ssl_lib.c 81 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491149214931494149514961497149814991500150115021503150415051506150715081509151015111512151315141515151615171518151915201521152215231524152515261527152815291530153115321533153415351536153715381539154015411542154315441545154615471548154915501551155215531554155515561557155815591560156115621563156415651566156715681569157015711572157315741575157615771578157915801581158215831584158515861587158815891590159115921593159415951596159715981599160016011602160316041605160616071608160916101611161216131614161516161617161816191620162116221623162416251626162716281629163016311632163316341635163616371638163916401641164216431644164516461647164816491650165116521653165416551656165716581659166016611662166316641665166616671668166916701671167216731674167516761677167816791680168116821683168416851686168716881689169016911692169316941695169616971698169917001701170217031704170517061707170817091710171117121713171417151716171717181719172017211722172317241725172617271728172917301731173217331734173517361737173817391740174117421743174417451746174717481749175017511752175317541755175617571758175917601761176217631764176517661767176817691770177117721773177417751776177717781779178017811782178317841785178617871788178917901791179217931794179517961797179817991800180118021803180418051806180718081809181018111812181318141815181618171818181918201821182218231824182518261827182818291830183118321833183418351836183718381839184018411842184318441845184618471848184918501851185218531854185518561857185818591860186118621863186418651866186718681869187018711872187318741875187618771878187918801881188218831884188518861887188818891890189118921893189418951896189718981899190019011902190319041905190619071908190919101911191219131914191519161917191819191920192119221923192419251926192719281929193019311932193319341935193619371938193919401941194219431944194519461947194819491950195119521953195419551956195719581959196019611962196319641965196619671968196919701971197219731974197519761977197819791980198119821983198419851986198719881989199019911992199319941995199619971998199920002001200220032004200520062007200820092010201120122013201420152016201720182019202020212022202320242025202620272028202920302031203220332034203520362037203820392040204120422043204420452046204720482049205020512052205320542055205620572058205920602061206220632064206520662067206820692070207120722073207420752076207720782079208020812082208320842085208620872088208920902091209220932094209520962097209820992100210121022103210421052106210721082109211021112112211321142115211621172118211921202121212221232124212521262127212821292130213121322133213421352136213721382139214021412142214321442145214621472148214921502151215221532154215521562157215821592160216121622163216421652166216721682169217021712172217321742175217621772178217921802181218221832184218521862187218821892190219121922193219421952196219721982199220022012202220322042205220622072208220922102211221222132214221522162217221822192220222122222223222422252226222722282229223022312232223322342235223622372238223922402241224222432244224522462247224822492250225122522253225422552256225722582259226022612262226322642265226622672268226922702271227222732274227522762277227822792280228122822283228422852286228722882289229022912292229322942295229622972298229923002301230223032304230523062307230823092310231123122313231423152316231723182319232023212322232323242325232623272328232923302331233223332334233523362337233823392340234123422343234423452346234723482349235023512352235323542355235623572358235923602361236223632364236523662367236823692370237123722373237423752376237723782379238023812382238323842385238623872388238923902391239223932394239523962397239823992400240124022403240424052406240724082409241024112412241324142415241624172418241924202421242224232424242524262427242824292430243124322433243424352436243724382439244024412442244324442445244624472448244924502451245224532454245524562457245824592460246124622463246424652466246724682469247024712472247324742475247624772478247924802481248224832484248524862487248824892490249124922493249424952496249724982499250025012502250325042505250625072508250925102511251225132514251525162517251825192520252125222523252425252526252725282529253025312532253325342535253625372538253925402541254225432544254525462547254825492550255125522553255425552556255725582559256025612562256325642565256625672568256925702571257225732574257525762577257825792580258125822583258425852586258725882589259025912592259325942595259625972598259926002601260226032604260526062607260826092610261126122613261426152616261726182619262026212622262326242625262626272628262926302631263226332634263526362637263826392640264126422643264426452646264726482649265026512652265326542655265626572658265926602661266226632664266526662667266826692670267126722673267426752676267726782679268026812682268326842685268626872688268926902691269226932694269526962697269826992700270127022703270427052706270727082709271027112712271327142715271627172718271927202721272227232724272527262727272827292730273127322733273427352736273727382739274027412742274327442745274627472748274927502751275227532754275527562757275827592760276127622763276427652766276727682769277027712772277327742775277627772778277927802781278227832784278527862787278827892790279127922793279427952796279727982799280028012802280328042805280628072808280928102811281228132814281528162817281828192820282128222823282428252826282728282829283028312832283328342835283628372838283928402841284228432844284528462847284828492850285128522853285428552856285728582859286028612862286328642865286628672868286928702871287228732874287528762877287828792880288128822883288428852886288728882889289028912892289328942895289628972898289929002901290229032904290529062907290829092910291129122913291429152916291729182919292029212922292329242925292629272928292929302931293229332934293529362937293829392940294129422943294429452946294729482949295029512952295329542955295629572958295929602961296229632964296529662967296829692970297129722973297429752976297729782979298029812982298329842985298629872988298929902991299229932994299529962997299829993000300130023003300430053006300730083009301030113012301330143015301630173018301930203021302230233024302530263027302830293030303130323033303430353036303730383039304030413042304330443045304630473048304930503051305230533054305530563057305830593060306130623063306430653066306730683069307030713072307330743075307630773078307930803081308230833084308530863087308830893090309130923093309430953096309730983099310031013102310331043105310631073108310931103111311231133114311531163117311831193120312131223123312431253126312731283129313031313132313331343135313631373138313931403141314231433144314531463147314831493150315131523153315431553156315731583159316031613162316331643165316631673168316931703171317231733174317531763177317831793180318131823183318431853186318731883189319031913192319331943195319631973198319932003201320232033204320532063207320832093210321132123213321432153216321732183219322032213222322332243225322632273228322932303231323232333234323532363237323832393240324132423243324432453246
  1. /*! \file ssl/ssl_lib.c
  2. * \brief Version independent SSL functions.
  3. */
  4. /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  5. * All rights reserved.
  6. *
  7. * This package is an SSL implementation written
  8. * by Eric Young (eay@cryptsoft.com).
  9. * The implementation was written so as to conform with Netscapes SSL.
  10. *
  11. * This library is free for commercial and non-commercial use as long as
  12. * the following conditions are aheared to. The following conditions
  13. * apply to all code found in this distribution, be it the RC4, RSA,
  14. * lhash, DES, etc., code; not just the SSL code. The SSL documentation
  15. * included with this distribution is covered by the same copyright terms
  16. * except that the holder is Tim Hudson (tjh@cryptsoft.com).
  17. *
  18. * Copyright remains Eric Young's, and as such any Copyright notices in
  19. * the code are not to be removed.
  20. * If this package is used in a product, Eric Young should be given attribution
  21. * as the author of the parts of the library used.
  22. * This can be in the form of a textual message at program startup or
  23. * in documentation (online or textual) provided with the package.
  24. *
  25. * Redistribution and use in source and binary forms, with or without
  26. * modification, are permitted provided that the following conditions
  27. * are met:
  28. * 1. Redistributions of source code must retain the copyright
  29. * notice, this list of conditions and the following disclaimer.
  30. * 2. Redistributions in binary form must reproduce the above copyright
  31. * notice, this list of conditions and the following disclaimer in the
  32. * documentation and/or other materials provided with the distribution.
  33. * 3. All advertising materials mentioning features or use of this software
  34. * must display the following acknowledgement:
  35. * "This product includes cryptographic software written by
  36. * Eric Young (eay@cryptsoft.com)"
  37. * The word 'cryptographic' can be left out if the rouines from the library
  38. * being used are not cryptographic related :-).
  39. * 4. If you include any Windows specific code (or a derivative thereof) from
  40. * the apps directory (application code) you must include an acknowledgement:
  41. * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
  42. *
  43. * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
  44. * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  45. * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  46. * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
  47. * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  48. * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  49. * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  50. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  51. * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  52. * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  53. * SUCH DAMAGE.
  54. *
  55. * The licence and distribution terms for any publically available version or
  56. * derivative of this code cannot be changed. i.e. this code cannot simply be
  57. * copied and put under another distribution licence
  58. * [including the GNU Public Licence.]
  59. */
  60. /* ====================================================================
  61. * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
  62. *
  63. * Redistribution and use in source and binary forms, with or without
  64. * modification, are permitted provided that the following conditions
  65. * are met:
  66. *
  67. * 1. Redistributions of source code must retain the above copyright
  68. * notice, this list of conditions and the following disclaimer.
  69. *
  70. * 2. Redistributions in binary form must reproduce the above copyright
  71. * notice, this list of conditions and the following disclaimer in
  72. * the documentation and/or other materials provided with the
  73. * distribution.
  74. *
  75. * 3. All advertising materials mentioning features or use of this
  76. * software must display the following acknowledgment:
  77. * "This product includes software developed by the OpenSSL Project
  78. * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
  79. *
  80. * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
  81. * endorse or promote products derived from this software without
  82. * prior written permission. For written permission, please contact
  83. * openssl-core@openssl.org.
  84. *
  85. * 5. Products derived from this software may not be called "OpenSSL"
  86. * nor may "OpenSSL" appear in their names without prior written
  87. * permission of the OpenSSL Project.
  88. *
  89. * 6. Redistributions of any form whatsoever must retain the following
  90. * acknowledgment:
  91. * "This product includes software developed by the OpenSSL Project
  92. * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
  93. *
  94. * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
  95. * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  96. * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  97. * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
  98. * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  99. * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  100. * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  101. * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  102. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  103. * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  104. * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  105. * OF THE POSSIBILITY OF SUCH DAMAGE.
  106. * ====================================================================
  107. *
  108. * This product includes cryptographic software written by Eric Young
  109. * (eay@cryptsoft.com). This product includes software written by Tim
  110. * Hudson (tjh@cryptsoft.com).
  111. *
  112. */
  113. /* ====================================================================
  114. * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
  115. * ECC cipher suite support in OpenSSL originally developed by
  116. * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
  117. */
  118. /* ====================================================================
  119. * Copyright 2005 Nokia. All rights reserved.
  120. *
  121. * The portions of the attached software ("Contribution") is developed by
  122. * Nokia Corporation and is licensed pursuant to the OpenSSL open source
  123. * license.
  124. *
  125. * The Contribution, originally written by Mika Kousa and Pasi Eronen of
  126. * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
  127. * support (see RFC 4279) to OpenSSL.
  128. *
  129. * No patent licenses or other rights except those expressly stated in
  130. * the OpenSSL open source license shall be deemed granted or received
  131. * expressly, by implication, estoppel, or otherwise.
  132. *
  133. * No assurances are provided by Nokia that the Contribution does not
  134. * infringe the patent or other intellectual property rights of any third
  135. * party or that the license provides you with all the necessary rights
  136. * to make use of the Contribution.
  137. *
  138. * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
  139. * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
  140. * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
  141. * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
  142. * OTHERWISE.
  143. */
  144. #ifdef REF_CHECK
  145. # include <assert.h>
  146. #endif
  147. #include <stdio.h>
  148. #include <openssl/crypto.h>
  149. #include "ssl_locl.h"
  150. #include "kssl_lcl.h"
  151. #include <openssl/objects.h>
  152. #include <openssl/lhash.h>
  153. #include <openssl/x509v3.h>
  154. #include <openssl/rand.h>
  155. #include <openssl/ocsp.h>
  156. #ifndef OPENSSL_NO_DH
  157. #include <openssl/dh.h>
  158. #endif
  159. #ifndef OPENSSL_NO_ENGINE
  160. #include <openssl/engine.h>
  161. #endif
  162. const char *SSL_version_str=OPENSSL_VERSION_TEXT;
  163. SSL3_ENC_METHOD ssl3_undef_enc_method={
  164. /* evil casts, but these functions are only called if there's a library bug */
  165. (int (*)(SSL *,int))ssl_undefined_function,
  166. (int (*)(SSL *, unsigned char *, int))ssl_undefined_function,
  167. ssl_undefined_function,
  168. (int (*)(SSL *, unsigned char *, unsigned char *, int))ssl_undefined_function,
  169. (int (*)(SSL*, int))ssl_undefined_function,
  170. (int (*)(SSL *, const char*, int, unsigned char *))ssl_undefined_function,
  171. 0, /* finish_mac_length */
  172. (int (*)(SSL *, int, unsigned char *))ssl_undefined_function,
  173. NULL, /* client_finished_label */
  174. 0, /* client_finished_label_len */
  175. NULL, /* server_finished_label */
  176. 0, /* server_finished_label_len */
  177. (int (*)(int))ssl_undefined_function
  178. };
  179. int SSL_clear(SSL *s)
  180. {
  181. if (s->method == NULL)
  182. {
  183. SSLerr(SSL_F_SSL_CLEAR,SSL_R_NO_METHOD_SPECIFIED);
  184. return(0);
  185. }
  186. if (ssl_clear_bad_session(s))
  187. {
  188. SSL_SESSION_free(s->session);
  189. s->session=NULL;
  190. }
  191. s->error=0;
  192. s->hit=0;
  193. s->shutdown=0;
  194. #if 0 /* Disabled since version 1.10 of this file (early return not
  195. * needed because SSL_clear is not called when doing renegotiation) */
  196. /* This is set if we are doing dynamic renegotiation so keep
  197. * the old cipher. It is sort of a SSL_clear_lite :-) */
  198. if (s->renegotiate) return(1);
  199. #else
  200. if (s->renegotiate)
  201. {
  202. SSLerr(SSL_F_SSL_CLEAR,ERR_R_INTERNAL_ERROR);
  203. return 0;
  204. }
  205. #endif
  206. s->type=0;
  207. s->state=SSL_ST_BEFORE|((s->server)?SSL_ST_ACCEPT:SSL_ST_CONNECT);
  208. s->version=s->method->version;
  209. s->client_version=s->version;
  210. s->rwstate=SSL_NOTHING;
  211. s->rstate=SSL_ST_READ_HEADER;
  212. #if 0
  213. s->read_ahead=s->ctx->read_ahead;
  214. #endif
  215. if (s->init_buf != NULL)
  216. {
  217. BUF_MEM_free(s->init_buf);
  218. s->init_buf=NULL;
  219. }
  220. ssl_clear_cipher_ctx(s);
  221. ssl_clear_hash_ctx(&s->read_hash);
  222. ssl_clear_hash_ctx(&s->write_hash);
  223. s->first_packet=0;
  224. #if 1
  225. /* Check to see if we were changed into a different method, if
  226. * so, revert back if we are not doing session-id reuse. */
  227. if (!s->in_handshake && (s->session == NULL) && (s->method != s->ctx->method))
  228. {
  229. s->method->ssl_free(s);
  230. s->method=s->ctx->method;
  231. if (!s->method->ssl_new(s))
  232. return(0);
  233. }
  234. else
  235. #endif
  236. s->method->ssl_clear(s);
  237. return(1);
  238. }
  239. /** Used to change an SSL_CTXs default SSL method type */
  240. int SSL_CTX_set_ssl_version(SSL_CTX *ctx,const SSL_METHOD *meth)
  241. {
  242. STACK_OF(SSL_CIPHER) *sk;
  243. ctx->method=meth;
  244. sk=ssl_create_cipher_list(ctx->method,&(ctx->cipher_list),
  245. &(ctx->cipher_list_by_id),
  246. meth->version == SSL2_VERSION ? "SSLv2" : SSL_DEFAULT_CIPHER_LIST);
  247. if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0))
  248. {
  249. SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION,SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
  250. return(0);
  251. }
  252. return(1);
  253. }
  254. SSL *SSL_new(SSL_CTX *ctx)
  255. {
  256. SSL *s;
  257. if (ctx == NULL)
  258. {
  259. SSLerr(SSL_F_SSL_NEW,SSL_R_NULL_SSL_CTX);
  260. return(NULL);
  261. }
  262. if (ctx->method == NULL)
  263. {
  264. SSLerr(SSL_F_SSL_NEW,SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION);
  265. return(NULL);
  266. }
  267. s=(SSL *)OPENSSL_malloc(sizeof(SSL));
  268. if (s == NULL) goto err;
  269. memset(s,0,sizeof(SSL));
  270. #ifndef OPENSSL_NO_KRB5
  271. s->kssl_ctx = kssl_ctx_new();
  272. #endif /* OPENSSL_NO_KRB5 */
  273. s->options=ctx->options;
  274. s->mode=ctx->mode;
  275. s->max_cert_list=ctx->max_cert_list;
  276. if (ctx->cert != NULL)
  277. {
  278. /* Earlier library versions used to copy the pointer to
  279. * the CERT, not its contents; only when setting new
  280. * parameters for the per-SSL copy, ssl_cert_new would be
  281. * called (and the direct reference to the per-SSL_CTX
  282. * settings would be lost, but those still were indirectly
  283. * accessed for various purposes, and for that reason they
  284. * used to be known as s->ctx->default_cert).
