2
0

ssl_lib.c 104 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225122612271228122912301231123212331234123512361237123812391240124112421243124412451246124712481249125012511252125312541255125612571258125912601261126212631264126512661267126812691270127112721273127412751276127712781279128012811282128312841285128612871288128912901291129212931294129512961297129812991300130113021303130413051306130713081309131013111312131313141315131613171318131913201321132213231324132513261327132813291330133113321333133413351336133713381339134013411342134313441345134613471348134913501351135213531354135513561357135813591360136113621363136413651366136713681369137013711372137313741375137613771378137913801381138213831384138513861387138813891390139113921393139413951396139713981399140014011402140314041405140614071408140914101411141214131414141514161417141814191420142114221423142414251426142714281429143014311432143314341435143614371438143914401441144214431444144514461447144814491450145114521453145414551456145714581459146014611462146314641465146614671468146914701471147214731474147514761477147814791480148114821483148414851486148714881489149014911492149314941495149614971498149915001501150215031504150515061507150815091510151115121513151415151516151715181519152015211522152315241525152615271528152915301531153215331534153515361537153815391540154115421543154415451546154715481549155015511552155315541555155615571558155915601561156215631564156515661567156815691570157115721573157415751576157715781579158015811582158315841585158615871588158915901591159215931594159515961597159815991600160116021603160416051606160716081609161016111612161316141615161616171618161916201621162216231624162516261627162816291630163116321633163416351636163716381639164016411642164316441645164616471648164916501651165216531654165516561657165816591660166116621663166416651666166716681669167016711672167316741675167616771678167916801681168216831684168516861687168816891690169116921693169416951696169716981699170017011702170317041705170617071708170917101711171217131714171517161717171817191720172117221723172417251726172717281729173017311732173317341735173617371738173917401741174217431744174517461747174817491750175117521753175417551756175717581759176017611762176317641765176617671768176917701771177217731774177517761777177817791780178117821783178417851786178717881789179017911792179317941795179617971798179918001801180218031804180518061807180818091810181118121813181418151816181718181819182018211822182318241825182618271828182918301831183218331834183518361837183818391840184118421843184418451846184718481849185018511852185318541855185618571858185918601861186218631864186518661867186818691870187118721873187418751876187718781879188018811882188318841885188618871888188918901891189218931894189518961897189818991900190119021903190419051906190719081909191019111912191319141915191619171918191919201921192219231924192519261927192819291930193119321933193419351936193719381939194019411942194319441945194619471948194919501951195219531954195519561957195819591960196119621963196419651966196719681969197019711972197319741975197619771978197919801981198219831984198519861987198819891990199119921993199419951996199719981999200020012002200320042005200620072008200920102011201220132014201520162017201820192020202120222023202420252026202720282029203020312032203320342035203620372038203920402041204220432044204520462047204820492050205120522053205420552056205720582059206020612062206320642065206620672068206920702071207220732074207520762077207820792080208120822083208420852086208720882089209020912092209320942095209620972098209921002101210221032104210521062107210821092110211121122113211421152116211721182119212021212122212321242125212621272128212921302131213221332134213521362137213821392140214121422143214421452146214721482149215021512152215321542155215621572158215921602161216221632164216521662167216821692170217121722173217421752176217721782179218021812182218321842185218621872188218921902191219221932194219521962197219821992200220122022203220422052206220722082209221022112212221322142215221622172218221922202221222222232224222522262227222822292230223122322233223422352236223722382239224022412242224322442245224622472248224922502251225222532254225522562257225822592260226122622263226422652266226722682269227022712272227322742275227622772278227922802281228222832284228522862287228822892290229122922293229422952296229722982299230023012302230323042305230623072308230923102311231223132314231523162317231823192320232123222323232423252326232723282329233023312332233323342335233623372338233923402341234223432344234523462347234823492350235123522353235423552356235723582359236023612362236323642365236623672368236923702371237223732374237523762377237823792380238123822383238423852386238723882389239023912392239323942395239623972398239924002401240224032404240524062407240824092410241124122413241424152416241724182419242024212422242324242425242624272428242924302431243224332434243524362437243824392440244124422443244424452446244724482449245024512452245324542455245624572458245924602461246224632464246524662467246824692470247124722473247424752476247724782479248024812482248324842485248624872488248924902491249224932494249524962497249824992500250125022503250425052506250725082509251025112512251325142515251625172518251925202521252225232524252525262527252825292530253125322533253425352536253725382539254025412542254325442545254625472548254925502551255225532554255525562557255825592560256125622563256425652566256725682569257025712572257325742575257625772578257925802581258225832584258525862587258825892590259125922593259425952596259725982599260026012602260326042605260626072608260926102611261226132614261526162617261826192620262126222623262426252626262726282629263026312632263326342635263626372638263926402641264226432644264526462647264826492650265126522653265426552656265726582659266026612662266326642665266626672668266926702671267226732674267526762677267826792680268126822683268426852686268726882689269026912692269326942695269626972698269927002701270227032704270527062707270827092710271127122713271427152716271727182719272027212722272327242725272627272728272927302731273227332734273527362737273827392740274127422743274427452746274727482749275027512752275327542755275627572758275927602761276227632764276527662767276827692770277127722773277427752776277727782779278027812782278327842785278627872788278927902791279227932794279527962797279827992800280128022803280428052806280728082809281028112812281328142815281628172818281928202821282228232824282528262827282828292830283128322833283428352836283728382839284028412842284328442845284628472848284928502851285228532854285528562857285828592860286128622863286428652866286728682869287028712872287328742875287628772878287928802881288228832884288528862887288828892890289128922893289428952896289728982899290029012902290329042905290629072908290929102911291229132914291529162917291829192920292129222923292429252926292729282929293029312932293329342935293629372938293929402941294229432944294529462947294829492950295129522953295429552956295729582959296029612962296329642965296629672968296929702971297229732974297529762977297829792980298129822983298429852986298729882989299029912992299329942995299629972998299930003001300230033004300530063007300830093010301130123013301430153016301730183019302030213022302330243025302630273028302930303031303230333034303530363037303830393040304130423043304430453046304730483049305030513052305330543055305630573058305930603061306230633064306530663067306830693070307130723073307430753076307730783079308030813082308330843085308630873088308930903091309230933094309530963097309830993100310131023103310431053106310731083109311031113112311331143115311631173118311931203121312231233124312531263127312831293130313131323133313431353136313731383139314031413142314331443145314631473148314931503151315231533154315531563157315831593160316131623163316431653166316731683169317031713172317331743175317631773178317931803181318231833184318531863187318831893190319131923193319431953196319731983199320032013202320332043205320632073208320932103211321232133214321532163217321832193220322132223223322432253226322732283229323032313232323332343235323632373238323932403241324232433244324532463247324832493250325132523253325432553256325732583259326032613262326332643265326632673268326932703271327232733274327532763277327832793280328132823283328432853286328732883289329032913292329332943295329632973298329933003301330233033304330533063307330833093310331133123313331433153316331733183319332033213322332333243325332633273328332933303331333233333334333533363337333833393340334133423343334433453346334733483349335033513352335333543355335633573358335933603361336233633364336533663367336833693370337133723373337433753376337733783379338033813382338333843385338633873388338933903391339233933394339533963397339833993400340134023403340434053406340734083409341034113412341334143415341634173418341934203421342234233424342534263427342834293430343134323433343434353436343734383439344034413442344334443445344634473448344934503451345234533454345534563457345834593460346134623463346434653466346734683469347034713472347334743475347634773478347934803481348234833484348534863487348834893490349134923493349434953496349734983499350035013502350335043505350635073508350935103511351235133514351535163517351835193520352135223523352435253526352735283529353035313532353335343535353635373538353935403541354235433544354535463547354835493550355135523553355435553556355735583559356035613562356335643565356635673568356935703571357235733574357535763577357835793580
  1. /*
  2. * ! \file ssl/ssl_lib.c \brief Version independent SSL functions.
  3. */
  4. /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  5. * All rights reserved.
  6. *
  7. * This package is an SSL implementation written
  8. * by Eric Young (eay@cryptsoft.com).
  9. * The implementation was written so as to conform with Netscapes SSL.
  10. *
  11. * This library is free for commercial and non-commercial use as long as
  12. * the following conditions are aheared to. The following conditions
  13. * apply to all code found in this distribution, be it the RC4, RSA,
  14. * lhash, DES, etc., code; not just the SSL code. The SSL documentation
  15. * included with this distribution is covered by the same copyright terms
  16. * except that the holder is Tim Hudson (tjh@cryptsoft.com).
  17. *
  18. * Copyright remains Eric Young's, and as such any Copyright notices in
  19. * the code are not to be removed.
  20. * If this package is used in a product, Eric Young should be given attribution
  21. * as the author of the parts of the library used.
  22. * This can be in the form of a textual message at program startup or
  23. * in documentation (online or textual) provided with the package.
  24. *
  25. * Redistribution and use in source and binary forms, with or without
  26. * modification, are permitted provided that the following conditions
  27. * are met:
  28. * 1. Redistributions of source code must retain the copyright
  29. * notice, this list of conditions and the following disclaimer.
  30. * 2. Redistributions in binary form must reproduce the above copyright
  31. * notice, this list of conditions and the following disclaimer in the
  32. * documentation and/or other materials provided with the distribution.
  33. * 3. All advertising materials mentioning features or use of this software
  34. * must display the following acknowledgement:
  35. * "This product includes cryptographic software written by
  36. * Eric Young (eay@cryptsoft.com)"
  37. * The word 'cryptographic' can be left out if the rouines from the library
  38. * being used are not cryptographic related :-).
  39. * 4. If you include any Windows specific code (or a derivative thereof) from
  40. * the apps directory (application code) you must include an acknowledgement:
  41. * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
  42. *
  43. * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
  44. * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  45. * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  46. * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
  47. * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  48. * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  49. * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  50. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  51. * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  52. * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  53. * SUCH DAMAGE.
  54. *
  55. * The licence and distribution terms for any publically available version or
  56. * derivative of this code cannot be changed. i.e. this code cannot simply be
  57. * copied and put under another distribution licence
  58. * [including the GNU Public Licence.]
  59. */
  60. /* ====================================================================
  61. * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
  62. *
  63. * Redistribution and use in source and binary forms, with or without
  64. * modification, are permitted provided that the following conditions
  65. * are met:
  66. *
  67. * 1. Redistributions of source code must retain the above copyright
  68. * notice, this list of conditions and the following disclaimer.
  69. *
  70. * 2. Redistributions in binary form must reproduce the above copyright
  71. * notice, this list of conditions and the following disclaimer in
  72. * the documentation and/or other materials provided with the
  73. * distribution.
  74. *
  75. * 3. All advertising materials mentioning features or use of this
  76. * software must display the following acknowledgment:
  77. * "This product includes software developed by the OpenSSL Project
  78. * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
  79. *
  80. * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
  81. * endorse or promote products derived from this software without
  82. * prior written permission. For written permission, please contact
  83. * openssl-core@openssl.org.
  84. *
  85. * 5. Products derived from this software may not be called "OpenSSL"
  86. * nor may "OpenSSL" appear in their names without prior written
  87. * permission of the OpenSSL Project.
  88. *
  89. * 6. Redistributions of any form whatsoever must retain the following
  90. * acknowledgment:
  91. * "This product includes software developed by the OpenSSL Project
  92. * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
  93. *
  94. * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
  95. * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  96. * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  97. * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
  98. * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  99. * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  100. * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  101. * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  102. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  103. * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  104. * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  105. * OF THE POSSIBILITY OF SUCH DAMAGE.
  106. * ====================================================================
  107. *
  108. * This product includes cryptographic software written by Eric Young
  109. * (eay@cryptsoft.com). This product includes software written by Tim
  110. * Hudson (tjh@cryptsoft.com).
  111. *
  112. */
  113. /* ====================================================================
  114. * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
  115. * ECC cipher suite support in OpenSSL originally developed by
  116. * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
  117. */
  118. /* ====================================================================
  119. * Copyright 2005 Nokia. All rights reserved.
  120. *
  121. * The portions of the attached software ("Contribution") is developed by
  122. * Nokia Corporation and is licensed pursuant to the OpenSSL open source
  123. * license.
  124. *
  125. * The Contribution, originally written by Mika Kousa and Pasi Eronen of
  126. * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
  127. * support (see RFC 4279) to OpenSSL.
  128. *
  129. * No patent licenses or other rights except those expressly stated in
  130. * the OpenSSL open source license shall be deemed granted or received
  131. * expressly, by implication, estoppel, or otherwise.
  132. *
  133. * No assurances are provided by Nokia that the Contribution does not
  134. * infringe the patent or other intellectual property rights of any third
  135. * party or that the license provides you with all the necessary rights
  136. * to make use of the Contribution.
  137. *
  138. * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
  139. * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
  140. * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
  141. * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
  142. * OTHERWISE.
  143. */
  144. #ifdef REF_CHECK
  145. # include <assert.h>
  146. #endif
  147. #include <stdio.h>
  148. #include "ssl_locl.h"
  149. #include "kssl_lcl.h"
  150. #include <openssl/objects.h>
  151. #include <openssl/lhash.h>
  152. #include <openssl/x509v3.h>
  153. #include <openssl/rand.h>
  154. #include <openssl/ocsp.h>
  155. #ifndef OPENSSL_NO_DH
  156. # include <openssl/dh.h>
  157. #endif
  158. #ifndef OPENSSL_NO_ENGINE
  159. # include <openssl/engine.h>
  160. #endif
  161. const char *SSL_version_str = OPENSSL_VERSION_TEXT;
  162. SSL3_ENC_METHOD ssl3_undef_enc_method = {
  163. /*
  164. * evil casts, but these functions are only called if there's a library
  165. * bug
  166. */
  167. (int (*)(SSL *, int))ssl_undefined_function,
  168. (int (*)(SSL *, unsigned char *, int))ssl_undefined_function,
  169. ssl_undefined_function,
  170. (int (*)(SSL *, unsigned char *, unsigned char *, int))
  171. ssl_undefined_function,
  172. (int (*)(SSL *, int))ssl_undefined_function,
  173. (int (*)(SSL *, const char *, int, unsigned char *))
  174. ssl_undefined_function,
  175. 0, /* finish_mac_length */
  176. (int (*)(SSL *, int, unsigned char *))ssl_undefined_function,
  177. NULL, /* client_finished_label */
  178. 0, /* client_finished_label_len */
  179. NULL, /* server_finished_label */
  180. 0, /* server_finished_label_len */
  181. (int (*)(int))ssl_undefined_function,
  182. (int (*)(SSL *, unsigned char *, size_t, const char *,
  183. size_t, const unsigned char *, size_t,
  184. int use_context))ssl_undefined_function,
  185. };
  186. int SSL_clear(SSL *s)
  187. {
  188. if (s->method == NULL) {
  189. SSLerr(SSL_F_SSL_CLEAR, SSL_R_NO_METHOD_SPECIFIED);
  190. return (0);
  191. }
  192. if (ssl_clear_bad_session(s)) {
  193. SSL_SESSION_free(s->session);
  194. s->session = NULL;
  195. }
  196. s->error = 0;
  197. s->hit = 0;
  198. s->shutdown = 0;
  199. #if 0
  200. /*
  201. * Disabled since version 1.10 of this file (early return not
  202. * needed because SSL_clear is not called when doing renegotiation)
  203. */
  204. /*
  205. * This is set if we are doing dynamic renegotiation so keep
  206. * the old cipher. It is sort of a SSL_clear_lite :-)
  207. */
  208. if (s->renegotiate)
  209. return (1);
  210. #else
  211. if (s->renegotiate) {
  212. SSLerr(SSL_F_SSL_CLEAR, ERR_R_INTERNAL_ERROR);
  213. return 0;
  214. }
  215. #endif
  216. s->type = 0;
  217. s->state = SSL_ST_BEFORE | ((s->server) ? SSL_ST_ACCEPT : SSL_ST_CONNECT);
  218. s->version = s->method->version;
  219. s->client_version = s->version;
  220. s->rwstate = SSL_NOTHING;
  221. s->rstate = SSL_ST_READ_HEADER;
  222. #if 0
  223. s->read_ahead = s->ctx->read_ahead;
  224. #endif
  225. if (s->init_buf != NULL) {
  226. BUF_MEM_free(s->init_buf);
  227. s->init_buf = NULL;
  228. }
  229. ssl_clear_cipher_ctx(s);
  230. ssl_clear_hash_ctx(&s->read_hash);
  231. ssl_clear_hash_ctx(&s->write_hash);
  232. s->first_packet = 0;
  233. #ifndef OPENSSL_NO_TLSEXT
  234. if (s->cert != NULL) {
  235. if (s->cert->alpn_proposed) {
  236. OPENSSL_free(s->cert->alpn_proposed);
  237. s->cert->alpn_proposed = NULL;
  238. }
  239. s->cert->alpn_proposed_len = 0;
  240. s->cert->alpn_sent = 0;
  241. }
  242. #endif
  243. #if 1
  244. /*
  245. * Check to see if we were changed into a different method, if so, revert
  246. * back if we are not doing session-id reuse.
