search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
tzdata: update to 2018g
[unleashed.git] / lib / libssl / ssl_lib.c
blobd8415bcf6d84671080e3b71791956cfa85438f37
1 /* $OpenBSD: ssl_lib.c,v 1.189 2018/09/05 16:58:59 jsing Exp $ */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58 /* ====================================================================
59 * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111 /* ====================================================================
112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113 * ECC cipher suite support in OpenSSL originally developed by
114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
115 */
116 /* ====================================================================
117 * Copyright 2005 Nokia. All rights reserved.
118 *
119 * The portions of the attached software ("Contribution") is developed by
120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
121 * license.
122 *
123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
125 * support (see RFC 4279) to OpenSSL.
126 *
127 * No patent licenses or other rights except those expressly stated in
128 * the OpenSSL open source license shall be deemed granted or received
129 * expressly, by implication, estoppel, or otherwise.
130 *
131 * No assurances are provided by Nokia that the Contribution does not
132 * infringe the patent or other intellectual property rights of any third
133 * party or that the license provides you with all the necessary rights
134 * to make use of the Contribution.
135 *
136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
140 * OTHERWISE.
141 */
142
143 #include <stdio.h>
144
145 #include "ssl_locl.h"
146
147 #include <openssl/bn.h>
148 #include <openssl/dh.h>
149 #include <openssl/lhash.h>
150 #include <openssl/objects.h>
151 #include <openssl/ocsp.h>
152 #include <openssl/x509v3.h>
153
154 #ifndef OPENSSL_NO_ENGINE
155 #include <openssl/engine.h>
156 #endif
157
158 #include "bytestring.h"
159
160 const char *SSL_version_str = OPENSSL_VERSION_TEXT;
161
162 int
163 SSL_clear(SSL *s)
164 {
165 if (s->method == NULL) {
166 SSLerror(s, SSL_R_NO_METHOD_SPECIFIED);
167 return (0);
168 }
169
170 if (ssl_clear_bad_session(s)) {
171 SSL_SESSION_free(s->session);
172 s->session = NULL;
173 }
174
175 s->error = 0;
176 s->internal->hit = 0;
177 s->internal->shutdown = 0;
178
179 if (s->internal->renegotiate) {
180 SSLerror(s, ERR_R_INTERNAL_ERROR);
181 return (0);
182 }
183
184 s->internal->type = 0;
185
186 s->version = s->method->internal->version;
187 s->client_version = s->version;
188 s->internal->rwstate = SSL_NOTHING;
189 s->internal->rstate = SSL_ST_READ_HEADER;
190
191 BUF_MEM_free(s->internal->init_buf);
192 s->internal->init_buf = NULL;
193
194 ssl_clear_cipher_state(s);
195
196 s->internal->first_packet = 0;
197
198 /*
199 * Check to see if we were changed into a different method, if
200 * so, revert back if we are not doing session-id reuse.
201 */
202 if (!s->internal->in_handshake && (s->session == NULL) &&
203 (s->method != s->ctx->method)) {
204 s->method->internal->ssl_free(s);
205 s->method = s->ctx->method;
206 if (!s->method->internal->ssl_new(s))
207 return (0);
208 } else
209 s->method->internal->ssl_clear(s);
210
211 S3I(s)->hs.state = SSL_ST_BEFORE|((s->server) ? SSL_ST_ACCEPT : SSL_ST_CONNECT);
212
213 return (1);
214 }
215
216 /* Used to change an SSL_CTXs default SSL method type */
217 int
218 SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth)
219 {
220 STACK_OF(SSL_CIPHER) *sk;
221
222 ctx->method = meth;
223
224 sk = ssl_create_cipher_list(ctx->method, &(ctx->cipher_list),
225 &(ctx->internal->cipher_list_by_id), SSL_DEFAULT_CIPHER_LIST);
226 if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0)) {
227 SSLerrorx(SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
228 return (0);
229 }
230 return (1);
231 }
232
233 SSL *
234 SSL_new(SSL_CTX *ctx)
235 {
236 SSL *s;
237
238 if (ctx == NULL) {
239 SSLerrorx(SSL_R_NULL_SSL_CTX);
240 return (NULL);
241 }
242 if (ctx->method == NULL) {
243 SSLerrorx(SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION);
244 return (NULL);
245 }
246
247 if ((s = calloc(1, sizeof(*s))) == NULL) {
248 SSLerrorx(ERR_R_MALLOC_FAILURE);
249 return (NULL);
250 }
251 if ((s->internal = calloc(1, sizeof(*s->internal))) == NULL) {
252 free(s);
253 SSLerrorx(ERR_R_MALLOC_FAILURE);
254 return (NULL);
255 }
256
257 s->internal->min_version = ctx->internal->min_version;
258 s->internal->max_version = ctx->internal->max_version;
259
260 s->internal->options = ctx->internal->options;
261 s->internal->mode = ctx->internal->mode;
262 s->internal->max_cert_list = ctx->internal->max_cert_list;
263
264 if (ctx->internal->cert != NULL) {
265 /*
266 * Earlier library versions used to copy the pointer to
267 * the CERT, not its contents; only when setting new
268 * parameters for the per-SSL copy, ssl_cert_new would be
269 * called (and the direct reference to the per-SSL_CTX
270 * settings would be lost, but those still were indirectly
271 * accessed for various purposes, and for that reason they
272 * used to be known as s->ctx->default_cert).
273 * Now we don't look at the SSL_CTX's CERT after having
274 * duplicated it once.
275 */
276 s->cert = ssl_cert_dup(ctx->internal->cert);
277 if (s->cert == NULL)
278 goto err;
279 } else
280 s->cert=NULL; /* Cannot really happen (see SSL_CTX_new) */
281
282 s->internal->read_ahead = ctx->internal->read_ahead;
283 s->internal->msg_callback = ctx->internal->msg_callback;
284 s->internal->msg_callback_arg = ctx->internal->msg_callback_arg;
285 s->verify_mode = ctx->verify_mode;
286 s->sid_ctx_length = ctx->sid_ctx_length;
287 OPENSSL_assert(s->sid_ctx_length <= sizeof s->sid_ctx);
288 memcpy(&s->sid_ctx, &ctx->sid_ctx, sizeof(s->sid_ctx));
289 s->internal->verify_callback = ctx->internal->default_verify_callback;
290 s->internal->generate_session_id = ctx->internal->generate_session_id;
291
292 s->param = X509_VERIFY_PARAM_new();
293 if (!s->param)
294 goto err;
295 X509_VERIFY_PARAM_inherit(s->param, ctx->param);
296 s->internal->quiet_shutdown = ctx->internal->quiet_shutdown;
297 s->max_send_fragment = ctx->internal->max_send_fragment;
298
299 CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
300 s->ctx = ctx;
301 s->internal->tlsext_debug_cb = 0;
302 s->internal->tlsext_debug_arg = NULL;
303 s->internal->tlsext_ticket_expected = 0;
304 s->tlsext_status_type = -1;
305 s->internal->tlsext_status_expected = 0;
306 s->internal->tlsext_ocsp_ids = NULL;
307 s->internal->tlsext_ocsp_exts = NULL;
308 s->internal->tlsext_ocsp_resp = NULL;
309 s->internal->tlsext_ocsp_resplen = -1;
310 CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
311 s->initial_ctx = ctx;
312
313 if (ctx->internal->tlsext_ecpointformatlist != NULL) {
314 s->internal->tlsext_ecpointformatlist =
315 calloc(ctx->internal->tlsext_ecpointformatlist_length,
316 sizeof(ctx->internal->tlsext_ecpointformatlist[0]));
317 if (s->internal->tlsext_ecpointformatlist == NULL)
318 goto err;
319 memcpy(s->internal->tlsext_ecpointformatlist,
320 ctx->internal->tlsext_ecpointformatlist,
321 ctx->internal->tlsext_ecpointformatlist_length *
322 sizeof(ctx->internal->tlsext_ecpointformatlist[0]));
323 s->internal->tlsext_ecpointformatlist_length =
324 ctx->internal->tlsext_ecpointformatlist_length;
325 }
326 if (ctx->internal->tlsext_supportedgroups != NULL) {
327 s->internal->tlsext_supportedgroups =
328 calloc(ctx->internal->tlsext_supportedgroups_length,
329 sizeof(ctx->internal->tlsext_supportedgroups));
330 if (s->internal->tlsext_supportedgroups == NULL)
331 goto err;
332 memcpy(s->internal->tlsext_supportedgroups,
333 ctx->internal->tlsext_supportedgroups,
334 ctx->internal->tlsext_supportedgroups_length *
335 sizeof(ctx->internal->tlsext_supportedgroups[0]));
336 s->internal->tlsext_supportedgroups_length =
337 ctx->internal->tlsext_supportedgroups_length;
338 }
339
340 if (s->ctx->internal->alpn_client_proto_list != NULL) {
341 s->internal->alpn_client_proto_list =
342 malloc(s->ctx->internal->alpn_client_proto_list_len);
343 if (s->internal->alpn_client_proto_list == NULL)
344 goto err;
345 memcpy(s->internal->alpn_client_proto_list,
346 s->ctx->internal->alpn_client_proto_list,
347 s->ctx->internal->alpn_client_proto_list_len);
348 s->internal->alpn_client_proto_list_len =
349 s->ctx->internal->alpn_client_proto_list_len;
350 }
351
352 s->verify_result = X509_V_OK;
353
354 s->method = ctx->method;
355
356 if (!s->method->internal->ssl_new(s))
357 goto err;
358
359 s->references = 1;
360 s->server = (ctx->method->internal->ssl_accept == ssl_undefined_function) ? 0 : 1;
361
362 SSL_clear(s);
363
364 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->internal->ex_data);
365
366 return (s);
367
368 err:
369 SSL_free(s);
370 SSLerrorx(ERR_R_MALLOC_FAILURE);
371 return (NULL);
372 }
373
374 int
375 SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx,
376 unsigned int sid_ctx_len)
377 {
378 if (sid_ctx_len > sizeof ctx->sid_ctx) {
379 SSLerrorx(SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
380 return (0);
381 }
382 ctx->sid_ctx_length = sid_ctx_len;
383 memcpy(ctx->sid_ctx, sid_ctx, sid_ctx_len);
384
385 return (1);
386 }
387
388 int
389 SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx,
390 unsigned int sid_ctx_len)
391 {
392 if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {
393 SSLerror(ssl, SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
394 return (0);
395 }
396 ssl->sid_ctx_length = sid_ctx_len;
397 memcpy(ssl->sid_ctx, sid_ctx, sid_ctx_len);
398
399 return (1);
400 }
401
402 int
403 SSL_CTX_set_generate_session_id(SSL_CTX *ctx, GEN_SESSION_CB cb)
404 {
405 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
406 ctx->internal->generate_session_id = cb;
407 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
408 return (1);
409 }
410
411 int
412 SSL_set_generate_session_id(SSL *ssl, GEN_SESSION_CB cb)
413 {
414 CRYPTO_w_lock(CRYPTO_LOCK_SSL);
415 ssl->internal->generate_session_id = cb;
416 CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
417 return (1);
418 }
419
420 int
421 SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
422 unsigned int id_len)
423 {
424 /*
425 * A quick examination of SSL_SESSION_hash and SSL_SESSION_cmp
426 * shows how we can "construct" a session to give us the desired
427 * check - ie. to find if there's a session in the hash table
428 * that would conflict with any new session built out of this
429 * id/id_len and the ssl_version in use by this SSL.
