2
0

ssl_lib.c 78 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491149214931494149514961497149814991500150115021503150415051506150715081509151015111512151315141515151615171518151915201521152215231524152515261527152815291530153115321533153415351536153715381539154015411542154315441545154615471548154915501551155215531554155515561557155815591560156115621563156415651566156715681569157015711572157315741575157615771578157915801581158215831584158515861587158815891590159115921593159415951596159715981599160016011602160316041605160616071608160916101611161216131614161516161617161816191620162116221623162416251626162716281629163016311632163316341635163616371638163916401641164216431644164516461647164816491650165116521653165416551656165716581659166016611662166316641665166616671668166916701671167216731674167516761677167816791680168116821683168416851686168716881689169016911692169316941695169616971698169917001701170217031704170517061707170817091710171117121713171417151716171717181719172017211722172317241725172617271728172917301731173217331734173517361737173817391740174117421743174417451746174717481749175017511752175317541755175617571758175917601761176217631764176517661767176817691770177117721773177417751776177717781779178017811782178317841785178617871788178917901791179217931794179517961797179817991800180118021803180418051806180718081809181018111812181318141815181618171818181918201821182218231824182518261827182818291830183118321833183418351836183718381839184018411842184318441845184618471848184918501851185218531854185518561857185818591860186118621863186418651866186718681869187018711872187318741875187618771878187918801881188218831884188518861887188818891890189118921893189418951896189718981899190019011902190319041905190619071908190919101911191219131914191519161917191819191920192119221923192419251926192719281929193019311932193319341935193619371938193919401941194219431944194519461947194819491950195119521953195419551956195719581959196019611962196319641965196619671968196919701971197219731974197519761977197819791980198119821983198419851986198719881989199019911992199319941995199619971998199920002001200220032004200520062007200820092010201120122013201420152016201720182019202020212022202320242025202620272028202920302031203220332034203520362037203820392040204120422043204420452046204720482049205020512052205320542055205620572058205920602061206220632064206520662067206820692070207120722073207420752076207720782079208020812082208320842085208620872088208920902091209220932094209520962097209820992100210121022103210421052106210721082109211021112112211321142115211621172118211921202121212221232124212521262127212821292130213121322133213421352136213721382139214021412142214321442145214621472148214921502151215221532154215521562157215821592160216121622163216421652166216721682169217021712172217321742175217621772178217921802181218221832184218521862187218821892190219121922193219421952196219721982199220022012202220322042205220622072208220922102211221222132214221522162217221822192220222122222223222422252226222722282229223022312232223322342235223622372238223922402241224222432244224522462247224822492250225122522253225422552256225722582259226022612262226322642265226622672268226922702271227222732274227522762277227822792280228122822283228422852286228722882289229022912292229322942295229622972298229923002301230223032304230523062307230823092310231123122313231423152316231723182319232023212322232323242325232623272328232923302331233223332334233523362337233823392340234123422343234423452346234723482349235023512352235323542355235623572358235923602361236223632364236523662367236823692370237123722373237423752376237723782379238023812382238323842385238623872388238923902391239223932394239523962397239823992400240124022403240424052406240724082409241024112412241324142415241624172418241924202421242224232424242524262427242824292430243124322433243424352436243724382439244024412442244324442445244624472448244924502451245224532454245524562457245824592460246124622463246424652466246724682469247024712472247324742475247624772478247924802481248224832484248524862487248824892490249124922493249424952496249724982499250025012502250325042505250625072508250925102511251225132514251525162517251825192520252125222523252425252526252725282529253025312532253325342535253625372538253925402541254225432544254525462547254825492550255125522553255425552556255725582559256025612562256325642565256625672568256925702571257225732574257525762577257825792580258125822583258425852586258725882589259025912592259325942595259625972598259926002601260226032604260526062607260826092610261126122613261426152616261726182619262026212622262326242625262626272628262926302631263226332634263526362637263826392640264126422643264426452646264726482649265026512652265326542655265626572658265926602661266226632664266526662667266826692670267126722673267426752676267726782679268026812682268326842685268626872688268926902691269226932694269526962697269826992700270127022703270427052706270727082709271027112712271327142715271627172718271927202721272227232724272527262727272827292730273127322733273427352736273727382739274027412742274327442745274627472748274927502751275227532754275527562757275827592760276127622763276427652766276727682769277027712772
  1. /*
  2. * ! \file ssl/ssl_lib.c \brief Version independent SSL functions.
  3. */
  4. /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  5. * All rights reserved.
  6. *
  7. * This package is an SSL implementation written
  8. * by Eric Young (eay@cryptsoft.com).
  9. * The implementation was written so as to conform with Netscapes SSL.
  10. *
  11. * This library is free for commercial and non-commercial use as long as
  12. * the following conditions are aheared to. The following conditions
  13. * apply to all code found in this distribution, be it the RC4, RSA,
  14. * lhash, DES, etc., code; not just the SSL code. The SSL documentation
  15. * included with this distribution is covered by the same copyright terms
  16. * except that the holder is Tim Hudson (tjh@cryptsoft.com).
  17. *
  18. * Copyright remains Eric Young's, and as such any Copyright notices in
  19. * the code are not to be removed.
  20. * If this package is used in a product, Eric Young should be given attribution
  21. * as the author of the parts of the library used.
  22. * This can be in the form of a textual message at program startup or
  23. * in documentation (online or textual) provided with the package.
  24. *
  25. * Redistribution and use in source and binary forms, with or without
  26. * modification, are permitted provided that the following conditions
  27. * are met:
  28. * 1. Redistributions of source code must retain the copyright
  29. * notice, this list of conditions and the following disclaimer.
  30. * 2. Redistributions in binary form must reproduce the above copyright
  31. * notice, this list of conditions and the following disclaimer in the
  32. * documentation and/or other materials provided with the distribution.
  33. * 3. All advertising materials mentioning features or use of this software
  34. * must display the following acknowledgement:
  35. * "This product includes cryptographic software written by
  36. * Eric Young (eay@cryptsoft.com)"
  37. * The word 'cryptographic' can be left out if the rouines from the library
  38. * being used are not cryptographic related :-).
  39. * 4. If you include any Windows specific code (or a derivative thereof) from
  40. * the apps directory (application code) you must include an acknowledgement:
  41. * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
  42. *
  43. * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
  44. * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  45. * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  46. * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
  47. * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  48. * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  49. * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  50. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  51. * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  52. * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  53. * SUCH DAMAGE.
  54. *
  55. * The licence and distribution terms for any publically available version or
  56. * derivative of this code cannot be changed. i.e. this code cannot simply be
  57. * copied and put under another distribution licence
  58. * [including the GNU Public Licence.]
  59. */
  60. /* ====================================================================
  61. * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
  62. *
  63. * Redistribution and use in source and binary forms, with or without
  64. * modification, are permitted provided that the following conditions
  65. * are met:
  66. *
  67. * 1. Redistributions of source code must retain the above copyright
  68. * notice, this list of conditions and the following disclaimer.
  69. *
  70. * 2. Redistributions in binary form must reproduce the above copyright
  71. * notice, this list of conditions and the following disclaimer in
  72. * the documentation and/or other materials provided with the
  73. * distribution.
  74. *
  75. * 3. All advertising materials mentioning features or use of this
  76. * software must display the following acknowledgment:
  77. * "This product includes software developed by the OpenSSL Project
  78. * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
  79. *
  80. * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
  81. * endorse or promote products derived from this software without
  82. * prior written permission. For written permission, please contact
  83. * openssl-core@openssl.org.
  84. *
  85. * 5. Products derived from this software may not be called "OpenSSL"
  86. * nor may "OpenSSL" appear in their names without prior written
  87. * permission of the OpenSSL Project.
  88. *
  89. * 6. Redistributions of any form whatsoever must retain the following
  90. * acknowledgment:
  91. * "This product includes software developed by the OpenSSL Project
  92. * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
  93. *
  94. * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
  95. * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  96. * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  97. * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
  98. * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  99. * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  100. * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  101. * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  102. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  103. * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  104. * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  105. * OF THE POSSIBILITY OF SUCH DAMAGE.
  106. * ====================================================================
  107. *
  108. * This product includes cryptographic software written by Eric Young
  109. * (eay@cryptsoft.com). This product includes software written by Tim
  110. * Hudson (tjh@cryptsoft.com).
  111. *
  112. */
  113. /* ====================================================================
  114. * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
  115. * ECC cipher suite support in OpenSSL originally developed by
  116. * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
  117. */
  118. #ifdef REF_CHECK
  119. # include <assert.h>
  120. #endif
  121. #include <stdio.h>
  122. #include "ssl_locl.h"
  123. #include "kssl_lcl.h"
  124. #include <openssl/objects.h>
  125. #include <openssl/lhash.h>
  126. #include <openssl/x509v3.h>
  127. #include <openssl/rand.h>
  128. #include <openssl/ocsp.h>
  129. #ifndef OPENSSL_NO_DH
  130. # include <openssl/dh.h>
  131. #endif
  132. #ifndef OPENSSL_NO_ENGINE
  133. # include <openssl/engine.h>
  134. #endif
  135. const char *SSL_version_str = OPENSSL_VERSION_TEXT;
  136. SSL3_ENC_METHOD ssl3_undef_enc_method = {
  137. /*
  138. * evil casts, but these functions are only called if there's a library
  139. * bug
  140. */
  141. (int (*)(SSL *, int))ssl_undefined_function,
  142. (int (*)(SSL *, unsigned char *, int))ssl_undefined_function,
  143. ssl_undefined_function,
  144. (int (*)(SSL *, unsigned char *, unsigned char *, int))
  145. ssl_undefined_function,
  146. (int (*)(SSL *, int))ssl_undefined_function,
  147. (int (*)
  148. (SSL *, EVP_MD_CTX *, EVP_MD_CTX *, const char *, int,
  149. unsigned char *))ssl_undefined_function,
  150. 0, /* finish_mac_length */
  151. (int (*)(SSL *, EVP_MD_CTX *, unsigned char *))ssl_undefined_function,
  152. NULL, /* client_finished_label */
  153. 0, /* client_finished_label_len */
  154. NULL, /* server_finished_label */
  155. 0, /* server_finished_label_len */
  156. (int (*)(int))ssl_undefined_function
  157. };
  158. int SSL_clear(SSL *s)
  159. {
  160. if (s->method == NULL) {
  161. SSLerr(SSL_F_SSL_CLEAR, SSL_R_NO_METHOD_SPECIFIED);
  162. return (0);
  163. }
  164. if (ssl_clear_bad_session(s)) {
  165. SSL_SESSION_free(s->session);
  166. s->session = NULL;
  167. }
  168. s->error = 0;
  169. s->hit = 0;
  170. s->shutdown = 0;
  171. #if 0
  172. /*
  173. * Disabled since version 1.10 of this file (early return not
  174. * needed because SSL_clear is not called when doing renegotiation)
  175. */
  176. /*
  177. * This is set if we are doing dynamic renegotiation so keep
  178. * the old cipher. It is sort of a SSL_clear_lite :-)
  179. */
  180. if (s->new_session)
  181. return (1);
  182. #else
  183. if (s->new_session) {
  184. SSLerr(SSL_F_SSL_CLEAR, ERR_R_INTERNAL_ERROR);
  185. return 0;
  186. }
  187. #endif
  188. s->type = 0;
  189. s->state = SSL_ST_BEFORE | ((s->server) ? SSL_ST_ACCEPT : SSL_ST_CONNECT);
  190. s->version = s->method->version;
  191. s->client_version = s->version;
  192. s->rwstate = SSL_NOTHING;
  193. s->rstate = SSL_ST_READ_HEADER;
  194. #if 0
  195. s->read_ahead = s->ctx->read_ahead;
  196. #endif
  197. if (s->init_buf != NULL) {
  198. BUF_MEM_free(s->init_buf);
  199. s->init_buf = NULL;
  200. }
  201. ssl_clear_cipher_ctx(s);
  202. s->first_packet = 0;
  203. #if 1
  204. /*
  205. * Check to see if we were changed into a different method, if so, revert
  206. * back if we are not doing session-id reuse.
  207. */
  208. if (!s->in_handshake && (s->session == NULL)
  209. && (s->method != s->ctx->method)) {
  210. s->method->ssl_free(s);
  211. s->method = s->ctx->method;
  212. if (!s->method->ssl_new(s))
  213. return (0);
  214. } else
  215. #endif
  216. s->method->ssl_clear(s);
  217. return (1);
  218. }
  219. /** Used to change an SSL_CTXs default SSL method type */
  220. int SSL_CTX_set_ssl_version(SSL_CTX *ctx, SSL_METHOD *meth)
  221. {
  222. STACK_OF(SSL_CIPHER) *sk;
  223. ctx->method = meth;
  224. sk = ssl_create_cipher_list(ctx->method, &(ctx->cipher_list),
  225. &(ctx->cipher_list_by_id),
  226. SSL_DEFAULT_CIPHER_LIST);
  227. if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0)) {
  228. SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION,
  229. SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
  230. return (0);
  231. }
  232. return (1);
  233. }
  234. SSL *SSL_new(SSL_CTX *ctx)
  235. {
  236. SSL *s;
  237. if (ctx == NULL) {
  238. SSLerr(SSL_F_SSL_NEW, SSL_R_NULL_SSL_CTX);
  239. return (NULL);
  240. }
  241. if (ctx->method == NULL) {
  242. SSLerr(SSL_F_SSL_NEW, SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION);
  243. return (NULL);
  244. }
  245. s = (SSL *)OPENSSL_malloc(sizeof(SSL));
  246. if (s == NULL)
  247. goto err;
  248. memset(s, 0, sizeof(SSL));
  249. #ifndef OPENSSL_NO_KRB5
  250. s->kssl_ctx = kssl_ctx_new();
  251. #endif /* OPENSSL_NO_KRB5 */
  252. s->options = ctx->options;
  253. s->mode = ctx->mode;
  254. s->max_cert_list = ctx->max_cert_list;
  255. if (ctx->cert != NULL) {
  256. /*
  257. * Earlier library versions used to copy the pointer to the CERT, not
  258. * its contents; only when setting new parameters for the per-SSL
  259. * copy, ssl_cert_new would be called (and the direct reference to
  260. * the per-SSL_CTX settings would be lost, but those still were
  261. * indirectly accessed for various purposes, and for that reason they
  262. * used to be known as s->ctx->default_cert). Now we don't look at the
  263. * SSL_CTX's CERT after having duplicated it once.