  247. */
  248. if (!s->in_handshake && (s->session == NULL)
  249. && (s->method != s->ctx->method)) {
  250. s->method->ssl_free(s);
  251. s->method = s->ctx->method;
  252. if (!s->method->ssl_new(s))
  253. return (0);
  254. } else
  255. #endif
  256. s->method->ssl_clear(s);
  257. return (1);
  258. }
  259. /** Used to change an SSL_CTXs default SSL method type */
  260. int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth)
  261. {
  262. STACK_OF(SSL_CIPHER) *sk;
  263. ctx->method = meth;
  264. sk = ssl_create_cipher_list(ctx->method, &(ctx->cipher_list),
  265. &(ctx->cipher_list_by_id),
  266. meth->version ==
  267. SSL2_VERSION ? "SSLv2" :
  268. SSL_DEFAULT_CIPHER_LIST, ctx->cert);
  269. if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0)) {
  270. SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION,
  271. SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
  272. return (0);
  273. }
  274. return (1);
  275. }
  276. SSL *SSL_new(SSL_CTX *ctx)
  277. {
  278. SSL *s;
  279. if (ctx == NULL) {
  280. SSLerr(SSL_F_SSL_NEW, SSL_R_NULL_SSL_CTX);
  281. return (NULL);
  282. }
  283. if (ctx->method == NULL) {
  284. SSLerr(SSL_F_SSL_NEW, SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION);
  285. return (NULL);
  286. }
  287. s = (SSL *)OPENSSL_malloc(sizeof(SSL));
  288. if (s == NULL)
  289. goto err;
  290. memset(s, 0, sizeof(SSL));
  291. #ifndef OPENSSL_NO_KRB5
  292. s->kssl_ctx = kssl_ctx_new();
  293. #endif /* OPENSSL_NO_KRB5 */
  294. s->options = ctx->options;
  295. s->mode = ctx->mode;
  296. s->max_cert_list = ctx->max_cert_list;
  297. s->references = 1;
  298. if (ctx->cert != NULL) {
  299. /*
  300. * Earlier library versions used to copy the pointer to the CERT, not
  301. * its contents; only when setting new parameters for the per-SSL
  302. * copy, ssl_cert_new would be called (and the direct reference to
  303. * the per-SSL_CTX settings would be lost, but those still were
  304. * indirectly accessed for various purposes, and for that reason they
  305. * used to be known as s->ctx->default_cert). Now we don't look at the
  306. * SSL_CTX's CERT after having duplicated it once.
  307. */
  308. s->cert = ssl_cert_dup(ctx->cert);
  309. if (s->cert == NULL)
  310. goto err;
  311. } else
  312. s->cert = NULL; /* Cannot really happen (see SSL_CTX_new) */
  313. s->read_ahead = ctx->read_ahead;
  314. s->msg_callback = ctx->msg_callback;
  315. s->msg_callback_arg = ctx->msg_callback_arg;
  316. s->verify_mode = ctx->verify_mode;
  317. #if 0
  318. s->verify_depth = ctx->verify_depth;
  319. #endif
  320. s->sid_ctx_length = ctx->sid_ctx_length;
  321. OPENSSL_assert(s->sid_ctx_length <= sizeof s->sid_ctx);
  322. memcpy(&s->sid_ctx, &ctx->sid_ctx, sizeof(s->sid_ctx));
  323. s->verify_callback = ctx->default_verify_callback;
  324. s->generate_session_id = ctx->generate_session_id;
  325. s->param = X509_VERIFY_PARAM_new();
  326. if (!s->param)
  327. goto err;
  328. X509_VERIFY_PARAM_inherit(s->param, ctx->param);
  329. #if 0
  330. s->purpose = ctx->purpose;
  331. s->trust = ctx->trust;
  332. #endif
  333. s->quiet_shutdown = ctx->quiet_shutdown;
  334. s->max_send_fragment = ctx->max_send_fragment;
  335. CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
  336. s->ctx = ctx;
  337. #ifndef OPENSSL_NO_TLSEXT
  338. s->tlsext_debug_cb = 0;
  339. s->tlsext_debug_arg = NULL;
  340. s->tlsext_ticket_expected = 0;
  341. s->tlsext_status_type = -1;
  342. s->tlsext_status_expected = 0;
  343. s->tlsext_ocsp_ids = NULL;
  344. s->tlsext_ocsp_exts = NULL;
  345. s->tlsext_ocsp_resp = NULL;
  346. s->tlsext_ocsp_resplen = -1;
  347. CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
  348. s->initial_ctx = ctx;
  349. # ifndef OPENSSL_NO_EC
  350. if (ctx->tlsext_ecpointformatlist) {
  351. s->tlsext_ecpointformatlist =
  352. BUF_memdup(ctx->tlsext_ecpointformatlist,
  353. ctx->tlsext_ecpointformatlist_length);
  354. if (!s->tlsext_ecpointformatlist)
  355. goto err;
  356. s->tlsext_ecpointformatlist_length =
  357. ctx->tlsext_ecpointformatlist_length;
  358. }
  359. if (ctx->tlsext_ellipticcurvelist) {
  360. s->tlsext_ellipticcurvelist =
  361. BUF_memdup(ctx->tlsext_ellipticcurvelist,
  362. ctx->tlsext_ellipticcurvelist_length);
  363. if (!s->tlsext_ellipticcurvelist)
  364. goto err;
  365. s->tlsext_ellipticcurvelist_length =
  366. ctx->tlsext_ellipticcurvelist_length;
  367. }
  368. # endif
  369. # ifndef OPENSSL_NO_NEXTPROTONEG
  370. s->next_proto_negotiated = NULL;
  371. # endif
  372. if (s->ctx->alpn_client_proto_list) {
  373. s->alpn_client_proto_list =
  374. OPENSSL_malloc(s->ctx->alpn_client_proto_list_len);
  375. if (s->alpn_client_proto_list == NULL)
  376. goto err;
  377. memcpy(s->alpn_client_proto_list, s->ctx->alpn_client_proto_list,
  378. s->ctx->alpn_client_proto_list_len);
  379. s->alpn_client_proto_list_len = s->ctx->alpn_client_proto_list_len;
  380. }
  381. #endif
  382. s->verify_result = X509_V_OK;
  383. s->method = ctx->method;
  384. if (!s->method->ssl_new(s))
  385. goto err;
  386. s->server = (ctx->method->ssl_accept == ssl_undefined_function) ? 0 : 1;
  387. SSL_clear(s);
  388. CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
  389. #ifndef OPENSSL_NO_PSK
  390. s->psk_client_callback = ctx->psk_client_callback;
  391. s->psk_server_callback = ctx->psk_server_callback;
  392. #endif
  393. return (s);
  394. err:
  395. if (s != NULL)
  396. SSL_free(s);
  397. SSLerr(SSL_F_SSL_NEW, ERR_R_MALLOC_FAILURE);
  398. return (NULL);
  399. }
  400. int SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx,
  401. unsigned int sid_ctx_len)
  402. {
  403. if (sid_ctx_len > sizeof ctx->sid_ctx) {
  404. SSLerr(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT,
  405. SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
  406. return 0;
  407. }
  408. ctx->sid_ctx_length = sid_ctx_len;
  409. memcpy(ctx->sid_ctx, sid_ctx, sid_ctx_len);
  410. return 1;
  411. }
  412. int SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx,
  413. unsigned int sid_ctx_len)
  414. {
  415. if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {
  416. SSLerr(SSL_F_SSL_SET_SESSION_ID_CONTEXT,
  417. SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
  418. return 0;
  419. }
  420. ssl->sid_ctx_length = sid_ctx_len;
  421. memcpy(ssl->sid_ctx, sid_ctx, sid_ctx_len);
  422. return 1;
  423. }
  424. int SSL_CTX_set_generate_session_id(SSL_CTX *ctx, GEN_SESSION_CB cb)
  425. {
  426. CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
  427. ctx->generate_session_id = cb;
  428. CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
  429. return 1;
  430. }
  431. int SSL_set_generate_session_id(SSL *ssl, GEN_SESSION_CB cb)
  432. {
  433. CRYPTO_w_lock(CRYPTO_LOCK_SSL);
  434. ssl->generate_session_id = cb;
  435. CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
  436. return 1;
  437. }
  438. int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
  439. unsigned int id_len)
  440. {
  441. /*
  442. * A quick examination of SSL_SESSION_hash and SSL_SESSION_cmp shows how
  443. * we can "construct" a session to give us the desired check - ie. to
  444. * find if there's a session in the hash table that would conflict with
  445. * any new session built out of this id/id_len and the ssl_version in use
  446. * by this SSL.
  447. */
  448. SSL_SESSION r, *p;
  449. if (id_len > sizeof r.session_id)
  450. return 0;
  451. r.ssl_version = ssl->version;
  452. r.session_id_length = id_len;
  453. memcpy(r.session_id, id, id_len);
  454. /*
  455. * NB: SSLv2 always uses a fixed 16-byte session ID, so even if a
  456. * callback is calling us to check the uniqueness of a shorter ID, it
  457. * must be compared as a padded-out ID because that is what it will be
  458. * converted to when the callback has finished choosing it.
  459. */
  460. if ((r.ssl_version == SSL2_VERSION) &&
  461. (id_len < SSL2_SSL_SESSION_ID_LENGTH)) {
  462. memset(r.session_id + id_len, 0, SSL2_SSL_SESSION_ID_LENGTH - id_len);
  463. r.session_id_length = SSL2_SSL_SESSION_ID_LENGTH;
  464. }
  465. CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
  466. p = lh_SSL_SESSION_retrieve(ssl->ctx->sessions, &r);
  467. CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
  468. return (p != NULL);
  469. }
  470. int SSL_CTX_set_purpose(SSL_CTX *s, int purpose)
  471. {
  472. return X509_VERIFY_PARAM_set_purpose(s->param, purpose);
  473. }
  474. int SSL_set_purpose(SSL *s, int purpose)
  475. {
  476. return X509_VERIFY_PARAM_set_purpose(s->param, purpose);
  477. }
  478. int SSL_CTX_set_trust(SSL_CTX *s, int trust)
  479. {
  480. return X509_VERIFY_PARAM_set_trust(s->param, trust);
  481. }
  482. int SSL_set_trust(SSL *s, int trust)
  483. {
  484. return X509_VERIFY_PARAM_set_trust(s->param, trust);
  485. }
  486. int SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm)
  487. {
  488. return X509_VERIFY_PARAM_set1(ctx->param, vpm);
  489. }
  490. int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm)
  491. {
  492. return X509_VERIFY_PARAM_set1(ssl->param, vpm);
  493. }
  494. X509_VERIFY_PARAM *SSL_CTX_get0_param(SSL_CTX *ctx)
  495. {
  496. return ctx->param;
  497. }
  498. X509_VERIFY_PARAM *SSL_get0_param(SSL *ssl)
  499. {
  500. return ssl->param;
  501. }
  502. void SSL_certs_clear(SSL *s)
  503. {
  504. ssl_cert_clear_certs(s->cert);
  505. }
  506. void SSL_free(SSL *s)
  507. {
  508. int i;
  509. if (s == NULL)
  510. return;
  511. i = CRYPTO_add(&s->references, -1, CRYPTO_LOCK_SSL);
  512. #ifdef REF_PRINT
  513. REF_PRINT("SSL", s);
  514. #endif
  515. if (i > 0)
  516. return;
  517. #ifdef REF_CHECK
  518. if (i < 0) {
  519. fprintf(stderr, "SSL_free, bad reference count\n");
  520. abort(); /* ok */
  521. }
  522. #endif
  523. if (s->param)
  524. X509_VERIFY_PARAM_free(s->param);
  525. CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
  526. if (s->bbio != NULL) {
  527. /* If the buffering BIO is in place, pop it off */
  528. if (s->bbio == s->wbio) {
  529. s->wbio = BIO_pop(s->wbio);
  530. }
  531. BIO_free(s->bbio);
  532. s->bbio = NULL;
  533. }
  534. if (s->rbio != NULL)
  535. BIO_free_all(s->rbio);
  536. if ((s->wbio != NULL) && (s->wbio != s->rbio))
  537. BIO_free_all(s->wbio);
  538. if (s->init_buf != NULL)
  539. BUF_MEM_free(s->init_buf);
  540. /* add extra stuff */
  541. if (s->cipher_list != NULL)
  542. sk_SSL_CIPHER_free(s->cipher_list);
  543. if (s->cipher_list_by_id != NULL)
  544. sk_SSL_CIPHER_free(s->cipher_list_by_id);
  545. /* Make the next call work :-) */
  546. if (s->session != NULL) {
  547. ssl_clear_bad_session(s);
  548. SSL_SESSION_free(s->session);
  549. }
  550. ssl_clear_cipher_ctx(s);
  551. ssl_clear_hash_ctx(&s->read_hash);
  552. ssl_clear_hash_ctx(&s->write_hash);
  553. if (s->cert != NULL)
  554. ssl_cert_free(s->cert);
  555. /* Free up if allocated */
  556. #ifndef OPENSSL_NO_TLSEXT
  557. if (s->tlsext_hostname)
  558. OPENSSL_free(s->tlsext_hostname);
  559. if (s->initial_ctx)
  560. SSL_CTX_free(s->initial_ctx);
  561. # ifndef OPENSSL_NO_EC
  562. if (s->tlsext_ecpointformatlist)
  563. OPENSSL_free(s->tlsext_ecpointformatlist);
  564. if (s->tlsext_ellipticcurvelist)
  565. OPENSSL_free(s->tlsext_ellipticcurvelist);
  566. # endif /* OPENSSL_NO_EC */
  567. if (s->tlsext_opaque_prf_input)
  568. OPENSSL_free(s->tlsext_opaque_prf_input);
  569. if (s->tlsext_ocsp_exts)
  570. sk_X509_EXTENSION_pop_free(s->tlsext_ocsp_exts, X509_EXTENSION_free);
  571. if (s->tlsext_ocsp_ids)
  572. sk_OCSP_RESPID_pop_free(s->tlsext_ocsp_ids, OCSP_RESPID_free);
  573. if (s->tlsext_ocsp_resp)
  574. OPENSSL_free(s->tlsext_ocsp_resp);
  575. if (s->alpn_client_proto_list)
  576. OPENSSL_free(s->alpn_client_proto_list);
  577. #endif
  578. if (s->client_CA != NULL)
  579. sk_X509_NAME_pop_free(s->client_CA, X509_NAME_free);
  580. if (s->method != NULL)
  581. s->method->ssl_free(s);
  582. if (s->ctx)
  583. SSL_CTX_free(s->ctx);
  584. #ifndef OPENSSL_NO_KRB5
  585. if (s->kssl_ctx != NULL)
  586. kssl_ctx_free(s->kssl_ctx);
  587. #endif /* OPENSSL_NO_KRB5 */
  588. #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
  589. if (s->next_proto_negotiated)
  590. OPENSSL_free(s->next_proto_negotiated);
  591. #endif
  592. #ifndef OPENSSL_NO_SRTP
  593. if (s->srtp_profiles)
  594. sk_SRTP_PROTECTION_PROFILE_free(s->srtp_profiles);
  595. #endif
  596. OPENSSL_free(s);
  597. }
  598. void SSL_set_bio(SSL *s, BIO *rbio, BIO *wbio)
  599. {
  600. /*
  601. * If the output buffering BIO is still in place, remove it
  602. */
  603. if (s->bbio != NULL) {
  604. if (s->wbio == s->bbio) {
  605. s->wbio = s->wbio->next_bio;
  606. s->bbio->next_bio = NULL;
  607. }
  608. }
  609. if ((s->rbio != NULL) && (s->rbio != rbio))
  610. BIO_free_all(s->rbio);
  611. if ((s->wbio != NULL) && (s->wbio != wbio) && (s->rbio != s->wbio))
  612. BIO_free_all(s->wbio);
  613. s->rbio = rbio;
  614. s->wbio = wbio;
  615. }
  616. BIO *SSL_get_rbio(const SSL *s)
  617. {
  618. return (s->rbio);
  619. }
  620. BIO *SSL_get_wbio(const SSL *s)
  621. {
  622. return (s->wbio);
  623. }
  624. int SSL_get_fd(const SSL *s)
  625. {
  626. return (SSL_get_rfd(s));
  627. }
  628. int SSL_get_rfd(const SSL *s)
  629. {
  630. int ret = -1;
  631. BIO *b, *r;
  632. b = SSL_get_rbio(s);
  633. r = BIO_find_type(b, BIO_TYPE_DESCRIPTOR);
  634. if (r != NULL)
  635. BIO_get_fd(r, &ret);
  636. return (ret);
  637. }
  638. int SSL_get_wfd(const SSL *s)
  639. {
  640. int ret = -1;
  641. BIO *b, *r;
  642. b = SSL_get_wbio(s);
  643. r = BIO_find_type(b, BIO_TYPE_DESCRIPTOR);
  644. if (r != NULL)
  645. BIO_get_fd(r, &ret);
  646. return (ret);
  647. }
  648. #ifndef OPENSSL_NO_SOCK
  649. int SSL_set_fd(SSL *s, int fd)
  650. {
  651. int ret = 0;
  652. BIO *bio = NULL;
  653. bio = BIO_new(BIO_s_socket());
  654. if (bio == NULL) {
  655. SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB);
  656. goto err;
  657. }
  658. BIO_set_fd(bio, fd, BIO_NOCLOSE);
  659. SSL_set_bio(s, bio, bio);
  660. ret = 1;
  661. err:
  662. return (ret);
  663. }
  664. int SSL_set_wfd(SSL *s, int fd)
  665. {
  666. int ret = 0;
  667. BIO *bio = NULL;
  668. if ((s->rbio == NULL) || (BIO_method_type(s->rbio) != BIO_TYPE_SOCKET)
  669. || ((int)BIO_get_fd(s->rbio, NULL) != fd)) {
  670. bio = BIO_new(BIO_s_socket());
  671. if (bio == NULL) {
  672. SSLerr(SSL_F_SSL_SET_WFD, ERR_R_BUF_LIB);
  673. goto err;
  674. }
  675. BIO_set_fd(bio, fd, BIO_NOCLOSE);
  676. SSL_set_bio(s, SSL_get_rbio(s), bio);
  677. } else
  678. SSL_set_bio(s, SSL_get_rbio(s), SSL_get_rbio(s));
  679. ret = 1;
  680. err:
  681. return (ret);
  682. }
  683. int SSL_set_rfd(SSL *s, int fd)
  684. {
  685. int ret = 0;
  686. BIO *bio = NULL;
  687. if ((s->wbio == NULL) || (BIO_method_type(s->wbio) != BIO_TYPE_SOCKET)
  688. || ((int)BIO_get_fd(s->wbio, NULL) != fd)) {
  689. bio = BIO_new(BIO_s_socket());
  690. if (bio == NULL) {
  691. SSLerr(SSL_F_SSL_SET_RFD, ERR_R_BUF_LIB);
  692. goto err;
  693. }
  694. BIO_set_fd(bio, fd, BIO_NOCLOSE);
  695. SSL_set_bio(s, bio, SSL_get_wbio(s));
  696. } else
  697. SSL_set_bio(s, SSL_get_wbio(s), SSL_get_wbio(s));
  698. ret = 1;
  699. err:
  700. return (ret);
  701. }
  702. #endif
  703. /* return length of latest Finished message we sent, copy to 'buf' */
  704. size_t SSL_get_finished(const SSL *s, void *buf, size_t count)
  705. {
  706. size_t ret = 0;
  707. if (s->s3 != NULL) {
  708. ret = s->s3->tmp.finish_md_len;
  709. if (count > ret)
  710. count = ret;
  711. memcpy(buf, s->s3->tmp.finish_md, count);
  712. }
  713. return ret;
  714. }
  715. /* return length of latest Finished message we expected, copy to 'buf' */
  716. size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count)
  717. {
  718. size_t ret = 0;
  719. if (s->s3 != NULL) {
  720. ret = s->s3->tmp.peer_finish_md_len;
  721. if (count > ret)
  722. count = ret;
  723. memcpy(buf, s->s3->tmp.peer_finish_md, count);
  724. }
  725. return ret;
  726. }
  727. int SSL_get_verify_mode(const SSL *s)
  728. {
  729. return (s->verify_mode);
  730. }
  731. int SSL_get_verify_depth(const SSL *s)
  732. {
  733. return X509_VERIFY_PARAM_get_depth(s->param);
  734. }
  735. int (*SSL_get_verify_callback(const SSL *s)) (int, X509_STORE_CTX *) {
  736. return (s->verify_callback);
  737. }
  738. int SSL_CTX_get_verify_mode(const SSL_CTX *ctx)
  739. {
  740. return (ctx->verify_mode);
  741. }
  742. int SSL_CTX_get_verify_depth(const SSL_CTX *ctx)
  743. {
  744. return X509_VERIFY_PARAM_get_depth(ctx->param);
  745. }
  746. int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx)) (int, X509_STORE_CTX *) {
  747. return (ctx->default_verify_callback);
  748. }
  749. void SSL_set_verify(SSL *s, int mode,
  750. int (*callback) (int ok, X509_STORE_CTX *ctx))
  751. {
  752. s->verify_mode = mode;
  753. if (callback != NULL)
  754. s->verify_callback = callback;
  755. }
  756. void SSL_set_verify_depth(SSL *s, int depth)
  757. {
  758. X509_VERIFY_PARAM_set_depth(s->param, depth);
  759. }
  760. void SSL_set_read_ahead(SSL *s, int yes)
  761. {
  762. s->read_ahead = yes;
  763. }
  764. int SSL_get_read_ahead(const SSL *s)
  765. {
  766. return (s->read_ahead);
  767. }
  768. int SSL_pending(const SSL *s)
  769. {
  770. /*
  771. * SSL_pending cannot work properly if read-ahead is enabled
  772. * (SSL_[CTX_]ctrl(..., SSL_CTRL_SET_READ_AHEAD, 1, NULL)), and it is
  773. * impossible to fix since SSL_pending cannot report errors that may be
  774. * observed while scanning the new data. (Note that SSL_pending() is
  775. * often used as a boolean value, so we'd better not return -1.)