  285. * Now we don't look at the SSL_CTX's CERT after having
  286. * duplicated it once. */
  287. s->cert = ssl_cert_dup(ctx->cert);
  288. if (s->cert == NULL)
  289. goto err;
  290. }
  291. else
  292. s->cert=NULL; /* Cannot really happen (see SSL_CTX_new) */
  293. s->read_ahead=ctx->read_ahead;
  294. s->msg_callback=ctx->msg_callback;
  295. s->msg_callback_arg=ctx->msg_callback_arg;
  296. s->verify_mode=ctx->verify_mode;
  297. s->not_resumable_session_cb=ctx->not_resumable_session_cb;
  298. #if 0
  299. s->verify_depth=ctx->verify_depth;
  300. #endif
  301. s->sid_ctx_length=ctx->sid_ctx_length;
  302. OPENSSL_assert(s->sid_ctx_length <= sizeof s->sid_ctx);
  303. memcpy(&s->sid_ctx,&ctx->sid_ctx,sizeof(s->sid_ctx));
  304. s->verify_callback=ctx->default_verify_callback;
  305. s->generate_session_id=ctx->generate_session_id;
  306. s->param = X509_VERIFY_PARAM_new();
  307. if (!s->param)
  308. goto err;
  309. X509_VERIFY_PARAM_inherit(s->param, ctx->param);
  310. #if 0
  311. s->purpose = ctx->purpose;
  312. s->trust = ctx->trust;
  313. #endif
  314. s->quiet_shutdown=ctx->quiet_shutdown;
  315. s->max_send_fragment = ctx->max_send_fragment;
  316. CRYPTO_add(&ctx->references,1,CRYPTO_LOCK_SSL_CTX);
  317. s->ctx=ctx;
  318. #ifndef OPENSSL_NO_TLSEXT
  319. s->tlsext_debug_cb = 0;
  320. s->tlsext_debug_arg = NULL;
  321. s->tlsext_ticket_expected = 0;
  322. s->tlsext_status_type = -1;
  323. s->tlsext_status_expected = 0;
  324. s->tlsext_ocsp_ids = NULL;
  325. s->tlsext_ocsp_exts = NULL;
  326. s->tlsext_ocsp_resp = NULL;
  327. s->tlsext_ocsp_resplen = -1;
  328. CRYPTO_add(&ctx->references,1,CRYPTO_LOCK_SSL_CTX);
  329. s->initial_ctx=ctx;
  330. # ifndef OPENSSL_NO_NEXTPROTONEG
  331. s->next_proto_negotiated = NULL;
  332. # endif
  333. #endif
  334. s->verify_result=X509_V_OK;
  335. s->method=ctx->method;
  336. if (!s->method->ssl_new(s))
  337. goto err;
  338. s->references=1;
  339. s->server=(ctx->method->ssl_accept == ssl_undefined_function)?0:1;
  340. SSL_clear(s);
  341. CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
  342. #ifndef OPENSSL_NO_PSK
  343. s->psk_client_callback=ctx->psk_client_callback;
  344. s->psk_server_callback=ctx->psk_server_callback;
  345. #endif
  346. return(s);
  347. err:
  348. if (s != NULL)
  349. {
  350. if (s->cert != NULL)
  351. ssl_cert_free(s->cert);
  352. if (s->ctx != NULL)
  353. SSL_CTX_free(s->ctx); /* decrement reference count */
  354. OPENSSL_free(s);
  355. }
  356. SSLerr(SSL_F_SSL_NEW,ERR_R_MALLOC_FAILURE);
  357. return(NULL);
  358. }
  359. int SSL_CTX_set_session_id_context(SSL_CTX *ctx,const unsigned char *sid_ctx,
  360. unsigned int sid_ctx_len)
  361. {
  362. if(sid_ctx_len > sizeof ctx->sid_ctx)
  363. {
  364. SSLerr(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT,SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
  365. return 0;
  366. }
  367. ctx->sid_ctx_length=sid_ctx_len;
  368. memcpy(ctx->sid_ctx,sid_ctx,sid_ctx_len);
  369. return 1;
  370. }
  371. int SSL_set_session_id_context(SSL *ssl,const unsigned char *sid_ctx,
  372. unsigned int sid_ctx_len)
  373. {
  374. if(sid_ctx_len > SSL_MAX_SID_CTX_LENGTH)
  375. {
  376. SSLerr(SSL_F_SSL_SET_SESSION_ID_CONTEXT,SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
  377. return 0;
  378. }
  379. ssl->sid_ctx_length=sid_ctx_len;
  380. memcpy(ssl->sid_ctx,sid_ctx,sid_ctx_len);
  381. return 1;
  382. }
  383. int SSL_CTX_set_generate_session_id(SSL_CTX *ctx, GEN_SESSION_CB cb)
  384. {
  385. CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
  386. ctx->generate_session_id = cb;
  387. CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
  388. return 1;
  389. }
  390. int SSL_set_generate_session_id(SSL *ssl, GEN_SESSION_CB cb)
  391. {
  392. CRYPTO_w_lock(CRYPTO_LOCK_SSL);
  393. ssl->generate_session_id = cb;
  394. CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
  395. return 1;
  396. }
  397. int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
  398. unsigned int id_len)
  399. {
  400. /* A quick examination of SSL_SESSION_hash and SSL_SESSION_cmp shows how
  401. * we can "construct" a session to give us the desired check - ie. to
  402. * find if there's a session in the hash table that would conflict with
  403. * any new session built out of this id/id_len and the ssl_version in
  404. * use by this SSL. */
  405. SSL_SESSION r, *p;
  406. if(id_len > sizeof r.session_id)
  407. return 0;
  408. r.ssl_version = ssl->version;
  409. r.session_id_length = id_len;
  410. memcpy(r.session_id, id, id_len);
  411. /* NB: SSLv2 always uses a fixed 16-byte session ID, so even if a
  412. * callback is calling us to check the uniqueness of a shorter ID, it
  413. * must be compared as a padded-out ID because that is what it will be
  414. * converted to when the callback has finished choosing it. */
  415. if((r.ssl_version == SSL2_VERSION) &&
  416. (id_len < SSL2_SSL_SESSION_ID_LENGTH))
  417. {
  418. memset(r.session_id + id_len, 0,
  419. SSL2_SSL_SESSION_ID_LENGTH - id_len);
  420. r.session_id_length = SSL2_SSL_SESSION_ID_LENGTH;
  421. }
  422. CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
  423. p = lh_SSL_SESSION_retrieve(ssl->ctx->sessions, &r);
  424. CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
  425. return (p != NULL);
  426. }
  427. int SSL_CTX_set_purpose(SSL_CTX *s, int purpose)
  428. {
  429. return X509_VERIFY_PARAM_set_purpose(s->param, purpose);
  430. }
  431. int SSL_set_purpose(SSL *s, int purpose)
  432. {
  433. return X509_VERIFY_PARAM_set_purpose(s->param, purpose);
  434. }
  435. int SSL_CTX_set_trust(SSL_CTX *s, int trust)
  436. {
  437. return X509_VERIFY_PARAM_set_trust(s->param, trust);
  438. }
  439. int SSL_set_trust(SSL *s, int trust)
  440. {
  441. return X509_VERIFY_PARAM_set_trust(s->param, trust);
  442. }
  443. int SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm)
  444. {
  445. return X509_VERIFY_PARAM_set1(ctx->param, vpm);
  446. }
  447. int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm)
  448. {
  449. return X509_VERIFY_PARAM_set1(ssl->param, vpm);
  450. }
  451. void SSL_free(SSL *s)
  452. {
  453. int i;
  454. if(s == NULL)
  455. return;
  456. i=CRYPTO_add(&s->references,-1,CRYPTO_LOCK_SSL);
  457. #ifdef REF_PRINT
  458. REF_PRINT("SSL",s);
  459. #endif
  460. if (i > 0) return;
  461. #ifdef REF_CHECK
  462. if (i < 0)
  463. {
  464. fprintf(stderr,"SSL_free, bad reference count\n");
  465. abort(); /* ok */
  466. }
  467. #endif
  468. if (s->param)
  469. X509_VERIFY_PARAM_free(s->param);
  470. CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
  471. if (s->bbio != NULL)
  472. {
  473. /* If the buffering BIO is in place, pop it off */
  474. if (s->bbio == s->wbio)
  475. {
  476. s->wbio=BIO_pop(s->wbio);
  477. }
  478. BIO_free(s->bbio);
  479. s->bbio=NULL;
  480. }
  481. if (s->rbio != NULL)
  482. BIO_free_all(s->rbio);
  483. if ((s->wbio != NULL) && (s->wbio != s->rbio))
  484. BIO_free_all(s->wbio);
  485. if (s->init_buf != NULL) BUF_MEM_free(s->init_buf);
  486. /* add extra stuff */
  487. if (s->cipher_list != NULL) sk_SSL_CIPHER_free(s->cipher_list);
  488. if (s->cipher_list_by_id != NULL) sk_SSL_CIPHER_free(s->cipher_list_by_id);
  489. /* Make the next call work :-) */
  490. if (s->session != NULL)
  491. {
  492. ssl_clear_bad_session(s);
  493. SSL_SESSION_free(s->session);
  494. }
  495. ssl_clear_cipher_ctx(s);
  496. ssl_clear_hash_ctx(&s->read_hash);
  497. ssl_clear_hash_ctx(&s->write_hash);
  498. if (s->cert != NULL) ssl_cert_free(s->cert);
  499. /* Free up if allocated */
  500. #ifndef OPENSSL_NO_TLSEXT
  501. if (s->tlsext_hostname)
  502. OPENSSL_free(s->tlsext_hostname);
  503. if (s->initial_ctx) SSL_CTX_free(s->initial_ctx);
  504. #ifndef OPENSSL_NO_EC
  505. if (s->tlsext_ecpointformatlist) OPENSSL_free(s->tlsext_ecpointformatlist);
  506. if (s->tlsext_ellipticcurvelist) OPENSSL_free(s->tlsext_ellipticcurvelist);
  507. #endif /* OPENSSL_NO_EC */
  508. if (s->tlsext_opaque_prf_input) OPENSSL_free(s->tlsext_opaque_prf_input);
  509. if (s->tlsext_ocsp_exts)
  510. sk_X509_EXTENSION_pop_free(s->tlsext_ocsp_exts,
  511. X509_EXTENSION_free);
  512. if (s->tlsext_ocsp_ids)
  513. sk_OCSP_RESPID_pop_free(s->tlsext_ocsp_ids, OCSP_RESPID_free);
  514. if (s->tlsext_ocsp_resp)
  515. OPENSSL_free(s->tlsext_ocsp_resp);
  516. #endif
  517. if (s->client_CA != NULL)
  518. sk_X509_NAME_pop_free(s->client_CA,X509_NAME_free);
  519. if (s->method != NULL) s->method->ssl_free(s);
  520. if (s->ctx) SSL_CTX_free(s->ctx);
  521. #ifndef OPENSSL_NO_KRB5
  522. if (s->kssl_ctx != NULL)
  523. kssl_ctx_free(s->kssl_ctx);
  524. #endif /* OPENSSL_NO_KRB5 */
  525. #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
  526. if (s->next_proto_negotiated)
  527. OPENSSL_free(s->next_proto_negotiated);
  528. #endif
  529. OPENSSL_free(s);
  530. }
  531. void SSL_set_bio(SSL *s,BIO *rbio,BIO *wbio)
  532. {
  533. /* If the output buffering BIO is still in place, remove it
  534. */
  535. if (s->bbio != NULL)
  536. {
  537. if (s->wbio == s->bbio)
  538. {
  539. s->wbio=s->wbio->next_bio;
  540. s->bbio->next_bio=NULL;
  541. }
  542. }
  543. if ((s->rbio != NULL) && (s->rbio != rbio))
  544. BIO_free_all(s->rbio);
  545. if ((s->wbio != NULL) && (s->wbio != wbio) && (s->rbio != s->wbio))
  546. BIO_free_all(s->wbio);
  547. s->rbio=rbio;
  548. s->wbio=wbio;
  549. }
  550. BIO *SSL_get_rbio(const SSL *s)
  551. { return(s->rbio); }
  552. BIO *SSL_get_wbio(const SSL *s)
  553. { return(s->wbio); }
  554. int SSL_get_fd(const SSL *s)
  555. {
  556. return(SSL_get_rfd(s));
  557. }
  558. int SSL_get_rfd(const SSL *s)
  559. {
  560. int ret= -1;
  561. BIO *b,*r;
  562. b=SSL_get_rbio(s);
  563. r=BIO_find_type(b,BIO_TYPE_DESCRIPTOR);
  564. if (r != NULL)
  565. BIO_get_fd(r,&ret);
  566. return(ret);
  567. }
  568. int SSL_get_wfd(const SSL *s)
  569. {
  570. int ret= -1;
  571. BIO *b,*r;
  572. b=SSL_get_wbio(s);
  573. r=BIO_find_type(b,BIO_TYPE_DESCRIPTOR);
  574. if (r != NULL)
  575. BIO_get_fd(r,&ret);
  576. return(ret);
  577. }
  578. #ifndef OPENSSL_NO_SOCK
  579. int SSL_set_fd(SSL *s,int fd)
  580. {
  581. int ret=0;
  582. BIO *bio=NULL;
  583. bio=BIO_new(BIO_s_socket());
  584. if (bio == NULL)
  585. {
  586. SSLerr(SSL_F_SSL_SET_FD,ERR_R_BUF_LIB);
  587. goto err;
  588. }
  589. BIO_set_fd(bio,fd,BIO_NOCLOSE);
  590. SSL_set_bio(s,bio,bio);
  591. ret=1;
  592. err:
  593. return(ret);
  594. }
  595. int SSL_set_wfd(SSL *s,int fd)
  596. {
  597. int ret=0;
  598. BIO *bio=NULL;
  599. if ((s->rbio == NULL) || (BIO_method_type(s->rbio) != BIO_TYPE_SOCKET)
  600. || ((int)BIO_get_fd(s->rbio,NULL) != fd))
  601. {
  602. bio=BIO_new(BIO_s_socket());
  603. if (bio == NULL)
  604. { SSLerr(SSL_F_SSL_SET_WFD,ERR_R_BUF_LIB); goto err; }
  605. BIO_set_fd(bio,fd,BIO_NOCLOSE);
  606. SSL_set_bio(s,SSL_get_rbio(s),bio);
  607. }
  608. else
  609. SSL_set_bio(s,SSL_get_rbio(s),SSL_get_rbio(s));
  610. ret=1;
  611. err:
  612. return(ret);
  613. }
  614. int SSL_set_rfd(SSL *s,int fd)
  615. {
  616. int ret=0;
  617. BIO *bio=NULL;
  618. if ((s->wbio == NULL) || (BIO_method_type(s->wbio) != BIO_TYPE_SOCKET)
  619. || ((int)BIO_get_fd(s->wbio,NULL) != fd))
  620. {
  621. bio=BIO_new(BIO_s_socket());
  622. if (bio == NULL)
  623. {
  624. SSLerr(SSL_F_SSL_SET_RFD,ERR_R_BUF_LIB);
  625. goto err;
  626. }
  627. BIO_set_fd(bio,fd,BIO_NOCLOSE);
  628. SSL_set_bio(s,bio,SSL_get_wbio(s));
  629. }
  630. else
  631. SSL_set_bio(s,SSL_get_wbio(s),SSL_get_wbio(s));
  632. ret=1;
  633. err:
  634. return(ret);
  635. }
  636. #endif
  637. /* return length of latest Finished message we sent, copy to 'buf' */
  638. size_t SSL_get_finished(const SSL *s, void *buf, size_t count)
  639. {
  640. size_t ret = 0;
  641. if (s->s3 != NULL)
  642. {
  643. ret = s->s3->tmp.finish_md_len;
  644. if (count > ret)
  645. count = ret;
  646. memcpy(buf, s->s3->tmp.finish_md, count);
  647. }
  648. return ret;
  649. }
  650. /* return length of latest Finished message we expected, copy to 'buf' */
  651. size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count)
  652. {
  653. size_t ret = 0;
  654. if (s->s3 != NULL)
  655. {
  656. ret = s->s3->tmp.peer_finish_md_len;
  657. if (count > ret)
  658. count = ret;
  659. memcpy(buf, s->s3->tmp.peer_finish_md, count);
  660. }
  661. return ret;
  662. }
  663. int SSL_get_verify_mode(const SSL *s)
  664. {
  665. return(s->verify_mode);
  666. }
  667. int SSL_get_verify_depth(const SSL *s)
  668. {
  669. return X509_VERIFY_PARAM_get_depth(s->param);
  670. }
  671. int (*SSL_get_verify_callback(const SSL *s))(int,X509_STORE_CTX *)
  672. {
  673. return(s->verify_callback);
  674. }
  675. int SSL_CTX_get_verify_mode(const SSL_CTX *ctx)
  676. {
  677. return(ctx->verify_mode);
  678. }
  679. int SSL_CTX_get_verify_depth(const SSL_CTX *ctx)
  680. {
  681. return X509_VERIFY_PARAM_get_depth(ctx->param);
  682. }
  683. int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))(int,X509_STORE_CTX *)
  684. {
  685. return(ctx->default_verify_callback);
  686. }
  687. void SSL_set_verify(SSL *s,int mode,
  688. int (*callback)(int ok,X509_STORE_CTX *ctx))
  689. {
  690. s->verify_mode=mode;
  691. if (callback != NULL)
  692. s->verify_callback=callback;
  693. }
  694. void SSL_set_verify_depth(SSL *s,int depth)
  695. {
  696. X509_VERIFY_PARAM_set_depth(s->param, depth);
  697. }
  698. void SSL_set_read_ahead(SSL *s,int yes)
  699. {
  700. s->read_ahead=yes;
  701. }
  702. int SSL_get_read_ahead(const SSL *s)
  703. {
  704. return(s->read_ahead);
  705. }
  706. int SSL_pending(const SSL *s)
  707. {
  708. /* SSL_pending cannot work properly if read-ahead is enabled
  709. * (SSL_[CTX_]ctrl(..., SSL_CTRL_SET_READ_AHEAD, 1, NULL)),
  710. * and it is impossible to fix since SSL_pending cannot report
  711. * errors that may be observed while scanning the new data.
