ssl_lib.c 81 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225122612271228122912301231123212331234123512361237123812391240124112421243124412451246124712481249125012511252125312541255125612571258125912601261126212631264126512661267126812691270127112721273127412751276127712781279128012811282128312841285128612871288128912901291129212931294129512961297129812991300130113021303130413051306130713081309131013111312131313141315131613171318131913201321132213231324132513261327132813291330133113321333133413351336133713381339134013411342134313441345134613471348134913501351135213531354135513561357135813591360136113621363136413651366136713681369137013711372137313741375137613771378137913801381138213831384138513861387138813891390139113921393139413951396139713981399140014011402140314041405140614071408140914101411141214131414141514161417141814191420142114221423142414251426142714281429143014311432143314341435143614371438143914401441144214431444144514461447144814491450145114521453145414551456145714581459146014611462146314641465146614671468146914701471147214731474147514761477147814791480148114821483148414851486148714881489149014911492149314941495149614971498149915001501150215031504150515061507150815091510151115121513151415151516151715181519152015211522152315241525152615271528152915301531153215331534153515361537153815391540154115421543154415451546154715481549155015511552155315541555155615571558155915601561156215631564156515661567156815691570157115721573157415751576157715781579158015811582158315841585158615871588158915901591159215931594159515961597159815991600160116021603160416051606160716081609161016111612161316141615161616171618161916201621162216231624162516261627162816291630163116321633163416351636163716381639164016411642164316441645164616471648164916501651165216531654165516561657165816591660166116621663166416651666166716681669167016711672167316741675167616771678167916801681168216831684168516861687168816891690169116921693169416951696169716981699170017011702170317041705170617071708170917101711171217131714171517161717171817191720172117221723172417251726172717281729173017311732173317341735173617371738173917401741174217431744174517461747174817491750175117521753175417551756175717581759176017611762176317641765176617671768176917701771177217731774177517761777177817791780178117821783178417851786178717881789179017911792179317941795179617971798179918001801180218031804180518061807180818091810181118121813181418151816181718181819182018211822182318241825182618271828182918301831183218331834183518361837183818391840184118421843184418451846184718481849185018511852185318541855185618571858185918601861186218631864186518661867186818691870187118721873187418751876187718781879188018811882188318841885188618871888188918901891189218931894189518961897189818991900190119021903190419051906190719081909191019111912191319141915191619171918191919201921192219231924192519261927192819291930193119321933193419351936193719381939194019411942194319441945194619471948194919501951195219531954195519561957195819591960196119621963196419651966196719681969197019711972197319741975197619771978197919801981198219831984198519861987198819891990199119921993199419951996199719981999200020012002200320042005200620072008200920102011201220132014201520162017201820192020202120222023202420252026202720282029203020312032203320342035203620372038203920402041204220432044204520462047204820492050205120522053205420552056205720582059206020612062206320642065206620672068206920702071207220732074207520762077207820792080208120822083208420852086208720882089209020912092209320942095209620972098209921002101210221032104210521062107210821092110211121122113211421152116211721182119212021212122212321242125212621272128212921302131213221332134213521362137213821392140214121422143214421452146214721482149215021512152215321542155215621572158215921602161216221632164216521662167216821692170217121722173217421752176217721782179218021812182218321842185218621872188218921902191219221932194219521962197219821992200220122022203220422052206220722082209221022112212221322142215221622172218221922202221222222232224222522262227222822292230223122322233223422352236223722382239224022412242224322442245224622472248224922502251225222532254225522562257225822592260226122622263226422652266226722682269227022712272227322742275227622772278227922802281228222832284228522862287228822892290229122922293229422952296229722982299230023012302230323042305230623072308230923102311231223132314231523162317231823192320232123222323232423252326232723282329233023312332233323342335233623372338233923402341234223432344234523462347234823492350235123522353235423552356235723582359236023612362236323642365236623672368236923702371237223732374237523762377237823792380238123822383238423852386238723882389239023912392239323942395239623972398239924002401240224032404240524062407240824092410241124122413241424152416241724182419242024212422242324242425242624272428242924302431243224332434243524362437243824392440244124422443244424452446244724482449245024512452245324542455245624572458245924602461246224632464246524662467246824692470247124722473247424752476247724782479248024812482248324842485248624872488248924902491249224932494249524962497249824992500250125022503250425052506250725082509251025112512251325142515251625172518251925202521252225232524252525262527252825292530253125322533253425352536253725382539254025412542254325442545254625472548254925502551255225532554255525562557255825592560256125622563256425652566256725682569257025712572257325742575257625772578257925802581258225832584258525862587258825892590259125922593259425952596259725982599260026012602260326042605260626072608260926102611261226132614261526162617261826192620262126222623262426252626262726282629263026312632263326342635263626372638263926402641264226432644264526462647264826492650265126522653265426552656265726582659266026612662266326642665266626672668266926702671267226732674267526762677267826792680268126822683268426852686268726882689269026912692269326942695269626972698269927002701270227032704270527062707270827092710271127122713271427152716271727182719272027212722272327242725272627272728272927302731273227332734273527362737273827392740274127422743274427452746274727482749275027512752275327542755275627572758275927602761276227632764276527662767276827692770277127722773277427752776277727782779278027812782278327842785278627872788278927902791279227932794279527962797279827992800280128022803280428052806280728082809281028112812281328142815281628172818281928202821282228232824282528262827282828292830283128322833283428352836283728382839284028412842284328442845284628472848284928502851285228532854285528562857285828592860286128622863286428652866286728682869287028712872287328742875287628772878287928802881288228832884288528862887288828892890289128922893289428952896289728982899290029012902290329042905290629072908290929102911291229132914291529162917291829192920292129222923292429252926292729282929293029312932293329342935293629372938293929402941294229432944294529462947294829492950295129522953295429552956295729582959296029612962296329642965296629672968296929702971297229732974297529762977297829792980298129822983298429852986298729882989299029912992299329942995299629972998299930003001300230033004300530063007300830093010301130123013301430153016301730183019302030213022302330243025302630273028302930303031303230333034303530363037303830393040304130423043304430453046304730483049305030513052305330543055305630573058305930603061306230633064306530663067306830693070307130723073307430753076307730783079308030813082308330843085308630873088308930903091309230933094309530963097309830993100310131023103310431053106310731083109311031113112311331143115311631173118311931203121312231233124312531263127312831293130313131323133313431353136313731383139314031413142314331443145314631473148314931503151315231533154315531563157315831593160316131623163316431653166316731683169317031713172317331743175317631773178317931803181318231833184318531863187318831893190319131923193319431953196319731983199320032013202320332043205320632073208320932103211321232133214321532163217321832193220322132223223322432253226322732283229323032313232323332343235323632373238323932403241324232433244
  1. /*! \file ssl/ssl_lib.c
  2. * \brief Version independent SSL functions.
  3. */
  4. /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  5. * All rights reserved.
  6. *
  7. * This package is an SSL implementation written
  8. * by Eric Young (eay@cryptsoft.com).
  9. * The implementation was written so as to conform with Netscapes SSL.
  10. *
  11. * This library is free for commercial and non-commercial use as long as
  12. * the following conditions are aheared to. The following conditions
  13. * apply to all code found in this distribution, be it the RC4, RSA,
  14. * lhash, DES, etc., code; not just the SSL code. The SSL documentation
  15. * included with this distribution is covered by the same copyright terms
  16. * except that the holder is Tim Hudson (tjh@cryptsoft.com).
  17. *
  18. * Copyright remains Eric Young's, and as such any Copyright notices in
  19. * the code are not to be removed.
  20. * If this package is used in a product, Eric Young should be given attribution
  21. * as the author of the parts of the library used.
  22. * This can be in the form of a textual message at program startup or
  23. * in documentation (online or textual) provided with the package.
  24. *
  25. * Redistribution and use in source and binary forms, with or without
  26. * modification, are permitted provided that the following conditions
  27. * are met:
  28. * 1. Redistributions of source code must retain the copyright
  29. * notice, this list of conditions and the following disclaimer.
  30. * 2. Redistributions in binary form must reproduce the above copyright
  31. * notice, this list of conditions and the following disclaimer in the
  32. * documentation and/or other materials provided with the distribution.
  33. * 3. All advertising materials mentioning features or use of this software
  34. * must display the following acknowledgement:
  35. * "This product includes cryptographic software written by
  36. * Eric Young (eay@cryptsoft.com)"
  37. * The word 'cryptographic' can be left out if the rouines from the library
  38. * being used are not cryptographic related :-).
  39. * 4. If you include any Windows specific code (or a derivative thereof) from
  40. * the apps directory (application code) you must include an acknowledgement:
  41. * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
  42. *
  43. * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
  44. * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  45. * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  46. * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
  47. * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  48. * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  49. * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  50. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  51. * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  52. * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  53. * SUCH DAMAGE.
  54. *
  55. * The licence and distribution terms for any publically available version or
  56. * derivative of this code cannot be changed. i.e. this code cannot simply be
  57. * copied and put under another distribution licence
  58. * [including the GNU Public Licence.]
  59. */
  60. /* ====================================================================
  61. * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
  62. *
  63. * Redistribution and use in source and binary forms, with or without
  64. * modification, are permitted provided that the following conditions
  65. * are met:
  66. *
  67. * 1. Redistributions of source code must retain the above copyright
  68. * notice, this list of conditions and the following disclaimer.
  69. *
  70. * 2. Redistributions in binary form must reproduce the above copyright
  71. * notice, this list of conditions and the following disclaimer in
  72. * the documentation and/or other materials provided with the
  73. * distribution.
  74. *
  75. * 3. All advertising materials mentioning features or use of this
  76. * software must display the following acknowledgment:
  77. * "This product includes software developed by the OpenSSL Project
  78. * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
  79. *
  80. * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
  81. * endorse or promote products derived from this software without
  82. * prior written permission. For written permission, please contact
  83. * openssl-core@openssl.org.
  84. *
  85. * 5. Products derived from this software may not be called "OpenSSL"
  86. * nor may "OpenSSL" appear in their names without prior written
  87. * permission of the OpenSSL Project.
  88. *
  89. * 6. Redistributions of any form whatsoever must retain the following
  90. * acknowledgment:
  91. * "This product includes software developed by the OpenSSL Project
  92. * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
  93. *
  94. * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
  95. * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  96. * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  97. * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
  98. * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  99. * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  100. * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  101. * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  102. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  103. * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  104. * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  105. * OF THE POSSIBILITY OF SUCH DAMAGE.
  106. * ====================================================================
  107. *
  108. * This product includes cryptographic software written by Eric Young
  109. * (eay@cryptsoft.com). This product includes software written by Tim
  110. * Hudson (tjh@cryptsoft.com).
  111. *
  112. */
  113. /* ====================================================================
  114. * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
  115. * ECC cipher suite support in OpenSSL originally developed by
  116. * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
  117. */
  118. /* ====================================================================
  119. * Copyright 2005 Nokia. All rights reserved.
  120. *
  121. * The portions of the attached software ("Contribution") is developed by
  122. * Nokia Corporation and is licensed pursuant to the OpenSSL open source
  123. * license.
  124. *
  125. * The Contribution, originally written by Mika Kousa and Pasi Eronen of
  126. * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
  127. * support (see RFC 4279) to OpenSSL.
  128. *
  129. * No patent licenses or other rights except those expressly stated in
  130. * the OpenSSL open source license shall be deemed granted or received
  131. * expressly, by implication, estoppel, or otherwise.
  132. *
  133. * No assurances are provided by Nokia that the Contribution does not
  134. * infringe the patent or other intellectual property rights of any third
  135. * party or that the license provides you with all the necessary rights
  136. * to make use of the Contribution.
  137. *
  138. * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
  139. * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
  140. * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
  141. * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
  142. * OTHERWISE.
  143. */
  144. #ifdef REF_CHECK
  145. # include <assert.h>
  146. #endif
  147. #include <stdio.h>
  148. #include <openssl/crypto.h>
  149. #include "ssl_locl.h"
  150. #include "kssl_lcl.h"
  151. #include <openssl/objects.h>
  152. #include <openssl/lhash.h>
  153. #include <openssl/x509v3.h>
  154. #include <openssl/rand.h>
  155. #include <openssl/ocsp.h>
  156. #ifndef OPENSSL_NO_DH
  157. #include <openssl/dh.h>
  158. #endif
  159. #ifndef OPENSSL_NO_ENGINE
  160. #include <openssl/engine.h>
  161. #endif
  162. const char *SSL_version_str=OPENSSL_VERSION_TEXT;
  163. SSL3_ENC_METHOD ssl3_undef_enc_method={
  164. /* evil casts, but these functions are only called if there's a library bug */
  165. (int (*)(SSL *,int))ssl_undefined_function,
  166. (int (*)(SSL *, unsigned char *, int))ssl_undefined_function,
  167. ssl_undefined_function,
  168. (int (*)(SSL *, unsigned char *, unsigned char *, int))ssl_undefined_function,
  169. (int (*)(SSL*, int))ssl_undefined_function,
  170. (int (*)(SSL *, const char*, int, unsigned char *))ssl_undefined_function,
  171. 0, /* finish_mac_length */
  172. (int (*)(SSL *, int, unsigned char *))ssl_undefined_function,
  173. NULL, /* client_finished_label */
  174. 0, /* client_finished_label_len */
  175. NULL, /* server_finished_label */
  176. 0, /* server_finished_label_len */
  177. (int (*)(int))ssl_undefined_function
  178. };
  179. int SSL_clear(SSL *s)
  180. {
  181. if (s->method == NULL)
  182. {
  183. SSLerr(SSL_F_SSL_CLEAR,SSL_R_NO_METHOD_SPECIFIED);
  184. return(0);
  185. }
  186. if (ssl_clear_bad_session(s))
  187. {
  188. SSL_SESSION_free(s->session);
  189. s->session=NULL;
  190. }
  191. s->error=0;
  192. s->hit=0;
  193. s->shutdown=0;
  194. #if 0 /* Disabled since version 1.10 of this file (early return not
  195. * needed because SSL_clear is not called when doing renegotiation) */
  196. /* This is set if we are doing dynamic renegotiation so keep
  197. * the old cipher. It is sort of a SSL_clear_lite :-) */
  198. if (s->renegotiate) return(1);
  199. #else
  200. if (s->renegotiate)
  201. {
  202. SSLerr(SSL_F_SSL_CLEAR,ERR_R_INTERNAL_ERROR);
  203. return 0;
  204. }
  205. #endif
  206. s->type=0;
  207. s->state=SSL_ST_BEFORE|((s->server)?SSL_ST_ACCEPT:SSL_ST_CONNECT);
  208. s->version=s->method->version;
  209. s->client_version=s->version;
  210. s->rwstate=SSL_NOTHING;
  211. s->rstate=SSL_ST_READ_HEADER;
  212. #if 0
  213. s->read_ahead=s->ctx->read_ahead;
  214. #endif
  215. if (s->init_buf != NULL)
  216. {
  217. BUF_MEM_free(s->init_buf);
  218. s->init_buf=NULL;
  219. }
  220. ssl_clear_cipher_ctx(s);
  221. ssl_clear_hash_ctx(&s->read_hash);
  222. ssl_clear_hash_ctx(&s->write_hash);
  223. s->first_packet=0;
  224. #if 1
  225. /* Check to see if we were changed into a different method, if
  226. * so, revert back if we are not doing session-id reuse. */
  227. if (!s->in_handshake && (s->session == NULL) && (s->method != s->ctx->method))
  228. {
  229. s->method->ssl_free(s);
  230. s->method=s->ctx->method;
  231. if (!s->method->ssl_new(s))
  232. return(0);
  233. }
  234. else
  235. #endif
  236. s->method->ssl_clear(s);
  237. return(1);
  238. }
  239. /** Used to change an SSL_CTXs default SSL method type */
  240. int SSL_CTX_set_ssl_version(SSL_CTX *ctx,const SSL_METHOD *meth)
  241. {
  242. STACK_OF(SSL_CIPHER) *sk;
  243. ctx->method=meth;
  244. sk=ssl_create_cipher_list(ctx->method,&(ctx->cipher_list),
  245. &(ctx->cipher_list_by_id),
  246. meth->version == SSL2_VERSION ? "SSLv2" : SSL_DEFAULT_CIPHER_LIST);
  247. if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0))
  248. {
  249. SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION,SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
  250. return(0);
  251. }
  252. return(1);
  253. }
  254. SSL *SSL_new(SSL_CTX *ctx)
  255. {
  256. SSL *s;
  257. if (ctx == NULL)
  258. {
  259. SSLerr(SSL_F_SSL_NEW,SSL_R_NULL_SSL_CTX);
  260. return(NULL);
  261. }
  262. if (ctx->method == NULL)
  263. {
  264. SSLerr(SSL_F_SSL_NEW,SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION);
  265. return(NULL);
  266. }
  267. s=(SSL *)OPENSSL_malloc(sizeof(SSL));
  268. if (s == NULL) goto err;
  269. memset(s,0,sizeof(SSL));
  270. #ifndef OPENSSL_NO_KRB5
  271. s->kssl_ctx = kssl_ctx_new();
  272. #endif /* OPENSSL_NO_KRB5 */
  273. s->options=ctx->options;
  274. s->mode=ctx->mode;
  275. s->max_cert_list=ctx->max_cert_list;
  276. if (ctx->cert != NULL)
  277. {
  278. /* Earlier library versions used to copy the pointer to
  279. * the CERT, not its contents; only when setting new
  280. * parameters for the per-SSL copy, ssl_cert_new would be
  281. * called (and the direct reference to the per-SSL_CTX
  282. * settings would be lost, but those still were indirectly
  283. * accessed for various purposes, and for that reason they
  284. * used to be known as s->ctx->default_cert).
