search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
update libressl to v2.7.4
[unleashed.git] / lib / libssl / ssl_lib.c
blob573e63c934a6241645558811c866ac6f35a693cc
1 /* $OpenBSD: ssl_lib.c,v 1.182 2018/03/17 16:20:01 beck Exp $ */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58 /* ====================================================================
59 * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111 /* ====================================================================
112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113 * ECC cipher suite support in OpenSSL originally developed by
114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
115 */
116 /* ====================================================================
117 * Copyright 2005 Nokia. All rights reserved.
118 *
119 * The portions of the attached software ("Contribution") is developed by
120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
121 * license.
122 *
123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
125 * support (see RFC 4279) to OpenSSL.
126 *
127 * No patent licenses or other rights except those expressly stated in
128 * the OpenSSL open source license shall be deemed granted or received
129 * expressly, by implication, estoppel, or otherwise.
130 *
131 * No assurances are provided by Nokia that the Contribution does not
132 * infringe the patent or other intellectual property rights of any third
133 * party or that the license provides you with all the necessary rights
134 * to make use of the Contribution.
135 *
136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
140 * OTHERWISE.
141 */
142
143 #include <stdio.h>
144
145 #include "ssl_locl.h"
146
147 #include <openssl/bn.h>
148 #include <openssl/dh.h>
149 #include <openssl/lhash.h>
150 #include <openssl/objects.h>
151 #include <openssl/ocsp.h>
152 #include <openssl/x509v3.h>
153
154 #ifndef OPENSSL_NO_ENGINE
155 #include <openssl/engine.h>
156 #endif
157
158 #include "bytestring.h"
159
160 const char *SSL_version_str = OPENSSL_VERSION_TEXT;
161
162 int
163 SSL_clear(SSL *s)
164 {
165 if (s->method == NULL) {
166 SSLerror(s, SSL_R_NO_METHOD_SPECIFIED);
167 return (0);
168 }
169
170 if (ssl_clear_bad_session(s)) {
171 SSL_SESSION_free(s->session);
172 s->session = NULL;
173 }
174
175 s->error = 0;
176 s->internal->hit = 0;
177 s->internal->shutdown = 0;
178
179 if (s->internal->renegotiate) {
180 SSLerror(s, ERR_R_INTERNAL_ERROR);
181 return (0);
182 }
183
184 s->internal->type = 0;
185
186 s->version = s->method->internal->version;
187 s->client_version = s->version;
188 s->internal->rwstate = SSL_NOTHING;
189 s->internal->rstate = SSL_ST_READ_HEADER;
190
191 BUF_MEM_free(s->internal->init_buf);
192 s->internal->init_buf = NULL;
193
194 ssl_clear_cipher_ctx(s);
195 ssl_clear_hash_ctx(&s->read_hash);
196 ssl_clear_hash_ctx(&s->internal->write_hash);
197
198 s->internal->first_packet = 0;
199
200 /*
201 * Check to see if we were changed into a different method, if
202 * so, revert back if we are not doing session-id reuse.
203 */
204 if (!s->internal->in_handshake && (s->session == NULL) &&
205 (s->method != s->ctx->method)) {
206 s->method->internal->ssl_free(s);
207 s->method = s->ctx->method;
208 if (!s->method->internal->ssl_new(s))
209 return (0);
210 } else
211 s->method->internal->ssl_clear(s);
212
213 S3I(s)->hs.state = SSL_ST_BEFORE|((s->server) ? SSL_ST_ACCEPT : SSL_ST_CONNECT);
214
215 return (1);
216 }
217
218 /* Used to change an SSL_CTXs default SSL method type */
219 int
220 SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth)
221 {
222 STACK_OF(SSL_CIPHER) *sk;
223
224 ctx->method = meth;
225
226 sk = ssl_create_cipher_list(ctx->method, &(ctx->cipher_list),
227 &(ctx->internal->cipher_list_by_id), SSL_DEFAULT_CIPHER_LIST);
228 if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0)) {
229 SSLerrorx(SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
230 return (0);
231 }
232 return (1);
233 }
234
235 SSL *
236 SSL_new(SSL_CTX *ctx)
237 {
238 SSL *s;
239
240 if (ctx == NULL) {
241 SSLerrorx(SSL_R_NULL_SSL_CTX);
242 return (NULL);
243 }
244 if (ctx->method == NULL) {
245 SSLerrorx(SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION);
246 return (NULL);
247 }
248
249 if ((s = calloc(1, sizeof(*s))) == NULL) {
250 SSLerrorx(ERR_R_MALLOC_FAILURE);
251 return (NULL);
252 }
253 if ((s->internal = calloc(1, sizeof(*s->internal))) == NULL) {
254 free(s);
255 SSLerrorx(ERR_R_MALLOC_FAILURE);
256 return (NULL);
257 }
258
259 s->internal->min_version = ctx->internal->min_version;
260 s->internal->max_version = ctx->internal->max_version;
261
262 s->internal->options = ctx->internal->options;
263 s->internal->mode = ctx->internal->mode;
264 s->internal->max_cert_list = ctx->internal->max_cert_list;
265
266 if (ctx->internal->cert != NULL) {
267 /*
268 * Earlier library versions used to copy the pointer to
269 * the CERT, not its contents; only when setting new
270 * parameters for the per-SSL copy, ssl_cert_new would be
271 * called (and the direct reference to the per-SSL_CTX
272 * settings would be lost, but those still were indirectly
273 * accessed for various purposes, and for that reason they
274 * used to be known as s->ctx->default_cert).
275 * Now we don't look at the SSL_CTX's CERT after having
276 * duplicated it once.
277 */
278 s->cert = ssl_cert_dup(ctx->internal->cert);
279 if (s->cert == NULL)
280 goto err;
281 } else
282 s->cert=NULL; /* Cannot really happen (see SSL_CTX_new) */
283
284 s->internal->read_ahead = ctx->internal->read_ahead;
285 s->internal->msg_callback = ctx->internal->msg_callback;
286 s->internal->msg_callback_arg = ctx->internal->msg_callback_arg;
287 s->verify_mode = ctx->verify_mode;
288 s->sid_ctx_length = ctx->sid_ctx_length;
289 OPENSSL_assert(s->sid_ctx_length <= sizeof s->sid_ctx);
290 memcpy(&s->sid_ctx, &ctx->sid_ctx, sizeof(s->sid_ctx));
291 s->internal->verify_callback = ctx->internal->default_verify_callback;
292 s->internal->generate_session_id = ctx->internal->generate_session_id;
293
294 s->param = X509_VERIFY_PARAM_new();
295 if (!s->param)
296 goto err;
297 X509_VERIFY_PARAM_inherit(s->param, ctx->param);
298 s->internal->quiet_shutdown = ctx->internal->quiet_shutdown;
299 s->max_send_fragment = ctx->internal->max_send_fragment;
300
301 CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
302 s->ctx = ctx;
303 s->internal->tlsext_debug_cb = 0;
304 s->internal->tlsext_debug_arg = NULL;
305 s->internal->tlsext_ticket_expected = 0;
306 s->tlsext_status_type = -1;
307 s->internal->tlsext_status_expected = 0;
308 s->internal->tlsext_ocsp_ids = NULL;
309 s->internal->tlsext_ocsp_exts = NULL;
310 s->internal->tlsext_ocsp_resp = NULL;
311 s->internal->tlsext_ocsp_resplen = -1;
312 CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
313 s->initial_ctx = ctx;
314
315 if (ctx->internal->tlsext_ecpointformatlist != NULL) {
316 s->internal->tlsext_ecpointformatlist =
317 calloc(ctx->internal->tlsext_ecpointformatlist_length,
318 sizeof(ctx->internal->tlsext_ecpointformatlist[0]));
319 if (s->internal->tlsext_ecpointformatlist == NULL)
320 goto err;
321 memcpy(s->internal->tlsext_ecpointformatlist,
322 ctx->internal->tlsext_ecpointformatlist,
323 ctx->internal->tlsext_ecpointformatlist_length *
324 sizeof(ctx->internal->tlsext_ecpointformatlist[0]));
325 s->internal->tlsext_ecpointformatlist_length =
326 ctx->internal->tlsext_ecpointformatlist_length;
327 }
328 if (ctx->internal->tlsext_supportedgroups != NULL) {
329 s->internal->tlsext_supportedgroups =
330 calloc(ctx->internal->tlsext_supportedgroups_length,
331 sizeof(ctx->internal->tlsext_supportedgroups));
332 if (s->internal->tlsext_supportedgroups == NULL)
333 goto err;
334 memcpy(s->internal->tlsext_supportedgroups,
335 ctx->internal->tlsext_supportedgroups,
336 ctx->internal->tlsext_supportedgroups_length *
337 sizeof(ctx->internal->tlsext_supportedgroups[0]));
338 s->internal->tlsext_supportedgroups_length =
339 ctx->internal->tlsext_supportedgroups_length;
340 }
341
342 if (s->ctx->internal->alpn_client_proto_list != NULL) {
343 s->internal->alpn_client_proto_list =
344 malloc(s->ctx->internal->alpn_client_proto_list_len);
345 if (s->internal->alpn_client_proto_list == NULL)
346 goto err;
347 memcpy(s->internal->alpn_client_proto_list,
348 s->ctx->internal->alpn_client_proto_list,
349 s->ctx->internal->alpn_client_proto_list_len);
350 s->internal->alpn_client_proto_list_len =
351 s->ctx->internal->alpn_client_proto_list_len;
352 }
353
354 s->verify_result = X509_V_OK;
355
356 s->method = ctx->method;
357
358 if (!s->method->internal->ssl_new(s))
359 goto err;
360
361 s->references = 1;
362 s->server = (ctx->method->internal->ssl_accept == ssl_undefined_function) ? 0 : 1;
363
364 SSL_clear(s);
365
366 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->internal->ex_data);
367
368 return (s);
369
370 err:
371 SSL_free(s);
372 SSLerrorx(ERR_R_MALLOC_FAILURE);
373 return (NULL);
374 }
375
376 int
377 SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx,
378 unsigned int sid_ctx_len)
379 {
380 if (sid_ctx_len > sizeof ctx->sid_ctx) {
381 SSLerrorx(SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
382 return (0);
383 }
384 ctx->sid_ctx_length = sid_ctx_len;
385 memcpy(ctx->sid_ctx, sid_ctx, sid_ctx_len);
386
387 return (1);
388 }
389
390 int
391 SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx,
392 unsigned int sid_ctx_len)
393 {
394 if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {
395 SSLerror(ssl, SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
396 return (0);
397 }
398 ssl->sid_ctx_length = sid_ctx_len;
399 memcpy(ssl->sid_ctx, sid_ctx, sid_ctx_len);
400
401 return (1);
402 }
403
404 int
405 SSL_CTX_set_generate_session_id(SSL_CTX *ctx, GEN_SESSION_CB cb)
406 {
407 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
408 ctx->internal->generate_session_id = cb;
409 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
410 return (1);
411 }
412
413 int
414 SSL_set_generate_session_id(SSL *ssl, GEN_SESSION_CB cb)
415 {
416 CRYPTO_w_lock(CRYPTO_LOCK_SSL);
417 ssl->internal->generate_session_id = cb;
418 CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
419 return (1);
420 }
421
422 int
423 SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
424 unsigned int id_len)
425 {
426 /*
427 * A quick examination of SSL_SESSION_hash and SSL_SESSION_cmp
428 * shows how we can "construct" a session to give us the desired
429 * check - ie. to find if there's a session in the hash table
430 * that would conflict with any new session built out of this
431 * id/id_len and the ssl_version in use by this SSL.