430 */
431 SSL_SESSION r, *p;
432
433 if (id_len > sizeof r.session_id)
434 return (0);
435
436 r.ssl_version = ssl->version;
437 r.session_id_length = id_len;
438 memcpy(r.session_id, id, id_len);
439
440 CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
441 p = lh_SSL_SESSION_retrieve(ssl->ctx->internal->sessions, &r);
442 CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
443 return (p != NULL);
444 }
445
446 int
447 SSL_CTX_set_purpose(SSL_CTX *s, int purpose)
448 {
449 return (X509_VERIFY_PARAM_set_purpose(s->param, purpose));
450 }
451
452 int
453 SSL_set_purpose(SSL *s, int purpose)
454 {
455 return (X509_VERIFY_PARAM_set_purpose(s->param, purpose));
456 }
457
458 int
459 SSL_CTX_set_trust(SSL_CTX *s, int trust)
460 {
461 return (X509_VERIFY_PARAM_set_trust(s->param, trust));
462 }
463
464 int
465 SSL_set_trust(SSL *s, int trust)
466 {
467 return (X509_VERIFY_PARAM_set_trust(s->param, trust));
468 }
469
470 X509_VERIFY_PARAM *
471 SSL_CTX_get0_param(SSL_CTX *ctx)
472 {
473 return (ctx->param);
474 }
475
476 int
477 SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm)
478 {
479 return (X509_VERIFY_PARAM_set1(ctx->param, vpm));
480 }
481
482 X509_VERIFY_PARAM *
483 SSL_get0_param(SSL *ssl)
484 {
485 return (ssl->param);
486 }
487
488 int
489 SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm)
490 {
491 return (X509_VERIFY_PARAM_set1(ssl->param, vpm));
492 }
493
494 void
495 SSL_free(SSL *s)
496 {
497 int i;
498
499 if (s == NULL)
500 return;
501
502 i = CRYPTO_add(&s->references, -1, CRYPTO_LOCK_SSL);
503 if (i > 0)
504 return;
505
506 X509_VERIFY_PARAM_free(s->param);
507
508 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->internal->ex_data);
509
510 if (s->bbio != NULL) {
511 /* If the buffering BIO is in place, pop it off */
512 if (s->bbio == s->wbio) {
513 s->wbio = BIO_pop(s->wbio);
514 }
515 BIO_free(s->bbio);
516 s->bbio = NULL;
517 }
518
519 if (s->rbio != s->wbio)
520 BIO_free_all(s->rbio);
521 BIO_free_all(s->wbio);
522
523 BUF_MEM_free(s->internal->init_buf);
524
525 /* add extra stuff */
526 sk_SSL_CIPHER_free(s->cipher_list);
527 sk_SSL_CIPHER_free(s->internal->cipher_list_by_id);
528
529 /* Make the next call work :-) */
530 if (s->session != NULL) {
531 ssl_clear_bad_session(s);
532 SSL_SESSION_free(s->session);
533 }
534
535 ssl_clear_cipher_state(s);
536
537 ssl_cert_free(s->cert);
538
539 free(s->tlsext_hostname);
540 SSL_CTX_free(s->initial_ctx);
541
542 free(s->internal->tlsext_ecpointformatlist);
543 free(s->internal->tlsext_supportedgroups);
544
545 sk_X509_EXTENSION_pop_free(s->internal->tlsext_ocsp_exts,
546 X509_EXTENSION_free);
547 sk_OCSP_RESPID_pop_free(s->internal->tlsext_ocsp_ids, OCSP_RESPID_free);
548 free(s->internal->tlsext_ocsp_resp);
549
550 sk_X509_NAME_pop_free(s->internal->client_CA, X509_NAME_free);
551
552 if (s->method != NULL)
553 s->method->internal->ssl_free(s);
554
555 SSL_CTX_free(s->ctx);
556
557 free(s->internal->alpn_client_proto_list);
558
559 #ifndef OPENSSL_NO_SRTP
560 sk_SRTP_PROTECTION_PROFILE_free(s->internal->srtp_profiles);
561 #endif
562
563 free(s->internal);
564 free(s);
565 }
566
567 int
568 SSL_up_ref(SSL *s)
569 {
570 int refs = CRYPTO_add(&s->references, 1, CRYPTO_LOCK_SSL);
571 return (refs > 1) ? 1 : 0;
572 }
573
574 void
575 SSL_set_bio(SSL *s, BIO *rbio, BIO *wbio)
576 {
577 /* If the output buffering BIO is still in place, remove it */
578 if (s->bbio != NULL) {
579 if (s->wbio == s->bbio) {
580 s->wbio = s->wbio->next_bio;
581 s->bbio->next_bio = NULL;
582 }
583 }
584
585 if (s->rbio != rbio && s->rbio != s->wbio)
586 BIO_free_all(s->rbio);
587 if (s->wbio != wbio)
588 BIO_free_all(s->wbio);
589 s->rbio = rbio;
590 s->wbio = wbio;
591 }
592
593 BIO *
594 SSL_get_rbio(const SSL *s)
595 {
596 return (s->rbio);
597 }
598
599 BIO *
600 SSL_get_wbio(const SSL *s)
601 {
602 return (s->wbio);
603 }
604
605 int
606 SSL_get_fd(const SSL *s)
607 {
608 return (SSL_get_rfd(s));
609 }
610
611 int
612 SSL_get_rfd(const SSL *s)
613 {
614 int ret = -1;
615 BIO *b, *r;
616
617 b = SSL_get_rbio(s);
618 r = BIO_find_type(b, BIO_TYPE_DESCRIPTOR);
619 if (r != NULL)
620 BIO_get_fd(r, &ret);
621 return (ret);
622 }
623
624 int
625 SSL_get_wfd(const SSL *s)
626 {
627 int ret = -1;
628 BIO *b, *r;
629
630 b = SSL_get_wbio(s);
631 r = BIO_find_type(b, BIO_TYPE_DESCRIPTOR);
632 if (r != NULL)
633 BIO_get_fd(r, &ret);
634 return (ret);
635 }
636
637 int
638 SSL_set_fd(SSL *s, int fd)
639 {
640 int ret = 0;
641 BIO *bio = NULL;
642
643 bio = BIO_new(BIO_s_socket());
644
645 if (bio == NULL) {
646 SSLerror(s, ERR_R_BUF_LIB);
647 goto err;
648 }
649 BIO_set_fd(bio, fd, BIO_NOCLOSE);
650 SSL_set_bio(s, bio, bio);
651 ret = 1;
652 err:
653 return (ret);
654 }
655
656 int
657 SSL_set_wfd(SSL *s, int fd)
658 {
659 int ret = 0;
660 BIO *bio = NULL;
661
662 if ((s->rbio == NULL) || (BIO_method_type(s->rbio) != BIO_TYPE_SOCKET)
663 || ((int)BIO_get_fd(s->rbio, NULL) != fd)) {
664 bio = BIO_new(BIO_s_socket());
665
666 if (bio == NULL) {
667 SSLerror(s, ERR_R_BUF_LIB);
668 goto err;
669 }
670 BIO_set_fd(bio, fd, BIO_NOCLOSE);
671 SSL_set_bio(s, SSL_get_rbio(s), bio);
672 } else
673 SSL_set_bio(s, SSL_get_rbio(s), SSL_get_rbio(s));
674 ret = 1;
675 err:
676 return (ret);
677 }
678
679 int
680 SSL_set_rfd(SSL *s, int fd)
681 {
682 int ret = 0;
683 BIO *bio = NULL;
684
685 if ((s->wbio == NULL) || (BIO_method_type(s->wbio) != BIO_TYPE_SOCKET)
686 || ((int)BIO_get_fd(s->wbio, NULL) != fd)) {
687 bio = BIO_new(BIO_s_socket());
688
689 if (bio == NULL) {
690 SSLerror(s, ERR_R_BUF_LIB);
691 goto err;
692 }
693 BIO_set_fd(bio, fd, BIO_NOCLOSE);
694 SSL_set_bio(s, bio, SSL_get_wbio(s));
695 } else
696 SSL_set_bio(s, SSL_get_wbio(s), SSL_get_wbio(s));
697 ret = 1;
698 err:
699 return (ret);
700 }
701
702
703 /* return length of latest Finished message we sent, copy to 'buf' */
704 size_t
705 SSL_get_finished(const SSL *s, void *buf, size_t count)
706 {
707 size_t ret = 0;
708
709 if (s->s3 != NULL) {
710 ret = S3I(s)->tmp.finish_md_len;
711 if (count > ret)
712 count = ret;
713 memcpy(buf, S3I(s)->tmp.finish_md, count);
714 }
715 return (ret);
716 }
717
718 /* return length of latest Finished message we expected, copy to 'buf' */
719 size_t
720 SSL_get_peer_finished(const SSL *s, void *buf, size_t count)
721 {
722 size_t ret = 0;
723
724 if (s->s3 != NULL) {
725 ret = S3I(s)->tmp.peer_finish_md_len;
726 if (count > ret)
727 count = ret;
728 memcpy(buf, S3I(s)->tmp.peer_finish_md, count);
729 }
730 return (ret);
731 }
732
733
734 int
735 SSL_get_verify_mode(const SSL *s)
736 {
737 return (s->verify_mode);
738 }
739
740 int
741 SSL_get_verify_depth(const SSL *s)
742 {
743 return (X509_VERIFY_PARAM_get_depth(s->param));
744 }
745
746 int
747 (*SSL_get_verify_callback(const SSL *s))(int, X509_STORE_CTX *)
748 {
749 return (s->internal->verify_callback);
750 }
751
752 int
753 SSL_CTX_get_verify_mode(const SSL_CTX *ctx)
754 {
755 return (ctx->verify_mode);
756 }
757
758 int
759 SSL_CTX_get_verify_depth(const SSL_CTX *ctx)
760 {
761 return (X509_VERIFY_PARAM_get_depth(ctx->param));
762 }
763
764 int
765 (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))(int, X509_STORE_CTX *)
766 {
767 return (ctx->internal->default_verify_callback);
768 }
769
770 void
771 SSL_set_verify(SSL *s, int mode,
772 int (*callback)(int ok, X509_STORE_CTX *ctx))
773 {
774 s->verify_mode = mode;
775 if (callback != NULL)
776 s->internal->verify_callback = callback;
777 }
778
779 void
780 SSL_set_verify_depth(SSL *s, int depth)
781 {
782 X509_VERIFY_PARAM_set_depth(s->param, depth);
783 }
784
785 void
786 SSL_set_read_ahead(SSL *s, int yes)
787 {
788 s->internal->read_ahead = yes;
789 }
790
791 int
792 SSL_get_read_ahead(const SSL *s)
793 {
794 return (s->internal->read_ahead);
795 }
796
797 int
798 SSL_pending(const SSL *s)
799 {
800 /*
801 * SSL_pending cannot work properly if read-ahead is enabled
802 * (SSL_[CTX_]ctrl(..., SSL_CTRL_SET_READ_AHEAD, 1, NULL)),
803 * and it is impossible to fix since SSL_pending cannot report
804 * errors that may be observed while scanning the new data.
805 * (Note that SSL_pending() is often used as a boolean value,
806 * so we'd better not return -1.)
807 */
808 return (ssl3_pending(s));
809 }
810
811 X509 *
812 SSL_get_peer_certificate(const SSL *s)
813 {
814 X509 *r;
815
816 if ((s == NULL) || (s->session == NULL))
817 r = NULL;
818 else
819 r = s->session->peer;
820
821 if (r == NULL)
822 return (r);
823
824 CRYPTO_add(&r->references, 1, CRYPTO_LOCK_X509);
825
826 return (r);
827 }
828
829 STACK_OF(X509) *
830 SSL_get_peer_cert_chain(const SSL *s)
831 {
832 STACK_OF(X509) *r;
833
834 if ((s == NULL) || (s->session == NULL) ||
835 (SSI(s)->sess_cert == NULL))
836 r = NULL;
837 else
838 r = SSI(s)->sess_cert->cert_chain;
839
840 /*
841 * If we are a client, cert_chain includes the peer's own
842 * certificate;
843 * if we are a server, it does not.