  712. * (Note that SSL_pending() is often used as a boolean value,
  713. * so we'd better not return -1.)
  714. */
  715. return(s->method->ssl_pending(s));
  716. }
  717. X509 *SSL_get_peer_certificate(const SSL *s)
  718. {
  719. X509 *r;
  720. if ((s == NULL) || (s->session == NULL))
  721. r=NULL;
  722. else
  723. r=s->session->peer;
  724. if (r == NULL) return(r);
  725. CRYPTO_add(&r->references,1,CRYPTO_LOCK_X509);
  726. return(r);
  727. }
  728. STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *s)
  729. {
  730. STACK_OF(X509) *r;
  731. if ((s == NULL) || (s->session == NULL) || (s->session->sess_cert == NULL))
  732. r=NULL;
  733. else
  734. r=s->session->sess_cert->cert_chain;
  735. /* If we are a client, cert_chain includes the peer's own
  736. * certificate; if we are a server, it does not. */
  737. return(r);
  738. }
  739. /* Now in theory, since the calling process own 't' it should be safe to
  740. * modify. We need to be able to read f without being hassled */
  741. void SSL_copy_session_id(SSL *t,const SSL *f)
  742. {
  743. CERT *tmp;
  744. /* Do we need to to SSL locking? */
  745. SSL_set_session(t,SSL_get_session(f));
  746. /* what if we are setup as SSLv2 but want to talk SSLv3 or
  747. * vice-versa */
  748. if (t->method != f->method)
  749. {
  750. t->method->ssl_free(t); /* cleanup current */
  751. t->method=f->method; /* change method */
  752. t->method->ssl_new(t); /* setup new */
  753. }
  754. tmp=t->cert;
  755. if (f->cert != NULL)
  756. {
  757. CRYPTO_add(&f->cert->references,1,CRYPTO_LOCK_SSL_CERT);
  758. t->cert=f->cert;
  759. }
  760. else
  761. t->cert=NULL;
  762. if (tmp != NULL) ssl_cert_free(tmp);
  763. SSL_set_session_id_context(t,f->sid_ctx,f->sid_ctx_length);
  764. }
  765. /* Fix this so it checks all the valid key/cert options */
  766. int SSL_CTX_check_private_key(const SSL_CTX *ctx)
  767. {
  768. if ( (ctx == NULL) ||
  769. (ctx->cert == NULL) ||
  770. (ctx->cert->key->x509 == NULL))
  771. {
  772. SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,SSL_R_NO_CERTIFICATE_ASSIGNED);
  773. return(0);
  774. }
  775. if (ctx->cert->key->privatekey == NULL)
  776. {
  777. SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,SSL_R_NO_PRIVATE_KEY_ASSIGNED);
  778. return(0);
  779. }
  780. return(X509_check_private_key(ctx->cert->key->x509, ctx->cert->key->privatekey));
  781. }
  782. /* Fix this function so that it takes an optional type parameter */
  783. int SSL_check_private_key(const SSL *ssl)
  784. {
  785. if (ssl == NULL)
  786. {
  787. SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,ERR_R_PASSED_NULL_PARAMETER);
  788. return(0);
  789. }
  790. if (ssl->cert == NULL)
  791. {
  792. SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,SSL_R_NO_CERTIFICATE_ASSIGNED);
  793. return 0;
  794. }
  795. if (ssl->cert->key->x509 == NULL)
  796. {
  797. SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,SSL_R_NO_CERTIFICATE_ASSIGNED);
  798. return(0);
  799. }
  800. if (ssl->cert->key->privatekey == NULL)
  801. {
  802. SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,SSL_R_NO_PRIVATE_KEY_ASSIGNED);
  803. return(0);
  804. }
  805. return(X509_check_private_key(ssl->cert->key->x509,
  806. ssl->cert->key->privatekey));
  807. }
  808. int SSL_accept(SSL *s)
  809. {
  810. if (s->handshake_func == 0)
  811. /* Not properly initialized yet */
  812. SSL_set_accept_state(s);
  813. return(s->method->ssl_accept(s));
  814. }
  815. int SSL_connect(SSL *s)
  816. {
  817. if (s->handshake_func == 0)
  818. /* Not properly initialized yet */
  819. SSL_set_connect_state(s);
  820. return(s->method->ssl_connect(s));
  821. }
  822. long SSL_get_default_timeout(const SSL *s)
  823. {
  824. return(s->method->get_timeout());
  825. }
  826. int SSL_read(SSL *s,void *buf,int num)
  827. {
  828. if (s->handshake_func == 0)
  829. {
  830. SSLerr(SSL_F_SSL_READ, SSL_R_UNINITIALIZED);
  831. return -1;
  832. }
  833. if (s->shutdown & SSL_RECEIVED_SHUTDOWN)
  834. {
  835. s->rwstate=SSL_NOTHING;
  836. return(0);
  837. }
  838. return(s->method->ssl_read(s,buf,num));
  839. }
  840. int SSL_peek(SSL *s,void *buf,int num)
  841. {
  842. if (s->handshake_func == 0)
  843. {
  844. SSLerr(SSL_F_SSL_PEEK, SSL_R_UNINITIALIZED);
  845. return -1;
  846. }
  847. if (s->shutdown & SSL_RECEIVED_SHUTDOWN)
  848. {
  849. return(0);
  850. }
  851. return(s->method->ssl_peek(s,buf,num));
  852. }
  853. int SSL_write(SSL *s,const void *buf,int num)
  854. {
  855. if (s->handshake_func == 0)
  856. {
  857. SSLerr(SSL_F_SSL_WRITE, SSL_R_UNINITIALIZED);
  858. return -1;
  859. }
  860. if (s->shutdown & SSL_SENT_SHUTDOWN)
  861. {
  862. s->rwstate=SSL_NOTHING;
  863. SSLerr(SSL_F_SSL_WRITE,SSL_R_PROTOCOL_IS_SHUTDOWN);
  864. return(-1);
  865. }
  866. return(s->method->ssl_write(s,buf,num));
  867. }
  868. int SSL_shutdown(SSL *s)
  869. {
  870. /* Note that this function behaves differently from what one might
  871. * expect. Return values are 0 for no success (yet),
  872. * 1 for success; but calling it once is usually not enough,
  873. * even if blocking I/O is used (see ssl3_shutdown).
  874. */
  875. if (s->handshake_func == 0)
  876. {
  877. SSLerr(SSL_F_SSL_SHUTDOWN, SSL_R_UNINITIALIZED);
  878. return -1;
  879. }
  880. if ((s != NULL) && !SSL_in_init(s))
  881. return(s->method->ssl_shutdown(s));
  882. else
  883. return(1);
  884. }
  885. int SSL_renegotiate(SSL *s)
  886. {
  887. if (s->renegotiate == 0)
  888. s->renegotiate=1;
  889. s->new_session=1;
  890. return(s->method->ssl_renegotiate(s));
  891. }
  892. int SSL_renegotiate_abbreviated(SSL *s)
  893. {
  894. if (s->renegotiate == 0)
  895. s->renegotiate=1;
  896. s->new_session=0;
  897. return(s->method->ssl_renegotiate(s));
  898. }
  899. int SSL_renegotiate_pending(SSL *s)
  900. {
  901. /* becomes true when negotiation is requested;
  902. * false again once a handshake has finished */
  903. return (s->renegotiate != 0);
  904. }
  905. long SSL_ctrl(SSL *s,int cmd,long larg,void *parg)
  906. {
  907. long l;
  908. switch (cmd)
  909. {
  910. case SSL_CTRL_GET_READ_AHEAD:
  911. return(s->read_ahead);
  912. case SSL_CTRL_SET_READ_AHEAD:
  913. l=s->read_ahead;
  914. s->read_ahead=larg;
  915. return(l);
  916. case SSL_CTRL_SET_MSG_CALLBACK_ARG:
  917. s->msg_callback_arg = parg;
  918. return 1;
  919. case SSL_CTRL_OPTIONS:
  920. return(s->options|=larg);
  921. case SSL_CTRL_CLEAR_OPTIONS:
  922. return(s->options&=~larg);
  923. case SSL_CTRL_MODE:
  924. return(s->mode|=larg);
  925. case SSL_CTRL_CLEAR_MODE:
  926. return(s->mode &=~larg);
  927. case SSL_CTRL_GET_MAX_CERT_LIST:
  928. return(s->max_cert_list);
  929. case SSL_CTRL_SET_MAX_CERT_LIST:
  930. l=s->max_cert_list;
  931. s->max_cert_list=larg;
  932. return(l);
  933. case SSL_CTRL_SET_MTU:
  934. if (larg < (long)dtls1_min_mtu())
  935. return 0;
  936. if (SSL_version(s) == DTLS1_VERSION ||
  937. SSL_version(s) == DTLS1_BAD_VER)
  938. {
  939. s->d1->mtu = larg;
  940. return larg;
  941. }
  942. return 0;
  943. case SSL_CTRL_SET_MAX_SEND_FRAGMENT:
  944. if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH)
  945. return 0;
  946. s->max_send_fragment = larg;
  947. return 1;
  948. case SSL_CTRL_GET_RI_SUPPORT:
  949. if (s->s3)
  950. return s->s3->send_connection_binding;
  951. else return 0;
  952. default:
  953. return(s->method->ssl_ctrl(s,cmd,larg,parg));
  954. }
  955. }
  956. long SSL_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
  957. {
  958. switch(cmd)
  959. {
  960. case SSL_CTRL_SET_MSG_CALLBACK:
  961. s->msg_callback = (void (*)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg))(fp);
  962. return 1;
  963. default:
  964. return(s->method->ssl_callback_ctrl(s,cmd,fp));
  965. }
  966. }
  967. LHASH_OF(SSL_SESSION) *SSL_CTX_sessions(SSL_CTX *ctx)
  968. {
  969. return ctx->sessions;
  970. }
  971. long SSL_CTX_ctrl(SSL_CTX *ctx,int cmd,long larg,void *parg)
  972. {
  973. long l;
  974. switch (cmd)
  975. {
  976. case SSL_CTRL_GET_READ_AHEAD:
  977. return(ctx->read_ahead);
  978. case SSL_CTRL_SET_READ_AHEAD:
  979. l=ctx->read_ahead;
  980. ctx->read_ahead=larg;
  981. return(l);
  982. case SSL_CTRL_SET_MSG_CALLBACK_ARG:
  983. ctx->msg_callback_arg = parg;
  984. return 1;
  985. case SSL_CTRL_GET_MAX_CERT_LIST:
  986. return(ctx->max_cert_list);
  987. case SSL_CTRL_SET_MAX_CERT_LIST:
  988. l=ctx->max_cert_list;
  989. ctx->max_cert_list=larg;
  990. return(l);
  991. case SSL_CTRL_SET_SESS_CACHE_SIZE:
  992. l=ctx->session_cache_size;
  993. ctx->session_cache_size=larg;
  994. return(l);
  995. case SSL_CTRL_GET_SESS_CACHE_SIZE:
  996. return(ctx->session_cache_size);
  997. case SSL_CTRL_SET_SESS_CACHE_MODE:
  998. l=ctx->session_cache_mode;
  999. ctx->session_cache_mode=larg;
  1000. return(l);
  1001. case SSL_CTRL_GET_SESS_CACHE_MODE:
  1002. return(ctx->session_cache_mode);
  1003. case SSL_CTRL_SESS_NUMBER:
  1004. return(lh_SSL_SESSION_num_items(ctx->sessions));
  1005. case SSL_CTRL_SESS_CONNECT:
  1006. return(ctx->stats.sess_connect);
  1007. case SSL_CTRL_SESS_CONNECT_GOOD:
  1008. return(ctx->stats.sess_connect_good);
  1009. case SSL_CTRL_SESS_CONNECT_RENEGOTIATE:
  1010. return(ctx->stats.sess_connect_renegotiate);
  1011. case SSL_CTRL_SESS_ACCEPT:
  1012. return(ctx->stats.sess_accept);
  1013. case SSL_CTRL_SESS_ACCEPT_GOOD:
  1014. return(ctx->stats.sess_accept_good);
  1015. case SSL_CTRL_SESS_ACCEPT_RENEGOTIATE:
  1016. return(ctx->stats.sess_accept_renegotiate);
  1017. case SSL_CTRL_SESS_HIT:
  1018. return(ctx->stats.sess_hit);
  1019. case SSL_CTRL_SESS_CB_HIT:
  1020. return(ctx->stats.sess_cb_hit);
  1021. case SSL_CTRL_SESS_MISSES:
  1022. return(ctx->stats.sess_miss);
  1023. case SSL_CTRL_SESS_TIMEOUTS:
  1024. return(ctx->stats.sess_timeout);
  1025. case SSL_CTRL_SESS_CACHE_FULL:
  1026. return(ctx->stats.sess_cache_full);
  1027. case SSL_CTRL_OPTIONS:
  1028. return(ctx->options|=larg);
  1029. case SSL_CTRL_CLEAR_OPTIONS:
  1030. return(ctx->options&=~larg);
  1031. case SSL_CTRL_MODE:
  1032. return(ctx->mode|=larg);
  1033. case SSL_CTRL_CLEAR_MODE:
  1034. return(ctx->mode&=~larg);
  1035. case SSL_CTRL_SET_MAX_SEND_FRAGMENT:
  1036. if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH)
  1037. return 0;
  1038. ctx->max_send_fragment = larg;
  1039. return 1;
  1040. default:
  1041. return(ctx->method->ssl_ctx_ctrl(ctx,cmd,larg,parg));
  1042. }
  1043. }
  1044. long SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
  1045. {
  1046. switch(cmd)
  1047. {
  1048. case SSL_CTRL_SET_MSG_CALLBACK:
  1049. ctx->msg_callback = (void (*)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg))(fp);
  1050. return 1;
  1051. default:
  1052. return(ctx->method->ssl_ctx_callback_ctrl(ctx,cmd,fp));
  1053. }
  1054. }
  1055. int ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b)
  1056. {
  1057. long l;
  1058. l=a->id-b->id;
  1059. if (l == 0L)
  1060. return(0);
  1061. else
  1062. return((l > 0)?1:-1);
  1063. }
  1064. int ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap,
  1065. const SSL_CIPHER * const *bp)
  1066. {
  1067. long l;
  1068. l=(*ap)->id-(*bp)->id;
  1069. if (l == 0L)
  1070. return(0);
  1071. else
  1072. return((l > 0)?1:-1);
  1073. }
  1074. /** return a STACK of the ciphers available for the SSL and in order of
  1075. * preference */
  1076. STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s)
  1077. {
  1078. if (s != NULL)
  1079. {
  1080. if (s->cipher_list != NULL)
  1081. {
  1082. return(s->cipher_list);
  1083. }
  1084. else if ((s->ctx != NULL) &&
  1085. (s->ctx->cipher_list != NULL))
  1086. {
  1087. return(s->ctx->cipher_list);
  1088. }
  1089. }
  1090. return(NULL);
  1091. }
  1092. /** return a STACK of the ciphers available for the SSL and in order of
  1093. * algorithm id */
  1094. STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s)
  1095. {
  1096. if (s != NULL)
  1097. {
  1098. if (s->cipher_list_by_id != NULL)
  1099. {