  264. */
  265. s->cert = ssl_cert_dup(ctx->cert);
  266. if (s->cert == NULL)
  267. goto err;
  268. } else
  269. s->cert = NULL; /* Cannot really happen (see SSL_CTX_new) */
  270. s->read_ahead = ctx->read_ahead;
  271. s->msg_callback = ctx->msg_callback;
  272. s->msg_callback_arg = ctx->msg_callback_arg;
  273. s->verify_mode = ctx->verify_mode;
  274. #if 0
  275. s->verify_depth = ctx->verify_depth;
  276. #endif
  277. s->sid_ctx_length = ctx->sid_ctx_length;
  278. OPENSSL_assert(s->sid_ctx_length <= sizeof s->sid_ctx);
  279. memcpy(&s->sid_ctx, &ctx->sid_ctx, sizeof(s->sid_ctx));
  280. s->verify_callback = ctx->default_verify_callback;
  281. s->generate_session_id = ctx->generate_session_id;
  282. s->param = X509_VERIFY_PARAM_new();
  283. if (!s->param)
  284. goto err;
  285. X509_VERIFY_PARAM_inherit(s->param, ctx->param);
  286. #if 0
  287. s->purpose = ctx->purpose;
  288. s->trust = ctx->trust;
  289. #endif
  290. s->quiet_shutdown = ctx->quiet_shutdown;
  291. CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
  292. s->ctx = ctx;
  293. #ifndef OPENSSL_NO_TLSEXT
  294. s->tlsext_debug_cb = 0;
  295. s->tlsext_debug_arg = NULL;
  296. s->tlsext_ticket_expected = 0;
  297. s->tlsext_status_type = -1;
  298. s->tlsext_status_expected = 0;
  299. s->tlsext_ocsp_ids = NULL;
  300. s->tlsext_ocsp_exts = NULL;
  301. s->tlsext_ocsp_resp = NULL;
  302. s->tlsext_ocsp_resplen = -1;
  303. CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
  304. s->initial_ctx = ctx;
  305. #endif
  306. s->verify_result = X509_V_OK;
  307. s->method = ctx->method;
  308. if (!s->method->ssl_new(s))
  309. goto err;
  310. s->references = 1;
  311. s->server = (ctx->method->ssl_accept == ssl_undefined_function) ? 0 : 1;
  312. SSL_clear(s);
  313. CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
  314. return (s);
  315. err:
  316. if (s != NULL) {
  317. if (s->cert != NULL)
  318. ssl_cert_free(s->cert);
  319. if (s->ctx != NULL)
  320. SSL_CTX_free(s->ctx); /* decrement reference count */
  321. OPENSSL_free(s);
  322. }
  323. SSLerr(SSL_F_SSL_NEW, ERR_R_MALLOC_FAILURE);
  324. return (NULL);
  325. }
  326. int SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx,
  327. unsigned int sid_ctx_len)
  328. {
  329. if (sid_ctx_len > sizeof ctx->sid_ctx) {
  330. SSLerr(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT,
  331. SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
  332. return 0;
  333. }
  334. ctx->sid_ctx_length = sid_ctx_len;
  335. memcpy(ctx->sid_ctx, sid_ctx, sid_ctx_len);
  336. return 1;
  337. }
  338. int SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx,
  339. unsigned int sid_ctx_len)
  340. {
  341. if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {
  342. SSLerr(SSL_F_SSL_SET_SESSION_ID_CONTEXT,
  343. SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
  344. return 0;
  345. }
  346. ssl->sid_ctx_length = sid_ctx_len;
  347. memcpy(ssl->sid_ctx, sid_ctx, sid_ctx_len);
  348. return 1;
  349. }
  350. int SSL_CTX_set_generate_session_id(SSL_CTX *ctx, GEN_SESSION_CB cb)
  351. {
  352. CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
  353. ctx->generate_session_id = cb;
  354. CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
  355. return 1;
  356. }
  357. int SSL_set_generate_session_id(SSL *ssl, GEN_SESSION_CB cb)
  358. {
  359. CRYPTO_w_lock(CRYPTO_LOCK_SSL);
  360. ssl->generate_session_id = cb;
  361. CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
  362. return 1;
  363. }
  364. int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
  365. unsigned int id_len)
  366. {
  367. /*
  368. * A quick examination of SSL_SESSION_hash and SSL_SESSION_cmp shows how
  369. * we can "construct" a session to give us the desired check - ie. to
  370. * find if there's a session in the hash table that would conflict with
  371. * any new session built out of this id/id_len and the ssl_version in use
  372. * by this SSL.
  373. */
  374. SSL_SESSION r, *p;
  375. if (id_len > sizeof r.session_id)
  376. return 0;
  377. r.ssl_version = ssl->version;
  378. r.session_id_length = id_len;
  379. memcpy(r.session_id, id, id_len);
  380. /*
  381. * NB: SSLv2 always uses a fixed 16-byte session ID, so even if a
  382. * callback is calling us to check the uniqueness of a shorter ID, it
  383. * must be compared as a padded-out ID because that is what it will be
  384. * converted to when the callback has finished choosing it.
  385. */
  386. if ((r.ssl_version == SSL2_VERSION) &&
  387. (id_len < SSL2_SSL_SESSION_ID_LENGTH)) {
  388. memset(r.session_id + id_len, 0, SSL2_SSL_SESSION_ID_LENGTH - id_len);
  389. r.session_id_length = SSL2_SSL_SESSION_ID_LENGTH;
  390. }
  391. CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
  392. p = (SSL_SESSION *)lh_retrieve(ssl->ctx->sessions, &r);
  393. CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
  394. return (p != NULL);
  395. }
  396. int SSL_CTX_set_purpose(SSL_CTX *s, int purpose)
  397. {
  398. return X509_VERIFY_PARAM_set_purpose(s->param, purpose);
  399. }
  400. int SSL_set_purpose(SSL *s, int purpose)
  401. {
  402. return X509_VERIFY_PARAM_set_purpose(s->param, purpose);
  403. }
  404. int SSL_CTX_set_trust(SSL_CTX *s, int trust)
  405. {
  406. return X509_VERIFY_PARAM_set_trust(s->param, trust);
  407. }
  408. int SSL_set_trust(SSL *s, int trust)
  409. {
  410. return X509_VERIFY_PARAM_set_trust(s->param, trust);
  411. }
  412. void SSL_free(SSL *s)
  413. {
  414. int i;
  415. if (s == NULL)
  416. return;
  417. i = CRYPTO_add(&s->references, -1, CRYPTO_LOCK_SSL);
  418. #ifdef REF_PRINT
  419. REF_PRINT("SSL", s);
  420. #endif
  421. if (i > 0)
  422. return;
  423. #ifdef REF_CHECK
  424. if (i < 0) {
  425. fprintf(stderr, "SSL_free, bad reference count\n");
  426. abort(); /* ok */
  427. }
  428. #endif
  429. if (s->param)
  430. X509_VERIFY_PARAM_free(s->param);
  431. CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
  432. if (s->bbio != NULL) {
  433. /* If the buffering BIO is in place, pop it off */
  434. if (s->bbio == s->wbio) {
  435. s->wbio = BIO_pop(s->wbio);
  436. }
  437. BIO_free(s->bbio);
  438. s->bbio = NULL;
  439. }
  440. if (s->rbio != NULL)
  441. BIO_free_all(s->rbio);
  442. if ((s->wbio != NULL) && (s->wbio != s->rbio))
  443. BIO_free_all(s->wbio);
  444. if (s->init_buf != NULL)
  445. BUF_MEM_free(s->init_buf);
  446. /* add extra stuff */
  447. if (s->cipher_list != NULL)
  448. sk_SSL_CIPHER_free(s->cipher_list);
  449. if (s->cipher_list_by_id != NULL)
  450. sk_SSL_CIPHER_free(s->cipher_list_by_id);
  451. /* Make the next call work :-) */
  452. if (s->session != NULL) {
  453. ssl_clear_bad_session(s);
  454. SSL_SESSION_free(s->session);
  455. }
  456. ssl_clear_cipher_ctx(s);
  457. if (s->cert != NULL)
  458. ssl_cert_free(s->cert);
  459. /* Free up if allocated */
  460. #ifndef OPENSSL_NO_TLSEXT
  461. if (s->tlsext_hostname)
  462. OPENSSL_free(s->tlsext_hostname);
  463. if (s->initial_ctx)
  464. SSL_CTX_free(s->initial_ctx);
  465. if (s->tlsext_ocsp_exts)
  466. sk_X509_EXTENSION_pop_free(s->tlsext_ocsp_exts, X509_EXTENSION_free);
  467. if (s->tlsext_ocsp_ids)
  468. sk_OCSP_RESPID_pop_free(s->tlsext_ocsp_ids, OCSP_RESPID_free);
  469. if (s->tlsext_ocsp_resp)
  470. OPENSSL_free(s->tlsext_ocsp_resp);
  471. #endif
  472. if (s->client_CA != NULL)
  473. sk_X509_NAME_pop_free(s->client_CA, X509_NAME_free);
  474. if (s->method != NULL)
  475. s->method->ssl_free(s);
  476. if (s->ctx)
  477. SSL_CTX_free(s->ctx);
  478. #ifndef OPENSSL_NO_KRB5
  479. if (s->kssl_ctx != NULL)
  480. kssl_ctx_free(s->kssl_ctx);
  481. #endif /* OPENSSL_NO_KRB5 */
  482. OPENSSL_free(s);
  483. }
  484. void SSL_set_bio(SSL *s, BIO *rbio, BIO *wbio)
  485. {
  486. /*
  487. * If the output buffering BIO is still in place, remove it
  488. */
  489. if (s->bbio != NULL) {
  490. if (s->wbio == s->bbio) {
  491. s->wbio = s->wbio->next_bio;
  492. s->bbio->next_bio = NULL;
  493. }
  494. }
  495. if ((s->rbio != NULL) && (s->rbio != rbio))
  496. BIO_free_all(s->rbio);
  497. if ((s->wbio != NULL) && (s->wbio != wbio) && (s->rbio != s->wbio))
  498. BIO_free_all(s->wbio);
  499. s->rbio = rbio;
  500. s->wbio = wbio;
  501. }
  502. BIO *SSL_get_rbio(const SSL *s)
  503. {
  504. return (s->rbio);
  505. }
  506. BIO *SSL_get_wbio(const SSL *s)
  507. {
  508. return (s->wbio);
  509. }
  510. int SSL_get_fd(const SSL *s)
  511. {
  512. return (SSL_get_rfd(s));
  513. }
  514. int SSL_get_rfd(const SSL *s)
  515. {
  516. int ret = -1;
  517. BIO *b, *r;
  518. b = SSL_get_rbio(s);
  519. r = BIO_find_type(b, BIO_TYPE_DESCRIPTOR);
  520. if (r != NULL)
  521. BIO_get_fd(r, &ret);
  522. return (ret);
  523. }
  524. int SSL_get_wfd(const SSL *s)
  525. {
  526. int ret = -1;
  527. BIO *b, *r;
  528. b = SSL_get_wbio(s);
  529. r = BIO_find_type(b, BIO_TYPE_DESCRIPTOR);
  530. if (r != NULL)
  531. BIO_get_fd(r, &ret);
  532. return (ret);
  533. }
  534. #ifndef OPENSSL_NO_SOCK
  535. int SSL_set_fd(SSL *s, int fd)
  536. {
  537. int ret = 0;
  538. BIO *bio = NULL;
  539. bio = BIO_new(BIO_s_socket());
  540. if (bio == NULL) {
  541. SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB);
  542. goto err;
  543. }
  544. BIO_set_fd(bio, fd, BIO_NOCLOSE);
  545. SSL_set_bio(s, bio, bio);
  546. ret = 1;
  547. err:
  548. return (ret);
  549. }
  550. int SSL_set_wfd(SSL *s, int fd)
  551. {
  552. int ret = 0;
  553. BIO *bio = NULL;
  554. if ((s->rbio == NULL) || (BIO_method_type(s->rbio) != BIO_TYPE_SOCKET)
  555. || ((int)BIO_get_fd(s->rbio, NULL) != fd)) {
  556. bio = BIO_new(BIO_s_socket());
  557. if (bio == NULL) {
  558. SSLerr(SSL_F_SSL_SET_WFD, ERR_R_BUF_LIB);
  559. goto err;
  560. }
  561. BIO_set_fd(bio, fd, BIO_NOCLOSE);
  562. SSL_set_bio(s, SSL_get_rbio(s), bio);
  563. } else
  564. SSL_set_bio(s, SSL_get_rbio(s), SSL_get_rbio(s));
  565. ret = 1;
  566. err:
  567. return (ret);
  568. }
  569. int SSL_set_rfd(SSL *s, int fd)
  570. {
  571. int ret = 0;
  572. BIO *bio = NULL;
  573. if ((s->wbio == NULL) || (BIO_method_type(s->wbio) != BIO_TYPE_SOCKET)
  574. || ((int)BIO_get_fd(s->wbio, NULL) != fd)) {
  575. bio = BIO_new(BIO_s_socket());
  576. if (bio == NULL) {
  577. SSLerr(SSL_F_SSL_SET_RFD, ERR_R_BUF_LIB);
  578. goto err;
  579. }
  580. BIO_set_fd(bio, fd, BIO_NOCLOSE);
  581. SSL_set_bio(s, bio, SSL_get_wbio(s));
  582. } else
  583. SSL_set_bio(s, SSL_get_wbio(s), SSL_get_wbio(s));
  584. ret = 1;
  585. err:
  586. return (ret);
  587. }
  588. #endif
  589. /* return length of latest Finished message we sent, copy to 'buf' */
  590. size_t SSL_get_finished(const SSL *s, void *buf, size_t count)
  591. {
  592. size_t ret = 0;
  593. if (s->s3 != NULL) {
  594. ret = s->s3->tmp.finish_md_len;
  595. if (count > ret)
  596. count = ret;
  597. memcpy(buf, s->s3->tmp.finish_md, count);
  598. }
  599. return ret;
  600. }
  601. /* return length of latest Finished message we expected, copy to 'buf' */
  602. size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count)
  603. {
  604. size_t ret = 0;
  605. if (s->s3 != NULL) {
  606. ret = s->s3->tmp.peer_finish_md_len;
  607. if (count > ret)
  608. count = ret;
  609. memcpy(buf, s->s3->tmp.peer_finish_md, count);
  610. }
  611. return ret;
  612. }
  613. int SSL_get_verify_mode(const SSL *s)
  614. {
  615. return (s->verify_mode);
  616. }
  617. int SSL_get_verify_depth(const SSL *s)
  618. {
  619. return X509_VERIFY_PARAM_get_depth(s->param);
  620. }
  621. int (*SSL_get_verify_callback(const SSL *s)) (int, X509_STORE_CTX *) {
  622. return (s->verify_callback);
  623. }
  624. int SSL_CTX_get_verify_mode(const SSL_CTX *ctx)
  625. {
  626. return (ctx->verify_mode);
  627. }
  628. int SSL_CTX_get_verify_depth(const SSL_CTX *ctx)
  629. {
  630. return X509_VERIFY_PARAM_get_depth(ctx->param);
  631. }
  632. int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx)) (int, X509_STORE_CTX *) {
  633. return (ctx->default_verify_callback);
  634. }
  635. void SSL_set_verify(SSL *s, int mode,
  636. int (*callback) (int ok, X509_STORE_CTX *ctx))
  637. {
  638. s->verify_mode = mode;
  639. if (callback != NULL)
  640. s->verify_callback = callback;
  641. }
  642. void SSL_set_verify_depth(SSL *s, int depth)
  643. {
  644. X509_VERIFY_PARAM_set_depth(s->param, depth);
  645. }
  646. void SSL_set_read_ahead(SSL *s, int yes)
  647. {
  648. s->read_ahead = yes;
  649. }
  650. int SSL_get_read_ahead(const SSL *s)
  651. {
  652. return (s->read_ahead);
  653. }
  654. int SSL_pending(const SSL *s)
  655. {
  656. /*
  657. * SSL_pending cannot work properly if read-ahead is enabled
  658. * (SSL_[CTX_]ctrl(..., SSL_CTRL_SET_READ_AHEAD, 1, NULL)), and it is
  659. * impossible to fix since SSL_pending cannot report errors that may be
  660. * observed while scanning the new data. (Note that SSL_pending() is
  661. * often used as a boolean value, so we'd better not return -1.)
