lib/libssl/t1_srvr.c

   1 /* $OpenBSD: t1_srvr.c,v 1.27 2018/08/30 16:56:16 jsing Exp $ */
   2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
   3  * All rights reserved.
   4  *
   5  * This package is an SSL implementation written
   6  * by Eric Young (eay@cryptsoft.com).
   7  * The implementation was written so as to conform with Netscapes SSL.
   8  *
   9  * This library is free for commercial and non-commercial use as long as
  10  * the following conditions are aheared to.  The following conditions
  11  * apply to all code found in this distribution, be it the RC4, RSA,
  12  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
  13  * included with this distribution is covered by the same copyright terms
  14  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
  15  *
  16  * Copyright remains Eric Young's, and as such any Copyright notices in
  17  * the code are not to be removed.
  18  * If this package is used in a product, Eric Young should be given attribution
  19  * as the author of the parts of the library used.
  20  * This can be in the form of a textual message at program startup or
  21  * in documentation (online or textual) provided with the package.
  22  *
  23  * Redistribution and use in source and binary forms, with or without
  24  * modification, are permitted provided that the following conditions
  25  * are met:
  26  * 1. Redistributions of source code must retain the copyright
  27  *    notice, this list of conditions and the following disclaimer.
  28  * 2. Redistributions in binary form must reproduce the above copyright
  29  *    notice, this list of conditions and the following disclaimer in the
  30  *    documentation and/or other materials provided with the distribution.
  31  * 3. All advertising materials mentioning features or use of this software
  32  *    must display the following acknowledgement:
  33  *    "This product includes cryptographic software written by
  34  *     Eric Young (eay@cryptsoft.com)"
  35  *    The word 'cryptographic' can be left out if the rouines from the library
  36  *    being used are not cryptographic related :-).
  37  * 4. If you include any Windows specific code (or a derivative thereof) from
  38  *    the apps directory (application code) you must include an acknowledgement:
  39  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
  40  *
  41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
  42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  44  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
  45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  51  * SUCH DAMAGE.
  52  *
  53  * The licence and distribution terms for any publically available version or
  54  * derivative of this code cannot be changed.  i.e. this code cannot simply be
  55  * copied and put under another distribution licence
  56  * [including the GNU Public Licence.]
  57  */
  58
  59 #include <stdio.h>
  60
  61 #include "ssl_locl.h"
  62
  63 #include <openssl/buffer.h>
  64 #include <openssl/evp.h>
  65 #include <openssl/objects.h>
  66 #include <openssl/x509.h>
  67
  68 static const SSL_METHOD_INTERNAL TLS_server_method_internal_data = {
  69         .version = TLS1_2_VERSION,
  70         .min_version = TLS1_VERSION,
  71         .max_version = TLS1_2_VERSION,
  72         .ssl_new = tls1_new,
  73         .ssl_clear = tls1_clear,
  74         .ssl_free = tls1_free,
  75         .ssl_accept = ssl3_accept,
  76         .ssl_connect = ssl_undefined_function,
  77         .get_ssl_method = tls1_get_server_method,
  78         .get_timeout = tls1_default_timeout,
  79         .ssl_version = ssl_undefined_void_function,
  80         .ssl_renegotiate = ssl_undefined_function,
  81         .ssl_renegotiate_check = ssl_ok,
  82         .ssl_get_message = ssl3_get_message,
  83         .ssl_read_bytes = ssl3_read_bytes,
  84         .ssl_write_bytes = ssl3_write_bytes,
  85         .ssl3_enc = &TLSv1_2_enc_data,
  86 };
  87
  88 static const SSL_METHOD TLS_server_method_data = {
  89         .ssl_dispatch_alert = ssl3_dispatch_alert,
  90         .num_ciphers = ssl3_num_ciphers,
  91         .get_cipher = ssl3_get_cipher,
  92         .get_cipher_by_char = ssl3_get_cipher_by_char,
  93         .put_cipher_by_char = ssl3_put_cipher_by_char,
  94         .internal = &TLS_server_method_internal_data,
  95 };
  96
  97 static const SSL_METHOD_INTERNAL TLSv1_server_method_internal_data = {
  98         .version = TLS1_VERSION,
  99         .min_version = TLS1_VERSION,
 100         .max_version = TLS1_VERSION,
 101         .ssl_new = tls1_new,
