new feature: if ctx==NULL in SSL_CTX_ctrl perform syntax checking only for some opera...
authorDr. Stephen Henson <steve@openssl.org>
Thu, 8 Nov 2012 14:24:51 +0000 (14:24 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Thu, 8 Nov 2012 14:24:51 +0000 (14:24 +0000)
ssl/ssl_lib.c
ssl/t1_lib.c

index a64e5d0..d529b85 100644 (file)
@@ -1169,6 +1169,20 @@ LHASH_OF(SSL_SESSION) *SSL_CTX_sessions(SSL_CTX *ctx)
 long SSL_CTX_ctrl(SSL_CTX *ctx,int cmd,long larg,void *parg)
        {
        long l;
+       /* For some cases with ctx == NULL perform syntax checks */
+       if (ctx == NULL)
+               {
+               switch (cmd)
+                       {
+               case SSL_CTRL_SET_CURVES_LIST:
+                       return tls1_set_curves_list(NULL, NULL, parg);
+               case SSL_CTRL_SET_SIGALGS_LIST:
+               case SSL_CTRL_SET_CLIENT_SIGALGS_LIST:
+                       return tls1_set_sigalgs_list(NULL, parg, 0);
+               default:
+                       return 0;
+                       }
+               }
 
        switch (cmd)
                {
index 31b3bd7..952e9eb 100644 (file)
@@ -525,6 +525,8 @@ int tls1_set_curves_list(unsigned char **pext, size_t *pextlen,
        ncb.nidcnt = 0;
        if (!CONF_parse_list(str, ':', 1, nid_cb, &ncb))
                return 0;
+       if (pext == NULL)
+               return 1;
        return tls1_set_curves(pext, pextlen, ncb.nid_arr, ncb.nidcnt);
        }
 /* For an EC key set TLS id and required compression based on parameters */
@@ -3754,6 +3756,8 @@ int tls1_set_sigalgs_list(CERT *c, const char *str, int client)
        sig.sigalgcnt = 0;
        if (!CONF_parse_list(str, ':', 1, sig_cb, &sig))
                return 0;
+       if (c == NULL)
+               return 1;
        return tls1_set_sigalgs(c, sig.sigalgs, sig.sigalgcnt, client);
        }