  776. */
  777. return (s->method->ssl_pending(s));
  778. }
  779. X509 *SSL_get_peer_certificate(const SSL *s)
  780. {
  781. X509 *r;
  782. if ((s == NULL) || (s->session == NULL))
  783. r = NULL;
  784. else
  785. r = s->session->peer;
  786. if (r == NULL)
  787. return (r);
  788. CRYPTO_add(&r->references, 1, CRYPTO_LOCK_X509);
  789. return (r);
  790. }
  791. STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *s)
  792. {
  793. STACK_OF(X509) *r;
  794. if ((s == NULL) || (s->session == NULL)
  795. || (s->session->sess_cert == NULL))
  796. r = NULL;
  797. else
  798. r = s->session->sess_cert->cert_chain;
  799. /*
  800. * If we are a client, cert_chain includes the peer's own certificate; if
  801. * we are a server, it does not.
  802. */
  803. return (r);
  804. }
  805. /*
  806. * Now in theory, since the calling process own 't' it should be safe to
  807. * modify. We need to be able to read f without being hassled
  808. */
  809. void SSL_copy_session_id(SSL *t, const SSL *f)
  810. {
  811. CERT *tmp;
  812. /* Do we need to to SSL locking? */
  813. SSL_set_session(t, SSL_get_session(f));
  814. /*
  815. * what if we are setup as SSLv2 but want to talk SSLv3 or vice-versa
  816. */
  817. if (t->method != f->method) {
  818. t->method->ssl_free(t); /* cleanup current */
  819. t->method = f->method; /* change method */
  820. t->method->ssl_new(t); /* setup new */
  821. }
  822. tmp = t->cert;
  823. if (f->cert != NULL) {
  824. CRYPTO_add(&f->cert->references, 1, CRYPTO_LOCK_SSL_CERT);
  825. t->cert = f->cert;
  826. } else
  827. t->cert = NULL;
  828. if (tmp != NULL)
  829. ssl_cert_free(tmp);
  830. SSL_set_session_id_context(t, f->sid_ctx, f->sid_ctx_length);
  831. }
  832. /* Fix this so it checks all the valid key/cert options */
  833. int SSL_CTX_check_private_key(const SSL_CTX *ctx)
  834. {
  835. if ((ctx == NULL) ||
  836. (ctx->cert == NULL) || (ctx->cert->key->x509 == NULL)) {
  837. SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,
  838. SSL_R_NO_CERTIFICATE_ASSIGNED);
  839. return (0);
  840. }
  841. if (ctx->cert->key->privatekey == NULL) {
  842. SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,
  843. SSL_R_NO_PRIVATE_KEY_ASSIGNED);
  844. return (0);
  845. }
  846. return (X509_check_private_key
  847. (ctx->cert->key->x509, ctx->cert->key->privatekey));
  848. }
  849. /* Fix this function so that it takes an optional type parameter */
  850. int SSL_check_private_key(const SSL *ssl)
  851. {
  852. if (ssl == NULL) {
  853. SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY, ERR_R_PASSED_NULL_PARAMETER);
  854. return (0);
  855. }
  856. if (ssl->cert == NULL) {
  857. SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY, SSL_R_NO_CERTIFICATE_ASSIGNED);
  858. return 0;
  859. }
  860. if (ssl->cert->key->x509 == NULL) {
  861. SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY, SSL_R_NO_CERTIFICATE_ASSIGNED);
  862. return (0);
  863. }
  864. if (ssl->cert->key->privatekey == NULL) {
  865. SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY, SSL_R_NO_PRIVATE_KEY_ASSIGNED);
  866. return (0);
  867. }
  868. return (X509_check_private_key(ssl->cert->key->x509,
  869. ssl->cert->key->privatekey));
  870. }
  871. int SSL_accept(SSL *s)
  872. {
  873. if (s->handshake_func == 0)
  874. /* Not properly initialized yet */
  875. SSL_set_accept_state(s);
  876. return (s->method->ssl_accept(s));
  877. }
  878. int SSL_connect(SSL *s)
  879. {
  880. if (s->handshake_func == 0)
  881. /* Not properly initialized yet */
  882. SSL_set_connect_state(s);
  883. return (s->method->ssl_connect(s));
  884. }
  885. long SSL_get_default_timeout(const SSL *s)
  886. {
  887. return (s->method->get_timeout());
  888. }
  889. int SSL_read(SSL *s, void *buf, int num)
  890. {
  891. if (s->handshake_func == 0) {
  892. SSLerr(SSL_F_SSL_READ, SSL_R_UNINITIALIZED);
  893. return -1;
  894. }
  895. if (s->shutdown & SSL_RECEIVED_SHUTDOWN) {
  896. s->rwstate = SSL_NOTHING;
  897. return (0);
  898. }
  899. return (s->method->ssl_read(s, buf, num));
  900. }
  901. int SSL_peek(SSL *s, void *buf, int num)
  902. {
  903. if (s->handshake_func == 0) {
  904. SSLerr(SSL_F_SSL_PEEK, SSL_R_UNINITIALIZED);
  905. return -1;
  906. }
  907. if (s->shutdown & SSL_RECEIVED_SHUTDOWN) {
  908. return (0);
  909. }
  910. return (s->method->ssl_peek(s, buf, num));
  911. }
  912. int SSL_write(SSL *s, const void *buf, int num)
  913. {
  914. if (s->handshake_func == 0) {
  915. SSLerr(SSL_F_SSL_WRITE, SSL_R_UNINITIALIZED);
  916. return -1;
  917. }
  918. if (s->shutdown & SSL_SENT_SHUTDOWN) {
  919. s->rwstate = SSL_NOTHING;
  920. SSLerr(SSL_F_SSL_WRITE, SSL_R_PROTOCOL_IS_SHUTDOWN);
  921. return (-1);
  922. }
  923. return (s->method->ssl_write(s, buf, num));
  924. }
  925. int SSL_shutdown(SSL *s)
  926. {
  927. /*
  928. * Note that this function behaves differently from what one might
  929. * expect. Return values are 0 for no success (yet), 1 for success; but
  930. * calling it once is usually not enough, even if blocking I/O is used
  931. * (see ssl3_shutdown).
  932. */
  933. if (s->handshake_func == 0) {
  934. SSLerr(SSL_F_SSL_SHUTDOWN, SSL_R_UNINITIALIZED);
  935. return -1;
  936. }
  937. if (!SSL_in_init(s)) {
  938. return s->method->ssl_shutdown(s);
  939. } else {
  940. SSLerr(SSL_F_SSL_SHUTDOWN, SSL_R_SHUTDOWN_WHILE_IN_INIT);
  941. return -1;
  942. }
  943. }
  944. int SSL_renegotiate(SSL *s)
  945. {
  946. if (s->renegotiate == 0)
  947. s->renegotiate = 1;
  948. s->new_session = 1;
  949. return (s->method->ssl_renegotiate(s));
  950. }
  951. int SSL_renegotiate_abbreviated(SSL *s)
  952. {
  953. if (s->renegotiate == 0)
  954. s->renegotiate = 1;
  955. s->new_session = 0;
  956. return (s->method->ssl_renegotiate(s));
  957. }
  958. int SSL_renegotiate_pending(SSL *s)
  959. {
  960. /*
  961. * becomes true when negotiation is requested; false again once a
  962. * handshake has finished
  963. */
  964. return (s->renegotiate != 0);
  965. }
  966. long SSL_ctrl(SSL *s, int cmd, long larg, void *parg)
  967. {
  968. long l;
  969. switch (cmd) {
  970. case SSL_CTRL_GET_READ_AHEAD:
  971. return (s->read_ahead);
  972. case SSL_CTRL_SET_READ_AHEAD:
  973. l = s->read_ahead;
  974. s->read_ahead = larg;
  975. return (l);
  976. case SSL_CTRL_SET_MSG_CALLBACK_ARG:
  977. s->msg_callback_arg = parg;
  978. return 1;
  979. case SSL_CTRL_OPTIONS:
  980. return (s->options |= larg);
  981. case SSL_CTRL_CLEAR_OPTIONS:
  982. return (s->options &= ~larg);
  983. case SSL_CTRL_MODE:
  984. return (s->mode |= larg);
  985. case SSL_CTRL_CLEAR_MODE:
  986. return (s->mode &= ~larg);
  987. case SSL_CTRL_GET_MAX_CERT_LIST:
  988. return (s->max_cert_list);
  989. case SSL_CTRL_SET_MAX_CERT_LIST:
  990. l = s->max_cert_list;
  991. s->max_cert_list = larg;
  992. return (l);
  993. case SSL_CTRL_SET_MAX_SEND_FRAGMENT:
  994. if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH)
  995. return 0;
  996. s->max_send_fragment = larg;
  997. return 1;
  998. case SSL_CTRL_GET_RI_SUPPORT:
  999. if (s->s3)
  1000. return s->s3->send_connection_binding;
  1001. else
  1002. return 0;
  1003. case SSL_CTRL_CERT_FLAGS:
  1004. return (s->cert->cert_flags |= larg);
  1005. case SSL_CTRL_CLEAR_CERT_FLAGS:
  1006. return (s->cert->cert_flags &= ~larg);
  1007. case SSL_CTRL_GET_RAW_CIPHERLIST:
  1008. if (parg) {
  1009. if (s->cert->ciphers_raw == NULL)
  1010. return 0;
  1011. *(unsigned char **)parg = s->cert->ciphers_raw;
  1012. return (int)s->cert->ciphers_rawlen;
  1013. } else
  1014. return ssl_put_cipher_by_char(s, NULL, NULL);
  1015. default:
  1016. return (s->method->ssl_ctrl(s, cmd, larg, parg));
  1017. }
  1018. }
  1019. long SSL_callback_ctrl(SSL *s, int cmd, void (*fp) (void))
  1020. {
  1021. switch (cmd) {
  1022. case SSL_CTRL_SET_MSG_CALLBACK:
  1023. s->msg_callback = (void (*)
  1024. (int write_p, int version, int content_type,
  1025. const void *buf, size_t len, SSL *ssl,
  1026. void *arg))(fp);
  1027. return 1;
  1028. default:
  1029. return (s->method->ssl_callback_ctrl(s, cmd, fp));
  1030. }
  1031. }
  1032. LHASH_OF(SSL_SESSION) *SSL_CTX_sessions(SSL_CTX *ctx)
  1033. {
  1034. return ctx->sessions;
  1035. }
  1036. long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
  1037. {
  1038. long l;
  1039. /* For some cases with ctx == NULL perform syntax checks */
  1040. if (ctx == NULL) {
  1041. switch (cmd) {
  1042. #ifndef OPENSSL_NO_EC
  1043. case SSL_CTRL_SET_CURVES_LIST:
  1044. return tls1_set_curves_list(NULL, NULL, parg);
  1045. #endif
  1046. case SSL_CTRL_SET_SIGALGS_LIST:
  1047. case SSL_CTRL_SET_CLIENT_SIGALGS_LIST:
  1048. return tls1_set_sigalgs_list(NULL, parg, 0);
  1049. default:
  1050. return 0;
  1051. }
  1052. }
  1053. switch (cmd) {
  1054. case SSL_CTRL_GET_READ_AHEAD:
  1055. return (ctx->read_ahead);
  1056. case SSL_CTRL_SET_READ_AHEAD:
  1057. l = ctx->read_ahead;
  1058. ctx->read_ahead = larg;
  1059. return (l);
  1060. case SSL_CTRL_SET_MSG_CALLBACK_ARG:
  1061. ctx->msg_callback_arg = parg;
  1062. return 1;
  1063. case SSL_CTRL_GET_MAX_CERT_LIST:
  1064. return (ctx->max_cert_list);
  1065. case SSL_CTRL_SET_MAX_CERT_LIST:
  1066. l = ctx->max_cert_list;
  1067. ctx->max_cert_list = larg;
  1068. return (l);
  1069. case SSL_CTRL_SET_SESS_CACHE_SIZE:
  1070. l = ctx->session_cache_size;
  1071. ctx->session_cache_size = larg;
  1072. return (l);
  1073. case SSL_CTRL_GET_SESS_CACHE_SIZE:
  1074. return (ctx->session_cache_size);
  1075. case SSL_CTRL_SET_SESS_CACHE_MODE:
  1076. l = ctx->session_cache_mode;
  1077. ctx->session_cache_mode = larg;
  1078. return (l);
  1079. case SSL_CTRL_GET_SESS_CACHE_MODE:
  1080. return (ctx->session_cache_mode);
  1081. case SSL_CTRL_SESS_NUMBER:
  1082. return (lh_SSL_SESSION_num_items(ctx->sessions));
  1083. case SSL_CTRL_SESS_CONNECT:
  1084. return (ctx->stats.sess_connect);
  1085. case SSL_CTRL_SESS_CONNECT_GOOD:
  1086. return (ctx->stats.sess_connect_good);
  1087. case SSL_CTRL_SESS_CONNECT_RENEGOTIATE:
  1088. return (ctx->stats.sess_connect_renegotiate);
  1089. case SSL_CTRL_SESS_ACCEPT:
  1090. return (ctx->stats.sess_accept);
  1091. case SSL_CTRL_SESS_ACCEPT_GOOD:
  1092. return (ctx->stats.sess_accept_good);
  1093. case SSL_CTRL_SESS_ACCEPT_RENEGOTIATE:
  1094. return (ctx->stats.sess_accept_renegotiate);
  1095. case SSL_CTRL_SESS_HIT:
  1096. return (ctx->stats.sess_hit);
  1097. case SSL_CTRL_SESS_CB_HIT:
  1098. return (ctx->stats.sess_cb_hit);
  1099. case SSL_CTRL_SESS_MISSES:
  1100. return (ctx->stats.sess_miss);
  1101. case SSL_CTRL_SESS_TIMEOUTS:
  1102. return (ctx->stats.sess_timeout);
  1103. case SSL_CTRL_SESS_CACHE_FULL:
  1104. return (ctx->stats.sess_cache_full);
  1105. case SSL_CTRL_OPTIONS:
  1106. return (ctx->options |= larg);
  1107. case SSL_CTRL_CLEAR_OPTIONS:
  1108. return (ctx->options &= ~larg);
  1109. case SSL_CTRL_MODE:
  1110. return (ctx->mode |= larg);
  1111. case SSL_CTRL_CLEAR_MODE:
  1112. return (ctx->mode &= ~larg);
  1113. case SSL_CTRL_SET_MAX_SEND_FRAGMENT:
  1114. if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH)
  1115. return 0;
  1116. ctx->max_send_fragment = larg;
  1117. return 1;
  1118. case SSL_CTRL_CERT_FLAGS:
  1119. return (ctx->cert->cert_flags |= larg);
  1120. case SSL_CTRL_CLEAR_CERT_FLAGS:
  1121. return (ctx->cert->cert_flags &= ~larg);
  1122. default:
  1123. return (ctx->method->ssl_ctx_ctrl(ctx, cmd, larg, parg));
  1124. }
  1125. }
  1126. long SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void))
  1127. {
  1128. switch (cmd) {
  1129. case SSL_CTRL_SET_MSG_CALLBACK:
  1130. ctx->msg_callback = (void (*)
  1131. (int write_p, int version, int content_type,
  1132. const void *buf, size_t len, SSL *ssl,
  1133. void *arg))(fp);
  1134. return 1;
  1135. default:
  1136. return (ctx->method->ssl_ctx_callback_ctrl(ctx, cmd, fp));
  1137. }
  1138. }
  1139. int ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b)
  1140. {
  1141. long l;
  1142. l = a->id - b->id;
  1143. if (l == 0L)
  1144. return (0);
  1145. else
  1146. return ((l > 0) ? 1 : -1);
  1147. }
  1148. int ssl_cipher_ptr_id_cmp(const SSL_CIPHER *const *ap,
  1149. const SSL_CIPHER *const *bp)
  1150. {
  1151. long l;
  1152. l = (*ap)->id - (*bp)->id;
  1153. if (l == 0L)
  1154. return (0);
  1155. else
  1156. return ((l > 0) ? 1 : -1);
  1157. }
  1158. /** return a STACK of the ciphers available for the SSL and in order of
  1159. * preference */
  1160. STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s)
  1161. {
  1162. if (s != NULL) {
  1163. if (s->cipher_list != NULL) {
  1164. return (s->cipher_list);
  1165. } else if ((s->ctx != NULL) && (s->ctx->cipher_list != NULL)) {
  1166. return (s->ctx->cipher_list);
  1167. }
  1168. }
  1169. return (NULL);
  1170. }
  1171. /** return a STACK of the ciphers available for the SSL and in order of
  1172. * algorithm id */
  1173. STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s)
  1174. {
  1175. if (s != NULL) {
  1176. if (s->cipher_list_by_id != NULL) {
  1177. return (s->cipher_list_by_id);
  1178. } else if ((s->ctx != NULL) && (s->ctx->cipher_list_by_id != NULL)) {
  1179. return (s->ctx->cipher_list_by_id);
  1180. }
  1181. }
  1182. return (NULL);
  1183. }
  1184. /** The old interface to get the same thing as SSL_get_ciphers() */
  1185. const char *SSL_get_cipher_list(const SSL *s, int n)
  1186. {
  1187. SSL_CIPHER *c;
  1188. STACK_OF(SSL_CIPHER) *sk;
  1189. if (s == NULL)
  1190. return (NULL);
  1191. sk = SSL_get_ciphers(s);
  1192. if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= n))
  1193. return (NULL);
  1194. c = sk_SSL_CIPHER_value(sk, n);
  1195. if (c == NULL)
  1196. return (NULL);
  1197. return (c->name);
  1198. }
  1199. /** specify the ciphers to be used by default by the SSL_CTX */
  1200. int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str)
  1201. {
  1202. STACK_OF(SSL_CIPHER) *sk;
  1203. sk = ssl_create_cipher_list(ctx->method, &ctx->cipher_list,
  1204. &ctx->cipher_list_by_id, str, ctx->cert);
  1205. /*
  1206. * ssl_create_cipher_list may return an empty stack if it was unable to
  1207. * find a cipher matching the given rule string (for example if the rule
  1208. * string specifies a cipher which has been disabled). This is not an
  1209. * error as far as ssl_create_cipher_list is concerned, and hence
  1210. * ctx->cipher_list and ctx->cipher_list_by_id has been updated.