844 */
845 return (r);
846 }
847
848 /*
849 * Now in theory, since the calling process own 't' it should be safe to
850 * modify. We need to be able to read f without being hassled
851 */
852 int
853 SSL_copy_session_id(SSL *t, const SSL *f)
854 {
855 CERT *tmp;
856
857 /* Do we need to do SSL locking? */
858 if (!SSL_set_session(t, SSL_get_session(f)))
859 return 0;
860
861 /* What if we are set up for one protocol but want to talk another? */
862 if (t->method != f->method) {
863 t->method->internal->ssl_free(t);
864 t->method = f->method;
865 if (!t->method->internal->ssl_new(t))
866 return 0;
867 }
868
869 tmp = t->cert;
870 if (f->cert != NULL) {
871 CRYPTO_add(&f->cert->references, 1, CRYPTO_LOCK_SSL_CERT);
872 t->cert = f->cert;
873 } else
874 t->cert = NULL;
875 ssl_cert_free(tmp);
876
877 if (!SSL_set_session_id_context(t, f->sid_ctx, f->sid_ctx_length))
878 return 0;
879
880 return 1;
881 }
882
883 /* Fix this so it checks all the valid key/cert options */
884 int
885 SSL_CTX_check_private_key(const SSL_CTX *ctx)
886 {
887 if ((ctx == NULL) || (ctx->internal->cert == NULL) ||
888 (ctx->internal->cert->key->x509 == NULL)) {
889 SSLerrorx(SSL_R_NO_CERTIFICATE_ASSIGNED);
890 return (0);
891 }
892 if (ctx->internal->cert->key->privatekey == NULL) {
893 SSLerrorx(SSL_R_NO_PRIVATE_KEY_ASSIGNED);
894 return (0);
895 }
896 return (X509_check_private_key(ctx->internal->cert->key->x509,
897 ctx->internal->cert->key->privatekey));
898 }
899
900 /* Fix this function so that it takes an optional type parameter */
901 int
902 SSL_check_private_key(const SSL *ssl)
903 {
904 if (ssl == NULL) {
905 SSLerrorx(ERR_R_PASSED_NULL_PARAMETER);
906 return (0);
907 }
908 if (ssl->cert == NULL) {
909 SSLerror(ssl, SSL_R_NO_CERTIFICATE_ASSIGNED);
910 return (0);
911 }
912 if (ssl->cert->key->x509 == NULL) {
913 SSLerror(ssl, SSL_R_NO_CERTIFICATE_ASSIGNED);
914 return (0);
915 }
916 if (ssl->cert->key->privatekey == NULL) {
917 SSLerror(ssl, SSL_R_NO_PRIVATE_KEY_ASSIGNED);
918 return (0);
919 }
920 return (X509_check_private_key(ssl->cert->key->x509,
921 ssl->cert->key->privatekey));
922 }
923
924 int
925 SSL_accept(SSL *s)
926 {
927 if (s->internal->handshake_func == NULL)
928 SSL_set_accept_state(s); /* Not properly initialized yet */
929
930 return (s->method->internal->ssl_accept(s));
931 }
932
933 int
934 SSL_connect(SSL *s)
935 {
936 if (s->internal->handshake_func == NULL)
937 SSL_set_connect_state(s); /* Not properly initialized yet */
938
939 return (s->method->internal->ssl_connect(s));
940 }
941
942 int
943 SSL_is_server(const SSL *s)
944 {
945 return s->server;
946 }
947
948 long
949 SSL_get_default_timeout(const SSL *s)
950 {
951 return (s->method->internal->get_timeout());
952 }
953
954 int
955 SSL_read(SSL *s, void *buf, int num)
956 {
957 if (s->internal->handshake_func == NULL) {
958 SSLerror(s, SSL_R_UNINITIALIZED);
959 return (-1);
960 }
961
962 if (s->internal->shutdown & SSL_RECEIVED_SHUTDOWN) {
963 s->internal->rwstate = SSL_NOTHING;
964 return (0);
965 }
966 return ssl3_read(s, buf, num);
967 }
968
969 int
970 SSL_peek(SSL *s, void *buf, int num)
971 {
972 if (s->internal->handshake_func == NULL) {
973 SSLerror(s, SSL_R_UNINITIALIZED);
974 return (-1);
975 }
976
977 if (s->internal->shutdown & SSL_RECEIVED_SHUTDOWN) {
978 return (0);
979 }
980 return ssl3_peek(s, buf, num);
981 }
982
983 int
984 SSL_write(SSL *s, const void *buf, int num)
985 {
986 if (s->internal->handshake_func == NULL) {
987 SSLerror(s, SSL_R_UNINITIALIZED);
988 return (-1);
989 }
990
991 if (s->internal->shutdown & SSL_SENT_SHUTDOWN) {
992 s->internal->rwstate = SSL_NOTHING;
993 SSLerror(s, SSL_R_PROTOCOL_IS_SHUTDOWN);
994 return (-1);
995 }
996 return ssl3_write(s, buf, num);
997 }
998
999 int
1000 SSL_shutdown(SSL *s)
1001 {
1002 /*
1003 * Note that this function behaves differently from what one might
1004 * expect. Return values are 0 for no success (yet),
1005 * 1 for success; but calling it once is usually not enough,
1006 * even if blocking I/O is used (see ssl3_shutdown).
1007 */
1008
1009 if (s->internal->handshake_func == NULL) {
1010 SSLerror(s, SSL_R_UNINITIALIZED);
1011 return (-1);
1012 }
1013
1014 if (s != NULL && !SSL_in_init(s))
1015 return (ssl3_shutdown(s));
1016
1017 return (1);
1018 }
1019
1020 int
1021 SSL_renegotiate(SSL *s)
1022 {
1023 if (s->internal->renegotiate == 0)
1024 s->internal->renegotiate = 1;
1025
1026 s->internal->new_session = 1;
1027
1028 return (s->method->internal->ssl_renegotiate(s));
1029 }
1030
1031 int
1032 SSL_renegotiate_abbreviated(SSL *s)
1033 {
1034 if (s->internal->renegotiate == 0)
1035 s->internal->renegotiate = 1;
1036
1037 s->internal->new_session = 0;
1038
1039 return (s->method->internal->ssl_renegotiate(s));
1040 }
1041
1042 int
1043 SSL_renegotiate_pending(SSL *s)
1044 {
1045 /*
1046 * Becomes true when negotiation is requested;
1047 * false again once a handshake has finished.
1048 */
1049 return (s->internal->renegotiate != 0);
1050 }
1051
1052 long
1053 SSL_ctrl(SSL *s, int cmd, long larg, void *parg)
1054 {
1055 long l;
1056
1057 switch (cmd) {
1058 case SSL_CTRL_GET_READ_AHEAD:
1059 return (s->internal->read_ahead);
1060 case SSL_CTRL_SET_READ_AHEAD:
1061 l = s->internal->read_ahead;
1062 s->internal->read_ahead = larg;
1063 return (l);
1064
1065 case SSL_CTRL_SET_MSG_CALLBACK_ARG:
1066 s->internal->msg_callback_arg = parg;
1067 return (1);
1068
1069 case SSL_CTRL_OPTIONS:
1070 return (s->internal->options|=larg);
1071 case SSL_CTRL_CLEAR_OPTIONS:
1072 return (s->internal->options&=~larg);
1073 case SSL_CTRL_MODE:
1074 return (s->internal->mode|=larg);
1075 case SSL_CTRL_CLEAR_MODE:
1076 return (s->internal->mode &=~larg);
1077 case SSL_CTRL_GET_MAX_CERT_LIST:
1078 return (s->internal->max_cert_list);
1079 case SSL_CTRL_SET_MAX_CERT_LIST:
1080 l = s->internal->max_cert_list;
1081 s->internal->max_cert_list = larg;
1082 return (l);
1083 case SSL_CTRL_SET_MTU:
1084 #ifndef OPENSSL_NO_DTLS1
1085 if (larg < (long)dtls1_min_mtu())
1086 return (0);
1087 #endif
1088 if (SSL_IS_DTLS(s)) {
1089 D1I(s)->mtu = larg;
1090 return (larg);
1091 }
1092 return (0);
1093 case SSL_CTRL_SET_MAX_SEND_FRAGMENT:
1094 if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH)
1095 return (0);
1096 s->max_send_fragment = larg;
1097 return (1);
1098 case SSL_CTRL_GET_RI_SUPPORT:
1099 if (s->s3)
1100 return (S3I(s)->send_connection_binding);
1101 else return (0);
1102 default:
1103 if (SSL_IS_DTLS(s))
1104 return dtls1_ctrl(s, cmd, larg, parg);
1105 return ssl3_ctrl(s, cmd, larg, parg);
1106 }
1107 }
1108
1109 long
1110 SSL_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
1111 {
1112 switch (cmd) {
1113 case SSL_CTRL_SET_MSG_CALLBACK:
1114 s->internal->msg_callback = (void (*)(int write_p, int version,
1115 int content_type, const void *buf, size_t len,
1116 SSL *ssl, void *arg))(fp);
1117 return (1);
1118
1119 default:
1120 return (ssl3_callback_ctrl(s, cmd, fp));
1121 }
1122 }
1123
1124 struct lhash_st_SSL_SESSION *
1125 SSL_CTX_sessions(SSL_CTX *ctx)
1126 {
1127 return (ctx->internal->sessions);
1128 }
1129
1130 long
1131 SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
1132 {
1133 long l;
1134
1135 switch (cmd) {
1136 case SSL_CTRL_GET_READ_AHEAD:
1137 return (ctx->internal->read_ahead);
1138 case SSL_CTRL_SET_READ_AHEAD:
1139 l = ctx->internal->read_ahead;
1140 ctx->internal->read_ahead = larg;
1141 return (l);
1142
1143 case SSL_CTRL_SET_MSG_CALLBACK_ARG:
1144 ctx->internal->msg_callback_arg = parg;
1145 return (1);
1146
1147 case SSL_CTRL_GET_MAX_CERT_LIST:
1148 return (ctx->internal->max_cert_list);
1149 case SSL_CTRL_SET_MAX_CERT_LIST:
1150 l = ctx->internal->max_cert_list;
1151 ctx->internal->max_cert_list = larg;
1152 return (l);
1153
1154 case SSL_CTRL_SET_SESS_CACHE_SIZE:
1155 l = ctx->internal->session_cache_size;
1156 ctx->internal->session_cache_size = larg;
1157 return (l);
1158 case SSL_CTRL_GET_SESS_CACHE_SIZE:
1159 return (ctx->internal->session_cache_size);
1160 case SSL_CTRL_SET_SESS_CACHE_MODE:
1161 l = ctx->internal->session_cache_mode;
1162 ctx->internal->session_cache_mode = larg;
1163 return (l);
1164 case SSL_CTRL_GET_SESS_CACHE_MODE:
1165 return (ctx->internal->session_cache_mode);
1166
1167 case SSL_CTRL_SESS_NUMBER:
1168 return (lh_SSL_SESSION_num_items(ctx->internal->sessions));
1169 case SSL_CTRL_SESS_CONNECT:
1170 return (ctx->internal->stats.sess_connect);
1171 case SSL_CTRL_SESS_CONNECT_GOOD:
1172 return (ctx->internal->stats.sess_connect_good);
1173 case SSL_CTRL_SESS_CONNECT_RENEGOTIATE:
1174 return (ctx->internal->stats.sess_connect_renegotiate);
1175 case SSL_CTRL_SESS_ACCEPT:
1176 return (ctx->internal->stats.sess_accept);
1177 case SSL_CTRL_SESS_ACCEPT_GOOD:
1178 return (ctx->internal->stats.sess_accept_good);
1179 case SSL_CTRL_SESS_ACCEPT_RENEGOTIATE:
1180 return (ctx->internal->stats.sess_accept_renegotiate);
1181 case SSL_CTRL_SESS_HIT:
1182 return (ctx->internal->stats.sess_hit);
1183 case SSL_CTRL_SESS_CB_HIT:
1184 return (ctx->internal->stats.sess_cb_hit);
1185 case SSL_CTRL_SESS_MISSES:
1186 return (ctx->internal->stats.sess_miss);
1187 case SSL_CTRL_SESS_TIMEOUTS:
1188 return (ctx->internal->stats.sess_timeout);
1189 case SSL_CTRL_SESS_CACHE_FULL:
1190 return (ctx->internal->stats.sess_cache_full);
1191 case SSL_CTRL_OPTIONS:
1192 return (ctx->internal->options|=larg);
1193 case SSL_CTRL_CLEAR_OPTIONS:
1194 return (ctx->internal->options&=~larg);
1195 case SSL_CTRL_MODE:
1196 return (ctx->internal->mode|=larg);
1197 case SSL_CTRL_CLEAR_MODE:
1198 return (ctx->internal->mode&=~larg);
1199 case SSL_CTRL_SET_MAX_SEND_FRAGMENT:
1200 if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH)
1201 return (0);
1202 ctx->internal->max_send_fragment = larg;
1203 return (1);
1204 default:
1205 return (ssl3_ctx_ctrl(ctx, cmd, larg, parg));
1206 }
1207 }
1208
1209 long
1210 SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
1211 {
1212 switch (cmd) {
1213 case SSL_CTRL_SET_MSG_CALLBACK:
1214 ctx->internal->msg_callback = (void (*)(int write_p, int version,
1215 int content_type, const void *buf, size_t len, SSL *ssl,
1216 void *arg))(fp);
1217 return (1);
1218
1219 default:
1220 return (ssl3_ctx_callback_ctrl(ctx, cmd, fp));
1221 }
1222 }
1223
1224 int
1225 ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b)
1226 {
1227 long l;
1228
1229 l = a->id - b->id;
1230 if (l == 0L)
1231 return (0);
1232 else
1233 return ((l > 0) ? 1:-1);
1234 }
1235
1236 int
1237 ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap,
1238 const SSL_CIPHER * const *bp)
1239 {
1240 long l;
1241
1242 l = (*ap)->id - (*bp)->id;
1243 if (l == 0L)
1244 return (0);
1245 else
1246 return ((l > 0) ? 1:-1);
1247 }
1248
1249 /*
1250 * Return a STACK of the ciphers available for the SSL and in order of
1251 * preference.
1252 */
1253 STACK_OF(SSL_CIPHER) *
1254 SSL_get_ciphers(const SSL *s)
1255 {
1256 if (s != NULL) {
1257 if (s->cipher_list != NULL) {
1258 return (s->cipher_list);
1259 } else if ((s->ctx != NULL) && (s->ctx->cipher_list != NULL)) {
1260 return (s->ctx->cipher_list);
1261 }
1262 }
1263 return (NULL);
1264 }
1265
1266 /*
1267 * Return a STACK of the ciphers available for the SSL and in order of
1268 * algorithm id.