  662. */
  663. return (s->method->ssl_pending(s));
  664. }
  665. X509 *SSL_get_peer_certificate(const SSL *s)
  666. {
  667. X509 *r;
  668. if ((s == NULL) || (s->session == NULL))
  669. r = NULL;
  670. else
  671. r = s->session->peer;
  672. if (r == NULL)
  673. return (r);
  674. CRYPTO_add(&r->references, 1, CRYPTO_LOCK_X509);
  675. return (r);
  676. }
  677. STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *s)
  678. {
  679. STACK_OF(X509) *r;
  680. if ((s == NULL) || (s->session == NULL)
  681. || (s->session->sess_cert == NULL))
  682. r = NULL;
  683. else
  684. r = s->session->sess_cert->cert_chain;
  685. /*
  686. * If we are a client, cert_chain includes the peer's own certificate; if
  687. * we are a server, it does not.
  688. */
  689. return (r);
  690. }
  691. /*
  692. * Now in theory, since the calling process own 't' it should be safe to
  693. * modify. We need to be able to read f without being hassled
  694. */
  695. void SSL_copy_session_id(SSL *t, const SSL *f)
  696. {
  697. CERT *tmp;
  698. /* Do we need to to SSL locking? */
  699. SSL_set_session(t, SSL_get_session(f));
  700. /*
  701. * what if we are setup as SSLv2 but want to talk SSLv3 or vice-versa
  702. */
  703. if (t->method != f->method) {
  704. t->method->ssl_free(t); /* cleanup current */
  705. t->method = f->method; /* change method */
  706. t->method->ssl_new(t); /* setup new */
  707. }
  708. tmp = t->cert;
  709. if (f->cert != NULL) {
  710. CRYPTO_add(&f->cert->references, 1, CRYPTO_LOCK_SSL_CERT);
  711. t->cert = f->cert;
  712. } else
  713. t->cert = NULL;
  714. if (tmp != NULL)
  715. ssl_cert_free(tmp);
  716. SSL_set_session_id_context(t, f->sid_ctx, f->sid_ctx_length);
  717. }
  718. /* Fix this so it checks all the valid key/cert options */
  719. int SSL_CTX_check_private_key(const SSL_CTX *ctx)
  720. {
  721. if ((ctx == NULL) ||
  722. (ctx->cert == NULL) || (ctx->cert->key->x509 == NULL)) {
  723. SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,
  724. SSL_R_NO_CERTIFICATE_ASSIGNED);
  725. return (0);
  726. }
  727. if (ctx->cert->key->privatekey == NULL) {
  728. SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,
  729. SSL_R_NO_PRIVATE_KEY_ASSIGNED);
  730. return (0);
  731. }
  732. return (X509_check_private_key
  733. (ctx->cert->key->x509, ctx->cert->key->privatekey));
  734. }
  735. /* Fix this function so that it takes an optional type parameter */
  736. int SSL_check_private_key(const SSL *ssl)
  737. {
  738. if (ssl == NULL) {
  739. SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY, ERR_R_PASSED_NULL_PARAMETER);
  740. return (0);
  741. }
  742. if (ssl->cert == NULL) {
  743. SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY, SSL_R_NO_CERTIFICATE_ASSIGNED);
  744. return 0;
  745. }
  746. if (ssl->cert->key->x509 == NULL) {
  747. SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY, SSL_R_NO_CERTIFICATE_ASSIGNED);
  748. return (0);
  749. }
  750. if (ssl->cert->key->privatekey == NULL) {
  751. SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY, SSL_R_NO_PRIVATE_KEY_ASSIGNED);
  752. return (0);
  753. }
  754. return (X509_check_private_key(ssl->cert->key->x509,
  755. ssl->cert->key->privatekey));
  756. }
  757. int SSL_accept(SSL *s)
  758. {
  759. if (s->handshake_func == 0)
  760. /* Not properly initialized yet */
  761. SSL_set_accept_state(s);
  762. return (s->method->ssl_accept(s));
  763. }
  764. int SSL_connect(SSL *s)
  765. {
  766. if (s->handshake_func == 0)
  767. /* Not properly initialized yet */
  768. SSL_set_connect_state(s);
  769. return (s->method->ssl_connect(s));
  770. }
  771. long SSL_get_default_timeout(const SSL *s)
  772. {
  773. return (s->method->get_timeout());
  774. }
  775. int SSL_read(SSL *s, void *buf, int num)
  776. {
  777. if (s->handshake_func == 0) {
  778. SSLerr(SSL_F_SSL_READ, SSL_R_UNINITIALIZED);
  779. return -1;
  780. }
  781. if (s->shutdown & SSL_RECEIVED_SHUTDOWN) {
  782. s->rwstate = SSL_NOTHING;
  783. return (0);
  784. }
  785. return (s->method->ssl_read(s, buf, num));
  786. }
  787. int SSL_peek(SSL *s, void *buf, int num)
  788. {
  789. if (s->handshake_func == 0) {
  790. SSLerr(SSL_F_SSL_PEEK, SSL_R_UNINITIALIZED);
  791. return -1;
  792. }
  793. if (s->shutdown & SSL_RECEIVED_SHUTDOWN) {
  794. return (0);
  795. }
  796. return (s->method->ssl_peek(s, buf, num));
  797. }
  798. int SSL_write(SSL *s, const void *buf, int num)
  799. {
  800. if (s->handshake_func == 0) {
  801. SSLerr(SSL_F_SSL_WRITE, SSL_R_UNINITIALIZED);
  802. return -1;
  803. }
  804. if (s->shutdown & SSL_SENT_SHUTDOWN) {
  805. s->rwstate = SSL_NOTHING;
  806. SSLerr(SSL_F_SSL_WRITE, SSL_R_PROTOCOL_IS_SHUTDOWN);
  807. return (-1);
  808. }
  809. return (s->method->ssl_write(s, buf, num));
  810. }
  811. int SSL_shutdown(SSL *s)
  812. {
  813. /*
  814. * Note that this function behaves differently from what one might
  815. * expect. Return values are 0 for no success (yet), 1 for success; but
  816. * calling it once is usually not enough, even if blocking I/O is used
  817. * (see ssl3_shutdown).