  1100. return(s->cipher_list_by_id);
  1101. }
  1102. else if ((s->ctx != NULL) &&
  1103. (s->ctx->cipher_list_by_id != NULL))
  1104. {
  1105. return(s->ctx->cipher_list_by_id);
  1106. }
  1107. }
  1108. return(NULL);
  1109. }
  1110. /** The old interface to get the same thing as SSL_get_ciphers() */
  1111. const char *SSL_get_cipher_list(const SSL *s,int n)
  1112. {
  1113. SSL_CIPHER *c;
  1114. STACK_OF(SSL_CIPHER) *sk;
  1115. if (s == NULL) return(NULL);
  1116. sk=SSL_get_ciphers(s);
  1117. if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= n))
  1118. return(NULL);
  1119. c=sk_SSL_CIPHER_value(sk,n);
  1120. if (c == NULL) return(NULL);
  1121. return(c->name);
  1122. }
  1123. /** specify the ciphers to be used by default by the SSL_CTX */
  1124. int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str)
  1125. {
  1126. STACK_OF(SSL_CIPHER) *sk;
  1127. sk=ssl_create_cipher_list(ctx->method,&ctx->cipher_list,
  1128. &ctx->cipher_list_by_id,str);
  1129. /* ssl_create_cipher_list may return an empty stack if it
  1130. * was unable to find a cipher matching the given rule string
  1131. * (for example if the rule string specifies a cipher which
  1132. * has been disabled). This is not an error as far as
  1133. * ssl_create_cipher_list is concerned, and hence
  1134. * ctx->cipher_list and ctx->cipher_list_by_id has been
  1135. * updated. */
  1136. if (sk == NULL)
  1137. return 0;
  1138. else if (sk_SSL_CIPHER_num(sk) == 0)
  1139. {
  1140. SSLerr(SSL_F_SSL_CTX_SET_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH);
  1141. return 0;
  1142. }
  1143. return 1;
  1144. }
  1145. /** specify the ciphers to be used by the SSL */
  1146. int SSL_set_cipher_list(SSL *s,const char *str)
  1147. {
  1148. STACK_OF(SSL_CIPHER) *sk;
  1149. sk=ssl_create_cipher_list(s->ctx->method,&s->cipher_list,
  1150. &s->cipher_list_by_id,str);
  1151. /* see comment in SSL_CTX_set_cipher_list */
  1152. if (sk == NULL)
  1153. return 0;
  1154. else if (sk_SSL_CIPHER_num(sk) == 0)
  1155. {
  1156. SSLerr(SSL_F_SSL_SET_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH);
  1157. return 0;
  1158. }
  1159. return 1;
  1160. }
  1161. /* works well for SSLv2, not so good for SSLv3 */
  1162. char *SSL_get_shared_ciphers(const SSL *s,char *buf,int len)
  1163. {
  1164. char *p;
  1165. STACK_OF(SSL_CIPHER) *sk;
  1166. SSL_CIPHER *c;
  1167. int i;
  1168. if ((s->session == NULL) || (s->session->ciphers == NULL) ||
  1169. (len < 2))
  1170. return(NULL);
  1171. p=buf;
  1172. sk=s->session->ciphers;
  1173. for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
  1174. {
  1175. int n;
  1176. c=sk_SSL_CIPHER_value(sk,i);
  1177. n=strlen(c->name);
  1178. if (n+1 > len)
  1179. {
  1180. if (p != buf)
  1181. --p;
  1182. *p='\0';
  1183. return buf;
  1184. }
  1185. strcpy(p,c->name);
  1186. p+=n;
  1187. *(p++)=':';
  1188. len-=n+1;
  1189. }
  1190. p[-1]='\0';
  1191. return(buf);
  1192. }
  1193. int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p,
  1194. int (*put_cb)(const SSL_CIPHER *, unsigned char *))
  1195. {
  1196. int i,j=0;
  1197. SSL_CIPHER *c;
  1198. unsigned char *q;
  1199. #ifndef OPENSSL_NO_KRB5
  1200. int nokrb5 = !kssl_tgt_is_available(s->kssl_ctx);
  1201. #endif /* OPENSSL_NO_KRB5 */
  1202. if (sk == NULL) return(0);
  1203. q=p;
  1204. for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
  1205. {
  1206. c=sk_SSL_CIPHER_value(sk,i);
  1207. /* Skip TLS v1.2 only ciphersuites if lower than v1.2 */
  1208. if ((c->algorithm_ssl & SSL_TLSV1_2) &&
  1209. (TLS1_get_client_version(s) < TLS1_2_VERSION))
  1210. continue;
  1211. #ifndef OPENSSL_NO_KRB5
  1212. if (((c->algorithm_mkey & SSL_kKRB5) || (c->algorithm_auth & SSL_aKRB5)) &&
  1213. nokrb5)
  1214. continue;
  1215. #endif /* OPENSSL_NO_KRB5 */
  1216. #ifndef OPENSSL_NO_PSK
  1217. /* with PSK there must be client callback set */
  1218. if (((c->algorithm_mkey & SSL_kPSK) || (c->algorithm_auth & SSL_aPSK)) &&
  1219. s->psk_client_callback == NULL)
  1220. continue;
  1221. #endif /* OPENSSL_NO_PSK */
  1222. j = put_cb ? put_cb(c,p) : ssl_put_cipher_by_char(s,c,p);
  1223. p+=j;
  1224. }
  1225. /* If p == q, no ciphers and caller indicates an error. Otherwise
  1226. * add SCSV if not renegotiating.
  1227. */
  1228. if (p != q && !s->renegotiate)
  1229. {
  1230. static SSL_CIPHER scsv =
  1231. {
  1232. 0, NULL, SSL3_CK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0
  1233. };
  1234. j = put_cb ? put_cb(&scsv,p) : ssl_put_cipher_by_char(s,&scsv,p);
  1235. p+=j;
  1236. #ifdef OPENSSL_RI_DEBUG
  1237. fprintf(stderr, "SCSV sent by client\n");
  1238. #endif
  1239. }
  1240. return(p-q);
  1241. }
  1242. STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num,
  1243. STACK_OF(SSL_CIPHER) **skp)
  1244. {
  1245. const SSL_CIPHER *c;
  1246. STACK_OF(SSL_CIPHER) *sk;
  1247. int i,n;
  1248. if (s->s3)
  1249. s->s3->send_connection_binding = 0;
  1250. n=ssl_put_cipher_by_char(s,NULL,NULL);
  1251. if ((num%n) != 0)
  1252. {
  1253. SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
  1254. return(NULL);
  1255. }
  1256. if ((skp == NULL) || (*skp == NULL))
  1257. sk=sk_SSL_CIPHER_new_null(); /* change perhaps later */
  1258. else
  1259. {
  1260. sk= *skp;
  1261. sk_SSL_CIPHER_zero(sk);
  1262. }
  1263. for (i=0; i<num; i+=n)
  1264. {
  1265. /* Check for SCSV */
  1266. if (s->s3 && (n != 3 || !p[0]) &&
  1267. (p[n-2] == ((SSL3_CK_SCSV >> 8) & 0xff)) &&
  1268. (p[n-1] == (SSL3_CK_SCSV & 0xff)))
  1269. {
  1270. /* SCSV fatal if renegotiating */
  1271. if (s->renegotiate)
  1272. {
  1273. SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING);
  1274. ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
  1275. goto err;
  1276. }
  1277. s->s3->send_connection_binding = 1;
  1278. p += n;
  1279. #ifdef OPENSSL_RI_DEBUG
  1280. fprintf(stderr, "SCSV received by server\n");
  1281. #endif
  1282. continue;
  1283. }
  1284. c=ssl_get_cipher_by_char(s,p);
  1285. p+=n;
  1286. if (c != NULL)
  1287. {
  1288. if (!sk_SSL_CIPHER_push(sk,c))
  1289. {
  1290. SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,ERR_R_MALLOC_FAILURE);
  1291. goto err;
  1292. }
  1293. }
  1294. }
  1295. if (skp != NULL)
  1296. *skp=sk;
  1297. return(sk);
  1298. err:
  1299. if ((skp == NULL) || (*skp == NULL))
  1300. sk_SSL_CIPHER_free(sk);
  1301. return(NULL);
  1302. }
  1303. #ifndef OPENSSL_NO_TLSEXT
  1304. /** return a servername extension value if provided in Client Hello, or NULL.
  1305. * So far, only host_name types are defined (RFC 3546).
  1306. */
  1307. const char *SSL_get_servername(const SSL *s, const int type)
  1308. {
  1309. if (type != TLSEXT_NAMETYPE_host_name)
  1310. return NULL;
  1311. return s->session && !s->tlsext_hostname ?
  1312. s->session->tlsext_hostname :
  1313. s->tlsext_hostname;
  1314. }
  1315. int SSL_get_servername_type(const SSL *s)
  1316. {
  1317. if (s->session && (!s->tlsext_hostname ? s->session->tlsext_hostname : s->tlsext_hostname))
  1318. return TLSEXT_NAMETYPE_host_name;
  1319. return -1;
  1320. }
  1321. # ifndef OPENSSL_NO_NEXTPROTONEG
  1322. /* SSL_select_next_proto implements the standard protocol selection. It is
  1323. * expected that this function is called from the callback set by
  1324. * SSL_CTX_set_next_proto_select_cb.
  1325. *
  1326. * The protocol data is assumed to be a vector of 8-bit, length prefixed byte
  1327. * strings. The length byte itself is not included in the length. A byte
  1328. * string of length 0 is invalid. No byte string may be truncated.
  1329. *
  1330. * The current, but experimental algorithm for selecting the protocol is:
  1331. *
  1332. * 1) If the server doesn't support NPN then this is indicated to the
  1333. * callback. In this case, the client application has to abort the connection
  1334. * or have a default application level protocol.
  1335. *
  1336. * 2) If the server supports NPN, but advertises an empty list then the
  1337. * client selects the first protcol in its list, but indicates via the
  1338. * API that this fallback case was enacted.
  1339. *
  1340. * 3) Otherwise, the client finds the first protocol in the server's list
  1341. * that it supports and selects this protocol. This is because it's
  1342. * assumed that the server has better information about which protocol
  1343. * a client should use.
  1344. *
  1345. * 4) If the client doesn't support any of the server's advertised
  1346. * protocols, then this is treated the same as case 2.
  1347. *
  1348. * It returns either
  1349. * OPENSSL_NPN_NEGOTIATED if a common protocol was found, or
  1350. * OPENSSL_NPN_NO_OVERLAP if the fallback case was reached.
  1351. */
  1352. int SSL_select_next_proto(unsigned char **out, unsigned char *outlen, const unsigned char *server, unsigned int server_len, const unsigned char *client, unsigned int client_len)
  1353. {
  1354. unsigned int i, j;
  1355. const unsigned char *result;
  1356. int status = OPENSSL_NPN_UNSUPPORTED;
  1357. /* For each protocol in server preference order, see if we support it. */
  1358. for (i = 0; i < server_len; )
  1359. {
  1360. for (j = 0; j < client_len; )
  1361. {
  1362. if (server[i] == client[j] &&
  1363. memcmp(&server[i+1], &client[j+1], server[i]) == 0)
  1364. {
  1365. /* We found a match */
  1366. result = &server[i];
  1367. status = OPENSSL_NPN_NEGOTIATED;
  1368. goto found;
  1369. }
  1370. j += client[j];
  1371. j++;
  1372. }
  1373. i += server[i];
  1374. i++;
  1375. }
  1376. /* There's no overlap between our protocols and the server's list. */
  1377. result = client;
  1378. status = OPENSSL_NPN_NO_OVERLAP;
  1379. found:
  1380. *out = (unsigned char *) result + 1;
  1381. *outlen = result[0];
  1382. return status;
  1383. }
  1384. /* SSL_get0_next_proto_negotiated sets *data and *len to point to the client's
  1385. * requested protocol for this connection and returns 0. If the client didn't
  1386. * request any protocol, then *data is set to NULL.
  1387. *
  1388. * Note that the client can request any protocol it chooses. The value returned
  1389. * from this function need not be a member of the list of supported protocols
  1390. * provided by the callback.
  1391. */
  1392. void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data, unsigned *len)
  1393. {
  1394. *data = s->next_proto_negotiated;
  1395. if (!*data) {
  1396. *len = 0;
  1397. } else {
  1398. *len = s->next_proto_negotiated_len;
  1399. }
  1400. }
  1401. /* SSL_CTX_set_next_protos_advertised_cb sets a callback that is called when a
  1402. * TLS server needs a list of supported protocols for Next Protocol
  1403. * Negotiation. The returned list must be in wire format. The list is returned
  1404. * by setting |out| to point to it and |outlen| to its length. This memory will
  1405. * not be modified, but one should assume that the SSL* keeps a reference to
  1406. * it.
  1407. *
  1408. * The callback should return SSL_TLSEXT_ERR_OK if it wishes to advertise. Otherwise, no
  1409. * such extension will be included in the ServerHello. */
  1410. void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *ctx, int (*cb) (SSL *ssl, const unsigned char **out, unsigned int *outlen, void *arg), void *arg)
  1411. {
  1412. ctx->next_protos_advertised_cb = cb;
  1413. ctx->next_protos_advertised_cb_arg = arg;
  1414. }
  1415. /* SSL_CTX_set_next_proto_select_cb sets a callback that is called when a
  1416. * client needs to select a protocol from the server's provided list. |out|
  1417. * must be set to point to the selected protocol (which may be within |in|).
  1418. * The length of the protocol name must be written into |outlen|. The server's
  1419. * advertised protocols are provided in |in| and |inlen|. The callback can
  1420. * assume that |in| is syntactically valid.
  1421. *
  1422. * The client must select a protocol. It is fatal to the connection if this
  1423. * callback returns a value other than SSL_TLSEXT_ERR_OK.