  285. * Now we don't look at the SSL_CTX's CERT after having
  286. * duplicated it once. */
  287. s->cert = ssl_cert_dup(ctx->cert);
  288. if (s->cert == NULL)
  289. goto err;
  290. }
  291. else
  292. s->cert=NULL; /* Cannot really happen (see SSL_CTX_new) */
  293. s->read_ahead=ctx->read_ahead;
  294. s->msg_callback=ctx->msg_callback;
  295. s->msg_callback_arg=ctx->msg_callback_arg;
  296. s->verify_mode=ctx->verify_mode;
  297. s->not_resumable_session_cb=ctx->not_resumable_session_cb;
  298. #if 0
  299. s->verify_depth=ctx->verify_depth;
  300. #endif
  301. s->sid_ctx_length=ctx->sid_ctx_length;
  302. OPENSSL_assert(s->sid_ctx_length <= sizeof s->sid_ctx);
  303. memcpy(&s->sid_ctx,&ctx->sid_ctx,sizeof(s->sid_ctx));
  304. s->verify_callback=ctx->default_verify_callback;
  305. s->generate_session_id=ctx->generate_session_id;
  306. s->param = X509_VERIFY_PARAM_new();
  307. if (!s->param)
  308. goto err;
  309. X509_VERIFY_PARAM_inherit(s->param, ctx->param);
  310. #if 0
  311. s->purpose = ctx->purpose;
  312. s->trust = ctx->trust;
  313. #endif
  314. s->quiet_shutdown=ctx->quiet_shutdown;
  315. s->max_send_fragment = ctx->max_send_fragment;
  316. CRYPTO_add(&ctx->references,1,CRYPTO_LOCK_SSL_CTX);
  317. s->ctx=ctx;
  318. #ifndef OPENSSL_NO_TLSEXT
  319. s->tlsext_debug_cb = 0;
  320. s->tlsext_debug_arg = NULL;
  321. s->tlsext_ticket_expected = 0;
  322. s->tlsext_status_type = -1;
  323. s->tlsext_status_expected = 0;
  324. s->tlsext_ocsp_ids = NULL;
  325. s->tlsext_ocsp_exts = NULL;
  326. s->tlsext_ocsp_resp = NULL;
  327. s->tlsext_ocsp_resplen = -1;
  328. CRYPTO_add(&ctx->references,1,CRYPTO_LOCK_SSL_CTX);
  329. s->initial_ctx=ctx;
  330. # ifndef OPENSSL_NO_NEXTPROTONEG
  331. s->next_proto_negotiated = NULL;
  332. # endif
  333. #endif
  334. s->verify_result=X509_V_OK;
  335. s->method=ctx->method;
  336. if (!s->method->ssl_new(s))
  337. goto err;
  338. s->references=1;
  339. s->server=(ctx->method->ssl_accept == ssl_undefined_function)?0:1;
  340. SSL_clear(s);
  341. CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
  342. #ifndef OPENSSL_NO_PSK
  343. s->psk_client_callback=ctx->psk_client_callback;
  344. s->psk_server_callback=ctx->psk_server_callback;
  345. #endif
  346. return(s);
  347. err:
  348. if (s != NULL)
  349. {
  350. if (s->cert != NULL)
  351. ssl_cert_free(s->cert);
  352. if (s->ctx != NULL)
  353. SSL_CTX_free(s->ctx); /* decrement reference count */
  354. OPENSSL_free(s);
  355. }
  356. SSLerr(SSL_F_SSL_NEW,ERR_R_MALLOC_FAILURE);
  357. return(NULL);
  358. }
  359. int SSL_CTX_set_session_id_context(SSL_CTX *ctx,const unsigned char *sid_ctx,
  360. unsigned int sid_ctx_len)
  361. {
  362. if(sid_ctx_len > sizeof ctx->sid_ctx)
  363. {
  364. SSLerr(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT,SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
  365. return 0;
  366. }
  367. ctx->sid_ctx_length=sid_ctx_len;
  368. memcpy(ctx->sid_ctx,sid_ctx,sid_ctx_len);
  369. return 1;
  370. }
  371. int SSL_set_session_id_context(SSL *ssl,const unsigned char *sid_ctx,
  372. unsigned int sid_ctx_len)
  373. {
  374. if(sid_ctx_len > SSL_MAX_SID_CTX_LENGTH)
  375. {
  376. SSLerr(SSL_F_SSL_SET_SESSION_ID_CONTEXT,SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
  377. return 0;
  378. }
  379. ssl->sid_ctx_length=sid_ctx_len;
  380. memcpy(ssl->sid_ctx,sid_ctx,sid_ctx_len);
  381. return 1;
  382. }
  383. int SSL_CTX_set_generate_session_id(SSL_CTX *ctx, GEN_SESSION_CB cb)
  384. {
  385. CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
  386. ctx->generate_session_id = cb;
  387. CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
  388. return 1;
  389. }
  390. int SSL_set_generate_session_id(SSL *ssl, GEN_SESSION_CB cb)
  391. {
  392. CRYPTO_w_lock(CRYPTO_LOCK_SSL);
  393. ssl->generate_session_id = cb;
  394. CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
  395. return 1;
  396. }
  397. int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
  398. unsigned int id_len)
  399. {
  400. /* A quick examination of SSL_SESSION_hash and SSL_SESSION_cmp shows how
  401. * we can "construct" a session to give us the desired check - ie. to
  402. * find if there's a session in the hash table that would conflict with
  403. * any new session built out of this id/id_len and the ssl_version in
  404. * use by this SSL. */
  405. SSL_SESSION r, *p;
  406. if(id_len > sizeof r.session_id)
  407. return 0;
  408. r.ssl_version = ssl->version;
  409. r.session_id_length = id_len;
  410. memcpy(r.session_id, id, id_len);
  411. /* NB: SSLv2 always uses a fixed 16-byte session ID, so even if a
  412. * callback is calling us to check the uniqueness of a shorter ID, it
  413. * must be compared as a padded-out ID because that is what it will be
  414. * converted to when the callback has finished choosing it. */
  415. if((r.ssl_version == SSL2_VERSION) &&
  416. (id_len < SSL2_SSL_SESSION_ID_LENGTH))
  417. {
  418. memset(r.session_id + id_len, 0,
  419. SSL2_SSL_SESSION_ID_LENGTH - id_len);
  420. r.session_id_length = SSL2_SSL_SESSION_ID_LENGTH;
  421. }
  422. CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
  423. p = lh_SSL_SESSION_retrieve(ssl->ctx->sessions, &r);
  424. CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
  425. return (p != NULL);
  426. }
  427. int SSL_CTX_set_purpose(SSL_CTX *s, int purpose)
  428. {
  429. return X509_VERIFY_PARAM_set_purpose(s->param, purpose);
  430. }
  431. int SSL_set_purpose(SSL *s, int purpose)
  432. {
  433. return X509_VERIFY_PARAM_set_purpose(s->param, purpose);
  434. }
  435. int SSL_CTX_set_trust(SSL_CTX *s, int trust)
  436. {
  437. return X509_VERIFY_PARAM_set_trust(s->param, trust);
  438. }
  439. int SSL_set_trust(SSL *s, int trust)
  440. {
  441. return X509_VERIFY_PARAM_set_trust(s->param, trust);
  442. }
  443. int SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm)
  444. {
  445. return X509_VERIFY_PARAM_set1(ctx->param, vpm);
  446. }
  447. int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm)
  448. {
  449. return X509_VERIFY_PARAM_set1(ssl->param, vpm);
  450. }
  451. void SSL_free(SSL *s)
  452. {
  453. int i;
  454. if(s == NULL)
  455. return;
  456. i=CRYPTO_add(&s->references,-1,CRYPTO_LOCK_SSL);
  457. #ifdef REF_PRINT
  458. REF_PRINT("SSL",s);
  459. #endif
  460. if (i > 0) return;
  461. #ifdef REF_CHECK
  462. if (i < 0)
  463. {
  464. fprintf(stderr,"SSL_free, bad reference count\n");
  465. abort(); /* ok */
  466. }
  467. #endif
  468. if (s->param)
  469. X509_VERIFY_PARAM_free(s->param);
  470. CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
  471. if (s->bbio != NULL)
  472. {
  473. /* If the buffering BIO is in place, pop it off */
  474. if (s->bbio == s->wbio)
  475. {
  476. s->wbio=BIO_pop(s->wbio);
  477. }
  478. BIO_free(s->bbio);
  479. s->bbio=NULL;
  480. }
  481. if (s->rbio != NULL)
  482. BIO_free_all(s->rbio);
  483. if ((s->wbio != NULL) && (s->wbio != s->rbio))
  484. BIO_free_all(s->wbio);
  485. if (s->init_buf != NULL) BUF_MEM_free(s->init_buf);
  486. /* add extra stuff */
  487. if (s->cipher_list != NULL) sk_SSL_CIPHER_free(s->cipher_list);
  488. if (s->cipher_list_by_id != NULL) sk_SSL_CIPHER_free(s->cipher_list_by_id);
  489. /* Make the next call work :-) */
  490. if (s->session != NULL)
  491. {
  492. ssl_clear_bad_session(s);
  493. SSL_SESSION_free(s->session);
  494. }
  495. ssl_clear_cipher_ctx(s);
  496. ssl_clear_hash_ctx(&s->read_hash);
  497. ssl_clear_hash_ctx(&s->write_hash);
  498. if (s->cert != NULL) ssl_cert_free(s->cert);
  499. /* Free up if allocated */
  500. #ifndef OPENSSL_NO_TLSEXT
  501. if (s->tlsext_hostname)
  502. OPENSSL_free(s->tlsext_hostname);
  503. if (s->initial_ctx) SSL_CTX_free(s->initial_ctx);
  504. #ifndef OPENSSL_NO_EC
  505. if (s->tlsext_ecpointformatlist) OPENSSL_free(s->tlsext_ecpointformatlist);
  506. if (s->tlsext_ellipticcurvelist) OPENSSL_free(s->tlsext_ellipticcurvelist);
  507. #endif /* OPENSSL_NO_EC */
  508. if (s->tlsext_opaque_prf_input) OPENSSL_free(s->tlsext_opaque_prf_input);
  509. if (s->tlsext_ocsp_exts)
  510. sk_X509_EXTENSION_pop_free(s->tlsext_ocsp_exts,
  511. X509_EXTENSION_free);
  512. if (s->tlsext_ocsp_ids)
  513. sk_OCSP_RESPID_pop_free(s->tlsext_ocsp_ids, OCSP_RESPID_free);
  514. if (s->tlsext_ocsp_resp)
  515. OPENSSL_free(s->tlsext_ocsp_resp);
  516. #endif
  517. if (s->client_CA != NULL)
  518. sk_X509_NAME_pop_free(s->client_CA,X509_NAME_free);
  519. if (s->method != NULL) s->method->ssl_free(s);
  520. if (s->ctx) SSL_CTX_free(s->ctx);
  521. #ifndef OPENSSL_NO_KRB5
  522. if (s->kssl_ctx != NULL)
  523. kssl_ctx_free(s->kssl_ctx);
  524. #endif /* OPENSSL_NO_KRB5 */
  525. #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
  526. if (s->next_proto_negotiated)
  527. OPENSSL_free(s->next_proto_negotiated);
  528. #endif
  529. OPENSSL_free(s);
  530. }
  531. void SSL_set_bio(SSL *s,BIO *rbio,BIO *wbio)
  532. {
  533. /* If the output buffering BIO is still in place, remove it
  534. */
  535. if (s->bbio != NULL)
  536. {
  537. if (s->wbio == s->bbio)
  538. {
  539. s->wbio=s->wbio->next_bio;
  540. s->bbio->next_bio=NULL;
  541. }
  542. }
  543. if ((s->rbio != NULL) && (s->rbio != rbio))
  544. BIO_free_all(s->rbio);
  545. if ((s->wbio != NULL) && (s->wbio != wbio) && (s->rbio != s->wbio))
  546. BIO_free_all(s->wbio);
  547. s->rbio=rbio;
  548. s->wbio=wbio;
  549. }
  550. BIO *SSL_get_rbio(const SSL *s)
  551. { return(s->rbio); }
  552. BIO *SSL_get_wbio(const SSL *s)
  553. { return(s->wbio); }
  554. int SSL_get_fd(const SSL *s)
  555. {
  556. return(SSL_get_rfd(s));
  557. }
  558. int SSL_get_rfd(const SSL *s)
  559. {
  560. int ret= -1;
  561. BIO *b,*r;
  562. b=SSL_get_rbio(s);
  563. r=BIO_find_type(b,BIO_TYPE_DESCRIPTOR);
  564. if (r != NULL)
  565. BIO_get_fd(r,&ret);
  566. return(ret);
  567. }
  568. int SSL_get_wfd(const SSL *s)
  569. {
  570. int ret= -1;
  571. BIO *b,*r;
  572. b=SSL_get_wbio(s);
  573. r=BIO_find_type(b,BIO_TYPE_DESCRIPTOR);
  574. if (r != NULL)
  575. BIO_get_fd(r,&ret);
  576. return(ret);
  577. }
  578. #ifndef OPENSSL_NO_SOCK
  579. int SSL_set_fd(SSL *s,int fd)
  580. {
  581. int ret=0;
  582. BIO *bio=NULL;
  583. bio=BIO_new(BIO_s_socket());
  584. if (bio == NULL)
  585. {
  586. SSLerr(SSL_F_SSL_SET_FD,ERR_R_BUF_LIB);
  587. goto err;
  588. }
  589. BIO_set_fd(bio,fd,BIO_NOCLOSE);
  590. SSL_set_bio(s,bio,bio);
  591. ret=1;
  592. err:
  593. return(ret);
  594. }
  595. int SSL_set_wfd(SSL *s,int fd)
  596. {
  597. int ret=0;
  598. BIO *bio=NULL;
  599. if ((s->rbio == NULL) || (BIO_method_type(s->rbio) != BIO_TYPE_SOCKET)
  600. || ((int)BIO_get_fd(s->rbio,NULL) != fd))
  601. {
  602. bio=BIO_new(BIO_s_socket());
  603. if (bio == NULL)
  604. { SSLerr(SSL_F_SSL_SET_WFD,ERR_R_BUF_LIB); goto err; }
  605. BIO_set_fd(bio,fd,BIO_NOCLOSE);
  606. SSL_set_bio(s,SSL_get_rbio(s),bio);
  607. }
  608. else
  609. SSL_set_bio(s,SSL_get_rbio(s),SSL_get_rbio(s));
  610. ret=1;
  611. err:
  612. return(ret);
  613. }
  614. int SSL_set_rfd(SSL *s,int fd)
  615. {
  616. int ret=0;
  617. BIO *bio=NULL;
  618. if ((s->wbio == NULL) || (BIO_method_type(s->wbio) != BIO_TYPE_SOCKET)
  619. || ((int)BIO_get_fd(s->wbio,NULL) != fd))
  620. {
  621. bio=BIO_new(BIO_s_socket());
  622. if (bio == NULL)
  623. {
  624. SSLerr(SSL_F_SSL_SET_RFD,ERR_R_BUF_LIB);
  625. goto err;
  626. }
  627. BIO_set_fd(bio,fd,BIO_NOCLOSE);
  628. SSL_set_bio(s,bio,SSL_get_wbio(s));
  629. }
  630. else
  631. SSL_set_bio(s,SSL_get_wbio(s),SSL_get_wbio(s));
  632. ret=1;
  633. err:
  634. return(ret);
  635. }
  636. #endif
  637. /* return length of latest Finished message we sent, copy to 'buf' */
  638. size_t SSL_get_finished(const SSL *s, void *buf, size_t count)
  639. {
  640. size_t ret = 0;
  641. if (s->s3 != NULL)
  642. {
  643. ret = s->s3->tmp.finish_md_len;
  644. if (count > ret)
  645. count = ret;
  646. memcpy(buf, s->s3->tmp.finish_md, count);
  647. }
  648. return ret;
  649. }
  650. /* return length of latest Finished message we expected, copy to 'buf' */
  651. size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count)
  652. {
  653. size_t ret = 0;
  654. if (s->s3 != NULL)
  655. {
  656. ret = s->s3->tmp.peer_finish_md_len;
  657. if (count > ret)
  658. count = ret;
  659. memcpy(buf, s->s3->tmp.peer_finish_md, count);
  660. }
  661. return ret;
  662. }
  663. int SSL_get_verify_mode(const SSL *s)
  664. {
  665. return(s->verify_mode);
  666. }
  667. int SSL_get_verify_depth(const SSL *s)
  668. {
  669. return X509_VERIFY_PARAM_get_depth(s->param);
  670. }
  671. int (*SSL_get_verify_callback(const SSL *s))(int,X509_STORE_CTX *)
  672. {
  673. return(s->verify_callback);
  674. }
  675. int SSL_CTX_get_verify_mode(const SSL_CTX *ctx)
  676. {
  677. return(ctx->verify_mode);
  678. }
  679. int SSL_CTX_get_verify_depth(const SSL_CTX *ctx)
  680. {
  681. return X509_VERIFY_PARAM_get_depth(ctx->param);
  682. }
  683. int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))(int,X509_STORE_CTX *)
  684. {
  685. return(ctx->default_verify_callback);
  686. }
  687. void SSL_set_verify(SSL *s,int mode,
  688. int (*callback)(int ok,X509_STORE_CTX *ctx))
  689. {
  690. s->verify_mode=mode;
  691. if (callback != NULL)
  692. s->verify_callback=callback;
  693. }
  694. void SSL_set_verify_depth(SSL *s,int depth)
  695. {
  696. X509_VERIFY_PARAM_set_depth(s->param, depth);
  697. }
  698. void SSL_set_read_ahead(SSL *s,int yes)
  699. {
  700. s->read_ahead=yes;
  701. }
  702. int SSL_get_read_ahead(const SSL *s)
  703. {
  704. return(s->read_ahead);
  705. }
  706. int SSL_pending(const SSL *s)
  707. {
  708. /* SSL_pending cannot work properly if read-ahead is enabled
  709. * (SSL_[CTX_]ctrl(..., SSL_CTRL_SET_READ_AHEAD, 1, NULL)),
  710. * and it is impossible to fix since SSL_pending cannot report
  711. * errors that may be observed while scanning the new data.