  818. */
  819. if (s->handshake_func == 0) {
  820. SSLerr(SSL_F_SSL_SHUTDOWN, SSL_R_UNINITIALIZED);
  821. return -1;
  822. }
  823. if ((s != NULL) && !SSL_in_init(s))
  824. return (s->method->ssl_shutdown(s));
  825. else
  826. return (1);
  827. }
  828. int SSL_renegotiate(SSL *s)
  829. {
  830. if (s->new_session == 0) {
  831. s->new_session = 1;
  832. }
  833. return (s->method->ssl_renegotiate(s));
  834. }
  835. int SSL_renegotiate_pending(SSL *s)
  836. {
  837. /*
  838. * becomes true when negotiation is requested; false again once a
  839. * handshake has finished
  840. */
  841. return (s->new_session != 0);
  842. }
  843. long SSL_ctrl(SSL *s, int cmd, long larg, void *parg)
  844. {
  845. long l;
  846. switch (cmd) {
  847. case SSL_CTRL_GET_READ_AHEAD:
  848. return (s->read_ahead);
  849. case SSL_CTRL_SET_READ_AHEAD:
  850. l = s->read_ahead;
  851. s->read_ahead = larg;
  852. return (l);
  853. case SSL_CTRL_SET_MSG_CALLBACK_ARG:
  854. s->msg_callback_arg = parg;
  855. return 1;
  856. case SSL_CTRL_OPTIONS:
  857. return (s->options |= larg);
  858. case SSL_CTRL_CLEAR_OPTIONS:
  859. return (s->options &= ~larg);
  860. case SSL_CTRL_MODE:
  861. return (s->mode |= larg);
  862. case SSL_CTRL_CLEAR_MODE:
  863. return (s->mode &= ~larg);
  864. case SSL_CTRL_GET_MAX_CERT_LIST:
  865. return (s->max_cert_list);
  866. case SSL_CTRL_SET_MAX_CERT_LIST:
  867. l = s->max_cert_list;
  868. s->max_cert_list = larg;
  869. return (l);
  870. case SSL_CTRL_SET_MTU:
  871. #ifndef OPENSSL_NO_DTLS1
  872. if (larg < (long)dtls1_min_mtu())
  873. return 0;
  874. #endif
  875. if (SSL_version(s) == DTLS1_VERSION ||
  876. SSL_version(s) == DTLS1_BAD_VER) {
  877. s->d1->mtu = larg;
  878. return larg;
  879. }
  880. return 0;
  881. case SSL_CTRL_GET_RI_SUPPORT:
  882. if (s->s3)
  883. return s->s3->send_connection_binding;
  884. else
  885. return 0;
  886. default:
  887. return (s->method->ssl_ctrl(s, cmd, larg, parg));
  888. }
  889. }
  890. long SSL_callback_ctrl(SSL *s, int cmd, void (*fp) (void))
  891. {
  892. switch (cmd) {
  893. case SSL_CTRL_SET_MSG_CALLBACK:
  894. s->msg_callback = (void (*)
  895. (int write_p, int version, int content_type,
  896. const void *buf, size_t len, SSL *ssl,
  897. void *arg))(fp);
  898. return 1;
  899. default:
  900. return (s->method->ssl_callback_ctrl(s, cmd, fp));
  901. }
  902. }
  903. struct lhash_st *SSL_CTX_sessions(SSL_CTX *ctx)
  904. {
  905. return ctx->sessions;
  906. }
  907. long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
  908. {
  909. long l;
  910. switch (cmd) {
  911. case SSL_CTRL_GET_READ_AHEAD:
  912. return (ctx->read_ahead);
  913. case SSL_CTRL_SET_READ_AHEAD:
  914. l = ctx->read_ahead;
  915. ctx->read_ahead = larg;
  916. return (l);
  917. case SSL_CTRL_SET_MSG_CALLBACK_ARG:
  918. ctx->msg_callback_arg = parg;
  919. return 1;
  920. case SSL_CTRL_GET_MAX_CERT_LIST:
  921. return (ctx->max_cert_list);
  922. case SSL_CTRL_SET_MAX_CERT_LIST:
  923. l = ctx->max_cert_list;
  924. ctx->max_cert_list = larg;
  925. return (l);
  926. case SSL_CTRL_SET_SESS_CACHE_SIZE:
  927. l = ctx->session_cache_size;
  928. ctx->session_cache_size = larg;
  929. return (l);
  930. case SSL_CTRL_GET_SESS_CACHE_SIZE:
  931. return (ctx->session_cache_size);
  932. case SSL_CTRL_SET_SESS_CACHE_MODE:
  933. l = ctx->session_cache_mode;
  934. ctx->session_cache_mode = larg;
  935. return (l);
  936. case SSL_CTRL_GET_SESS_CACHE_MODE:
  937. return (ctx->session_cache_mode);
  938. case SSL_CTRL_SESS_NUMBER:
  939. return (ctx->sessions->num_items);
  940. case SSL_CTRL_SESS_CONNECT:
  941. return (ctx->stats.sess_connect);
  942. case SSL_CTRL_SESS_CONNECT_GOOD:
  943. return (ctx->stats.sess_connect_good);
  944. case SSL_CTRL_SESS_CONNECT_RENEGOTIATE:
  945. return (ctx->stats.sess_connect_renegotiate);
  946. case SSL_CTRL_SESS_ACCEPT:
  947. return (ctx->stats.sess_accept);
  948. case SSL_CTRL_SESS_ACCEPT_GOOD:
  949. return (ctx->stats.sess_accept_good);
  950. case SSL_CTRL_SESS_ACCEPT_RENEGOTIATE:
  951. return (ctx->stats.sess_accept_renegotiate);
  952. case SSL_CTRL_SESS_HIT:
  953. return (ctx->stats.sess_hit);
  954. case SSL_CTRL_SESS_CB_HIT:
  955. return (ctx->stats.sess_cb_hit);
  956. case SSL_CTRL_SESS_MISSES:
  957. return (ctx->stats.sess_miss);
  958. case SSL_CTRL_SESS_TIMEOUTS:
  959. return (ctx->stats.sess_timeout);
  960. case SSL_CTRL_SESS_CACHE_FULL:
  961. return (ctx->stats.sess_cache_full);
  962. case SSL_CTRL_OPTIONS:
  963. return (ctx->options |= larg);
  964. case SSL_CTRL_CLEAR_OPTIONS:
  965. return (ctx->options &= ~larg);
  966. case SSL_CTRL_MODE:
  967. return (ctx->mode |= larg);
  968. case SSL_CTRL_CLEAR_MODE:
  969. return (ctx->mode &= ~larg);
  970. default:
  971. return (ctx->method->ssl_ctx_ctrl(ctx, cmd, larg, parg));
  972. }
  973. }
  974. long SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void))
  975. {
  976. switch (cmd) {
  977. case SSL_CTRL_SET_MSG_CALLBACK:
  978. ctx->msg_callback = (void (*)
  979. (int write_p, int version, int content_type,
  980. const void *buf, size_t len, SSL *ssl,
  981. void *arg))(fp);
  982. return 1;
  983. default:
  984. return (ctx->method->ssl_ctx_callback_ctrl(ctx, cmd, fp));
  985. }
  986. }
  987. int ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b)
  988. {
  989. long l;
  990. l = a->id - b->id;
  991. if (l == 0L)
  992. return (0);
  993. else
  994. return ((l > 0) ? 1 : -1);
  995. }
  996. int ssl_cipher_ptr_id_cmp(const SSL_CIPHER *const *ap,
  997. const SSL_CIPHER *const *bp)
  998. {
  999. long l;
  1000. l = (*ap)->id - (*bp)->id;
  1001. if (l == 0L)
  1002. return (0);
  1003. else
  1004. return ((l > 0) ? 1 : -1);
  1005. }
  1006. /** return a STACK of the ciphers available for the SSL and in order of
  1007. * preference */
  1008. STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s)
  1009. {
  1010. if (s != NULL) {
  1011. if (s->cipher_list != NULL) {
  1012. return (s->cipher_list);
  1013. } else if ((s->ctx != NULL) && (s->ctx->cipher_list != NULL)) {
  1014. return (s->ctx->cipher_list);
  1015. }
  1016. }
  1017. return (NULL);
  1018. }
  1019. /** return a STACK of the ciphers available for the SSL and in order of
  1020. * algorithm id */
  1021. STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s)
  1022. {
  1023. if (s != NULL) {
  1024. if (s->cipher_list_by_id != NULL) {
  1025. return (s->cipher_list_by_id);
  1026. } else if ((s->ctx != NULL) && (s->ctx->cipher_list_by_id != NULL)) {
  1027. return (s->ctx->cipher_list_by_id);
  1028. }
  1029. }
  1030. return (NULL);
  1031. }
  1032. /** The old interface to get the same thing as SSL_get_ciphers() */
  1033. const char *SSL_get_cipher_list(const SSL *s, int n)
  1034. {
  1035. SSL_CIPHER *c;
  1036. STACK_OF(SSL_CIPHER) *sk;
  1037. if (s == NULL)
  1038. return (NULL);
  1039. sk = SSL_get_ciphers(s);
  1040. if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= n))
  1041. return (NULL);
  1042. c = sk_SSL_CIPHER_value(sk, n);
  1043. if (c == NULL)
  1044. return (NULL);
  1045. return (c->name);
  1046. }
  1047. /** specify the ciphers to be used by default by the SSL_CTX */
  1048. int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str)
  1049. {
  1050. STACK_OF(SSL_CIPHER) *sk;
  1051. sk = ssl_create_cipher_list(ctx->method, &ctx->cipher_list,
  1052. &ctx->cipher_list_by_id, str);
  1053. /*
  1054. * ssl_create_cipher_list may return an empty stack if it was unable to
  1055. * find a cipher matching the given rule string (for example if the rule
  1056. * string specifies a cipher which has been disabled). This is not an
  1057. * error as far as ssl_create_cipher_list is concerned, and hence
  1058. * ctx->cipher_list and ctx->cipher_list_by_id has been updated.
  1059. */
  1060. if (sk == NULL)
  1061. return 0;
  1062. else if (sk_SSL_CIPHER_num(sk) == 0) {
  1063. SSLerr(SSL_F_SSL_CTX_SET_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH);
  1064. return 0;
  1065. }
  1066. return 1;
  1067. }
  1068. /** specify the ciphers to be used by the SSL */
  1069. int SSL_set_cipher_list(SSL *s, const char *str)
  1070. {
  1071. STACK_OF(SSL_CIPHER) *sk;
  1072. sk = ssl_create_cipher_list(s->ctx->method, &s->cipher_list,
  1073. &s->cipher_list_by_id, str);
  1074. /* see comment in SSL_CTX_set_cipher_list */
  1075. if (sk == NULL)
  1076. return 0;
  1077. else if (sk_SSL_CIPHER_num(sk) == 0) {
  1078. SSLerr(SSL_F_SSL_SET_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH);
  1079. return 0;
  1080. }
  1081. return 1;
  1082. }
  1083. /* works well for SSLv2, not so good for SSLv3 */
  1084. char *SSL_get_shared_ciphers(const SSL *s, char *buf, int len)
  1085. {
  1086. char *p;
  1087. STACK_OF(SSL_CIPHER) *sk;
  1088. SSL_CIPHER *c;
  1089. int i;
  1090. if ((s->session == NULL) || (s->session->ciphers == NULL) || (len < 2))
  1091. return (NULL);
  1092. p = buf;
  1093. sk = s->session->ciphers;
  1094. if (sk_SSL_CIPHER_num(sk) == 0)
  1095. return NULL;
  1096. for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
  1097. int n;
  1098. c = sk_SSL_CIPHER_value(sk, i);
  1099. n = strlen(c->name);
  1100. if (n + 1 > len) {
  1101. if (p != buf)
  1102. --p;
  1103. *p = '\0';
  1104. return buf;
  1105. }
  1106. strcpy(p, c->name);
  1107. p += n;
  1108. *(p++) = ':';
  1109. len -= n + 1;
  1110. }
  1111. p[-1] = '\0';
  1112. return (buf);
  1113. }
  1114. int ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk,
  1115. unsigned char *p,
  1116. int (*put_cb) (const SSL_CIPHER *,
  1117. unsigned char *))
  1118. {
  1119. int i, j = 0;
  1120. SSL_CIPHER *c;
  1121. unsigned char *q;
  1122. #ifndef OPENSSL_NO_KRB5
  1123. int nokrb5 = !kssl_tgt_is_available(s->kssl_ctx);
  1124. #endif /* OPENSSL_NO_KRB5 */
  1125. if (sk == NULL)
  1126. return (0);
  1127. q = p;
  1128. if (put_cb == NULL)
  1129. put_cb = s->method->put_cipher_by_char;
  1130. for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
  1131. c = sk_SSL_CIPHER_value(sk, i);
  1132. #ifndef OPENSSL_NO_KRB5
  1133. if ((c->algorithms & SSL_KRB5) && nokrb5)
  1134. continue;
  1135. #endif /* OPENSSL_NO_KRB5 */
  1136. j = put_cb(c, p);
  1137. p += j;
  1138. }
  1139. /*
  1140. * If p == q, no ciphers; caller indicates an error. Otherwise, add
  1141. * applicable SCSVs.
  1142. */
  1143. if (p != q) {
  1144. if (!s->new_session) {
  1145. static SSL_CIPHER scsv = {
  1146. 0, NULL, SSL3_CK_SCSV, 0, 0, 0, 0, 0, 0, 0,
  1147. };
  1148. j = put_cb(&scsv, p);
  1149. p += j;
  1150. #ifdef OPENSSL_RI_DEBUG
  1151. fprintf(stderr,
  1152. "TLS_EMPTY_RENEGOTIATION_INFO_SCSV sent by client\n");
  1153. #endif
  1154. }
  1155. if (s->mode & SSL_MODE_SEND_FALLBACK_SCSV) {
  1156. static SSL_CIPHER scsv = {
  1157. 0, NULL, SSL3_CK_FALLBACK_SCSV, 0, 0, 0, 0, 0, 0, 0,
  1158. };
  1159. j = put_cb(&scsv, p);
  1160. p += j;
  1161. }
  1162. }
  1163. return (p - q);
  1164. }
  1165. STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, unsigned char *p,
  1166. int num,
  1167. STACK_OF(SSL_CIPHER) **skp)
  1168. {
  1169. SSL_CIPHER *c;
  1170. STACK_OF(SSL_CIPHER) *sk;
  1171. int i, n;
  1172. if (s->s3)
  1173. s->s3->send_connection_binding = 0;
  1174. n = ssl_put_cipher_by_char(s, NULL, NULL);
  1175. if (n == 0 || (num % n) != 0) {
  1176. SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
  1177. SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
  1178. return (NULL);
  1179. }
  1180. if ((skp == NULL) || (*skp == NULL))
  1181. sk = sk_SSL_CIPHER_new_null(); /* change perhaps later */
  1182. else {
  1183. sk = *skp;
  1184. sk_SSL_CIPHER_zero(sk);
  1185. }
  1186. for (i = 0; i < num; i += n) {
  1187. /* Check for TLS_EMPTY_RENEGOTIATION_INFO_SCSV */
  1188. if (s->s3 && (n != 3 || !p[0]) &&
  1189. (p[n - 2] == ((SSL3_CK_SCSV >> 8) & 0xff)) &&
  1190. (p[n - 1] == (SSL3_CK_SCSV & 0xff))) {
  1191. /* SCSV fatal if renegotiating */
  1192. if (s->new_session) {
  1193. SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
  1194. SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING);
  1195. ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
  1196. goto err;
  1197. }
  1198. s->s3->send_connection_binding = 1;
  1199. p += n;
  1200. #ifdef OPENSSL_RI_DEBUG
  1201. fprintf(stderr, "SCSV received by server\n");
  1202. #endif
  1203. continue;
  1204. }
  1205. /* Check for TLS_FALLBACK_SCSV */
  1206. if ((n != 3 || !p[0]) &&
  1207. (p[n - 2] == ((SSL3_CK_FALLBACK_SCSV >> 8) & 0xff)) &&
  1208. (p[n - 1] == (SSL3_CK_FALLBACK_SCSV & 0xff))) {
  1209. /*
  1210. * The SCSV indicates that the client previously tried a higher
  1211. * version. Fail if the current version is an unexpected
  1212. * downgrade.
  1213. */
  1214. if (!SSL_ctrl(s, SSL_CTRL_CHECK_PROTO_VERSION, 0, NULL)) {
  1215. SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
  1216. SSL_R_INAPPROPRIATE_FALLBACK);
  1217. if (s->s3)
  1218. ssl3_send_alert(s, SSL3_AL_FATAL,
  1219. SSL_AD_INAPPROPRIATE_FALLBACK);
  1220. goto err;
  1221. }
  1222. p += n;
  1223. continue;
  1224. }
  1225. c = ssl_get_cipher_by_char(s, p);
  1226. p += n;
  1227. if (c != NULL) {
  1228. if (!sk_SSL_CIPHER_push(sk, c)) {
  1229. SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
  1230. goto err;
  1231. }
  1232. }
  1233. }
  1234. if (skp != NULL)
  1235. *skp = sk;
  1236. return (sk);
  1237. err:
  1238. if ((skp == NULL) || (*skp == NULL))
  1239. sk_SSL_CIPHER_free(sk);
  1240. return (NULL);
  1241. }
  1242. #ifndef OPENSSL_NO_TLSEXT
  1243. /** return a servername extension value if provided in Client Hello, or NULL.
