security_ex_data(SSL_CTX *ctx, void *ex)
+ {
+ ctx->cert->sec_ex = ex;
+ }
+
+void *SSL_CTX_get0_security_ex_data(const SSL_CTX *ctx)
+ {
+ return ctx->cert->sec_ex;
+ }
+
+
#if defined(_WINDLL) && defined(OPENSSL_SYS_WIN16)
#include "../crypto/bio/bss_file.c"
#endif