  712. * (Note that SSL_pending() is often used as a boolean value,
  713. * so we'd better not return -1.)
  714. */
  715. return(s->method->ssl_pending(s));
  716. }
  717. X509 *SSL_get_peer_certificate(const SSL *s)
  718. {
  719. X509 *r;
  720. if ((s == NULL) || (s->session == NULL))
  721. r=NULL;
  722. else
  723. r=s->session->peer;
  724. if (r == NULL) return(r);
  725. CRYPTO_add(&r->references,1,CRYPTO_LOCK_X509);
  726. return(r);
  727. }
  728. STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *s)
  729. {
  730. STACK_OF(X509) *r;
  731. if ((s == NULL) || (s->session == NULL) || (s->session->sess_cert == NULL))
  732. r=NULL;
  733. else
  734. r=s->session->sess_cert->cert_chain;
  735. /* If we are a client, cert_chain includes the peer's own
  736. * certificate; if we are a server, it does not. */
  737. return(r);
  738. }
  739. /* Now in theory, since the calling process own 't' it should be safe to
  740. * modify. We need to be able to read f without being hassled */
  741. void SSL_copy_session_id(SSL *t,const SSL *f)
  742. {
  743. CERT *tmp;
  744. /* Do we need to to SSL locking? */
  745. SSL_set_session(t,SSL_get_session(f));
  746. /* what if we are setup as SSLv2 but want to talk SSLv3 or
  747. * vice-versa */
  748. if (t->method != f->method)
  749. {
  750. t->method->ssl_free(t); /* cleanup current */
  751. t->method=f->method; /* change method */
  752. t->method->ssl_new(t); /* setup new */
  753. }
  754. tmp=t->cert;
  755. if (f->cert != NULL)
  756. {
  757. CRYPTO_add(&f->cert->references,1,CRYPTO_LOCK_SSL_CERT);
  758. t->cert=f->cert;
  759. }
  760. else
  761. t->cert=NULL;
  762. if (tmp != NULL) ssl_cert_free(tmp);
  763. SSL_set_session_id_context(t,f->sid_ctx,f->sid_ctx_length);
  764. }
  765. /* Fix this so it checks all the valid key/cert options */
  766. int SSL_CTX_check_private_key(const SSL_CTX *ctx)
  767. {
  768. if ( (ctx == NULL) ||
  769. (ctx->cert == NULL) ||
  770. (ctx->cert->key->x509 == NULL))
  771. {
  772. SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,SSL_R_NO_CERTIFICATE_ASSIGNED);
  773. return(0);
  774. }
  775. if (ctx->cert->key->privatekey == NULL)
  776. {
  777. SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,SSL_R_NO_PRIVATE_KEY_ASSIGNED);
  778. return(0);
  779. }
  780. return(X509_check_private_key(ctx->cert->key->x509, ctx->cert->key->privatekey));
  781. }
  782. /* Fix this function so that it takes an optional type parameter */
  783. int SSL_check_private_key(const SSL *ssl)
  784. {
  785. if (ssl == NULL)
  786. {
  787. SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,ERR_R_PASSED_NULL_PARAMETER);
  788. return(0);
  789. }
  790. if (ssl->cert == NULL)
  791. {
  792. SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,SSL_R_NO_CERTIFICATE_ASSIGNED);
  793. return 0;
  794. }
  795. if (ssl->cert->key->x509 == NULL)
  796. {
  797. SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,SSL_R_NO_CERTIFICATE_ASSIGNED);
  798. return(0);
  799. }
  800. if (ssl->cert->key->privatekey == NULL)
  801. {
  802. SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,SSL_R_NO_PRIVATE_KEY_ASSIGNED);
  803. return(0);
  804. }
  805. return(X509_check_private_key(ssl->cert->key->x509,
  806. ssl->cert->key->privatekey));
  807. }
  808. int SSL_accept(SSL *s)
  809. {
  810. if (s->handshake_func == 0)
  811. /* Not properly initialized yet */
  812. SSL_set_accept_state(s);
  813. return(s->method->ssl_accept(s));
  814. }
  815. int SSL_connect(SSL *s)
  816. {
  817. if (s->handshake_func == 0)
  818. /* Not properly initialized yet */
  819. SSL_set_connect_state(s);
  820. return(s->method->ssl_connect(s));
  821. }
  822. long SSL_get_default_timeout(const SSL *s)
  823. {
  824. return(s->method->get_timeout());
  825. }
  826. int SSL_read(SSL *s,void *buf,int num)
  827. {
  828. if (s->handshake_func == 0)
  829. {
  830. SSLerr(SSL_F_SSL_READ, SSL_R_UNINITIALIZED);
  831. return -1;
  832. }
  833. if (s->shutdown & SSL_RECEIVED_SHUTDOWN)
  834. {
  835. s->rwstate=SSL_NOTHING;
  836. return(0);
  837. }
  838. return(s->method->ssl_read(s,buf,num));
  839. }
  840. int SSL_peek(SSL *s,void *buf,int num)
  841. {
  842. if (s->handshake_func == 0)
  843. {
  844. SSLerr(SSL_F_SSL_PEEK, SSL_R_UNINITIALIZED);
  845. return -1;
  846. }
  847. if (s->shutdown & SSL_RECEIVED_SHUTDOWN)
  848. {
  849. return(0);
  850. }
  851. return(s->method->ssl_peek(s,buf,num));
  852. }
  853. int SSL_write(SSL *s,const void *buf,int num)
  854. {
  855. if (s->handshake_func == 0)
  856. {
  857. SSLerr(SSL_F_SSL_WRITE, SSL_R_UNINITIALIZED);
  858. return -1;
  859. }
  860. if (s->shutdown & SSL_SENT_SHUTDOWN)
  861. {
  862. s->rwstate=SSL_NOTHING;
  863. SSLerr(SSL_F_SSL_WRITE,SSL_R_PROTOCOL_IS_SHUTDOWN);
  864. return(-1);
  865. }
  866. return(s->method->ssl_write(s,buf,num));
  867. }
  868. int SSL_shutdown(SSL *s)
  869. {
  870. /* Note that this function behaves differently from what one might
  871. * expect. Return values are 0 for no success (yet),
  872. * 1 for success; but calling it once is usually not enough,
  873. * even if blocking I/O is used (see ssl3_shutdown).
  874. */
  875. if (s->handshake_func == 0)
  876. {
  877. SSLerr(SSL_F_SSL_SHUTDOWN, SSL_R_UNINITIALIZED);
  878. return -1;
  879. }
  880. if ((s != NULL) && !SSL_in_init(s))
  881. return(s->method->ssl_shutdown(s));
  882. else
  883. return(1);
  884. }
  885. int SSL_renegotiate(SSL *s)
  886. {
  887. if (s->renegotiate == 0)
  888. s->renegotiate=1;
  889. s->new_session=1;
  890. return(s->method->ssl_renegotiate(s));
  891. }
  892. int SSL_renegotiate_abbreviated(SSL *s)
  893. {
  894. if (s->renegotiate == 0)
  895. s->renegotiate=1;
  896. s->new_session=0;
  897. return(s->method->ssl_renegotiate(s));
  898. }
  899. int SSL_renegotiate_pending(SSL *s)
  900. {
  901. /* becomes true when negotiation is requested;
  902. * false again once a handshake has finished */
  903. return (s->renegotiate != 0);
  904. }
  905. long SSL_ctrl(SSL *s,int cmd,long larg,void *parg)
  906. {
  907. long l;
  908. switch (cmd)
  909. {
  910. case SSL_CTRL_GET_READ_AHEAD:
  911. return(s->read_ahead);
  912. case SSL_CTRL_SET_READ_AHEAD:
  913. l=s->read_ahead;
  914. s->read_ahead=larg;
  915. return(l);
  916. case SSL_CTRL_SET_MSG_CALLBACK_ARG:
  917. s->msg_callback_arg = parg;
  918. return 1;
  919. case SSL_CTRL_OPTIONS:
  920. return(s->options|=larg);
  921. case SSL_CTRL_CLEAR_OPTIONS:
  922. return(s->options&=~larg);
  923. case SSL_CTRL_MODE:
  924. return(s->mode|=larg);
  925. case SSL_CTRL_CLEAR_MODE:
  926. return(s->mode &=~larg);
  927. case SSL_CTRL_GET_MAX_CERT_LIST:
  928. return(s->max_cert_list);
  929. case SSL_CTRL_SET_MAX_CERT_LIST:
  930. l=s->max_cert_list;
  931. s->max_cert_list=larg;
  932. return(l);
  933. case SSL_CTRL_SET_MTU:
  934. if (larg < (long)dtls1_min_mtu())
  935. return 0;
  936. if (SSL_version(s) == DTLS1_VERSION ||
  937. SSL_version(s) == DTLS1_BAD_VER)
  938. {
  939. s->d1->mtu = larg;
  940. return larg;
  941. }
  942. return 0;
  943. case SSL_CTRL_SET_MAX_SEND_FRAGMENT:
  944. if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH)
  945. return 0;
  946. s->max_send_fragment = larg;
  947. return 1;
  948. case SSL_CTRL_GET_RI_SUPPORT:
  949. if (s->s3)
  950. return s->s3->send_connection_binding;
  951. else return 0;
  952. default:
  953. return(s->method->ssl_ctrl(s,cmd,larg,parg));
  954. }
  955. }
  956. long SSL_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
  957. {
  958. switch(cmd)
  959. {
  960. case SSL_CTRL_SET_MSG_CALLBACK:
  961. s->msg_callback = (void (*)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg))(fp);
  962. return 1;
  963. default:
  964. return(s->method->ssl_callback_ctrl(s,cmd,fp));
  965. }
  966. }
  967. LHASH_OF(SSL_SESSION) *SSL_CTX_sessions(SSL_CTX *ctx)
  968. {
  969. return ctx->sessions;
  970. }
  971. long SSL_CTX_ctrl(SSL_CTX *ctx,int cmd,long larg,void *parg)
  972. {
  973. long l;
  974. switch (cmd)
  975. {
  976. case SSL_CTRL_GET_READ_AHEAD:
  977. return(ctx->read_ahead);
  978. case SSL_CTRL_SET_READ_AHEAD:
  979. l=ctx->read_ahead;
  980. ctx->read_ahead=larg;
  981. return(l);
  982. case SSL_CTRL_SET_MSG_CALLBACK_ARG:
  983. ctx->msg_callback_arg = parg;
  984. return 1;
  985. case SSL_CTRL_GET_MAX_CERT_LIST:
  986. return(ctx->max_cert_list);
  987. case SSL_CTRL_SET_MAX_CERT_LIST:
  988. l=ctx->max_cert_list;
  989. ctx->max_cert_list=larg;
  990. return(l);
  991. case SSL_CTRL_SET_SESS_CACHE_SIZE:
  992. l=ctx->session_cache_size;
  993. ctx->session_cache_size=larg;
  994. return(l);
  995. case SSL_CTRL_GET_SESS_CACHE_SIZE:
  996. return(ctx->session_cache_size);
  997. case SSL_CTRL_SET_SESS_CACHE_MODE:
  998. l=ctx->session_cache_mode;
  999. ctx->session_cache_mode=larg;
  1000. return(l);
  1001. case SSL_CTRL_GET_SESS_CACHE_MODE:
  1002. return(ctx->session_cache_mode);
  1003. case SSL_CTRL_SESS_NUMBER:
  1004. return(lh_SSL_SESSION_num_items(ctx->sessions));
  1005. case SSL_CTRL_SESS_CONNECT:
  1006. return(ctx->stats.sess_connect);
  1007. case SSL_CTRL_SESS_CONNECT_GOOD:
  1008. return(ctx->stats.sess_connect_good);
  1009. case SSL_CTRL_SESS_CONNECT_RENEGOTIATE:
  1010. return(ctx->stats.sess_connect_renegotiate);
  1011. case SSL_CTRL_SESS_ACCEPT:
  1012. return(ctx->stats.sess_accept);
  1013. case SSL_CTRL_SESS_ACCEPT_GOOD:
  1014. return(ctx->stats.sess_accept_good);
  1015. case SSL_CTRL_SESS_ACCEPT_RENEGOTIATE:
  1016. return(ctx->stats.sess_accept_renegotiate);
  1017. case SSL_CTRL_SESS_HIT:
  1018. return(ctx->stats.sess_hit);
  1019. case SSL_CTRL_SESS_CB_HIT:
  1020. return(ctx->stats.sess_cb_hit);
  1021. case SSL_CTRL_SESS_MISSES:
  1022. return(ctx->stats.sess_miss);
  1023. case SSL_CTRL_SESS_TIMEOUTS:
  1024. return(ctx->stats.sess_timeout);
  1025. case SSL_CTRL_SESS_CACHE_FULL:
  1026. return(ctx->stats.sess_cache_full);
  1027. case SSL_CTRL_OPTIONS:
  1028. return(ctx->options|=larg);
  1029. case SSL_CTRL_CLEAR_OPTIONS:
  1030. return(ctx->options&=~larg);
  1031. case SSL_CTRL_MODE:
  1032. return(ctx->mode|=larg);
  1033. case SSL_CTRL_CLEAR_MODE:
  1034. return(ctx->mode&=~larg);
  1035. case SSL_CTRL_SET_MAX_SEND_FRAGMENT:
  1036. if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH)
  1037. return 0;
  1038. ctx->max_send_fragment = larg;
  1039. return 1;
  1040. default:
  1041. return(ctx->method->ssl_ctx_ctrl(ctx,cmd,larg,parg));
  1042. }
  1043. }
  1044. long SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
  1045. {
  1046. switch(cmd)
  1047. {
  1048. case SSL_CTRL_SET_MSG_CALLBACK:
  1049. ctx->msg_callback = (void (*)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg))(fp);
  1050. return 1;
  1051. default:
  1052. return(ctx->method->ssl_ctx_callback_ctrl(ctx,cmd,fp));
  1053. }
  1054. }
  1055. int ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b)
  1056. {
  1057. long l;
  1058. l=a->id-b->id;
  1059. if (l == 0L)
  1060. return(0);
  1061. else
  1062. return((l > 0)?1:-1);
  1063. }
  1064. int ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap,
  1065. const SSL_CIPHER * const *bp)
  1066. {
  1067. long l;
  1068. l=(*ap)->id-(*bp)->id;
  1069. if (l == 0L)
  1070. return(0);
  1071. else
  1072. return((l > 0)?1:-1);
  1073. }
  1074. /** return a STACK of the ciphers available for the SSL and in order of
  1075. * preference */
  1076. STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s)
  1077. {
  1078. if (s != NULL)
  1079. {
  1080. if (s->cipher_list != NULL)
  1081. {
  1082. return(s->cipher_list);
  1083. }
  1084. else if ((s->ctx != NULL) &&
  1085. (s->ctx->cipher_list != NULL))
  1086. {
  1087. return(s->ctx->cipher_list);
  1088. }
  1089. }
  1090. return(NULL);
  1091. }
  1092. /** return a STACK of the ciphers available for the SSL and in order of