  1244. * So far, only host_name types are defined (RFC 3546).
  1245. */
  1246. const char *SSL_get_servername(const SSL *s, const int type)
  1247. {
  1248. if (type != TLSEXT_NAMETYPE_host_name)
  1249. return NULL;
  1250. return s->session && !s->tlsext_hostname ?
  1251. s->session->tlsext_hostname : s->tlsext_hostname;
  1252. }
  1253. int SSL_get_servername_type(const SSL *s)
  1254. {
  1255. if (s->session
  1256. && (!s->tlsext_hostname ? s->session->
  1257. tlsext_hostname : s->tlsext_hostname))
  1258. return TLSEXT_NAMETYPE_host_name;
  1259. return -1;
  1260. }
  1261. #endif
  1262. unsigned long SSL_SESSION_hash(const SSL_SESSION *a)
  1263. {
  1264. unsigned long l;
  1265. l = (unsigned long)
  1266. ((unsigned int)a->session_id[0]) |
  1267. ((unsigned int)a->session_id[1] << 8L) |
  1268. ((unsigned long)a->session_id[2] << 16L) |
  1269. ((unsigned long)a->session_id[3] << 24L);
  1270. return (l);
  1271. }
  1272. /*
  1273. * NB: If this function (or indeed the hash function which uses a sort of
  1274. * coarser function than this one) is changed, ensure
  1275. * SSL_CTX_has_matching_session_id() is checked accordingly. It relies on
  1276. * being able to construct an SSL_SESSION that will collide with any existing
  1277. * session with a matching session ID.
  1278. */
  1279. int SSL_SESSION_cmp(const SSL_SESSION *a, const SSL_SESSION *b)
  1280. {
  1281. if (a->ssl_version != b->ssl_version)
  1282. return (1);
  1283. if (a->session_id_length != b->session_id_length)
  1284. return (1);
  1285. return (memcmp(a->session_id, b->session_id, a->session_id_length));
  1286. }
  1287. /*
  1288. * These wrapper functions should remain rather than redeclaring
  1289. * SSL_SESSION_hash and SSL_SESSION_cmp for void* types and casting each
  1290. * variable. The reason is that the functions aren't static, they're exposed
  1291. * via ssl.h.
  1292. */
  1293. static IMPLEMENT_LHASH_HASH_FN(SSL_SESSION_hash, SSL_SESSION *)
  1294. static IMPLEMENT_LHASH_COMP_FN(SSL_SESSION_cmp, SSL_SESSION *)
  1295. SSL_CTX *SSL_CTX_new(SSL_METHOD *meth)
  1296. {
  1297. SSL_CTX *ret = NULL;
  1298. if (meth == NULL) {
  1299. SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_NULL_SSL_METHOD_PASSED);
  1300. return (NULL);
  1301. }
  1302. #ifdef OPENSSL_FIPS
  1303. if (FIPS_mode() && (meth->version < TLS1_VERSION)) {
  1304. SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
  1305. return NULL;
  1306. }
  1307. #endif
  1308. if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0) {
  1309. SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_X509_VERIFICATION_SETUP_PROBLEMS);
  1310. goto err;
  1311. }
  1312. ret = (SSL_CTX *)OPENSSL_malloc(sizeof(SSL_CTX));
  1313. if (ret == NULL)
  1314. goto err;
  1315. memset(ret, 0, sizeof(SSL_CTX));
  1316. ret->method = meth;
  1317. ret->cert_store = NULL;
  1318. ret->session_cache_mode = SSL_SESS_CACHE_SERVER;
  1319. ret->session_cache_size = SSL_SESSION_CACHE_MAX_SIZE_DEFAULT;
  1320. ret->session_cache_head = NULL;
  1321. ret->session_cache_tail = NULL;
  1322. /* We take the system default */
  1323. ret->session_timeout = meth->get_timeout();
  1324. ret->new_session_cb = 0;
  1325. ret->remove_session_cb = 0;
  1326. ret->get_session_cb = 0;
  1327. ret->generate_session_id = 0;
  1328. memset((char *)&ret->stats, 0, sizeof(ret->stats));
  1329. ret->references = 1;
  1330. ret->quiet_shutdown = 0;
  1331. /* ret->cipher=NULL;*/
  1332. /*-
  1333. ret->s2->challenge=NULL;
  1334. ret->master_key=NULL;
  1335. ret->key_arg=NULL;
  1336. ret->s2->conn_id=NULL; */
  1337. ret->info_callback = NULL;
  1338. ret->app_verify_callback = 0;
  1339. ret->app_verify_arg = NULL;
  1340. ret->max_cert_list = SSL_MAX_CERT_LIST_DEFAULT;
  1341. ret->read_ahead = 0;
  1342. ret->msg_callback = 0;
  1343. ret->msg_callback_arg = NULL;
  1344. ret->verify_mode = SSL_VERIFY_NONE;
  1345. #if 0
  1346. ret->verify_depth = -1; /* Don't impose a limit (but x509_lu.c does) */
  1347. #endif
  1348. ret->sid_ctx_length = 0;
  1349. ret->default_verify_callback = NULL;
  1350. if ((ret->cert = ssl_cert_new()) == NULL)
  1351. goto err;
  1352. ret->default_passwd_callback = 0;
  1353. ret->default_passwd_callback_userdata = NULL;
  1354. ret->client_cert_cb = 0;
  1355. ret->app_gen_cookie_cb = 0;
  1356. ret->app_verify_cookie_cb = 0;
  1357. ret->sessions = lh_new(LHASH_HASH_FN(SSL_SESSION_hash),
  1358. LHASH_COMP_FN(SSL_SESSION_cmp));
  1359. if (ret->sessions == NULL)
  1360. goto err;
  1361. ret->cert_store = X509_STORE_new();
  1362. if (ret->cert_store == NULL)
  1363. goto err;
  1364. ssl_create_cipher_list(ret->method,
  1365. &ret->cipher_list, &ret->cipher_list_by_id,
  1366. meth->version == SSL2_VERSION ? "SSLv2" :
  1367. SSL_DEFAULT_CIPHER_LIST);
  1368. if (ret->cipher_list == NULL || sk_SSL_CIPHER_num(ret->cipher_list) <= 0) {
  1369. SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_LIBRARY_HAS_NO_CIPHERS);
  1370. goto err2;
  1371. }
  1372. ret->param = X509_VERIFY_PARAM_new();
  1373. if (!ret->param)
  1374. goto err;
  1375. if ((ret->rsa_md5 = EVP_get_digestbyname("ssl2-md5")) == NULL) {
  1376. SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES);
  1377. goto err2;
  1378. }
  1379. if ((ret->md5 = EVP_get_digestbyname("ssl3-md5")) == NULL) {
  1380. SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES);
  1381. goto err2;
  1382. }
  1383. if ((ret->sha1 = EVP_get_digestbyname("ssl3-sha1")) == NULL) {
  1384. SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES);
  1385. goto err2;
  1386. }
  1387. if ((ret->client_CA = sk_X509_NAME_new_null()) == NULL)
  1388. goto err;
  1389. CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ret, &ret->ex_data);
  1390. ret->extra_certs = NULL;
  1391. /* No compression for DTLS */
  1392. if (meth->version != DTLS1_VERSION)
  1393. ret->comp_methods = SSL_COMP_get_compression_methods();
  1394. #ifndef OPENSSL_NO_TLSEXT
  1395. ret->tlsext_servername_callback = 0;
  1396. ret->tlsext_servername_arg = NULL;
  1397. /* Setup RFC4507 ticket keys */
  1398. if ((RAND_pseudo_bytes(ret->tlsext_tick_key_name, 16) <= 0)
  1399. || (RAND_bytes(ret->tlsext_tick_hmac_key, 16) <= 0)
  1400. || (RAND_bytes(ret->tlsext_tick_aes_key, 16) <= 0))
  1401. ret->options |= SSL_OP_NO_TICKET;
  1402. ret->tlsext_status_cb = 0;
  1403. ret->tlsext_status_arg = NULL;
  1404. #endif
  1405. #ifndef OPENSSL_NO_ENGINE
  1406. ret->client_cert_engine = NULL;
  1407. # ifdef OPENSSL_SSL_CLIENT_ENGINE_AUTO
  1408. # define eng_strx(x) #x
  1409. # define eng_str(x) eng_strx(x)
  1410. /* Use specific client engine automatically... ignore errors */
  1411. {
  1412. ENGINE *eng;
  1413. eng = ENGINE_by_id(eng_str(OPENSSL_SSL_CLIENT_ENGINE_AUTO));
  1414. if (!eng) {
  1415. ERR_clear_error();
  1416. ENGINE_load_builtin_engines();
  1417. eng = ENGINE_by_id(eng_str(OPENSSL_SSL_CLIENT_ENGINE_AUTO));
  1418. }
  1419. if (!eng || !SSL_CTX_set_client_cert_engine(ret, eng))
  1420. ERR_clear_error();
  1421. }
  1422. # endif
  1423. #endif
  1424. /*
  1425. * Default is to connect to non-RI servers. When RI is more widely
  1426. * deployed might change this.
  1427. */
  1428. ret->options |= SSL_OP_LEGACY_SERVER_CONNECT;
  1429. return (ret);
  1430. err:
  1431. SSLerr(SSL_F_SSL_CTX_NEW, ERR_R_MALLOC_FAILURE);
  1432. err2:
  1433. if (ret != NULL)
  1434. SSL_CTX_free(ret);
  1435. return (NULL);
  1436. }
  1437. #if 0
  1438. static void SSL_COMP_free(SSL_COMP *comp)
  1439. {
  1440. OPENSSL_free(comp);
  1441. }
  1442. #endif
  1443. void SSL_CTX_free(SSL_CTX *a)
  1444. {
  1445. int i;
  1446. if (a == NULL)
  1447. return;
  1448. i = CRYPTO_add(&a->references, -1, CRYPTO_LOCK_SSL_CTX);
  1449. #ifdef REF_PRINT
  1450. REF_PRINT("SSL_CTX", a);
  1451. #endif
  1452. if (i > 0)
  1453. return;
  1454. #ifdef REF_CHECK
  1455. if (i < 0) {
  1456. fprintf(stderr, "SSL_CTX_free, bad reference count\n");
  1457. abort(); /* ok */
  1458. }
  1459. #endif
  1460. if (a->param)
  1461. X509_VERIFY_PARAM_free(a->param);
  1462. /*
  1463. * Free internal session cache. However: the remove_cb() may reference
  1464. * the ex_data of SSL_CTX, thus the ex_data store can only be removed
  1465. * after the sessions were flushed.
  1466. * As the ex_data handling routines might also touch the session cache,
  1467. * the most secure solution seems to be: empty (flush) the cache, then
  1468. * free ex_data, then finally free the cache.
  1469. * (See ticket [openssl.org #212].)