1269 */
1270 STACK_OF(SSL_CIPHER) *
1271 ssl_get_ciphers_by_id(SSL *s)
1272 {
1273 if (s != NULL) {
1274 if (s->internal->cipher_list_by_id != NULL) {
1275 return (s->internal->cipher_list_by_id);
1276 } else if ((s->ctx != NULL) &&
1277 (s->ctx->internal->cipher_list_by_id != NULL)) {
1278 return (s->ctx->internal->cipher_list_by_id);
1279 }
1280 }
1281 return (NULL);
1282 }
1283
1284 /* See if we have any ECC cipher suites. */
1285 int
1286 ssl_has_ecc_ciphers(SSL *s)
1287 {
1288 STACK_OF(SSL_CIPHER) *ciphers;
1289 unsigned long alg_k, alg_a;
1290 SSL_CIPHER *cipher;
1291 int i;
1292
1293 if (s->version == DTLS1_VERSION)
1294 return 0;
1295 if ((ciphers = SSL_get_ciphers(s)) == NULL)
1296 return 0;
1297
1298 for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
1299 cipher = sk_SSL_CIPHER_value(ciphers, i);
1300
1301 alg_k = cipher->algorithm_mkey;
1302 alg_a = cipher->algorithm_auth;
1303
1304 if ((alg_k & SSL_kECDHE) || (alg_a & SSL_aECDSA))
1305 return 1;
1306 }
1307
1308 return 0;
1309 }
1310
1311 /* The old interface to get the same thing as SSL_get_ciphers(). */
1312 const char *
1313 SSL_get_cipher_list(const SSL *s, int n)
1314 {
1315 SSL_CIPHER *c;
1316 STACK_OF(SSL_CIPHER) *sk;
1317
1318 if (s == NULL)
1319 return (NULL);
1320 sk = SSL_get_ciphers(s);
1321 if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= n))
1322 return (NULL);
1323 c = sk_SSL_CIPHER_value(sk, n);
1324 if (c == NULL)
1325 return (NULL);
1326 return (c->name);
1327 }
1328
1329 STACK_OF(SSL_CIPHER) *
1330 SSL_CTX_get_ciphers(const SSL_CTX *ctx)
1331 {
1332 return ctx->cipher_list;
1333 }
1334
1335 /* Specify the ciphers to be used by default by the SSL_CTX. */
1336 int
1337 SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str)
1338 {
1339 STACK_OF(SSL_CIPHER) *sk;
1340
1341 sk = ssl_create_cipher_list(ctx->method, &ctx->cipher_list,
1342 &ctx->internal->cipher_list_by_id, str);
1343 /*
1344 * ssl_create_cipher_list may return an empty stack if it
1345 * was unable to find a cipher matching the given rule string
1346 * (for example if the rule string specifies a cipher which
1347 * has been disabled). This is not an error as far as
1348 * ssl_create_cipher_list is concerned, and hence
1349 * ctx->cipher_list and ctx->internal->cipher_list_by_id has been
1350 * updated.
1351 */
1352 if (sk == NULL)
1353 return (0);
1354 else if (sk_SSL_CIPHER_num(sk) == 0) {
1355 SSLerrorx(SSL_R_NO_CIPHER_MATCH);
1356 return (0);
1357 }
1358 return (1);
1359 }
1360
1361 /* Specify the ciphers to be used by the SSL. */
1362 int
1363 SSL_set_cipher_list(SSL *s, const char *str)
1364 {
1365 STACK_OF(SSL_CIPHER) *sk;
1366
1367 sk = ssl_create_cipher_list(s->ctx->method, &s->cipher_list,
1368 &s->internal->cipher_list_by_id, str);
1369 /* see comment in SSL_CTX_set_cipher_list */
1370 if (sk == NULL)
1371 return (0);
1372 else if (sk_SSL_CIPHER_num(sk) == 0) {
1373 SSLerror(s, SSL_R_NO_CIPHER_MATCH);
1374 return (0);
1375 }
1376 return (1);
1377 }
1378
1379 /* works well for SSLv2, not so good for SSLv3 */
1380 char *
1381 SSL_get_shared_ciphers(const SSL *s, char *buf, int len)
1382 {
1383 char *end;
1384 STACK_OF(SSL_CIPHER) *sk;
1385 SSL_CIPHER *c;
1386 size_t curlen = 0;
1387 int i;
1388
1389 if (s->session == NULL || s->session->ciphers == NULL || len < 2)
1390 return (NULL);
1391
1392 sk = s->session->ciphers;
1393 if (sk_SSL_CIPHER_num(sk) == 0)
1394 return (NULL);
1395
1396 buf[0] = '\0';
1397 for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
1398 c = sk_SSL_CIPHER_value(sk, i);
1399 end = buf + curlen;
1400 if (strlcat(buf, c->name, len) >= len ||
1401 (curlen = strlcat(buf, ":", len)) >= len) {
1402 /* remove truncated cipher from list */
1403 *end = '\0';
1404 break;
1405 }
1406 }
1407 /* remove trailing colon */
1408 if ((end = strrchr(buf, ':')) != NULL)
1409 *end = '\0';
1410 return (buf);
1411 }
1412
1413 int
1414 ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *ciphers, CBB *cbb)
1415 {
1416 SSL_CIPHER *cipher;
1417 int num_ciphers = 0;
1418 int i;
1419
1420 if (ciphers == NULL)
1421 return 0;
1422
1423 for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
1424 if ((cipher = sk_SSL_CIPHER_value(ciphers, i)) == NULL)
1425 return 0;
1426
1427 /* Skip TLS v1.2 only ciphersuites if lower than v1.2 */
1428 if ((cipher->algorithm_ssl & SSL_TLSV1_2) &&
1429 (TLS1_get_client_version(s) < TLS1_2_VERSION))
1430 continue;
1431
1432 if (!CBB_add_u16(cbb, ssl3_cipher_get_value(cipher)))
1433 return 0;
1434
1435 num_ciphers++;
1436 }
1437
1438 /* Add SCSV if there are other ciphers and we're not renegotiating. */
1439 if (num_ciphers > 0 && !s->internal->renegotiate) {
1440 if (!CBB_add_u16(cbb, SSL3_CK_SCSV & SSL3_CK_VALUE_MASK))
1441 return 0;
1442 }
1443
1444 if (!CBB_flush(cbb))
1445 return 0;
1446
1447 return 1;
1448 }
1449
1450 STACK_OF(SSL_CIPHER) *
1451 ssl_bytes_to_cipher_list(SSL *s, CBS *cbs)
1452 {
1453 STACK_OF(SSL_CIPHER) *ciphers = NULL;
1454 const SSL_CIPHER *cipher;
1455 uint16_t cipher_value, max_version;
1456 unsigned long cipher_id;
1457
1458 if (s->s3 != NULL)
1459 S3I(s)->send_connection_binding = 0;
1460
1461 if ((ciphers = sk_SSL_CIPHER_new_null()) == NULL) {
1462 SSLerror(s, ERR_R_MALLOC_FAILURE);
1463 goto err;
1464 }
1465
1466 while (CBS_len(cbs) > 0) {
1467 if (!CBS_get_u16(cbs, &cipher_value)) {
1468 SSLerror(s, SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
1469 goto err;
1470 }
1471
1472 cipher_id = SSL3_CK_ID | cipher_value;
1473
1474 if (s->s3 != NULL && cipher_id == SSL3_CK_SCSV) {
1475 /*
1476 * TLS_EMPTY_RENEGOTIATION_INFO_SCSV is fatal if
1477 * renegotiating.
1478 */
1479 if (s->internal->renegotiate) {
1480 SSLerror(s, SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING);
1481 ssl3_send_alert(s, SSL3_AL_FATAL,
1482 SSL_AD_HANDSHAKE_FAILURE);
1483
1484 goto err;
1485 }
1486 S3I(s)->send_connection_binding = 1;
1487 continue;
1488 }
1489
1490 if (cipher_id == SSL3_CK_FALLBACK_SCSV) {
1491 /*
1492 * TLS_FALLBACK_SCSV indicates that the client
1493 * previously tried a higher protocol version.
1494 * Fail if the current version is an unexpected
1495 * downgrade.
1496 */
1497 max_version = ssl_max_server_version(s);
1498 if (max_version == 0 || s->version < max_version) {
1499 SSLerror(s, SSL_R_INAPPROPRIATE_FALLBACK);
1500 if (s->s3 != NULL)
1501 ssl3_send_alert(s, SSL3_AL_FATAL,
1502 SSL_AD_INAPPROPRIATE_FALLBACK);
1503 goto err;
1504 }
1505 continue;
1506 }
1507
1508 if ((cipher = ssl3_get_cipher_by_value(cipher_value)) != NULL) {
1509 if (!sk_SSL_CIPHER_push(ciphers, cipher)) {
1510 SSLerror(s, ERR_R_MALLOC_FAILURE);
1511 goto err;
1512 }
1513 }
1514 }
1515
1516 return (ciphers);
1517
1518 err:
1519 sk_SSL_CIPHER_free(ciphers);
1520
1521 return (NULL);
1522 }
1523
1524
1525 /*
1526 * Return a servername extension value if provided in Client Hello, or NULL.
1527 * So far, only host_name types are defined (RFC 3546).
1528 */
1529 const char *
1530 SSL_get_servername(const SSL *s, const int type)
1531 {
1532 if (type != TLSEXT_NAMETYPE_host_name)
1533 return (NULL);
1534
1535 return (s->session && !s->tlsext_hostname ?
1536 s->session->tlsext_hostname :
1537 s->tlsext_hostname);
1538 }
1539
1540 int
1541 SSL_get_servername_type(const SSL *s)
1542 {
1543 if (s->session &&
1544 (!s->tlsext_hostname ?
1545 s->session->tlsext_hostname : s->tlsext_hostname))
1546 return (TLSEXT_NAMETYPE_host_name);
1547 return (-1);
1548 }
1549
1550 /*
1551 * SSL_select_next_proto implements standard protocol selection. It is
1552 * expected that this function is called from the callback set by
1553 * SSL_CTX_set_alpn_select_cb.
1554 *
1555 * The protocol data is assumed to be a vector of 8-bit, length prefixed byte
1556 * strings. The length byte itself is not included in the length. A byte
1557 * string of length 0 is invalid. No byte string may be truncated.
1558 *
1559 * It returns either:
1560 * OPENSSL_NPN_NEGOTIATED if a common protocol was found, or
1561 * OPENSSL_NPN_NO_OVERLAP if the fallback case was reached.
1562 */
1563 int
1564 SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
1565 const unsigned char *server, unsigned int server_len,
1566 const unsigned char *client, unsigned int client_len)
1567 {
1568 unsigned int i, j;
1569 const unsigned char *result;
1570 int status = OPENSSL_NPN_UNSUPPORTED;
1571
1572 /*
1573 * For each protocol in server preference order,
1574 * see if we support it.
1575 */
1576 for (i = 0; i < server_len; ) {
1577 for (j = 0; j < client_len; ) {
1578 if (server[i] == client[j] &&
1579 memcmp(&server[i + 1],
1580 &client[j + 1], server[i]) == 0) {
1581 /* We found a match */
1582 result = &server[i];
1583 status = OPENSSL_NPN_NEGOTIATED;
1584 goto found;
1585 }
1586 j += client[j];
1587 j++;
1588 }
1589 i += server[i];
1590 i++;
1591 }
1592
1593 /* There's no overlap between our protocols and the server's list. */
1594 result = client;
1595 status = OPENSSL_NPN_NO_OVERLAP;
1596
1597 found:
1598 *out = (unsigned char *) result + 1;
1599 *outlen = result[0];
1600 return (status);
1601 }
1602
1603 /* SSL_get0_next_proto_negotiated is deprecated. */
1604 void
1605 SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data,
1606 unsigned *len)
1607 {
1608 *data = NULL;
1609 *len = 0;
1610 }
1611
1612 /* SSL_CTX_set_next_protos_advertised_cb is deprecated. */
1613 void
1614 SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *ctx, int (*cb) (SSL *ssl,
1615 const unsigned char **out, unsigned int *outlen, void *arg), void *arg)
1616 {
1617 }
1618
1619 /* SSL_CTX_set_next_proto_select_cb is deprecated. */
1620 void
1621 SSL_CTX_set_next_proto_select_cb(SSL_CTX *ctx, int (*cb) (SSL *s,
1622 unsigned char **out, unsigned char *outlen, const unsigned char *in,
1623 unsigned int inlen, void *arg), void *arg)
1624 {
1625 }
1626
1627 /*
1628 * SSL_CTX_set_alpn_protos sets the ALPN protocol list to the specified
1629 * protocols, which must be in wire-format (i.e. a series of non-empty,
1630 * 8-bit length-prefixed strings). Returns 0 on success.
