1e1051a39Sopenharmony_ci/* 2e1051a39Sopenharmony_ci * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved. 3e1051a39Sopenharmony_ci * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved 4e1051a39Sopenharmony_ci * Copyright 2005 Nokia. All rights reserved. 5e1051a39Sopenharmony_ci * 6e1051a39Sopenharmony_ci * Licensed under the Apache License 2.0 (the "License"). You may not use 7e1051a39Sopenharmony_ci * this file except in compliance with the License. You can obtain a copy 8e1051a39Sopenharmony_ci * in the file LICENSE in the source distribution or at 9e1051a39Sopenharmony_ci * https://www.openssl.org/source/license.html 10e1051a39Sopenharmony_ci */ 11e1051a39Sopenharmony_ci 12e1051a39Sopenharmony_ci#include <stdio.h> 13e1051a39Sopenharmony_ci#include "ssl_local.h" 14e1051a39Sopenharmony_ci#include "e_os.h" 15e1051a39Sopenharmony_ci#include <openssl/objects.h> 16e1051a39Sopenharmony_ci#include <openssl/x509v3.h> 17e1051a39Sopenharmony_ci#include <openssl/rand.h> 18e1051a39Sopenharmony_ci#include <openssl/ocsp.h> 19e1051a39Sopenharmony_ci#include <openssl/dh.h> 20e1051a39Sopenharmony_ci#include <openssl/engine.h> 21e1051a39Sopenharmony_ci#include <openssl/async.h> 22e1051a39Sopenharmony_ci#include <openssl/ct.h> 23e1051a39Sopenharmony_ci#include <openssl/trace.h> 24e1051a39Sopenharmony_ci#include "internal/cryptlib.h" 25e1051a39Sopenharmony_ci#include "internal/refcount.h" 26e1051a39Sopenharmony_ci#include "internal/ktls.h" 27e1051a39Sopenharmony_ci 28e1051a39Sopenharmony_cistatic int ssl_undefined_function_1(SSL *ssl, SSL3_RECORD *r, size_t s, int t, 29e1051a39Sopenharmony_ci SSL_MAC_BUF *mac, size_t macsize) 30e1051a39Sopenharmony_ci{ 31e1051a39Sopenharmony_ci return ssl_undefined_function(ssl); 32e1051a39Sopenharmony_ci} 33e1051a39Sopenharmony_ci 34e1051a39Sopenharmony_cistatic int ssl_undefined_function_2(SSL *ssl, SSL3_RECORD *r, unsigned char *s, 35e1051a39Sopenharmony_ci int t) 36e1051a39Sopenharmony_ci{ 37e1051a39Sopenharmony_ci return ssl_undefined_function(ssl); 38e1051a39Sopenharmony_ci} 39e1051a39Sopenharmony_ci 40e1051a39Sopenharmony_cistatic int ssl_undefined_function_3(SSL *ssl, unsigned char *r, 41e1051a39Sopenharmony_ci unsigned char *s, size_t t, size_t *u) 42e1051a39Sopenharmony_ci{ 43e1051a39Sopenharmony_ci return ssl_undefined_function(ssl); 44e1051a39Sopenharmony_ci} 45e1051a39Sopenharmony_ci 46e1051a39Sopenharmony_cistatic int ssl_undefined_function_4(SSL *ssl, int r) 47e1051a39Sopenharmony_ci{ 48e1051a39Sopenharmony_ci return ssl_undefined_function(ssl); 49e1051a39Sopenharmony_ci} 50e1051a39Sopenharmony_ci 51e1051a39Sopenharmony_cistatic size_t ssl_undefined_function_5(SSL *ssl, const char *r, size_t s, 52e1051a39Sopenharmony_ci unsigned char *t) 53e1051a39Sopenharmony_ci{ 54e1051a39Sopenharmony_ci return ssl_undefined_function(ssl); 55e1051a39Sopenharmony_ci} 56e1051a39Sopenharmony_ci 57e1051a39Sopenharmony_cistatic int ssl_undefined_function_6(int r) 58e1051a39Sopenharmony_ci{ 59e1051a39Sopenharmony_ci return ssl_undefined_function(NULL); 60e1051a39Sopenharmony_ci} 61e1051a39Sopenharmony_ci 62e1051a39Sopenharmony_cistatic int ssl_undefined_function_7(SSL *ssl, unsigned char *r, size_t s, 63e1051a39Sopenharmony_ci