  1093. * algorithm id */
  1094. STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s)
  1095. {
  1096. if (s != NULL)
  1097. {
  1098. if (s->cipher_list_by_id != NULL)
  1099. {
  1100. return(s->cipher_list_by_id);
  1101. }
  1102. else if ((s->ctx != NULL) &&
  1103. (s->ctx->cipher_list_by_id != NULL))
  1104. {
  1105. return(s->ctx->cipher_list_by_id);
  1106. }
  1107. }
  1108. return(NULL);
  1109. }
  1110. /** The old interface to get the same thing as SSL_get_ciphers() */
  1111. const char *SSL_get_cipher_list(const SSL *s,int n)
  1112. {
  1113. SSL_CIPHER *c;
  1114. STACK_OF(SSL_CIPHER) *sk;
  1115. if (s == NULL) return(NULL);
  1116. sk=SSL_get_ciphers(s);
  1117. if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= n))
  1118. return(NULL);
  1119. c=sk_SSL_CIPHER_value(sk,n);
  1120. if (c == NULL) return(NULL);
  1121. return(c->name);
  1122. }
  1123. /** specify the ciphers to be used by default by the SSL_CTX */
  1124. int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str)
  1125. {
  1126. STACK_OF(SSL_CIPHER) *sk;
  1127. sk=ssl_create_cipher_list(ctx->method,&ctx->cipher_list,
  1128. &ctx->cipher_list_by_id,str);
  1129. /* ssl_create_cipher_list may return an empty stack if it
  1130. * was unable to find a cipher matching the given rule string
  1131. * (for example if the rule string specifies a cipher which
  1132. * has been disabled). This is not an error as far as
  1133. * ssl_create_cipher_list is concerned, and hence
  1134. * ctx->cipher_list and ctx->cipher_list_by_id has been
  1135. * updated. */
  1136. if (sk == NULL)
  1137. return 0;
  1138. else if (sk_SSL_CIPHER_num(sk) == 0)
  1139. {
  1140. SSLerr(SSL_F_SSL_CTX_SET_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH);
  1141. return 0;
  1142. }
  1143. return 1;
  1144. }
  1145. /** specify the ciphers to be used by the SSL */
  1146. int SSL_set_cipher_list(SSL *s,const char *str)
  1147. {
  1148. STACK_OF(SSL_CIPHER) *sk;
  1149. sk=ssl_create_cipher_list(s->ctx->method,&s->cipher_list,
  1150. &s->cipher_list_by_id,str);
  1151. /* see comment in SSL_CTX_set_cipher_list */
  1152. if (sk == NULL)
  1153. return 0;
  1154. else if (sk_SSL_CIPHER_num(sk) == 0)
  1155. {
  1156. SSLerr(SSL_F_SSL_SET_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH);
  1157. return 0;
  1158. }
  1159. return 1;
  1160. }
  1161. /* works well for SSLv2, not so good for SSLv3 */
  1162. char *SSL_get_shared_ciphers(const SSL *s,char *buf,int len)
  1163. {
  1164. char *p;
  1165. STACK_OF(SSL_CIPHER) *sk;
  1166. SSL_CIPHER *c;
  1167. int i;
  1168. if ((s->session == NULL) || (s->session->ciphers == NULL) ||
  1169. (len < 2))
  1170. return(NULL);
  1171. p=buf;
  1172. sk=s->session->ciphers;
  1173. for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
  1174. {
  1175. int n;
  1176. c=sk_SSL_CIPHER_value(sk,i);
  1177. n=strlen(c->name);
  1178. if (n+1 > len)
  1179. {
  1180. if (p != buf)
  1181. --p;
  1182. *p='\0';
  1183. return buf;
  1184. }
  1185. strcpy(p,c->name);
  1186. p+=n;
  1187. *(p++)=':';
  1188. len-=n+1;
  1189. }
  1190. p[-1]='\0';
  1191. return(buf);
  1192. }
  1193. int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p,
  1194. int (*put_cb)(const SSL_CIPHER *, unsigned char *))
  1195. {
  1196. int i,j=0;
  1197. SSL_CIPHER *c;
  1198. unsigned char *q;
  1199. #ifndef OPENSSL_NO_KRB5
  1200. int nokrb5 = !kssl_tgt_is_available(s->kssl_ctx);
  1201. #endif /* OPENSSL_NO_KRB5 */
  1202. if (sk == NULL) return(0);
  1203. q=p;
  1204. for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
  1205. {
  1206. c=sk_SSL_CIPHER_value(sk,i);
  1207. /* Skip TLS v1.2 only ciphersuites if lower than v1.2 */
  1208. if ((c->algorithm_ssl & SSL_TLSV1_2) &&
  1209. (TLS1_get_client_version(s) < TLS1_2_VERSION))
  1210. continue;
  1211. #ifndef OPENSSL_NO_KRB5
  1212. if (((c->algorithm_mkey & SSL_kKRB5) || (c->algorithm_auth & SSL_aKRB5)) &&
  1213. nokrb5)
  1214. continue;
  1215. #endif /* OPENSSL_NO_KRB5 */
  1216. #ifndef OPENSSL_NO_PSK
  1217. /* with PSK there must be client callback set */
  1218. if (((c->algorithm_mkey & SSL_kPSK) || (c->algorithm_auth & SSL_aPSK)) &&
  1219. s->psk_client_callback == NULL)
  1220. continue;
  1221. #endif /* OPENSSL_NO_PSK */
  1222. j = put_cb ? put_cb(c,p) : ssl_put_cipher_by_char(s,c,p);
  1223. p+=j;
  1224. }
  1225. /* If p == q, no ciphers and caller indicates an error. Otherwise
  1226. * add SCSV if not renegotiating.
  1227. */
  1228. if (p != q && !s->renegotiate)
  1229. {
  1230. static SSL_CIPHER scsv =
  1231. {
  1232. 0, NULL, SSL3_CK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0
  1233. };
  1234. j = put_cb ? put_cb(&scsv,p) : ssl_put_cipher_by_char(s,&scsv,p);
  1235. p+=j;
  1236. #ifdef OPENSSL_RI_DEBUG
  1237. fprintf(stderr, "SCSV sent by client\n");
  1238. #endif
  1239. }
  1240. return(p-q);
  1241. }
  1242. STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num,
  1243. STACK_OF(SSL_CIPHER) **skp)
  1244. {
  1245. const SSL_CIPHER *c;
  1246. STACK_OF(SSL_CIPHER) *sk;
  1247. int i,n;
  1248. if (s->s3)
  1249. s->s3->send_connection_binding = 0;
  1250. n=ssl_put_cipher_by_char(s,NULL,NULL);
  1251. if ((num%n) != 0)
  1252. {
  1253. SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
  1254. return(NULL);
  1255. }
  1256. if ((skp == NULL) || (*skp == NULL))
  1257. sk=sk_SSL_CIPHER_new_null(); /* change perhaps later */
  1258. else
  1259. {
  1260. sk= *skp;
  1261. sk_SSL_CIPHER_zero(sk);
  1262. }
  1263. for (i=0; i<num; i+=n)
  1264. {
  1265. /* Check for SCSV */
  1266. if (s->s3 && (n != 3 || !p[0]) &&
  1267. (p[n-2] == ((SSL3_CK_SCSV >> 8) & 0xff)) &&
  1268. (p[n-1] == (SSL3_CK_SCSV & 0xff)))
  1269. {
  1270. /* SCSV fatal if renegotiating */
  1271. if (s->renegotiate)
  1272. {
  1273. SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING);
  1274. ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
  1275. goto err;
  1276. }
  1277. s->s3->send_connection_binding = 1;
  1278. p += n;
  1279. #ifdef OPENSSL_RI_DEBUG
  1280. fprintf(stderr, "SCSV received by server\n");
  1281. #endif
  1282. continue;
  1283. }
  1284. c=ssl_get_cipher_by_char(s,p);
  1285. p+=n;
  1286. if (c != NULL)
  1287. {
  1288. if (!sk_SSL_CIPHER_push(sk,c))
  1289. {
  1290. SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,ERR_R_MALLOC_FAILURE);
  1291. goto err;
  1292. }
  1293. }
  1294. }
  1295. if (skp != NULL)
  1296. *skp=sk;
  1297. return(sk);
  1298. err:
  1299. if ((skp == NULL) || (*skp == NULL))
  1300. sk_SSL_CIPHER_free(sk);
  1301. return(NULL);
  1302. }
  1303. #ifndef OPENSSL_NO_TLSEXT
  1304. /** return a servername extension value if provided in Client Hello, or NULL.
  1305. * So far, only host_name types are defined (RFC 3546).
  1306. */
  1307. const char *SSL_get_servername(const SSL *s, const int type)
  1308. {
  1309. if (type != TLSEXT_NAMETYPE_host_name)
  1310. return NULL;
  1311. return s->session && !s->tlsext_hostname ?
  1312. s->session->tlsext_hostname :
  1313. s->tlsext_hostname;
  1314. }
  1315. int SSL_get_servername_type(const SSL *s)
  1316. {
  1317. if (s->session && (!s->tlsext_hostname ? s->session->tlsext_hostname : s->tlsext_hostname))
  1318. return TLSEXT_NAMETYPE_host_name;
  1319. return -1;
  1320. }
  1321. # ifndef OPENSSL_NO_NEXTPROTONEG
  1322. /* SSL_select_next_proto implements the standard protocol selection. It is
  1323. * expected that this function is called from the callback set by
  1324. * SSL_CTX_set_next_proto_select_cb.
  1325. *
  1326. * The protocol data is assumed to be a vector of 8-bit, length prefixed byte
  1327. * strings. The length byte itself is not included in the length. A byte
  1328. * string of length 0 is invalid. No byte string may be truncated.
  1329. *
  1330. * The current, but experimental algorithm for selecting the protocol is:
  1331. *
  1332. * 1) If the server doesn't support NPN then this is indicated to the
  1333. * callback. In this case, the client application has to abort the connection
  1334. * or have a default application level protocol.
  1335. *
  1336. * 2) If the server supports NPN, but advertises an empty list then the
  1337. * client selects the first protcol in its list, but indicates via the
  1338. * API that this fallback case was enacted.
  1339. *
  1340. * 3) Otherwise, the client finds the first protocol in the server's list
  1341. * that it supports and selects this protocol. This is because it's
  1342. * assumed that the server has better information about which protocol
  1343. * a client should use.
  1344. *
  1345. * 4) If the client doesn't support any of the server's advertised
  1346. * protocols, then this is treated the same as case 2.
  1347. *
  1348. * It returns either
  1349. * OPENSSL_NPN_NEGOTIATED if a common protocol was found, or
  1350. * OPENSSL_NPN_NO_OVERLAP if the fallback case was reached.
  1351. */
  1352. int SSL_select_next_proto(unsigned char **out, unsigned char *outlen, const unsigned char *server, unsigned int server_len, const unsigned char *client, unsigned int client_len)
  1353. {
  1354. unsigned int i, j;
  1355. const unsigned char *result;
  1356. int status = OPENSSL_NPN_UNSUPPORTED;
  1357. /* For each protocol in server preference order, see if we support it. */
  1358. for (i = 0; i < server_len; )
  1359. {
  1360. for (j = 0; j < client_len; )
  1361. {
  1362. if (server[i] == client[j] &&
  1363. memcmp(&server[i+1], &client[j+1], server[i]) == 0)
  1364. {
  1365. /* We found a match */
  1366. result = &server[i];
  1367. status = OPENSSL_NPN_NEGOTIATED;
  1368. goto found;
  1369. }
  1370. j += client[j];
  1371. j++;
  1372. }
  1373. i += server[i];
  1374. i++;
  1375. }
  1376. /* There's no overlap between our protocols and the server's list. */
  1377. result = client;
  1378. status = OPENSSL_NPN_NO_OVERLAP;
  1379. found:
  1380. *out = (unsigned char *) result + 1;
  1381. *outlen = result[0];
  1382. return status;
  1383. }
  1384. /* SSL_get0_next_proto_negotiated sets *data and *len to point to the client's
  1385. * requested protocol for this connection and returns 0. If the client didn't
  1386. * request any protocol, then *data is set to NULL.
  1387. *
  1388. * Note that the client can request any protocol it chooses. The value returned
  1389. * from this function need not be a member of the list of supported protocols
  1390. * provided by the callback.
  1391. */
  1392. void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data, unsigned *len)
  1393. {
  1394. *data = s->next_proto_negotiated;
  1395. if (!*data) {
  1396. *len = 0;
  1397. } else {
  1398. *len = s->next_proto_negotiated_len;
  1399. }
  1400. }
  1401. /* SSL_CTX_set_next_protos_advertised_cb sets a callback that is called when a
  1402. * TLS server needs a list of supported protocols for Next Protocol
  1403. * Negotiation. The returned list must be in wire format. The list is returned
  1404. * by setting |out| to point to it and |outlen| to its length. This memory will
  1405. * not be modified, but one should assume that the SSL* keeps a reference to
  1406. * it.
  1407. *
  1408. * The callback should return SSL_TLSEXT_ERR_OK if it wishes to advertise. Otherwise, no
  1409. * such extension will be included in the ServerHello. */
  1410. void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *ctx, int (*cb) (SSL *ssl, const unsigned char **out, unsigned int *outlen, void *arg), void *arg)
  1411. {
  1412. ctx->next_protos_advertised_cb = cb;
  1413. ctx->next_protos_advertised_cb_arg = arg;
  1414. }
  1415. /* SSL_CTX_set_next_proto_select_cb sets a callback that is called when a
  1416. * client needs to select a protocol from the server's provided list. |out|
  1417. * must be set to point to the selected protocol (which may be within |in|).