1631 */
1632 int
1633 SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos,
1634 unsigned int protos_len)
1635 {
1636 int failed = 1;
1637
1638 if (protos == NULL || protos_len == 0)
1639 goto err;
1640
1641 free(ctx->internal->alpn_client_proto_list);
1642 ctx->internal->alpn_client_proto_list = NULL;
1643 ctx->internal->alpn_client_proto_list_len = 0;
1644
1645 if ((ctx->internal->alpn_client_proto_list = malloc(protos_len))
1646 == NULL)
1647 goto err;
1648 ctx->internal->alpn_client_proto_list_len = protos_len;
1649
1650 memcpy(ctx->internal->alpn_client_proto_list, protos, protos_len);
1651
1652 failed = 0;
1653
1654 err:
1655 /* NOTE: Return values are the reverse of what you expect. */
1656 return (failed);
1657 }
1658
1659 /*
1660 * SSL_set_alpn_protos sets the ALPN protocol list to the specified
1661 * protocols, which must be in wire-format (i.e. a series of non-empty,
1662 * 8-bit length-prefixed strings). Returns 0 on success.
1663 */
1664 int
1665 SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos,
1666 unsigned int protos_len)
1667 {
1668 int failed = 1;
1669
1670 if (protos == NULL || protos_len == 0)
1671 goto err;
1672
1673 free(ssl->internal->alpn_client_proto_list);
1674 ssl->internal->alpn_client_proto_list = NULL;
1675 ssl->internal->alpn_client_proto_list_len = 0;
1676
1677 if ((ssl->internal->alpn_client_proto_list = malloc(protos_len))
1678 == NULL)
1679 goto err;
1680 ssl->internal->alpn_client_proto_list_len = protos_len;
1681
1682 memcpy(ssl->internal->alpn_client_proto_list, protos, protos_len);
1683
1684 failed = 0;
1685
1686 err:
1687 /* NOTE: Return values are the reverse of what you expect. */
1688 return (failed);
1689 }
1690
1691 /*
1692 * SSL_CTX_set_alpn_select_cb sets a callback function that is called during
1693 * ClientHello processing in order to select an ALPN protocol from the
1694 * client's list of offered protocols.
1695 */
1696 void
1697 SSL_CTX_set_alpn_select_cb(SSL_CTX* ctx,
1698 int (*cb) (SSL *ssl, const unsigned char **out, unsigned char *outlen,
1699 const unsigned char *in, unsigned int inlen, void *arg), void *arg)
1700 {
1701 ctx->internal->alpn_select_cb = cb;
1702 ctx->internal->alpn_select_cb_arg = arg;
1703 }
1704
1705 /*
1706 * SSL_get0_alpn_selected gets the selected ALPN protocol (if any). On return
1707 * it sets data to point to len bytes of protocol name (not including the
1708 * leading length-prefix byte). If the server didn't respond with* a negotiated
1709 * protocol then len will be zero.
1710 */
1711 void
1712 SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
1713 unsigned *len)
1714 {
1715 *data = NULL;
1716 *len = 0;
1717
1718 if (ssl->s3 != NULL) {
1719 *data = ssl->s3->internal->alpn_selected;
1720 *len = ssl->s3->internal->alpn_selected_len;
1721 }
1722 }
1723
1724 int
1725 SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
1726 const char *label, size_t llen, const unsigned char *p, size_t plen,
1727 int use_context)
1728 {
1729 return (tls1_export_keying_material(s, out, olen,
1730 label, llen, p, plen, use_context));
1731 }
1732
1733 static unsigned long
1734 ssl_session_hash(const SSL_SESSION *a)
1735 {
1736 unsigned long l;
1737
1738 l = (unsigned long)
1739 ((unsigned int) a->session_id[0] )|
1740 ((unsigned int) a->session_id[1]<< 8L)|
1741 ((unsigned long)a->session_id[2]<<16L)|
1742 ((unsigned long)a->session_id[3]<<24L);
1743 return (l);
1744 }
1745
1746 /*
1747 * NB: If this function (or indeed the hash function which uses a sort of
1748 * coarser function than this one) is changed, ensure
1749 * SSL_CTX_has_matching_session_id() is checked accordingly. It relies on being
1750 * able to construct an SSL_SESSION that will collide with any existing session
1751 * with a matching session ID.
1752 */
1753 static int
1754 ssl_session_cmp(const SSL_SESSION *a, const SSL_SESSION *b)
1755 {
1756 if (a->ssl_version != b->ssl_version)
1757 return (1);
1758 if (a->session_id_length != b->session_id_length)
1759 return (1);
1760 if (timingsafe_memcmp(a->session_id, b->session_id, a->session_id_length) != 0)
1761 return (1);
1762 return (0);
1763 }
1764
1765 /*
1766 * These wrapper functions should remain rather than redeclaring
1767 * SSL_SESSION_hash and SSL_SESSION_cmp for void* types and casting each
1768 * variable. The reason is that the functions aren't static, they're exposed via
1769 * ssl.h.
1770 */
1771 static unsigned long
1772 ssl_session_LHASH_HASH(const void *arg)
1773 {
1774 const SSL_SESSION *a = arg;
1775
1776 return ssl_session_hash(a);
1777 }
1778
1779 static int
1780 ssl_session_LHASH_COMP(const void *arg1, const void *arg2)
1781 {
1782 const SSL_SESSION *a = arg1;
1783 const SSL_SESSION *b = arg2;
1784
1785 return ssl_session_cmp(a, b);
1786 }
1787
1788 SSL_CTX *
1789 SSL_CTX_new(const SSL_METHOD *meth)
1790 {
1791 SSL_CTX *ret;
1792
1793 if (!OPENSSL_init_ssl(0, NULL)) {
1794 SSLerrorx(SSL_R_LIBRARY_BUG);
1795 return (NULL);
1796 }
1797
1798 if (meth == NULL) {
1799 SSLerrorx(SSL_R_NULL_SSL_METHOD_PASSED);
1800 return (NULL);
1801 }
1802
1803 if ((ret = calloc(1, sizeof(*ret))) == NULL) {
1804 SSLerrorx(ERR_R_MALLOC_FAILURE);
1805 return (NULL);
1806 }
1807 if ((ret->internal = calloc(1, sizeof(*ret->internal))) == NULL) {
1808 free(ret);
1809 SSLerrorx(ERR_R_MALLOC_FAILURE);
1810 return (NULL);
1811 }
1812
1813 if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0) {
1814 SSLerrorx(SSL_R_X509_VERIFICATION_SETUP_PROBLEMS);
1815 goto err;
1816 }
1817
1818 ret->method = meth;
1819 ret->internal->min_version = meth->internal->min_version;
1820 ret->internal->max_version = meth->internal->max_version;
1821
1822 ret->cert_store = NULL;
1823 ret->internal->session_cache_mode = SSL_SESS_CACHE_SERVER;
1824 ret->internal->session_cache_size = SSL_SESSION_CACHE_MAX_SIZE_DEFAULT;
1825 ret->internal->session_cache_head = NULL;
1826 ret->internal->session_cache_tail = NULL;
1827
1828 /* We take the system default */
1829 ret->session_timeout = meth->internal->get_timeout();
1830
1831 ret->internal->new_session_cb = 0;
1832 ret->internal->remove_session_cb = 0;
1833 ret->internal->get_session_cb = 0;
1834 ret->internal->generate_session_id = 0;
1835
1836 memset((char *)&ret->internal->stats, 0, sizeof(ret->internal->stats));
1837
1838 ret->references = 1;
1839 ret->internal->quiet_shutdown = 0;
1840
1841 ret->internal->info_callback = NULL;
1842
1843 ret->internal->app_verify_callback = 0;
1844 ret->internal->app_verify_arg = NULL;
1845
1846 ret->internal->max_cert_list = SSL_MAX_CERT_LIST_DEFAULT;
1847 ret->internal->read_ahead = 0;
1848 ret->internal->msg_callback = 0;
1849 ret->internal->msg_callback_arg = NULL;
1850 ret->verify_mode = SSL_VERIFY_NONE;
1851 ret->sid_ctx_length = 0;
1852 ret->internal->default_verify_callback = NULL;
1853 if ((ret->internal->cert = ssl_cert_new()) == NULL)
1854 goto err;
1855
1856 ret->default_passwd_callback = 0;
1857 ret->default_passwd_callback_userdata = NULL;
1858 ret->internal->client_cert_cb = 0;
1859 ret->internal->app_gen_cookie_cb = 0;
1860 ret->internal->app_verify_cookie_cb = 0;
1861
1862 ret->internal->sessions = lh_SSL_SESSION_new();
1863 if (ret->internal->sessions == NULL)
1864 goto err;
1865 ret->cert_store = X509_STORE_new();
1866 if (ret->cert_store == NULL)
1867 goto err;
1868
1869 ssl_create_cipher_list(ret->method, &ret->cipher_list,
1870 &ret->internal->cipher_list_by_id, SSL_DEFAULT_CIPHER_LIST);
1871 if (ret->cipher_list == NULL ||
1872 sk_SSL_CIPHER_num(ret->cipher_list) <= 0) {
1873 SSLerrorx(SSL_R_LIBRARY_HAS_NO_CIPHERS);
1874 goto err2;
1875 }
1876
1877 ret->param = X509_VERIFY_PARAM_new();
1878 if (!ret->param)
1879 goto err;
1880
1881 if ((ret->internal->client_CA = sk_X509_NAME_new_null()) == NULL)
1882 goto err;
1883
1884 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ret, &ret->internal->ex_data);
1885
1886 ret->extra_certs = NULL;
1887
1888 ret->internal->max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH;
1889
1890 ret->internal->tlsext_servername_callback = 0;
1891 ret->internal->tlsext_servername_arg = NULL;
1892
1893 /* Setup RFC4507 ticket keys */
1894 arc4random_buf(ret->internal->tlsext_tick_key_name, 16);
1895 arc4random_buf(ret->internal->tlsext_tick_hmac_key, 16);
1896 arc4random_buf(ret->internal->tlsext_tick_aes_key, 16);
1897
1898 ret->internal->tlsext_status_cb = 0;
1899 ret->internal->tlsext_status_arg = NULL;
1900
1901 #ifndef OPENSSL_NO_ENGINE
1902 ret->internal->client_cert_engine = NULL;
1903 #ifdef OPENSSL_SSL_CLIENT_ENGINE_AUTO
1904 #define eng_strx(x) #x
1905 #define eng_str(x) eng_strx(x)
1906 /* Use specific client engine automatically... ignore errors */
1907 {
1908 ENGINE *eng;
1909 eng = ENGINE_by_id(eng_str(OPENSSL_SSL_CLIENT_ENGINE_AUTO));
1910 if (!eng) {
1911 ERR_clear_error();
1912 ENGINE_load_builtin_engines();
1913 eng = ENGINE_by_id(eng_str(
1914 OPENSSL_SSL_CLIENT_ENGINE_AUTO));
1915 }
1916 if (!eng || !SSL_CTX_set_client_cert_engine(ret, eng))
1917 ERR_clear_error();
1918 }
1919 #endif
1920 #endif
1921 /*
1922 * Default is to connect to non-RI servers. When RI is more widely
1923 * deployed might change this.
1924 */
1925 ret->internal->options |= SSL_OP_LEGACY_SERVER_CONNECT;
1926
1927 return (ret);
1928 err:
1929 SSLerrorx(ERR_R_MALLOC_FAILURE);
1930 err2:
1931 SSL_CTX_free(ret);
1932 return (NULL);
1933 }
1934
1935 void
1936 SSL_CTX_free(SSL_CTX *ctx)
1937 {
1938 int i;
1939
1940 if (ctx == NULL)
1941 return;
1942
1943 i = CRYPTO_add(&ctx->references, -1, CRYPTO_LOCK_SSL_CTX);
1944 if (i > 0)
1945 return;
1946
1947 X509_VERIFY_PARAM_free(ctx->param);
1948
1949 /*
1950 * Free internal session cache. However: the remove_cb() may reference
1951 * the ex_data of SSL_CTX, thus the ex_data store can only be removed
1952 * after the sessions were flushed.
1953 * As the ex_data handling routines might also touch the session cache,
1954 * the most secure solution seems to be: empty (flush) the cache, then
1955 * free ex_data, then finally free the cache.
1956 * (See ticket [openssl.org #212].)