const char *t, size_t u, 64e1051a39Sopenharmony_ci const unsigned char *v, size_t w, int x) 65e1051a39Sopenharmony_ci{ 66e1051a39Sopenharmony_ci return ssl_undefined_function(ssl); 67e1051a39Sopenharmony_ci} 68e1051a39Sopenharmony_ci 69e1051a39Sopenharmony_ciSSL3_ENC_METHOD ssl3_undef_enc_method = { 70e1051a39Sopenharmony_ci ssl_undefined_function_1, 71e1051a39Sopenharmony_ci ssl_undefined_function_2, 72e1051a39Sopenharmony_ci ssl_undefined_function, 73e1051a39Sopenharmony_ci ssl_undefined_function_3, 74e1051a39Sopenharmony_ci ssl_undefined_function_4, 75e1051a39Sopenharmony_ci ssl_undefined_function_5, 76e1051a39Sopenharmony_ci NULL, /* client_finished_label */ 77e1051a39Sopenharmony_ci 0, /* client_finished_label_len */ 78e1051a39Sopenharmony_ci NULL, /* server_finished_label */ 79e1051a39Sopenharmony_ci 0, /* server_finished_label_len */ 80e1051a39Sopenharmony_ci ssl_undefined_function_6, 81e1051a39Sopenharmony_ci ssl_undefined_function_7, 82e1051a39Sopenharmony_ci}; 83e1051a39Sopenharmony_ci 84e1051a39Sopenharmony_cistruct ssl_async_args { 85e1051a39Sopenharmony_ci SSL *s; 86e1051a39Sopenharmony_ci void *buf; 87e1051a39Sopenharmony_ci size_t num; 88e1051a39Sopenharmony_ci enum { READFUNC, WRITEFUNC, OTHERFUNC } type; 89e1051a39Sopenharmony_ci union { 90e1051a39Sopenharmony_ci int (*func_read) (SSL *, void *, size_t, size_t *); 91e1051a39Sopenharmony_ci int (*func_write) (SSL *, const void *, size_t, size_t *); 92e1051a39Sopenharmony_ci int (*func_other) (SSL *); 93e1051a39Sopenharmony_ci } f; 94e1051a39Sopenharmony_ci}; 95e1051a39Sopenharmony_ci 96e1051a39Sopenharmony_cistatic const struct { 97e1051a39Sopenharmony_ci uint8_t mtype; 98e1051a39Sopenharmony_ci uint8_t ord; 99e1051a39Sopenharmony_ci int nid; 100e1051a39Sopenharmony_ci} dane_mds[] = { 101e1051a39Sopenharmony_ci { 102e1051a39Sopenharmony_ci DANETLS_MATCHING_FULL, 0, NID_undef 103e1051a39Sopenharmony_ci }, 104e1051a39Sopenharmony_ci { 105e1051a39Sopenharmony_ci DANETLS_MATCHING_2256, 1, NID_sha256 106e1051a39Sopenharmony_ci }, 107e1051a39Sopenharmony_ci { 108e1051a39Sopenharmony_ci DANETLS_MATCHING_2512, 2, NID_sha512 109e1051a39Sopenharmony_ci }, 110e1051a39Sopenharmony_ci}; 111e1051a39Sopenharmony_ci 112e1051a39Sopenharmony_cistatic int dane_ctx_enable(struct dane_ctx_st *dctx) 113e1051a39Sopenharmony_ci{ 114e1051a39Sopenharmony_ci const EVP_MD **mdevp; 115e1051a39Sopenharmony_ci uint8_t *mdord; 116e1051a39Sopenharmony_ci uint8_t mdmax = DANETLS_MATCHING_LAST; 117e1051a39Sopenharmony_ci int n = ((int)mdmax) + 1; /* int to handle PrivMatch(255) */ 118e1051a39Sopenharmony_ci size_t i; 119e1051a39Sopenharmony_ci 120e1051a39Sopenharmony_ci if (dctx->mdevp != NULL) 121e1051a39Sopenharmony_ci return 1; 122e1051a39Sopenharmony_ci 123e1051a39Sopenharmony_ci mdevp = OPENSSL_zalloc(n * sizeof(*mdevp)); 124e1051a39Sopenharmony_ci mdord = OPENSSL_zalloc(n * sizeof(*mdord)); 125e1051a39Sopenharmony_ci 126e1051a39Sopenharmony_ci if (mdord == NULL || mdevp == NULL) { 127e1051a39Sopenharmony_ci OPENSSL_free(mdord); 128e1051a39Sopenharmony_ci OPENSSL_free(mdevp); 129e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); 130e1051a39Sopenharmony_ci return 0; 131e1051a39Sopenharmony_ci } 