432 */
433 SSL_SESSION r, *p;
434
435 if (id_len > sizeof r.session_id)
436 return (0);
437
438 r.ssl_version = ssl->version;
439 r.session_id_length = id_len;
440 memcpy(r.session_id, id, id_len);
441
442 CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
443 p = lh_SSL_SESSION_retrieve(ssl->ctx->internal->sessions, &r);
444 CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
445 return (p != NULL);
446 }
447
448 int
449 SSL_CTX_set_purpose(SSL_CTX *s, int purpose)
450 {
451 return (X509_VERIFY_PARAM_set_purpose(s->param, purpose));
452 }
453
454 int
455 SSL_set_purpose(SSL *s, int purpose)
456 {
457 return (X509_VERIFY_PARAM_set_purpose(s->param, purpose));
458 }
459
460 int
461 SSL_CTX_set_trust(SSL_CTX *s, int trust)
462 {
463 return (X509_VERIFY_PARAM_set_trust(s->param, trust));
464 }
465
466 int
467 SSL_set_trust(SSL *s, int trust)
468 {
469 return (X509_VERIFY_PARAM_set_trust(s->param, trust));
470 }
471
472 X509_VERIFY_PARAM *
473 SSL_CTX_get0_param(SSL_CTX *ctx)
474 {
475 return (ctx->param);
476 }
477
478 int
479 SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm)
480 {
481 return (X509_VERIFY_PARAM_set1(ctx->param, vpm));
482 }
483
484 X509_VERIFY_PARAM *
485 SSL_get0_param(SSL *ssl)
486 {
487 return (ssl->param);
488 }
489
490 int
491 SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm)
492 {
493 return (X509_VERIFY_PARAM_set1(ssl->param, vpm));
494 }
495
496 void
497 SSL_free(SSL *s)
498 {
499 int i;
500
501 if (s == NULL)
502 return;
503
504 i = CRYPTO_add(&s->references, -1, CRYPTO_LOCK_SSL);
505 if (i > 0)
506 return;
507
508 X509_VERIFY_PARAM_free(s->param);
509
510 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->internal->ex_data);
511
512 if (s->bbio != NULL) {
513 /* If the buffering BIO is in place, pop it off */
514 if (s->bbio == s->wbio) {
515 s->wbio = BIO_pop(s->wbio);
516 }
517 BIO_free(s->bbio);
518 s->bbio = NULL;
519 }
520
521 if (s->rbio != s->wbio)
522 BIO_free_all(s->rbio);
523 BIO_free_all(s->wbio);
524
525 BUF_MEM_free(s->internal->init_buf);
526
527 /* add extra stuff */
528 sk_SSL_CIPHER_free(s->cipher_list);
529 sk_SSL_CIPHER_free(s->internal->cipher_list_by_id);
530
531 /* Make the next call work :-) */
532 if (s->session != NULL) {
533 ssl_clear_bad_session(s);
534 SSL_SESSION_free(s->session);
535 }
536
537 ssl_clear_cipher_ctx(s);
538 ssl_clear_hash_ctx(&s->read_hash);
539 ssl_clear_hash_ctx(&s->internal->write_hash);
540
541 ssl_cert_free(s->cert);
542
543 free(s->tlsext_hostname);
544 SSL_CTX_free(s->initial_ctx);
545
546 free(s->internal->tlsext_ecpointformatlist);
547 free(s->internal->tlsext_supportedgroups);
548
549 sk_X509_EXTENSION_pop_free(s->internal->tlsext_ocsp_exts,
550 X509_EXTENSION_free);
551 sk_OCSP_RESPID_pop_free(s->internal->tlsext_ocsp_ids, OCSP_RESPID_free);
552 free(s->internal->tlsext_ocsp_resp);
553
554 sk_X509_NAME_pop_free(s->internal->client_CA, X509_NAME_free);
555
556 if (s->method != NULL)
557 s->method->internal->ssl_free(s);
558
559 SSL_CTX_free(s->ctx);
560
561 free(s->internal->alpn_client_proto_list);
562
563 #ifndef OPENSSL_NO_SRTP
564 sk_SRTP_PROTECTION_PROFILE_free(s->internal->srtp_profiles);
565 #endif
566
567 free(s->internal);
568 free(s);
569 }
570
571 int
572 SSL_up_ref(SSL *s)
573 {
574 int refs = CRYPTO_add(&s->references, 1, CRYPTO_LOCK_SSL);
575 return (refs > 1) ? 1 : 0;
576 }
577
578 void
579 SSL_set_bio(SSL *s, BIO *rbio, BIO *wbio)
580 {
581 /* If the output buffering BIO is still in place, remove it */
582 if (s->bbio != NULL) {
583 if (s->wbio == s->bbio) {
584 s->wbio = s->wbio->next_bio;
585 s->bbio->next_bio = NULL;
586 }
587 }
588
589 if (s->rbio != rbio && s->rbio != s->wbio)
590 BIO_free_all(s->rbio);
591 if (s->wbio != wbio)
592 BIO_free_all(s->wbio);
593 s->rbio = rbio;
594 s->wbio = wbio;
595 }
596
597 BIO *
598 SSL_get_rbio(const SSL *s)
599 {
600 return (s->rbio);
601 }
602
603 BIO *
604 SSL_get_wbio(const SSL *s)
605 {
606 return (s->wbio);
607 }
608
609 int
610 SSL_get_fd(const SSL *s)
611 {
612 return (SSL_get_rfd(s));
613 }
614
615 int
616 SSL_get_rfd(const SSL *s)
617 {
618 int ret = -1;
619 BIO *b, *r;
620
621 b = SSL_get_rbio(s);
622 r = BIO_find_type(b, BIO_TYPE_DESCRIPTOR);
623 if (r != NULL)
624 BIO_get_fd(r, &ret);
625 return (ret);
626 }
627
628 int
629 SSL_get_wfd(const SSL *s)
630 {
631 int ret = -1;
632 BIO *b, *r;
633
634 b = SSL_get_wbio(s);
635 r = BIO_find_type(b, BIO_TYPE_DESCRIPTOR);
636 if (r != NULL)
637 BIO_get_fd(r, &ret);
638 return (ret);
639 }
640
641 int
642 SSL_set_fd(SSL *s, int fd)
643 {
644 int ret = 0;
645 BIO *bio = NULL;
646
647 bio = BIO_new(BIO_s_socket());
648
649 if (bio == NULL) {
650 SSLerror(s, ERR_R_BUF_LIB);
651 goto err;
652 }
653 BIO_set_fd(bio, fd, BIO_NOCLOSE);
654 SSL_set_bio(s, bio, bio);
655 ret = 1;
656 err:
657 return (ret);
658 }
659
660 int
661 SSL_set_wfd(SSL *s, int fd)
662 {
663 int ret = 0;
664 BIO *bio = NULL;
665
666 if ((s->rbio == NULL) || (BIO_method_type(s->rbio) != BIO_TYPE_SOCKET)
667 || ((int)BIO_get_fd(s->rbio, NULL) != fd)) {
668 bio = BIO_new(BIO_s_socket());
669
670 if (bio == NULL) {
671 SSLerror(s, ERR_R_BUF_LIB);
672 goto err;
673 }
674 BIO_set_fd(bio, fd, BIO_NOCLOSE);
675 SSL_set_bio(s, SSL_get_rbio(s), bio);
676 } else
677 SSL_set_bio(s, SSL_get_rbio(s), SSL_get_rbio(s));
678 ret = 1;
679 err:
680 return (ret);
681 }
682
683 int
684 SSL_set_rfd(SSL *s, int fd)
685 {
686 int ret = 0;
687 BIO *bio = NULL;
688
689 if ((s->wbio == NULL) || (BIO_method_type(s->wbio) != BIO_TYPE_SOCKET)
690 || ((int)BIO_get_fd(s->wbio, NULL) != fd)) {
691 bio = BIO_new(BIO_s_socket());
692
693 if (bio == NULL) {
694 SSLerror(s, ERR_R_BUF_LIB);
695 goto err;
696 }
697 BIO_set_fd(bio, fd, BIO_NOCLOSE);
698 SSL_set_bio(s, bio, SSL_get_wbio(s));
699 } else
700 SSL_set_bio(s, SSL_get_wbio(s), SSL_get_wbio(s));
701 ret = 1;
702 err:
703 return (ret);
704 }
705
706
707 /* return length of latest Finished message we sent, copy to 'buf' */
708 size_t
709 SSL_get_finished(const SSL *s, void *buf, size_t count)
710 {
711 size_t ret = 0;
712
713 if (s->s3 != NULL) {
714 ret = S3I(s)->tmp.finish_md_len;
715 if (count > ret)
716 count = ret;
717 memcpy(buf, S3I(s)->tmp.finish_md, count);
718 }
719 return (ret);
720 }
721
722 /* return length of latest Finished message we expected, copy to 'buf' */
723 size_t
724 SSL_get_peer_finished(const SSL *s, void *buf, size_t count)
725 {
726 size_t ret = 0;
727
728 if (s->s3 != NULL) {
729 ret = S3I(s)->tmp.peer_finish_md_len;
730 if (count > ret)
731 count = ret;
732 memcpy(buf, S3I(s)->tmp.peer_finish_md, count);
733 }
734 return (ret);
735 }
736
737
738 int
739 SSL_get_verify_mode(const SSL *s)
740 {
741 return (s->verify_mode);
742 }
743
744 int
745 SSL_get_verify_depth(const SSL *s)
746 {
747 return (X509_VERIFY_PARAM_get_depth(s->param));
748 }
749
750 int
751 (*SSL_get_verify_callback(const SSL *s))(int, X509_STORE_CTX *)
752 {
753 return (s->internal->verify_callback);
754 }
755
756 int
757 SSL_CTX_get_verify_mode(const SSL_CTX *ctx)
758 {
759 return (ctx->verify_mode);
760 }
761
762 int
763 SSL_CTX_get_verify_depth(const SSL_CTX *ctx)
764 {
765 return (X509_VERIFY_PARAM_get_depth(ctx->param));
766 }
767
768 int
769 (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))(int, X509_STORE_CTX *)
770 {
771 return (ctx->internal->default_verify_callback);
772 }
773
774 void
775 SSL_set_verify(SSL *s, int mode,
776 int (*callback)(int ok, X509_STORE_CTX *ctx))
777 {
778 s->verify_mode = mode;
779 if (callback != NULL)
780 s->internal->verify_callback = callback;
781 }
782
783 void
784 SSL_set_verify_depth(SSL *s, int depth)
785 {
786 X509_VERIFY_PARAM_set_depth(s->param, depth);
787 }
788
789 void
790 SSL_set_read_ahead(SSL *s, int yes)
791 {
792 s->internal->read_ahead = yes;
793 }
794
795 int
796 SSL_get_read_ahead(const SSL *s)
797 {
798 return (s->internal->read_ahead);
799 }
800
801 int
802 SSL_pending(const SSL *s)
803 {
804 /*
805 * SSL_pending cannot work properly if read-ahead is enabled
806 * (SSL_[CTX_]ctrl(..., SSL_CTRL_SET_READ_AHEAD, 1, NULL)),
807 * and it is impossible to fix since SSL_pending cannot report
808 * errors that may be observed while scanning the new data.
809 * (Note that SSL_pending() is often used as a boolean value,
810 * so we'd better not return -1.)
811 */
812 return (s->method->internal->ssl_pending(s));
813 }
814
815 X509 *
816 SSL_get_peer_certificate(const SSL *s)
817 {
818 X509 *r;
819
820 if ((s == NULL) || (s->session == NULL))
821 r = NULL;
822 else
823 r = s->session->peer;
824
825 if (r == NULL)
826 return (r);
827
828 CRYPTO_add(&r->references, 1, CRYPTO_LOCK_X509);
829
830 return (r);
831 }
832
833 STACK_OF(X509) *
834 SSL_get_peer_cert_chain(const SSL *s)
835 {
836 STACK_OF(X509) *r;
837
838 if ((s == NULL) || (s->session == NULL) ||
839 (SSI(s)->sess_cert == NULL))
840 r = NULL;
841 else
842 r = SSI(s)->sess_cert->cert_chain;
843
844 /*
845 * If we are a client, cert_chain includes the peer's own
846 * certificate;
847 * if we are a server, it does not.
848 */
849 return (r);
850 }
851
852 /*
853 * Now in theory, since the calling process own 't' it should be safe to
854 * modify. We need to be able to read f without being hassled
855 */
856 void
857 SSL_copy_session_id(SSL *t, const SSL *f)
858 {
859 CERT *tmp;
860
861 /* Do we need to to SSL locking? */
862 SSL_set_session(t, SSL_get_session(f));
863
864 /*
865 * What if we are setup as SSLv2 but want to talk SSLv3 or
866 * vice-versa.