 102         .ssl_clear = tls1_clear,
 103         .ssl_free = tls1_free,
 104         .ssl_accept = ssl3_accept,
 105         .ssl_connect = ssl_undefined_function,
 106         .get_ssl_method = tls1_get_server_method,
 107         .get_timeout = tls1_default_timeout,
 108         .ssl_version = ssl_undefined_void_function,
 109         .ssl_renegotiate = ssl3_renegotiate,
 110         .ssl_renegotiate_check = ssl3_renegotiate_check,
 111         .ssl_get_message = ssl3_get_message,
 112         .ssl_read_bytes = ssl3_read_bytes,
 113         .ssl_write_bytes = ssl3_write_bytes,
 114         .ssl3_enc = &TLSv1_enc_data,
 115 };
 116
 117 static const SSL_METHOD TLSv1_server_method_data = {
 118         .ssl_dispatch_alert = ssl3_dispatch_alert,
 119         .num_ciphers = ssl3_num_ciphers,
 120         .get_cipher = ssl3_get_cipher,
 121         .get_cipher_by_char = ssl3_get_cipher_by_char,
 122         .put_cipher_by_char = ssl3_put_cipher_by_char,
 123         .internal = &TLSv1_server_method_internal_data,
 124 };
 125
 126 static const SSL_METHOD_INTERNAL TLSv1_1_server_method_internal_data = {
 127         .version = TLS1_1_VERSION,
 128         .min_version = TLS1_1_VERSION,
 129         .max_version = TLS1_1_VERSION,
 130         .ssl_new = tls1_new,
 131         .ssl_clear = tls1_clear,
 132         .ssl_free = tls1_free,
 133         .ssl_accept = ssl3_accept,
 134         .ssl_connect = ssl_undefined_function,
 135         .get_ssl_method = tls1_get_server_method,
 136         .get_timeout = tls1_default_timeout,
 137         .ssl_version = ssl_undefined_void_function,
 138         .ssl_renegotiate = ssl3_renegotiate,
 139         .ssl_renegotiate_check = ssl3_renegotiate_check,
 140         .ssl_get_message = ssl3_get_message,
 141         .ssl_read_bytes = ssl3_read_bytes,
 142         .ssl_write_bytes = ssl3_write_bytes,
 143         .ssl3_enc = &TLSv1_1_enc_data,
 144 };
 145
 146 static const SSL_METHOD TLSv1_1_server_method_data = {
 147         .ssl_dispatch_alert = ssl3_dispatch_alert,
 148         .num_ciphers = ssl3_num_ciphers,
 149         .get_cipher = ssl3_get_cipher,
 150         .get_cipher_by_char = ssl3_get_cipher_by_char,
 151         .put_cipher_by_char = ssl3_put_cipher_by_char,
 152         .internal = &TLSv1_1_server_method_internal_data,
 153 };
 154
 155 static const SSL_METHOD_INTERNAL TLSv1_2_server_method_internal_data = {
 156         .version = TLS1_2_VERSION,
 157         .min_version = TLS1_2_VERSION,
 158         .max_version = TLS1_2_VERSION,
 159         .ssl_new = tls1_new,
 160         .ssl_clear = tls1_clear,
 161         .ssl_free = tls1_free,
 162         .ssl_accept = ssl3_accept,
 163         .ssl_connect = ssl_undefined_function,
 164         .get_ssl_method = tls1_get_server_method,
 165         .get_timeout = tls1_default_timeout,
 166         .ssl_version = ssl_undefined_void_function,
 167         .ssl_renegotiate = ssl3_renegotiate,
 168         .ssl_renegotiate_check = ssl3_renegotiate_check,
 169         .ssl_get_message = ssl3_get_message,
 170         .ssl_read_bytes = ssl3_read_bytes,
 171         .ssl_write_bytes = ssl3_write_bytes,
 172         .ssl3_enc = &TLSv1_2_enc_data,
 173 };
 174
 175 static const SSL_METHOD TLSv1_2_server_method_data = {
 176         .ssl_dispatch_alert = ssl3_dispatch_alert,
 177         .num_ciphers = ssl3_num_ciphers,
 178         .get_cipher = ssl3_get_cipher,
 179         .get_cipher_by_char = ssl3_get_cipher_by_char,
 180         .put_cipher_by_char = ssl3_put_cipher_by_char,
 181         .internal = &TLSv1_2_server_method_internal_data,
 182 };
 183
 184 const SSL_METHOD *
 185 tls1_get_server_method(int ver)
 186 {
 187         if (ver == TLS1_2_VERSION)
 188                 return (TLSv1_2_server_method());
 189         if (ver == TLS1_1_VERSION)
 190                 return (TLSv1_1_server_method());
 191         if (ver == TLS1_VERSION)
 192                 return (TLSv1_server_method());
 193         return (NULL);
 194 }
 195
 196 const SSL_METHOD *
 197 SSLv23_server_method(void)
 198 {
 199         return (TLS_server_method());
 200 }
 201
 202 const SSL_METHOD *
 203 TLS_server_method(void)
 204 {
 205         return (&TLS_server_method_data);
 206 }
 207
 208 const SSL_METHOD *
 209 TLSv1_server_method(void)
 210 {
 211         return (&TLSv1_server_method_data);
 212 }
 213
 214 const SSL_METHOD *
 215 TLSv1_1_server_method(void)
 216 {
 217         return (&TLSv1_1_server_method_data);
 218 }
 219
 220 const SSL_METHOD *
 221 TLSv1_2_server_method(void)
 222 {
 223         return (&TLSv1_2_server_method_data);
 224 }