132e1051a39Sopenharmony_ci 133e1051a39Sopenharmony_ci /* Install default entries */ 134e1051a39Sopenharmony_ci for (i = 0; i < OSSL_NELEM(dane_mds); ++i) { 135e1051a39Sopenharmony_ci const EVP_MD *md; 136e1051a39Sopenharmony_ci 137e1051a39Sopenharmony_ci if (dane_mds[i].nid == NID_undef || 138e1051a39Sopenharmony_ci (md = EVP_get_digestbynid(dane_mds[i].nid)) == NULL) 139e1051a39Sopenharmony_ci continue; 140e1051a39Sopenharmony_ci mdevp[dane_mds[i].mtype] = md; 141e1051a39Sopenharmony_ci mdord[dane_mds[i].mtype] = dane_mds[i].ord; 142e1051a39Sopenharmony_ci } 143e1051a39Sopenharmony_ci 144e1051a39Sopenharmony_ci dctx->mdevp = mdevp; 145e1051a39Sopenharmony_ci dctx->mdord = mdord; 146e1051a39Sopenharmony_ci dctx->mdmax = mdmax; 147e1051a39Sopenharmony_ci 148e1051a39Sopenharmony_ci return 1; 149e1051a39Sopenharmony_ci} 150e1051a39Sopenharmony_ci 151e1051a39Sopenharmony_cistatic void dane_ctx_final(struct dane_ctx_st *dctx) 152e1051a39Sopenharmony_ci{ 153e1051a39Sopenharmony_ci OPENSSL_free(dctx->mdevp); 154e1051a39Sopenharmony_ci dctx->mdevp = NULL; 155e1051a39Sopenharmony_ci 156e1051a39Sopenharmony_ci OPENSSL_free(dctx->mdord); 157e1051a39Sopenharmony_ci dctx->mdord = NULL; 158e1051a39Sopenharmony_ci dctx->mdmax = 0; 159e1051a39Sopenharmony_ci} 160e1051a39Sopenharmony_ci 161e1051a39Sopenharmony_cistatic void tlsa_free(danetls_record *t) 162e1051a39Sopenharmony_ci{ 163e1051a39Sopenharmony_ci if (t == NULL) 164e1051a39Sopenharmony_ci return; 165e1051a39Sopenharmony_ci OPENSSL_free(t->data); 166e1051a39Sopenharmony_ci EVP_PKEY_free(t->spki); 167e1051a39Sopenharmony_ci OPENSSL_free(t); 168e1051a39Sopenharmony_ci} 169e1051a39Sopenharmony_ci 170e1051a39Sopenharmony_cistatic void dane_final(SSL_DANE *dane) 171e1051a39Sopenharmony_ci{ 172e1051a39Sopenharmony_ci sk_danetls_record_pop_free(dane->trecs, tlsa_free); 173e1051a39Sopenharmony_ci dane->trecs = NULL; 174e1051a39Sopenharmony_ci 175e1051a39Sopenharmony_ci sk_X509_pop_free(dane->certs, X509_free); 176e1051a39Sopenharmony_ci dane->certs = NULL; 177e1051a39Sopenharmony_ci 178e1051a39Sopenharmony_ci X509_free(dane->mcert); 179e1051a39Sopenharmony_ci dane->mcert = NULL; 180e1051a39Sopenharmony_ci dane->mtlsa = NULL; 181e1051a39Sopenharmony_ci dane->mdpth = -1; 182e1051a39Sopenharmony_ci dane->pdpth = -1; 183e1051a39Sopenharmony_ci} 184e1051a39Sopenharmony_ci 185e1051a39Sopenharmony_ci/* 186e1051a39Sopenharmony_ci * dane_copy - Copy dane configuration, sans verification state. 187e1051a39Sopenharmony_ci */ 188e1051a39Sopenharmony_cistatic int ssl_dane_dup(SSL *to, SSL *from) 189e1051a39Sopenharmony_ci{ 190e1051a39Sopenharmony_ci int num; 191e1051a39Sopenharmony_ci int i; 192e1051a39Sopenharmony_ci 193e1051a39Sopenharmony_ci if (!DANETLS_ENABLED(&from->dane)) 194e1051a39Sopenharmony_ci return 1; 195e1051a39Sopenharmony_ci 196e1051a39Sopenharmony_ci num = sk_danetls_record_num(from->dane.trecs); 197e1051a39Sopenharmony_ci dane_final(&to->dane); 198e1051a39Sopenharmony_ci to->dane.flags = from->dane.flags; 199e1051a39Sopenharmony_ci to->dane.dctx = &to->ctx->dane; 200e1051a39Sopenharmony_ci to->dane.trecs = sk_danetls_record_new_reserve(NULL, num); 201e1051a39Sopenharmony_ci 202e1051a39Sopenharmony_ci if (to->dane.trecs == NULL) { 203e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); 204e1051a39Sopenharmony_ci return 0; 205e1051a39Sopenharmony_ci } 206e1051a39Sopenharmony_ci 207e1051a39Sopenharmony_ci for (i = 0; i < num; ++i) { 208e1051a39Sopenharmony_ci danetls_record *t = sk_danetls_record_value(from->dane.trecs, i); 209e1051a39Sopenharmony_ci 210e1051a39Sopenharmony_ci if (SSL_dane_tlsa_add(to, t->usage, t->selector, t->mtype, 211e1051a39Sopenharmony_ci t->data, t->dlen) <= 0) 212e1051a39Sopenharmony_ci return 0; 213e1051a39Sopenharmony_ci } 214e1051a39Sopenharmony_ci return 1; 215e1051a39Sopenharmony_ci} 216e1051a39Sopenharmony_ci 217e1051a39Sopenharmony_cistatic int dane_mtype_set(struct dane_ctx_st *dctx, 218e1051a39Sopenharmony_ci const EVP_MD *md, uint8_t mtype, uint8_t ord) 219e1051a39Sopenharmony_ci{ 220e1051a39Sopenharmony_ci int i; 221e1051a39Sopenharmony_ci 222e1051a39Sopenharmony_ci if (mtype == DANETLS_MATCHING_FULL && md != NULL) { 223e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_DANE_CANNOT_OVERRIDE_MTYPE_FULL); 224e1051a39Sopenharmony_ci return 0; 225e1051a39Sopenharmony_ci } 226e1051a39Sopenharmony_ci 227e1051a39Sopenharmony_ci if (mtype > dctx->mdmax) { 228e1051a39Sopenharmony_ci const EVP_MD **mdevp; 229e1051a39Sopenharmony_ci uint8_t *mdord; 230e1051a39Sopenharmony_ci int n = ((int)mtype) + 1; 231e1051a39Sopenharmony_ci 232e1051a39Sopenharmony_ci mdevp = OPENSSL_realloc(dctx->mdevp, n * sizeof(*mdevp)); 233e1051a39Sopenharmony_ci if (mdevp == NULL) { 234e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); 235e1051a39Sopenharmony_ci return -1; 236e1051a39Sopenharmony_ci } 237e1051a39Sopenharmony_ci dctx->mdevp = mdevp; 238e1051a39Sopenharmony_ci 239e1051a39Sopenharmony_ci mdord = OPENSSL_realloc(dctx->mdord, n * sizeof(*mdord)); 240e1051a39Sopenharmony_ci if (mdord == NULL) { 241e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); 242e1051a39Sopenharmony_ci return -1; 243e1051a39Sopenharmony_ci } 244e1051a39Sopenharmony_ci dctx->mdord = mdord; 245e1051a39Sopenharmony_ci 246e1051a39Sopenharmony_ci /* Zero-fill any gaps */ 247e1051a39Sopenharmony_ci for (i = dctx->mdmax + 1; i < mtype; ++i) { 248e1051a39Sopenharmony_ci mdevp[i] = NULL; 249e1051a39Sopenharmony_ci mdord[i] = 0; 250e1051a39Sopenharmony_ci } 251e1051a39Sopenharmony_ci 252e1051a39Sopenharmony_ci dctx->mdmax = mtype; 253e1051a39Sopenharmony_ci } 254e1051a39Sopenharmony_ci 255e1051a39Sopenharmony_ci dctx->mdevp[mtype] = md; 256e1051a39Sopenharmony_ci /* Coerce ordinal of disabled matching types to 0 */ 257e1051a39Sopenharmony_ci dctx->mdord[mtype] = (md == NULL) ? 0 : ord; 258e1051a39Sopenharmony_ci 259e1051a39Sopenharmony_ci return 1; 260e1051a39Sopenharmony_ci} 261e1051a39Sopenharmony_ci 262e1051a39Sopenharmony_cistatic const EVP_MD *tlsa_md_get(SSL_DANE *dane, uint8_t mtype) 263e1051a39Sopenharmony_ci{ 264e1051a39Sopenharmony_ci if (mtype > dane->dctx->mdmax) 265e1051a39Sopenharmony_ci return NULL; 266e1051a39Sopenharmony_ci return dane->dctx->mdevp[mtype]; 267e1051a39Sopenharmony_ci} 268e1051a39Sopenharmony_ci 269e1051a39Sopenharmony_cistatic int dane_tlsa_add(SSL_DANE *dane, 270e1051a39Sopenharmony_ci uint8_t usage, 271e1051a39Sopenharmony_ci uint8_t selector, 