867 */
868 if (t->method != f->method) {
869 t->method->internal->ssl_free(t); /* cleanup current */
870 t->method = f->method; /* change method */
871 t->method->internal->ssl_new(t); /* setup new */
872 }
873
874 tmp = t->cert;
875 if (f->cert != NULL) {
876 CRYPTO_add(&f->cert->references, 1, CRYPTO_LOCK_SSL_CERT);
877 t->cert = f->cert;
878 } else
879 t->cert = NULL;
880 ssl_cert_free(tmp);
881 SSL_set_session_id_context(t, f->sid_ctx, f->sid_ctx_length);
882 }
883
884 /* Fix this so it checks all the valid key/cert options */
885 int
886 SSL_CTX_check_private_key(const SSL_CTX *ctx)
887 {
888 if ((ctx == NULL) || (ctx->internal->cert == NULL) ||
889 (ctx->internal->cert->key->x509 == NULL)) {
890 SSLerrorx(SSL_R_NO_CERTIFICATE_ASSIGNED);
891 return (0);
892 }
893 if (ctx->internal->cert->key->privatekey == NULL) {
894 SSLerrorx(SSL_R_NO_PRIVATE_KEY_ASSIGNED);
895 return (0);
896 }
897 return (X509_check_private_key(ctx->internal->cert->key->x509,
898 ctx->internal->cert->key->privatekey));
899 }
900
901 /* Fix this function so that it takes an optional type parameter */
902 int
903 SSL_check_private_key(const SSL *ssl)
904 {
905 if (ssl == NULL) {
906 SSLerrorx(ERR_R_PASSED_NULL_PARAMETER);
907 return (0);
908 }
909 if (ssl->cert == NULL) {
910 SSLerror(ssl, SSL_R_NO_CERTIFICATE_ASSIGNED);
911 return (0);
912 }
913 if (ssl->cert->key->x509 == NULL) {
914 SSLerror(ssl, SSL_R_NO_CERTIFICATE_ASSIGNED);
915 return (0);
916 }
917 if (ssl->cert->key->privatekey == NULL) {
918 SSLerror(ssl, SSL_R_NO_PRIVATE_KEY_ASSIGNED);
919 return (0);
920 }
921 return (X509_check_private_key(ssl->cert->key->x509,
922 ssl->cert->key->privatekey));
923 }
924
925 int
926 SSL_accept(SSL *s)
927 {
928 if (s->internal->handshake_func == NULL)
929 SSL_set_accept_state(s); /* Not properly initialized yet */
930
931 return (s->method->internal->ssl_accept(s));
932 }
933
934 int
935 SSL_connect(SSL *s)
936 {
937 if (s->internal->handshake_func == NULL)
938 SSL_set_connect_state(s); /* Not properly initialized yet */
939
940 return (s->method->internal->ssl_connect(s));
941 }
942
943 int
944 SSL_is_server(const SSL *s)
945 {
946 return s->server;
947 }
948
949 long
950 SSL_get_default_timeout(const SSL *s)
951 {
952 return (s->method->internal->get_timeout());
953 }
954
955 int
956 SSL_read(SSL *s, void *buf, int num)
957 {
958 if (s->internal->handshake_func == NULL) {
959 SSLerror(s, SSL_R_UNINITIALIZED);
960 return (-1);
961 }
962
963 if (s->internal->shutdown & SSL_RECEIVED_SHUTDOWN) {
964 s->internal->rwstate = SSL_NOTHING;
965 return (0);
966 }
967 return (s->method->internal->ssl_read(s, buf, num));
968 }
969
970 int
971 SSL_peek(SSL *s, void *buf, int num)
972 {
973 if (s->internal->handshake_func == NULL) {
974 SSLerror(s, SSL_R_UNINITIALIZED);
975 return (-1);
976 }
977
978 if (s->internal->shutdown & SSL_RECEIVED_SHUTDOWN) {
979 return (0);
980 }
981 return (s->method->internal->ssl_peek(s, buf, num));
982 }
983
984 int
985 SSL_write(SSL *s, const void *buf, int num)
986 {
987 if (s->internal->handshake_func == NULL) {
988 SSLerror(s, SSL_R_UNINITIALIZED);
989 return (-1);
990 }
991
992 if (s->internal->shutdown & SSL_SENT_SHUTDOWN) {
993 s->internal->rwstate = SSL_NOTHING;
994 SSLerror(s, SSL_R_PROTOCOL_IS_SHUTDOWN);
995 return (-1);
996 }
997 return (s->method->internal->ssl_write(s, buf, num));
998 }
999
1000 int
1001 SSL_shutdown(SSL *s)
1002 {
1003 /*
1004 * Note that this function behaves differently from what one might
1005 * expect. Return values are 0 for no success (yet),
1006 * 1 for success; but calling it once is usually not enough,
1007 * even if blocking I/O is used (see ssl3_shutdown).
1008 */
1009
1010 if (s->internal->handshake_func == NULL) {
1011 SSLerror(s, SSL_R_UNINITIALIZED);
1012 return (-1);
1013 }
1014
1015 if ((s != NULL) && !SSL_in_init(s))
1016 return (s->method->internal->ssl_shutdown(s));
1017 else
1018 return (1);
1019 }
1020
1021 int
1022 SSL_renegotiate(SSL *s)
1023 {
1024 if (s->internal->renegotiate == 0)
1025 s->internal->renegotiate = 1;
1026
1027 s->internal->new_session = 1;
1028
1029 return (s->method->internal->ssl_renegotiate(s));
1030 }
1031
1032 int
1033 SSL_renegotiate_abbreviated(SSL *s)
1034 {
1035 if (s->internal->renegotiate == 0)
1036 s->internal->renegotiate = 1;
1037
1038 s->internal->new_session = 0;
1039
1040 return (s->method->internal->ssl_renegotiate(s));
1041 }
1042
1043 int
1044 SSL_renegotiate_pending(SSL *s)
1045 {
1046 /*
1047 * Becomes true when negotiation is requested;
1048 * false again once a handshake has finished.
1049 */
1050 return (s->internal->renegotiate != 0);
1051 }
1052
1053 long
1054 SSL_ctrl(SSL *s, int cmd, long larg, void *parg)
1055 {
1056 long l;
1057
1058 switch (cmd) {
1059 case SSL_CTRL_GET_READ_AHEAD:
1060 return (s->internal->read_ahead);
1061 case SSL_CTRL_SET_READ_AHEAD:
1062 l = s->internal->read_ahead;
1063 s->internal->read_ahead = larg;
1064 return (l);
1065
1066 case SSL_CTRL_SET_MSG_CALLBACK_ARG:
1067 s->internal->msg_callback_arg = parg;
1068 return (1);
1069
1070 case SSL_CTRL_OPTIONS:
1071 return (s->internal->options|=larg);
1072 case SSL_CTRL_CLEAR_OPTIONS:
1073 return (s->internal->options&=~larg);
1074 case SSL_CTRL_MODE:
1075 return (s->internal->mode|=larg);
1076 case SSL_CTRL_CLEAR_MODE:
1077 return (s->internal->mode &=~larg);
1078 case SSL_CTRL_GET_MAX_CERT_LIST:
1079 return (s->internal->max_cert_list);
1080 case SSL_CTRL_SET_MAX_CERT_LIST:
1081 l = s->internal->max_cert_list;
1082 s->internal->max_cert_list = larg;
1083 return (l);
1084 case SSL_CTRL_SET_MTU:
1085 #ifndef OPENSSL_NO_DTLS1
1086 if (larg < (long)dtls1_min_mtu())
1087 return (0);
1088 #endif
1089 if (SSL_IS_DTLS(s)) {
1090 D1I(s)->mtu = larg;
1091 return (larg);
1092 }
1093 return (0);
1094 case SSL_CTRL_SET_MAX_SEND_FRAGMENT:
1095 if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH)
1096 return (0);
1097 s->max_send_fragment = larg;
1098 return (1);
1099 case SSL_CTRL_GET_RI_SUPPORT:
1100 if (s->s3)
1101 return (S3I(s)->send_connection_binding);
1102 else return (0);
1103 default:
1104 if (SSL_IS_DTLS(s))
1105 return dtls1_ctrl(s, cmd, larg, parg);
1106 return ssl3_ctrl(s, cmd, larg, parg);
1107 }
1108 }
1109
1110 long
1111 SSL_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
1112 {
1113 switch (cmd) {
1114 case SSL_CTRL_SET_MSG_CALLBACK:
1115 s->internal->msg_callback = (void (*)(int write_p, int version,
1116 int content_type, const void *buf, size_t len,
1117 SSL *ssl, void *arg))(fp);
1118 return (1);
1119
1120 default:
1121 return (ssl3_callback_ctrl(s, cmd, fp));
1122 }
1123 }
1124
1125 struct lhash_st_SSL_SESSION *
1126 SSL_CTX_sessions(SSL_CTX *ctx)
1127 {
1128 return (ctx->internal->sessions);
1129 }
1130
1131 long
1132 SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
1133 {
1134 long l;
1135
1136 switch (cmd) {
1137 case SSL_CTRL_GET_READ_AHEAD:
1138 return (ctx->internal->read_ahead);
1139 case SSL_CTRL_SET_READ_AHEAD:
1140 l = ctx->internal->read_ahead;
1141 ctx->internal->read_ahead = larg;
1142 return (l);
1143
1144 case SSL_CTRL_SET_MSG_CALLBACK_ARG:
1145 ctx->internal->msg_callback_arg = parg;
1146 return (1);
1147
1148 case SSL_CTRL_GET_MAX_CERT_LIST:
1149 return (ctx->internal->max_cert_list);
1150 case SSL_CTRL_SET_MAX_CERT_LIST:
1151 l = ctx->internal->max_cert_list;
1152 ctx->internal->max_cert_list = larg;
1153 return (l);
1154
1155 case SSL_CTRL_SET_SESS_CACHE_SIZE:
1156 l = ctx->internal->session_cache_size;
1157 ctx->internal->session_cache_size = larg;
1158 return (l);
1159 case SSL_CTRL_GET_SESS_CACHE_SIZE:
1160 return (ctx->internal->session_cache_size);
1161 case SSL_CTRL_SET_SESS_CACHE_MODE:
1162 l = ctx->internal->session_cache_mode;
1163 ctx->internal->session_cache_mode = larg;
1164 return (l);
1165 case SSL_CTRL_GET_SESS_CACHE_MODE:
1166 return (ctx->internal->session_cache_mode);
1167
1168 case SSL_CTRL_SESS_NUMBER:
1169 return (lh_SSL_SESSION_num_items(ctx->internal->sessions));
1170 case SSL_CTRL_SESS_CONNECT:
1171 return (ctx->internal->stats.sess_connect);
1172 case SSL_CTRL_SESS_CONNECT_GOOD:
1173 return (ctx->internal->stats.sess_connect_good);
1174 case SSL_CTRL_SESS_CONNECT_RENEGOTIATE:
1175 return (ctx->internal->stats.sess_connect_renegotiate);
1176 case SSL_CTRL_SESS_ACCEPT:
1177 return (ctx->internal->stats.sess_accept);
1178 case SSL_CTRL_SESS_ACCEPT_GOOD:
1179 return (ctx->internal->stats.sess_accept_good);
1180 case SSL_CTRL_SESS_ACCEPT_RENEGOTIATE:
1181 return (ctx->internal->stats.sess_accept_renegotiate);
1182 case SSL_CTRL_SESS_HIT:
1183 return (ctx->internal->stats.sess_hit);
1184 case SSL_CTRL_SESS_CB_HIT:
1185 return (ctx->internal->stats.sess_cb_hit);
1186 case SSL_CTRL_SESS_MISSES:
1187 return (ctx->internal->stats.sess_miss);
1188 case SSL_CTRL_SESS_TIMEOUTS:
1189 return (ctx->internal->stats.sess_timeout);
1190 case SSL_CTRL_SESS_CACHE_FULL:
1191 return (ctx->internal->stats.sess_cache_full);
1192 case SSL_CTRL_OPTIONS:
1193 return (ctx->internal->options|=larg);
1194 case SSL_CTRL_CLEAR_OPTIONS:
1195 return (ctx->internal->options&=~larg);
1196 case SSL_CTRL_MODE:
1197 return (ctx->internal->mode|=larg);
1198 case SSL_CTRL_CLEAR_MODE:
1199 return (ctx->internal->mode&=~larg);
1200 case SSL_CTRL_SET_MAX_SEND_FRAGMENT:
1201 if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH)
1202 return (0);
1203 ctx->internal->max_send_fragment = larg;
1204 return (1);
1205 default:
1206 return (ssl3_ctx_ctrl(ctx, cmd, larg, parg));
1207 }
1208 }
1209
1210 long
1211 SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
1212 {
1213 switch (cmd) {
1214 case SSL_CTRL_SET_MSG_CALLBACK:
1215 ctx->internal->msg_callback = (void (*)(int write_p, int version,
1216 int content_type, const void *buf, size_t len, SSL *ssl,
1217 void *arg))(fp);
1218 return (1);
1219
1220 default:
1221 return (ssl3_ctx_callback_ctrl(ctx, cmd, fp));
1222 }
1223 }
1224
1225 int
1226 ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b)
1227 {
1228 long l;
1229
1230 l = a->id - b->id;
1231 if (l == 0L)
1232 return (0);
1233 else
1234 return ((l > 0) ? 1:-1);
1235 }
1236
1237 int
1238 ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap,
1239 const SSL_CIPHER * const *bp)
1240 {
1241 long l;
1242
1243 l = (*ap)->id - (*bp)->id;
1244 if (l == 0L)
1245 return (0);
1246 else
1247 return ((l > 0) ? 1:-1);
1248 }
1249
1250 /*
1251 * Return a STACK of the ciphers available for the SSL and in order of
1252 * preference.
1253 */
1254 STACK_OF(SSL_CIPHER) *
1255 SSL_get_ciphers(const SSL *s)
1256 {
1257 if (s != NULL) {
1258 if (s->cipher_list != NULL) {
1259 return (s->cipher_list);
1260 } else if ((s->ctx != NULL) && (s->ctx->cipher_list != NULL)) {
1261 return (s->ctx->cipher_list);
1262 }
1263 }
1264 return (NULL);
1265 }
1266
1267 /*
1268 * Return a STACK of the ciphers available for the SSL and in order of
1269 * algorithm id.