  1418. * The length of the protocol name must be written into |outlen|. The server's
  1419. * advertised protocols are provided in |in| and |inlen|. The callback can
  1420. * assume that |in| is syntactically valid.
  1421. *
  1422. * The client must select a protocol. It is fatal to the connection if this
  1423. * callback returns a value other than SSL_TLSEXT_ERR_OK.
  1424. */
  1425. void SSL_CTX_set_next_proto_select_cb(SSL_CTX *ctx, int (*cb) (SSL *s, unsigned char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen, void *arg), void *arg)
  1426. {
  1427. ctx->next_proto_select_cb = cb;
  1428. ctx->next_proto_select_cb_arg = arg;
  1429. }
  1430. # endif
  1431. #endif
  1432. static unsigned long ssl_session_hash(const SSL_SESSION *a)
  1433. {
  1434. unsigned long l;
  1435. l=(unsigned long)
  1436. ((unsigned int) a->session_id[0] )|
  1437. ((unsigned int) a->session_id[1]<< 8L)|
  1438. ((unsigned long)a->session_id[2]<<16L)|
  1439. ((unsigned long)a->session_id[3]<<24L);
  1440. return(l);
  1441. }
  1442. /* NB: If this function (or indeed the hash function which uses a sort of
  1443. * coarser function than this one) is changed, ensure
  1444. * SSL_CTX_has_matching_session_id() is checked accordingly. It relies on being
  1445. * able to construct an SSL_SESSION that will collide with any existing session
  1446. * with a matching session ID. */
  1447. static int ssl_session_cmp(const SSL_SESSION *a,const SSL_SESSION *b)
  1448. {
  1449. if (a->ssl_version != b->ssl_version)
  1450. return(1);
  1451. if (a->session_id_length != b->session_id_length)
  1452. return(1);
  1453. return(memcmp(a->session_id,b->session_id,a->session_id_length));
  1454. }
  1455. /* These wrapper functions should remain rather than redeclaring
  1456. * SSL_SESSION_hash and SSL_SESSION_cmp for void* types and casting each
  1457. * variable. The reason is that the functions aren't static, they're exposed via
  1458. * ssl.h. */
  1459. static IMPLEMENT_LHASH_HASH_FN(ssl_session, SSL_SESSION)
  1460. static IMPLEMENT_LHASH_COMP_FN(ssl_session, SSL_SESSION)
  1461. SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
  1462. {
  1463. SSL_CTX *ret=NULL;
  1464. if (meth == NULL)
  1465. {
  1466. SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_NULL_SSL_METHOD_PASSED);
  1467. return(NULL);
  1468. }
  1469. #ifdef OPENSSL_FIPS
  1470. if (FIPS_mode() && (meth->version < TLS1_VERSION))
  1471. {
  1472. SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
  1473. return NULL;
  1474. }
  1475. #endif
  1476. if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0)
  1477. {
  1478. SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_X509_VERIFICATION_SETUP_PROBLEMS);
  1479. goto err;
  1480. }
  1481. ret=(SSL_CTX *)OPENSSL_malloc(sizeof(SSL_CTX));
  1482. if (ret == NULL)
  1483. goto err;
  1484. memset(ret,0,sizeof(SSL_CTX));
  1485. ret->method=meth;
  1486. ret->cert_store=NULL;
  1487. ret->session_cache_mode=SSL_SESS_CACHE_SERVER;
  1488. ret->session_cache_size=SSL_SESSION_CACHE_MAX_SIZE_DEFAULT;
  1489. ret->session_cache_head=NULL;
  1490. ret->session_cache_tail=NULL;
  1491. /* We take the system default */
  1492. ret->session_timeout=meth->get_timeout();
  1493. ret->new_session_cb=0;
  1494. ret->remove_session_cb=0;
  1495. ret->get_session_cb=0;
  1496. ret->generate_session_id=0;
  1497. memset((char *)&ret->stats,0,sizeof(ret->stats));
  1498. ret->references=1;
  1499. ret->quiet_shutdown=0;
  1500. /* ret->cipher=NULL;*/
  1501. /* ret->s2->challenge=NULL;
  1502. ret->master_key=NULL;
  1503. ret->key_arg=NULL;
  1504. ret->s2->conn_id=NULL; */
  1505. ret->info_callback=NULL;
  1506. ret->app_verify_callback=0;
  1507. ret->app_verify_arg=NULL;
  1508. ret->max_cert_list=SSL_MAX_CERT_LIST_DEFAULT;
  1509. ret->read_ahead=0;
  1510. ret->msg_callback=0;
  1511. ret->msg_callback_arg=NULL;
  1512. ret->verify_mode=SSL_VERIFY_NONE;
  1513. #if 0
  1514. ret->verify_depth=-1; /* Don't impose a limit (but x509_lu.c does) */
  1515. #endif
  1516. ret->sid_ctx_length=0;
  1517. ret->default_verify_callback=NULL;
  1518. if ((ret->cert=ssl_cert_new()) == NULL)
  1519. goto err;
  1520. ret->default_passwd_callback=0;
  1521. ret->default_passwd_callback_userdata=NULL;
  1522. ret->client_cert_cb=0;
  1523. ret->app_gen_cookie_cb=0;
  1524. ret->app_verify_cookie_cb=0;
  1525. ret->sessions=lh_SSL_SESSION_new();
  1526. if (ret->sessions == NULL) goto err;
  1527. ret->cert_store=X509_STORE_new();
  1528. if (ret->cert_store == NULL) goto err;
  1529. ssl_create_cipher_list(ret->method,
  1530. &ret->cipher_list,&ret->cipher_list_by_id,
  1531. meth->version == SSL2_VERSION ? "SSLv2" : SSL_DEFAULT_CIPHER_LIST);
  1532. if (ret->cipher_list == NULL
  1533. || sk_SSL_CIPHER_num(ret->cipher_list) <= 0)
  1534. {
  1535. SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_LIBRARY_HAS_NO_CIPHERS);
  1536. goto err2;
  1537. }
  1538. ret->param = X509_VERIFY_PARAM_new();
  1539. if (!ret->param)
  1540. goto err;
  1541. if ((ret->rsa_md5=EVP_get_digestbyname("ssl2-md5")) == NULL)
  1542. {
  1543. SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES);
  1544. goto err2;
  1545. }
  1546. if ((ret->md5=EVP_get_digestbyname("ssl3-md5")) == NULL)
  1547. {
  1548. SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES);
  1549. goto err2;
  1550. }
  1551. if ((ret->sha1=EVP_get_digestbyname("ssl3-sha1")) == NULL)
  1552. {
  1553. SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES);
  1554. goto err2;
  1555. }
  1556. if ((ret->client_CA=sk_X509_NAME_new_null()) == NULL)
  1557. goto err;
  1558. CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ret, &ret->ex_data);
  1559. ret->extra_certs=NULL;
  1560. ret->comp_methods=SSL_COMP_get_compression_methods();
  1561. ret->max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH;
  1562. #ifndef OPENSSL_NO_TLSEXT
  1563. ret->tlsext_servername_callback = 0;
  1564. ret->tlsext_servername_arg = NULL;
  1565. /* Setup RFC4507 ticket keys */
  1566. if ((RAND_pseudo_bytes(ret->tlsext_tick_key_name, 16) <= 0)
  1567. || (RAND_bytes(ret->tlsext_tick_hmac_key, 16) <= 0)
  1568. || (RAND_bytes(ret->tlsext_tick_aes_key, 16) <= 0))
  1569. ret->options |= SSL_OP_NO_TICKET;
  1570. ret->tlsext_status_cb = 0;
  1571. ret->tlsext_status_arg = NULL;
  1572. # ifndef OPENSSL_NO_NEXTPROTONEG
  1573. ret->next_protos_advertised_cb = 0;
  1574. ret->next_proto_select_cb = 0;
  1575. # endif
  1576. #endif
  1577. #ifndef OPENSSL_NO_PSK
  1578. ret->psk_identity_hint=NULL;
  1579. ret->psk_client_callback=NULL;
  1580. ret->psk_server_callback=NULL;
  1581. #endif
  1582. #ifndef OPENSSL_NO_SRP
  1583. SSL_CTX_SRP_CTX_init(ret);
  1584. #endif
  1585. #ifndef OPENSSL_NO_BUF_FREELISTS
  1586. ret->freelist_max_len = SSL_MAX_BUF_FREELIST_LEN_DEFAULT;
  1587. ret->rbuf_freelist = OPENSSL_malloc(sizeof(SSL3_BUF_FREELIST));
  1588. if (!ret->rbuf_freelist)
  1589. goto err;
  1590. ret->rbuf_freelist->chunklen = 0;
  1591. ret->rbuf_freelist->len = 0;
  1592. ret->rbuf_freelist->head = NULL;
  1593. ret->wbuf_freelist = OPENSSL_malloc(sizeof(SSL3_BUF_FREELIST));
  1594. if (!ret->wbuf_freelist)
  1595. {
  1596. OPENSSL_free(ret->rbuf_freelist);
  1597. goto err;
  1598. }
  1599. ret->wbuf_freelist->chunklen = 0;
  1600. ret->wbuf_freelist->len = 0;
  1601. ret->wbuf_freelist->head = NULL;
  1602. #endif
  1603. #ifndef OPENSSL_NO_ENGINE
  1604. ret->client_cert_engine = NULL;
  1605. #ifdef OPENSSL_SSL_CLIENT_ENGINE_AUTO
  1606. #define eng_strx(x) #x
  1607. #define eng_str(x) eng_strx(x)
  1608. /* Use specific client engine automatically... ignore errors */
  1609. {
  1610. ENGINE *eng;
  1611. eng = ENGINE_by_id(eng_str(OPENSSL_SSL_CLIENT_ENGINE_AUTO));
  1612. if (!eng)
  1613. {
  1614. ERR_clear_error();
  1615. ENGINE_load_builtin_engines();
  1616. eng = ENGINE_by_id(eng_str(OPENSSL_SSL_CLIENT_ENGINE_AUTO));
  1617. }
  1618. if (!eng || !SSL_CTX_set_client_cert_engine(ret, eng))
  1619. ERR_clear_error();
  1620. }
  1621. #endif
  1622. #endif
  1623. /* Default is to connect to non-RI servers. When RI is more widely
  1624. * deployed might change this.
  1625. */
  1626. ret->options |= SSL_OP_LEGACY_SERVER_CONNECT;
  1627. return(ret);
  1628. err:
  1629. SSLerr(SSL_F_SSL_CTX_NEW,ERR_R_MALLOC_FAILURE);
  1630. err2:
  1631. if (ret != NULL) SSL_CTX_free(ret);
  1632. return(NULL);
  1633. }
  1634. #if 0
  1635. static void SSL_COMP_free(SSL_COMP *comp)
  1636. { OPENSSL_free(comp); }
  1637. #endif
  1638. #ifndef OPENSSL_NO_BUF_FREELISTS
  1639. static void
  1640. ssl_buf_freelist_free(SSL3_BUF_FREELIST *list)
  1641. {
  1642. SSL3_BUF_FREELIST_ENTRY *ent, *next;
  1643. for (ent = list->head; ent; ent = next)
  1644. {
  1645. next = ent->next;
  1646. OPENSSL_free(ent);
  1647. }
  1648. OPENSSL_free(list);
  1649. }
  1650. #endif
  1651. void SSL_CTX_free(SSL_CTX *a)
  1652. {
  1653. int i;
  1654. if (a == NULL) return;
  1655. i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_SSL_CTX);
  1656. #ifdef REF_PRINT
  1657. REF_PRINT("SSL_CTX",a);
  1658. #endif
  1659. if (i > 0) return;
  1660. #ifdef REF_CHECK
  1661. if (i < 0)
  1662. {
  1663. fprintf(stderr,"SSL_CTX_free, bad reference count\n");
  1664. abort(); /* ok */
  1665. }
  1666. #endif
  1667. if (a->param)
  1668. X509_VERIFY_PARAM_free(a->param);
  1669. /*
  1670. * Free internal session cache. However: the remove_cb() may reference
  1671. * the ex_data of SSL_CTX, thus the ex_data store can only be removed
  1672. * after the sessions were flushed.
  1673. * As the ex_data handling routines might also touch the session cache,
  1674. * the most secure solution seems to be: empty (flush) the cache, then
  1675. * free ex_data, then finally free the cache.
  1676. * (See ticket [openssl.org #212].)