272e1051a39Sopenharmony_ci uint8_t mtype, const unsigned char *data, size_t dlen) 273e1051a39Sopenharmony_ci{ 274e1051a39Sopenharmony_ci danetls_record *t; 275e1051a39Sopenharmony_ci const EVP_MD *md = NULL; 276e1051a39Sopenharmony_ci int ilen = (int)dlen; 277e1051a39Sopenharmony_ci int i; 278e1051a39Sopenharmony_ci int num; 279e1051a39Sopenharmony_ci 280e1051a39Sopenharmony_ci if (dane->trecs == NULL) { 281e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_DANE_NOT_ENABLED); 282e1051a39Sopenharmony_ci return -1; 283e1051a39Sopenharmony_ci } 284e1051a39Sopenharmony_ci 285e1051a39Sopenharmony_ci if (ilen < 0 || dlen != (size_t)ilen) { 286e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_DANE_TLSA_BAD_DATA_LENGTH); 287e1051a39Sopenharmony_ci return 0; 288e1051a39Sopenharmony_ci } 289e1051a39Sopenharmony_ci 290e1051a39Sopenharmony_ci if (usage > DANETLS_USAGE_LAST) { 291e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_DANE_TLSA_BAD_CERTIFICATE_USAGE); 292e1051a39Sopenharmony_ci return 0; 293e1051a39Sopenharmony_ci } 294e1051a39Sopenharmony_ci 295e1051a39Sopenharmony_ci if (selector > DANETLS_SELECTOR_LAST) { 296e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_DANE_TLSA_BAD_SELECTOR); 297e1051a39Sopenharmony_ci return 0; 298e1051a39Sopenharmony_ci } 299e1051a39Sopenharmony_ci 300e1051a39Sopenharmony_ci if (mtype != DANETLS_MATCHING_FULL) { 301e1051a39Sopenharmony_ci md = tlsa_md_get(dane, mtype); 302e1051a39Sopenharmony_ci if (md == NULL) { 303e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_DANE_TLSA_BAD_MATCHING_TYPE); 304e1051a39Sopenharmony_ci return 0; 305e1051a39Sopenharmony_ci } 306e1051a39Sopenharmony_ci } 307e1051a39Sopenharmony_ci 308e1051a39Sopenharmony_ci if (md != NULL && dlen != (size_t)EVP_MD_get_size(md)) { 309e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_DANE_TLSA_BAD_DIGEST_LENGTH); 310e1051a39Sopenharmony_ci return 0; 311e1051a39Sopenharmony_ci } 312e1051a39Sopenharmony_ci if (!data) { 313e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_DANE_TLSA_NULL_DATA); 314e1051a39Sopenharmony_ci return 0; 315e1051a39Sopenharmony_ci } 316e1051a39Sopenharmony_ci 317e1051a39Sopenharmony_ci if ((t = OPENSSL_zalloc(sizeof(*t))) == NULL) { 318e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); 319e1051a39Sopenharmony_ci return -1; 320e1051a39Sopenharmony_ci } 321e1051a39Sopenharmony_ci 322e1051a39Sopenharmony_ci t->usage = usage; 323e1051a39Sopenharmony_ci t->selector = selector; 324e1051a39Sopenharmony_ci t->mtype = mtype; 325e1051a39Sopenharmony_ci t->data = OPENSSL_malloc(dlen); 326e1051a39Sopenharmony_ci if (t->data == NULL) { 327e1051a39Sopenharmony_ci tlsa_free(t); 328e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); 329e1051a39Sopenharmony_ci return -1; 330e1051a39Sopenharmony_ci } 331e1051a39Sopenharmony_ci memcpy(t->data, data, dlen); 332e1051a39Sopenharmony_ci t->dlen = dlen; 333e1051a39Sopenharmony_ci 334e1051a39Sopenharmony_ci /* Validate and cache full certificate or public key */ 335e1051a39Sopenharmony_ci if (mtype == DANETLS_MATCHING_FULL) { 336e1051a39Sopenharmony_ci const unsigned char *p = data; 337e1051a39Sopenharmony_ci X509 *cert = NULL; 338e1051a39Sopenharmony_ci EVP_PKEY *pkey = NULL; 339e1051a39Sopenharmony_ci 340e1051a39Sopenharmony_ci switch (selector) { 341e1051a39Sopenharmony_ci case DANETLS_SELECTOR_CERT: 342e1051a39Sopenharmony_ci if (!d2i_X509(&cert, &p, ilen) || p < data || 343e1051a39Sopenharmony_ci dlen != (size_t)(p - data)) { 344e1051a39Sopenharmony_ci X509_free(cert); 345e1051a39Sopenharmony_ci tlsa_free(t); 346e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_DANE_TLSA_BAD_CERTIFICATE); 347e1051a39Sopenharmony_ci return 0; 348e1051a39Sopenharmony_ci } 349e1051a39Sopenharmony_ci if (X509_get0_pubkey(cert) == NULL) { 350e1051a39Sopenharmony_ci X509_free(cert); 351e1051a39Sopenharmony_ci tlsa_free(t); 352e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_DANE_TLSA_BAD_CERTIFICATE); 353e1051a39Sopenharmony_ci return 0; 354e1051a39Sopenharmony_ci } 355e1051a39Sopenharmony_ci 356e1051a39Sopenharmony_ci if ((DANETLS_USAGE_BIT(usage) & DANETLS_TA_MASK) == 0) { 357e1051a39Sopenharmony_ci X509_free(cert); 358e1051a39Sopenharmony_ci tlsa_free(t); 359e1051a39Sopenharmony_ci break; 360e1051a39Sopenharmony_ci } 361e1051a39Sopenharmony_ci 362e1051a39Sopenharmony_ci /* 363e1051a39Sopenharmony_ci * For usage DANE-TA(2), we support authentication via "2 0 0" TLSA 364e1051a39Sopenharmony_ci * records that contain full certificates of trust-anchors that are 365e1051a39Sopenharmony_ci * not present in the wire chain. For usage PKIX-TA(0), we augment 366e1051a39Sopenharmony_ci * the chain with untrusted Full(0) certificates from DNS, in case 367e1051a39Sopenharmony_ci * they are missing from the chain. 368e1051a39Sopenharmony_ci */ 369e1051a39Sopenharmony_ci if ((dane->certs == NULL && 370e1051a39Sopenharmony_ci (dane->certs = sk_X509_new_null()) == NULL) || 371e1051a39Sopenharmony_ci !sk_X509_push(dane->certs, cert)) { 372e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); 373e1051a39Sopenharmony_ci X509_free(cert); 374e1051a39Sopenharmony_ci tlsa_free(t); 375e1051a39Sopenharmony_ci return -1; 376e1051a39Sopenharmony_ci } 377e1051a39Sopenharmony_ci break; 378e1051a39Sopenharmony_ci 379e1051a39Sopenharmony_ci case DANETLS_SELECTOR_SPKI: 380e1051a39Sopenharmony_ci if (!d2i_PUBKEY(&pkey, &p, ilen) || p < data || 381e1051a39Sopenharmony_ci dlen != (size_t)(p - data)) { 382e1051a39Sopenharmony_ci EVP_PKEY_free(pkey); 383e1051a39Sopenharmony_ci tlsa_free(t); 384e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_DANE_TLSA_BAD_PUBLIC_KEY); 385e1051a39Sopenharmony_ci return 0; 386e1051a39Sopenharmony_ci } 387e1051a39Sopenharmony_ci 388e1051a39Sopenharmony_ci /* 389e1051a39Sopenharmony_ci * For usage DANE-TA(2), we support authentication via "2 1 0" TLSA 390e1051a39Sopenharmony_ci * records that contain full bare keys of trust-anchors that are 391e1051a39Sopenharmony_ci * not present in the wire chain. 392e1051a39Sopenharmony_ci */ 393e1051a39Sopenharmony_ci if (usage == DANETLS_USAGE_DANE_TA) 394e1051a39Sopenharmony_ci t->spki = pkey; 395e1051a39Sopenharmony_ci else 396e1051a39Sopenharmony_ci EVP_PKEY_free(pkey); 397e1051a39Sopenharmony_ci break; 398e1051a39Sopenharmony_ci } 399e1051a39Sopenharmony_ci } 400e1051a39Sopenharmony_ci 401e1051a39Sopenharmony_ci /*- 402e1051a39Sopenharmony_ci * Find the right insertion point for the new record. 