  1211. */
  1212. if (sk == NULL)
  1213. return 0;
  1214. else if (sk_SSL_CIPHER_num(sk) == 0) {
  1215. SSLerr(SSL_F_SSL_CTX_SET_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH);
  1216. return 0;
  1217. }
  1218. return 1;
  1219. }
  1220. /** specify the ciphers to be used by the SSL */
  1221. int SSL_set_cipher_list(SSL *s, const char *str)
  1222. {
  1223. STACK_OF(SSL_CIPHER) *sk;
  1224. sk = ssl_create_cipher_list(s->ctx->method, &s->cipher_list,
  1225. &s->cipher_list_by_id, str, s->cert);
  1226. /* see comment in SSL_CTX_set_cipher_list */
  1227. if (sk == NULL)
  1228. return 0;
  1229. else if (sk_SSL_CIPHER_num(sk) == 0) {
  1230. SSLerr(SSL_F_SSL_SET_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH);
  1231. return 0;
  1232. }
  1233. return 1;
  1234. }
  1235. /* works well for SSLv2, not so good for SSLv3 */
  1236. char *SSL_get_shared_ciphers(const SSL *s, char *buf, int len)
  1237. {
  1238. char *p;
  1239. STACK_OF(SSL_CIPHER) *sk;
  1240. SSL_CIPHER *c;
  1241. int i;
  1242. if ((s->session == NULL) || (s->session->ciphers == NULL) || (len < 2))
  1243. return (NULL);
  1244. p = buf;
  1245. sk = s->session->ciphers;
  1246. if (sk_SSL_CIPHER_num(sk) == 0)
  1247. return NULL;
  1248. for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
  1249. int n;
  1250. c = sk_SSL_CIPHER_value(sk, i);
  1251. n = strlen(c->name);
  1252. if (n + 1 > len) {
  1253. if (p != buf)
  1254. --p;
  1255. *p = '\0';
  1256. return buf;
  1257. }
  1258. strcpy(p, c->name);
  1259. p += n;
  1260. *(p++) = ':';
  1261. len -= n + 1;
  1262. }
  1263. p[-1] = '\0';
  1264. return (buf);
  1265. }
  1266. int ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk,
  1267. unsigned char *p,
  1268. int (*put_cb) (const SSL_CIPHER *,
  1269. unsigned char *))
  1270. {
  1271. int i, j = 0;
  1272. SSL_CIPHER *c;
  1273. CERT *ct = s->cert;
  1274. unsigned char *q;
  1275. int empty_reneg_info_scsv = !s->renegotiate;
  1276. /* Set disabled masks for this session */
  1277. ssl_set_client_disabled(s);
  1278. if (sk == NULL)
  1279. return (0);
  1280. q = p;
  1281. if (put_cb == NULL)
  1282. put_cb = s->method->put_cipher_by_char;
  1283. for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
  1284. c = sk_SSL_CIPHER_value(sk, i);
  1285. /* Skip disabled ciphers */
  1286. if (c->algorithm_ssl & ct->mask_ssl ||
  1287. c->algorithm_mkey & ct->mask_k || c->algorithm_auth & ct->mask_a)
  1288. continue;
  1289. #ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL
  1290. if (c->id == SSL3_CK_SCSV) {
  1291. if (!empty_reneg_info_scsv)
  1292. continue;
  1293. else
  1294. empty_reneg_info_scsv = 0;
  1295. }
  1296. #endif
  1297. j = put_cb(c, p);
  1298. p += j;
  1299. }
  1300. /*
  1301. * If p == q, no ciphers; caller indicates an error. Otherwise, add
  1302. * applicable SCSVs.
  1303. */
  1304. if (p != q) {
  1305. if (empty_reneg_info_scsv) {
  1306. static SSL_CIPHER scsv = {
  1307. 0, NULL, SSL3_CK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0
  1308. };
  1309. j = put_cb(&scsv, p);
  1310. p += j;
  1311. #ifdef OPENSSL_RI_DEBUG
  1312. fprintf(stderr,
  1313. "TLS_EMPTY_RENEGOTIATION_INFO_SCSV sent by client\n");
  1314. #endif
  1315. }
  1316. if (s->mode & SSL_MODE_SEND_FALLBACK_SCSV) {
  1317. static SSL_CIPHER scsv = {
  1318. 0, NULL, SSL3_CK_FALLBACK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0
  1319. };
  1320. j = put_cb(&scsv, p);
  1321. p += j;
  1322. }
  1323. }
  1324. return (p - q);
  1325. }
  1326. STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, unsigned char *p,
  1327. int num,
  1328. STACK_OF(SSL_CIPHER) **skp)
  1329. {
  1330. const SSL_CIPHER *c;
  1331. STACK_OF(SSL_CIPHER) *sk;
  1332. int i, n;
  1333. if (s->s3)
  1334. s->s3->send_connection_binding = 0;
  1335. n = ssl_put_cipher_by_char(s, NULL, NULL);
  1336. if (n == 0 || (num % n) != 0) {
  1337. SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
  1338. SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
  1339. return (NULL);
  1340. }
  1341. if ((skp == NULL) || (*skp == NULL)) {
  1342. sk = sk_SSL_CIPHER_new_null(); /* change perhaps later */
  1343. if(sk == NULL) {
  1344. SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
  1345. return NULL;
  1346. }
  1347. } else {
  1348. sk = *skp;
  1349. sk_SSL_CIPHER_zero(sk);
  1350. }
  1351. if (s->cert->ciphers_raw)
  1352. OPENSSL_free(s->cert->ciphers_raw);
  1353. s->cert->ciphers_raw = BUF_memdup(p, num);
  1354. if (s->cert->ciphers_raw == NULL) {
  1355. SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
  1356. goto err;
  1357. }
  1358. s->cert->ciphers_rawlen = (size_t)num;
  1359. for (i = 0; i < num; i += n) {
  1360. /* Check for TLS_EMPTY_RENEGOTIATION_INFO_SCSV */
  1361. if (s->s3 && (n != 3 || !p[0]) &&
  1362. (p[n - 2] == ((SSL3_CK_SCSV >> 8) & 0xff)) &&
  1363. (p[n - 1] == (SSL3_CK_SCSV & 0xff))) {
  1364. /* SCSV fatal if renegotiating */
  1365. if (s->renegotiate) {
  1366. SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
  1367. SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING);
  1368. ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
  1369. goto err;
  1370. }
  1371. s->s3->send_connection_binding = 1;
  1372. p += n;
  1373. #ifdef OPENSSL_RI_DEBUG
  1374. fprintf(stderr, "SCSV received by server\n");
  1375. #endif
  1376. continue;
  1377. }
  1378. /* Check for TLS_FALLBACK_SCSV */
  1379. if ((n != 3 || !p[0]) &&
  1380. (p[n - 2] == ((SSL3_CK_FALLBACK_SCSV >> 8) & 0xff)) &&
  1381. (p[n - 1] == (SSL3_CK_FALLBACK_SCSV & 0xff))) {
  1382. /*
  1383. * The SCSV indicates that the client previously tried a higher
  1384. * version. Fail if the current version is an unexpected
  1385. * downgrade.
  1386. */
  1387. if (!SSL_ctrl(s, SSL_CTRL_CHECK_PROTO_VERSION, 0, NULL)) {
  1388. SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
  1389. SSL_R_INAPPROPRIATE_FALLBACK);
  1390. if (s->s3)
  1391. ssl3_send_alert(s, SSL3_AL_FATAL,
  1392. SSL_AD_INAPPROPRIATE_FALLBACK);
  1393. goto err;
  1394. }
  1395. p += n;
  1396. continue;
  1397. }
  1398. c = ssl_get_cipher_by_char(s, p);
  1399. p += n;
  1400. if (c != NULL) {
  1401. if (!sk_SSL_CIPHER_push(sk, c)) {
  1402. SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
  1403. goto err;
  1404. }
  1405. }
  1406. }
  1407. if (skp != NULL)
  1408. *skp = sk;
  1409. return (sk);
  1410. err:
  1411. if ((skp == NULL) || (*skp == NULL))
  1412. sk_SSL_CIPHER_free(sk);
  1413. return (NULL);
  1414. }
  1415. #ifndef OPENSSL_NO_TLSEXT
  1416. /** return a servername extension value if provided in Client Hello, or NULL.
  1417. * So far, only host_name types are defined (RFC 3546).
  1418. */
  1419. const char *SSL_get_servername(const SSL *s, const int type)
  1420. {
  1421. if (type != TLSEXT_NAMETYPE_host_name)
  1422. return NULL;
  1423. return s->session && !s->tlsext_hostname ?
  1424. s->session->tlsext_hostname : s->tlsext_hostname;
  1425. }
  1426. int SSL_get_servername_type(const SSL *s)
  1427. {
  1428. if (s->session
  1429. && (!s->tlsext_hostname ? s->session->
  1430. tlsext_hostname : s->tlsext_hostname))
  1431. return TLSEXT_NAMETYPE_host_name;
  1432. return -1;
  1433. }
  1434. /*
  1435. * SSL_select_next_proto implements the standard protocol selection. It is
  1436. * expected that this function is called from the callback set by
  1437. * SSL_CTX_set_next_proto_select_cb. The protocol data is assumed to be a
  1438. * vector of 8-bit, length prefixed byte strings. The length byte itself is
  1439. * not included in the length. A byte string of length 0 is invalid. No byte
  1440. * string may be truncated. The current, but experimental algorithm for
  1441. * selecting the protocol is: 1) If the server doesn't support NPN then this
  1442. * is indicated to the callback. In this case, the client application has to
  1443. * abort the connection or have a default application level protocol. 2) If
  1444. * the server supports NPN, but advertises an empty list then the client
  1445. * selects the first protcol in its list, but indicates via the API that this
  1446. * fallback case was enacted. 3) Otherwise, the client finds the first
  1447. * protocol in the server's list that it supports and selects this protocol.
  1448. * This is because it's assumed that the server has better information about
  1449. * which protocol a client should use. 4) If the client doesn't support any
  1450. * of the server's advertised protocols, then this is treated the same as
  1451. * case 2. It returns either OPENSSL_NPN_NEGOTIATED if a common protocol was
  1452. * found, or OPENSSL_NPN_NO_OVERLAP if the fallback case was reached.
  1453. */
  1454. int SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
  1455. const unsigned char *server,
  1456. unsigned int server_len,
  1457. const unsigned char *client,
  1458. unsigned int client_len)
  1459. {
  1460. unsigned int i, j;
  1461. const unsigned char *result;
  1462. int status = OPENSSL_NPN_UNSUPPORTED;
  1463. /*
  1464. * For each protocol in server preference order, see if we support it.
  1465. */
  1466. for (i = 0; i < server_len;) {
  1467. for (j = 0; j < client_len;) {
  1468. if (server[i] == client[j] &&
  1469. memcmp(&server[i + 1], &client[j + 1], server[i]) == 0) {
  1470. /* We found a match */
  1471. result = &server[i];
  1472. status = OPENSSL_NPN_NEGOTIATED;
  1473. goto found;
  1474. }
  1475. j += client[j];
  1476. j++;
  1477. }
  1478. i += server[i];
  1479. i++;
  1480. }
  1481. /* There's no overlap between our protocols and the server's list. */
  1482. result = client;
  1483. status = OPENSSL_NPN_NO_OVERLAP;
  1484. found:
  1485. *out = (unsigned char *)result + 1;
  1486. *outlen = result[0];
  1487. return status;
  1488. }
  1489. # ifndef OPENSSL_NO_NEXTPROTONEG
  1490. /*
  1491. * SSL_get0_next_proto_negotiated sets *data and *len to point to the
  1492. * client's requested protocol for this connection and returns 0. If the
  1493. * client didn't request any protocol, then *data is set to NULL. Note that
  1494. * the client can request any protocol it chooses. The value returned from
  1495. * this function need not be a member of the list of supported protocols
  1496. * provided by the callback.
  1497. */
  1498. void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data,
  1499. unsigned *len)
  1500. {
  1501. *data = s->next_proto_negotiated;
  1502. if (!*data) {
  1503. *len = 0;
  1504. } else {
  1505. *len = s->next_proto_negotiated_len;
  1506. }
  1507. }
  1508. /*
  1509. * SSL_CTX_set_next_protos_advertised_cb sets a callback that is called when
  1510. * a TLS server needs a list of supported protocols for Next Protocol
  1511. * Negotiation. The returned list must be in wire format. The list is
  1512. * returned by setting |out| to point to it and |outlen| to its length. This
  1513. * memory will not be modified, but one should assume that the SSL* keeps a
  1514. * reference to it. The callback should return SSL_TLSEXT_ERR_OK if it
  1515. * wishes to advertise. Otherwise, no such extension will be included in the
  1516. * ServerHello.
  1517. */
  1518. void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *ctx,
  1519. int (*cb) (SSL *ssl,
  1520. const unsigned char
  1521. **out,
  1522. unsigned int *outlen,
  1523. void *arg), void *arg)
  1524. {
  1525. ctx->next_protos_advertised_cb = cb;
  1526. ctx->next_protos_advertised_cb_arg = arg;
  1527. }
  1528. /*
  1529. * SSL_CTX_set_next_proto_select_cb sets a callback that is called when a
  1530. * client needs to select a protocol from the server's provided list. |out|
  1531. * must be set to point to the selected protocol (which may be within |in|).
  1532. * The length of the protocol name must be written into |outlen|. The
  1533. * server's advertised protocols are provided in |in| and |inlen|. The
  1534. * callback can assume that |in| is syntactically valid. The client must
  1535. * select a protocol. It is fatal to the connection if this callback returns
  1536. * a value other than SSL_TLSEXT_ERR_OK.
  1537. */
  1538. void SSL_CTX_set_next_proto_select_cb(SSL_CTX *ctx,
  1539. int (*cb) (SSL *s, unsigned char **out,
  1540. unsigned char *outlen,
  1541. const unsigned char *in,
  1542. unsigned int inlen,
  1543. void *arg), void *arg)
  1544. {
  1545. ctx->next_proto_select_cb = cb;
  1546. ctx->next_proto_select_cb_arg = arg;
  1547. }
  1548. # endif
  1549. /*
  1550. * SSL_CTX_set_alpn_protos sets the ALPN protocol list on |ctx| to |protos|.
  1551. * |protos| must be in wire-format (i.e. a series of non-empty, 8-bit
  1552. * length-prefixed strings). Returns 0 on success.