  1677. */
  1678. if (a->sessions != NULL)
  1679. SSL_CTX_flush_sessions(a,0);
  1680. CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_CTX, a, &a->ex_data);
  1681. if (a->sessions != NULL)
  1682. lh_SSL_SESSION_free(a->sessions);
  1683. if (a->cert_store != NULL)
  1684. X509_STORE_free(a->cert_store);
  1685. if (a->cipher_list != NULL)
  1686. sk_SSL_CIPHER_free(a->cipher_list);
  1687. if (a->cipher_list_by_id != NULL)
  1688. sk_SSL_CIPHER_free(a->cipher_list_by_id);
  1689. if (a->cert != NULL)
  1690. ssl_cert_free(a->cert);
  1691. if (a->client_CA != NULL)
  1692. sk_X509_NAME_pop_free(a->client_CA,X509_NAME_free);
  1693. if (a->extra_certs != NULL)
  1694. sk_X509_pop_free(a->extra_certs,X509_free);
  1695. #if 0 /* This should never be done, since it removes a global database */
  1696. if (a->comp_methods != NULL)
  1697. sk_SSL_COMP_pop_free(a->comp_methods,SSL_COMP_free);
  1698. #else
  1699. a->comp_methods = NULL;
  1700. #endif
  1701. #ifndef OPENSSL_NO_PSK
  1702. if (a->psk_identity_hint)
  1703. OPENSSL_free(a->psk_identity_hint);
  1704. #endif
  1705. #ifndef OPENSSL_NO_SRP
  1706. SSL_CTX_SRP_CTX_free(a);
  1707. #endif
  1708. #ifndef OPENSSL_NO_ENGINE
  1709. if (a->client_cert_engine)
  1710. ENGINE_finish(a->client_cert_engine);
  1711. #endif
  1712. #ifndef OPENSSL_NO_BUF_FREELISTS
  1713. if (a->wbuf_freelist)
  1714. ssl_buf_freelist_free(a->wbuf_freelist);
  1715. if (a->rbuf_freelist)
  1716. ssl_buf_freelist_free(a->rbuf_freelist);
  1717. #endif
  1718. OPENSSL_free(a);
  1719. }
  1720. void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb)
  1721. {
  1722. ctx->default_passwd_callback=cb;
  1723. }
  1724. void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx,void *u)
  1725. {
  1726. ctx->default_passwd_callback_userdata=u;
  1727. }
  1728. void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, int (*cb)(X509_STORE_CTX *,void *), void *arg)
  1729. {
  1730. ctx->app_verify_callback=cb;
  1731. ctx->app_verify_arg=arg;
  1732. }
  1733. void SSL_CTX_set_verify(SSL_CTX *ctx,int mode,int (*cb)(int, X509_STORE_CTX *))
  1734. {
  1735. ctx->verify_mode=mode;
  1736. ctx->default_verify_callback=cb;
  1737. }
  1738. void SSL_CTX_set_verify_depth(SSL_CTX *ctx,int depth)
  1739. {
  1740. X509_VERIFY_PARAM_set_depth(ctx->param, depth);
  1741. }
  1742. void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
  1743. {
  1744. CERT_PKEY *cpk;
  1745. int rsa_enc,rsa_tmp,rsa_sign,dh_tmp,dh_rsa,dh_dsa,dsa_sign;
  1746. int rsa_enc_export,dh_rsa_export,dh_dsa_export;
  1747. int rsa_tmp_export,dh_tmp_export,kl;
  1748. unsigned long mask_k,mask_a,emask_k,emask_a;
  1749. int have_ecc_cert, ecdh_ok, ecdsa_ok, ecc_pkey_size;
  1750. #ifndef OPENSSL_NO_ECDH
  1751. int have_ecdh_tmp;
  1752. #endif
  1753. X509 *x = NULL;
  1754. EVP_PKEY *ecc_pkey = NULL;
  1755. int signature_nid = 0, pk_nid = 0, md_nid = 0;
  1756. if (c == NULL) return;
  1757. kl=SSL_C_EXPORT_PKEYLENGTH(cipher);
  1758. #ifndef OPENSSL_NO_RSA
  1759. rsa_tmp=(c->rsa_tmp != NULL || c->rsa_tmp_cb != NULL);
  1760. rsa_tmp_export=(c->rsa_tmp_cb != NULL ||
  1761. (rsa_tmp && RSA_size(c->rsa_tmp)*8 <= kl));
  1762. #else
  1763. rsa_tmp=rsa_tmp_export=0;
  1764. #endif
  1765. #ifndef OPENSSL_NO_DH
  1766. dh_tmp=(c->dh_tmp != NULL || c->dh_tmp_cb != NULL);
  1767. dh_tmp_export=(c->dh_tmp_cb != NULL ||
  1768. (dh_tmp && DH_size(c->dh_tmp)*8 <= kl));
  1769. #else
  1770. dh_tmp=dh_tmp_export=0;
  1771. #endif
  1772. #ifndef OPENSSL_NO_ECDH
  1773. have_ecdh_tmp=(c->ecdh_tmp != NULL || c->ecdh_tmp_cb != NULL);
  1774. #endif
  1775. cpk= &(c->pkeys[SSL_PKEY_RSA_ENC]);
  1776. rsa_enc= (cpk->x509 != NULL && cpk->privatekey != NULL);
  1777. rsa_enc_export=(rsa_enc && EVP_PKEY_size(cpk->privatekey)*8 <= kl);
  1778. cpk= &(c->pkeys[SSL_PKEY_RSA_SIGN]);
  1779. rsa_sign=(cpk->x509 != NULL && cpk->privatekey != NULL);
  1780. cpk= &(c->pkeys[SSL_PKEY_DSA_SIGN]);
  1781. dsa_sign=(cpk->x509 != NULL && cpk->privatekey != NULL);
  1782. cpk= &(c->pkeys[SSL_PKEY_DH_RSA]);
  1783. dh_rsa= (cpk->x509 != NULL && cpk->privatekey != NULL);
  1784. dh_rsa_export=(dh_rsa && EVP_PKEY_size(cpk->privatekey)*8 <= kl);
  1785. cpk= &(c->pkeys[SSL_PKEY_DH_DSA]);
  1786. /* FIX THIS EAY EAY EAY */
  1787. dh_dsa= (cpk->x509 != NULL && cpk->privatekey != NULL);
  1788. dh_dsa_export=(dh_dsa && EVP_PKEY_size(cpk->privatekey)*8 <= kl);
  1789. cpk= &(c->pkeys[SSL_PKEY_ECC]);
  1790. have_ecc_cert= (cpk->x509 != NULL && cpk->privatekey != NULL);
  1791. mask_k=0;
  1792. mask_a=0;
  1793. emask_k=0;
  1794. emask_a=0;
  1795. #ifdef CIPHER_DEBUG
  1796. printf("rt=%d rte=%d dht=%d ecdht=%d re=%d ree=%d rs=%d ds=%d dhr=%d dhd=%d\n",
  1797. rsa_tmp,rsa_tmp_export,dh_tmp,have_ecdh_tmp,
  1798. rsa_enc,rsa_enc_export,rsa_sign,dsa_sign,dh_rsa,dh_dsa);
  1799. #endif
  1800. cpk = &(c->pkeys[SSL_PKEY_GOST01]);
  1801. if (cpk->x509 != NULL && cpk->privatekey !=NULL) {
  1802. mask_k |= SSL_kGOST;
  1803. mask_a |= SSL_aGOST01;
  1804. }
  1805. cpk = &(c->pkeys[SSL_PKEY_GOST94]);
  1806. if (cpk->x509 != NULL && cpk->privatekey !=NULL) {
  1807. mask_k |= SSL_kGOST;
  1808. mask_a |= SSL_aGOST94;
  1809. }
  1810. if (rsa_enc || (rsa_tmp && rsa_sign))
  1811. mask_k|=SSL_kRSA;
  1812. if (rsa_enc_export || (rsa_tmp_export && (rsa_sign || rsa_enc)))
  1813. emask_k|=SSL_kRSA;
  1814. #if 0
  1815. /* The match needs to be both kEDH and aRSA or aDSA, so don't worry */
  1816. if ( (dh_tmp || dh_rsa || dh_dsa) &&
  1817. (rsa_enc || rsa_sign || dsa_sign))
  1818. mask_k|=SSL_kEDH;
  1819. if ((dh_tmp_export || dh_rsa_export || dh_dsa_export) &&
  1820. (rsa_enc || rsa_sign || dsa_sign))
  1821. emask_k|=SSL_kEDH;
  1822. #endif
  1823. if (dh_tmp_export)
  1824. emask_k|=SSL_kEDH;
  1825. if (dh_tmp)
  1826. mask_k|=SSL_kEDH;
  1827. if (dh_rsa) mask_k|=SSL_kDHr;
  1828. if (dh_rsa_export) emask_k|=SSL_kDHr;
  1829. if (dh_dsa) mask_k|=SSL_kDHd;
  1830. if (dh_dsa_export) emask_k|=SSL_kDHd;
  1831. if (rsa_enc || rsa_sign)
  1832. {
  1833. mask_a|=SSL_aRSA;
  1834. emask_a|=SSL_aRSA;
  1835. }
  1836. if (dsa_sign)
  1837. {
  1838. mask_a|=SSL_aDSS;
  1839. emask_a|=SSL_aDSS;
  1840. }
  1841. mask_a|=SSL_aNULL;
  1842. emask_a|=SSL_aNULL;
  1843. #ifndef OPENSSL_NO_KRB5
  1844. mask_k|=SSL_kKRB5;
  1845. mask_a|=SSL_aKRB5;
  1846. emask_k|=SSL_kKRB5;
  1847. emask_a|=SSL_aKRB5;
  1848. #endif
  1849. /* An ECC certificate may be usable for ECDH and/or
  1850. * ECDSA cipher suites depending on the key usage extension.
  1851. */
  1852. if (have_ecc_cert)
  1853. {
  1854. /* This call populates extension flags (ex_flags) */
  1855. x = (c->pkeys[SSL_PKEY_ECC]).x509;
  1856. X509_check_purpose(x, -1, 0);
  1857. ecdh_ok = (x->ex_flags & EXFLAG_KUSAGE) ?
  1858. (x->ex_kusage & X509v3_KU_KEY_AGREEMENT) : 1;
  1859. ecdsa_ok = (x->ex_flags & EXFLAG_KUSAGE) ?
  1860. (x->ex_kusage & X509v3_KU_DIGITAL_SIGNATURE) : 1;
  1861. ecc_pkey = X509_get_pubkey(x);
  1862. ecc_pkey_size = (ecc_pkey != NULL) ?
  1863. EVP_PKEY_bits(ecc_pkey) : 0;
  1864. EVP_PKEY_free(ecc_pkey);
  1865. if ((x->sig_alg) && (x->sig_alg->algorithm))
  1866. {
  1867. signature_nid = OBJ_obj2nid(x->sig_alg->algorithm);
  1868. OBJ_find_sigid_algs(signature_nid, &md_nid, &pk_nid);
  1869. }
  1870. #ifndef OPENSSL_NO_ECDH
  1871. if (ecdh_ok)
  1872. {
  1873. if (pk_nid == NID_rsaEncryption || pk_nid == NID_rsa)
  1874. {
  1875. mask_k|=SSL_kECDHr;
  1876. mask_a|=SSL_aECDH;
  1877. if (ecc_pkey_size <= 163)
  1878. {
  1879. emask_k|=SSL_kECDHr;
  1880. emask_a|=SSL_aECDH;
  1881. }
  1882. }
  1883. if (pk_nid == NID_X9_62_id_ecPublicKey)
  1884. {
  1885. mask_k|=SSL_kECDHe;
  1886. mask_a|=SSL_aECDH;
  1887. if (ecc_pkey_size <= 163)
  1888. {
  1889. emask_k|=SSL_kECDHe;
  1890. emask_a|=SSL_aECDH;
  1891. }
  1892. }
  1893. }
  1894. #endif
  1895. #ifndef OPENSSL_NO_ECDSA
  1896. if (ecdsa_ok)
  1897. {
  1898. mask_a|=SSL_aECDSA;
  1899. emask_a|=SSL_aECDSA;
  1900. }
  1901. #endif
  1902. }
  1903. #ifndef OPENSSL_NO_ECDH
  1904. if (have_ecdh_tmp)
  1905. {
  1906. mask_k|=SSL_kEECDH;
  1907. emask_k|=SSL_kEECDH;
  1908. }
  1909. #endif
  1910. #ifndef OPENSSL_NO_PSK
  1911. mask_k |= SSL_kPSK;
  1912. mask_a |= SSL_aPSK;
  1913. emask_k |= SSL_kPSK;
  1914. emask_a |= SSL_aPSK;
  1915. #endif
  1916. c->mask_k=mask_k;
  1917. c->mask_a=mask_a;
  1918. c->export_mask_k=emask_k;
  1919. c->export_mask_a=emask_a;
  1920. c->valid=1;
  1921. }
  1922. /* This handy macro borrowed from crypto/x509v3/v3_purp.c */
  1923. #define ku_reject(x, usage) \
  1924. (((x)->ex_flags & EXFLAG_KUSAGE) && !((x)->ex_kusage & (usage)))
  1925. #ifndef OPENSSL_NO_EC
  1926. int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
  1927. {
  1928. unsigned long alg_k, alg_a;
  1929. EVP_PKEY *pkey = NULL;
  1930. int keysize = 0;
  1931. int signature_nid = 0, md_nid = 0, pk_nid = 0;
  1932. const SSL_CIPHER *cs = s->s3->tmp.new_cipher;
  1933. alg_k = cs->algorithm_mkey;
  1934. alg_a = cs->algorithm_auth;
  1935. if (SSL_C_IS_EXPORT(cs))
  1936. {
  1937. /* ECDH key length in export ciphers must be <= 163 bits */
  1938. pkey = X509_get_pubkey(x);
  1939. if (pkey == NULL) return 0;
  1940. keysize = EVP_PKEY_bits(pkey);
  1941. EVP_PKEY_free(pkey);
  1942. if (keysize > 163) return 0;
  1943. }
  1944. /* This call populates the ex_flags field correctly */
  1945. X509_check_purpose(x, -1, 0);
  1946. if ((x->sig_alg) && (x->sig_alg->algorithm))
  1947. {
  1948. signature_nid = OBJ_obj2nid(x->sig_alg->algorithm);
  1949. OBJ_find_sigid_algs(signature_nid, &md_nid, &pk_nid);
  1950. }
  1951. if (alg_k & SSL_kECDHe || alg_k & SSL_kECDHr)
  1952. {
  1953. /* key usage, if present, must allow key agreement */
  1954. if (ku_reject(x, X509v3_KU_KEY_AGREEMENT))
  1955. {
  1956. SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG, SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT);
  1957. return 0;
  1958. }
  1959. if ((alg_k & SSL_kECDHe) && TLS1_get_version(s) < TLS1_2_VERSION)
  1960. {
  1961. /* signature alg must be ECDSA */
  1962. if (pk_nid != NID_X9_62_id_ecPublicKey)
  1963. {
  1964. SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG, SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE);
  1965. return 0;
  1966. }
  1967. }
  1968. if ((alg_k & SSL_kECDHr) && TLS1_get_version(s) < TLS1_2_VERSION)
  1969. {
  1970. /* signature alg must be RSA */
  1971. if (pk_nid != NID_rsaEncryption && pk_nid != NID_rsa)
  1972. {
  1973. SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG, SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE);
  1974. return 0;
  1975. }
  1976. }
  1977. }
  1978. if (alg_a & SSL_aECDSA)
  1979. {
  1980. /* key usage, if present, must allow signing */
  1981. if (ku_reject(x, X509v3_KU_DIGITAL_SIGNATURE))
  1982. {
  1983. SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG, SSL_R_ECC_CERT_NOT_FOR_SIGNING);
  1984. return 0;
  1985. }
  1986. }
  1987. return 1; /* all checks are ok */
  1988. }
  1989. #endif
  1990. /* THIS NEEDS CLEANING UP */
  1991. X509 *ssl_get_server_send_cert(SSL *s)
  1992. {
  1993. unsigned long alg_k,alg_a;
  1994. CERT *c;
  1995. int i;
  1996. c=s->cert;
  1997. ssl_set_cert_masks(c, s->s3->tmp.new_cipher);
  1998. alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
  1999. alg_a = s->s3->tmp.new_cipher->algorithm_auth;
  2000. if (alg_k & (SSL_kECDHr|SSL_kECDHe))
  2001. {
  2002. /* we don't need to look at SSL_kEECDH
  2003. * since no certificate is needed for
  2004. * anon ECDH and for authenticated
  2005. * EECDH, the check for the auth
  2006. * algorithm will set i correctly
  2007. * NOTE: For ECDH-RSA, we need an ECC
  2008. * not an RSA cert but for EECDH-RSA
  2009. * we need an RSA cert. Placing the
  2010. * checks for SSL_kECDH before RSA
  2011. * checks ensures the correct cert is chosen.
