Consistently use 'void *' for SSL read, peek and write functions.

[openssl.git] / ssl / ssl_lib.c

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 7864f2f7b00038c7e346c2cf738b45e2b9643217..f8207fa4238b03bb90dae8154e1b7dd030ea0967 100644 (file)
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -105,7 +105,7 @@ int SSL_clear(SSL *s)
 #else
        if (s->new_session)
                {
-               SSLerr(SSL_F_SSL_CLEAR,SSL_R_INTERNAL_ERROR);
+               SSLerr(SSL_F_SSL_CLEAR,ERR_R_INTERNAL_ERROR);
                return 0;
                }
 #endif
@@ -299,21 +299,32 @@ int SSL_set_generate_session_id(SSL *ssl, GEN_SESSION_CB cb)
        return 1;
        }
 
-int SSL_CTX_has_matching_session_id(const SSL_CTX *ctx, const unsigned char *id,
+int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
                                unsigned int id_len)
        {
        /* A quick examination of SSL_SESSION_hash and SSL_SESSION_cmp shows how
         * we can "construct" a session to give us the desired check - ie. to
         * find if there's a session in the hash table that would conflict with
         * any new session built out of this id/id_len and the ssl_version in
-        * use by this SSL_CTX. */
+        * use by this SSL. */
        SSL_SESSION r, *p;
-       r.ssl_version = ctx->method->version;
+       r.ssl_version = ssl->version;
        r.session_id_length = id_len;
        memcpy(r.session_id, id, id_len);
+       /* NB: SSLv2 always uses a fixed 16-byte session ID, so even if a
+        * callback is calling us to check the uniqueness of a shorter ID, it
+        * must be compared as a padded-out ID because that is what it will be
+        * converted to when the callback has finished choosing it. */
+       if((r.ssl_version == SSL2_VERSION) &&
+                       (id_len < SSL2_SSL_SESSION_ID_LENGTH))
+               {
+               memset(r.session_id + id_len, 0,
+                       SSL2_SSL_SESSION_ID_LENGTH - id_len);
+               r.session_id_length = SSL2_SSL_SESSION_ID_LENGTH;
+               }
 
        CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
-       p = (SSL_SESSION *)lh_retrieve(ctx->sessions, &r);
+       p = (SSL_SESSION *)lh_retrieve(ssl->ctx->sessions, &r);
        CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
        return (p != NULL);
        }
@@ -755,7 +766,7 @@ long SSL_get_default_timeout(SSL *s)
        return(s->method->get_timeout());
        }
 
-int SSL_read(SSL *s,char *buf,int num)
+int SSL_read(SSL *s,void *buf,int num)
        {
        if (s->handshake_func == 0)
                {
@@ -771,8 +782,14 @@ int SSL_read(SSL *s,char *buf,int num)
        return(s->method->ssl_read(s,buf,num));
        }
 
-int SSL_peek(SSL *s,char *buf,int num)
+int SSL_peek(SSL *s,void *buf,int num)
        {
+       if (s->handshake_func == 0)
+               {
+               SSLerr(SSL_F_SSL_READ, SSL_R_UNINITIALIZED);
+               return -1;
+               }
+
        if (s->shutdown & SSL_RECEIVED_SHUTDOWN)
                {
                return(0);
@@ -780,7 +797,7 @@ int SSL_peek(SSL *s,char *buf,int num)
        return(s->method->ssl_peek(s,buf,num));
        }
 
-int SSL_write(SSL *s,const char *buf,int num)
+int SSL_write(SSL *s,const void *buf,int num)
        {
        if (s->handshake_func == 0)
                {
@@ -1483,7 +1500,7 @@ X509 *ssl_get_server_send_cert(SSL *s)
                }
        else /* if (kalg & SSL_aNULL) */
                {
-               SSLerr(SSL_F_SSL_GET_SERVER_SEND_CERT,SSL_R_INTERNAL_ERROR);
+               SSLerr(SSL_F_SSL_GET_SERVER_SEND_CERT,ERR_R_INTERNAL_ERROR);
                return(NULL);
                }
        if (c->pkeys[i].x509 == NULL) return(NULL);
@@ -1512,7 +1529,7 @@ EVP_PKEY *ssl_get_sign_pkey(SSL *s,SSL_CIPHER *cipher)
                }
        else /* if (alg & SSL_aNULL) */
                {
-               SSLerr(SSL_F_SSL_GET_SIGN_PKEY,SSL_R_INTERNAL_ERROR);
+               SSLerr(SSL_F_SSL_GET_SIGN_PKEY,ERR_R_INTERNAL_ERROR);
                return(NULL);
                }
        }