  1470. */
  1471. if (a->sessions != NULL)
  1472. SSL_CTX_flush_sessions(a, 0);
  1473. CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_CTX, a, &a->ex_data);
  1474. if (a->sessions != NULL)
  1475. lh_free(a->sessions);
  1476. if (a->cert_store != NULL)
  1477. X509_STORE_free(a->cert_store);
  1478. if (a->cipher_list != NULL)
  1479. sk_SSL_CIPHER_free(a->cipher_list);
  1480. if (a->cipher_list_by_id != NULL)
  1481. sk_SSL_CIPHER_free(a->cipher_list_by_id);
  1482. if (a->cert != NULL)
  1483. ssl_cert_free(a->cert);
  1484. if (a->client_CA != NULL)
  1485. sk_X509_NAME_pop_free(a->client_CA, X509_NAME_free);
  1486. if (a->extra_certs != NULL)
  1487. sk_X509_pop_free(a->extra_certs, X509_free);
  1488. #if 0 /* This should never be done, since it
  1489. * removes a global database */
  1490. if (a->comp_methods != NULL)
  1491. sk_SSL_COMP_pop_free(a->comp_methods, SSL_COMP_free);
  1492. #else
  1493. a->comp_methods = NULL;
  1494. #endif
  1495. #ifndef OPENSSL_NO_ENGINE
  1496. if (a->client_cert_engine)
  1497. ENGINE_finish(a->client_cert_engine);
  1498. #endif
  1499. OPENSSL_free(a);
  1500. }
  1501. void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb)
  1502. {
  1503. ctx->default_passwd_callback = cb;
  1504. }
  1505. void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u)
  1506. {
  1507. ctx->default_passwd_callback_userdata = u;
  1508. }
  1509. void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx,
  1510. int (*cb) (X509_STORE_CTX *, void *),
  1511. void *arg)
  1512. {
  1513. ctx->app_verify_callback = cb;
  1514. ctx->app_verify_arg = arg;
  1515. }
  1516. void SSL_CTX_set_verify(SSL_CTX *ctx, int mode,
  1517. int (*cb) (int, X509_STORE_CTX *))
  1518. {
  1519. ctx->verify_mode = mode;
  1520. ctx->default_verify_callback = cb;
  1521. }
  1522. void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth)
  1523. {
  1524. X509_VERIFY_PARAM_set_depth(ctx->param, depth);
  1525. }
  1526. void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher)
  1527. {
  1528. CERT_PKEY *cpk;
  1529. int rsa_enc, rsa_tmp, rsa_sign, dh_tmp, dh_rsa, dh_dsa, dsa_sign;
  1530. int rsa_enc_export, dh_rsa_export, dh_dsa_export;
  1531. int rsa_tmp_export, dh_tmp_export, kl;
  1532. unsigned long mask, emask;
  1533. int have_ecc_cert, ecdh_ok, ecdsa_ok, ecc_pkey_size;
  1534. #ifndef OPENSSL_NO_ECDH
  1535. int have_ecdh_tmp;
  1536. #endif
  1537. X509 *x = NULL;
  1538. EVP_PKEY *ecc_pkey = NULL;
  1539. int signature_nid = 0;
  1540. if (c == NULL)
  1541. return;
  1542. kl = SSL_C_EXPORT_PKEYLENGTH(cipher);
  1543. #ifndef OPENSSL_NO_RSA
  1544. rsa_tmp = (c->rsa_tmp != NULL || c->rsa_tmp_cb != NULL);
  1545. rsa_tmp_export = (c->rsa_tmp_cb != NULL ||
  1546. (rsa_tmp && RSA_size(c->rsa_tmp) * 8 <= kl));
  1547. #else
  1548. rsa_tmp = rsa_tmp_export = 0;
  1549. #endif
  1550. #ifndef OPENSSL_NO_DH
  1551. dh_tmp = (c->dh_tmp != NULL || c->dh_tmp_cb != NULL);
  1552. dh_tmp_export = (c->dh_tmp_cb != NULL ||
  1553. (dh_tmp && DH_size(c->dh_tmp) * 8 <= kl));
  1554. #else
  1555. dh_tmp = dh_tmp_export = 0;
  1556. #endif
  1557. #ifndef OPENSSL_NO_ECDH
  1558. have_ecdh_tmp = (c->ecdh_tmp != NULL || c->ecdh_tmp_cb != NULL);
  1559. #endif
  1560. cpk = &(c->pkeys[SSL_PKEY_RSA_ENC]);
  1561. rsa_enc = (cpk->x509 != NULL && cpk->privatekey != NULL);
  1562. rsa_enc_export = (rsa_enc && EVP_PKEY_size(cpk->privatekey) * 8 <= kl);
  1563. cpk = &(c->pkeys[SSL_PKEY_RSA_SIGN]);
  1564. rsa_sign = (cpk->x509 != NULL && cpk->privatekey != NULL);
  1565. cpk = &(c->pkeys[SSL_PKEY_DSA_SIGN]);
  1566. dsa_sign = (cpk->x509 != NULL && cpk->privatekey != NULL);
  1567. cpk = &(c->pkeys[SSL_PKEY_DH_RSA]);
  1568. dh_rsa = (cpk->x509 != NULL && cpk->privatekey != NULL);
  1569. dh_rsa_export = (dh_rsa && EVP_PKEY_size(cpk->privatekey) * 8 <= kl);
  1570. cpk = &(c->pkeys[SSL_PKEY_DH_DSA]);
  1571. /* FIX THIS EAY EAY EAY */
  1572. dh_dsa = (cpk->x509 != NULL && cpk->privatekey != NULL);
  1573. dh_dsa_export = (dh_dsa && EVP_PKEY_size(cpk->privatekey) * 8 <= kl);
  1574. cpk = &(c->pkeys[SSL_PKEY_ECC]);
  1575. have_ecc_cert = (cpk->x509 != NULL && cpk->privatekey != NULL);
  1576. mask = 0;
  1577. emask = 0;
  1578. #ifdef CIPHER_DEBUG
  1579. printf("rt=%d rte=%d dht=%d re=%d ree=%d rs=%d ds=%d dhr=%d dhd=%d\n",
  1580. rsa_tmp, rsa_tmp_export, dh_tmp,
  1581. rsa_enc, rsa_enc_export, rsa_sign, dsa_sign, dh_rsa, dh_dsa);
  1582. #endif
  1583. if (rsa_enc || (rsa_tmp && rsa_sign))
  1584. mask |= SSL_kRSA;
  1585. if (rsa_enc_export || (rsa_tmp_export && (rsa_sign || rsa_enc)))
  1586. emask |= SSL_kRSA;
  1587. #if 0
  1588. /* The match needs to be both kEDH and aRSA or aDSA, so don't worry */
  1589. if ((dh_tmp || dh_rsa || dh_dsa) && (rsa_enc || rsa_sign || dsa_sign))
  1590. mask |= SSL_kEDH;
  1591. if ((dh_tmp_export || dh_rsa_export || dh_dsa_export) &&
  1592. (rsa_enc || rsa_sign || dsa_sign))
  1593. emask |= SSL_kEDH;
  1594. #endif
  1595. if (dh_tmp_export)
  1596. emask |= SSL_kEDH;
  1597. if (dh_tmp)
  1598. mask |= SSL_kEDH;
  1599. if (dh_rsa)
  1600. mask |= SSL_kDHr;
  1601. if (dh_rsa_export)
  1602. emask |= SSL_kDHr;
  1603. if (dh_dsa)
  1604. mask |= SSL_kDHd;
  1605. if (dh_dsa_export)
  1606. emask |= SSL_kDHd;
  1607. if (rsa_enc || rsa_sign) {
  1608. mask |= SSL_aRSA;
  1609. emask |= SSL_aRSA;
  1610. }
  1611. if (dsa_sign) {
  1612. mask |= SSL_aDSS;
  1613. emask |= SSL_aDSS;
  1614. }
  1615. mask |= SSL_aNULL;
  1616. emask |= SSL_aNULL;
  1617. #ifndef OPENSSL_NO_KRB5
  1618. mask |= SSL_kKRB5 | SSL_aKRB5;
  1619. emask |= SSL_kKRB5 | SSL_aKRB5;
  1620. #endif
  1621. /*
  1622. * An ECC certificate may be usable for ECDH and/or ECDSA cipher suites
  1623. * depending on the key usage extension.
  1624. */
  1625. if (have_ecc_cert) {
  1626. /* This call populates extension flags (ex_flags) */
  1627. x = (c->pkeys[SSL_PKEY_ECC]).x509;
  1628. X509_check_purpose(x, -1, 0);
  1629. ecdh_ok = (x->ex_flags & EXFLAG_KUSAGE) ?
  1630. (x->ex_kusage & X509v3_KU_KEY_AGREEMENT) : 1;
  1631. ecdsa_ok = (x->ex_flags & EXFLAG_KUSAGE) ?
  1632. (x->ex_kusage & X509v3_KU_DIGITAL_SIGNATURE) : 1;
  1633. ecc_pkey = X509_get_pubkey(x);
  1634. ecc_pkey_size = (ecc_pkey != NULL) ? EVP_PKEY_bits(ecc_pkey) : 0;
  1635. EVP_PKEY_free(ecc_pkey);
  1636. if ((x->sig_alg) && (x->sig_alg->algorithm))
  1637. signature_nid = OBJ_obj2nid(x->sig_alg->algorithm);
  1638. #ifndef OPENSSL_NO_ECDH
  1639. if (ecdh_ok) {
  1640. if ((signature_nid == NID_md5WithRSAEncryption) ||
  1641. (signature_nid == NID_md4WithRSAEncryption) ||
  1642. (signature_nid == NID_md2WithRSAEncryption)) {
  1643. mask |= SSL_kECDH | SSL_aRSA;
  1644. if (ecc_pkey_size <= 163)
  1645. emask |= SSL_kECDH | SSL_aRSA;
  1646. }
  1647. if (signature_nid == NID_ecdsa_with_SHA1) {
  1648. mask |= SSL_kECDH | SSL_aECDSA;
  1649. if (ecc_pkey_size <= 163)
  1650. emask |= SSL_kECDH | SSL_aECDSA;
  1651. }
  1652. }
  1653. #endif
  1654. #ifndef OPENSSL_NO_ECDSA
  1655. if (ecdsa_ok) {
  1656. mask |= SSL_aECDSA;
  1657. emask |= SSL_aECDSA;
  1658. }
  1659. #endif
  1660. }
  1661. #ifndef OPENSSL_NO_ECDH
  1662. if (have_ecdh_tmp) {
  1663. mask |= SSL_kECDHE;
  1664. emask |= SSL_kECDHE;
  1665. }
  1666. #endif
  1667. c->mask = mask;
  1668. c->export_mask = emask;
  1669. c->valid = 1;
  1670. }
  1671. /* This handy macro borrowed from crypto/x509v3/v3_purp.c */
  1672. #define ku_reject(x, usage) \
  1673. (((x)->ex_flags & EXFLAG_KUSAGE) && !((x)->ex_kusage & (usage)))
  1674. int check_srvr_ecc_cert_and_alg(X509 *x, SSL_CIPHER *cs)
  1675. {
  1676. unsigned long alg = cs->algorithms;
  1677. EVP_PKEY *pkey = NULL;
  1678. int keysize = 0;
  1679. int signature_nid = 0;
  1680. if (SSL_C_IS_EXPORT(cs)) {
  1681. /* ECDH key length in export ciphers must be <= 163 bits */
  1682. pkey = X509_get_pubkey(x);
  1683. if (pkey == NULL)
  1684. return 0;
  1685. keysize = EVP_PKEY_bits(pkey);
  1686. EVP_PKEY_free(pkey);
  1687. if (keysize > 163)
  1688. return 0;
  1689. }
  1690. /* This call populates the ex_flags field correctly */
  1691. X509_check_purpose(x, -1, 0);
  1692. if ((x->sig_alg) && (x->sig_alg->algorithm))
  1693. signature_nid = OBJ_obj2nid(x->sig_alg->algorithm);
  1694. if (alg & SSL_kECDH) {
  1695. /* key usage, if present, must allow key agreement */
  1696. if (ku_reject(x, X509v3_KU_KEY_AGREEMENT)) {
  1697. return 0;
  1698. }
  1699. if (alg & SSL_aECDSA) {
  1700. /* signature alg must be ECDSA */
  1701. if (signature_nid != NID_ecdsa_with_SHA1) {
  1702. return 0;
  1703. }
  1704. }
  1705. if (alg & SSL_aRSA) {
  1706. /* signature alg must be RSA */
  1707. if ((signature_nid != NID_md5WithRSAEncryption) &&
  1708. (signature_nid != NID_md4WithRSAEncryption) &&
  1709. (signature_nid != NID_md2WithRSAEncryption)) {
  1710. return 0;
  1711. }
  1712. }
  1713. } else if (alg & SSL_aECDSA) {
  1714. /* key usage, if present, must allow signing */
  1715. if (ku_reject(x, X509v3_KU_DIGITAL_SIGNATURE)) {
  1716. return 0;
  1717. }
  1718. }
  1719. return 1; /* all checks are ok */
  1720. }
  1721. /* THIS NEEDS CLEANING UP */
  1722. CERT_PKEY *ssl_get_server_send_pkey(const SSL *s)
  1723. {
  1724. unsigned long alg, kalg;
  1725. CERT *c;
  1726. int i;
  1727. c = s->cert;
  1728. ssl_set_cert_masks(c, s->s3->tmp.new_cipher);
  1729. alg = s->s3->tmp.new_cipher->algorithms;
  1730. kalg = alg & (SSL_MKEY_MASK | SSL_AUTH_MASK);
  1731. if (kalg & SSL_kECDH) {
  1732. /*
  1733. * we don't need to look at SSL_kECDHE since no certificate is
  1734. * needed for anon ECDH and for authenticated ECDHE, the check for
  1735. * the auth algorithm will set i correctly NOTE: For ECDH-RSA, we
  1736. * need an ECC not an RSA cert but for ECDHE-RSA we need an RSA cert.
  1737. * Placing the checks for SSL_kECDH before RSA checks ensures the
  1738. * correct cert is chosen.