  2012. */
  2013. i=SSL_PKEY_ECC;
  2014. }
  2015. else if (alg_a & SSL_aECDSA)
  2016. {
  2017. i=SSL_PKEY_ECC;
  2018. }
  2019. else if (alg_k & SSL_kDHr)
  2020. i=SSL_PKEY_DH_RSA;
  2021. else if (alg_k & SSL_kDHd)
  2022. i=SSL_PKEY_DH_DSA;
  2023. else if (alg_a & SSL_aDSS)
  2024. i=SSL_PKEY_DSA_SIGN;
  2025. else if (alg_a & SSL_aRSA)
  2026. {
  2027. if (c->pkeys[SSL_PKEY_RSA_ENC].x509 == NULL)
  2028. i=SSL_PKEY_RSA_SIGN;
  2029. else
  2030. i=SSL_PKEY_RSA_ENC;
  2031. }
  2032. else if (alg_a & SSL_aKRB5)
  2033. {
  2034. /* VRS something else here? */
  2035. return(NULL);
  2036. }
  2037. else if (alg_a & SSL_aGOST94)
  2038. i=SSL_PKEY_GOST94;
  2039. else if (alg_a & SSL_aGOST01)
  2040. i=SSL_PKEY_GOST01;
  2041. else /* if (alg_a & SSL_aNULL) */
  2042. {
  2043. SSLerr(SSL_F_SSL_GET_SERVER_SEND_CERT,ERR_R_INTERNAL_ERROR);
  2044. return(NULL);
  2045. }
  2046. if (c->pkeys[i].x509 == NULL) return(NULL);
  2047. return(c->pkeys[i].x509);
  2048. }
  2049. EVP_PKEY *ssl_get_sign_pkey(SSL *s,const SSL_CIPHER *cipher, const EVP_MD **pmd)
  2050. {
  2051. unsigned long alg_a;
  2052. CERT *c;
  2053. int idx = -1;
  2054. alg_a = cipher->algorithm_auth;
  2055. c=s->cert;
  2056. if ((alg_a & SSL_aDSS) &&
  2057. (c->pkeys[SSL_PKEY_DSA_SIGN].privatekey != NULL))
  2058. idx = SSL_PKEY_DSA_SIGN;
  2059. else if (alg_a & SSL_aRSA)
  2060. {
  2061. if (c->pkeys[SSL_PKEY_RSA_SIGN].privatekey != NULL)
  2062. idx = SSL_PKEY_RSA_SIGN;
  2063. else if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey != NULL)
  2064. idx = SSL_PKEY_RSA_ENC;
  2065. }
  2066. else if ((alg_a & SSL_aECDSA) &&
  2067. (c->pkeys[SSL_PKEY_ECC].privatekey != NULL))
  2068. idx = SSL_PKEY_ECC;
  2069. if (idx == -1)
  2070. {
  2071. SSLerr(SSL_F_SSL_GET_SIGN_PKEY,ERR_R_INTERNAL_ERROR);
  2072. return(NULL);
  2073. }
  2074. if (pmd)
  2075. *pmd = c->pkeys[idx].digest;
  2076. return c->pkeys[idx].privatekey;
  2077. }
  2078. void ssl_update_cache(SSL *s,int mode)
  2079. {
  2080. int i;
  2081. /* If the session_id_length is 0, we are not supposed to cache it,
  2082. * and it would be rather hard to do anyway :-) */
  2083. if (s->session->session_id_length == 0) return;
  2084. i=s->session_ctx->session_cache_mode;
  2085. if ((i & mode) && (!s->hit)
  2086. && ((i & SSL_SESS_CACHE_NO_INTERNAL_STORE)
  2087. || SSL_CTX_add_session(s->session_ctx,s->session))
  2088. && (s->session_ctx->new_session_cb != NULL))
  2089. {
  2090. CRYPTO_add(&s->session->references,1,CRYPTO_LOCK_SSL_SESSION);
  2091. if (!s->session_ctx->new_session_cb(s,s->session))
  2092. SSL_SESSION_free(s->session);
  2093. }
  2094. /* auto flush every 255 connections */
  2095. if ((!(i & SSL_SESS_CACHE_NO_AUTO_CLEAR)) &&
  2096. ((i & mode) == mode))
  2097. {
  2098. if ( (((mode & SSL_SESS_CACHE_CLIENT)
  2099. ?s->session_ctx->stats.sess_connect_good
  2100. :s->session_ctx->stats.sess_accept_good) & 0xff) == 0xff)
  2101. {
  2102. SSL_CTX_flush_sessions(s->session_ctx,(unsigned long)time(NULL));
  2103. }
  2104. }
  2105. }
  2106. const SSL_METHOD *SSL_get_ssl_method(SSL *s)
  2107. {
  2108. return(s->method);
  2109. }
  2110. int SSL_set_ssl_method(SSL *s, const SSL_METHOD *meth)
  2111. {
  2112. int conn= -1;
  2113. int ret=1;
  2114. if (s->method != meth)
  2115. {
  2116. if (s->handshake_func != NULL)
  2117. conn=(s->handshake_func == s->method->ssl_connect);
  2118. if (s->method->version == meth->version)
  2119. s->method=meth;
  2120. else
  2121. {
  2122. s->method->ssl_free(s);
  2123. s->method=meth;
  2124. ret=s->method->ssl_new(s);
  2125. }
  2126. if (conn == 1)
  2127. s->handshake_func=meth->ssl_connect;
  2128. else if (conn == 0)
  2129. s->handshake_func=meth->ssl_accept;
  2130. }
  2131. return(ret);
  2132. }
  2133. int SSL_get_error(const SSL *s,int i)
  2134. {
  2135. int reason;
  2136. unsigned long l;
  2137. BIO *bio;
  2138. if (i > 0) return(SSL_ERROR_NONE);
  2139. /* Make things return SSL_ERROR_SYSCALL when doing SSL_do_handshake
  2140. * etc, where we do encode the error */
  2141. if ((l=ERR_peek_error()) != 0)
  2142. {
  2143. if (ERR_GET_LIB(l) == ERR_LIB_SYS)
  2144. return(SSL_ERROR_SYSCALL);
  2145. else
  2146. return(SSL_ERROR_SSL);
  2147. }
  2148. if ((i < 0) && SSL_want_read(s))
  2149. {
  2150. bio=SSL_get_rbio(s);
  2151. if (BIO_should_read(bio))
  2152. return(SSL_ERROR_WANT_READ);
  2153. else if (BIO_should_write(bio))
  2154. /* This one doesn't make too much sense ... We never try
  2155. * to write to the rbio, and an application program where
  2156. * rbio and wbio are separate couldn't even know what it
  2157. * should wait for.
  2158. * However if we ever set s->rwstate incorrectly
  2159. * (so that we have SSL_want_read(s) instead of
  2160. * SSL_want_write(s)) and rbio and wbio *are* the same,
  2161. * this test works around that bug; so it might be safer
  2162. * to keep it. */
  2163. return(SSL_ERROR_WANT_WRITE);
  2164. else if (BIO_should_io_special(bio))
  2165. {
  2166. reason=BIO_get_retry_reason(bio);
  2167. if (reason == BIO_RR_CONNECT)
  2168. return(SSL_ERROR_WANT_CONNECT);
  2169. else if (reason == BIO_RR_ACCEPT)
  2170. return(SSL_ERROR_WANT_ACCEPT);
  2171. else
  2172. return(SSL_ERROR_SYSCALL); /* unknown */
  2173. }
  2174. }
  2175. if ((i < 0) && SSL_want_write(s))
  2176. {
  2177. bio=SSL_get_wbio(s);
  2178. if (BIO_should_write(bio))
  2179. return(SSL_ERROR_WANT_WRITE);
  2180. else if (BIO_should_read(bio))
  2181. /* See above (SSL_want_read(s) with BIO_should_write(bio)) */
  2182. return(SSL_ERROR_WANT_READ);
  2183. else if (BIO_should_io_special(bio))
  2184. {
  2185. reason=BIO_get_retry_reason(bio);
  2186. if (reason == BIO_RR_CONNECT)
  2187. return(SSL_ERROR_WANT_CONNECT);
  2188. else if (reason == BIO_RR_ACCEPT)
  2189. return(SSL_ERROR_WANT_ACCEPT);
  2190. else
  2191. return(SSL_ERROR_SYSCALL);
  2192. }
  2193. }
  2194. if ((i < 0) && SSL_want_x509_lookup(s))
  2195. {
  2196. return(SSL_ERROR_WANT_X509_LOOKUP);
  2197. }
  2198. if (i == 0)
  2199. {
  2200. if (s->version == SSL2_VERSION)
  2201. {
  2202. /* assume it is the socket being closed */
  2203. return(SSL_ERROR_ZERO_RETURN);
  2204. }
  2205. else
  2206. {
  2207. if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) &&
  2208. (s->s3->warn_alert == SSL_AD_CLOSE_NOTIFY))
  2209. return(SSL_ERROR_ZERO_RETURN);
  2210. }
  2211. }
  2212. return(SSL_ERROR_SYSCALL);
  2213. }
  2214. int SSL_do_handshake(SSL *s)
  2215. {
  2216. int ret=1;
  2217. if (s->handshake_func == NULL)
  2218. {
  2219. SSLerr(SSL_F_SSL_DO_HANDSHAKE,SSL_R_CONNECTION_TYPE_NOT_SET);
  2220. return(-1);
  2221. }
  2222. s->method->ssl_renegotiate_check(s);
  2223. if (SSL_in_init(s) || SSL_in_before(s))
  2224. {
  2225. ret=s->handshake_func(s);
  2226. }
  2227. return(ret);
  2228. }
  2229. /* For the next 2 functions, SSL_clear() sets shutdown and so
  2230. * one of these calls will reset it */
  2231. void SSL_set_accept_state(SSL *s)
  2232. {
  2233. s->server=1;
  2234. s->shutdown=0;
  2235. s->state=SSL_ST_ACCEPT|SSL_ST_BEFORE;
  2236. s->handshake_func=s->method->ssl_accept;
  2237. /* clear the current cipher */
  2238. ssl_clear_cipher_ctx(s);
  2239. ssl_clear_hash_ctx(&s->read_hash);
  2240. ssl_clear_hash_ctx(&s->write_hash);
  2241. }
  2242. void SSL_set_connect_state(SSL *s)
  2243. {
  2244. s->server=0;
  2245. s->shutdown=0;
  2246. s->state=SSL_ST_CONNECT|SSL_ST_BEFORE;
  2247. s->handshake_func=s->method->ssl_connect;
  2248. /* clear the current cipher */
  2249. ssl_clear_cipher_ctx(s);
  2250. ssl_clear_hash_ctx(&s->read_hash);
  2251. ssl_clear_hash_ctx(&s->write_hash);
  2252. }
  2253. int ssl_undefined_function(SSL *s)
  2254. {
  2255. SSLerr(SSL_F_SSL_UNDEFINED_FUNCTION,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
  2256. return(0);
  2257. }
  2258. int ssl_undefined_void_function(void)
  2259. {
  2260. SSLerr(SSL_F_SSL_UNDEFINED_VOID_FUNCTION,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
  2261. return(0);
  2262. }
  2263. int ssl_undefined_const_function(const SSL *s)
  2264. {
  2265. SSLerr(SSL_F_SSL_UNDEFINED_CONST_FUNCTION,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
  2266. return(0);
  2267. }
  2268. SSL_METHOD *ssl_bad_method(int ver)
  2269. {
  2270. SSLerr(SSL_F_SSL_BAD_METHOD,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
  2271. return(NULL);
  2272. }
  2273. const char *SSL_get_version(const SSL *s)
  2274. {
  2275. if (s->version == TLS1_2_VERSION)
  2276. return("TLSv1.2");
  2277. else if (s->version == TLS1_1_VERSION)
  2278. return("TLSv1.1");
  2279. else if (s->version == TLS1_VERSION)
  2280. return("TLSv1");
  2281. else if (s->version == SSL3_VERSION)
  2282. return("SSLv3");
  2283. else if (s->version == SSL2_VERSION)
  2284. return("SSLv2");
  2285. else
  2286. return("unknown");
  2287. }
  2288. SSL *SSL_dup(SSL *s)
  2289. {
  2290. STACK_OF(X509_NAME) *sk;
  2291. X509_NAME *xn;
  2292. SSL *ret;
  2293. int i;
  2294. if ((ret=SSL_new(SSL_get_SSL_CTX(s))) == NULL)
  2295. return(NULL);
  2296. ret->version = s->version;
  2297. ret->type = s->type;
  2298. ret->method = s->method;
  2299. if (s->session != NULL)
  2300. {
  2301. /* This copies session-id, SSL_METHOD, sid_ctx, and 'cert' */
  2302. SSL_copy_session_id(ret,s);
  2303. }
  2304. else
  2305. {
  2306. /* No session has been established yet, so we have to expect
  2307. * that s->cert or ret->cert will be changed later --
  2308. * they should not both point to the same object,
  2309. * and thus we can't use SSL_copy_session_id. */
  2310. ret->method->ssl_free(ret);
  2311. ret->method = s->method;
  2312. ret->method->ssl_new(ret);
  2313. if (s->cert != NULL)
  2314. {
  2315. if (ret->cert != NULL)
  2316. {
  2317. ssl_cert_free(ret->cert);
  2318. }
  2319. ret->cert = ssl_cert_dup(s->cert);
  2320. if (ret->cert == NULL)
  2321. goto err;
  2322. }
  2323. SSL_set_session_id_context(ret,
  2324. s->sid_ctx, s->sid_ctx_length);
  2325. }
  2326. ret->options=s->options;
  2327. ret->mode=s->mode;
  2328. SSL_set_max_cert_list(ret,SSL_get_max_cert_list(s));
  2329. SSL_set_read_ahead(ret,SSL_get_read_ahead(s));
  2330. ret->msg_callback = s->msg_callback;
  2331. ret->msg_callback_arg = s->msg_callback_arg;
  2332. SSL_set_verify(ret,SSL_get_verify_mode(s),
  2333. SSL_get_verify_callback(s));
  2334. SSL_set_verify_depth(ret,SSL_get_verify_depth(s));
  2335. ret->generate_session_id = s->generate_session_id;
  2336. SSL_set_info_callback(ret,SSL_get_info_callback(s));
  2337. ret->debug=s->debug;
  2338. /* copy app data, a little dangerous perhaps */
  2339. if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL, &ret->ex_data, &s->ex_data))
  2340. goto err;
  2341. /* setup rbio, and wbio */
  2342. if (s->rbio != NULL)
  2343. {
  2344. if (!BIO_dup_state(s->rbio,(char *)&ret->rbio))
  2345. goto err;
  2346. }
  2347. if (s->wbio != NULL)
  2348. {
  2349. if (s->wbio != s->rbio)
  2350. {
  2351. if (!BIO_dup_state(s->wbio,(char *)&ret->wbio))
  2352. goto err;
  2353. }
  2354. else
  2355. ret->wbio=ret->rbio;
  2356. }
  2357. ret->rwstate = s->rwstate;
  2358. ret->in_handshake = s->in_handshake;
  2359. ret->handshake_func = s->handshake_func;
  2360. ret->server = s->server;
  2361. ret->renegotiate = s->renegotiate;
  2362. ret->new_session = s->new_session;
  2363. ret->quiet_shutdown = s->quiet_shutdown;
  2364. ret->shutdown=s->shutdown;
  2365. ret->state=s->state; /* SSL_dup does not really work at any state, though */
  2366. ret->rstate=s->rstate;
  2367. ret->init_num = 0; /* would have to copy ret->init_buf, ret->init_msg, ret->init_num, ret->init_off */
  2368. ret->hit=s->hit;
  2369. X509_VERIFY_PARAM_inherit(ret->param, s->param);
  2370. /* dup the cipher_list and cipher_list_by_id stacks */
  2371. if (s->cipher_list != NULL)
  2372. {
  2373. if ((ret->cipher_list=sk_SSL_CIPHER_dup(s->cipher_list)) == NULL)
  2374. goto err;
  2375. }
  2376. if (s->cipher_list_by_id != NULL)
  2377. if ((ret->cipher_list_by_id=sk_SSL_CIPHER_dup(s->cipher_list_by_id))
  2378. == NULL)
  2379. goto err;
  2380. /* Dup the client_CA list */
  2381. if (s->client_CA != NULL)
  2382. {
  2383. if ((sk=sk_X509_NAME_dup(s->client_CA)) == NULL) goto err;
  2384. ret->client_CA=sk;
  2385. for (i=0; i<sk_X509_NAME_num(sk); i++)
  2386. {
  2387. xn=sk_X509_NAME_value(sk,i);
  2388. if (sk_X509_NAME_set(sk,i,X509_NAME_dup(xn)) == NULL)
  2389. {
  2390. X509_NAME_free(xn);
  2391. goto err;
  2392. }
  2393. }
  2394. }
  2395. if (0)
  2396. {
  2397. err:
  2398. if (ret != NULL) SSL_free(ret);
  2399. ret=NULL;
  2400. }
  2401. return(ret);
  2402. }
  2403. void ssl_clear_cipher_ctx(SSL *s)
  2404. {
  2405. if (s->enc_read_ctx != NULL)
  2406. {
  2407. EVP_CIPHER_CTX_cleanup(s->enc_read_ctx);
  2408. OPENSSL_free(s->enc_read_ctx);
  2409. s->enc_read_ctx=NULL;
  2410. }
  2411. if (s->enc_write_ctx != NULL)
  2412. {
  2413. EVP_CIPHER_CTX_cleanup(s->enc_write_ctx);
  2414. OPENSSL_free(s->enc_write_ctx);
  2415. s->enc_write_ctx=NULL;
  2416. }
  2417. #ifndef OPENSSL_NO_COMP
  2418. if (s->expand != NULL)
  2419. {
  2420. COMP_CTX_free(s->expand);
  2421. s->expand=NULL;
  2422. }
  2423. if (s->compress != NULL)
  2424. {
  2425. COMP_CTX_free(s->compress);
  2426. s->compress=NULL;
  2427. }
  2428. #endif
  2429. }
  2430. /* Fix this function so that it takes an optional type parameter */
  2431. X509 *SSL_get_certificate(const SSL *s)
  2432. {
  2433. if (s->cert != NULL)
  2434. return(s->cert->key->x509);
  2435. else