1957 */
1958 if (ctx->internal->sessions != NULL)
1959 SSL_CTX_flush_sessions(ctx, 0);
1960
1961 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ctx, &ctx->internal->ex_data);
1962
1963 lh_SSL_SESSION_free(ctx->internal->sessions);
1964
1965 X509_STORE_free(ctx->cert_store);
1966 sk_SSL_CIPHER_free(ctx->cipher_list);
1967 sk_SSL_CIPHER_free(ctx->internal->cipher_list_by_id);
1968 ssl_cert_free(ctx->internal->cert);
1969 sk_X509_NAME_pop_free(ctx->internal->client_CA, X509_NAME_free);
1970 sk_X509_pop_free(ctx->extra_certs, X509_free);
1971
1972 #ifndef OPENSSL_NO_SRTP
1973 if (ctx->internal->srtp_profiles)
1974 sk_SRTP_PROTECTION_PROFILE_free(ctx->internal->srtp_profiles);
1975 #endif
1976
1977 #ifndef OPENSSL_NO_ENGINE
1978 ENGINE_finish(ctx->internal->client_cert_engine);
1979 #endif
1980
1981 free(ctx->internal->tlsext_ecpointformatlist);
1982 free(ctx->internal->tlsext_supportedgroups);
1983
1984 free(ctx->internal->alpn_client_proto_list);
1985
1986 free(ctx->internal);
1987 free(ctx);
1988 }
1989
1990 int
1991 SSL_CTX_up_ref(SSL_CTX *ctx)
1992 {
1993 int refs = CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
1994 return ((refs > 1) ? 1 : 0);
1995 }
1996
1997 pem_password_cb *
1998 SSL_CTX_get_default_passwd_cb(SSL_CTX *ctx)
1999 {
2000 return (ctx->default_passwd_callback);
2001 }
2002
2003 void
2004 SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb)
2005 {
2006 ctx->default_passwd_callback = cb;
2007 }
2008
2009 void *
2010 SSL_CTX_get_default_passwd_cb_userdata(SSL_CTX *ctx)
2011 {
2012 return ctx->default_passwd_callback_userdata;
2013 }
2014
2015 void
2016 SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u)
2017 {
2018 ctx->default_passwd_callback_userdata = u;
2019 }
2020
2021 void
2022 SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, int (*cb)(X509_STORE_CTX *,
2023 void *), void *arg)
2024 {
2025 ctx->internal->app_verify_callback = cb;
2026 ctx->internal->app_verify_arg = arg;
2027 }
2028
2029 void
2030 SSL_CTX_set_verify(SSL_CTX *ctx, int mode, int (*cb)(int, X509_STORE_CTX *))
2031 {
2032 ctx->verify_mode = mode;
2033 ctx->internal->default_verify_callback = cb;
2034 }
2035
2036 void
2037 SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth)
2038 {
2039 X509_VERIFY_PARAM_set_depth(ctx->param, depth);
2040 }
2041
2042 void
2043 ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
2044 {
2045 int rsa_enc, rsa_sign, dh_tmp;
2046 int have_ecc_cert;
2047 unsigned long mask_k, mask_a;
2048 X509 *x = NULL;
2049 CERT_PKEY *cpk;
2050
2051 if (c == NULL)
2052 return;
2053
2054 dh_tmp = (c->dh_tmp != NULL || c->dh_tmp_cb != NULL ||
2055 c->dh_tmp_auto != 0);
2056
2057 cpk = &(c->pkeys[SSL_PKEY_RSA_ENC]);
2058 rsa_enc = (cpk->x509 != NULL && cpk->privatekey != NULL);
2059 cpk = &(c->pkeys[SSL_PKEY_RSA_SIGN]);
2060 rsa_sign = (cpk->x509 != NULL && cpk->privatekey != NULL);
2061 cpk = &(c->pkeys[SSL_PKEY_ECC]);
2062 have_ecc_cert = (cpk->x509 != NULL && cpk->privatekey != NULL);
2063
2064 mask_k = 0;
2065 mask_a = 0;
2066
2067 cpk = &(c->pkeys[SSL_PKEY_GOST01]);
2068 if (cpk->x509 != NULL && cpk->privatekey !=NULL) {
2069 mask_k |= SSL_kGOST;
2070 mask_a |= SSL_aGOST01;
2071 }
2072
2073 if (rsa_enc)
2074 mask_k |= SSL_kRSA;
2075
2076 if (dh_tmp)
2077 mask_k |= SSL_kDHE;
2078
2079 if (rsa_enc || rsa_sign)
2080 mask_a |= SSL_aRSA;
2081
2082 mask_a |= SSL_aNULL;
2083
2084 /*
2085 * An ECC certificate may be usable for ECDH and/or
2086 * ECDSA cipher suites depending on the key usage extension.
2087 */
2088 if (have_ecc_cert) {
2089 x = (c->pkeys[SSL_PKEY_ECC]).x509;
2090
2091 /* This call populates extension flags (ex_flags). */
2092 X509_check_purpose(x, -1, 0);
2093
2094 /* Key usage, if present, must allow signing. */
2095 if ((x->ex_flags & EXFLAG_KUSAGE) == 0 ||
2096 (x->ex_kusage & X509v3_KU_DIGITAL_SIGNATURE))
2097 mask_a |= SSL_aECDSA;
2098 }
2099
2100 mask_k |= SSL_kECDHE;
2101
2102 c->mask_k = mask_k;
2103 c->mask_a = mask_a;
2104 c->valid = 1;
2105 }
2106
2107 /* See if this handshake is using an ECC cipher suite. */
2108 int
2109 ssl_using_ecc_cipher(SSL *s)
2110 {
2111 unsigned long alg_a, alg_k;
2112
2113 alg_a = S3I(s)->hs.new_cipher->algorithm_auth;
2114 alg_k = S3I(s)->hs.new_cipher->algorithm_mkey;
2115
2116 return SSI(s)->tlsext_ecpointformatlist != NULL &&
2117 SSI(s)->tlsext_ecpointformatlist_length > 0 &&
2118 ((alg_k & SSL_kECDHE) || (alg_a & SSL_aECDSA));
2119 }
2120
2121 int
2122 ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
2123 {
2124 const SSL_CIPHER *cs = S3I(s)->hs.new_cipher;
2125 unsigned long alg_a;
2126
2127 alg_a = cs->algorithm_auth;
2128
2129 if (alg_a & SSL_aECDSA) {
2130 /* This call populates extension flags (ex_flags). */
2131 X509_check_purpose(x, -1, 0);
2132
2133 /* Key usage, if present, must allow signing. */
2134 if ((x->ex_flags & EXFLAG_KUSAGE) &&
2135 ((x->ex_kusage & X509v3_KU_DIGITAL_SIGNATURE) == 0)) {
2136 SSLerror(s, SSL_R_ECC_CERT_NOT_FOR_SIGNING);
2137 return (0);
2138 }
2139 }
2140
2141 return (1);
2142 }
2143
2144 CERT_PKEY *
2145 ssl_get_server_send_pkey(const SSL *s)
2146 {
2147 unsigned long alg_a;
2148 CERT *c;
2149 int i;
2150
2151 c = s->cert;
2152 ssl_set_cert_masks(c, S3I(s)->hs.new_cipher);
2153
2154 alg_a = S3I(s)->hs.new_cipher->algorithm_auth;
2155
2156 if (alg_a & SSL_aECDSA) {
2157 i = SSL_PKEY_ECC;
2158 } else if (alg_a & SSL_aRSA) {
2159 if (c->pkeys[SSL_PKEY_RSA_ENC].x509 == NULL)
2160 i = SSL_PKEY_RSA_SIGN;
2161 else
2162 i = SSL_PKEY_RSA_ENC;
2163 } else if (alg_a & SSL_aGOST01) {
2164 i = SSL_PKEY_GOST01;
2165 } else { /* if (alg_a & SSL_aNULL) */
2166 SSLerror(s, ERR_R_INTERNAL_ERROR);
2167 return (NULL);
2168 }
2169
2170 return (c->pkeys + i);
2171 }
2172
2173 X509 *
2174 ssl_get_server_send_cert(const SSL *s)
2175 {
2176 CERT_PKEY *cpk;
2177
2178 cpk = ssl_get_server_send_pkey(s);
2179 if (!cpk)
2180 return (NULL);
2181 return (cpk->x509);
2182 }
2183
2184 EVP_PKEY *
2185 ssl_get_sign_pkey(SSL *s, const SSL_CIPHER *cipher, const EVP_MD **pmd)
2186 {
2187 unsigned long alg_a;
2188 CERT *c;
2189 int idx = -1;
2190
2191 alg_a = cipher->algorithm_auth;
2192 c = s->cert;
2193
2194 if (alg_a & SSL_aRSA) {
2195 if (c->pkeys[SSL_PKEY_RSA_SIGN].privatekey != NULL)
2196 idx = SSL_PKEY_RSA_SIGN;
2197 else if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey != NULL)
2198 idx = SSL_PKEY_RSA_ENC;
2199 } else if ((alg_a & SSL_aECDSA) &&
2200 (c->pkeys[SSL_PKEY_ECC].privatekey != NULL))
2201 idx = SSL_PKEY_ECC;
2202 if (idx == -1) {
2203 SSLerror(s, ERR_R_INTERNAL_ERROR);
2204 return (NULL);
2205 }
2206 if (pmd)
2207 *pmd = c->pkeys[idx].digest;
2208 return (c->pkeys[idx].privatekey);
2209 }
2210
2211 DH *
2212 ssl_get_auto_dh(SSL *s)
2213 {
2214 CERT_PKEY *cpk;
2215 int keylen;
2216 DH *dhp;
2217
2218 if (s->cert->dh_tmp_auto == 2) {
2219 keylen = 1024;
2220 } else if (S3I(s)->hs.new_cipher->algorithm_auth & SSL_aNULL) {
2221 keylen = 1024;
2222 if (S3I(s)->hs.new_cipher->strength_bits == 256)
2223 keylen = 3072;
2224 } else {
2225 if ((cpk = ssl_get_server_send_pkey(s)) == NULL)
2226 return (NULL);
2227 if (cpk->privatekey == NULL || cpk->privatekey->pkey.dh == NULL)
2228 return (NULL);
2229 keylen = EVP_PKEY_bits(cpk->privatekey);
2230 }
2231
2232 if ((dhp = DH_new()) == NULL)
2233 return (NULL);
2234
2235 dhp->g = BN_new();
2236 if (dhp->g != NULL)
2237 BN_set_word(dhp->g, 2);
2238
2239 if (keylen >= 8192)
2240 dhp->p = get_rfc3526_prime_8192(NULL);
2241 else if (keylen >= 4096)
2242 dhp->p = get_rfc3526_prime_4096(NULL);
2243 else if (keylen >= 3072)
2244 dhp->p = get_rfc3526_prime_3072(NULL);
2245 else if (keylen >= 2048)
2246 dhp->p = get_rfc3526_prime_2048(NULL);
2247 else if (keylen >= 1536)
2248 dhp->p = get_rfc3526_prime_1536(NULL);
2249 else
2250 dhp->p = get_rfc2409_prime_1024(NULL);
2251
2252 if (dhp->p == NULL || dhp->g == NULL) {
2253 DH_free(dhp);
2254 return (NULL);
2255 }
2256 return (dhp);
2257 }
2258
2259 void
2260 ssl_update_cache(SSL *s, int mode)
2261 {
2262 int i;
2263
2264 /*
2265 * If the session_id_length is 0, we are not supposed to cache it,
2266 * and it would be rather hard to do anyway :-)
2267 */
2268 if (s->session->session_id_length == 0)
2269 return;
2270
2271 i = s->session_ctx->internal->session_cache_mode;
2272 if ((i & mode) && (!s->internal->hit) && ((i & SSL_SESS_CACHE_NO_INTERNAL_STORE)
2273 || SSL_CTX_add_session(s->session_ctx, s->session))
2274 && (s->session_ctx->internal->new_session_cb != NULL)) {
2275 CRYPTO_add(&s->session->references, 1, CRYPTO_LOCK_SSL_SESSION);
2276 if (!s->session_ctx->internal->new_session_cb(s, s->session))
2277 SSL_SESSION_free(s->session);
2278 }
2279
2280 /* auto flush every 255 connections */
2281 if ((!(i & SSL_SESS_CACHE_NO_AUTO_CLEAR)) &&
2282 ((i & mode) == mode)) {
2283 if ((((mode & SSL_SESS_CACHE_CLIENT) ?