  1739. */
  1740. i = SSL_PKEY_ECC;
  1741. } else if (kalg & SSL_aECDSA) {
  1742. i = SSL_PKEY_ECC;
  1743. } else if (kalg & SSL_kDHr)
  1744. i = SSL_PKEY_DH_RSA;
  1745. else if (kalg & SSL_kDHd)
  1746. i = SSL_PKEY_DH_DSA;
  1747. else if (kalg & SSL_aDSS)
  1748. i = SSL_PKEY_DSA_SIGN;
  1749. else if (kalg & SSL_aRSA) {
  1750. if (c->pkeys[SSL_PKEY_RSA_ENC].x509 == NULL)
  1751. i = SSL_PKEY_RSA_SIGN;
  1752. else
  1753. i = SSL_PKEY_RSA_ENC;
  1754. } else if (kalg & SSL_aKRB5) {
  1755. /* VRS something else here? */
  1756. return (NULL);
  1757. } else { /* if (kalg & SSL_aNULL) */
  1758. SSLerr(SSL_F_SSL_GET_SERVER_SEND_PKEY, ERR_R_INTERNAL_ERROR);
  1759. return (NULL);
  1760. }
  1761. return c->pkeys + i;
  1762. }
  1763. X509 *ssl_get_server_send_cert(const SSL *s)
  1764. {
  1765. CERT_PKEY *cpk;
  1766. cpk = ssl_get_server_send_pkey(s);
  1767. if (!cpk)
  1768. return NULL;
  1769. return cpk->x509;
  1770. }
  1771. EVP_PKEY *ssl_get_sign_pkey(SSL *s, SSL_CIPHER *cipher)
  1772. {
  1773. unsigned long alg;
  1774. CERT *c;
  1775. alg = cipher->algorithms;
  1776. c = s->cert;
  1777. if ((alg & SSL_aDSS) && (c->pkeys[SSL_PKEY_DSA_SIGN].privatekey != NULL))
  1778. return (c->pkeys[SSL_PKEY_DSA_SIGN].privatekey);
  1779. else if (alg & SSL_aRSA) {
  1780. if (c->pkeys[SSL_PKEY_RSA_SIGN].privatekey != NULL)
  1781. return (c->pkeys[SSL_PKEY_RSA_SIGN].privatekey);
  1782. else if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey != NULL)
  1783. return (c->pkeys[SSL_PKEY_RSA_ENC].privatekey);
  1784. else
  1785. return (NULL);
  1786. } else if ((alg & SSL_aECDSA) &&
  1787. (c->pkeys[SSL_PKEY_ECC].privatekey != NULL))
  1788. return (c->pkeys[SSL_PKEY_ECC].privatekey);
  1789. else { /* if (alg & SSL_aNULL) */
  1790. SSLerr(SSL_F_SSL_GET_SIGN_PKEY, ERR_R_INTERNAL_ERROR);
  1791. return (NULL);
  1792. }
  1793. }
  1794. void ssl_update_cache(SSL *s, int mode)
  1795. {
  1796. int i;
  1797. /*
  1798. * If the session_id_length is 0, we are not supposed to cache it, and it
  1799. * would be rather hard to do anyway :-)
  1800. */
  1801. if (s->session->session_id_length == 0)
  1802. return;
  1803. i = s->ctx->session_cache_mode;
  1804. if ((i & mode) && (!s->hit)
  1805. && ((i & SSL_SESS_CACHE_NO_INTERNAL_STORE)
  1806. || SSL_CTX_add_session(s->ctx, s->session))
  1807. && (s->ctx->new_session_cb != NULL)) {
  1808. CRYPTO_add(&s->session->references, 1, CRYPTO_LOCK_SSL_SESSION);
  1809. if (!s->ctx->new_session_cb(s, s->session))
  1810. SSL_SESSION_free(s->session);
  1811. }
  1812. /* auto flush every 255 connections */
  1813. if ((!(i & SSL_SESS_CACHE_NO_AUTO_CLEAR)) && ((i & mode) == mode)) {
  1814. if ((((mode & SSL_SESS_CACHE_CLIENT)
  1815. ? s->ctx->stats.sess_connect_good
  1816. : s->ctx->stats.sess_accept_good) & 0xff) == 0xff) {
  1817. SSL_CTX_flush_sessions(s->ctx, (unsigned long)time(NULL));
  1818. }
  1819. }
  1820. }
  1821. SSL_METHOD *SSL_get_ssl_method(SSL *s)
  1822. {
  1823. return (s->method);
  1824. }
  1825. int SSL_set_ssl_method(SSL *s, SSL_METHOD *meth)
  1826. {
  1827. int conn = -1;
  1828. int ret = 1;
  1829. if (s->method != meth) {
  1830. if (s->handshake_func != NULL)
  1831. conn = (s->handshake_func == s->method->ssl_connect);
  1832. if (s->method->version == meth->version)
  1833. s->method = meth;
  1834. else {
  1835. s->method->ssl_free(s);
  1836. s->method = meth;
  1837. ret = s->method->ssl_new(s);
  1838. }
  1839. if (conn == 1)
  1840. s->handshake_func = meth->ssl_connect;
  1841. else if (conn == 0)
  1842. s->handshake_func = meth->ssl_accept;
  1843. }
  1844. return (ret);
  1845. }
  1846. int SSL_get_error(const SSL *s, int i)
  1847. {
  1848. int reason;
  1849. unsigned long l;
  1850. BIO *bio;
  1851. if (i > 0)
  1852. return (SSL_ERROR_NONE);
  1853. /*
  1854. * Make things return SSL_ERROR_SYSCALL when doing SSL_do_handshake etc,
  1855. * where we do encode the error
  1856. */
  1857. if ((l = ERR_peek_error()) != 0) {
  1858. if (ERR_GET_LIB(l) == ERR_LIB_SYS)
  1859. return (SSL_ERROR_SYSCALL);
  1860. else
  1861. return (SSL_ERROR_SSL);
  1862. }
  1863. if ((i < 0) && SSL_want_read(s)) {
  1864. bio = SSL_get_rbio(s);
  1865. if (BIO_should_read(bio))
  1866. return (SSL_ERROR_WANT_READ);
  1867. else if (BIO_should_write(bio))
  1868. /*
  1869. * This one doesn't make too much sense ... We never try to write
  1870. * to the rbio, and an application program where rbio and wbio
  1871. * are separate couldn't even know what it should wait for.
  1872. * However if we ever set s->rwstate incorrectly (so that we have
  1873. * SSL_want_read(s) instead of SSL_want_write(s)) and rbio and
  1874. * wbio *are* the same, this test works around that bug; so it
  1875. * might be safer to keep it.
  1876. */
  1877. return (SSL_ERROR_WANT_WRITE);
  1878. else if (BIO_should_io_special(bio)) {
  1879. reason = BIO_get_retry_reason(bio);
  1880. if (reason == BIO_RR_CONNECT)
  1881. return (SSL_ERROR_WANT_CONNECT);
  1882. else if (reason == BIO_RR_ACCEPT)
  1883. return (SSL_ERROR_WANT_ACCEPT);
  1884. else
  1885. return (SSL_ERROR_SYSCALL); /* unknown */
  1886. }
  1887. }
  1888. if ((i < 0) && SSL_want_write(s)) {
  1889. bio = SSL_get_wbio(s);
  1890. if (BIO_should_write(bio))
  1891. return (SSL_ERROR_WANT_WRITE);
  1892. else if (BIO_should_read(bio))
  1893. /*
  1894. * See above (SSL_want_read(s) with BIO_should_write(bio))
  1895. */
  1896. return (SSL_ERROR_WANT_READ);
  1897. else if (BIO_should_io_special(bio)) {
  1898. reason = BIO_get_retry_reason(bio);
  1899. if (reason == BIO_RR_CONNECT)
  1900. return (SSL_ERROR_WANT_CONNECT);
  1901. else if (reason == BIO_RR_ACCEPT)
  1902. return (SSL_ERROR_WANT_ACCEPT);
  1903. else
  1904. return (SSL_ERROR_SYSCALL);
  1905. }
  1906. }
  1907. if ((i < 0) && SSL_want_x509_lookup(s)) {
  1908. return (SSL_ERROR_WANT_X509_LOOKUP);
  1909. }
  1910. if (i == 0) {
  1911. if (s->version == SSL2_VERSION) {
  1912. /* assume it is the socket being closed */
  1913. return (SSL_ERROR_ZERO_RETURN);
  1914. } else {
  1915. if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) &&
  1916. (s->s3->warn_alert == SSL_AD_CLOSE_NOTIFY))
  1917. return (SSL_ERROR_ZERO_RETURN);
  1918. }
  1919. }
  1920. return (SSL_ERROR_SYSCALL);
  1921. }
  1922. int SSL_do_handshake(SSL *s)
  1923. {
  1924. int ret = 1;
  1925. if (s->handshake_func == NULL) {
  1926. SSLerr(SSL_F_SSL_DO_HANDSHAKE, SSL_R_CONNECTION_TYPE_NOT_SET);
  1927. return (-1);
  1928. }
  1929. s->method->ssl_renegotiate_check(s);
  1930. if (SSL_in_init(s) || SSL_in_before(s)) {
  1931. ret = s->handshake_func(s);
  1932. }
  1933. return (ret);
  1934. }
  1935. /*
  1936. * For the next 2 functions, SSL_clear() sets shutdown and so one of these
  1937. * calls will reset it
  1938. */
  1939. void SSL_set_accept_state(SSL *s)
  1940. {
  1941. s->server = 1;
  1942. s->shutdown = 0;
  1943. s->state = SSL_ST_ACCEPT | SSL_ST_BEFORE;
  1944. s->handshake_func = s->method->ssl_accept;
  1945. /* clear the current cipher */
  1946. ssl_clear_cipher_ctx(s);
  1947. }
  1948. void SSL_set_connect_state(SSL *s)
  1949. {
  1950. s->server = 0;
  1951. s->shutdown = 0;
  1952. s->state = SSL_ST_CONNECT | SSL_ST_BEFORE;
  1953. s->handshake_func = s->method->ssl_connect;
  1954. /* clear the current cipher */
  1955. ssl_clear_cipher_ctx(s);
  1956. }
  1957. int ssl_undefined_function(SSL *s)
  1958. {
  1959. SSLerr(SSL_F_SSL_UNDEFINED_FUNCTION, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
  1960. return (0);
  1961. }
  1962. int ssl_undefined_void_function(void)
  1963. {
  1964. SSLerr(SSL_F_SSL_UNDEFINED_VOID_FUNCTION,
  1965. ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
  1966. return (0);
  1967. }
  1968. int ssl_undefined_const_function(const SSL *s)
  1969. {
  1970. SSLerr(SSL_F_SSL_UNDEFINED_CONST_FUNCTION,
  1971. ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
  1972. return (0);
  1973. }
  1974. SSL_METHOD *ssl_bad_method(int ver)
  1975. {
  1976. SSLerr(SSL_F_SSL_BAD_METHOD, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
  1977. return (NULL);
  1978. }
  1979. const char *SSL_get_version(const SSL *s)
  1980. {
  1981. if (s->version == TLS1_VERSION)
  1982. return ("TLSv1");
  1983. else if (s->version == SSL3_VERSION)
  1984. return ("SSLv3");
  1985. else if (s->version == SSL2_VERSION)
  1986. return ("SSLv2");
  1987. else
  1988. return ("unknown");
  1989. }
  1990. SSL *SSL_dup(SSL *s)
  1991. {
  1992. STACK_OF(X509_NAME) *sk;
  1993. X509_NAME *xn;
  1994. SSL *ret;
  1995. int i;
  1996. if ((ret = SSL_new(SSL_get_SSL_CTX(s))) == NULL)
  1997. return (NULL);
  1998. ret->version = s->version;
  1999. ret->type = s->type;
  2000. ret->method = s->method;
  2001. if (s->session != NULL) {
  2002. /* This copies session-id, SSL_METHOD, sid_ctx, and 'cert' */
  2003. SSL_copy_session_id(ret, s);
  2004. } else {
  2005. /*
  2006. * No session has been established yet, so we have to expect that
  2007. * s->cert or ret->cert will be changed later -- they should not both
  2008. * point to the same object, and thus we can't use
  2009. * SSL_copy_session_id.