1270 */
1271 STACK_OF(SSL_CIPHER) *
1272 ssl_get_ciphers_by_id(SSL *s)
1273 {
1274 if (s != NULL) {
1275 if (s->internal->cipher_list_by_id != NULL) {
1276 return (s->internal->cipher_list_by_id);
1277 } else if ((s->ctx != NULL) &&
1278 (s->ctx->internal->cipher_list_by_id != NULL)) {
1279 return (s->ctx->internal->cipher_list_by_id);
1280 }
1281 }
1282 return (NULL);
1283 }
1284
1285 /* See if we have any ECC cipher suites. */
1286 int
1287 ssl_has_ecc_ciphers(SSL *s)
1288 {
1289 STACK_OF(SSL_CIPHER) *ciphers;
1290 unsigned long alg_k, alg_a;
1291 SSL_CIPHER *cipher;
1292 int i;
1293
1294 if (s->version == DTLS1_VERSION)
1295 return 0;
1296 if ((ciphers = SSL_get_ciphers(s)) == NULL)
1297 return 0;
1298
1299 for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
1300 cipher = sk_SSL_CIPHER_value(ciphers, i);
1301
1302 alg_k = cipher->algorithm_mkey;
1303 alg_a = cipher->algorithm_auth;
1304
1305 if ((alg_k & SSL_kECDHE) || (alg_a & SSL_aECDSA))
1306 return 1;
1307 }
1308
1309 return 0;
1310 }
1311
1312 /* The old interface to get the same thing as SSL_get_ciphers(). */
1313 const char *
1314 SSL_get_cipher_list(const SSL *s, int n)
1315 {
1316 SSL_CIPHER *c;
1317 STACK_OF(SSL_CIPHER) *sk;
1318
1319 if (s == NULL)
1320 return (NULL);
1321 sk = SSL_get_ciphers(s);
1322 if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= n))
1323 return (NULL);
1324 c = sk_SSL_CIPHER_value(sk, n);
1325 if (c == NULL)
1326 return (NULL);
1327 return (c->name);
1328 }
1329
1330 STACK_OF(SSL_CIPHER) *
1331 SSL_CTX_get_ciphers(const SSL_CTX *ctx)
1332 {
1333 return ctx->cipher_list;
1334 }
1335
1336 /* Specify the ciphers to be used by default by the SSL_CTX. */
1337 int
1338 SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str)
1339 {
1340 STACK_OF(SSL_CIPHER) *sk;
1341
1342 sk = ssl_create_cipher_list(ctx->method, &ctx->cipher_list,
1343 &ctx->internal->cipher_list_by_id, str);
1344 /*
1345 * ssl_create_cipher_list may return an empty stack if it
1346 * was unable to find a cipher matching the given rule string
1347 * (for example if the rule string specifies a cipher which
1348 * has been disabled). This is not an error as far as
1349 * ssl_create_cipher_list is concerned, and hence
1350 * ctx->cipher_list and ctx->internal->cipher_list_by_id has been
1351 * updated.
1352 */
1353 if (sk == NULL)
1354 return (0);
1355 else if (sk_SSL_CIPHER_num(sk) == 0) {
1356 SSLerrorx(SSL_R_NO_CIPHER_MATCH);
1357 return (0);
1358 }
1359 return (1);
1360 }
1361
1362 /* Specify the ciphers to be used by the SSL. */
1363 int
1364 SSL_set_cipher_list(SSL *s, const char *str)
1365 {
1366 STACK_OF(SSL_CIPHER) *sk;
1367
1368 sk = ssl_create_cipher_list(s->ctx->method, &s->cipher_list,
1369 &s->internal->cipher_list_by_id, str);
1370 /* see comment in SSL_CTX_set_cipher_list */
1371 if (sk == NULL)
1372 return (0);
1373 else if (sk_SSL_CIPHER_num(sk) == 0) {
1374 SSLerror(s, SSL_R_NO_CIPHER_MATCH);
1375 return (0);
1376 }
1377 return (1);
1378 }
1379
1380 /* works well for SSLv2, not so good for SSLv3 */
1381 char *
1382 SSL_get_shared_ciphers(const SSL *s, char *buf, int len)
1383 {
1384 char *end;
1385 STACK_OF(SSL_CIPHER) *sk;
1386 SSL_CIPHER *c;
1387 size_t curlen = 0;
1388 int i;
1389
1390 if (s->session == NULL || s->session->ciphers == NULL || len < 2)
1391 return (NULL);
1392
1393 sk = s->session->ciphers;
1394 if (sk_SSL_CIPHER_num(sk) == 0)
1395 return (NULL);
1396
1397 buf[0] = '\0';
1398 for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
1399 c = sk_SSL_CIPHER_value(sk, i);
1400 end = buf + curlen;
1401 if (strlcat(buf, c->name, len) >= len ||
1402 (curlen = strlcat(buf, ":", len)) >= len) {
1403 /* remove truncated cipher from list */
1404 *end = '\0';
1405 break;
1406 }
1407 }
1408 /* remove trailing colon */
1409 if ((end = strrchr(buf, ':')) != NULL)
1410 *end = '\0';
1411 return (buf);
1412 }
1413
1414 int
1415 ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *ciphers, CBB *cbb)
1416 {
1417 SSL_CIPHER *cipher;
1418 int num_ciphers = 0;
1419 int i;
1420
1421 if (ciphers == NULL)
1422 return 0;
1423
1424 for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
1425 if ((cipher = sk_SSL_CIPHER_value(ciphers, i)) == NULL)
1426 return 0;
1427
1428 /* Skip TLS v1.2 only ciphersuites if lower than v1.2 */
1429 if ((cipher->algorithm_ssl & SSL_TLSV1_2) &&
1430 (TLS1_get_client_version(s) < TLS1_2_VERSION))
1431 continue;
1432
1433 if (!CBB_add_u16(cbb, ssl3_cipher_get_value(cipher)))
1434 return 0;
1435
1436 num_ciphers++;
1437 }
1438
1439 /* Add SCSV if there are other ciphers and we're not renegotiating. */
1440 if (num_ciphers > 0 && !s->internal->renegotiate) {
1441 if (!CBB_add_u16(cbb, SSL3_CK_SCSV & SSL3_CK_VALUE_MASK))
1442 return 0;
1443 }
1444
1445 if (!CBB_flush(cbb))
1446 return 0;
1447
1448 return 1;
1449 }
1450
1451 STACK_OF(SSL_CIPHER) *
1452 ssl_bytes_to_cipher_list(SSL *s, CBS *cbs)
1453 {
1454 STACK_OF(SSL_CIPHER) *ciphers = NULL;
1455 const SSL_CIPHER *cipher;
1456 uint16_t cipher_value, max_version;
1457 unsigned long cipher_id;
1458
1459 if (s->s3 != NULL)
1460 S3I(s)->send_connection_binding = 0;
1461
1462 if ((ciphers = sk_SSL_CIPHER_new_null()) == NULL) {
1463 SSLerror(s, ERR_R_MALLOC_FAILURE);
1464 goto err;
1465 }
1466
1467 while (CBS_len(cbs) > 0) {
1468 if (!CBS_get_u16(cbs, &cipher_value)) {
1469 SSLerror(s, SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
1470 goto err;
1471 }
1472
1473 cipher_id = SSL3_CK_ID | cipher_value;
1474
1475 if (s->s3 != NULL && cipher_id == SSL3_CK_SCSV) {
1476 /*
1477 * TLS_EMPTY_RENEGOTIATION_INFO_SCSV is fatal if
1478 * renegotiating.
1479 */
1480 if (s->internal->renegotiate) {
1481 SSLerror(s, SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING);
1482 ssl3_send_alert(s, SSL3_AL_FATAL,
1483 SSL_AD_HANDSHAKE_FAILURE);
1484
1485 goto err;
1486 }
1487 S3I(s)->send_connection_binding = 1;
1488 continue;
1489 }
1490
1491 if (cipher_id == SSL3_CK_FALLBACK_SCSV) {
1492 /*
1493 * TLS_FALLBACK_SCSV indicates that the client
1494 * previously tried a higher protocol version.
1495 * Fail if the current version is an unexpected
1496 * downgrade.
1497 */
1498 max_version = ssl_max_server_version(s);
1499 if (max_version == 0 || s->version < max_version) {
1500 SSLerror(s, SSL_R_INAPPROPRIATE_FALLBACK);
1501 if (s->s3 != NULL)
1502 ssl3_send_alert(s, SSL3_AL_FATAL,
1503 SSL_AD_INAPPROPRIATE_FALLBACK);
1504 goto err;
1505 }
1506 continue;
1507 }
1508
1509 if ((cipher = ssl3_get_cipher_by_value(cipher_value)) != NULL) {
1510 if (!sk_SSL_CIPHER_push(ciphers, cipher)) {
1511 SSLerror(s, ERR_R_MALLOC_FAILURE);
1512 goto err;
1513 }
1514 }
1515 }
1516
1517 return (ciphers);
1518
1519 err:
1520 sk_SSL_CIPHER_free(ciphers);
1521
1522 return (NULL);
1523 }
1524
1525
1526 /*
1527 * Return a servername extension value if provided in Client Hello, or NULL.
1528 * So far, only host_name types are defined (RFC 3546).
1529 */
1530 const char *
1531 SSL_get_servername(const SSL *s, const int type)
1532 {
1533 if (type != TLSEXT_NAMETYPE_host_name)
1534 return (NULL);
1535
1536 return (s->session && !s->tlsext_hostname ?
1537 s->session->tlsext_hostname :
1538 s->tlsext_hostname);
1539 }
1540
1541 int
1542 SSL_get_servername_type(const SSL *s)
1543 {
1544 if (s->session &&
1545 (!s->tlsext_hostname ?
1546 s->session->tlsext_hostname : s->tlsext_hostname))
1547 return (TLSEXT_NAMETYPE_host_name);
1548 return (-1);
1549 }
1550
1551 /*
1552 * SSL_select_next_proto implements standard protocol selection. It is
1553 * expected that this function is called from the callback set by
1554 * SSL_CTX_set_alpn_select_cb.
1555 *
1556 * The protocol data is assumed to be a vector of 8-bit, length prefixed byte
1557 * strings. The length byte itself is not included in the length. A byte
1558 * string of length 0 is invalid. No byte string may be truncated.
1559 *
1560 * It returns either:
1561 * OPENSSL_NPN_NEGOTIATED if a common protocol was found, or
1562 * OPENSSL_NPN_NO_OVERLAP if the fallback case was reached.
1563 */
1564 int
1565 SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
1566 const unsigned char *server, unsigned int server_len,
1567 const unsigned char *client, unsigned int client_len)
1568 {
1569 unsigned int i, j;
1570 const unsigned char *result;
1571 int status = OPENSSL_NPN_UNSUPPORTED;
1572
1573 /*
1574 * For each protocol in server preference order,
1575 * see if we support it.
1576 */
1577 for (i = 0; i < server_len; ) {
1578 for (j = 0; j < client_len; ) {
1579 if (server[i] == client[j] &&
1580 memcmp(&server[i + 1],
1581 &client[j + 1], server[i]) == 0) {
1582 /* We found a match */
1583 result = &server[i];
1584 status = OPENSSL_NPN_NEGOTIATED;
1585 goto found;
1586 }
1587 j += client[j];
1588 j++;
1589 }
1590 i += server[i];
1591 i++;
1592 }
1593
1594 /* There's no overlap between our protocols and the server's list. */
1595 result = client;
1596 status = OPENSSL_NPN_NO_OVERLAP;
1597
1598 found:
1599 *out = (unsigned char *) result + 1;
1600 *outlen = result[0];
1601 return (status);
1602 }
1603
1604 /* SSL_get0_next_proto_negotiated is deprecated. */
1605 void
1606 SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data,
1607 unsigned *len)
1608 {
1609 *data = NULL;
1610 *len = 0;
1611 }
1612
1613 /* SSL_CTX_set_next_protos_advertised_cb is deprecated. */
1614 void
1615 SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *ctx, int (*cb) (SSL *ssl,
1616 const unsigned char **out, unsigned int *outlen, void *arg), void *arg)
1617 {
1618 }
1619
1620 /* SSL_CTX_set_next_proto_select_cb is deprecated. */
1621 void
1622 SSL_CTX_set_next_proto_select_cb(SSL_CTX *ctx, int (*cb) (SSL *s,
1623 unsigned char **out, unsigned char *outlen, const unsigned char *in,
1624 unsigned int inlen, void *arg), void *arg)
1625 {
1626 }
1627
1628 /*
1629 * SSL_CTX_set_alpn_protos sets the ALPN protocol list to the specified
1630 * protocols, which must be in wire-format (i.e. a series of non-empty,
1631 * 8-bit length-prefixed strings). Returns 0 on success.