  1424. */
  1425. void SSL_CTX_set_next_proto_select_cb(SSL_CTX *ctx, int (*cb) (SSL *s, unsigned char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen, void *arg), void *arg)
  1426. {
  1427. ctx->next_proto_select_cb = cb;
  1428. ctx->next_proto_select_cb_arg = arg;
  1429. }
  1430. # endif
  1431. #endif
  1432. static unsigned long ssl_session_hash(const SSL_SESSION *a)
  1433. {
  1434. unsigned long l;
  1435. l=(unsigned long)
  1436. ((unsigned int) a->session_id[0] )|
  1437. ((unsigned int) a->session_id[1]<< 8L)|
  1438. ((unsigned long)a->session_id[2]<<16L)|
  1439. ((unsigned long)a->session_id[3]<<24L);
  1440. return(l);
  1441. }
  1442. /* NB: If this function (or indeed the hash function which uses a sort of
  1443. * coarser function than this one) is changed, ensure
  1444. * SSL_CTX_has_matching_session_id() is checked accordingly. It relies on being
  1445. * able to construct an SSL_SESSION that will collide with any existing session
  1446. * with a matching session ID. */
  1447. static int ssl_session_cmp(const SSL_SESSION *a,const SSL_SESSION *b)
  1448. {
  1449. if (a->ssl_version != b->ssl_version)
  1450. return(1);
  1451. if (a->session_id_length != b->session_id_length)
  1452. return(1);
  1453. return(memcmp(a->session_id,b->session_id,a->session_id_length));
  1454. }
  1455. /* These wrapper functions should remain rather than redeclaring
  1456. * SSL_SESSION_hash and SSL_SESSION_cmp for void* types and casting each
  1457. * variable. The reason is that the functions aren't static, they're exposed via
  1458. * ssl.h. */
  1459. static IMPLEMENT_LHASH_HASH_FN(ssl_session, SSL_SESSION)
  1460. static IMPLEMENT_LHASH_COMP_FN(ssl_session, SSL_SESSION)
  1461. SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
  1462. {
  1463. SSL_CTX *ret=NULL;
  1464. if (meth == NULL)
  1465. {
  1466. SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_NULL_SSL_METHOD_PASSED);
  1467. return(NULL);
  1468. }
  1469. #ifdef OPENSSL_FIPS
  1470. if (FIPS_mode() && (meth->version < TLS1_VERSION))
  1471. {
  1472. SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
  1473. return NULL;
  1474. }
  1475. #endif
  1476. if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0)
  1477. {
  1478. SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_X509_VERIFICATION_SETUP_PROBLEMS);
  1479. goto err;
  1480. }
  1481. ret=(SSL_CTX *)OPENSSL_malloc(sizeof(SSL_CTX));
  1482. if (ret == NULL)
  1483. goto err;
  1484. memset(ret,0,sizeof(SSL_CTX));
  1485. ret->method=meth;
  1486. ret->cert_store=NULL;
  1487. ret->session_cache_mode=SSL_SESS_CACHE_SERVER;
  1488. ret->session_cache_size=SSL_SESSION_CACHE_MAX_SIZE_DEFAULT;
  1489. ret->session_cache_head=NULL;
  1490. ret->session_cache_tail=NULL;
  1491. /* We take the system default */
  1492. ret->session_timeout=meth->get_timeout();
  1493. ret->new_session_cb=0;
  1494. ret->remove_session_cb=0;
  1495. ret->get_session_cb=0;
  1496. ret->generate_session_id=0;
  1497. memset((char *)&ret->stats,0,sizeof(ret->stats));
  1498. ret->references=1;
  1499. ret->quiet_shutdown=0;
  1500. /* ret->cipher=NULL;*/
  1501. /* ret->s2->challenge=NULL;
  1502. ret->master_key=NULL;
  1503. ret->key_arg=NULL;
  1504. ret->s2->conn_id=NULL; */
  1505. ret->info_callback=NULL;
  1506. ret->app_verify_callback=0;
  1507. ret->app_verify_arg=NULL;
  1508. ret->max_cert_list=SSL_MAX_CERT_LIST_DEFAULT;
  1509. ret->read_ahead=0;
  1510. ret->msg_callback=0;
  1511. ret->msg_callback_arg=NULL;
  1512. ret->verify_mode=SSL_VERIFY_NONE;
  1513. #if 0
  1514. ret->verify_depth=-1; /* Don't impose a limit (but x509_lu.c does) */
  1515. #endif
  1516. ret->sid_ctx_length=0;
  1517. ret->default_verify_callback=NULL;
  1518. if ((ret->cert=ssl_cert_new()) == NULL)
  1519. goto err;
  1520. ret->default_passwd_callback=0;
  1521. ret->default_passwd_callback_userdata=NULL;
  1522. ret->client_cert_cb=0;
  1523. ret->app_gen_cookie_cb=0;
  1524. ret->app_verify_cookie_cb=0;
  1525. ret->sessions=lh_SSL_SESSION_new();
  1526. if (ret->sessions == NULL) goto err;
  1527. ret->cert_store=X509_STORE_new();
  1528. if (ret->cert_store == NULL) goto err;
  1529. ssl_create_cipher_list(ret->method,
  1530. &ret->cipher_list,&ret->cipher_list_by_id,
  1531. meth->version == SSL2_VERSION ? "SSLv2" : SSL_DEFAULT_CIPHER_LIST);
  1532. if (ret->cipher_list == NULL
  1533. || sk_SSL_CIPHER_num(ret->cipher_list) <= 0)
  1534. {
  1535. SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_LIBRARY_HAS_NO_CIPHERS);
  1536. goto err2;
  1537. }
  1538. ret->param = X509_VERIFY_PARAM_new();
  1539. if (!ret->param)
  1540. goto err;
  1541. if ((ret->rsa_md5=EVP_get_digestbyname("ssl2-md5")) == NULL)
  1542. {
  1543. SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES);
  1544. goto err2;
  1545. }
  1546. if ((ret->md5=EVP_get_digestbyname("ssl3-md5")) == NULL)
  1547. {
  1548. SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES);
  1549. goto err2;
  1550. }
  1551. if ((ret->sha1=EVP_get_digestbyname("ssl3-sha1")) == NULL)
  1552. {
  1553. SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES);
  1554. goto err2;
  1555. }
  1556. if ((ret->client_CA=sk_X509_NAME_new_null()) == NULL)
  1557. goto err;
  1558. CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ret, &ret->ex_data);
  1559. ret->extra_certs=NULL;
  1560. ret->comp_methods=SSL_COMP_get_compression_methods();
  1561. ret->max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH;
  1562. #ifndef OPENSSL_NO_TLSEXT
  1563. ret->tlsext_servername_callback = 0;
  1564. ret->tlsext_servername_arg = NULL;
  1565. /* Setup RFC4507 ticket keys */
  1566. if ((RAND_pseudo_bytes(ret->tlsext_tick_key_name, 16) <= 0)
  1567. || (RAND_bytes(ret->tlsext_tick_hmac_key, 16) <= 0)
  1568. || (RAND_bytes(ret->tlsext_tick_aes_key, 16) <= 0))
  1569. ret->options |= SSL_OP_NO_TICKET;
  1570. ret->tlsext_status_cb = 0;
  1571. ret->tlsext_status_arg = NULL;
  1572. # ifndef OPENSSL_NO_NEXTPROTONEG
  1573. ret->next_protos_advertised_cb = 0;
  1574. ret->next_proto_select_cb = 0;
  1575. # endif
  1576. #endif
  1577. #ifndef OPENSSL_NO_PSK
  1578. ret->psk_identity_hint=NULL;
  1579. ret->psk_client_callback=NULL;
  1580. ret->psk_server_callback=NULL;
  1581. #endif
  1582. #ifndef OPENSSL_NO_SRP
  1583. SSL_CTX_SRP_CTX_init(ret);
  1584. #endif
  1585. #ifndef OPENSSL_NO_BUF_FREELISTS
  1586. ret->freelist_max_len = SSL_MAX_BUF_FREELIST_LEN_DEFAULT;
  1587. ret->rbuf_freelist = OPENSSL_malloc(sizeof(SSL3_BUF_FREELIST));
  1588. if (!ret->rbuf_freelist)
  1589. goto err;
  1590. ret->rbuf_freelist->chunklen = 0;
  1591. ret->rbuf_freelist->len = 0;
  1592. ret->rbuf_freelist->head = NULL;
  1593. ret->wbuf_freelist = OPENSSL_malloc(sizeof(SSL3_BUF_FREELIST));
  1594. if (!ret->wbuf_freelist)
  1595. {
  1596. OPENSSL_free(ret->rbuf_freelist);
  1597. goto err;
  1598. }
  1599. ret->wbuf_freelist->chunklen = 0;
  1600. ret->wbuf_freelist->len = 0;
  1601. ret->wbuf_freelist->head = NULL;
  1602. #endif
  1603. #ifndef OPENSSL_NO_ENGINE
  1604. ret->client_cert_engine = NULL;
  1605. #ifdef OPENSSL_SSL_CLIENT_ENGINE_AUTO
  1606. #define eng_strx(x) #x
  1607. #define eng_str(x) eng_strx(x)
  1608. /* Use specific client engine automatically... ignore errors */
  1609. {
  1610. ENGINE *eng;
  1611. eng = ENGINE_by_id(eng_str(OPENSSL_SSL_CLIENT_ENGINE_AUTO));
  1612. if (!eng)
  1613. {
  1614. ERR_clear_error();
  1615. ENGINE_load_builtin_engines();
  1616. eng = ENGINE_by_id(eng_str(OPENSSL_SSL_CLIENT_ENGINE_AUTO));
  1617. }
  1618. if (!eng || !SSL_CTX_set_client_cert_engine(ret, eng))
  1619. ERR_clear_error();
  1620. }
  1621. #endif
  1622. #endif
  1623. /* Default is to connect to non-RI servers. When RI is more widely
  1624. * deployed might change this.
  1625. */
  1626. ret->options |= SSL_OP_LEGACY_SERVER_CONNECT;
  1627. /* Disable TLS v1.2 by default for now */
  1628. ret->options |= SSL_OP_NO_TLSv1_2;
  1629. return(ret);
  1630. err:
  1631. SSLerr(SSL_F_SSL_CTX_NEW,ERR_R_MALLOC_FAILURE);
  1632. err2:
  1633. if (ret != NULL) SSL_CTX_free(ret);
  1634. return(NULL);
  1635. }
  1636. #if 0
  1637. static void SSL_COMP_free(SSL_COMP *comp)
  1638. { OPENSSL_free(comp); }
  1639. #endif
  1640. #ifndef OPENSSL_NO_BUF_FREELISTS
  1641. static void
  1642. ssl_buf_freelist_free(SSL3_BUF_FREELIST *list)
  1643. {
  1644. SSL3_BUF_FREELIST_ENTRY *ent, *next;
  1645. for (ent = list->head; ent; ent = next)
  1646. {
  1647. next = ent->next;
  1648. OPENSSL_free(ent);
  1649. }
  1650. OPENSSL_free(list);
  1651. }
  1652. #endif
  1653. void SSL_CTX_free(SSL_CTX *a)
  1654. {
  1655. int i;
  1656. if (a == NULL) return;
  1657. i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_SSL_CTX);
  1658. #ifdef REF_PRINT
  1659. REF_PRINT("SSL_CTX",a);
  1660. #endif
  1661. if (i > 0) return;
  1662. #ifdef REF_CHECK
  1663. if (i < 0)
  1664. {
  1665. fprintf(stderr,"SSL_CTX_free, bad reference count\n");
  1666. abort(); /* ok */
  1667. }
  1668. #endif
  1669. if (a->param)
  1670. X509_VERIFY_PARAM_free(a->param);
  1671. /*
  1672. * Free internal session cache. However: the remove_cb() may reference
  1673. * the ex_data of SSL_CTX, thus the ex_data store can only be removed
  1674. * after the sessions were flushed.
  1675. * As the ex_data handling routines might also touch the session cache,
  1676. * the most secure solution seems to be: empty (flush) the cache, then
  1677. * free ex_data, then finally free the cache.
  1678. * (See ticket [openssl.org #212].)
