Move the SCT List extension parser into libssl.

[openssl.git] / ssl / ssl_lib.c

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 1bedb54d47673e5284231e55563ea3fb4dedfcf7..d47f26865bf58f5f66e3f94c2c16aad7a200c535 100644 (file)
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -536,6 +536,16 @@ int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm)
        return X509_VERIFY_PARAM_set1(ssl->param, vpm);
        }
 
+X509_VERIFY_PARAM *SSL_CTX_get0_param(SSL_CTX *ctx)
+       {
+       return ctx->param;
+       }
+
+X509_VERIFY_PARAM *SSL_get0_param(SSL *ssl)
+       {
+       return ssl->param;
+       }
+
 void SSL_certs_clear(SSL *s)
        {
        ssl_cert_clear_certs(s->cert);
@@ -2401,20 +2411,20 @@ void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
                emask_k|=SSL_kRSA;
 
 #if 0
-       /* The match needs to be both kEDH and aRSA or aDSA, so don't worry */
+       /* The match needs to be both kDHE and aRSA or aDSA, so don't worry */
        if (    (dh_tmp || dh_rsa || dh_dsa) &&
                (rsa_enc || rsa_sign || dsa_sign))
-               mask_k|=SSL_kEDH;
+               mask_k|=SSL_kDHE;
        if ((dh_tmp_export || dh_rsa_export || dh_dsa_export) &&
                (rsa_enc || rsa_sign || dsa_sign))
-               emask_k|=SSL_kEDH;
+               emask_k|=SSL_kDHE;
 #endif
 
        if (dh_tmp_export)
-               emask_k|=SSL_kEDH;
+               emask_k|=SSL_kDHE;
 
        if (dh_tmp)
-               mask_k|=SSL_kEDH;
+               mask_k|=SSL_kDHE;
 
        if (dh_rsa) mask_k|=SSL_kDHr;
        if (dh_rsa_export) emask_k|=SSL_kDHr;
@@ -2512,8 +2522,8 @@ void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
 #ifndef OPENSSL_NO_ECDH
        if (have_ecdh_tmp)
                {
-               mask_k|=SSL_kEECDH;
-               emask_k|=SSL_kEECDH;
+               mask_k|=SSL_kECDHE;
+               emask_k|=SSL_kECDHE;
                }
 #endif
 
@@ -2740,6 +2750,11 @@ void ssl_update_cache(SSL *s,int mode)
                }
        }
 
+const SSL_METHOD *SSL_CTX_get_ssl_method(SSL_CTX *ctx)
+       {
+       return ctx->method;
+       }
+
 const SSL_METHOD *SSL_get_ssl_method(SSL *s)
        {
        return(s->method);