1632 */
1633 int
1634 SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos,
1635 unsigned int protos_len)
1636 {
1637 int failed = 1;
1638
1639 if (protos == NULL || protos_len == 0)
1640 goto err;
1641
1642 free(ctx->internal->alpn_client_proto_list);
1643 ctx->internal->alpn_client_proto_list = NULL;
1644 ctx->internal->alpn_client_proto_list_len = 0;
1645
1646 if ((ctx->internal->alpn_client_proto_list = malloc(protos_len))
1647 == NULL)
1648 goto err;
1649 ctx->internal->alpn_client_proto_list_len = protos_len;
1650
1651 memcpy(ctx->internal->alpn_client_proto_list, protos, protos_len);
1652
1653 failed = 0;
1654
1655 err:
1656 /* NOTE: Return values are the reverse of what you expect. */
1657 return (failed);
1658 }
1659
1660 /*
1661 * SSL_set_alpn_protos sets the ALPN protocol list to the specified
1662 * protocols, which must be in wire-format (i.e. a series of non-empty,
1663 * 8-bit length-prefixed strings). Returns 0 on success.
1664 */
1665 int
1666 SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos,
1667 unsigned int protos_len)
1668 {
1669 int failed = 1;
1670
1671 if (protos == NULL || protos_len == 0)
1672 goto err;
1673
1674 free(ssl->internal->alpn_client_proto_list);
1675 ssl->internal->alpn_client_proto_list = NULL;
1676 ssl->internal->alpn_client_proto_list_len = 0;
1677
1678 if ((ssl->internal->alpn_client_proto_list = malloc(protos_len))
1679 == NULL)
1680 goto err;
1681 ssl->internal->alpn_client_proto_list_len = protos_len;
1682
1683 memcpy(ssl->internal->alpn_client_proto_list, protos, protos_len);
1684
1685 failed = 0;
1686
1687 err:
1688 /* NOTE: Return values are the reverse of what you expect. */
1689 return (failed);
1690 }
1691
1692 /*
1693 * SSL_CTX_set_alpn_select_cb sets a callback function that is called during
1694 * ClientHello processing in order to select an ALPN protocol from the
1695 * client's list of offered protocols.
1696 */
1697 void
1698 SSL_CTX_set_alpn_select_cb(SSL_CTX* ctx,
1699 int (*cb) (SSL *ssl, const unsigned char **out, unsigned char *outlen,
1700 const unsigned char *in, unsigned int inlen, void *arg), void *arg)
1701 {
1702 ctx->internal->alpn_select_cb = cb;
1703 ctx->internal->alpn_select_cb_arg = arg;
1704 }
1705
1706 /*
1707 * SSL_get0_alpn_selected gets the selected ALPN protocol (if any). On return
1708 * it sets data to point to len bytes of protocol name (not including the
1709 * leading length-prefix byte). If the server didn't respond with* a negotiated
1710 * protocol then len will be zero.
1711 */
1712 void
1713 SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
1714 unsigned *len)
1715 {
1716 *data = NULL;
1717 *len = 0;
1718
1719 if (ssl->s3 != NULL) {
1720 *data = ssl->s3->internal->alpn_selected;
1721 *len = ssl->s3->internal->alpn_selected_len;
1722 }
1723 }
1724
1725 int
1726 SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
1727 const char *label, size_t llen, const unsigned char *p, size_t plen,
1728 int use_context)
1729 {
1730 return (tls1_export_keying_material(s, out, olen,
1731 label, llen, p, plen, use_context));
1732 }
1733
1734 static unsigned long
1735 ssl_session_hash(const SSL_SESSION *a)
1736 {
1737 unsigned long l;
1738
1739 l = (unsigned long)
1740 ((unsigned int) a->session_id[0] )|
1741 ((unsigned int) a->session_id[1]<< 8L)|
1742 ((unsigned long)a->session_id[2]<<16L)|
1743 ((unsigned long)a->session_id[3]<<24L);
1744 return (l);
1745 }
1746
1747 /*
1748 * NB: If this function (or indeed the hash function which uses a sort of
1749 * coarser function than this one) is changed, ensure
1750 * SSL_CTX_has_matching_session_id() is checked accordingly. It relies on being
1751 * able to construct an SSL_SESSION that will collide with any existing session
1752 * with a matching session ID.
1753 */
1754 static int
1755 ssl_session_cmp(const SSL_SESSION *a, const SSL_SESSION *b)
1756 {
1757 if (a->ssl_version != b->ssl_version)
1758 return (1);
1759 if (a->session_id_length != b->session_id_length)
1760 return (1);
1761 if (timingsafe_memcmp(a->session_id, b->session_id, a->session_id_length) != 0)
1762 return (1);
1763 return (0);
1764 }
1765
1766 /*
1767 * These wrapper functions should remain rather than redeclaring
1768 * SSL_SESSION_hash and SSL_SESSION_cmp for void* types and casting each
1769 * variable. The reason is that the functions aren't static, they're exposed via
1770 * ssl.h.
1771 */
1772 static unsigned long
1773 ssl_session_LHASH_HASH(const void *arg)
1774 {
1775 const SSL_SESSION *a = arg;
1776
1777 return ssl_session_hash(a);
1778 }
1779
1780 static int
1781 ssl_session_LHASH_COMP(const void *arg1, const void *arg2)
1782 {
1783 const SSL_SESSION *a = arg1;
1784 const SSL_SESSION *b = arg2;
1785
1786 return ssl_session_cmp(a, b);
1787 }
1788
1789 SSL_CTX *
1790 SSL_CTX_new(const SSL_METHOD *meth)
1791 {
1792 SSL_CTX *ret;
1793
1794 if (!OPENSSL_init_ssl(0, NULL)) {
1795 SSLerrorx(SSL_R_LIBRARY_BUG);
1796 return (NULL);
1797 }
1798
1799 if (meth == NULL) {
1800 SSLerrorx(SSL_R_NULL_SSL_METHOD_PASSED);
1801 return (NULL);
1802 }
1803
1804 if ((ret = calloc(1, sizeof(*ret))) == NULL) {
1805 SSLerrorx(ERR_R_MALLOC_FAILURE);
1806 return (NULL);
1807 }
1808 if ((ret->internal = calloc(1, sizeof(*ret->internal))) == NULL) {
1809 free(ret);
1810 SSLerrorx(ERR_R_MALLOC_FAILURE);
1811 return (NULL);
1812 }
1813
1814 if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0) {
1815 SSLerrorx(SSL_R_X509_VERIFICATION_SETUP_PROBLEMS);
1816 goto err;
1817 }
1818
1819 ret->method = meth;
1820 ret->internal->min_version = meth->internal->min_version;
1821 ret->internal->max_version = meth->internal->max_version;
1822
1823 ret->cert_store = NULL;
1824 ret->internal->session_cache_mode = SSL_SESS_CACHE_SERVER;
1825 ret->internal->session_cache_size = SSL_SESSION_CACHE_MAX_SIZE_DEFAULT;
1826 ret->internal->session_cache_head = NULL;
1827 ret->internal->session_cache_tail = NULL;
1828
1829 /* We take the system default */
1830 ret->session_timeout = meth->internal->get_timeout();
1831
1832 ret->internal->new_session_cb = 0;
1833 ret->internal->remove_session_cb = 0;
1834 ret->internal->get_session_cb = 0;
1835 ret->internal->generate_session_id = 0;
1836
1837 memset((char *)&ret->internal->stats, 0, sizeof(ret->internal->stats));
1838
1839 ret->references = 1;
1840 ret->internal->quiet_shutdown = 0;
1841
1842 ret->internal->info_callback = NULL;
1843
1844 ret->internal->app_verify_callback = 0;
1845 ret->internal->app_verify_arg = NULL;
1846
1847 ret->internal->max_cert_list = SSL_MAX_CERT_LIST_DEFAULT;
1848 ret->internal->read_ahead = 0;
1849 ret->internal->msg_callback = 0;
1850 ret->internal->msg_callback_arg = NULL;
1851 ret->verify_mode = SSL_VERIFY_NONE;
1852 ret->sid_ctx_length = 0;
1853 ret->internal->default_verify_callback = NULL;
1854 if ((ret->internal->cert = ssl_cert_new()) == NULL)
1855 goto err;
1856
1857 ret->default_passwd_callback = 0;
1858 ret->default_passwd_callback_userdata = NULL;
1859 ret->internal->client_cert_cb = 0;
1860 ret->internal->app_gen_cookie_cb = 0;
1861 ret->internal->app_verify_cookie_cb = 0;
1862
1863 ret->internal->sessions = lh_SSL_SESSION_new();
1864 if (ret->internal->sessions == NULL)
1865 goto err;
1866 ret->cert_store = X509_STORE_new();
1867 if (ret->cert_store == NULL)
1868 goto err;
1869
1870 ssl_create_cipher_list(ret->method, &ret->cipher_list,
1871 &ret->internal->cipher_list_by_id, SSL_DEFAULT_CIPHER_LIST);
1872 if (ret->cipher_list == NULL ||
1873 sk_SSL_CIPHER_num(ret->cipher_list) <= 0) {
1874 SSLerrorx(SSL_R_LIBRARY_HAS_NO_CIPHERS);
1875 goto err2;
1876 }
1877
1878 ret->param = X509_VERIFY_PARAM_new();
1879 if (!ret->param)
1880 goto err;
1881
1882 if ((ret->internal->client_CA = sk_X509_NAME_new_null()) == NULL)
1883 goto err;
1884
1885 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ret, &ret->internal->ex_data);
1886
1887 ret->extra_certs = NULL;
1888
1889 ret->internal->max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH;
1890
1891 ret->internal->tlsext_servername_callback = 0;
1892 ret->internal->tlsext_servername_arg = NULL;
1893
1894 /* Setup RFC4507 ticket keys */
1895 arc4random_buf(ret->internal->tlsext_tick_key_name, 16);
1896 arc4random_buf(ret->internal->tlsext_tick_hmac_key, 16);
1897 arc4random_buf(ret->internal->tlsext_tick_aes_key, 16);
1898
1899 ret->internal->tlsext_status_cb = 0;
1900 ret->internal->tlsext_status_arg = NULL;
1901
1902 #ifndef OPENSSL_NO_ENGINE
1903 ret->internal->client_cert_engine = NULL;
1904 #ifdef OPENSSL_SSL_CLIENT_ENGINE_AUTO
1905 #define eng_strx(x) #x
1906 #define eng_str(x) eng_strx(x)
1907 /* Use specific client engine automatically... ignore errors */
1908 {
1909 ENGINE *eng;
1910 eng = ENGINE_by_id(eng_str(OPENSSL_SSL_CLIENT_ENGINE_AUTO));
1911 if (!eng) {
1912 ERR_clear_error();
1913 ENGINE_load_builtin_engines();
1914 eng = ENGINE_by_id(eng_str(
1915 OPENSSL_SSL_CLIENT_ENGINE_AUTO));
1916 }
1917 if (!eng || !SSL_CTX_set_client_cert_engine(ret, eng))
1918 ERR_clear_error();
1919 }
1920 #endif
1921 #endif
1922 /*
1923 * Default is to connect to non-RI servers. When RI is more widely
1924 * deployed might change this.
1925 */
1926 ret->internal->options |= SSL_OP_LEGACY_SERVER_CONNECT;
1927
1928 return (ret);
1929 err:
1930 SSLerrorx(ERR_R_MALLOC_FAILURE);
1931 err2:
1932 SSL_CTX_free(ret);
1933 return (NULL);
1934 }
1935
1936 void
1937 SSL_CTX_free(SSL_CTX *ctx)
1938 {
1939 int i;
1940
1941 if (ctx == NULL)
1942 return;
1943
1944 i = CRYPTO_add(&ctx->references, -1, CRYPTO_LOCK_SSL_CTX);
1945 if (i > 0)
1946 return;
1947
1948 X509_VERIFY_PARAM_free(ctx->param);
1949
1950 /*
1951 * Free internal session cache. However: the remove_cb() may reference
1952 * the ex_data of SSL_CTX, thus the ex_data store can only be removed
1953 * after the sessions were flushed.
1954 * As the ex_data handling routines might also touch the session cache,
1955 * the most secure solution seems to be: empty (flush) the cache, then
1956 * free ex_data, then finally free the cache.
1957 * (See ticket [openssl.org #212].)