  1679. */
  1680. if (a->sessions != NULL)
  1681. SSL_CTX_flush_sessions(a,0);
  1682. CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_CTX, a, &a->ex_data);
  1683. if (a->sessions != NULL)
  1684. lh_SSL_SESSION_free(a->sessions);
  1685. if (a->cert_store != NULL)
  1686. X509_STORE_free(a->cert_store);
  1687. if (a->cipher_list != NULL)
  1688. sk_SSL_CIPHER_free(a->cipher_list);
  1689. if (a->cipher_list_by_id != NULL)
  1690. sk_SSL_CIPHER_free(a->cipher_list_by_id);
  1691. if (a->cert != NULL)
  1692. ssl_cert_free(a->cert);
  1693. if (a->client_CA != NULL)
  1694. sk_X509_NAME_pop_free(a->client_CA,X509_NAME_free);
  1695. if (a->extra_certs != NULL)
  1696. sk_X509_pop_free(a->extra_certs,X509_free);
  1697. #if 0 /* This should never be done, since it removes a global database */
  1698. if (a->comp_methods != NULL)
  1699. sk_SSL_COMP_pop_free(a->comp_methods,SSL_COMP_free);
  1700. #else
  1701. a->comp_methods = NULL;
  1702. #endif
  1703. #ifndef OPENSSL_NO_PSK
  1704. if (a->psk_identity_hint)
  1705. OPENSSL_free(a->psk_identity_hint);
  1706. #endif
  1707. #ifndef OPENSSL_NO_SRP
  1708. SSL_CTX_SRP_CTX_free(a);
  1709. #endif
  1710. #ifndef OPENSSL_NO_ENGINE
  1711. if (a->client_cert_engine)
  1712. ENGINE_finish(a->client_cert_engine);
  1713. #endif
  1714. #ifndef OPENSSL_NO_BUF_FREELISTS
  1715. if (a->wbuf_freelist)
  1716. ssl_buf_freelist_free(a->wbuf_freelist);
  1717. if (a->rbuf_freelist)
  1718. ssl_buf_freelist_free(a->rbuf_freelist);
  1719. #endif
  1720. OPENSSL_free(a);
  1721. }
  1722. void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb)
  1723. {
  1724. ctx->default_passwd_callback=cb;
  1725. }
  1726. void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx,void *u)
  1727. {
  1728. ctx->default_passwd_callback_userdata=u;
  1729. }
  1730. void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, int (*cb)(X509_STORE_CTX *,void *), void *arg)
  1731. {
  1732. ctx->app_verify_callback=cb;
  1733. ctx->app_verify_arg=arg;
  1734. }
  1735. void SSL_CTX_set_verify(SSL_CTX *ctx,int mode,int (*cb)(int, X509_STORE_CTX *))
  1736. {
  1737. ctx->verify_mode=mode;
  1738. ctx->default_verify_callback=cb;
  1739. }
  1740. void SSL_CTX_set_verify_depth(SSL_CTX *ctx,int depth)
  1741. {
  1742. X509_VERIFY_PARAM_set_depth(ctx->param, depth);
  1743. }
  1744. void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
  1745. {
  1746. CERT_PKEY *cpk;
  1747. int rsa_enc,rsa_tmp,rsa_sign,dh_tmp,dh_rsa,dh_dsa,dsa_sign;
  1748. int rsa_enc_export,dh_rsa_export,dh_dsa_export;
  1749. int rsa_tmp_export,dh_tmp_export,kl;
  1750. unsigned long mask_k,mask_a,emask_k,emask_a;
  1751. int have_ecc_cert, ecdh_ok, ecdsa_ok, ecc_pkey_size;
  1752. #ifndef OPENSSL_NO_ECDH
  1753. int have_ecdh_tmp;
  1754. #endif
  1755. X509 *x = NULL;
  1756. EVP_PKEY *ecc_pkey = NULL;
  1757. int signature_nid = 0, pk_nid = 0, md_nid = 0;
  1758. if (c == NULL) return;
  1759. kl=SSL_C_EXPORT_PKEYLENGTH(cipher);
  1760. #ifndef OPENSSL_NO_RSA
  1761. rsa_tmp=(c->rsa_tmp != NULL || c->rsa_tmp_cb != NULL);
  1762. rsa_tmp_export=(c->rsa_tmp_cb != NULL ||
  1763. (rsa_tmp && RSA_size(c->rsa_tmp)*8 <= kl));
  1764. #else
  1765. rsa_tmp=rsa_tmp_export=0;
  1766. #endif
  1767. #ifndef OPENSSL_NO_DH
  1768. dh_tmp=(c->dh_tmp != NULL || c->dh_tmp_cb != NULL);
  1769. dh_tmp_export=(c->dh_tmp_cb != NULL ||
  1770. (dh_tmp && DH_size(c->dh_tmp)*8 <= kl));
  1771. #else
  1772. dh_tmp=dh_tmp_export=0;
  1773. #endif
  1774. #ifndef OPENSSL_NO_ECDH
  1775. have_ecdh_tmp=(c->ecdh_tmp != NULL || c->ecdh_tmp_cb != NULL);
  1776. #endif
  1777. cpk= &(c->pkeys[SSL_PKEY_RSA_ENC]);
  1778. rsa_enc= (cpk->x509 != NULL && cpk->privatekey != NULL);
  1779. rsa_enc_export=(rsa_enc && EVP_PKEY_size(cpk->privatekey)*8 <= kl);
  1780. cpk= &(c->pkeys[SSL_PKEY_RSA_SIGN]);
  1781. rsa_sign=(cpk->x509 != NULL && cpk->privatekey != NULL);
  1782. cpk= &(c->pkeys[SSL_PKEY_DSA_SIGN]);
  1783. dsa_sign=(cpk->x509 != NULL && cpk->privatekey != NULL);
  1784. cpk= &(c->pkeys[SSL_PKEY_DH_RSA]);
  1785. dh_rsa= (cpk->x509 != NULL && cpk->privatekey != NULL);
  1786. dh_rsa_export=(dh_rsa && EVP_PKEY_size(cpk->privatekey)*8 <= kl);
  1787. cpk= &(c->pkeys[SSL_PKEY_DH_DSA]);
  1788. /* FIX THIS EAY EAY EAY */
  1789. dh_dsa= (cpk->x509 != NULL && cpk->privatekey != NULL);
  1790. dh_dsa_export=(dh_dsa && EVP_PKEY_size(cpk->privatekey)*8 <= kl);
  1791. cpk= &(c->pkeys[SSL_PKEY_ECC]);
  1792. have_ecc_cert= (cpk->x509 != NULL && cpk->privatekey != NULL);
  1793. mask_k=0;
  1794. mask_a=0;
  1795. emask_k=0;
  1796. emask_a=0;
  1797. #ifdef CIPHER_DEBUG
  1798. printf("rt=%d rte=%d dht=%d ecdht=%d re=%d ree=%d rs=%d ds=%d dhr=%d dhd=%d\n",
  1799. rsa_tmp,rsa_tmp_export,dh_tmp,have_ecdh_tmp,
  1800. rsa_enc,rsa_enc_export,rsa_sign,dsa_sign,dh_rsa,dh_dsa);
  1801. #endif
  1802. cpk = &(c->pkeys[SSL_PKEY_GOST01]);
  1803. if (cpk->x509 != NULL && cpk->privatekey !=NULL) {
  1804. mask_k |= SSL_kGOST;
  1805. mask_a |= SSL_aGOST01;
  1806. }
  1807. cpk = &(c->pkeys[SSL_PKEY_GOST94]);
  1808. if (cpk->x509 != NULL && cpk->privatekey !=NULL) {
  1809. mask_k |= SSL_kGOST;
  1810. mask_a |= SSL_aGOST94;
  1811. }
  1812. if (rsa_enc || (rsa_tmp && rsa_sign))
  1813. mask_k|=SSL_kRSA;
  1814. if (rsa_enc_export || (rsa_tmp_export && (rsa_sign || rsa_enc)))
  1815. emask_k|=SSL_kRSA;
  1816. #if 0
  1817. /* The match needs to be both kEDH and aRSA or aDSA, so don't worry */
  1818. if ( (dh_tmp || dh_rsa || dh_dsa) &&
  1819. (rsa_enc || rsa_sign || dsa_sign))
  1820. mask_k|=SSL_kEDH;
  1821. if ((dh_tmp_export || dh_rsa_export || dh_dsa_export) &&
  1822. (rsa_enc || rsa_sign || dsa_sign))
  1823. emask_k|=SSL_kEDH;
  1824. #endif
  1825. if (dh_tmp_export)
  1826. emask_k|=SSL_kEDH;
  1827. if (dh_tmp)
  1828. mask_k|=SSL_kEDH;
  1829. if (dh_rsa) mask_k|=SSL_kDHr;
  1830. if (dh_rsa_export) emask_k|=SSL_kDHr;
  1831. if (dh_dsa) mask_k|=SSL_kDHd;
  1832. if (dh_dsa_export) emask_k|=SSL_kDHd;
  1833. if (rsa_enc || rsa_sign)
  1834. {
  1835. mask_a|=SSL_aRSA;
  1836. emask_a|=SSL_aRSA;
  1837. }
  1838. if (dsa_sign)
  1839. {
  1840. mask_a|=SSL_aDSS;
  1841. emask_a|=SSL_aDSS;
  1842. }
  1843. mask_a|=SSL_aNULL;
  1844. emask_a|=SSL_aNULL;
  1845. #ifndef OPENSSL_NO_KRB5
  1846. mask_k|=SSL_kKRB5;
  1847. mask_a|=SSL_aKRB5;
  1848. emask_k|=SSL_kKRB5;
  1849. emask_a|=SSL_aKRB5;
  1850. #endif
  1851. /* An ECC certificate may be usable for ECDH and/or
  1852. * ECDSA cipher suites depending on the key usage extension.
  1853. */
  1854. if (have_ecc_cert)
  1855. {
  1856. /* This call populates extension flags (ex_flags) */
  1857. x = (c->pkeys[SSL_PKEY_ECC]).x509;
  1858. X509_check_purpose(x, -1, 0);
  1859. ecdh_ok = (x->ex_flags & EXFLAG_KUSAGE) ?
  1860. (x->ex_kusage & X509v3_KU_KEY_AGREEMENT) : 1;
  1861. ecdsa_ok = (x->ex_flags & EXFLAG_KUSAGE) ?
  1862. (x->ex_kusage & X509v3_KU_DIGITAL_SIGNATURE) : 1;
  1863. ecc_pkey = X509_get_pubkey(x);
  1864. ecc_pkey_size = (ecc_pkey != NULL) ?
  1865. EVP_PKEY_bits(ecc_pkey) : 0;
  1866. EVP_PKEY_free(ecc_pkey);
  1867. if ((x->sig_alg) && (x->sig_alg->algorithm))
  1868. {
  1869. signature_nid = OBJ_obj2nid(x->sig_alg->algorithm);
  1870. OBJ_find_sigid_algs(signature_nid, &md_nid, &pk_nid);
  1871. }
  1872. #ifndef OPENSSL_NO_ECDH
  1873. if (ecdh_ok)
  1874. {
  1875. if (pk_nid == NID_rsaEncryption || pk_nid == NID_rsa)
  1876. {
  1877. mask_k|=SSL_kECDHr;
  1878. mask_a|=SSL_aECDH;
  1879. if (ecc_pkey_size <= 163)
  1880. {
  1881. emask_k|=SSL_kECDHr;
  1882. emask_a|=SSL_aECDH;
  1883. }
  1884. }
  1885. if (pk_nid == NID_X9_62_id_ecPublicKey)
  1886. {
  1887. mask_k|=SSL_kECDHe;
  1888. mask_a|=SSL_aECDH;
  1889. if (ecc_pkey_size <= 163)
  1890. {
  1891. emask_k|=SSL_kECDHe;
  1892. emask_a|=SSL_aECDH;
  1893. }
  1894. }
  1895. }
  1896. #endif
  1897. #ifndef OPENSSL_NO_ECDSA
  1898. if (ecdsa_ok)
  1899. {
  1900. mask_a|=SSL_aECDSA;
  1901. emask_a|=SSL_aECDSA;
  1902. }
  1903. #endif
  1904. }
  1905. #ifndef OPENSSL_NO_ECDH
  1906. if (have_ecdh_tmp)
  1907. {
  1908. mask_k|=SSL_kEECDH;
  1909. emask_k|=SSL_kEECDH;
  1910. }
  1911. #endif
  1912. #ifndef OPENSSL_NO_PSK
  1913. mask_k |= SSL_kPSK;
  1914. mask_a |= SSL_aPSK;
  1915. emask_k |= SSL_kPSK;
  1916. emask_a |= SSL_aPSK;
  1917. #endif
  1918. c->mask_k=mask_k;
  1919. c->mask_a=mask_a;
  1920. c->export_mask_k=emask_k;
  1921. c->export_mask_a=emask_a;
  1922. c->valid=1;
  1923. }
  1924. /* This handy macro borrowed from crypto/x509v3/v3_purp.c */
  1925. #define ku_reject(x, usage) \
  1926. (((x)->ex_flags & EXFLAG_KUSAGE) && !((x)->ex_kusage & (usage)))
  1927. #ifndef OPENSSL_NO_EC
  1928. int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
  1929. {
  1930. unsigned long alg_k, alg_a;
  1931. EVP_PKEY *pkey = NULL;
  1932. int keysize = 0;
  1933. int signature_nid = 0, md_nid = 0, pk_nid = 0;
  1934. const SSL_CIPHER *cs = s->s3->tmp.new_cipher;
  1935. alg_k = cs->algorithm_mkey;
  1936. alg_a = cs->algorithm_auth;
  1937. if (SSL_C_IS_EXPORT(cs))
  1938. {
  1939. /* ECDH key length in export ciphers must be <= 163 bits */
  1940. pkey = X509_get_pubkey(x);
  1941. if (pkey == NULL) return 0;
  1942. keysize = EVP_PKEY_bits(pkey);
  1943. EVP_PKEY_free(pkey);
  1944. if (keysize > 163) return 0;
  1945. }
  1946. /* This call populates the ex_flags field correctly */
  1947. X509_check_purpose(x, -1, 0);
  1948. if ((x->sig_alg) && (x->sig_alg->algorithm))
  1949. {
  1950. signature_nid = OBJ_obj2nid(x->sig_alg->algorithm);
  1951. OBJ_find_sigid_algs(signature_nid, &md_nid, &pk_nid);
  1952. }
  1953. if (alg_k & SSL_kECDHe || alg_k & SSL_kECDHr)
  1954. {
  1955. /* key usage, if present, must allow key agreement */
  1956. if (ku_reject(x, X509v3_KU_KEY_AGREEMENT))
  1957. {
  1958. SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG, SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT);
  1959. return 0;
  1960. }
  1961. if ((alg_k & SSL_kECDHe) && TLS1_get_version(s) < TLS1_2_VERSION)
  1962. {
  1963. /* signature alg must be ECDSA */
  1964. if (pk_nid != NID_X9_62_id_ecPublicKey)
  1965. {
  1966. SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG, SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE);
  1967. return 0;
  1968. }
  1969. }
  1970. if ((alg_k & SSL_kECDHr) && TLS1_get_version(s) < TLS1_2_VERSION)
  1971. {
  1972. /* signature alg must be RSA */
  1973. if (pk_nid != NID_rsaEncryption && pk_nid != NID_rsa)
  1974. {
  1975. SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG, SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE);
  1976. return 0;
  1977. }
  1978. }
  1979. }
  1980. if (alg_a & SSL_aECDSA)
  1981. {
  1982. /* key usage, if present, must allow signing */
  1983. if (ku_reject(x, X509v3_KU_DIGITAL_SIGNATURE))
  1984. {
  1985. SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG, SSL_R_ECC_CERT_NOT_FOR_SIGNING);
  1986. return 0;
  1987. }
  1988. }
  1989. return 1; /* all checks are ok */
  1990. }
  1991. #endif
  1992. /* THIS NEEDS CLEANING UP */
  1993. X509 *ssl_get_server_send_cert(SSL *s)
  1994. {
  1995. unsigned long alg_k,alg_a;
  1996. CERT *c;
  1997. int i;
  1998. c=s->cert;
  1999. ssl_set_cert_masks(c, s->s3->tmp.new_cipher);
  2000. alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
  2001. alg_a = s->s3->tmp.new_cipher->algorithm_auth;
  2002. if (alg_k & (SSL_kECDHr|SSL_kECDHe))
  2003. {
  2004. /* we don't need to look at SSL_kEECDH
  2005. * since no certificate is needed for
  2006. * anon ECDH and for authenticated
  2007. * EECDH, the check for the auth
  2008. * algorithm will set i correctly
  2009. * NOTE: For ECDH-RSA, we need an ECC
  2010. * not an RSA cert but for EECDH-RSA
  2011. * we need an RSA cert. Placing the
  2012. * checks for SSL_kECDH before RSA
  2013. * checks ensures the correct cert is chosen.