  1553. */
  1554. int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos,
  1555. unsigned protos_len)
  1556. {
  1557. if (ctx->alpn_client_proto_list)
  1558. OPENSSL_free(ctx->alpn_client_proto_list);
  1559. ctx->alpn_client_proto_list = OPENSSL_malloc(protos_len);
  1560. if (!ctx->alpn_client_proto_list)
  1561. return 1;
  1562. memcpy(ctx->alpn_client_proto_list, protos, protos_len);
  1563. ctx->alpn_client_proto_list_len = protos_len;
  1564. return 0;
  1565. }
  1566. /*
  1567. * SSL_set_alpn_protos sets the ALPN protocol list on |ssl| to |protos|.
  1568. * |protos| must be in wire-format (i.e. a series of non-empty, 8-bit
  1569. * length-prefixed strings). Returns 0 on success.
  1570. */
  1571. int SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos,
  1572. unsigned protos_len)
  1573. {
  1574. if (ssl->alpn_client_proto_list)
  1575. OPENSSL_free(ssl->alpn_client_proto_list);
  1576. ssl->alpn_client_proto_list = OPENSSL_malloc(protos_len);
  1577. if (!ssl->alpn_client_proto_list)
  1578. return 1;
  1579. memcpy(ssl->alpn_client_proto_list, protos, protos_len);
  1580. ssl->alpn_client_proto_list_len = protos_len;
  1581. return 0;
  1582. }
  1583. /*
  1584. * SSL_CTX_set_alpn_select_cb sets a callback function on |ctx| that is
  1585. * called during ClientHello processing in order to select an ALPN protocol
  1586. * from the client's list of offered protocols.
  1587. */
  1588. void SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx,
  1589. int (*cb) (SSL *ssl,
  1590. const unsigned char **out,
  1591. unsigned char *outlen,
  1592. const unsigned char *in,
  1593. unsigned int inlen,
  1594. void *arg), void *arg)
  1595. {
  1596. ctx->alpn_select_cb = cb;
  1597. ctx->alpn_select_cb_arg = arg;
  1598. }
  1599. /*
  1600. * SSL_get0_alpn_selected gets the selected ALPN protocol (if any) from
  1601. * |ssl|. On return it sets |*data| to point to |*len| bytes of protocol name
  1602. * (not including the leading length-prefix byte). If the server didn't
  1603. * respond with a negotiated protocol then |*len| will be zero.
  1604. */
  1605. void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
  1606. unsigned *len)
  1607. {
  1608. *data = NULL;
  1609. if (ssl->s3)
  1610. *data = ssl->s3->alpn_selected;
  1611. if (*data == NULL)
  1612. *len = 0;
  1613. else
  1614. *len = ssl->s3->alpn_selected_len;
  1615. }
  1616. #endif /* !OPENSSL_NO_TLSEXT */
  1617. int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
  1618. const char *label, size_t llen,
  1619. const unsigned char *context, size_t contextlen,
  1620. int use_context)
  1621. {
  1622. if (s->version < TLS1_VERSION && s->version != DTLS1_BAD_VER)
  1623. return -1;
  1624. return s->method->ssl3_enc->export_keying_material(s, out, olen, label,
  1625. llen, context,
  1626. contextlen, use_context);
  1627. }
  1628. static unsigned long ssl_session_hash(const SSL_SESSION *a)
  1629. {
  1630. const unsigned char *session_id = a->session_id;
  1631. unsigned long l;
  1632. unsigned char tmp_storage[4];
  1633. if (a->session_id_length < sizeof(tmp_storage)) {
  1634. memset(tmp_storage, 0, sizeof(tmp_storage));
  1635. memcpy(tmp_storage, a->session_id, a->session_id_length);
  1636. session_id = tmp_storage;
  1637. }
  1638. l = (unsigned long)
  1639. ((unsigned long)session_id[0]) |
  1640. ((unsigned long)session_id[1] << 8L) |
  1641. ((unsigned long)session_id[2] << 16L) |
  1642. ((unsigned long)session_id[3] << 24L);
  1643. return (l);
  1644. }
  1645. /*
  1646. * NB: If this function (or indeed the hash function which uses a sort of
  1647. * coarser function than this one) is changed, ensure
  1648. * SSL_CTX_has_matching_session_id() is checked accordingly. It relies on
  1649. * being able to construct an SSL_SESSION that will collide with any existing
  1650. * session with a matching session ID.
  1651. */
  1652. static int ssl_session_cmp(const SSL_SESSION *a, const SSL_SESSION *b)
  1653. {
  1654. if (a->ssl_version != b->ssl_version)
  1655. return (1);
  1656. if (a->session_id_length != b->session_id_length)
  1657. return (1);
  1658. return (memcmp(a->session_id, b->session_id, a->session_id_length));
  1659. }
  1660. /*
  1661. * These wrapper functions should remain rather than redeclaring
  1662. * SSL_SESSION_hash and SSL_SESSION_cmp for void* types and casting each
  1663. * variable. The reason is that the functions aren't static, they're exposed
  1664. * via ssl.h.
  1665. */
  1666. static IMPLEMENT_LHASH_HASH_FN(ssl_session, SSL_SESSION)
  1667. static IMPLEMENT_LHASH_COMP_FN(ssl_session, SSL_SESSION)
  1668. SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
  1669. {
  1670. SSL_CTX *ret = NULL;
  1671. if (meth == NULL) {
  1672. SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_NULL_SSL_METHOD_PASSED);
  1673. return (NULL);
  1674. }
  1675. #ifdef OPENSSL_FIPS
  1676. if (FIPS_mode() && (meth->version < TLS1_VERSION)) {
  1677. SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
  1678. return NULL;
  1679. }
  1680. #endif
  1681. if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0) {
  1682. SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_X509_VERIFICATION_SETUP_PROBLEMS);
  1683. goto err;
  1684. }
  1685. ret = (SSL_CTX *)OPENSSL_malloc(sizeof(SSL_CTX));
  1686. if (ret == NULL)
  1687. goto err;
  1688. memset(ret, 0, sizeof(SSL_CTX));
  1689. ret->method = meth;
  1690. ret->cert_store = NULL;
  1691. ret->session_cache_mode = SSL_SESS_CACHE_SERVER;
  1692. ret->session_cache_size = SSL_SESSION_CACHE_MAX_SIZE_DEFAULT;
  1693. ret->session_cache_head = NULL;
  1694. ret->session_cache_tail = NULL;
  1695. /* We take the system default */
  1696. ret->session_timeout = meth->get_timeout();
  1697. ret->new_session_cb = 0;
  1698. ret->remove_session_cb = 0;
  1699. ret->get_session_cb = 0;
  1700. ret->generate_session_id = 0;
  1701. memset((char *)&ret->stats, 0, sizeof(ret->stats));
  1702. ret->references = 1;
  1703. ret->quiet_shutdown = 0;
  1704. /* ret->cipher=NULL;*/
  1705. /*-
  1706. ret->s2->challenge=NULL;
  1707. ret->master_key=NULL;
  1708. ret->key_arg=NULL;
  1709. ret->s2->conn_id=NULL; */
  1710. ret->info_callback = NULL;
  1711. ret->app_verify_callback = 0;
  1712. ret->app_verify_arg = NULL;
  1713. ret->max_cert_list = SSL_MAX_CERT_LIST_DEFAULT;
  1714. ret->read_ahead = 0;
  1715. ret->msg_callback = 0;
  1716. ret->msg_callback_arg = NULL;
  1717. ret->verify_mode = SSL_VERIFY_NONE;
  1718. #if 0
  1719. ret->verify_depth = -1; /* Don't impose a limit (but x509_lu.c does) */
  1720. #endif
  1721. ret->sid_ctx_length = 0;
  1722. ret->default_verify_callback = NULL;
  1723. if ((ret->cert = ssl_cert_new()) == NULL)
  1724. goto err;
  1725. ret->default_passwd_callback = 0;
  1726. ret->default_passwd_callback_userdata = NULL;
  1727. ret->client_cert_cb = 0;
  1728. ret->app_gen_cookie_cb = 0;
  1729. ret->app_verify_cookie_cb = 0;
  1730. ret->sessions = lh_SSL_SESSION_new();
  1731. if (ret->sessions == NULL)
  1732. goto err;
  1733. ret->cert_store = X509_STORE_new();
  1734. if (ret->cert_store == NULL)
  1735. goto err;
  1736. ssl_create_cipher_list(ret->method,
  1737. &ret->cipher_list, &ret->cipher_list_by_id,
  1738. meth->version ==
  1739. SSL2_VERSION ? "SSLv2" : SSL_DEFAULT_CIPHER_LIST,
  1740. ret->cert);
  1741. if (ret->cipher_list == NULL || sk_SSL_CIPHER_num(ret->cipher_list) <= 0) {
  1742. SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_LIBRARY_HAS_NO_CIPHERS);
  1743. goto err2;
  1744. }
  1745. ret->param = X509_VERIFY_PARAM_new();
  1746. if (!ret->param)
  1747. goto err;
  1748. if ((ret->rsa_md5 = EVP_get_digestbyname("ssl2-md5")) == NULL) {
  1749. SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES);
  1750. goto err2;
  1751. }
  1752. if ((ret->md5 = EVP_get_digestbyname("ssl3-md5")) == NULL) {
  1753. SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES);
  1754. goto err2;
  1755. }
  1756. if ((ret->sha1 = EVP_get_digestbyname("ssl3-sha1")) == NULL) {
  1757. SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES);
  1758. goto err2;
  1759. }
  1760. if ((ret->client_CA = sk_X509_NAME_new_null()) == NULL)
  1761. goto err;
  1762. CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ret, &ret->ex_data);
  1763. ret->extra_certs = NULL;
  1764. /* No compression for DTLS */
  1765. if (!(meth->ssl3_enc->enc_flags & SSL_ENC_FLAG_DTLS))
  1766. ret->comp_methods = SSL_COMP_get_compression_methods();
  1767. ret->max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH;
  1768. #ifndef OPENSSL_NO_TLSEXT
  1769. ret->tlsext_servername_callback = 0;
  1770. ret->tlsext_servername_arg = NULL;
  1771. /* Setup RFC4507 ticket keys */
  1772. if ((RAND_bytes(ret->tlsext_tick_key_name, 16) <= 0)
  1773. || (RAND_bytes(ret->tlsext_tick_hmac_key, 16) <= 0)
  1774. || (RAND_bytes(ret->tlsext_tick_aes_key, 16) <= 0))
  1775. ret->options |= SSL_OP_NO_TICKET;
  1776. ret->tlsext_status_cb = 0;
  1777. ret->tlsext_status_arg = NULL;
  1778. # ifndef OPENSSL_NO_NEXTPROTONEG
  1779. ret->next_protos_advertised_cb = 0;
  1780. ret->next_proto_select_cb = 0;
  1781. # endif
  1782. #endif
  1783. #ifndef OPENSSL_NO_PSK
  1784. ret->psk_identity_hint = NULL;
  1785. ret->psk_client_callback = NULL;
  1786. ret->psk_server_callback = NULL;
  1787. #endif
  1788. #ifndef OPENSSL_NO_SRP
  1789. SSL_CTX_SRP_CTX_init(ret);
  1790. #endif
  1791. #ifndef OPENSSL_NO_BUF_FREELISTS
  1792. ret->freelist_max_len = SSL_MAX_BUF_FREELIST_LEN_DEFAULT;
  1793. ret->rbuf_freelist = OPENSSL_malloc(sizeof(SSL3_BUF_FREELIST));
  1794. if (!ret->rbuf_freelist)
  1795. goto err;
  1796. ret->rbuf_freelist->chunklen = 0;
  1797. ret->rbuf_freelist->len = 0;
  1798. ret->rbuf_freelist->head = NULL;
  1799. ret->wbuf_freelist = OPENSSL_malloc(sizeof(SSL3_BUF_FREELIST));
  1800. if (!ret->wbuf_freelist)
  1801. goto err;
  1802. ret->wbuf_freelist->chunklen = 0;
  1803. ret->wbuf_freelist->len = 0;
  1804. ret->wbuf_freelist->head = NULL;
  1805. #endif
  1806. #ifndef OPENSSL_NO_ENGINE
  1807. ret->client_cert_engine = NULL;
  1808. # ifdef OPENSSL_SSL_CLIENT_ENGINE_AUTO
  1809. # define eng_strx(x) #x
  1810. # define eng_str(x) eng_strx(x)
  1811. /* Use specific client engine automatically... ignore errors */
  1812. {
  1813. ENGINE *eng;
  1814. eng = ENGINE_by_id(eng_str(OPENSSL_SSL_CLIENT_ENGINE_AUTO));
  1815. if (!eng) {
  1816. ERR_clear_error();
  1817. ENGINE_load_builtin_engines();
  1818. eng = ENGINE_by_id(eng_str(OPENSSL_SSL_CLIENT_ENGINE_AUTO));
  1819. }
  1820. if (!eng || !SSL_CTX_set_client_cert_engine(ret, eng))
  1821. ERR_clear_error();
  1822. }
  1823. # endif
  1824. #endif
  1825. /*
  1826. * Default is to connect to non-RI servers. When RI is more widely
  1827. * deployed might change this.
  1828. */
  1829. ret->options |= SSL_OP_LEGACY_SERVER_CONNECT;
  1830. /*
  1831. * Disable SSLv2 by default, callers that want to enable SSLv2 will have to
  1832. * explicitly clear this option via either of SSL_CTX_clear_options() or
  1833. * SSL_clear_options().
  1834. */
  1835. ret->options |= SSL_OP_NO_SSLv2;
  1836. return (ret);
  1837. err:
  1838. SSLerr(SSL_F_SSL_CTX_NEW, ERR_R_MALLOC_FAILURE);
  1839. err2:
  1840. if (ret != NULL)
  1841. SSL_CTX_free(ret);
  1842. return (NULL);
  1843. }
  1844. #if 0
  1845. static void SSL_COMP_free(SSL_COMP *comp)
  1846. {
  1847. OPENSSL_free(comp);
  1848. }
  1849. #endif
  1850. #ifndef OPENSSL_NO_BUF_FREELISTS
  1851. static void ssl_buf_freelist_free(SSL3_BUF_FREELIST *list)
  1852. {
  1853. SSL3_BUF_FREELIST_ENTRY *ent, *next;
  1854. for (ent = list->head; ent; ent = next) {
  1855. next = ent->next;
  1856. OPENSSL_free(ent);
  1857. }
  1858. OPENSSL_free(list);
  1859. }
  1860. #endif
  1861. void SSL_CTX_free(SSL_CTX *a)
  1862. {
  1863. int i;
  1864. if (a == NULL)
  1865. return;
  1866. i = CRYPTO_add(&a->references, -1, CRYPTO_LOCK_SSL_CTX);
  1867. #ifdef REF_PRINT
  1868. REF_PRINT("SSL_CTX", a);
  1869. #endif
  1870. if (i > 0)
  1871. return;
  1872. #ifdef REF_CHECK
  1873. if (i < 0) {
  1874. fprintf(stderr, "SSL_CTX_free, bad reference count\n");
  1875. abort(); /* ok */
  1876. }
  1877. #endif
  1878. if (a->param)
  1879. X509_VERIFY_PARAM_free(a->param);
  1880. /*
  1881. * Free internal session cache. However: the remove_cb() may reference
  1882. * the ex_data of SSL_CTX, thus the ex_data store can only be removed
  1883. * after the sessions were flushed.
  1884. * As the ex_data handling routines might also touch the session cache,
  1885. * the most secure solution seems to be: empty (flush) the cache, then
  1886. * free ex_data, then finally free the cache.
  1887. * (See ticket [openssl.org #212].)