1958 */
1959 if (ctx->internal->sessions != NULL)
1960 SSL_CTX_flush_sessions(ctx, 0);
1961
1962 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ctx, &ctx->internal->ex_data);
1963
1964 lh_SSL_SESSION_free(ctx->internal->sessions);
1965
1966 X509_STORE_free(ctx->cert_store);
1967 sk_SSL_CIPHER_free(ctx->cipher_list);
1968 sk_SSL_CIPHER_free(ctx->internal->cipher_list_by_id);
1969 ssl_cert_free(ctx->internal->cert);
1970 sk_X509_NAME_pop_free(ctx->internal->client_CA, X509_NAME_free);
1971 sk_X509_pop_free(ctx->extra_certs, X509_free);
1972
1973 #ifndef OPENSSL_NO_SRTP
1974 if (ctx->internal->srtp_profiles)
1975 sk_SRTP_PROTECTION_PROFILE_free(ctx->internal->srtp_profiles);
1976 #endif
1977
1978 #ifndef OPENSSL_NO_ENGINE
1979 if (ctx->internal->client_cert_engine)
1980 ENGINE_finish(ctx->internal->client_cert_engine);
1981 #endif
1982
1983 free(ctx->internal->tlsext_ecpointformatlist);
1984 free(ctx->internal->tlsext_supportedgroups);
1985
1986 free(ctx->internal->alpn_client_proto_list);
1987
1988 free(ctx->internal);
1989 free(ctx);
1990 }
1991
1992 int
1993 SSL_CTX_up_ref(SSL_CTX *ctx)
1994 {
1995 int refs = CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
1996 return ((refs > 1) ? 1 : 0);
1997 }
1998
1999 pem_password_cb *
2000 SSL_CTX_get_default_passwd_cb(SSL_CTX *ctx)
2001 {
2002 return (ctx->default_passwd_callback);
2003 }
2004
2005 void
2006 SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb)
2007 {
2008 ctx->default_passwd_callback = cb;
2009 }
2010
2011 void *
2012 SSL_CTX_get_default_passwd_cb_userdata(SSL_CTX *ctx)
2013 {
2014 return ctx->default_passwd_callback_userdata;
2015 }
2016
2017 void
2018 SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u)
2019 {
2020 ctx->default_passwd_callback_userdata = u;
2021 }
2022
2023 void
2024 SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, int (*cb)(X509_STORE_CTX *,
2025 void *), void *arg)
2026 {
2027 ctx->internal->app_verify_callback = cb;
2028 ctx->internal->app_verify_arg = arg;
2029 }
2030
2031 void
2032 SSL_CTX_set_verify(SSL_CTX *ctx, int mode, int (*cb)(int, X509_STORE_CTX *))
2033 {
2034 ctx->verify_mode = mode;
2035 ctx->internal->default_verify_callback = cb;
2036 }
2037
2038 void
2039 SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth)
2040 {
2041 X509_VERIFY_PARAM_set_depth(ctx->param, depth);
2042 }
2043
2044 void
2045 ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
2046 {
2047 int rsa_enc, rsa_sign, dh_tmp;
2048 int have_ecc_cert;
2049 unsigned long mask_k, mask_a;
2050 X509 *x = NULL;
2051 CERT_PKEY *cpk;
2052
2053 if (c == NULL)
2054 return;
2055
2056 dh_tmp = (c->dh_tmp != NULL || c->dh_tmp_cb != NULL ||
2057 c->dh_tmp_auto != 0);
2058
2059 cpk = &(c->pkeys[SSL_PKEY_RSA_ENC]);
2060 rsa_enc = (cpk->x509 != NULL && cpk->privatekey != NULL);
2061 cpk = &(c->pkeys[SSL_PKEY_RSA_SIGN]);
2062 rsa_sign = (cpk->x509 != NULL && cpk->privatekey != NULL);
2063 cpk = &(c->pkeys[SSL_PKEY_ECC]);
2064 have_ecc_cert = (cpk->x509 != NULL && cpk->privatekey != NULL);
2065
2066 mask_k = 0;
2067 mask_a = 0;
2068
2069 cpk = &(c->pkeys[SSL_PKEY_GOST01]);
2070 if (cpk->x509 != NULL && cpk->privatekey !=NULL) {
2071 mask_k |= SSL_kGOST;
2072 mask_a |= SSL_aGOST01;
2073 }
2074
2075 if (rsa_enc)
2076 mask_k |= SSL_kRSA;
2077
2078 if (dh_tmp)
2079 mask_k |= SSL_kDHE;
2080
2081 if (rsa_enc || rsa_sign)
2082 mask_a |= SSL_aRSA;
2083
2084 mask_a |= SSL_aNULL;
2085
2086 /*
2087 * An ECC certificate may be usable for ECDH and/or
2088 * ECDSA cipher suites depending on the key usage extension.
2089 */
2090 if (have_ecc_cert) {
2091 x = (c->pkeys[SSL_PKEY_ECC]).x509;
2092
2093 /* This call populates extension flags (ex_flags). */
2094 X509_check_purpose(x, -1, 0);
2095
2096 /* Key usage, if present, must allow signing. */
2097 if ((x->ex_flags & EXFLAG_KUSAGE) == 0 ||
2098 (x->ex_kusage & X509v3_KU_DIGITAL_SIGNATURE))
2099 mask_a |= SSL_aECDSA;
2100 }
2101
2102 mask_k |= SSL_kECDHE;
2103
2104 c->mask_k = mask_k;
2105 c->mask_a = mask_a;
2106 c->valid = 1;
2107 }
2108
2109 /* See if this handshake is using an ECC cipher suite. */
2110 int
2111 ssl_using_ecc_cipher(SSL *s)
2112 {
2113 unsigned long alg_a, alg_k;
2114
2115 alg_a = S3I(s)->hs.new_cipher->algorithm_auth;
2116 alg_k = S3I(s)->hs.new_cipher->algorithm_mkey;
2117
2118 return SSI(s)->tlsext_ecpointformatlist != NULL &&
2119 SSI(s)->tlsext_ecpointformatlist_length > 0 &&
2120 ((alg_k & SSL_kECDHE) || (alg_a & SSL_aECDSA));
2121 }
2122
2123 int
2124 ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
2125 {
2126 const SSL_CIPHER *cs = S3I(s)->hs.new_cipher;
2127 unsigned long alg_a;
2128
2129 alg_a = cs->algorithm_auth;
2130
2131 if (alg_a & SSL_aECDSA) {
2132 /* This call populates extension flags (ex_flags). */
2133 X509_check_purpose(x, -1, 0);
2134
2135 /* Key usage, if present, must allow signing. */
2136 if ((x->ex_flags & EXFLAG_KUSAGE) &&
2137 ((x->ex_kusage & X509v3_KU_DIGITAL_SIGNATURE) == 0)) {
2138 SSLerror(s, SSL_R_ECC_CERT_NOT_FOR_SIGNING);
2139 return (0);
2140 }
2141 }
2142
2143 return (1);
2144 }
2145
2146 CERT_PKEY *
2147 ssl_get_server_send_pkey(const SSL *s)
2148 {
2149 unsigned long alg_a;
2150 CERT *c;
2151 int i;
2152
2153 c = s->cert;
2154 ssl_set_cert_masks(c, S3I(s)->hs.new_cipher);
2155
2156 alg_a = S3I(s)->hs.new_cipher->algorithm_auth;
2157
2158 if (alg_a & SSL_aECDSA) {
2159 i = SSL_PKEY_ECC;
2160 } else if (alg_a & SSL_aRSA) {
2161 if (c->pkeys[SSL_PKEY_RSA_ENC].x509 == NULL)
2162 i = SSL_PKEY_RSA_SIGN;
2163 else
2164 i = SSL_PKEY_RSA_ENC;
2165 } else if (alg_a & SSL_aGOST01) {
2166 i = SSL_PKEY_GOST01;
2167 } else { /* if (alg_a & SSL_aNULL) */
2168 SSLerror(s, ERR_R_INTERNAL_ERROR);
2169 return (NULL);
2170 }
2171
2172 return (c->pkeys + i);
2173 }
2174
2175 X509 *
2176 ssl_get_server_send_cert(const SSL *s)
2177 {
2178 CERT_PKEY *cpk;
2179
2180 cpk = ssl_get_server_send_pkey(s);
2181 if (!cpk)
2182 return (NULL);
2183 return (cpk->x509);
2184 }
2185
2186 EVP_PKEY *
2187 ssl_get_sign_pkey(SSL *s, const SSL_CIPHER *cipher, const EVP_MD **pmd)
2188 {
2189 unsigned long alg_a;
2190 CERT *c;
2191 int idx = -1;
2192
2193 alg_a = cipher->algorithm_auth;
2194 c = s->cert;
2195
2196 if (alg_a & SSL_aRSA) {
2197 if (c->pkeys[SSL_PKEY_RSA_SIGN].privatekey != NULL)
2198 idx = SSL_PKEY_RSA_SIGN;
2199 else if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey != NULL)
2200 idx = SSL_PKEY_RSA_ENC;
2201 } else if ((alg_a & SSL_aECDSA) &&
2202 (c->pkeys[SSL_PKEY_ECC].privatekey != NULL))
2203 idx = SSL_PKEY_ECC;
2204 if (idx == -1) {
2205 SSLerror(s, ERR_R_INTERNAL_ERROR);
2206 return (NULL);
2207 }
2208 if (pmd)
2209 *pmd = c->pkeys[idx].digest;
2210 return (c->pkeys[idx].privatekey);
2211 }
2212
2213 DH *
2214 ssl_get_auto_dh(SSL *s)
2215 {
2216 CERT_PKEY *cpk;
2217 int keylen;
2218 DH *dhp;
2219
2220 if (s->cert->dh_tmp_auto == 2) {
2221 keylen = 1024;
2222 } else if (S3I(s)->hs.new_cipher->algorithm_auth & SSL_aNULL) {
2223 keylen = 1024;
2224 if (S3I(s)->hs.new_cipher->strength_bits == 256)
2225 keylen = 3072;
2226 } else {
2227 if ((cpk = ssl_get_server_send_pkey(s)) == NULL)
2228 return (NULL);
2229 if (cpk->privatekey == NULL || cpk->privatekey->pkey.dh == NULL)
2230 return (NULL);
2231 keylen = EVP_PKEY_bits(cpk->privatekey);
2232 }
2233
2234 if ((dhp = DH_new()) == NULL)
2235 return (NULL);
2236
2237 dhp->g = BN_new();
2238 if (dhp->g != NULL)
2239 BN_set_word(dhp->g, 2);
2240
2241 if (keylen >= 8192)
2242 dhp->p = get_rfc3526_prime_8192(NULL);
2243 else if (keylen >= 4096)
2244 dhp->p = get_rfc3526_prime_4096(NULL);
2245 else if (keylen >= 3072)
2246 dhp->p = get_rfc3526_prime_3072(NULL);
2247 else if (keylen >= 2048)
2248 dhp->p = get_rfc3526_prime_2048(NULL);
2249 else if (keylen >= 1536)
2250 dhp->p = get_rfc3526_prime_1536(NULL);
2251 else
2252 dhp->p = get_rfc2409_prime_1024(NULL);
2253
2254 if (dhp->p == NULL || dhp->g == NULL) {
2255 DH_free(dhp);
2256 return (NULL);
2257 }
2258 return (dhp);
2259 }
2260
2261 void
2262 ssl_update_cache(SSL *s, int mode)
2263 {
2264 int i;
2265
2266 /*
2267 * If the session_id_length is 0, we are not supposed to cache it,
2268 * and it would be rather hard to do anyway :-)
2269 */
2270 if (s->session->session_id_length == 0)
2271 return;
2272
2273 i = s->session_ctx->internal->session_cache_mode;
2274 if ((i & mode) && (!s->internal->hit) && ((i & SSL_SESS_CACHE_NO_INTERNAL_STORE)
2275 || SSL_CTX_add_session(s->session_ctx, s->session))
2276 && (s->session_ctx->internal->new_session_cb != NULL)) {
2277 CRYPTO_add(&s->session->references, 1, CRYPTO_LOCK_SSL_SESSION);
2278 if (!s->session_ctx->internal->new_session_cb(s, s->session))
2279 SSL_SESSION_free(s->session);
2280 }
2281
2282 /* auto flush every 255 connections */
2283 if ((!(i & SSL_SESS_CACHE_NO_AUTO_CLEAR)) &&
2284 ((i & mode) == mode)) {
2285 if ((((mode & SSL_SESS_CACHE_CLIENT) ?
2286 s->session_ctx->internal->stats.sess_connect_good :
2287 s->session_ctx->internal->stats.sess_accept_good) & 0xff) == 0xff) {
2288 SSL_CTX_flush_sessions(s->session_ctx, time(NULL));
2289 }
2290 }
2291 }
2292
2293 const SSL_METHOD *
2294 SSL_get_ssl_method(SSL *s)
2295 {
2296 return (s->method);
2297 }
2298
2299 int
2300 SSL_set_ssl_method(SSL *s, const SSL_METHOD *meth)
2301 {
2302 int conn = -1;
2303 int ret = 1;
2304
2305 if (s->method != meth) {
2306 if (s->internal->handshake_func != NULL)
2307 conn = (s->internal->handshake_func == s->method->internal->ssl_connect);
2308
2309 if (s->method->internal->version == meth->internal->version)
2310 s->method = meth;
2311 else {
2312 s->method->internal->ssl_free(s);
2313 s->method = meth;
2314 ret = s->method->internal->ssl_new(s);
2315 }
2316
2317 if (conn == 1)
2318 s->internal->handshake_func = meth->internal->ssl_connect;
2319 else if (conn == 0)
2320 s->internal->handshake_func = meth->internal->ssl_accept;
2321 }
2322 return (ret);
2323 }
2324
2325 int
2326 SSL_get_error(const SSL *s, int i)
2327 {
2328 int reason;
2329 unsigned long l;
2330 BIO *bio;
2331
2332 if (i > 0)
2333 return (SSL_ERROR_NONE);
2334
2335 /* Make things return SSL_ERROR_SYSCALL when doing SSL_do_handshake
2336 * etc, where we do encode the error */
2337 if ((l = ERR_peek_error()) != 0) {
2338 if (ERR_GET_LIB(l) == ERR_LIB_SYS)
2339 return (SSL_ERROR_SYSCALL);
2340 else
2341 return (SSL_ERROR_SSL);
2342 }
2343
2344 if ((i < 0) && SSL_want_read(s)) {
2345 bio = SSL_get_rbio(s);
2346 if (BIO_should_read(bio)) {
2347 return (SSL_ERROR_WANT_READ);
2348 } else if (BIO_should_write(bio)) {
2349 /*
2350 * This one doesn't make too much sense... We never
2351 * try to write to the rbio, and an application
2352 * program where rbio and wbio are separate couldn't
2353 * even know what it should wait for. However if we
2354 * ever set s->internal->rwstate incorrectly (so that we have
2355 * SSL_want_read(s) instead of SSL_want_write(s))
2356 * and rbio and wbio *are* the same, this test works
2357 * around that bug; so it might be safer to keep it.