  2014. */
  2015. i=SSL_PKEY_ECC;
  2016. }
  2017. else if (alg_a & SSL_aECDSA)
  2018. {
  2019. i=SSL_PKEY_ECC;
  2020. }
  2021. else if (alg_k & SSL_kDHr)
  2022. i=SSL_PKEY_DH_RSA;
  2023. else if (alg_k & SSL_kDHd)
  2024. i=SSL_PKEY_DH_DSA;
  2025. else if (alg_a & SSL_aDSS)
  2026. i=SSL_PKEY_DSA_SIGN;
  2027. else if (alg_a & SSL_aRSA)
  2028. {
  2029. if (c->pkeys[SSL_PKEY_RSA_ENC].x509 == NULL)
  2030. i=SSL_PKEY_RSA_SIGN;
  2031. else
  2032. i=SSL_PKEY_RSA_ENC;
  2033. }
  2034. else if (alg_a & SSL_aKRB5)
  2035. {
  2036. /* VRS something else here? */
  2037. return(NULL);
  2038. }
  2039. else if (alg_a & SSL_aGOST94)
  2040. i=SSL_PKEY_GOST94;
  2041. else if (alg_a & SSL_aGOST01)
  2042. i=SSL_PKEY_GOST01;
  2043. else /* if (alg_a & SSL_aNULL) */
  2044. {
  2045. SSLerr(SSL_F_SSL_GET_SERVER_SEND_CERT,ERR_R_INTERNAL_ERROR);
  2046. return(NULL);
  2047. }
  2048. if (c->pkeys[i].x509 == NULL) return(NULL);
  2049. return(c->pkeys[i].x509);
  2050. }
  2051. EVP_PKEY *ssl_get_sign_pkey(SSL *s,const SSL_CIPHER *cipher, const EVP_MD **pmd)
  2052. {
  2053. unsigned long alg_a;
  2054. CERT *c;
  2055. int idx = -1;
  2056. alg_a = cipher->algorithm_auth;
  2057. c=s->cert;
  2058. if ((alg_a & SSL_aDSS) &&
  2059. (c->pkeys[SSL_PKEY_DSA_SIGN].privatekey != NULL))
  2060. idx = SSL_PKEY_DSA_SIGN;
  2061. else if (alg_a & SSL_aRSA)
  2062. {
  2063. if (c->pkeys[SSL_PKEY_RSA_SIGN].privatekey != NULL)
  2064. idx = SSL_PKEY_RSA_SIGN;
  2065. else if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey != NULL)
  2066. idx = SSL_PKEY_RSA_ENC;
  2067. }
  2068. else if ((alg_a & SSL_aECDSA) &&
  2069. (c->pkeys[SSL_PKEY_ECC].privatekey != NULL))
  2070. idx = SSL_PKEY_ECC;
  2071. if (idx == -1)
  2072. {
  2073. SSLerr(SSL_F_SSL_GET_SIGN_PKEY,ERR_R_INTERNAL_ERROR);
  2074. return(NULL);
  2075. }
  2076. if (pmd)
  2077. *pmd = c->pkeys[idx].digest;
  2078. return c->pkeys[idx].privatekey;
  2079. }
  2080. void ssl_update_cache(SSL *s,int mode)
  2081. {
  2082. int i;
  2083. /* If the session_id_length is 0, we are not supposed to cache it,
  2084. * and it would be rather hard to do anyway :-) */
  2085. if (s->session->session_id_length == 0) return;
  2086. i=s->session_ctx->session_cache_mode;
  2087. if ((i & mode) && (!s->hit)
  2088. && ((i & SSL_SESS_CACHE_NO_INTERNAL_STORE)
  2089. || SSL_CTX_add_session(s->session_ctx,s->session))
  2090. && (s->session_ctx->new_session_cb != NULL))
  2091. {
  2092. CRYPTO_add(&s->session->references,1,CRYPTO_LOCK_SSL_SESSION);
  2093. if (!s->session_ctx->new_session_cb(s,s->session))
  2094. SSL_SESSION_free(s->session);
  2095. }
  2096. /* auto flush every 255 connections */
  2097. if ((!(i & SSL_SESS_CACHE_NO_AUTO_CLEAR)) &&
  2098. ((i & mode) == mode))
  2099. {
  2100. if ( (((mode & SSL_SESS_CACHE_CLIENT)
  2101. ?s->session_ctx->stats.sess_connect_good
  2102. :s->session_ctx->stats.sess_accept_good) & 0xff) == 0xff)
  2103. {
  2104. SSL_CTX_flush_sessions(s->session_ctx,(unsigned long)time(NULL));
  2105. }
  2106. }
  2107. }
  2108. const SSL_METHOD *SSL_get_ssl_method(SSL *s)
  2109. {
  2110. return(s->method);
  2111. }
  2112. int SSL_set_ssl_method(SSL *s, const SSL_METHOD *meth)
  2113. {
  2114. int conn= -1;
  2115. int ret=1;
  2116. if (s->method != meth)
  2117. {
  2118. if (s->handshake_func != NULL)
  2119. conn=(s->handshake_func == s->method->ssl_connect);
  2120. if (s->method->version == meth->version)
  2121. s->method=meth;
  2122. else
  2123. {
  2124. s->method->ssl_free(s);
  2125. s->method=meth;
  2126. ret=s->method->ssl_new(s);
  2127. }
  2128. if (conn == 1)
  2129. s->handshake_func=meth->ssl_connect;
  2130. else if (conn == 0)
  2131. s->handshake_func=meth->ssl_accept;
  2132. }
  2133. return(ret);
  2134. }
  2135. int SSL_get_error(const SSL *s,int i)
  2136. {
  2137. int reason;
  2138. unsigned long l;
  2139. BIO *bio;
  2140. if (i > 0) return(SSL_ERROR_NONE);
  2141. /* Make things return SSL_ERROR_SYSCALL when doing SSL_do_handshake
  2142. * etc, where we do encode the error */
  2143. if ((l=ERR_peek_error()) != 0)
  2144. {
  2145. if (ERR_GET_LIB(l) == ERR_LIB_SYS)
  2146. return(SSL_ERROR_SYSCALL);
  2147. else
  2148. return(SSL_ERROR_SSL);
  2149. }
  2150. if ((i < 0) && SSL_want_read(s))
  2151. {
  2152. bio=SSL_get_rbio(s);
  2153. if (BIO_should_read(bio))
  2154. return(SSL_ERROR_WANT_READ);
  2155. else if (BIO_should_write(bio))
  2156. /* This one doesn't make too much sense ... We never try
  2157. * to write to the rbio, and an application program where
  2158. * rbio and wbio are separate couldn't even know what it
  2159. * should wait for.
  2160. * However if we ever set s->rwstate incorrectly
  2161. * (so that we have SSL_want_read(s) instead of
  2162. * SSL_want_write(s)) and rbio and wbio *are* the same,
  2163. * this test works around that bug; so it might be safer
  2164. * to keep it. */
  2165. return(SSL_ERROR_WANT_WRITE);
  2166. else if (BIO_should_io_special(bio))
  2167. {
  2168. reason=BIO_get_retry_reason(bio);
  2169. if (reason == BIO_RR_CONNECT)
  2170. return(SSL_ERROR_WANT_CONNECT);
  2171. else if (reason == BIO_RR_ACCEPT)
  2172. return(SSL_ERROR_WANT_ACCEPT);
  2173. else
  2174. return(SSL_ERROR_SYSCALL); /* unknown */
  2175. }
  2176. }
  2177. if ((i < 0) && SSL_want_write(s))
  2178. {
  2179. bio=SSL_get_wbio(s);
  2180. if (BIO_should_write(bio))
  2181. return(SSL_ERROR_WANT_WRITE);
  2182. else if (BIO_should_read(bio))
  2183. /* See above (SSL_want_read(s) with BIO_should_write(bio)) */
  2184. return(SSL_ERROR_WANT_READ);
  2185. else if (BIO_should_io_special(bio))
  2186. {
  2187. reason=BIO_get_retry_reason(bio);
  2188. if (reason == BIO_RR_CONNECT)
  2189. return(SSL_ERROR_WANT_CONNECT);
  2190. else if (reason == BIO_RR_ACCEPT)
  2191. return(SSL_ERROR_WANT_ACCEPT);
  2192. else
  2193. return(SSL_ERROR_SYSCALL);
  2194. }
  2195. }
  2196. if ((i < 0) && SSL_want_x509_lookup(s))
  2197. {
  2198. return(SSL_ERROR_WANT_X509_LOOKUP);
  2199. }
  2200. if (i == 0)
  2201. {
  2202. if (s->version == SSL2_VERSION)
  2203. {
  2204. /* assume it is the socket being closed */
  2205. return(SSL_ERROR_ZERO_RETURN);
  2206. }
  2207. else
  2208. {
  2209. if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) &&
  2210. (s->s3->warn_alert == SSL_AD_CLOSE_NOTIFY))
  2211. return(SSL_ERROR_ZERO_RETURN);
  2212. }
  2213. }
  2214. return(SSL_ERROR_SYSCALL);
  2215. }
  2216. int SSL_do_handshake(SSL *s)
  2217. {
  2218. int ret=1;
  2219. if (s->handshake_func == NULL)
  2220. {
  2221. SSLerr(SSL_F_SSL_DO_HANDSHAKE,SSL_R_CONNECTION_TYPE_NOT_SET);
  2222. return(-1);
  2223. }
  2224. s->method->ssl_renegotiate_check(s);
  2225. if (SSL_in_init(s) || SSL_in_before(s))
  2226. {
  2227. ret=s->handshake_func(s);
  2228. }
  2229. return(ret);
  2230. }
  2231. /* For the next 2 functions, SSL_clear() sets shutdown and so
  2232. * one of these calls will reset it */
  2233. void SSL_set_accept_state(SSL *s)
  2234. {
  2235. s->server=1;
  2236. s->shutdown=0;
  2237. s->state=SSL_ST_ACCEPT|SSL_ST_BEFORE;
  2238. s->handshake_func=s->method->ssl_accept;
  2239. /* clear the current cipher */
  2240. ssl_clear_cipher_ctx(s);
  2241. ssl_clear_hash_ctx(&s->read_hash);
  2242. ssl_clear_hash_ctx(&s->write_hash);
  2243. }
  2244. void SSL_set_connect_state(SSL *s)
  2245. {
  2246. s->server=0;
  2247. s->shutdown=0;
  2248. s->state=SSL_ST_CONNECT|SSL_ST_BEFORE;
  2249. s->handshake_func=s->method->ssl_connect;
  2250. /* clear the current cipher */
  2251. ssl_clear_cipher_ctx(s);
  2252. ssl_clear_hash_ctx(&s->read_hash);
  2253. ssl_clear_hash_ctx(&s->write_hash);
  2254. }
  2255. int ssl_undefined_function(SSL *s)
  2256. {
  2257. SSLerr(SSL_F_SSL_UNDEFINED_FUNCTION,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
  2258. return(0);
  2259. }
  2260. int ssl_undefined_void_function(void)
  2261. {
  2262. SSLerr(SSL_F_SSL_UNDEFINED_VOID_FUNCTION,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
  2263. return(0);
  2264. }
  2265. int ssl_undefined_const_function(const SSL *s)
  2266. {
  2267. SSLerr(SSL_F_SSL_UNDEFINED_CONST_FUNCTION,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
  2268. return(0);
  2269. }
  2270. SSL_METHOD *ssl_bad_method(int ver)
  2271. {
  2272. SSLerr(SSL_F_SSL_BAD_METHOD,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
  2273. return(NULL);
  2274. }
  2275. const char *SSL_get_version(const SSL *s)
  2276. {
  2277. if (s->version == TLS1_2_VERSION)
  2278. return("TLSv1.2");
  2279. else if (s->version == TLS1_1_VERSION)
  2280. return("TLSv1.1");
  2281. else if (s->version == TLS1_VERSION)
  2282. return("TLSv1");
  2283. else if (s->version == SSL3_VERSION)
  2284. return("SSLv3");
  2285. else if (s->version == SSL2_VERSION)
  2286. return("SSLv2");
  2287. else
  2288. return("unknown");
  2289. }
  2290. SSL *SSL_dup(SSL *s)
  2291. {
  2292. STACK_OF(X509_NAME) *sk;
  2293. X509_NAME *xn;
  2294. SSL *ret;
  2295. int i;
  2296. if ((ret=SSL_new(SSL_get_SSL_CTX(s))) == NULL)
  2297. return(NULL);
  2298. ret->version = s->version;
  2299. ret->type = s->type;
  2300. ret->method = s->method;
  2301. if (s->session != NULL)
  2302. {
  2303. /* This copies session-id, SSL_METHOD, sid_ctx, and 'cert' */
  2304. SSL_copy_session_id(ret,s);
  2305. }
  2306. else
  2307. {
  2308. /* No session has been established yet, so we have to expect
  2309. * that s->cert or ret->cert will be changed later --
  2310. * they should not both point to the same object,
  2311. * and thus we can't use SSL_copy_session_id. */
  2312. ret->method->ssl_free(ret);
  2313. ret->method = s->method;
  2314. ret->method->ssl_new(ret);
  2315. if (s->cert != NULL)
  2316. {
  2317. if (ret->cert != NULL)
  2318. {
  2319. ssl_cert_free(ret->cert);
  2320. }
  2321. ret->cert = ssl_cert_dup(s->cert);
  2322. if (ret->cert == NULL)
  2323. goto err;
  2324. }
  2325. SSL_set_session_id_context(ret,
  2326. s->sid_ctx, s->sid_ctx_length);
  2327. }
  2328. ret->options=s->options;
  2329. ret->mode=s->mode;
  2330. SSL_set_max_cert_list(ret,SSL_get_max_cert_list(s));
  2331. SSL_set_read_ahead(ret,SSL_get_read_ahead(s));
  2332. ret->msg_callback = s->msg_callback;
  2333. ret->msg_callback_arg = s->msg_callback_arg;
  2334. SSL_set_verify(ret,SSL_get_verify_mode(s),
  2335. SSL_get_verify_callback(s));
  2336. SSL_set_verify_depth(ret,SSL_get_verify_depth(s));
  2337. ret->generate_session_id = s->generate_session_id;
  2338. SSL_set_info_callback(ret,SSL_get_info_callback(s));
  2339. ret->debug=s->debug;
  2340. /* copy app data, a little dangerous perhaps */
  2341. if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL, &ret->ex_data, &s->ex_data))
  2342. goto err;
  2343. /* setup rbio, and wbio */
  2344. if (s->rbio != NULL)
  2345. {
  2346. if (!BIO_dup_state(s->rbio,(char *)&ret->rbio))
  2347. goto err;
  2348. }
  2349. if (s->wbio != NULL)
  2350. {
  2351. if (s->wbio != s->rbio)
  2352. {
  2353. if (!BIO_dup_state(s->wbio,(char *)&ret->wbio))
  2354. goto err;
  2355. }
  2356. else
  2357. ret->wbio=ret->rbio;
  2358. }
  2359. ret->rwstate = s->rwstate;
  2360. ret->in_handshake = s->in_handshake;
  2361. ret->handshake_func = s->handshake_func;
  2362. ret->server = s->server;
  2363. ret->renegotiate = s->renegotiate;
  2364. ret->new_session = s->new_session;
  2365. ret->quiet_shutdown = s->quiet_shutdown;
  2366. ret->shutdown=s->shutdown;
  2367. ret->state=s->state; /* SSL_dup does not really work at any state, though */
  2368. ret->rstate=s->rstate;
  2369. ret->init_num = 0; /* would have to copy ret->init_buf, ret->init_msg, ret->init_num, ret->init_off */
  2370. ret->hit=s->hit;
  2371. X509_VERIFY_PARAM_inherit(ret->param, s->param);
  2372. /* dup the cipher_list and cipher_list_by_id stacks */
  2373. if (s->cipher_list != NULL)
  2374. {
  2375. if ((ret->cipher_list=sk_SSL_CIPHER_dup(s->cipher_list)) == NULL)
  2376. goto err;
  2377. }
  2378. if (s->cipher_list_by_id != NULL)
  2379. if ((ret->cipher_list_by_id=sk_SSL_CIPHER_dup(s->cipher_list_by_id))
  2380. == NULL)
  2381. goto err;
  2382. /* Dup the client_CA list */
  2383. if (s->client_CA != NULL)
  2384. {
  2385. if ((sk=sk_X509_NAME_dup(s->client_CA)) == NULL) goto err;
  2386. ret->client_CA=sk;
  2387. for (i=0; i<sk_X509_NAME_num(sk); i++)
  2388. {
  2389. xn=sk_X509_NAME_value(sk,i);
  2390. if (sk_X509_NAME_set(sk,i,X509_NAME_dup(xn)) == NULL)
  2391. {
  2392. X509_NAME_free(xn);
  2393. goto err;
  2394. }
  2395. }
  2396. }
  2397. if (0)
  2398. {
  2399. err:
  2400. if (ret != NULL) SSL_free(ret);
  2401. ret=NULL;
  2402. }
  2403. return(ret);
  2404. }
  2405. void ssl_clear_cipher_ctx(SSL *s)
  2406. {
  2407. if (s->enc_read_ctx != NULL)
  2408. {
  2409. EVP_CIPHER_CTX_cleanup(s->enc_read_ctx);
  2410. OPENSSL_free(s->enc_read_ctx);
  2411. s->enc_read_ctx=NULL;
  2412. }
  2413. if (s->enc_write_ctx != NULL)
  2414. {
  2415. EVP_CIPHER_CTX_cleanup(s->enc_write_ctx);
  2416. OPENSSL_free(s->enc_write_ctx);
  2417. s->enc_write_ctx=NULL;
  2418. }
  2419. #ifndef OPENSSL_NO_COMP
  2420. if (s->expand != NULL)
  2421. {
  2422. COMP_CTX_free(s->expand);
  2423. s->expand=NULL;
  2424. }
  2425. if (s->compress != NULL)
  2426. {
  2427. COMP_CTX_free(s->compress);
  2428. s->compress=NULL;
  2429. }
  2430. #endif
  2431. }
  2432. /* Fix this function so that it takes an optional type parameter */
  2433. X509 *SSL_get_certificate(const SSL *s)
  2434. {
  2435. if (s->cert != NULL)
  2436. return(s->cert->key->x509);
  2437. else