  2010. */
  2011. ret->method->ssl_free(ret);
  2012. ret->method = s->method;
  2013. ret->method->ssl_new(ret);
  2014. if (s->cert != NULL) {
  2015. if (ret->cert != NULL) {
  2016. ssl_cert_free(ret->cert);
  2017. }
  2018. ret->cert = ssl_cert_dup(s->cert);
  2019. if (ret->cert == NULL)
  2020. goto err;
  2021. }
  2022. SSL_set_session_id_context(ret, s->sid_ctx, s->sid_ctx_length);
  2023. }
  2024. ret->options = s->options;
  2025. ret->mode = s->mode;
  2026. SSL_set_max_cert_list(ret, SSL_get_max_cert_list(s));
  2027. SSL_set_read_ahead(ret, SSL_get_read_ahead(s));
  2028. ret->msg_callback = s->msg_callback;
  2029. ret->msg_callback_arg = s->msg_callback_arg;
  2030. SSL_set_verify(ret, SSL_get_verify_mode(s), SSL_get_verify_callback(s));
  2031. SSL_set_verify_depth(ret, SSL_get_verify_depth(s));
  2032. ret->generate_session_id = s->generate_session_id;
  2033. SSL_set_info_callback(ret, SSL_get_info_callback(s));
  2034. ret->debug = s->debug;
  2035. /* copy app data, a little dangerous perhaps */
  2036. if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL, &ret->ex_data, &s->ex_data))
  2037. goto err;
  2038. /* setup rbio, and wbio */
  2039. if (s->rbio != NULL) {
  2040. if (!BIO_dup_state(s->rbio, (char *)&ret->rbio))
  2041. goto err;
  2042. }
  2043. if (s->wbio != NULL) {
  2044. if (s->wbio != s->rbio) {
  2045. if (!BIO_dup_state(s->wbio, (char *)&ret->wbio))
  2046. goto err;
  2047. } else
  2048. ret->wbio = ret->rbio;
  2049. }
  2050. ret->rwstate = s->rwstate;
  2051. ret->in_handshake = s->in_handshake;
  2052. ret->handshake_func = s->handshake_func;
  2053. ret->server = s->server;
  2054. ret->new_session = s->new_session;
  2055. ret->quiet_shutdown = s->quiet_shutdown;
  2056. ret->shutdown = s->shutdown;
  2057. ret->state = s->state; /* SSL_dup does not really work at any state,
  2058. * though */
  2059. ret->rstate = s->rstate;
  2060. ret->init_num = 0; /* would have to copy ret->init_buf,
  2061. * ret->init_msg, ret->init_num,
  2062. * ret->init_off */
  2063. ret->hit = s->hit;
  2064. X509_VERIFY_PARAM_inherit(ret->param, s->param);
  2065. /* dup the cipher_list and cipher_list_by_id stacks */
  2066. if (s->cipher_list != NULL) {
  2067. if ((ret->cipher_list = sk_SSL_CIPHER_dup(s->cipher_list)) == NULL)
  2068. goto err;
  2069. }
  2070. if (s->cipher_list_by_id != NULL)
  2071. if ((ret->cipher_list_by_id = sk_SSL_CIPHER_dup(s->cipher_list_by_id))
  2072. == NULL)
  2073. goto err;
  2074. /* Dup the client_CA list */
  2075. if (s->client_CA != NULL) {
  2076. if ((sk = sk_X509_NAME_dup(s->client_CA)) == NULL)
  2077. goto err;
  2078. ret->client_CA = sk;
  2079. for (i = 0; i < sk_X509_NAME_num(sk); i++) {
  2080. xn = sk_X509_NAME_value(sk, i);
  2081. if (sk_X509_NAME_set(sk, i, X509_NAME_dup(xn)) == NULL) {
  2082. X509_NAME_free(xn);
  2083. goto err;
  2084. }
  2085. }
  2086. }
  2087. if (0) {
  2088. err:
  2089. if (ret != NULL)
  2090. SSL_free(ret);
  2091. ret = NULL;
  2092. }
  2093. return (ret);
  2094. }
  2095. void ssl_clear_cipher_ctx(SSL *s)
  2096. {
  2097. if (s->enc_read_ctx != NULL) {
  2098. EVP_CIPHER_CTX_cleanup(s->enc_read_ctx);
  2099. OPENSSL_free(s->enc_read_ctx);
  2100. s->enc_read_ctx = NULL;
  2101. }
  2102. if (s->enc_write_ctx != NULL) {
  2103. EVP_CIPHER_CTX_cleanup(s->enc_write_ctx);
  2104. OPENSSL_free(s->enc_write_ctx);
  2105. s->enc_write_ctx = NULL;
  2106. }
  2107. #ifndef OPENSSL_NO_COMP
  2108. if (s->expand != NULL) {
  2109. COMP_CTX_free(s->expand);
  2110. s->expand = NULL;
  2111. }
  2112. if (s->compress != NULL) {
  2113. COMP_CTX_free(s->compress);
  2114. s->compress = NULL;
  2115. }
  2116. #endif
  2117. }
  2118. /* Fix this function so that it takes an optional type parameter */
  2119. X509 *SSL_get_certificate(const SSL *s)
  2120. {
  2121. if (s->cert != NULL)
  2122. return (s->cert->key->x509);
  2123. else
  2124. return (NULL);
  2125. }
  2126. /* Fix this function so that it takes an optional type parameter */
  2127. EVP_PKEY *SSL_get_privatekey(SSL *s)
  2128. {
  2129. if (s->cert != NULL)
  2130. return (s->cert->key->privatekey);
  2131. else
  2132. return (NULL);
  2133. }
  2134. SSL_CIPHER *SSL_get_current_cipher(const SSL *s)
  2135. {
  2136. if ((s->session != NULL) && (s->session->cipher != NULL))
  2137. return (s->session->cipher);
  2138. return (NULL);
  2139. }
  2140. #ifdef OPENSSL_NO_COMP
  2141. const void *SSL_get_current_compression(SSL *s)
  2142. {
  2143. return NULL;
  2144. }
  2145. const void *SSL_get_current_expansion(SSL *s)
  2146. {
  2147. return NULL;
  2148. }
  2149. #else
  2150. const COMP_METHOD *SSL_get_current_compression(SSL *s)
  2151. {
  2152. if (s->compress != NULL)
  2153. return (s->compress->meth);
  2154. return (NULL);
  2155. }
  2156. const COMP_METHOD *SSL_get_current_expansion(SSL *s)
  2157. {
  2158. if (s->expand != NULL)
  2159. return (s->expand->meth);
  2160. return (NULL);
  2161. }
  2162. #endif
  2163. int ssl_init_wbio_buffer(SSL *s, int push)
  2164. {
  2165. BIO *bbio;
  2166. if (s->bbio == NULL) {
  2167. bbio = BIO_new(BIO_f_buffer());
  2168. if (bbio == NULL)
  2169. return (0);
  2170. s->bbio = bbio;
  2171. } else {
  2172. bbio = s->bbio;
  2173. if (s->bbio == s->wbio)
  2174. s->wbio = BIO_pop(s->wbio);
  2175. }
  2176. (void)BIO_reset(bbio);
  2177. /* if (!BIO_set_write_buffer_size(bbio,16*1024)) */
  2178. if (!BIO_set_read_buffer_size(bbio, 1)) {
  2179. SSLerr(SSL_F_SSL_INIT_WBIO_BUFFER, ERR_R_BUF_LIB);
  2180. return (0);
  2181. }
  2182. if (push) {
  2183. if (s->wbio != bbio)
  2184. s->wbio = BIO_push(bbio, s->wbio);
  2185. } else {
  2186. if (s->wbio == bbio)
  2187. s->wbio = BIO_pop(bbio);
  2188. }
  2189. return (1);
  2190. }
  2191. void ssl_free_wbio_buffer(SSL *s)
  2192. {
  2193. if (s->bbio == NULL)
  2194. return;
  2195. if (s->bbio == s->wbio) {
  2196. /* remove buffering */
  2197. s->wbio = BIO_pop(s->wbio);
  2198. #ifdef REF_CHECK /* not the usual REF_CHECK, but this avoids
  2199. * adding one more preprocessor symbol */
  2200. assert(s->wbio != NULL);
  2201. #endif
  2202. }
  2203. BIO_free(s->bbio);
  2204. s->bbio = NULL;
  2205. }
  2206. void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode)
  2207. {
  2208. ctx->quiet_shutdown = mode;
  2209. }
  2210. int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx)
  2211. {
  2212. return (ctx->quiet_shutdown);
  2213. }
  2214. void SSL_set_quiet_shutdown(SSL *s, int mode)
  2215. {
  2216. s->quiet_shutdown = mode;
  2217. }
  2218. int SSL_get_quiet_shutdown(const SSL *s)
  2219. {
  2220. return (s->quiet_shutdown);
  2221. }
  2222. void SSL_set_shutdown(SSL *s, int mode)
  2223. {
  2224. s->shutdown = mode;
  2225. }
  2226. int SSL_get_shutdown(const SSL *s)
  2227. {
  2228. return (s->shutdown);
  2229. }
  2230. int SSL_version(const SSL *s)
  2231. {
  2232. return (s->version);
  2233. }
  2234. SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl)
  2235. {
  2236. return (ssl->ctx);
  2237. }
  2238. SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX *ctx)
  2239. {
  2240. if (ssl->ctx == ctx)
  2241. return ssl->ctx;
  2242. #ifndef OPENSSL_NO_TLSEXT
  2243. if (ctx == NULL)
  2244. ctx = ssl->initial_ctx;
  2245. #endif
  2246. if (ssl->cert != NULL)
  2247. ssl_cert_free(ssl->cert);
  2248. ssl->cert = ssl_cert_dup(ctx->cert);
  2249. CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
  2250. if (ssl->ctx != NULL)
  2251. SSL_CTX_free(ssl->ctx); /* decrement reference count */
  2252. ssl->ctx = ctx;
  2253. return (ssl->ctx);
  2254. }
  2255. #ifndef OPENSSL_NO_STDIO
  2256. int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx)
  2257. {
  2258. return (X509_STORE_set_default_paths(ctx->cert_store));
  2259. }
  2260. int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
  2261. const char *CApath)
  2262. {
  2263. return (X509_STORE_load_locations(ctx->cert_store, CAfile, CApath));
  2264. }
  2265. #endif
  2266. void SSL_set_info_callback(SSL *ssl,
  2267. void (*cb) (const SSL *ssl, int type, int val))
  2268. {
  2269. ssl->info_callback = cb;
  2270. }
  2271. /*
  2272. * One compiler (Diab DCC) doesn't like argument names in returned function
  2273. * pointer.
  2274. */
  2275. void (*SSL_get_info_callback(const SSL *ssl)) (const SSL * /* ssl */ ,
  2276. int /* type */ ,
  2277. int /* val */ ) {
  2278. return ssl->info_callback;
  2279. }
  2280. int SSL_state(const SSL *ssl)
  2281. {
  2282. return (ssl->state);
  2283. }
  2284. void SSL_set_verify_result(SSL *ssl, long arg)
  2285. {
  2286. ssl->verify_result = arg;
  2287. }
  2288. long SSL_get_verify_result(const SSL *ssl)
  2289. {
  2290. return (ssl->verify_result);
  2291. }
  2292. int SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
  2293. CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
  2294. {
  2295. return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL, argl, argp,
  2296. new_func, dup_func, free_func);
  2297. }
  2298. int SSL_set_ex_data(SSL *s, int idx, void *arg)
  2299. {
  2300. return (CRYPTO_set_ex_data(&s->ex_data, idx, arg));
  2301. }
  2302. void *SSL_get_ex_data(const SSL *s, int idx)
  2303. {
  2304. return (CRYPTO_get_ex_data(&s->ex_data, idx));
  2305. }
  2306. int SSL_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
  2307. CRYPTO_EX_dup *dup_func,
  2308. CRYPTO_EX_free *free_func)
  2309. {
  2310. return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX, argl, argp,
  2311. new_func, dup_func, free_func);
  2312. }
  2313. int SSL_CTX_set_ex_data(SSL_CTX *s, int idx, void *arg)
  2314. {
  2315. return (CRYPTO_set_ex_data(&s->ex_data, idx, arg));
  2316. }
  2317. void *SSL_CTX_get_ex_data(const SSL_CTX *s, int idx)
  2318. {
  2319. return (CRYPTO_get_ex_data(&s->ex_data, idx));
  2320. }
  2321. int ssl_ok(SSL *s)
  2322. {
  2323. return (1);
  2324. }
  2325. X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *ctx)
  2326. {
  2327. return (ctx->cert_store);
  2328. }
  2329. void SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *store)
  2330. {
  2331. if (ctx->cert_store != NULL)
  2332. X509_STORE_free(ctx->cert_store);
  2333. ctx->cert_store = store;
  2334. }
  2335. int SSL_want(const SSL *s)
  2336. {
  2337. return (s->rwstate);
  2338. }
  2339. /**
  2340. * \brief Set the callback for generating temporary RSA keys.
  2341. * \param ctx the SSL context.
  2342. * \param cb the callback
  2343. */
  2344. #ifndef OPENSSL_NO_RSA
  2345. void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx, RSA *(*cb) (SSL *ssl,
  2346. int is_export,
  2347. int keylength))
  2348. {
  2349. SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_RSA_CB, (void (*)(void))cb);
  2350. }
  2351. void SSL_set_tmp_rsa_callback(SSL *ssl, RSA *(*cb) (SSL *ssl,
  2352. int is_export,
  2353. int keylength))
  2354. {
  2355. SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_RSA_CB, (void (*)(void))cb);
  2356. }
  2357. #endif
  2358. #ifdef DOXYGEN
  2359. /**
  2360. * \brief The RSA temporary key callback function.
  2361. * \param ssl the SSL session.
  2362. * \param is_export \c TRUE if the temp RSA key is for an export ciphersuite.
  2363. * \param keylength if \c is_export is \c TRUE, then \c keylength is the size
  2364. * of the required key in bits.
  2365. * \return the temporary RSA key.
  2366. * \sa SSL_CTX_set_tmp_rsa_callback, SSL_set_tmp_rsa_callback
  2367. */
  2368. RSA *cb(SSL *ssl, int is_export, int keylength)
  2369. {
  2370. }
  2371. #endif
  2372. /**
  2373. * \brief Set the callback for generating temporary DH keys.
  2374. * \param ctx the SSL context.
  2375. * \param dh the callback
  2376. */
  2377. #ifndef OPENSSL_NO_DH
  2378. void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
  2379. DH *(*dh) (SSL *ssl, int is_export,
  2380. int keylength))
  2381. {
  2382. SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_DH_CB, (void (*)(void))dh);
  2383. }
  2384. void SSL_set_tmp_dh_callback(SSL *ssl, DH *(*dh) (SSL *ssl, int is_export,
  2385. int keylength))
  2386. {
  2387. SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_DH_CB, (void (*)(void))dh);
  2388. }
  2389. #endif
  2390. #ifndef OPENSSL_NO_ECDH
  2391. void SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx,
  2392. EC_KEY *(*ecdh) (SSL *ssl, int is_export,
  2393. int keylength))
  2394. {
  2395. SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_ECDH_CB,
  2396. (void (*)(void))ecdh);
  2397. }
  2398. void SSL_set_tmp_ecdh_callback(SSL *ssl,
  2399. EC_KEY *(*ecdh) (SSL *ssl, int is_export,
  2400. int keylength))
  2401. {
  2402. SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_ECDH_CB, (void (*)(void))ecdh);
  2403. }
  2404. #endif
  2405. void SSL_CTX_set_msg_callback(SSL_CTX *ctx,
  2406. void (*cb) (int write_p, int version,
  2407. int content_type, const void *buf,
  2408. size_t len, SSL *ssl, void *arg))
  2409. {
  2410. SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb);
  2411. }
  2412. void SSL_set_msg_callback(SSL *ssl,
  2413. void (*cb) (int write_p, int version,
  2414. int content_type, const void *buf,
  2415. size_t len, SSL *ssl, void *arg))
  2416. {
  2417. SSL_callback_ctrl(ssl, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb);
  2418. }
  2419. #if defined(_WINDLL) && defined(OPENSSL_SYS_WIN16)
  2420. # include "../crypto/bio/bss_file.c"
  2421. #endif
  2422. IMPLEMENT_STACK_OF(SSL_CIPHER)
  2423. IMPLEMENT_STACK_OF(SSL_COMP)