2284 s->session_ctx->internal->stats.sess_connect_good :
2285 s->session_ctx->internal->stats.sess_accept_good) & 0xff) == 0xff) {
2286 SSL_CTX_flush_sessions(s->session_ctx, time(NULL));
2287 }
2288 }
2289 }
2290
2291 const SSL_METHOD *
2292 SSL_get_ssl_method(SSL *s)
2293 {
2294 return (s->method);
2295 }
2296
2297 int
2298 SSL_set_ssl_method(SSL *s, const SSL_METHOD *meth)
2299 {
2300 int conn = -1;
2301 int ret = 1;
2302
2303 if (s->method != meth) {
2304 if (s->internal->handshake_func != NULL)
2305 conn = (s->internal->handshake_func == s->method->internal->ssl_connect);
2306
2307 if (s->method->internal->version == meth->internal->version)
2308 s->method = meth;
2309 else {
2310 s->method->internal->ssl_free(s);
2311 s->method = meth;
2312 ret = s->method->internal->ssl_new(s);
2313 }
2314
2315 if (conn == 1)
2316 s->internal->handshake_func = meth->internal->ssl_connect;
2317 else if (conn == 0)
2318 s->internal->handshake_func = meth->internal->ssl_accept;
2319 }
2320 return (ret);
2321 }
2322
2323 int
2324 SSL_get_error(const SSL *s, int i)
2325 {
2326 int reason;
2327 unsigned long l;
2328 BIO *bio;
2329
2330 if (i > 0)
2331 return (SSL_ERROR_NONE);
2332
2333 /* Make things return SSL_ERROR_SYSCALL when doing SSL_do_handshake
2334 * etc, where we do encode the error */
2335 if ((l = ERR_peek_error()) != 0) {
2336 if (ERR_GET_LIB(l) == ERR_LIB_SYS)
2337 return (SSL_ERROR_SYSCALL);
2338 else
2339 return (SSL_ERROR_SSL);
2340 }
2341
2342 if ((i < 0) && SSL_want_read(s)) {
2343 bio = SSL_get_rbio(s);
2344 if (BIO_should_read(bio)) {
2345 return (SSL_ERROR_WANT_READ);
2346 } else if (BIO_should_write(bio)) {
2347 /*
2348 * This one doesn't make too much sense... We never
2349 * try to write to the rbio, and an application
2350 * program where rbio and wbio are separate couldn't
2351 * even know what it should wait for. However if we
2352 * ever set s->internal->rwstate incorrectly (so that we have
2353 * SSL_want_read(s) instead of SSL_want_write(s))
2354 * and rbio and wbio *are* the same, this test works
2355 * around that bug; so it might be safer to keep it.
2356 */
2357 return (SSL_ERROR_WANT_WRITE);
2358 } else if (BIO_should_io_special(bio)) {
2359 reason = BIO_get_retry_reason(bio);
2360 if (reason == BIO_RR_CONNECT)
2361 return (SSL_ERROR_WANT_CONNECT);
2362 else if (reason == BIO_RR_ACCEPT)
2363 return (SSL_ERROR_WANT_ACCEPT);
2364 else
2365 return (SSL_ERROR_SYSCALL); /* unknown */
2366 }
2367 }
2368
2369 if ((i < 0) && SSL_want_write(s)) {
2370 bio = SSL_get_wbio(s);
2371 if (BIO_should_write(bio)) {
2372 return (SSL_ERROR_WANT_WRITE);
2373 } else if (BIO_should_read(bio)) {
2374 /*
2375 * See above (SSL_want_read(s) with
2376 * BIO_should_write(bio))
2377 */
2378 return (SSL_ERROR_WANT_READ);
2379 } else if (BIO_should_io_special(bio)) {
2380 reason = BIO_get_retry_reason(bio);
2381 if (reason == BIO_RR_CONNECT)
2382 return (SSL_ERROR_WANT_CONNECT);
2383 else if (reason == BIO_RR_ACCEPT)
2384 return (SSL_ERROR_WANT_ACCEPT);
2385 else
2386 return (SSL_ERROR_SYSCALL);
2387 }
2388 }
2389 if ((i < 0) && SSL_want_x509_lookup(s)) {
2390 return (SSL_ERROR_WANT_X509_LOOKUP);
2391 }
2392
2393 if (i == 0) {
2394 if ((s->internal->shutdown & SSL_RECEIVED_SHUTDOWN) &&
2395 (S3I(s)->warn_alert == SSL_AD_CLOSE_NOTIFY))
2396 return (SSL_ERROR_ZERO_RETURN);
2397 }
2398 return (SSL_ERROR_SYSCALL);
2399 }
2400
2401 int
2402 SSL_do_handshake(SSL *s)
2403 {
2404 int ret = 1;
2405
2406 if (s->internal->handshake_func == NULL) {
2407 SSLerror(s, SSL_R_CONNECTION_TYPE_NOT_SET);
2408 return (-1);
2409 }
2410
2411 s->method->internal->ssl_renegotiate_check(s);
2412
2413 if (SSL_in_init(s) || SSL_in_before(s)) {
2414 ret = s->internal->handshake_func(s);
2415 }
2416 return (ret);
2417 }
2418
2419 /*
2420 * For the next 2 functions, SSL_clear() sets shutdown and so
2421 * one of these calls will reset it
2422 */
2423 void
2424 SSL_set_accept_state(SSL *s)
2425 {
2426 s->server = 1;
2427 s->internal->shutdown = 0;
2428 S3I(s)->hs.state = SSL_ST_ACCEPT|SSL_ST_BEFORE;
2429 s->internal->handshake_func = s->method->internal->ssl_accept;
2430 ssl_clear_cipher_state(s);
2431 }
2432
2433 void
2434 SSL_set_connect_state(SSL *s)
2435 {
2436 s->server = 0;
2437 s->internal->shutdown = 0;
2438 S3I(s)->hs.state = SSL_ST_CONNECT|SSL_ST_BEFORE;
2439 s->internal->handshake_func = s->method->internal->ssl_connect;
2440 ssl_clear_cipher_state(s);
2441 }
2442
2443 int
2444 ssl_undefined_function(SSL *s)
2445 {
2446 SSLerror(s, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2447 return (0);
2448 }
2449
2450 int
2451 ssl_undefined_void_function(void)
2452 {
2453 SSLerrorx(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2454 return (0);
2455 }
2456
2457 int
2458 ssl_undefined_const_function(const SSL *s)
2459 {
2460 SSLerror(s, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2461 return (0);
2462 }
2463
2464 const char *
2465 ssl_version_string(int ver)
2466 {
2467 switch (ver) {
2468 case DTLS1_VERSION:
2469 return (SSL_TXT_DTLS1);
2470 case TLS1_VERSION:
2471 return (SSL_TXT_TLSV1);
2472 case TLS1_1_VERSION:
2473 return (SSL_TXT_TLSV1_1);
2474 case TLS1_2_VERSION:
2475 return (SSL_TXT_TLSV1_2);
2476 default:
2477 return ("unknown");
2478 }
2479 }
2480
2481 const char *
2482 SSL_get_version(const SSL *s)
2483 {
2484 return ssl_version_string(s->version);
2485 }
2486
2487 SSL *
2488 SSL_dup(SSL *s)
2489 {
2490 STACK_OF(X509_NAME) *sk;
2491 X509_NAME *xn;
2492 SSL *ret;
2493 int i;
2494
2495 if ((ret = SSL_new(SSL_get_SSL_CTX(s))) == NULL)
2496 goto err;
2497
2498 ret->version = s->version;
2499 ret->internal->type = s->internal->type;
2500 ret->method = s->method;
2501
2502 if (s->session != NULL) {
2503 if (!SSL_copy_session_id(ret, s))
2504 goto err;
2505 } else {
2506 /*
2507 * No session has been established yet, so we have to expect
2508 * that s->cert or ret->cert will be changed later --
2509 * they should not both point to the same object,
2510 * and thus we can't use SSL_copy_session_id.
2511 */
2512
2513 ret->method->internal->ssl_free(ret);
2514 ret->method = s->method;
2515 ret->method->internal->ssl_new(ret);
2516
2517 if (s->cert != NULL) {
2518 ssl_cert_free(ret->cert);
2519 ret->cert = ssl_cert_dup(s->cert);
2520 if (ret->cert == NULL)
2521 goto err;
2522 }
2523
2524 if (!SSL_set_session_id_context(ret, s->sid_ctx,
2525 s->sid_ctx_length))
2526 goto err;
2527 }
2528
2529 ret->internal->options = s->internal->options;
2530 ret->internal->mode = s->internal->mode;
2531 SSL_set_max_cert_list(ret, SSL_get_max_cert_list(s));
2532 SSL_set_read_ahead(ret, SSL_get_read_ahead(s));
2533 ret->internal->msg_callback = s->internal->msg_callback;
2534 ret->internal->msg_callback_arg = s->internal->msg_callback_arg;
2535 SSL_set_verify(ret, SSL_get_verify_mode(s),
2536 SSL_get_verify_callback(s));
2537 SSL_set_verify_depth(ret, SSL_get_verify_depth(s));
2538 ret->internal->generate_session_id = s->internal->generate_session_id;
2539
2540 SSL_set_info_callback(ret, SSL_get_info_callback(s));
2541
2542 ret->internal->debug = s->internal->debug;
2543
2544 /* copy app data, a little dangerous perhaps */
2545 if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL,
2546 &ret->internal->ex_data, &s->internal->ex_data))
2547 goto err;
2548
2549 /* setup rbio, and wbio */
2550 if (s->rbio != NULL) {
2551 if (!BIO_dup_state(s->rbio,(char *)&ret->rbio))
2552 goto err;
2553 }
2554 if (s->wbio != NULL) {
2555 if (s->wbio != s->rbio) {
2556 if (!BIO_dup_state(s->wbio,(char *)&ret->wbio))
2557 goto err;
2558 } else
2559 ret->wbio = ret->rbio;
2560 }
2561 ret->internal->rwstate = s->internal->rwstate;
2562 ret->internal->in_handshake = s->internal->in_handshake;
2563 ret->internal->handshake_func = s->internal->handshake_func;
2564 ret->server = s->server;
2565 ret->internal->renegotiate = s->internal->renegotiate;
2566 ret->internal->new_session = s->internal->new_session;
2567 ret->internal->quiet_shutdown = s->internal->quiet_shutdown;
2568 ret->internal->shutdown = s->internal->shutdown;
2569 /* SSL_dup does not really work at any state, though */
2570 S3I(ret)->hs.state = S3I(s)->hs.state;
2571 ret->internal->rstate = s->internal->rstate;
2572
2573 /*
2574 * Would have to copy ret->init_buf, ret->init_msg, ret->init_num,
2575 * ret->init_off
2576 */
2577 ret->internal->init_num = 0;
2578
2579 ret->internal->hit = s->internal->hit;
2580
2581 X509_VERIFY_PARAM_inherit(ret->param, s->param);
2582
2583 /* dup the cipher_list and cipher_list_by_id stacks */
2584 if (s->cipher_list != NULL) {
2585 if ((ret->cipher_list =
2586 sk_SSL_CIPHER_dup(s->cipher_list)) == NULL)
2587 goto err;
2588 }
2589 if (s->internal->cipher_list_by_id != NULL) {
2590 if ((ret->internal->cipher_list_by_id =
2591 sk_SSL_CIPHER_dup(s->internal->cipher_list_by_id)) == NULL)
2592 goto err;
2593 }
2594
2595 /* Dup the client_CA list */
2596 if (s->internal->client_CA != NULL) {
2597 if ((sk = sk_X509_NAME_dup(s->internal->client_CA)) == NULL) goto err;
2598 ret->internal->client_CA = sk;
2599 for (i = 0; i < sk_X509_NAME_num(sk); i++) {
2600 xn = sk_X509_NAME_value(sk, i);
2601 if (sk_X509_NAME_set(sk, i,
2602 X509_NAME_dup(xn)) == NULL) {
2603 X509_NAME_free(xn);
2604 goto err;
2605 }
2606 }
2607 }
2608
2609 return ret;
2610 err:
2611 SSL_free(ret);
2612 return NULL;
2613 }
2614
2615 void
2616 ssl_clear_cipher_state(SSL *s)
2617 {
2618 ssl_clear_cipher_read_state(s);
2619 ssl_clear_cipher_write_state(s);
2620 }
2621
2622 void
2623 ssl_clear_cipher_read_state(SSL *s)
2624 {
2625 EVP_CIPHER_CTX_free(s->enc_read_ctx);
2626 s->enc_read_ctx = NULL;
2627 EVP_MD_CTX_free(s->read_hash);
2628 s->read_hash = NULL;
2629
2630 if (s->internal->aead_read_ctx != NULL) {
2631 EVP_AEAD_CTX_cleanup(&s->internal->aead_read_ctx->ctx);
2632 free(s->internal->aead_read_ctx);
2633 s->internal->aead_read_ctx = NULL;
2634 }
2635 }
2636
2637 void
2638 ssl_clear_cipher_write_state(SSL *s)
2639 {
2640 EVP_CIPHER_CTX_free(s->internal->enc_write_ctx);
2641 s->internal->enc_write_ctx = NULL;
2642 EVP_MD_CTX_free(s->internal->write_hash);
2643 s->internal->write_hash = NULL;
2644
2645 if (s->internal->aead_write_ctx != NULL) {
2646 EVP_AEAD_CTX_cleanup(&s->internal->aead_write_ctx->ctx);
2647 free(s->internal->aead_write_ctx);
2648 s->internal->aead_write_ctx = NULL;
2649 }
2650 }
2651
2652 /* Fix this function so that it takes an optional type parameter */
2653 X509 *
2654 SSL_get_certificate(const SSL *s)
2655 {
2656 if (s->cert != NULL)
2657 return (s->cert->key->x509);
2658 else
2659 return (NULL);
2660 }
2661