2358 */
2359 return (SSL_ERROR_WANT_WRITE);
2360 } else if (BIO_should_io_special(bio)) {
2361 reason = BIO_get_retry_reason(bio);
2362 if (reason == BIO_RR_CONNECT)
2363 return (SSL_ERROR_WANT_CONNECT);
2364 else if (reason == BIO_RR_ACCEPT)
2365 return (SSL_ERROR_WANT_ACCEPT);
2366 else
2367 return (SSL_ERROR_SYSCALL); /* unknown */
2368 }
2369 }
2370
2371 if ((i < 0) && SSL_want_write(s)) {
2372 bio = SSL_get_wbio(s);
2373 if (BIO_should_write(bio)) {
2374 return (SSL_ERROR_WANT_WRITE);
2375 } else if (BIO_should_read(bio)) {
2376 /*
2377 * See above (SSL_want_read(s) with
2378 * BIO_should_write(bio))
2379 */
2380 return (SSL_ERROR_WANT_READ);
2381 } else if (BIO_should_io_special(bio)) {
2382 reason = BIO_get_retry_reason(bio);
2383 if (reason == BIO_RR_CONNECT)
2384 return (SSL_ERROR_WANT_CONNECT);
2385 else if (reason == BIO_RR_ACCEPT)
2386 return (SSL_ERROR_WANT_ACCEPT);
2387 else
2388 return (SSL_ERROR_SYSCALL);
2389 }
2390 }
2391 if ((i < 0) && SSL_want_x509_lookup(s)) {
2392 return (SSL_ERROR_WANT_X509_LOOKUP);
2393 }
2394
2395 if (i == 0) {
2396 if ((s->internal->shutdown & SSL_RECEIVED_SHUTDOWN) &&
2397 (S3I(s)->warn_alert == SSL_AD_CLOSE_NOTIFY))
2398 return (SSL_ERROR_ZERO_RETURN);
2399 }
2400 return (SSL_ERROR_SYSCALL);
2401 }
2402
2403 int
2404 SSL_do_handshake(SSL *s)
2405 {
2406 int ret = 1;
2407
2408 if (s->internal->handshake_func == NULL) {
2409 SSLerror(s, SSL_R_CONNECTION_TYPE_NOT_SET);
2410 return (-1);
2411 }
2412
2413 s->method->internal->ssl_renegotiate_check(s);
2414
2415 if (SSL_in_init(s) || SSL_in_before(s)) {
2416 ret = s->internal->handshake_func(s);
2417 }
2418 return (ret);
2419 }
2420
2421 /*
2422 * For the next 2 functions, SSL_clear() sets shutdown and so
2423 * one of these calls will reset it
2424 */
2425 void
2426 SSL_set_accept_state(SSL *s)
2427 {
2428 s->server = 1;
2429 s->internal->shutdown = 0;
2430 S3I(s)->hs.state = SSL_ST_ACCEPT|SSL_ST_BEFORE;
2431 s->internal->handshake_func = s->method->internal->ssl_accept;
2432 /* clear the current cipher */
2433 ssl_clear_cipher_ctx(s);
2434 ssl_clear_hash_ctx(&s->read_hash);
2435 ssl_clear_hash_ctx(&s->internal->write_hash);
2436 }
2437
2438 void
2439 SSL_set_connect_state(SSL *s)
2440 {
2441 s->server = 0;
2442 s->internal->shutdown = 0;
2443 S3I(s)->hs.state = SSL_ST_CONNECT|SSL_ST_BEFORE;
2444 s->internal->handshake_func = s->method->internal->ssl_connect;
2445 /* clear the current cipher */
2446 ssl_clear_cipher_ctx(s);
2447 ssl_clear_hash_ctx(&s->read_hash);
2448 ssl_clear_hash_ctx(&s->internal->write_hash);
2449 }
2450
2451 int
2452 ssl_undefined_function(SSL *s)
2453 {
2454 SSLerror(s, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2455 return (0);
2456 }
2457
2458 int
2459 ssl_undefined_void_function(void)
2460 {
2461 SSLerrorx(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2462 return (0);
2463 }
2464
2465 int
2466 ssl_undefined_const_function(const SSL *s)
2467 {
2468 SSLerror(s, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2469 return (0);
2470 }
2471
2472 const char *
2473 ssl_version_string(int ver)
2474 {
2475 switch (ver) {
2476 case DTLS1_VERSION:
2477 return (SSL_TXT_DTLS1);
2478 case TLS1_VERSION:
2479 return (SSL_TXT_TLSV1);
2480 case TLS1_1_VERSION:
2481 return (SSL_TXT_TLSV1_1);
2482 case TLS1_2_VERSION:
2483 return (SSL_TXT_TLSV1_2);
2484 default:
2485 return ("unknown");
2486 }
2487 }
2488
2489 const char *
2490 SSL_get_version(const SSL *s)
2491 {
2492 return ssl_version_string(s->version);
2493 }
2494
2495 SSL *
2496 SSL_dup(SSL *s)
2497 {
2498 STACK_OF(X509_NAME) *sk;
2499 X509_NAME *xn;
2500 SSL *ret;
2501 int i;
2502
2503 if ((ret = SSL_new(SSL_get_SSL_CTX(s))) == NULL)
2504 return (NULL);
2505
2506 ret->version = s->version;
2507 ret->internal->type = s->internal->type;
2508 ret->method = s->method;
2509
2510 if (s->session != NULL) {
2511 /* This copies session-id, SSL_METHOD, sid_ctx, and 'cert' */
2512 SSL_copy_session_id(ret, s);
2513 } else {
2514 /*
2515 * No session has been established yet, so we have to expect
2516 * that s->cert or ret->cert will be changed later --
2517 * they should not both point to the same object,
2518 * and thus we can't use SSL_copy_session_id.
2519 */
2520
2521 ret->method->internal->ssl_free(ret);
2522 ret->method = s->method;
2523 ret->method->internal->ssl_new(ret);
2524
2525 if (s->cert != NULL) {
2526 ssl_cert_free(ret->cert);
2527 ret->cert = ssl_cert_dup(s->cert);
2528 if (ret->cert == NULL)
2529 goto err;
2530 }
2531
2532 SSL_set_session_id_context(ret,
2533 s->sid_ctx, s->sid_ctx_length);
2534 }
2535
2536 ret->internal->options = s->internal->options;
2537 ret->internal->mode = s->internal->mode;
2538 SSL_set_max_cert_list(ret, SSL_get_max_cert_list(s));
2539 SSL_set_read_ahead(ret, SSL_get_read_ahead(s));
2540 ret->internal->msg_callback = s->internal->msg_callback;
2541 ret->internal->msg_callback_arg = s->internal->msg_callback_arg;
2542 SSL_set_verify(ret, SSL_get_verify_mode(s),
2543 SSL_get_verify_callback(s));
2544 SSL_set_verify_depth(ret, SSL_get_verify_depth(s));
2545 ret->internal->generate_session_id = s->internal->generate_session_id;
2546
2547 SSL_set_info_callback(ret, SSL_get_info_callback(s));
2548
2549 ret->internal->debug = s->internal->debug;
2550
2551 /* copy app data, a little dangerous perhaps */
2552 if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL,
2553 &ret->internal->ex_data, &s->internal->ex_data))
2554 goto err;
2555
2556 /* setup rbio, and wbio */
2557 if (s->rbio != NULL) {
2558 if (!BIO_dup_state(s->rbio,(char *)&ret->rbio))
2559 goto err;
2560 }
2561 if (s->wbio != NULL) {
2562 if (s->wbio != s->rbio) {
2563 if (!BIO_dup_state(s->wbio,(char *)&ret->wbio))
2564 goto err;
2565 } else
2566 ret->wbio = ret->rbio;
2567 }
2568 ret->internal->rwstate = s->internal->rwstate;
2569 ret->internal->in_handshake = s->internal->in_handshake;
2570 ret->internal->handshake_func = s->internal->handshake_func;
2571 ret->server = s->server;
2572 ret->internal->renegotiate = s->internal->renegotiate;
2573 ret->internal->new_session = s->internal->new_session;
2574 ret->internal->quiet_shutdown = s->internal->quiet_shutdown;
2575 ret->internal->shutdown = s->internal->shutdown;
2576 /* SSL_dup does not really work at any state, though */
2577 S3I(ret)->hs.state = S3I(s)->hs.state;
2578 ret->internal->rstate = s->internal->rstate;
2579
2580 /*
2581 * Would have to copy ret->init_buf, ret->init_msg, ret->init_num,
2582 * ret->init_off
2583 */
2584 ret->internal->init_num = 0;
2585
2586 ret->internal->hit = s->internal->hit;
2587
2588 X509_VERIFY_PARAM_inherit(ret->param, s->param);
2589
2590 /* dup the cipher_list and cipher_list_by_id stacks */
2591 if (s->cipher_list != NULL) {
2592 if ((ret->cipher_list =
2593 sk_SSL_CIPHER_dup(s->cipher_list)) == NULL)
2594 goto err;
2595 }
2596 if (s->internal->cipher_list_by_id != NULL) {
2597 if ((ret->internal->cipher_list_by_id =
2598 sk_SSL_CIPHER_dup(s->internal->cipher_list_by_id)) == NULL)
2599 goto err;
2600 }
2601
2602 /* Dup the client_CA list */
2603 if (s->internal->client_CA != NULL) {
2604 if ((sk = sk_X509_NAME_dup(s->internal->client_CA)) == NULL) goto err;
2605 ret->internal->client_CA = sk;
2606 for (i = 0; i < sk_X509_NAME_num(sk); i++) {
2607 xn = sk_X509_NAME_value(sk, i);
2608 if (sk_X509_NAME_set(sk, i,
2609 X509_NAME_dup(xn)) == NULL) {
2610 X509_NAME_free(xn);
2611 goto err;
2612 }
2613 }
2614 }
2615
2616 if (0) {
2617 err:
2618 if (ret != NULL)
2619 SSL_free(ret);
2620 ret = NULL;
2621 }
2622 return (ret);
2623 }
2624
2625 void
2626 ssl_clear_cipher_ctx(SSL *s)
2627 {
2628 EVP_CIPHER_CTX_free(s->enc_read_ctx);
2629 s->enc_read_ctx = NULL;
2630 EVP_CIPHER_CTX_free(s->internal->enc_write_ctx);
2631 s->internal->enc_write_ctx = NULL;
2632
2633 if (s->internal->aead_read_ctx != NULL) {
2634 EVP_AEAD_CTX_cleanup(&s->internal->aead_read_ctx->ctx);
2635 free(s->internal->aead_read_ctx);
2636 s->internal->aead_read_ctx = NULL;
2637 }
2638 if (s->internal->aead_write_ctx != NULL) {
2639 EVP_AEAD_CTX_cleanup(&s->internal->aead_write_ctx->ctx);
2640 free(s->internal->aead_write_ctx);
2641 s->internal->aead_write_ctx = NULL;
2642 }
2643
2644 }
2645
2646 /* Fix this function so that it takes an optional type parameter */
2647 X509 *
2648 SSL_get_certificate(const SSL *s)
2649 {
2650 if (s->cert != NULL)
2651 return (s->cert->key->x509);
2652 else
2653 return (NULL);
2654 }
2655
2656 /* Fix this function so that it takes an optional type parameter */
2657 EVP_PKEY *
2658 SSL_get_privatekey(SSL *s)
2659 {
2660 if (s->cert != NULL)
2661 return (s->cert->key->privatekey);
2662 else
2663 return (NULL);
2664 }
2665
2666 const SSL_CIPHER *
2667 SSL_get_current_cipher(const SSL *s)
2668 {
2669 if ((s->session != NULL) && (s->session->cipher != NULL))
2670 return (s->session->cipher);
2671 return (NULL);
2672 }
2673 const void *
2674 SSL_get_current_compression(SSL *s)
2675 {
2676 return (NULL);
2677 }
2678
2679 const void *
2680 SSL_get_current_expansion(SSL *s)
2681 {
2682 return (NULL);
2683 }
2684
2685 size_t
2686 SSL_get_client_random(const SSL *s, unsigned char *out, size_t max_out)
2687 {
2688 size_t len = sizeof(s->s3->client_random);
2689
2690 if (out == NULL)
2691 return len;
2692
2693 if (len > max_out)
2694 len = max_out;
2695
2696 memcpy(out, s->s3->client_random, len);
2697
2698 return len;
2699 }
2700
2701 size_t
2702 SSL_get_server_random(const SSL *s, unsigned char *out, size_t max_out)
2703 {
2704 size_t len = sizeof(s->s3->server_random);
2705
2706 if (out == NULL)
2707 return len;
2708