  1888. */
  1889. if (a->sessions != NULL)
  1890. SSL_CTX_flush_sessions(a, 0);
  1891. CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_CTX, a, &a->ex_data);
  1892. if (a->sessions != NULL)
  1893. lh_SSL_SESSION_free(a->sessions);
  1894. if (a->cert_store != NULL)
  1895. X509_STORE_free(a->cert_store);
  1896. if (a->cipher_list != NULL)
  1897. sk_SSL_CIPHER_free(a->cipher_list);
  1898. if (a->cipher_list_by_id != NULL)
  1899. sk_SSL_CIPHER_free(a->cipher_list_by_id);
  1900. if (a->cert != NULL)
  1901. ssl_cert_free(a->cert);
  1902. if (a->client_CA != NULL)
  1903. sk_X509_NAME_pop_free(a->client_CA, X509_NAME_free);
  1904. if (a->extra_certs != NULL)
  1905. sk_X509_pop_free(a->extra_certs, X509_free);
  1906. #if 0 /* This should never be done, since it
  1907. * removes a global database */
  1908. if (a->comp_methods != NULL)
  1909. sk_SSL_COMP_pop_free(a->comp_methods, SSL_COMP_free);
  1910. #else
  1911. a->comp_methods = NULL;
  1912. #endif
  1913. #ifndef OPENSSL_NO_SRTP
  1914. if (a->srtp_profiles)
  1915. sk_SRTP_PROTECTION_PROFILE_free(a->srtp_profiles);
  1916. #endif
  1917. #ifndef OPENSSL_NO_PSK
  1918. if (a->psk_identity_hint)
  1919. OPENSSL_free(a->psk_identity_hint);
  1920. #endif
  1921. #ifndef OPENSSL_NO_SRP
  1922. SSL_CTX_SRP_CTX_free(a);
  1923. #endif
  1924. #ifndef OPENSSL_NO_ENGINE
  1925. if (a->client_cert_engine)
  1926. ENGINE_finish(a->client_cert_engine);
  1927. #endif
  1928. #ifndef OPENSSL_NO_BUF_FREELISTS
  1929. if (a->wbuf_freelist)
  1930. ssl_buf_freelist_free(a->wbuf_freelist);
  1931. if (a->rbuf_freelist)
  1932. ssl_buf_freelist_free(a->rbuf_freelist);
  1933. #endif
  1934. #ifndef OPENSSL_NO_TLSEXT
  1935. # ifndef OPENSSL_NO_EC
  1936. if (a->tlsext_ecpointformatlist)
  1937. OPENSSL_free(a->tlsext_ecpointformatlist);
  1938. if (a->tlsext_ellipticcurvelist)
  1939. OPENSSL_free(a->tlsext_ellipticcurvelist);
  1940. # endif /* OPENSSL_NO_EC */
  1941. if (a->alpn_client_proto_list != NULL)
  1942. OPENSSL_free(a->alpn_client_proto_list);
  1943. #endif
  1944. OPENSSL_free(a);
  1945. }
  1946. void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb)
  1947. {
  1948. ctx->default_passwd_callback = cb;
  1949. }
  1950. void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u)
  1951. {
  1952. ctx->default_passwd_callback_userdata = u;
  1953. }
  1954. void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx,
  1955. int (*cb) (X509_STORE_CTX *, void *),
  1956. void *arg)
  1957. {
  1958. ctx->app_verify_callback = cb;
  1959. ctx->app_verify_arg = arg;
  1960. }
  1961. void SSL_CTX_set_verify(SSL_CTX *ctx, int mode,
  1962. int (*cb) (int, X509_STORE_CTX *))
  1963. {
  1964. ctx->verify_mode = mode;
  1965. ctx->default_verify_callback = cb;
  1966. }
  1967. void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth)
  1968. {
  1969. X509_VERIFY_PARAM_set_depth(ctx->param, depth);
  1970. }
  1971. void SSL_CTX_set_cert_cb(SSL_CTX *c, int (*cb) (SSL *ssl, void *arg),
  1972. void *arg)
  1973. {
  1974. ssl_cert_set_cert_cb(c->cert, cb, arg);
  1975. }
  1976. void SSL_set_cert_cb(SSL *s, int (*cb) (SSL *ssl, void *arg), void *arg)
  1977. {
  1978. ssl_cert_set_cert_cb(s->cert, cb, arg);
  1979. }
  1980. void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
  1981. {
  1982. CERT_PKEY *cpk;
  1983. int rsa_enc, rsa_tmp, rsa_sign, dh_tmp, dh_rsa, dh_dsa, dsa_sign;
  1984. int rsa_enc_export, dh_rsa_export, dh_dsa_export;
  1985. int rsa_tmp_export, dh_tmp_export, kl;
  1986. unsigned long mask_k, mask_a, emask_k, emask_a;
  1987. #ifndef OPENSSL_NO_ECDSA
  1988. int have_ecc_cert, ecdsa_ok, ecc_pkey_size;
  1989. #endif
  1990. #ifndef OPENSSL_NO_ECDH
  1991. int have_ecdh_tmp, ecdh_ok;
  1992. #endif
  1993. #ifndef OPENSSL_NO_EC
  1994. X509 *x = NULL;
  1995. EVP_PKEY *ecc_pkey = NULL;
  1996. int signature_nid = 0, pk_nid = 0, md_nid = 0;
  1997. #endif
  1998. if (c == NULL)
  1999. return;
  2000. kl = SSL_C_EXPORT_PKEYLENGTH(cipher);
  2001. #ifndef OPENSSL_NO_RSA
  2002. rsa_tmp = (c->rsa_tmp != NULL || c->rsa_tmp_cb != NULL);
  2003. rsa_tmp_export = (c->rsa_tmp_cb != NULL ||
  2004. (rsa_tmp && RSA_size(c->rsa_tmp) * 8 <= kl));
  2005. #else
  2006. rsa_tmp = rsa_tmp_export = 0;
  2007. #endif
  2008. #ifndef OPENSSL_NO_DH
  2009. dh_tmp = (c->dh_tmp != NULL || c->dh_tmp_cb != NULL);
  2010. dh_tmp_export = (c->dh_tmp_cb != NULL ||
  2011. (dh_tmp && DH_size(c->dh_tmp) * 8 <= kl));
  2012. #else
  2013. dh_tmp = dh_tmp_export = 0;
  2014. #endif
  2015. #ifndef OPENSSL_NO_ECDH
  2016. have_ecdh_tmp = (c->ecdh_tmp || c->ecdh_tmp_cb || c->ecdh_tmp_auto);
  2017. #endif
  2018. cpk = &(c->pkeys[SSL_PKEY_RSA_ENC]);
  2019. rsa_enc = cpk->valid_flags & CERT_PKEY_VALID;
  2020. rsa_enc_export = (rsa_enc && EVP_PKEY_size(cpk->privatekey) * 8 <= kl);
  2021. cpk = &(c->pkeys[SSL_PKEY_RSA_SIGN]);
  2022. rsa_sign = cpk->valid_flags & CERT_PKEY_SIGN;
  2023. cpk = &(c->pkeys[SSL_PKEY_DSA_SIGN]);
  2024. dsa_sign = cpk->valid_flags & CERT_PKEY_SIGN;
  2025. cpk = &(c->pkeys[SSL_PKEY_DH_RSA]);
  2026. dh_rsa = cpk->valid_flags & CERT_PKEY_VALID;
  2027. dh_rsa_export = (dh_rsa && EVP_PKEY_size(cpk->privatekey) * 8 <= kl);
  2028. cpk = &(c->pkeys[SSL_PKEY_DH_DSA]);
  2029. /* FIX THIS EAY EAY EAY */
  2030. dh_dsa = cpk->valid_flags & CERT_PKEY_VALID;
  2031. dh_dsa_export = (dh_dsa && EVP_PKEY_size(cpk->privatekey) * 8 <= kl);
  2032. cpk = &(c->pkeys[SSL_PKEY_ECC]);
  2033. #ifndef OPENSSL_NO_EC
  2034. have_ecc_cert = cpk->valid_flags & CERT_PKEY_VALID;
  2035. #endif
  2036. mask_k = 0;
  2037. mask_a = 0;
  2038. emask_k = 0;
  2039. emask_a = 0;
  2040. #ifdef CIPHER_DEBUG
  2041. fprintf(stderr,
  2042. "rt=%d rte=%d dht=%d ecdht=%d re=%d ree=%d rs=%d ds=%d dhr=%d dhd=%d\n",
  2043. rsa_tmp, rsa_tmp_export, dh_tmp, have_ecdh_tmp, rsa_enc,
  2044. rsa_enc_export, rsa_sign, dsa_sign, dh_rsa, dh_dsa);
  2045. #endif
  2046. cpk = &(c->pkeys[SSL_PKEY_GOST01]);
  2047. if (cpk->x509 != NULL && cpk->privatekey != NULL) {
  2048. mask_k |= SSL_kGOST;
  2049. mask_a |= SSL_aGOST01;
  2050. }
  2051. cpk = &(c->pkeys[SSL_PKEY_GOST94]);
  2052. if (cpk->x509 != NULL && cpk->privatekey != NULL) {
  2053. mask_k |= SSL_kGOST;
  2054. mask_a |= SSL_aGOST94;
  2055. }
  2056. if (rsa_enc || (rsa_tmp && rsa_sign))
  2057. mask_k |= SSL_kRSA;
  2058. if (rsa_enc_export || (rsa_tmp_export && (rsa_sign || rsa_enc)))
  2059. emask_k |= SSL_kRSA;
  2060. #if 0
  2061. /* The match needs to be both kEDH and aRSA or aDSA, so don't worry */
  2062. if ((dh_tmp || dh_rsa || dh_dsa) && (rsa_enc || rsa_sign || dsa_sign))
  2063. mask_k |= SSL_kEDH;
  2064. if ((dh_tmp_export || dh_rsa_export || dh_dsa_export) &&
  2065. (rsa_enc || rsa_sign || dsa_sign))
  2066. emask_k |= SSL_kEDH;
  2067. #endif
  2068. if (dh_tmp_export)
  2069. emask_k |= SSL_kEDH;
  2070. if (dh_tmp)
  2071. mask_k |= SSL_kEDH;
  2072. if (dh_rsa)
  2073. mask_k |= SSL_kDHr;
  2074. if (dh_rsa_export)
  2075. emask_k |= SSL_kDHr;
  2076. if (dh_dsa)
  2077. mask_k |= SSL_kDHd;
  2078. if (dh_dsa_export)
  2079. emask_k |= SSL_kDHd;
  2080. if (mask_k & (SSL_kDHr | SSL_kDHd))
  2081. mask_a |= SSL_aDH;
  2082. if (rsa_enc || rsa_sign) {
  2083. mask_a |= SSL_aRSA;
  2084. emask_a |= SSL_aRSA;
  2085. }
  2086. if (dsa_sign) {
  2087. mask_a |= SSL_aDSS;
  2088. emask_a |= SSL_aDSS;
  2089. }
  2090. mask_a |= SSL_aNULL;
  2091. emask_a |= SSL_aNULL;
  2092. #ifndef OPENSSL_NO_KRB5
  2093. mask_k |= SSL_kKRB5;
  2094. mask_a |= SSL_aKRB5;
  2095. emask_k |= SSL_kKRB5;
  2096. emask_a |= SSL_aKRB5;
  2097. #endif
  2098. /*
  2099. * An ECC certificate may be usable for ECDH and/or ECDSA cipher suites
  2100. * depending on the key usage extension.
  2101. */
  2102. #ifndef OPENSSL_NO_EC
  2103. if (have_ecc_cert) {
  2104. cpk = &c->pkeys[SSL_PKEY_ECC];
  2105. x = cpk->x509;
  2106. /* This call populates extension flags (ex_flags) */
  2107. X509_check_purpose(x, -1, 0);
  2108. # ifndef OPENSSL_NO_ECDH
  2109. ecdh_ok = (x->ex_flags & EXFLAG_KUSAGE) ?
  2110. (x->ex_kusage & X509v3_KU_KEY_AGREEMENT) : 1;
  2111. # endif
  2112. ecdsa_ok = (x->ex_flags & EXFLAG_KUSAGE) ?
  2113. (x->ex_kusage & X509v3_KU_DIGITAL_SIGNATURE) : 1;
  2114. if (!(cpk->valid_flags & CERT_PKEY_SIGN))
  2115. ecdsa_ok = 0;
  2116. ecc_pkey = X509_get_pubkey(x);
  2117. ecc_pkey_size = (ecc_pkey != NULL) ? EVP_PKEY_bits(ecc_pkey) : 0;
  2118. EVP_PKEY_free(ecc_pkey);
  2119. if ((x->sig_alg) && (x->sig_alg->algorithm)) {
  2120. signature_nid = OBJ_obj2nid(x->sig_alg->algorithm);
  2121. OBJ_find_sigid_algs(signature_nid, &md_nid, &pk_nid);
  2122. }
  2123. # ifndef OPENSSL_NO_ECDH
  2124. if (ecdh_ok) {
  2125. if (pk_nid == NID_rsaEncryption || pk_nid == NID_rsa) {
  2126. mask_k |= SSL_kECDHr;
  2127. mask_a |= SSL_aECDH;
  2128. if (ecc_pkey_size <= 163) {
  2129. emask_k |= SSL_kECDHr;
  2130. emask_a |= SSL_aECDH;
  2131. }
  2132. }
  2133. if (pk_nid == NID_X9_62_id_ecPublicKey) {
  2134. mask_k |= SSL_kECDHe;
  2135. mask_a |= SSL_aECDH;
  2136. if (ecc_pkey_size <= 163) {
  2137. emask_k |= SSL_kECDHe;
  2138. emask_a |= SSL_aECDH;
  2139. }
  2140. }
  2141. }
  2142. # endif
  2143. # ifndef OPENSSL_NO_ECDSA
  2144. if (ecdsa_ok) {
  2145. mask_a |= SSL_aECDSA;
  2146. emask_a |= SSL_aECDSA;
  2147. }
  2148. # endif
  2149. }
  2150. #endif
  2151. #ifndef OPENSSL_NO_ECDH
  2152. if (have_ecdh_tmp) {
  2153. mask_k |= SSL_kEECDH;
  2154. emask_k |= SSL_kEECDH;
  2155. }
  2156. #endif
  2157. #ifndef OPENSSL_NO_PSK
  2158. mask_k |= SSL_kPSK;
  2159. mask_a |= SSL_aPSK;
  2160. emask_k |= SSL_kPSK;
  2161. emask_a |= SSL_aPSK;
  2162. #endif
  2163. c->mask_k = mask_k;
  2164. c->mask_a = mask_a;
  2165. c->export_mask_k = emask_k;
  2166. c->export_mask_a = emask_a;
  2167. c->valid = 1;
  2168. }
  2169. /* This handy macro borrowed from crypto/x509v3/v3_purp.c */
  2170. #define ku_reject(x, usage) \
  2171. (((x)->ex_flags & EXFLAG_KUSAGE) && !((x)->ex_kusage & (usage)))
  2172. #ifndef OPENSSL_NO_EC
  2173. int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
  2174. {
  2175. unsigned long alg_k, alg_a;
  2176. EVP_PKEY *pkey = NULL;
  2177. int keysize = 0;
  2178. int signature_nid = 0, md_nid = 0, pk_nid = 0;
  2179. const SSL_CIPHER *cs = s->s3->tmp.new_cipher;
  2180. alg_k = cs->algorithm_mkey;
  2181. alg_a = cs->algorithm_auth;
  2182. if (SSL_C_IS_EXPORT(cs)) {
  2183. /* ECDH key length in export ciphers must be <= 163 bits */
  2184. pkey = X509_get_pubkey(x);
  2185. if (pkey == NULL)
  2186. return 0;
  2187. keysize = EVP_PKEY_bits(pkey);
  2188. EVP_PKEY_free(pkey);
  2189. if (keysize > 163)
  2190. return 0;
  2191. }
  2192. /* This call populates the ex_flags field correctly */
  2193. X509_check_purpose(x, -1, 0);
  2194. if ((x->sig_alg) && (x->sig_alg->algorithm)) {
  2195. signature_nid = OBJ_obj2nid(x->sig_alg->algorithm);
  2196. OBJ_find_sigid_algs(signature_nid, &md_nid, &pk_nid);
  2197. }
  2198. if (alg_k & SSL_kECDHe || alg_k & SSL_kECDHr) {
  2199. /* key usage, if present, must allow key agreement */
  2200. if (ku_reject(x, X509v3_KU_KEY_AGREEMENT)) {
  2201. SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
  2202. SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT);
  2203. return 0;
  2204. }
  2205. if ((alg_k & SSL_kECDHe) && TLS1_get_version(s) < TLS1_2_VERSION) {
  2206. /* signature alg must be ECDSA */
  2207. if (pk_nid != NID_X9_62_id_ecPublicKey) {
  2208. SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
  2209. SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE);
  2210. return 0;
  2211. }
  2212. }
  2213. if ((alg_k & SSL_kECDHr) && TLS1_get_version(s) < TLS1_2_VERSION) {
  2214. /* signature alg must be RSA */
  2215. if (pk_nid != NID_rsaEncryption && pk_nid != NID_rsa) {
  2216. SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
  2217. SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE);
  2218. return 0;
  2219. }
  2220. }
  2221. }
  2222. if (alg_a & SSL_aECDSA) {
  2223. /* key usage, if present, must allow signing */
  2224. if (ku_reject(x, X509v3_KU_DIGITAL_SIGNATURE)) {
  2225. SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
  2226. SSL_R_ECC_CERT_NOT_FOR_SIGNING);
  2227. return 0;
  2228. }
  2229. }
  2230. return 1; /* all checks are ok */
  2231. }
  2232. #endif
  2233. static int ssl_get_server_cert_index(const SSL *s)
  2234. {
  2235. int idx;
  2236. idx = ssl_cipher_get_cert_index(s->s3->tmp.new_cipher);
  2237. if (idx == SSL_PKEY_RSA_ENC && !s->cert->pkeys[SSL_PKEY_RSA_ENC].x509)
  2238. idx = SSL_PKEY_RSA_SIGN;
  2239. if (idx == -1)
  2240. SSLerr(SSL_F_SSL_GET_SERVER_CERT_INDEX, ERR_R_INTERNAL_ERROR);
  2241. return idx;
  2242. }
  2243. CERT_PKEY *ssl_get_server_send_pkey(const SSL *s)
  2244. {
  2245. CERT *c;
  2246. int i;
  2247. c = s->cert;
  2248. if (!s->s3 || !s->s3->tmp.new_cipher)
  2249. return NULL;
  2250. ssl_set_cert_masks(c, s->s3->tmp.new_cipher);
  2251. #ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL
  2252. /*
  2253. * Broken protocol test: return last used certificate: which may mismatch
  2254. * the one expected.
  2255. */
  2256. if (c->cert_flags & SSL_CERT_FLAG_BROKEN_PROTOCOL)
  2257. return c->key;
  2258. #endif
  2259. i = ssl_get_server_cert_index(s);
  2260. /* This may or may not be an error. */
  2261. if (i < 0)
  2262. return NULL;
  2263. /* May be NULL. */
  2264. return &c->pkeys[i];
  2265. }
  2266. EVP_PKEY *ssl_get_sign_pkey(SSL *s, const SSL_CIPHER *cipher,
  2267. const EVP_MD **pmd)
  2268. {
  2269. unsigned long alg_a;
  2270. CERT *c;
  2271. int idx = -1;
  2272. alg_a = cipher->algorithm_auth;
  2273. c = s->cert;
  2274. #ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL
  2275. /*
  2276. * Broken protocol test: use last key: which may mismatch the one
  2277. * expected.