2662 /* Fix this function so that it takes an optional type parameter */
2663 EVP_PKEY *
2664 SSL_get_privatekey(const SSL *s)
2665 {
2666 if (s->cert != NULL)
2667 return (s->cert->key->privatekey);
2668 else
2669 return (NULL);
2670 }
2671
2672 const SSL_CIPHER *
2673 SSL_get_current_cipher(const SSL *s)
2674 {
2675 if ((s->session != NULL) && (s->session->cipher != NULL))
2676 return (s->session->cipher);
2677 return (NULL);
2678 }
2679 const void *
2680 SSL_get_current_compression(SSL *s)
2681 {
2682 return (NULL);
2683 }
2684
2685 const void *
2686 SSL_get_current_expansion(SSL *s)
2687 {
2688 return (NULL);
2689 }
2690
2691 size_t
2692 SSL_get_client_random(const SSL *s, unsigned char *out, size_t max_out)
2693 {
2694 size_t len = sizeof(s->s3->client_random);
2695
2696 if (out == NULL)
2697 return len;
2698
2699 if (len > max_out)
2700 len = max_out;
2701
2702 memcpy(out, s->s3->client_random, len);
2703
2704 return len;
2705 }
2706
2707 size_t
2708 SSL_get_server_random(const SSL *s, unsigned char *out, size_t max_out)
2709 {
2710 size_t len = sizeof(s->s3->server_random);
2711
2712 if (out == NULL)
2713 return len;
2714
2715 if (len > max_out)
2716 len = max_out;
2717
2718 memcpy(out, s->s3->server_random, len);
2719
2720 return len;
2721 }
2722
2723 int
2724 ssl_init_wbio_buffer(SSL *s, int push)
2725 {
2726 BIO *bbio;
2727
2728 if (s->bbio == NULL) {
2729 bbio = BIO_new(BIO_f_buffer());
2730 if (bbio == NULL)
2731 return (0);
2732 s->bbio = bbio;
2733 } else {
2734 bbio = s->bbio;
2735 if (s->bbio == s->wbio)
2736 s->wbio = BIO_pop(s->wbio);
2737 }
2738 (void)BIO_reset(bbio);
2739 /* if (!BIO_set_write_buffer_size(bbio,16*1024)) */
2740 if (!BIO_set_read_buffer_size(bbio, 1)) {
2741 SSLerror(s, ERR_R_BUF_LIB);
2742 return (0);
2743 }
2744 if (push) {
2745 if (s->wbio != bbio)
2746 s->wbio = BIO_push(bbio, s->wbio);
2747 } else {
2748 if (s->wbio == bbio)
2749 s->wbio = BIO_pop(bbio);
2750 }
2751 return (1);
2752 }
2753
2754 void
2755 ssl_free_wbio_buffer(SSL *s)
2756 {
2757 if (s == NULL)
2758 return;
2759
2760 if (s->bbio == NULL)
2761 return;
2762
2763 if (s->bbio == s->wbio) {
2764 /* remove buffering */
2765 s->wbio = BIO_pop(s->wbio);
2766 }
2767 BIO_free(s->bbio);
2768 s->bbio = NULL;
2769 }
2770
2771 void
2772 SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode)
2773 {
2774 ctx->internal->quiet_shutdown = mode;
2775 }
2776
2777 int
2778 SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx)
2779 {
2780 return (ctx->internal->quiet_shutdown);
2781 }
2782
2783 void
2784 SSL_set_quiet_shutdown(SSL *s, int mode)
2785 {
2786 s->internal->quiet_shutdown = mode;
2787 }
2788
2789 int
2790 SSL_get_quiet_shutdown(const SSL *s)
2791 {
2792 return (s->internal->quiet_shutdown);
2793 }
2794
2795 void
2796 SSL_set_shutdown(SSL *s, int mode)
2797 {
2798 s->internal->shutdown = mode;
2799 }
2800
2801 int
2802 SSL_get_shutdown(const SSL *s)
2803 {
2804 return (s->internal->shutdown);
2805 }
2806
2807 int
2808 SSL_version(const SSL *s)
2809 {
2810 return (s->version);
2811 }
2812
2813 SSL_CTX *
2814 SSL_get_SSL_CTX(const SSL *ssl)
2815 {
2816 return (ssl->ctx);
2817 }
2818
2819 SSL_CTX *
2820 SSL_set_SSL_CTX(SSL *ssl, SSL_CTX* ctx)
2821 {
2822 CERT *ocert = ssl->cert;
2823
2824 if (ssl->ctx == ctx)
2825 return (ssl->ctx);
2826 if (ctx == NULL)
2827 ctx = ssl->initial_ctx;
2828 ssl->cert = ssl_cert_dup(ctx->internal->cert);
2829 if (ocert != NULL) {
2830 int i;
2831 /* Copy negotiated digests from original certificate. */
2832 for (i = 0; i < SSL_PKEY_NUM; i++)
2833 ssl->cert->pkeys[i].digest = ocert->pkeys[i].digest;
2834 ssl_cert_free(ocert);
2835 }
2836 CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
2837 SSL_CTX_free(ssl->ctx); /* decrement reference count */
2838 ssl->ctx = ctx;
2839 return (ssl->ctx);
2840 }
2841
2842 int
2843 SSL_CTX_set_default_verify_paths(SSL_CTX *ctx)
2844 {
2845 return (X509_STORE_set_default_paths(ctx->cert_store));
2846 }
2847
2848 int
2849 SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
2850 const char *CApath)
2851 {
2852 return (X509_STORE_load_locations(ctx->cert_store, CAfile, CApath));
2853 }
2854
2855 int
2856 SSL_CTX_load_verify_mem(SSL_CTX *ctx, void *buf, int len)
2857 {
2858 return (X509_STORE_load_mem(ctx->cert_store, buf, len));
2859 }
2860
2861 void
2862 SSL_set_info_callback(SSL *ssl, void (*cb)(const SSL *ssl, int type, int val))
2863 {
2864 ssl->internal->info_callback = cb;
2865 }
2866
2867 void (*SSL_get_info_callback(const SSL *ssl))(const SSL *ssl, int type, int val)
2868 {
2869 return (ssl->internal->info_callback);
2870 }
2871
2872 int
2873 SSL_state(const SSL *ssl)
2874 {
2875 return (S3I(ssl)->hs.state);
2876 }
2877
2878 void
2879 SSL_set_state(SSL *ssl, int state)
2880 {
2881 S3I(ssl)->hs.state = state;
2882 }
2883
2884 void
2885 SSL_set_verify_result(SSL *ssl, long arg)
2886 {
2887 ssl->verify_result = arg;
2888 }
2889
2890 long
2891 SSL_get_verify_result(const SSL *ssl)
2892 {
2893 return (ssl->verify_result);
2894 }
2895
2896 int
2897 SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
2898 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
2899 {
2900 return (CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL, argl, argp,
2901 new_func, dup_func, free_func));
2902 }
2903
2904 int
2905 SSL_set_ex_data(SSL *s, int idx, void *arg)
2906 {
2907 return (CRYPTO_set_ex_data(&s->internal->ex_data, idx, arg));
2908 }
2909
2910 void *
2911 SSL_get_ex_data(const SSL *s, int idx)
2912 {
2913 return (CRYPTO_get_ex_data(&s->internal->ex_data, idx));
2914 }
2915
2916 int
2917 SSL_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
2918 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
2919 {
2920 return (CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX, argl, argp,
2921 new_func, dup_func, free_func));
2922 }
2923
2924 int
2925 SSL_CTX_set_ex_data(SSL_CTX *s, int idx, void *arg)
2926 {
2927 return (CRYPTO_set_ex_data(&s->internal->ex_data, idx, arg));
2928 }
2929
2930 void *
2931 SSL_CTX_get_ex_data(const SSL_CTX *s, int idx)
2932 {
2933 return (CRYPTO_get_ex_data(&s->internal->ex_data, idx));
2934 }
2935
2936 int
2937 ssl_ok(SSL *s)
2938 {
2939 return (1);
2940 }
2941
2942 X509_STORE *
2943 SSL_CTX_get_cert_store(const SSL_CTX *ctx)
2944 {
2945 return (ctx->cert_store);
2946 }
2947
2948 void
2949 SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *store)
2950 {
2951 X509_STORE_free(ctx->cert_store);
2952 ctx->cert_store = store;
2953 }
2954
2955 X509 *
2956 SSL_CTX_get0_certificate(const SSL_CTX *ctx)
2957 {
2958 if (ctx->internal->cert == NULL)
2959 return NULL;
2960
2961 return ctx->internal->cert->key->x509;
2962 }
2963
2964 int
2965 SSL_want(const SSL *s)
2966 {
2967 return (s->internal->rwstate);
2968 }
2969
2970 void
2971 SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx, RSA *(*cb)(SSL *ssl, int is_export,
2972 int keylength))
2973 {
2974 SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_RSA_CB,(void (*)(void))cb);
2975 }
2976
2977 void
2978 SSL_set_tmp_rsa_callback(SSL *ssl, RSA *(*cb)(SSL *ssl, int is_export,
2979 int keylength))
2980 {
2981 SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_RSA_CB,(void (*)(void))cb);
2982 }
2983
2984 void
2985 SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx, DH *(*dh)(SSL *ssl, int is_export,
2986 int keylength))
2987 {
2988 SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_DH_CB,(void (*)(void))dh);
2989 }
2990
2991 void
2992 SSL_set_tmp_dh_callback(SSL *ssl, DH *(*dh)(SSL *ssl, int is_export,
2993 int keylength))
2994 {
2995 SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_DH_CB,(void (*)(void))dh);
2996 }
2997
2998 void
2999 SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx, EC_KEY *(*ecdh)(SSL *ssl,
3000 int is_export, int keylength))
3001 {
3002 SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_ECDH_CB,
3003 (void (*)(void))ecdh);
3004 }
3005
3006 void
3007 SSL_set_tmp_ecdh_callback(SSL *ssl, EC_KEY *(*ecdh)(SSL *ssl, int is_export,
3008 int keylength))
3009 {
3010 SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_ECDH_CB,(void (*)(void))ecdh);
3011 }
3012
3013
3014 void
3015 SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int version,
3016 int content_type, const void *buf, size_t len, SSL *ssl, void *arg))
3017 {
3018 SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_MSG_CALLBACK,
3019 (void (*)(void))cb);
3020 }
3021
3022 void
3023 SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version,
3024 int content_type, const void *buf, size_t len, SSL *ssl, void *arg))
3025 {
3026 SSL_callback_ctrl(ssl, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb);
3027 }
3028
3029 void
3030 SSL_set_debug(SSL *s, int debug)
3031 {
3032 s->internal->debug = debug;
3033 }
3034
3035 int
3036 SSL_cache_hit(SSL *s)
3037 {
3038 return (s->internal->hit);
3039 }
3040
3041 int
3042 SSL_CTX_get_min_proto_version(SSL_CTX *ctx)
3043 {
3044 return ctx->internal->min_version;
3045 }
3046
3047 int
3048 SSL_CTX_set_min_proto_version(SSL_CTX *ctx, uint16_t version)
3049 {
3050 return ssl_version_set_min(ctx->method, version,
3051 ctx->internal->max_version, &ctx->internal->min_version);
3052 }
3053
3054 int
3055 SSL_CTX_get_max_proto_version(SSL_CTX *ctx)
3056 {
3057 return ctx->internal->max_version;
3058 }
3059
3060 int
3061 SSL_CTX_set_max_proto_version(SSL_CTX *ctx, uint16_t version)
3062 {
3063 return ssl_version_set_max(ctx->method, version,
3064 ctx->internal->min_version, &ctx->internal->max_version);
3065 }
3066
3067 int
3068 SSL_get_min_proto_version(SSL *ssl)
3069 {
3070 return ssl->internal->min_version;
3071 }
3072
3073 int
3074 SSL_set_min_proto_version(SSL *ssl, uint16_t version)
3075 {
3076 return ssl_version_set_min(ssl->method, version,
3077 ssl->internal->max_version, &ssl->internal->min_version);
3078 }
3079 int
3080 SSL_get_max_proto_version(SSL *ssl)
3081 {
3082 return ssl->internal->max_version;
3083 }
3084
3085 int
3086 SSL_set_max_proto_version(SSL *ssl, uint16_t version)
3087 {
3088 return ssl_version_set_max(ssl->method, version,
3089 ssl->internal->min_version, &ssl->internal->max_version);
3090 }
3091
3092 static int
3093 ssl_cipher_id_cmp_BSEARCH_CMP_FN(const void *a_, const void *b_)
3094 {
3095 SSL_CIPHER const *a = a_;
3096 SSL_CIPHER const *b = b_;
3097 return ssl_cipher_id_cmp(a, b);
3098 }
3099
3100 SSL_CIPHER *
3101 OBJ_bsearch_ssl_cipher_id(SSL_CIPHER *key, SSL_CIPHER const *base, int num)
3102 {
3103 return (SSL_CIPHER *)OBJ_bsearch_(key, base, num, sizeof(SSL_CIPHER),
3104 ssl_cipher_id_cmp_BSEARCH_CMP_FN);
3105 }
Unleashed OS