2709 if (len > max_out)
2710 len = max_out;
2711
2712 memcpy(out, s->s3->server_random, len);
2713
2714 return len;
2715 }
2716
2717 int
2718 ssl_init_wbio_buffer(SSL *s, int push)
2719 {
2720 BIO *bbio;
2721
2722 if (s->bbio == NULL) {
2723 bbio = BIO_new(BIO_f_buffer());
2724 if (bbio == NULL)
2725 return (0);
2726 s->bbio = bbio;
2727 } else {
2728 bbio = s->bbio;
2729 if (s->bbio == s->wbio)
2730 s->wbio = BIO_pop(s->wbio);
2731 }
2732 (void)BIO_reset(bbio);
2733 /* if (!BIO_set_write_buffer_size(bbio,16*1024)) */
2734 if (!BIO_set_read_buffer_size(bbio, 1)) {
2735 SSLerror(s, ERR_R_BUF_LIB);
2736 return (0);
2737 }
2738 if (push) {
2739 if (s->wbio != bbio)
2740 s->wbio = BIO_push(bbio, s->wbio);
2741 } else {
2742 if (s->wbio == bbio)
2743 s->wbio = BIO_pop(bbio);
2744 }
2745 return (1);
2746 }
2747
2748 void
2749 ssl_free_wbio_buffer(SSL *s)
2750 {
2751 if (s == NULL)
2752 return;
2753
2754 if (s->bbio == NULL)
2755 return;
2756
2757 if (s->bbio == s->wbio) {
2758 /* remove buffering */
2759 s->wbio = BIO_pop(s->wbio);
2760 }
2761 BIO_free(s->bbio);
2762 s->bbio = NULL;
2763 }
2764
2765 void
2766 SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode)
2767 {
2768 ctx->internal->quiet_shutdown = mode;
2769 }
2770
2771 int
2772 SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx)
2773 {
2774 return (ctx->internal->quiet_shutdown);
2775 }
2776
2777 void
2778 SSL_set_quiet_shutdown(SSL *s, int mode)
2779 {
2780 s->internal->quiet_shutdown = mode;
2781 }
2782
2783 int
2784 SSL_get_quiet_shutdown(const SSL *s)
2785 {
2786 return (s->internal->quiet_shutdown);
2787 }
2788
2789 void
2790 SSL_set_shutdown(SSL *s, int mode)
2791 {
2792 s->internal->shutdown = mode;
2793 }
2794
2795 int
2796 SSL_get_shutdown(const SSL *s)
2797 {
2798 return (s->internal->shutdown);
2799 }
2800
2801 int
2802 SSL_version(const SSL *s)
2803 {
2804 return (s->version);
2805 }
2806
2807 SSL_CTX *
2808 SSL_get_SSL_CTX(const SSL *ssl)
2809 {
2810 return (ssl->ctx);
2811 }
2812
2813 SSL_CTX *
2814 SSL_set_SSL_CTX(SSL *ssl, SSL_CTX* ctx)
2815 {
2816 CERT *ocert = ssl->cert;
2817
2818 if (ssl->ctx == ctx)
2819 return (ssl->ctx);
2820 if (ctx == NULL)
2821 ctx = ssl->initial_ctx;
2822 ssl->cert = ssl_cert_dup(ctx->internal->cert);
2823 if (ocert != NULL) {
2824 int i;
2825 /* Copy negotiated digests from original certificate. */
2826 for (i = 0; i < SSL_PKEY_NUM; i++)
2827 ssl->cert->pkeys[i].digest = ocert->pkeys[i].digest;
2828 ssl_cert_free(ocert);
2829 }
2830 CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
2831 SSL_CTX_free(ssl->ctx); /* decrement reference count */
2832 ssl->ctx = ctx;
2833 return (ssl->ctx);
2834 }
2835
2836 int
2837 SSL_CTX_set_default_verify_paths(SSL_CTX *ctx)
2838 {
2839 return (X509_STORE_set_default_paths(ctx->cert_store));
2840 }
2841
2842 int
2843 SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
2844 const char *CApath)
2845 {
2846 return (X509_STORE_load_locations(ctx->cert_store, CAfile, CApath));
2847 }
2848
2849 int
2850 SSL_CTX_load_verify_mem(SSL_CTX *ctx, void *buf, int len)
2851 {
2852 return (X509_STORE_load_mem(ctx->cert_store, buf, len));
2853 }
2854
2855 void
2856 SSL_set_info_callback(SSL *ssl, void (*cb)(const SSL *ssl, int type, int val))
2857 {
2858 ssl->internal->info_callback = cb;
2859 }
2860
2861 void (*SSL_get_info_callback(const SSL *ssl))(const SSL *ssl, int type, int val)
2862 {
2863 return (ssl->internal->info_callback);
2864 }
2865
2866 int
2867 SSL_state(const SSL *ssl)
2868 {
2869 return (S3I(ssl)->hs.state);
2870 }
2871
2872 void
2873 SSL_set_state(SSL *ssl, int state)
2874 {
2875 S3I(ssl)->hs.state = state;
2876 }
2877
2878 void
2879 SSL_set_verify_result(SSL *ssl, long arg)
2880 {
2881 ssl->verify_result = arg;
2882 }
2883
2884 long
2885 SSL_get_verify_result(const SSL *ssl)
2886 {
2887 return (ssl->verify_result);
2888 }
2889
2890 int
2891 SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
2892 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
2893 {
2894 return (CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL, argl, argp,
2895 new_func, dup_func, free_func));
2896 }
2897
2898 int
2899 SSL_set_ex_data(SSL *s, int idx, void *arg)
2900 {
2901 return (CRYPTO_set_ex_data(&s->internal->ex_data, idx, arg));
2902 }
2903
2904 void *
2905 SSL_get_ex_data(const SSL *s, int idx)
2906 {
2907 return (CRYPTO_get_ex_data(&s->internal->ex_data, idx));
2908 }
2909
2910 int
2911 SSL_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
2912 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
2913 {
2914 return (CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX, argl, argp,
2915 new_func, dup_func, free_func));
2916 }
2917
2918 int
2919 SSL_CTX_set_ex_data(SSL_CTX *s, int idx, void *arg)
2920 {
2921 return (CRYPTO_set_ex_data(&s->internal->ex_data, idx, arg));
2922 }
2923
2924 void *
2925 SSL_CTX_get_ex_data(const SSL_CTX *s, int idx)
2926 {
2927 return (CRYPTO_get_ex_data(&s->internal->ex_data, idx));
2928 }
2929
2930 int
2931 ssl_ok(SSL *s)
2932 {
2933 return (1);
2934 }
2935
2936 X509_STORE *
2937 SSL_CTX_get_cert_store(const SSL_CTX *ctx)
2938 {
2939 return (ctx->cert_store);
2940 }
2941
2942 void
2943 SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *store)
2944 {
2945 X509_STORE_free(ctx->cert_store);
2946 ctx->cert_store = store;
2947 }
2948
2949 X509 *
2950 SSL_CTX_get0_certificate(const SSL_CTX *ctx)
2951 {
2952 if (ctx->internal->cert == NULL)
2953 return NULL;
2954
2955 return ctx->internal->cert->key->x509;
2956 }
2957
2958 int
2959 SSL_want(const SSL *s)
2960 {
2961 return (s->internal->rwstate);
2962 }
2963
2964 void
2965 SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx, RSA *(*cb)(SSL *ssl, int is_export,
2966 int keylength))
2967 {
2968 SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_RSA_CB,(void (*)(void))cb);
2969 }
2970
2971 void
2972 SSL_set_tmp_rsa_callback(SSL *ssl, RSA *(*cb)(SSL *ssl, int is_export,
2973 int keylength))
2974 {
2975 SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_RSA_CB,(void (*)(void))cb);
2976 }
2977
2978 void
2979 SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx, DH *(*dh)(SSL *ssl, int is_export,
2980 int keylength))
2981 {
2982 SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_DH_CB,(void (*)(void))dh);
2983 }
2984
2985 void
2986 SSL_set_tmp_dh_callback(SSL *ssl, DH *(*dh)(SSL *ssl, int is_export,
2987 int keylength))
2988 {
2989 SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_DH_CB,(void (*)(void))dh);
2990 }
2991
2992 void
2993 SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx, EC_KEY *(*ecdh)(SSL *ssl,
2994 int is_export, int keylength))
2995 {
2996 SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_ECDH_CB,
2997 (void (*)(void))ecdh);
2998 }
2999
3000 void
3001 SSL_set_tmp_ecdh_callback(SSL *ssl, EC_KEY *(*ecdh)(SSL *ssl, int is_export,
3002 int keylength))
3003 {
3004 SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_ECDH_CB,(void (*)(void))ecdh);
3005 }
3006
3007
3008 void
3009 SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int version,
3010 int content_type, const void *buf, size_t len, SSL *ssl, void *arg))
3011 {
3012 SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_MSG_CALLBACK,
3013 (void (*)(void))cb);
3014 }
3015
3016 void
3017 SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version,
3018 int content_type, const void *buf, size_t len, SSL *ssl, void *arg))
3019 {
3020 SSL_callback_ctrl(ssl, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb);
3021 }
3022
3023 void
3024 ssl_clear_hash_ctx(EVP_MD_CTX **hash)
3025 {
3026 if (*hash)
3027 EVP_MD_CTX_destroy(*hash);
3028 *hash = NULL;
3029 }
3030
3031 void
3032 SSL_set_debug(SSL *s, int debug)
3033 {
3034 s->internal->debug = debug;
3035 }
3036
3037 int
3038 SSL_cache_hit(SSL *s)
3039 {
3040 return (s->internal->hit);
3041 }
3042
3043 int
3044 SSL_CTX_get_min_proto_version(SSL_CTX *ctx)
3045 {
3046 return ctx->internal->min_version;
3047 }
3048
3049 int
3050 SSL_CTX_set_min_proto_version(SSL_CTX *ctx, uint16_t version)
3051 {
3052 return ssl_version_set_min(ctx->method, version,
3053 ctx->internal->max_version, &ctx->internal->min_version);
3054 }
3055
3056 int
3057 SSL_CTX_get_max_proto_version(SSL_CTX *ctx)
3058 {
3059 return ctx->internal->max_version;
3060 }
3061
3062 int
3063 SSL_CTX_set_max_proto_version(SSL_CTX *ctx, uint16_t version)
3064 {
3065 return ssl_version_set_max(ctx->method, version,
3066 ctx->internal->min_version, &ctx->internal->max_version);
3067 }
3068
3069 int
3070 SSL_get_min_proto_version(SSL *ssl)
3071 {
3072 return ssl->internal->min_version;
3073 }
3074
3075 int
3076 SSL_set_min_proto_version(SSL *ssl, uint16_t version)
3077 {
3078 return ssl_version_set_min(ssl->method, version,
3079 ssl->internal->max_version, &ssl->internal->min_version);
3080 }
3081 int
3082 SSL_get_max_proto_version(SSL *ssl)
3083 {
3084 return ssl->internal->max_version;
3085 }
3086
3087 int
3088 SSL_set_max_proto_version(SSL *ssl, uint16_t version)
3089 {
3090 return ssl_version_set_max(ssl->method, version,
3091 ssl->internal->min_version, &ssl->internal->max_version);
3092 }
3093
3094 static int
3095 ssl_cipher_id_cmp_BSEARCH_CMP_FN(const void *a_, const void *b_)
3096 {
3097 SSL_CIPHER const *a = a_;
3098 SSL_CIPHER const *b = b_;
3099 return ssl_cipher_id_cmp(a, b);
3100 }
3101
3102 SSL_CIPHER *
3103 OBJ_bsearch_ssl_cipher_id(SSL_CIPHER *key, SSL_CIPHER const *base, int num)
3104 {
3105 return (SSL_CIPHER *)OBJ_bsearch_(key, base, num, sizeof(SSL_CIPHER),
3106 ssl_cipher_id_cmp_BSEARCH_CMP_FN);
3107 }
Unleashed OS