  2278. */
  2279. if (c->cert_flags & SSL_CERT_FLAG_BROKEN_PROTOCOL)
  2280. idx = c->key - c->pkeys;
  2281. else
  2282. #endif
  2283. if ((alg_a & SSL_aDSS) &&
  2284. (c->pkeys[SSL_PKEY_DSA_SIGN].privatekey != NULL))
  2285. idx = SSL_PKEY_DSA_SIGN;
  2286. else if (alg_a & SSL_aRSA) {
  2287. if (c->pkeys[SSL_PKEY_RSA_SIGN].privatekey != NULL)
  2288. idx = SSL_PKEY_RSA_SIGN;
  2289. else if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey != NULL)
  2290. idx = SSL_PKEY_RSA_ENC;
  2291. } else if ((alg_a & SSL_aECDSA) &&
  2292. (c->pkeys[SSL_PKEY_ECC].privatekey != NULL))
  2293. idx = SSL_PKEY_ECC;
  2294. if (idx == -1) {
  2295. SSLerr(SSL_F_SSL_GET_SIGN_PKEY, ERR_R_INTERNAL_ERROR);
  2296. return (NULL);
  2297. }
  2298. if (pmd)
  2299. *pmd = c->pkeys[idx].digest;
  2300. return c->pkeys[idx].privatekey;
  2301. }
  2302. #ifndef OPENSSL_NO_TLSEXT
  2303. int ssl_get_server_cert_serverinfo(SSL *s, const unsigned char **serverinfo,
  2304. size_t *serverinfo_length)
  2305. {
  2306. CERT *c = NULL;
  2307. int i = 0;
  2308. *serverinfo_length = 0;
  2309. c = s->cert;
  2310. i = ssl_get_server_cert_index(s);
  2311. if (i == -1)
  2312. return 0;
  2313. if (c->pkeys[i].serverinfo == NULL)
  2314. return 0;
  2315. *serverinfo = c->pkeys[i].serverinfo;
  2316. *serverinfo_length = c->pkeys[i].serverinfo_length;
  2317. return 1;
  2318. }
  2319. #endif
  2320. void ssl_update_cache(SSL *s, int mode)
  2321. {
  2322. int i;
  2323. /*
  2324. * If the session_id_length is 0, we are not supposed to cache it, and it
  2325. * would be rather hard to do anyway :-)
  2326. */
  2327. if (s->session->session_id_length == 0)
  2328. return;
  2329. i = s->session_ctx->session_cache_mode;
  2330. if ((i & mode) && (!s->hit)
  2331. && ((i & SSL_SESS_CACHE_NO_INTERNAL_STORE)
  2332. || SSL_CTX_add_session(s->session_ctx, s->session))
  2333. && (s->session_ctx->new_session_cb != NULL)) {
  2334. CRYPTO_add(&s->session->references, 1, CRYPTO_LOCK_SSL_SESSION);
  2335. if (!s->session_ctx->new_session_cb(s, s->session))
  2336. SSL_SESSION_free(s->session);
  2337. }
  2338. /* auto flush every 255 connections */
  2339. if ((!(i & SSL_SESS_CACHE_NO_AUTO_CLEAR)) && ((i & mode) == mode)) {
  2340. if ((((mode & SSL_SESS_CACHE_CLIENT)
  2341. ? s->session_ctx->stats.sess_connect_good
  2342. : s->session_ctx->stats.sess_accept_good) & 0xff) == 0xff) {
  2343. SSL_CTX_flush_sessions(s->session_ctx, (unsigned long)time(NULL));
  2344. }
  2345. }
  2346. }
  2347. const SSL_METHOD *SSL_CTX_get_ssl_method(SSL_CTX *ctx)
  2348. {
  2349. return ctx->method;
  2350. }
  2351. const SSL_METHOD *SSL_get_ssl_method(SSL *s)
  2352. {
  2353. return (s->method);
  2354. }
  2355. int SSL_set_ssl_method(SSL *s, const SSL_METHOD *meth)
  2356. {
  2357. int conn = -1;
  2358. int ret = 1;
  2359. if (s->method != meth) {
  2360. if (s->handshake_func != NULL)
  2361. conn = (s->handshake_func == s->method->ssl_connect);
  2362. if (s->method->version == meth->version)
  2363. s->method = meth;
  2364. else {
  2365. s->method->ssl_free(s);
  2366. s->method = meth;
  2367. ret = s->method->ssl_new(s);
  2368. }
  2369. if (conn == 1)
  2370. s->handshake_func = meth->ssl_connect;
  2371. else if (conn == 0)
  2372. s->handshake_func = meth->ssl_accept;
  2373. }
  2374. return (ret);
  2375. }
  2376. int SSL_get_error(const SSL *s, int i)
  2377. {
  2378. int reason;
  2379. unsigned long l;
  2380. BIO *bio;
  2381. if (i > 0)
  2382. return (SSL_ERROR_NONE);
  2383. /*
  2384. * Make things return SSL_ERROR_SYSCALL when doing SSL_do_handshake etc,
  2385. * where we do encode the error
  2386. */
  2387. if ((l = ERR_peek_error()) != 0) {
  2388. if (ERR_GET_LIB(l) == ERR_LIB_SYS)
  2389. return (SSL_ERROR_SYSCALL);
  2390. else
  2391. return (SSL_ERROR_SSL);
  2392. }
  2393. if ((i < 0) && SSL_want_read(s)) {
  2394. bio = SSL_get_rbio(s);
  2395. if (BIO_should_read(bio))
  2396. return (SSL_ERROR_WANT_READ);
  2397. else if (BIO_should_write(bio))
  2398. /*
  2399. * This one doesn't make too much sense ... We never try to write
  2400. * to the rbio, and an application program where rbio and wbio
  2401. * are separate couldn't even know what it should wait for.
  2402. * However if we ever set s->rwstate incorrectly (so that we have
  2403. * SSL_want_read(s) instead of SSL_want_write(s)) and rbio and
  2404. * wbio *are* the same, this test works around that bug; so it
  2405. * might be safer to keep it.
  2406. */
  2407. return (SSL_ERROR_WANT_WRITE);
  2408. else if (BIO_should_io_special(bio)) {
  2409. reason = BIO_get_retry_reason(bio);
  2410. if (reason == BIO_RR_CONNECT)
  2411. return (SSL_ERROR_WANT_CONNECT);
  2412. else if (reason == BIO_RR_ACCEPT)
  2413. return (SSL_ERROR_WANT_ACCEPT);
  2414. else
  2415. return (SSL_ERROR_SYSCALL); /* unknown */
  2416. }
  2417. }
  2418. if ((i < 0) && SSL_want_write(s)) {
  2419. bio = SSL_get_wbio(s);
  2420. if (BIO_should_write(bio))
  2421. return (SSL_ERROR_WANT_WRITE);
  2422. else if (BIO_should_read(bio))
  2423. /*
  2424. * See above (SSL_want_read(s) with BIO_should_write(bio))
  2425. */
  2426. return (SSL_ERROR_WANT_READ);
  2427. else if (BIO_should_io_special(bio)) {
  2428. reason = BIO_get_retry_reason(bio);
  2429. if (reason == BIO_RR_CONNECT)
  2430. return (SSL_ERROR_WANT_CONNECT);
  2431. else if (reason == BIO_RR_ACCEPT)
  2432. return (SSL_ERROR_WANT_ACCEPT);
  2433. else
  2434. return (SSL_ERROR_SYSCALL);
  2435. }
  2436. }
  2437. if ((i < 0) && SSL_want_x509_lookup(s)) {
  2438. return (SSL_ERROR_WANT_X509_LOOKUP);
  2439. }
  2440. if (i == 0) {
  2441. if (s->version == SSL2_VERSION) {
  2442. /* assume it is the socket being closed */
  2443. return (SSL_ERROR_ZERO_RETURN);
  2444. } else {
  2445. if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) &&
  2446. (s->s3->warn_alert == SSL_AD_CLOSE_NOTIFY))
  2447. return (SSL_ERROR_ZERO_RETURN);
  2448. }
  2449. }
  2450. return (SSL_ERROR_SYSCALL);
  2451. }
  2452. int SSL_do_handshake(SSL *s)
  2453. {
  2454. int ret = 1;
  2455. if (s->handshake_func == NULL) {
  2456. SSLerr(SSL_F_SSL_DO_HANDSHAKE, SSL_R_CONNECTION_TYPE_NOT_SET);
  2457. return (-1);
  2458. }
  2459. s->method->ssl_renegotiate_check(s);
  2460. if (SSL_in_init(s) || SSL_in_before(s)) {
  2461. ret = s->handshake_func(s);
  2462. }
  2463. return (ret);
  2464. }
  2465. /*
  2466. * For the next 2 functions, SSL_clear() sets shutdown and so one of these
  2467. * calls will reset it
  2468. */
  2469. void SSL_set_accept_state(SSL *s)
  2470. {
  2471. s->server = 1;
  2472. s->shutdown = 0;
  2473. s->state = SSL_ST_ACCEPT | SSL_ST_BEFORE;
  2474. s->handshake_func = s->method->ssl_accept;
  2475. /* clear the current cipher */
  2476. ssl_clear_cipher_ctx(s);
  2477. ssl_clear_hash_ctx(&s->read_hash);
  2478. ssl_clear_hash_ctx(&s->write_hash);
  2479. }
  2480. void SSL_set_connect_state(SSL *s)
  2481. {
  2482. s->server = 0;
  2483. s->shutdown = 0;
  2484. s->state = SSL_ST_CONNECT | SSL_ST_BEFORE;
  2485. s->handshake_func = s->method->ssl_connect;
  2486. /* clear the current cipher */
  2487. ssl_clear_cipher_ctx(s);
  2488. ssl_clear_hash_ctx(&s->read_hash);
  2489. ssl_clear_hash_ctx(&s->write_hash);
  2490. }
  2491. int ssl_undefined_function(SSL *s)
  2492. {
  2493. SSLerr(SSL_F_SSL_UNDEFINED_FUNCTION, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
  2494. return (0);
  2495. }
  2496. int ssl_undefined_void_function(void)
  2497. {
  2498. SSLerr(SSL_F_SSL_UNDEFINED_VOID_FUNCTION,
  2499. ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
  2500. return (0);
  2501. }
  2502. int ssl_undefined_const_function(const SSL *s)
  2503. {
  2504. SSLerr(SSL_F_SSL_UNDEFINED_CONST_FUNCTION,
  2505. ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
  2506. return (0);
  2507. }
  2508. SSL_METHOD *ssl_bad_method(int ver)
  2509. {
  2510. SSLerr(SSL_F_SSL_BAD_METHOD, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
  2511. return (NULL);
  2512. }
  2513. const char *SSL_get_version(const SSL *s)
  2514. {
  2515. if (s->version == TLS1_2_VERSION)
  2516. return ("TLSv1.2");
  2517. else if (s->version == TLS1_1_VERSION)
  2518. return ("TLSv1.1");
  2519. else if (s->version == TLS1_VERSION)
  2520. return ("TLSv1");
  2521. else if (s->version == SSL3_VERSION)
  2522. return ("SSLv3");
  2523. else if (s->version == SSL2_VERSION)
  2524. return ("SSLv2");
  2525. else if (s->version == DTLS1_BAD_VER)
  2526. return ("DTLSv0.9");
  2527. else if (s->version == DTLS1_VERSION)
  2528. return ("DTLSv1");
  2529. else if (s->version == DTLS1_2_VERSION)
  2530. return ("DTLSv1.2");
  2531. else
  2532. return ("unknown");
  2533. }
  2534. SSL *SSL_dup(SSL *s)
  2535. {
  2536. STACK_OF(X509_NAME) *sk;
  2537. X509_NAME *xn;
  2538. SSL *ret;
  2539. int i;
  2540. if ((ret = SSL_new(SSL_get_SSL_CTX(s))) == NULL)
  2541. return (NULL);
  2542. ret->version = s->version;
  2543. ret->type = s->type;
  2544. ret->method = s->method;
  2545. if (s->session != NULL) {
  2546. /* This copies session-id, SSL_METHOD, sid_ctx, and 'cert' */
  2547. SSL_copy_session_id(ret, s);
  2548. } else {
  2549. /*
  2550. * No session has been established yet, so we have to expect that
  2551. * s->cert or ret->cert will be changed later -- they should not both
  2552. * point to the same object, and thus we can't use
  2553. * SSL_copy_session_id.
  2554. */
  2555. ret->method->ssl_free(ret);
  2556. ret->method = s->method;
  2557. ret->method->ssl_new(ret);
  2558. if (s->cert != NULL) {
  2559. if (ret->cert != NULL) {
  2560. ssl_cert_free(ret->cert);
  2561. }
  2562. ret->cert = ssl_cert_dup(s->cert);
  2563. if (ret->cert == NULL)
  2564. goto err;
  2565. }
  2566. SSL_set_session_id_context(ret, s->sid_ctx, s->sid_ctx_length);
  2567. }
  2568. ret->options = s->options;
  2569. ret->mode = s->mode;
  2570. SSL_set_max_cert_list(ret, SSL_get_max_cert_list(s));
  2571. SSL_set_read_ahead(ret, SSL_get_read_ahead(s));
  2572. ret->msg_callback = s->msg_callback;
  2573. ret->msg_callback_arg = s->msg_callback_arg;
  2574. SSL_set_verify(ret, SSL_get_verify_mode(s), SSL_get_verify_callback(s));
  2575. SSL_set_verify_depth(ret, SSL_get_verify_depth(s));
  2576. ret->generate_session_id = s->generate_session_id;
  2577. SSL_set_info_callback(ret, SSL_get_info_callback(s));
  2578. ret->debug = s->debug;
  2579. /* copy app data, a little dangerous perhaps */
  2580. if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL, &ret->ex_data, &s->ex_data))
  2581. goto err;
  2582. /* setup rbio, and wbio */
  2583. if (s->rbio != NULL) {
  2584. if (!BIO_dup_state(s->rbio, (char *)&ret->rbio))
  2585. goto err;
  2586. }
  2587. if (s->wbio != NULL) {
  2588. if (s->wbio != s->rbio) {
  2589. if (!BIO_dup_state(s->wbio, (char *)&ret->wbio))
  2590. goto err;
  2591. } else
  2592. ret->wbio = ret->rbio;
  2593. }
  2594. ret->rwstate = s->rwstate;
  2595. ret->in_handshake = s->in_handshake;
  2596. ret->handshake_func = s->handshake_func;
  2597. ret->server = s->server;
  2598. ret->renegotiate = s->renegotiate;
  2599. ret->new_session = s->new_session;
  2600. ret->quiet_shutdown = s->quiet_shutdown;
  2601. ret->shutdown = s->shutdown;
  2602. ret->state = s->state; /* SSL_dup does not really work at any state,
  2603. * though */
  2604. ret->rstate = s->rstate;
  2605. ret->init_num = 0; /* would have to copy ret->init_buf,
  2606. * ret->init_msg, ret->init_num,
  2607. * ret->init_off */
  2608. ret->hit = s->hit;
  2609. X509_VERIFY_PARAM_inherit(ret->param, s->param);
  2610. /* dup the cipher_list and cipher_list_by_id stacks */
  2611. if (s->cipher_list != NULL) {
  2612. if ((ret->cipher_list = sk_SSL_CIPHER_dup(s->cipher_list)) == NULL)
  2613. goto err;
  2614. }
  2615. if (s->cipher_list_by_id != NULL)
  2616. if ((ret->cipher_list_by_id = sk_SSL_CIPHER_dup(s->cipher_list_by_id))
  2617. == NULL)
  2618. goto err;
  2619. /* Dup the client_CA list */
  2620. if (s->client_CA != NULL) {
  2621. if ((sk = sk_X509_NAME_dup(s->client_CA)) == NULL)
  2622. goto err;
  2623. ret->client_CA = sk;
  2624. for (i = 0; i < sk_X509_NAME_num(sk); i++) {
  2625. xn = sk_X509_NAME_value(sk, i);
  2626. if (sk_X509_NAME_set(sk, i, X509_NAME_dup(xn)) == NULL) {
  2627. X509_NAME_free(xn);
  2628. goto err;
  2629. }
  2630. }
  2631. }
  2632. if (0) {
  2633. err:
  2634. if (ret != NULL)
  2635. SSL_free(ret);
  2636. ret = NULL;
  2637. }
  2638. return (ret);
  2639. }
  2640. void ssl_clear_cipher_ctx(SSL *s)
  2641. {
  2642. if (s->enc_read_ctx != NULL) {
  2643. EVP_CIPHER_CTX_cleanup(s->enc_read_ctx);
  2644. OPENSSL_free(s->enc_read_ctx);
  2645. s->enc_read_ctx = NULL;
  2646. }
  2647. if (s->enc_write_ctx != NULL) {
  2648. EVP_CIPHER_CTX_cleanup(s->enc_write_ctx);
  2649. OPENSSL_free(s->enc_write_ctx);
  2650. s->enc_write_ctx = NULL;
  2651. }
  2652. #ifndef OPENSSL_NO_COMP
  2653. if (s->expand != NULL) {
  2654. COMP_CTX_free(s->expand);
  2655. s->expand = NULL;
  2656. }
  2657. if (s->compress != NULL) {
  2658. COMP_CTX_free(s->compress);
  2659. s->compress = NULL;
  2660. }
  2661. #endif
  2662. }
  2663. X509 *SSL_get_certificate(const SSL *s)
  2664. {
  2665. if (s->cert != NULL)
  2666. return (s->cert->key->x509);
  2667. else
  2668. return (NULL);
  2669. }
  2670. EVP_PKEY *SSL_get_privatekey(const SSL *s)
  2671. {
  2672. if (s->cert != NULL)
  2673. return (s->cert->key->privatekey);
  2674. else
  2675. return (NULL);
  2676. }
  2677. X509 *SSL_CTX_get0_certificate(const SSL_CTX *ctx)
  2678. {
  2679. if (ctx->cert != NULL)
  2680. return ctx->cert->key->x509;
  2681. else
  2682. return NULL;
  2683. }
  2684. EVP_PKEY *SSL_CTX_get0_privatekey(const SSL_CTX *ctx)
  2685. {
  2686. if (ctx->cert != NULL)
  2687. return ctx->cert->key->privatekey;
  2688. else
  2689. return NULL;
  2690. }
  2691. const SSL_CIPHER *SSL_get_current_cipher(const SSL *s)
  2692. {
  2693. if ((s->session != NULL) && (s->session->cipher != NULL))
  2694. return (s->session->cipher);
  2695. return (NULL);
  2696. }
  2697. #ifdef OPENSSL_NO_COMP
  2698. const COMP_METHOD *SSL_get_current_compression(SSL *s)
  2699. {
  2700. return NULL;
  2701. }
  2702. const COMP_METHOD *SSL_get_current_expansion(SSL *s)
  2703. {
  2704. return NULL;
  2705. }
  2706. #else
  2707. const COMP_METHOD *SSL_get_current_compression(SSL *s)
  2708. {
  2709. if (s->compress != NULL)
  2710. return (s->compress->meth);
  2711. return (NULL);
  2712. }
  2713. const COMP_METHOD *SSL_get_current_expansion(SSL *s)
  2714. {
  2715. if (s->expand != NULL)
  2716. return (s->expand->meth);
  2717. return (NULL);
  2718. }
  2719. #endif
  2720. int ssl_init_wbio_buffer(SSL *s, int push)
  2721. {
  2722. BIO *bbio;
  2723. if (s->bbio == NULL) {
  2724. bbio = BIO_new(BIO_f_buffer());
  2725. if (bbio == NULL)
  2726. return (0);
  2727. s->bbio = bbio;
  2728. } else {
  2729. bbio = s->bbio;
  2730. if (s->bbio == s->wbio)
  2731. s->wbio = BIO_pop(s->wbio);
  2732. }
  2733. (void)BIO_reset(bbio);
  2734. /* if (!BIO_set_write_buffer_size(bbio,16*1024)) */
  2735. if (!BIO_set_read_buffer_size(bbio, 1)) {
  2736. SSLerr(SSL_F_SSL_INIT_WBIO_BUFFER, ERR_R_BUF_LIB);
  2737. return (0);
  2738. }
  2739. if (push) {
  2740. if (s->wbio != bbio)
  2741. s->wbio = BIO_push(bbio, s->wbio);
  2742. } else {
  2743. if (s->wbio == bbio)
  2744. s->wbio = BIO_pop(bbio);
  2745. }
  2746. return (1);
  2747. }
  2748. void ssl_free_wbio_buffer(SSL *s)
  2749. {
  2750. if (s->bbio == NULL)
  2751. return;
  2752. if (s->bbio == s->wbio) {
  2753. /* remove buffering */
  2754. s->wbio = BIO_pop(s->wbio);
  2755. #ifdef REF_CHECK /* not the usual REF_CHECK, but this avoids
  2756. * adding one more preprocessor symbol */
  2757. assert(s->wbio != NULL);
  2758. #endif
  2759. }
  2760. BIO_free(s->bbio);
  2761. s->bbio = NULL;
  2762. }
  2763. void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode)
  2764. {
  2765. ctx->quiet_shutdown = mode;
  2766. }
  2767. int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx)
  2768. {
  2769. return (ctx->quiet_shutdown);
  2770. }
  2771. void SSL_set_quiet_shutdown(SSL *s, int mode)
  2772. {
  2773. s->quiet_shutdown = mode;
  2774. }
  2775. int SSL_get_quiet_shutdown(const SSL *s)
  2776. {
  2777. return (s->quiet_shutdown);
  2778. }
  2779. void SSL_set_shutdown(SSL *s, int mode)
  2780. {
  2781. s->shutdown = mode;
  2782. }
  2783. int SSL_get_shutdown(const SSL *s)
  2784. {
  2785. return (s->shutdown);
  2786. }
  2787. int SSL_version(const SSL *s)
  2788. {
  2789. return (s->version);
  2790. }
  2791. SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl)
  2792. {
  2793. return (ssl->ctx);
  2794. }
  2795. SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX *ctx)
  2796. {
  2797. CERT *ocert = ssl->cert;
  2798. if (ssl->ctx == ctx)
  2799. return ssl->ctx;
  2800. #ifndef OPENSSL_NO_TLSEXT
  2801. if (ctx == NULL)
  2802. ctx = ssl->initial_ctx;
  2803. #endif
  2804. ssl->cert = ssl_cert_dup(ctx->cert);
  2805. if (ocert) {
  2806. /* Preserve any already negotiated parameters */
  2807. if (ssl->server) {
  2808. ssl->cert->peer_sigalgs = ocert->peer_sigalgs;
  2809. ssl->cert->peer_sigalgslen = ocert->peer_sigalgslen;
  2810. ocert->peer_sigalgs = NULL;
  2811. ssl->cert->ciphers_raw = ocert->ciphers_raw;
  2812. ssl->cert->ciphers_rawlen = ocert->ciphers_rawlen;
  2813. ocert->ciphers_raw = NULL;
  2814. }
  2815. #ifndef OPENSSL_NO_TLSEXT
  2816. ssl->cert->alpn_proposed = ocert->alpn_proposed;
  2817. ssl->cert->alpn_proposed_len = ocert->alpn_proposed_len;
  2818. ocert->alpn_proposed = NULL;
  2819. ssl->cert->alpn_sent = ocert->alpn_sent;
  2820. if (!custom_exts_copy_flags(&ssl->cert->srv_ext, &ocert->srv_ext))
  2821. return NULL;
  2822. #endif
  2823. ssl_cert_free(ocert);
  2824. }
  2825. /*
  2826. * Program invariant: |sid_ctx| has fixed size (SSL_MAX_SID_CTX_LENGTH),
  2827. * so setter APIs must prevent invalid lengths from entering the system.