  2438. return(NULL);
  2439. }
  2440. /* Fix this function so that it takes an optional type parameter */
  2441. EVP_PKEY *SSL_get_privatekey(SSL *s)
  2442. {
  2443. if (s->cert != NULL)
  2444. return(s->cert->key->privatekey);
  2445. else
  2446. return(NULL);
  2447. }
  2448. const SSL_CIPHER *SSL_get_current_cipher(const SSL *s)
  2449. {
  2450. if ((s->session != NULL) && (s->session->cipher != NULL))
  2451. return(s->session->cipher);
  2452. return(NULL);
  2453. }
  2454. #ifdef OPENSSL_NO_COMP
  2455. const void *SSL_get_current_compression(SSL *s)
  2456. {
  2457. return NULL;
  2458. }
  2459. const void *SSL_get_current_expansion(SSL *s)
  2460. {
  2461. return NULL;
  2462. }
  2463. #else
  2464. const COMP_METHOD *SSL_get_current_compression(SSL *s)
  2465. {
  2466. if (s->compress != NULL)
  2467. return(s->compress->meth);
  2468. return(NULL);
  2469. }
  2470. const COMP_METHOD *SSL_get_current_expansion(SSL *s)
  2471. {
  2472. if (s->expand != NULL)
  2473. return(s->expand->meth);
  2474. return(NULL);
  2475. }
  2476. #endif
  2477. int ssl_init_wbio_buffer(SSL *s,int push)
  2478. {
  2479. BIO *bbio;
  2480. if (s->bbio == NULL)
  2481. {
  2482. bbio=BIO_new(BIO_f_buffer());
  2483. if (bbio == NULL) return(0);
  2484. s->bbio=bbio;
  2485. }
  2486. else
  2487. {
  2488. bbio=s->bbio;
  2489. if (s->bbio == s->wbio)
  2490. s->wbio=BIO_pop(s->wbio);
  2491. }
  2492. (void)BIO_reset(bbio);
  2493. /* if (!BIO_set_write_buffer_size(bbio,16*1024)) */
  2494. if (!BIO_set_read_buffer_size(bbio,1))
  2495. {
  2496. SSLerr(SSL_F_SSL_INIT_WBIO_BUFFER,ERR_R_BUF_LIB);
  2497. return(0);
  2498. }
  2499. if (push)
  2500. {
  2501. if (s->wbio != bbio)
  2502. s->wbio=BIO_push(bbio,s->wbio);
  2503. }
  2504. else
  2505. {
  2506. if (s->wbio == bbio)
  2507. s->wbio=BIO_pop(bbio);
  2508. }
  2509. return(1);
  2510. }
  2511. void ssl_free_wbio_buffer(SSL *s)
  2512. {
  2513. if (s->bbio == NULL) return;
  2514. if (s->bbio == s->wbio)
  2515. {
  2516. /* remove buffering */
  2517. s->wbio=BIO_pop(s->wbio);
  2518. #ifdef REF_CHECK /* not the usual REF_CHECK, but this avoids adding one more preprocessor symbol */
  2519. assert(s->wbio != NULL);
  2520. #endif
  2521. }
  2522. BIO_free(s->bbio);
  2523. s->bbio=NULL;
  2524. }
  2525. void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx,int mode)
  2526. {
  2527. ctx->quiet_shutdown=mode;
  2528. }
  2529. int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx)
  2530. {
  2531. return(ctx->quiet_shutdown);
  2532. }
  2533. void SSL_set_quiet_shutdown(SSL *s,int mode)
  2534. {
  2535. s->quiet_shutdown=mode;
  2536. }
  2537. int SSL_get_quiet_shutdown(const SSL *s)
  2538. {
  2539. return(s->quiet_shutdown);
  2540. }
  2541. void SSL_set_shutdown(SSL *s,int mode)
  2542. {
  2543. s->shutdown=mode;
  2544. }
  2545. int SSL_get_shutdown(const SSL *s)
  2546. {
  2547. return(s->shutdown);
  2548. }
  2549. int SSL_version(const SSL *s)
  2550. {
  2551. return(s->version);
  2552. }
  2553. SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl)
  2554. {
  2555. return(ssl->ctx);
  2556. }
  2557. SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX* ctx)
  2558. {
  2559. if (ssl->ctx == ctx)
  2560. return ssl->ctx;
  2561. #ifndef OPENSSL_NO_TLSEXT
  2562. if (ctx == NULL)
  2563. ctx = ssl->initial_ctx;
  2564. #endif
  2565. if (ssl->cert != NULL)
  2566. ssl_cert_free(ssl->cert);
  2567. ssl->cert = ssl_cert_dup(ctx->cert);
  2568. CRYPTO_add(&ctx->references,1,CRYPTO_LOCK_SSL_CTX);
  2569. if (ssl->ctx != NULL)
  2570. SSL_CTX_free(ssl->ctx); /* decrement reference count */
  2571. ssl->ctx = ctx;
  2572. return(ssl->ctx);
  2573. }
  2574. #ifndef OPENSSL_NO_STDIO
  2575. int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx)
  2576. {
  2577. return(X509_STORE_set_default_paths(ctx->cert_store));
  2578. }
  2579. int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
  2580. const char *CApath)
  2581. {
  2582. return(X509_STORE_load_locations(ctx->cert_store,CAfile,CApath));
  2583. }
  2584. #endif
  2585. void SSL_set_info_callback(SSL *ssl,
  2586. void (*cb)(const SSL *ssl,int type,int val))
  2587. {
  2588. ssl->info_callback=cb;
  2589. }
  2590. /* One compiler (Diab DCC) doesn't like argument names in returned
  2591. function pointer. */
  2592. void (*SSL_get_info_callback(const SSL *ssl))(const SSL * /*ssl*/,int /*type*/,int /*val*/)
  2593. {
  2594. return ssl->info_callback;
  2595. }
  2596. int SSL_state(const SSL *ssl)
  2597. {
  2598. return(ssl->state);
  2599. }
  2600. void SSL_set_state(SSL *ssl, int state)
  2601. {
  2602. ssl->state = state;
  2603. }
  2604. void SSL_set_verify_result(SSL *ssl,long arg)
  2605. {
  2606. ssl->verify_result=arg;
  2607. }
  2608. long SSL_get_verify_result(const SSL *ssl)
  2609. {
  2610. return(ssl->verify_result);
  2611. }
  2612. int SSL_get_ex_new_index(long argl,void *argp,CRYPTO_EX_new *new_func,
  2613. CRYPTO_EX_dup *dup_func,CRYPTO_EX_free *free_func)
  2614. {
  2615. return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL, argl, argp,
  2616. new_func, dup_func, free_func);
  2617. }
  2618. int SSL_set_ex_data(SSL *s,int idx,void *arg)
  2619. {
  2620. return(CRYPTO_set_ex_data(&s->ex_data,idx,arg));
  2621. }
  2622. void *SSL_get_ex_data(const SSL *s,int idx)
  2623. {
  2624. return(CRYPTO_get_ex_data(&s->ex_data,idx));
  2625. }
  2626. int SSL_CTX_get_ex_new_index(long argl,void *argp,CRYPTO_EX_new *new_func,
  2627. CRYPTO_EX_dup *dup_func,CRYPTO_EX_free *free_func)
  2628. {
  2629. return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX, argl, argp,
  2630. new_func, dup_func, free_func);
  2631. }
  2632. int SSL_CTX_set_ex_data(SSL_CTX *s,int idx,void *arg)
  2633. {
  2634. return(CRYPTO_set_ex_data(&s->ex_data,idx,arg));
  2635. }
  2636. void *SSL_CTX_get_ex_data(const SSL_CTX *s,int idx)
  2637. {
  2638. return(CRYPTO_get_ex_data(&s->ex_data,idx));
  2639. }
  2640. int ssl_ok(SSL *s)
  2641. {
  2642. return(1);
  2643. }
  2644. X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *ctx)
  2645. {
  2646. return(ctx->cert_store);
  2647. }
  2648. void SSL_CTX_set_cert_store(SSL_CTX *ctx,X509_STORE *store)
  2649. {
  2650. if (ctx->cert_store != NULL)
  2651. X509_STORE_free(ctx->cert_store);
  2652. ctx->cert_store=store;
  2653. }
  2654. int SSL_want(const SSL *s)
  2655. {
  2656. return(s->rwstate);
  2657. }
  2658. /*!
  2659. * \brief Set the callback for generating temporary RSA keys.
  2660. * \param ctx the SSL context.
  2661. * \param cb the callback
  2662. */
  2663. #ifndef OPENSSL_NO_RSA
  2664. void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx,RSA *(*cb)(SSL *ssl,
  2665. int is_export,
  2666. int keylength))
  2667. {
  2668. SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TMP_RSA_CB,(void (*)(void))cb);
  2669. }
  2670. void SSL_set_tmp_rsa_callback(SSL *ssl,RSA *(*cb)(SSL *ssl,
  2671. int is_export,
  2672. int keylength))
  2673. {
  2674. SSL_callback_ctrl(ssl,SSL_CTRL_SET_TMP_RSA_CB,(void (*)(void))cb);
  2675. }
  2676. #endif
  2677. #ifdef DOXYGEN
  2678. /*!
  2679. * \brief The RSA temporary key callback function.
  2680. * \param ssl the SSL session.
  2681. * \param is_export \c TRUE if the temp RSA key is for an export ciphersuite.
  2682. * \param keylength if \c is_export is \c TRUE, then \c keylength is the size
  2683. * of the required key in bits.
  2684. * \return the temporary RSA key.
  2685. * \sa SSL_CTX_set_tmp_rsa_callback, SSL_set_tmp_rsa_callback
  2686. */
  2687. RSA *cb(SSL *ssl,int is_export,int keylength)
  2688. {}
  2689. #endif
  2690. /*!
  2691. * \brief Set the callback for generating temporary DH keys.
  2692. * \param ctx the SSL context.
  2693. * \param dh the callback
  2694. */
  2695. #ifndef OPENSSL_NO_DH
  2696. void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,DH *(*dh)(SSL *ssl,int is_export,
  2697. int keylength))
  2698. {
  2699. SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TMP_DH_CB,(void (*)(void))dh);
  2700. }
  2701. void SSL_set_tmp_dh_callback(SSL *ssl,DH *(*dh)(SSL *ssl,int is_export,
  2702. int keylength))
  2703. {
  2704. SSL_callback_ctrl(ssl,SSL_CTRL_SET_TMP_DH_CB,(void (*)(void))dh);
  2705. }
  2706. #endif
  2707. #ifndef OPENSSL_NO_ECDH
  2708. void SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx,EC_KEY *(*ecdh)(SSL *ssl,int is_export,
  2709. int keylength))
  2710. {
  2711. SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TMP_ECDH_CB,(void (*)(void))ecdh);
  2712. }
  2713. void SSL_set_tmp_ecdh_callback(SSL *ssl,EC_KEY *(*ecdh)(SSL *ssl,int is_export,
  2714. int keylength))
  2715. {
  2716. SSL_callback_ctrl(ssl,SSL_CTRL_SET_TMP_ECDH_CB,(void (*)(void))ecdh);
  2717. }
  2718. #endif
  2719. #ifndef OPENSSL_NO_PSK
  2720. int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *identity_hint)
  2721. {
  2722. if (identity_hint != NULL && strlen(identity_hint) > PSK_MAX_IDENTITY_LEN)
  2723. {
  2724. SSLerr(SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT, SSL_R_DATA_LENGTH_TOO_LONG);
  2725. return 0;
  2726. }
  2727. if (ctx->psk_identity_hint != NULL)
  2728. OPENSSL_free(ctx->psk_identity_hint);
  2729. if (identity_hint != NULL)
  2730. {
  2731. ctx->psk_identity_hint = BUF_strdup(identity_hint);
  2732. if (ctx->psk_identity_hint == NULL)
  2733. return 0;
  2734. }
  2735. else
  2736. ctx->psk_identity_hint = NULL;
  2737. return 1;
  2738. }
  2739. int SSL_use_psk_identity_hint(SSL *s, const char *identity_hint)
  2740. {
  2741. if (s == NULL)
  2742. return 0;
  2743. if (s->session == NULL)
  2744. return 1; /* session not created yet, ignored */
  2745. if (identity_hint != NULL && strlen(identity_hint) > PSK_MAX_IDENTITY_LEN)
  2746. {
  2747. SSLerr(SSL_F_SSL_USE_PSK_IDENTITY_HINT, SSL_R_DATA_LENGTH_TOO_LONG);
  2748. return 0;
  2749. }
  2750. if (s->session->psk_identity_hint != NULL)
  2751. OPENSSL_free(s->session->psk_identity_hint);
  2752. if (identity_hint != NULL)
  2753. {
  2754. s->session->psk_identity_hint = BUF_strdup(identity_hint);
  2755. if (s->session->psk_identity_hint == NULL)
  2756. return 0;
  2757. }
  2758. else
  2759. s->session->psk_identity_hint = NULL;
  2760. return 1;
  2761. }
  2762. const char *SSL_get_psk_identity_hint(const SSL *s)
  2763. {
  2764. if (s == NULL || s->session == NULL)
  2765. return NULL;
  2766. return(s->session->psk_identity_hint);
  2767. }
  2768. const char *SSL_get_psk_identity(const SSL *s)
  2769. {
  2770. if (s == NULL || s->session == NULL)
  2771. return NULL;
  2772. return(s->session->psk_identity);
  2773. }
  2774. void SSL_set_psk_client_callback(SSL *s,
  2775. unsigned int (*cb)(SSL *ssl, const char *hint,
  2776. char *identity, unsigned int max_identity_len, unsigned char *psk,
  2777. unsigned int max_psk_len))
  2778. {
  2779. s->psk_client_callback = cb;
  2780. }
  2781. void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx,
  2782. unsigned int (*cb)(SSL *ssl, const char *hint,
  2783. char *identity, unsigned int max_identity_len, unsigned char *psk,
  2784. unsigned int max_psk_len))
  2785. {
  2786. ctx->psk_client_callback = cb;
  2787. }
  2788. void SSL_set_psk_server_callback(SSL *s,
  2789. unsigned int (*cb)(SSL *ssl, const char *identity,
  2790. unsigned char *psk, unsigned int max_psk_len))
  2791. {
  2792. s->psk_server_callback = cb;
  2793. }
  2794. void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx,
  2795. unsigned int (*cb)(SSL *ssl, const char *identity,
  2796. unsigned char *psk, unsigned int max_psk_len))
  2797. {
  2798. ctx->psk_server_callback = cb;
  2799. }
  2800. #endif
  2801. void SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg))
  2802. {
  2803. SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb);
  2804. }
  2805. void SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg))
  2806. {
  2807. SSL_callback_ctrl(ssl, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb);
  2808. }
  2809. void SSL_CTX_set_not_resumable_session_callback(SSL_CTX *ctx,
  2810. int (*cb)(SSL *ssl, int is_forward_secure))
  2811. {
  2812. SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB,
  2813. (void (*)(void))cb);
  2814. }
  2815. void SSL_set_not_resumable_session_callback(SSL *ssl,
  2816. int (*cb)(SSL *ssl, int is_forward_secure))
  2817. {
  2818. SSL_callback_ctrl(ssl, SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB,
  2819. (void (*)(void))cb);
  2820. }
  2821. /* Allocates new EVP_MD_CTX and sets pointer to it into given pointer
  2822. * vairable, freeing EVP_MD_CTX previously stored in that variable, if
  2823. * any. If EVP_MD pointer is passed, initializes ctx with this md
  2824. * Returns newly allocated ctx;
  2825. */
  2826. EVP_MD_CTX *ssl_replace_hash(EVP_MD_CTX **hash,const EVP_MD *md)
  2827. {
  2828. ssl_clear_hash_ctx(hash);
  2829. *hash = EVP_MD_CTX_create();
  2830. if (md) EVP_DigestInit_ex(*hash,md,NULL);
  2831. return *hash;
  2832. }
  2833. void ssl_clear_hash_ctx(EVP_MD_CTX **hash)
  2834. {
  2835. if (*hash) EVP_MD_CTX_destroy(*hash);
  2836. *hash=NULL;
  2837. }
  2838. void SSL_set_debug(SSL *s, int debug)
  2839. {
  2840. s->debug = debug;
  2841. }
  2842. int SSL_cache_hit(SSL *s)
  2843. {
  2844. return s->hit;
  2845. }
  2846. #if defined(_WINDLL) && defined(OPENSSL_SYS_WIN16)
  2847. #include "../crypto/bio/bss_file.c"
  2848. #endif
  2849. IMPLEMENT_STACK_OF(SSL_CIPHER)
  2850. IMPLEMENT_STACK_OF(SSL_COMP)
  2851. IMPLEMENT_OBJ_BSEARCH_GLOBAL_CMP_FN(SSL_CIPHER, SSL_CIPHER,
  2852. ssl_cipher_id);