  2436. return(NULL);
  2437. }
  2438. /* Fix this function so that it takes an optional type parameter */
  2439. EVP_PKEY *SSL_get_privatekey(SSL *s)
  2440. {
  2441. if (s->cert != NULL)
  2442. return(s->cert->key->privatekey);
  2443. else
  2444. return(NULL);
  2445. }
  2446. const SSL_CIPHER *SSL_get_current_cipher(const SSL *s)
  2447. {
  2448. if ((s->session != NULL) && (s->session->cipher != NULL))
  2449. return(s->session->cipher);
  2450. return(NULL);
  2451. }
  2452. #ifdef OPENSSL_NO_COMP
  2453. const void *SSL_get_current_compression(SSL *s)
  2454. {
  2455. return NULL;
  2456. }
  2457. const void *SSL_get_current_expansion(SSL *s)
  2458. {
  2459. return NULL;
  2460. }
  2461. #else
  2462. const COMP_METHOD *SSL_get_current_compression(SSL *s)
  2463. {
  2464. if (s->compress != NULL)
  2465. return(s->compress->meth);
  2466. return(NULL);
  2467. }
  2468. const COMP_METHOD *SSL_get_current_expansion(SSL *s)
  2469. {
  2470. if (s->expand != NULL)
  2471. return(s->expand->meth);
  2472. return(NULL);
  2473. }
  2474. #endif
  2475. int ssl_init_wbio_buffer(SSL *s,int push)
  2476. {
  2477. BIO *bbio;
  2478. if (s->bbio == NULL)
  2479. {
  2480. bbio=BIO_new(BIO_f_buffer());
  2481. if (bbio == NULL) return(0);
  2482. s->bbio=bbio;
  2483. }
  2484. else
  2485. {
  2486. bbio=s->bbio;
  2487. if (s->bbio == s->wbio)
  2488. s->wbio=BIO_pop(s->wbio);
  2489. }
  2490. (void)BIO_reset(bbio);
  2491. /* if (!BIO_set_write_buffer_size(bbio,16*1024)) */
  2492. if (!BIO_set_read_buffer_size(bbio,1))
  2493. {
  2494. SSLerr(SSL_F_SSL_INIT_WBIO_BUFFER,ERR_R_BUF_LIB);
  2495. return(0);
  2496. }
  2497. if (push)
  2498. {
  2499. if (s->wbio != bbio)
  2500. s->wbio=BIO_push(bbio,s->wbio);
  2501. }
  2502. else
  2503. {
  2504. if (s->wbio == bbio)
  2505. s->wbio=BIO_pop(bbio);
  2506. }
  2507. return(1);
  2508. }
  2509. void ssl_free_wbio_buffer(SSL *s)
  2510. {
  2511. if (s->bbio == NULL) return;
  2512. if (s->bbio == s->wbio)
  2513. {
  2514. /* remove buffering */
  2515. s->wbio=BIO_pop(s->wbio);
  2516. #ifdef REF_CHECK /* not the usual REF_CHECK, but this avoids adding one more preprocessor symbol */
  2517. assert(s->wbio != NULL);
  2518. #endif
  2519. }
  2520. BIO_free(s->bbio);
  2521. s->bbio=NULL;
  2522. }
  2523. void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx,int mode)
  2524. {
  2525. ctx->quiet_shutdown=mode;
  2526. }
  2527. int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx)
  2528. {
  2529. return(ctx->quiet_shutdown);
  2530. }
  2531. void SSL_set_quiet_shutdown(SSL *s,int mode)
  2532. {
  2533. s->quiet_shutdown=mode;
  2534. }
  2535. int SSL_get_quiet_shutdown(const SSL *s)
  2536. {
  2537. return(s->quiet_shutdown);
  2538. }
  2539. void SSL_set_shutdown(SSL *s,int mode)
  2540. {
  2541. s->shutdown=mode;
  2542. }
  2543. int SSL_get_shutdown(const SSL *s)
  2544. {
  2545. return(s->shutdown);
  2546. }
  2547. int SSL_version(const SSL *s)
  2548. {
  2549. return(s->version);
  2550. }
  2551. SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl)
  2552. {
  2553. return(ssl->ctx);
  2554. }
  2555. SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX* ctx)
  2556. {
  2557. if (ssl->ctx == ctx)
  2558. return ssl->ctx;
  2559. #ifndef OPENSSL_NO_TLSEXT
  2560. if (ctx == NULL)
  2561. ctx = ssl->initial_ctx;
  2562. #endif
  2563. if (ssl->cert != NULL)
  2564. ssl_cert_free(ssl->cert);
  2565. ssl->cert = ssl_cert_dup(ctx->cert);
  2566. CRYPTO_add(&ctx->references,1,CRYPTO_LOCK_SSL_CTX);
  2567. if (ssl->ctx != NULL)
  2568. SSL_CTX_free(ssl->ctx); /* decrement reference count */
  2569. ssl->ctx = ctx;
  2570. return(ssl->ctx);
  2571. }
  2572. #ifndef OPENSSL_NO_STDIO
  2573. int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx)
  2574. {
  2575. return(X509_STORE_set_default_paths(ctx->cert_store));
  2576. }
  2577. int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
  2578. const char *CApath)
  2579. {
  2580. return(X509_STORE_load_locations(ctx->cert_store,CAfile,CApath));
  2581. }
  2582. #endif
  2583. void SSL_set_info_callback(SSL *ssl,
  2584. void (*cb)(const SSL *ssl,int type,int val))
  2585. {
  2586. ssl->info_callback=cb;
  2587. }
  2588. /* One compiler (Diab DCC) doesn't like argument names in returned
  2589. function pointer. */
  2590. void (*SSL_get_info_callback(const SSL *ssl))(const SSL * /*ssl*/,int /*type*/,int /*val*/)
  2591. {
  2592. return ssl->info_callback;
  2593. }
  2594. int SSL_state(const SSL *ssl)
  2595. {
  2596. return(ssl->state);
  2597. }
  2598. void SSL_set_state(SSL *ssl, int state)
  2599. {
  2600. ssl->state = state;
  2601. }
  2602. void SSL_set_verify_result(SSL *ssl,long arg)
  2603. {
  2604. ssl->verify_result=arg;
  2605. }
  2606. long SSL_get_verify_result(const SSL *ssl)
  2607. {
  2608. return(ssl->verify_result);
  2609. }
  2610. int SSL_get_ex_new_index(long argl,void *argp,CRYPTO_EX_new *new_func,
  2611. CRYPTO_EX_dup *dup_func,CRYPTO_EX_free *free_func)
  2612. {
  2613. return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL, argl, argp,
  2614. new_func, dup_func, free_func);
  2615. }
  2616. int SSL_set_ex_data(SSL *s,int idx,void *arg)
  2617. {
  2618. return(CRYPTO_set_ex_data(&s->ex_data,idx,arg));
  2619. }
  2620. void *SSL_get_ex_data(const SSL *s,int idx)
  2621. {
  2622. return(CRYPTO_get_ex_data(&s->ex_data,idx));
  2623. }
  2624. int SSL_CTX_get_ex_new_index(long argl,void *argp,CRYPTO_EX_new *new_func,
  2625. CRYPTO_EX_dup *dup_func,CRYPTO_EX_free *free_func)
  2626. {
  2627. return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX, argl, argp,
  2628. new_func, dup_func, free_func);
  2629. }
  2630. int SSL_CTX_set_ex_data(SSL_CTX *s,int idx,void *arg)
  2631. {
  2632. return(CRYPTO_set_ex_data(&s->ex_data,idx,arg));
  2633. }
  2634. void *SSL_CTX_get_ex_data(const SSL_CTX *s,int idx)
  2635. {
  2636. return(CRYPTO_get_ex_data(&s->ex_data,idx));
  2637. }
  2638. int ssl_ok(SSL *s)
  2639. {
  2640. return(1);
  2641. }
  2642. X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *ctx)
  2643. {
  2644. return(ctx->cert_store);
  2645. }
  2646. void SSL_CTX_set_cert_store(SSL_CTX *ctx,X509_STORE *store)
  2647. {
  2648. if (ctx->cert_store != NULL)
  2649. X509_STORE_free(ctx->cert_store);
  2650. ctx->cert_store=store;
  2651. }
  2652. int SSL_want(const SSL *s)
  2653. {
  2654. return(s->rwstate);
  2655. }
  2656. /*!
  2657. * \brief Set the callback for generating temporary RSA keys.
  2658. * \param ctx the SSL context.
  2659. * \param cb the callback
  2660. */
  2661. #ifndef OPENSSL_NO_RSA
  2662. void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx,RSA *(*cb)(SSL *ssl,
  2663. int is_export,
  2664. int keylength))
  2665. {
  2666. SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TMP_RSA_CB,(void (*)(void))cb);
  2667. }
  2668. void SSL_set_tmp_rsa_callback(SSL *ssl,RSA *(*cb)(SSL *ssl,
  2669. int is_export,
  2670. int keylength))
  2671. {
  2672. SSL_callback_ctrl(ssl,SSL_CTRL_SET_TMP_RSA_CB,(void (*)(void))cb);
  2673. }
  2674. #endif
  2675. #ifdef DOXYGEN
  2676. /*!
  2677. * \brief The RSA temporary key callback function.
  2678. * \param ssl the SSL session.
  2679. * \param is_export \c TRUE if the temp RSA key is for an export ciphersuite.
  2680. * \param keylength if \c is_export is \c TRUE, then \c keylength is the size
  2681. * of the required key in bits.
  2682. * \return the temporary RSA key.
  2683. * \sa SSL_CTX_set_tmp_rsa_callback, SSL_set_tmp_rsa_callback
  2684. */
  2685. RSA *cb(SSL *ssl,int is_export,int keylength)
  2686. {}
  2687. #endif
  2688. /*!
  2689. * \brief Set the callback for generating temporary DH keys.
  2690. * \param ctx the SSL context.
  2691. * \param dh the callback
  2692. */
  2693. #ifndef OPENSSL_NO_DH
  2694. void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,DH *(*dh)(SSL *ssl,int is_export,
  2695. int keylength))
  2696. {
  2697. SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TMP_DH_CB,(void (*)(void))dh);
  2698. }
  2699. void SSL_set_tmp_dh_callback(SSL *ssl,DH *(*dh)(SSL *ssl,int is_export,
  2700. int keylength))
  2701. {
  2702. SSL_callback_ctrl(ssl,SSL_CTRL_SET_TMP_DH_CB,(void (*)(void))dh);
  2703. }
  2704. #endif
  2705. #ifndef OPENSSL_NO_ECDH
  2706. void SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx,EC_KEY *(*ecdh)(SSL *ssl,int is_export,
  2707. int keylength))
  2708. {
  2709. SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TMP_ECDH_CB,(void (*)(void))ecdh);
  2710. }
  2711. void SSL_set_tmp_ecdh_callback(SSL *ssl,EC_KEY *(*ecdh)(SSL *ssl,int is_export,
  2712. int keylength))
  2713. {
  2714. SSL_callback_ctrl(ssl,SSL_CTRL_SET_TMP_ECDH_CB,(void (*)(void))ecdh);
  2715. }
  2716. #endif
  2717. #ifndef OPENSSL_NO_PSK
  2718. int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *identity_hint)
  2719. {
  2720. if (identity_hint != NULL && strlen(identity_hint) > PSK_MAX_IDENTITY_LEN)
  2721. {
  2722. SSLerr(SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT, SSL_R_DATA_LENGTH_TOO_LONG);
  2723. return 0;
  2724. }
  2725. if (ctx->psk_identity_hint != NULL)
  2726. OPENSSL_free(ctx->psk_identity_hint);
  2727. if (identity_hint != NULL)
  2728. {
  2729. ctx->psk_identity_hint = BUF_strdup(identity_hint);
  2730. if (ctx->psk_identity_hint == NULL)
  2731. return 0;
  2732. }
  2733. else
  2734. ctx->psk_identity_hint = NULL;
  2735. return 1;
  2736. }
  2737. int SSL_use_psk_identity_hint(SSL *s, const char *identity_hint)
  2738. {
  2739. if (s == NULL)
  2740. return 0;
  2741. if (s->session == NULL)
  2742. return 1; /* session not created yet, ignored */
  2743. if (identity_hint != NULL && strlen(identity_hint) > PSK_MAX_IDENTITY_LEN)
  2744. {
  2745. SSLerr(SSL_F_SSL_USE_PSK_IDENTITY_HINT, SSL_R_DATA_LENGTH_TOO_LONG);
  2746. return 0;
  2747. }
  2748. if (s->session->psk_identity_hint != NULL)
  2749. OPENSSL_free(s->session->psk_identity_hint);
  2750. if (identity_hint != NULL)
  2751. {
  2752. s->session->psk_identity_hint = BUF_strdup(identity_hint);
  2753. if (s->session->psk_identity_hint == NULL)
  2754. return 0;
  2755. }
  2756. else
  2757. s->session->psk_identity_hint = NULL;
  2758. return 1;
  2759. }
  2760. const char *SSL_get_psk_identity_hint(const SSL *s)
  2761. {
  2762. if (s == NULL || s->session == NULL)
  2763. return NULL;
  2764. return(s->session->psk_identity_hint);
  2765. }
  2766. const char *SSL_get_psk_identity(const SSL *s)
  2767. {
  2768. if (s == NULL || s->session == NULL)
  2769. return NULL;
  2770. return(s->session->psk_identity);
  2771. }
  2772. void SSL_set_psk_client_callback(SSL *s,
  2773. unsigned int (*cb)(SSL *ssl, const char *hint,
  2774. char *identity, unsigned int max_identity_len, unsigned char *psk,
  2775. unsigned int max_psk_len))
  2776. {
  2777. s->psk_client_callback = cb;
  2778. }
  2779. void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx,
  2780. unsigned int (*cb)(SSL *ssl, const char *hint,
  2781. char *identity, unsigned int max_identity_len, unsigned char *psk,
  2782. unsigned int max_psk_len))
  2783. {
  2784. ctx->psk_client_callback = cb;
  2785. }
  2786. void SSL_set_psk_server_callback(SSL *s,
  2787. unsigned int (*cb)(SSL *ssl, const char *identity,
  2788. unsigned char *psk, unsigned int max_psk_len))
  2789. {
  2790. s->psk_server_callback = cb;
  2791. }
  2792. void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx,
  2793. unsigned int (*cb)(SSL *ssl, const char *identity,
  2794. unsigned char *psk, unsigned int max_psk_len))
  2795. {
  2796. ctx->psk_server_callback = cb;
  2797. }
  2798. #endif
  2799. void SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg))
  2800. {
  2801. SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb);
  2802. }
  2803. void SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg))
  2804. {
  2805. SSL_callback_ctrl(ssl, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb);
  2806. }
  2807. void SSL_CTX_set_not_resumable_session_callback(SSL_CTX *ctx,
  2808. int (*cb)(SSL *ssl, int is_forward_secure))
  2809. {
  2810. SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB,
  2811. (void (*)(void))cb);
  2812. }
  2813. void SSL_set_not_resumable_session_callback(SSL *ssl,
  2814. int (*cb)(SSL *ssl, int is_forward_secure))
  2815. {
  2816. SSL_callback_ctrl(ssl, SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB,
  2817. (void (*)(void))cb);
  2818. }
  2819. /* Allocates new EVP_MD_CTX and sets pointer to it into given pointer
  2820. * vairable, freeing EVP_MD_CTX previously stored in that variable, if
  2821. * any. If EVP_MD pointer is passed, initializes ctx with this md
  2822. * Returns newly allocated ctx;
  2823. */
  2824. EVP_MD_CTX *ssl_replace_hash(EVP_MD_CTX **hash,const EVP_MD *md)
  2825. {
  2826. ssl_clear_hash_ctx(hash);
  2827. *hash = EVP_MD_CTX_create();
  2828. if (md) EVP_DigestInit_ex(*hash,md,NULL);
  2829. return *hash;
  2830. }
  2831. void ssl_clear_hash_ctx(EVP_MD_CTX **hash)
  2832. {
  2833. if (*hash) EVP_MD_CTX_destroy(*hash);
  2834. *hash=NULL;
  2835. }
  2836. void SSL_set_debug(SSL *s, int debug)
  2837. {
  2838. s->debug = debug;
  2839. }
  2840. int SSL_cache_hit(SSL *s)
  2841. {
  2842. return s->hit;
  2843. }
  2844. #if defined(_WINDLL) && defined(OPENSSL_SYS_WIN16)
  2845. #include "../crypto/bio/bss_file.c"
  2846. #endif
  2847. IMPLEMENT_STACK_OF(SSL_CIPHER)
  2848. IMPLEMENT_STACK_OF(SSL_COMP)
  2849. IMPLEMENT_OBJ_BSEARCH_GLOBAL_CMP_FN(SSL_CIPHER, SSL_CIPHER,
  2850. ssl_cipher_id);