  2828. */
  2829. OPENSSL_assert(ssl->sid_ctx_length <= sizeof(ssl->sid_ctx));
  2830. /*
  2831. * If the session ID context matches that of the parent SSL_CTX,
  2832. * inherit it from the new SSL_CTX as well. If however the context does
  2833. * not match (i.e., it was set per-ssl with SSL_set_session_id_context),
  2834. * leave it unchanged.
  2835. */
  2836. if ((ssl->ctx != NULL) &&
  2837. (ssl->sid_ctx_length == ssl->ctx->sid_ctx_length) &&
  2838. (memcmp(ssl->sid_ctx, ssl->ctx->sid_ctx, ssl->sid_ctx_length) == 0)) {
  2839. ssl->sid_ctx_length = ctx->sid_ctx_length;
  2840. memcpy(&ssl->sid_ctx, &ctx->sid_ctx, sizeof(ssl->sid_ctx));
  2841. }
  2842. CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
  2843. if (ssl->ctx != NULL)
  2844. SSL_CTX_free(ssl->ctx); /* decrement reference count */
  2845. ssl->ctx = ctx;
  2846. return (ssl->ctx);
  2847. }
  2848. #ifndef OPENSSL_NO_STDIO
  2849. int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx)
  2850. {
  2851. return (X509_STORE_set_default_paths(ctx->cert_store));
  2852. }
  2853. int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
  2854. const char *CApath)
  2855. {
  2856. return (X509_STORE_load_locations(ctx->cert_store, CAfile, CApath));
  2857. }
  2858. #endif
  2859. void SSL_set_info_callback(SSL *ssl,
  2860. void (*cb) (const SSL *ssl, int type, int val))
  2861. {
  2862. ssl->info_callback = cb;
  2863. }
  2864. /*
  2865. * One compiler (Diab DCC) doesn't like argument names in returned function
  2866. * pointer.
  2867. */
  2868. void (*SSL_get_info_callback(const SSL *ssl)) (const SSL * /* ssl */ ,
  2869. int /* type */ ,
  2870. int /* val */ ) {
  2871. return ssl->info_callback;
  2872. }
  2873. int SSL_state(const SSL *ssl)
  2874. {
  2875. return (ssl->state);
  2876. }
  2877. void SSL_set_state(SSL *ssl, int state)
  2878. {
  2879. ssl->state = state;
  2880. }
  2881. void SSL_set_verify_result(SSL *ssl, long arg)
  2882. {
  2883. ssl->verify_result = arg;
  2884. }
  2885. long SSL_get_verify_result(const SSL *ssl)
  2886. {
  2887. return (ssl->verify_result);
  2888. }
  2889. int SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
  2890. CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
  2891. {
  2892. return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL, argl, argp,
  2893. new_func, dup_func, free_func);
  2894. }
  2895. int SSL_set_ex_data(SSL *s, int idx, void *arg)
  2896. {
  2897. return (CRYPTO_set_ex_data(&s->ex_data, idx, arg));
  2898. }
  2899. void *SSL_get_ex_data(const SSL *s, int idx)
  2900. {
  2901. return (CRYPTO_get_ex_data(&s->ex_data, idx));
  2902. }
  2903. int SSL_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
  2904. CRYPTO_EX_dup *dup_func,
  2905. CRYPTO_EX_free *free_func)
  2906. {
  2907. return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX, argl, argp,
  2908. new_func, dup_func, free_func);
  2909. }
  2910. int SSL_CTX_set_ex_data(SSL_CTX *s, int idx, void *arg)
  2911. {
  2912. return (CRYPTO_set_ex_data(&s->ex_data, idx, arg));
  2913. }
  2914. void *SSL_CTX_get_ex_data(const SSL_CTX *s, int idx)
  2915. {
  2916. return (CRYPTO_get_ex_data(&s->ex_data, idx));
  2917. }
  2918. int ssl_ok(SSL *s)
  2919. {
  2920. return (1);
  2921. }
  2922. X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *ctx)
  2923. {
  2924. return (ctx->cert_store);
  2925. }
  2926. void SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *store)
  2927. {
  2928. if (ctx->cert_store != NULL)
  2929. X509_STORE_free(ctx->cert_store);
  2930. ctx->cert_store = store;
  2931. }
  2932. int SSL_want(const SSL *s)
  2933. {
  2934. return (s->rwstate);
  2935. }
  2936. /**
  2937. * \brief Set the callback for generating temporary RSA keys.
  2938. * \param ctx the SSL context.
  2939. * \param cb the callback
  2940. */
  2941. #ifndef OPENSSL_NO_RSA
  2942. void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx, RSA *(*cb) (SSL *ssl,
  2943. int is_export,
  2944. int keylength))
  2945. {
  2946. SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_RSA_CB, (void (*)(void))cb);
  2947. }
  2948. void SSL_set_tmp_rsa_callback(SSL *ssl, RSA *(*cb) (SSL *ssl,
  2949. int is_export,
  2950. int keylength))
  2951. {
  2952. SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_RSA_CB, (void (*)(void))cb);
  2953. }
  2954. #endif
  2955. #ifdef DOXYGEN
  2956. /**
  2957. * \brief The RSA temporary key callback function.
  2958. * \param ssl the SSL session.
  2959. * \param is_export \c TRUE if the temp RSA key is for an export ciphersuite.
  2960. * \param keylength if \c is_export is \c TRUE, then \c keylength is the size
  2961. * of the required key in bits.
  2962. * \return the temporary RSA key.
  2963. * \sa SSL_CTX_set_tmp_rsa_callback, SSL_set_tmp_rsa_callback
  2964. */
  2965. RSA *cb(SSL *ssl, int is_export, int keylength)
  2966. {
  2967. }
  2968. #endif
  2969. /**
  2970. * \brief Set the callback for generating temporary DH keys.
  2971. * \param ctx the SSL context.
  2972. * \param dh the callback
  2973. */
  2974. #ifndef OPENSSL_NO_DH
  2975. void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
  2976. DH *(*dh) (SSL *ssl, int is_export,
  2977. int keylength))
  2978. {
  2979. SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_DH_CB, (void (*)(void))dh);
  2980. }
  2981. void SSL_set_tmp_dh_callback(SSL *ssl, DH *(*dh) (SSL *ssl, int is_export,
  2982. int keylength))
  2983. {
  2984. SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_DH_CB, (void (*)(void))dh);
  2985. }
  2986. #endif
  2987. #ifndef OPENSSL_NO_ECDH
  2988. void SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx,
  2989. EC_KEY *(*ecdh) (SSL *ssl, int is_export,
  2990. int keylength))
  2991. {
  2992. SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_ECDH_CB,
  2993. (void (*)(void))ecdh);
  2994. }
  2995. void SSL_set_tmp_ecdh_callback(SSL *ssl,
  2996. EC_KEY *(*ecdh) (SSL *ssl, int is_export,
  2997. int keylength))
  2998. {
  2999. SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_ECDH_CB, (void (*)(void))ecdh);
  3000. }
  3001. #endif
  3002. #ifndef OPENSSL_NO_PSK
  3003. int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *identity_hint)
  3004. {
  3005. if (identity_hint != NULL && strlen(identity_hint) > PSK_MAX_IDENTITY_LEN) {
  3006. SSLerr(SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT,
  3007. SSL_R_DATA_LENGTH_TOO_LONG);
  3008. return 0;
  3009. }
  3010. if (ctx->psk_identity_hint != NULL)
  3011. OPENSSL_free(ctx->psk_identity_hint);
  3012. if (identity_hint != NULL) {
  3013. ctx->psk_identity_hint = BUF_strdup(identity_hint);
  3014. if (ctx->psk_identity_hint == NULL)
  3015. return 0;
  3016. } else
  3017. ctx->psk_identity_hint = NULL;
  3018. return 1;
  3019. }
  3020. int SSL_use_psk_identity_hint(SSL *s, const char *identity_hint)
  3021. {
  3022. if (s == NULL)
  3023. return 0;
  3024. if (s->session == NULL)
  3025. return 1; /* session not created yet, ignored */
  3026. if (identity_hint != NULL && strlen(identity_hint) > PSK_MAX_IDENTITY_LEN) {
  3027. SSLerr(SSL_F_SSL_USE_PSK_IDENTITY_HINT, SSL_R_DATA_LENGTH_TOO_LONG);
  3028. return 0;
  3029. }
  3030. if (s->session->psk_identity_hint != NULL)
  3031. OPENSSL_free(s->session->psk_identity_hint);
  3032. if (identity_hint != NULL) {
  3033. s->session->psk_identity_hint = BUF_strdup(identity_hint);
  3034. if (s->session->psk_identity_hint == NULL)
  3035. return 0;
  3036. } else
  3037. s->session->psk_identity_hint = NULL;
  3038. return 1;
  3039. }
  3040. const char *SSL_get_psk_identity_hint(const SSL *s)
  3041. {
  3042. if (s == NULL || s->session == NULL)
  3043. return NULL;
  3044. return (s->session->psk_identity_hint);
  3045. }
  3046. const char *SSL_get_psk_identity(const SSL *s)
  3047. {
  3048. if (s == NULL || s->session == NULL)
  3049. return NULL;
  3050. return (s->session->psk_identity);
  3051. }
  3052. void SSL_set_psk_client_callback(SSL *s,
  3053. unsigned int (*cb) (SSL *ssl,
  3054. const char *hint,
  3055. char *identity,
  3056. unsigned int
  3057. max_identity_len,
  3058. unsigned char *psk,
  3059. unsigned int
  3060. max_psk_len))
  3061. {
  3062. s->psk_client_callback = cb;
  3063. }
  3064. void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx,
  3065. unsigned int (*cb) (SSL *ssl,
  3066. const char *hint,
  3067. char *identity,
  3068. unsigned int
  3069. max_identity_len,
  3070. unsigned char *psk,
  3071. unsigned int
  3072. max_psk_len))
  3073. {
  3074. ctx->psk_client_callback = cb;
  3075. }
  3076. void SSL_set_psk_server_callback(SSL *s,
  3077. unsigned int (*cb) (SSL *ssl,
  3078. const char *identity,
  3079. unsigned char *psk,
  3080. unsigned int
  3081. max_psk_len))
  3082. {
  3083. s->psk_server_callback = cb;
  3084. }
  3085. void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx,
  3086. unsigned int (*cb) (SSL *ssl,
  3087. const char *identity,
  3088. unsigned char *psk,
  3089. unsigned int
  3090. max_psk_len))
  3091. {
  3092. ctx->psk_server_callback = cb;
  3093. }
  3094. #endif
  3095. void SSL_CTX_set_msg_callback(SSL_CTX *ctx,
  3096. void (*cb) (int write_p, int version,
  3097. int content_type, const void *buf,
  3098. size_t len, SSL *ssl, void *arg))
  3099. {
  3100. SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb);
  3101. }
  3102. void SSL_set_msg_callback(SSL *ssl,
  3103. void (*cb) (int write_p, int version,
  3104. int content_type, const void *buf,
  3105. size_t len, SSL *ssl, void *arg))
  3106. {
  3107. SSL_callback_ctrl(ssl, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb);
  3108. }
  3109. /*
  3110. * Allocates new EVP_MD_CTX and sets pointer to it into given pointer
  3111. * vairable, freeing EVP_MD_CTX previously stored in that variable, if any.
  3112. * If EVP_MD pointer is passed, initializes ctx with this md Returns newly
  3113. * allocated ctx;
  3114. */
  3115. EVP_MD_CTX *ssl_replace_hash(EVP_MD_CTX **hash, const EVP_MD *md)
  3116. {
  3117. ssl_clear_hash_ctx(hash);
  3118. *hash = EVP_MD_CTX_create();
  3119. if (*hash == NULL || (md && EVP_DigestInit_ex(*hash, md, NULL) <= 0)) {
  3120. EVP_MD_CTX_destroy(*hash);
  3121. *hash = NULL;
  3122. return NULL;
  3123. }
  3124. return *hash;
  3125. }
  3126. void ssl_clear_hash_ctx(EVP_MD_CTX **hash)
  3127. {
  3128. if (*hash)
  3129. EVP_MD_CTX_destroy(*hash);
  3130. *hash = NULL;
  3131. }
  3132. void SSL_set_debug(SSL *s, int debug)
  3133. {
  3134. s->debug = debug;
  3135. }
  3136. int SSL_cache_hit(SSL *s)
  3137. {
  3138. return s->hit;
  3139. }
  3140. int SSL_is_server(SSL *s)
  3141. {
  3142. return s->server;
  3143. }
  3144. #if defined(_WINDLL) && defined(OPENSSL_SYS_WIN16)
  3145. # include "../crypto/bio/bss_file.c"
  3146. #endif
  3147. IMPLEMENT_STACK_OF(SSL_CIPHER)
  3148. IMPLEMENT_STACK_OF(SSL_COMP)
  3149. IMPLEMENT_OBJ_BSEARCH_GLOBAL_CMP_FN(SSL_CIPHER, SSL_CIPHER, ssl_cipher_id);