403e1051a39Sopenharmony_ci * 404e1051a39Sopenharmony_ci * See crypto/x509/x509_vfy.c. We sort DANE-EE(3) records first, so that 405e1051a39Sopenharmony_ci * they can be processed first, as they require no chain building, and no 406e1051a39Sopenharmony_ci * expiration or hostname checks. Because DANE-EE(3) is numerically 407e1051a39Sopenharmony_ci * largest, this is accomplished via descending sort by "usage". 408e1051a39Sopenharmony_ci * 409e1051a39Sopenharmony_ci * We also sort in descending order by matching ordinal to simplify 410e1051a39Sopenharmony_ci * the implementation of digest agility in the verification code. 411e1051a39Sopenharmony_ci * 412e1051a39Sopenharmony_ci * The choice of order for the selector is not significant, so we 413e1051a39Sopenharmony_ci * use the same descending order for consistency. 414e1051a39Sopenharmony_ci */ 415e1051a39Sopenharmony_ci num = sk_danetls_record_num(dane->trecs); 416e1051a39Sopenharmony_ci for (i = 0; i < num; ++i) { 417e1051a39Sopenharmony_ci danetls_record *rec = sk_danetls_record_value(dane->trecs, i); 418e1051a39Sopenharmony_ci 419e1051a39Sopenharmony_ci if (rec->usage > usage) 420e1051a39Sopenharmony_ci continue; 421e1051a39Sopenharmony_ci if (rec->usage < usage) 422e1051a39Sopenharmony_ci break; 423e1051a39Sopenharmony_ci if (rec->selector > selector) 424e1051a39Sopenharmony_ci continue; 425e1051a39Sopenharmony_ci if (rec->selector < selector) 426e1051a39Sopenharmony_ci break; 427e1051a39Sopenharmony_ci if (dane->dctx->mdord[rec->mtype] > dane->dctx->mdord[mtype]) 428e1051a39Sopenharmony_ci continue; 429e1051a39Sopenharmony_ci break; 430e1051a39Sopenharmony_ci } 431e1051a39Sopenharmony_ci 432e1051a39Sopenharmony_ci if (!sk_danetls_record_insert(dane->trecs, t, i)) { 433e1051a39Sopenharmony_ci tlsa_free(t); 434e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); 435e1051a39Sopenharmony_ci return -1; 436e1051a39Sopenharmony_ci } 437e1051a39Sopenharmony_ci dane->umask |= DANETLS_USAGE_BIT(usage); 438e1051a39Sopenharmony_ci 439e1051a39Sopenharmony_ci return 1; 440e1051a39Sopenharmony_ci} 441e1051a39Sopenharmony_ci 442e1051a39Sopenharmony_ci/* 443e1051a39Sopenharmony_ci * Return 0 if there is only one version configured and it was disabled 444e1051a39Sopenharmony_ci * at configure time. Return 1 otherwise. 445e1051a39Sopenharmony_ci */ 446e1051a39Sopenharmony_cistatic int ssl_check_allowed_versions(int min_version, int max_version) 447e1051a39Sopenharmony_ci{ 448e1051a39Sopenharmony_ci int minisdtls = 0, maxisdtls = 0; 449e1051a39Sopenharmony_ci 450e1051a39Sopenharmony_ci /* Figure out if we're doing DTLS versions or TLS versions */ 451e1051a39Sopenharmony_ci if (min_version == DTLS1_BAD_VER 452e1051a39Sopenharmony_ci || min_version >> 8 == DTLS1_VERSION_MAJOR) 453e1051a39Sopenharmony_ci minisdtls = 1; 454e1051a39Sopenharmony_ci if (max_version == DTLS1_BAD_VER 455e1051a39Sopenharmony_ci || max_version >> 8 == DTLS1_VERSION_MAJOR) 456e1051a39Sopenharmony_ci maxisdtls = 1; 457e1051a39Sopenharmony_ci /* A wildcard version of 0 could be DTLS or TLS. */ 458e1051a39Sopenharmony_ci if ((minisdtls && !maxisdtls && max_version != 0) 459e1051a39Sopenharmony_ci || (maxisdtls && !minisdtls && min_version != 0)) { 460e1051a39Sopenharmony_ci /* Mixing DTLS and TLS versions will lead to sadness; deny it. */ 461e1051a39Sopenharmony_ci return 0; 462e1051a39Sopenharmony_ci } 463e1051a39Sopenharmony_ci 464e1051a39Sopenharmony_ci if (minisdtls || maxisdtls) { 465e1051a39Sopenharmony_ci /* Do DTLS version checks. */ 466e1051a39Sopenharmony_ci if (min_version == 0) 467e1051a39Sopenharmony_ci /* Ignore DTLS1_BAD_VER */ 468e1051a39Sopenharmony_ci min_version = DTLS1_VERSION; 469e1051a39Sopenharmony_ci if (max_version == 0) 470e1051a39Sopenharmony_ci max_version = DTLS1_2_VERSION; 471e1051a39Sopenharmony_ci#ifdef OPENSSL_NO_DTLS1_2 472e1051a39Sopenharmony_ci if (max_version == DTLS1_2_VERSION) 473e1051a39Sopenharmony_ci max_version = DTLS1_VERSION; 474e1051a39Sopenharmony_ci#endif 475e1051a39Sopenharmony_ci#ifdef OPENSSL_NO_DTLS1 476e1051a39Sopenharmony_ci if (min_version == DTLS1_VERSION) 477e1051a39Sopenharmony_ci min_version = DTLS1_2_VERSION; 478e1051a39Sopenharmony_ci#endif 479e1051a39Sopenharmony_ci /* Done massaging versions; do the check. */ 480e1051a39Sopenharmony_ci if (0 481e1051a39Sopenharmony_ci#ifdef OPENSSL_NO_DTLS1 482e1051a39Sopenharmony_ci || (DTLS_VERSION_GE(min_version, DTLS1_VERSION) 483e1051a39Sopenharmony_ci && DTLS_VERSION_GE(DTLS1_VERSION, max_version)) 484e1051a39Sopenharmony_ci#endif 485e1051a39Sopenharmony_ci#ifdef OPENSSL_NO_DTLS1_2 486e1051a39Sopenharmony_ci || (DTLS_VERSION_GE(min_version, DTLS1_2_VERSION) 487e1051a39Sopenharmony_ci && DTLS_VERSION_GE(DTLS1_2_VERSION, max_version)) 488e1051a39Sopenharmony_ci#endif 489e1051a39Sopenharmony_ci ) 490e1051a39Sopenharmony_ci return 0; 491e1051a39Sopenharmony_ci } else { 492e1051a39Sopenharmony_ci /* Regular TLS version checks. */ 493e1051a39Sopenharmony_ci if (min_version == 0) 494e1051a39Sopenharmony_ci min_version = SSL3_VERSION; 495e1051a39Sopenharmony_ci if (max_version == 0) 496e1051a39Sopenharmony_ci max_version = TLS1_3_VERSION; 497e1051a39Sopenharmony_ci#ifdef OPENSSL_NO_TLS1_3 498e1051a39Sopenharmony_ci if (max_version == TLS1_3_VERSION) 499e1051a39Sopenharmony_ci max_version = TLS1_2_VERSION; 500e1051a39Sopenharmony_ci#endif 501e1051a39Sopenharmony_ci#ifdef OPENSSL_NO_TLS1_2 502e1051a39Sopenharmony_ci if (max_version == TLS1_2_VERSION) 503e1051a39Sopenharmony_ci max_version = TLS1_1_VERSION; 504e1051a39Sopenharmony_ci#endif 505e1051a39Sopenharmony_ci#ifdef OPENSSL_NO_TLS1_1 506e1051a39Sopenharmony_ci if (max_version == TLS1_1_VERSION) 507e1051a39Sopenharmony_ci max_version = TLS1_VERSION; 508e1051a39Sopenharmony_ci#endif 509e1051a39Sopenharmony_ci#ifdef OPENSSL_NO_TLS1 510e1051a39Sopenharmony_ci if (max_version == TLS1_VERSION) 511e1051a39Sopenharmony_ci max_version = SSL3_VERSION; 512e1051a39Sopenharmony_ci#endif 513e1051a39Sopenharmony_ci#ifdef OPENSSL_NO_SSL3 514e1051a39Sopenharmony_ci if (min_version == SSL3_VERSION) 515e1051a39Sopenharmony_ci min_version = TLS1_VERSION; 516e1051a39Sopenharmony_ci#endif 517e1051a39Sopenharmony_ci#ifdef OPENSSL_NO_TLS1 518e1051a39Sopenharmony_ci if (min_version == TLS1_VERSION) 519e1051a39Sopenharmony_ci min_version = TLS1_1_VERSION; 520e1051a39Sopenharmony_ci#endif 521e1051a39Sopenharmony_ci#ifdef OPENSSL_NO_TLS1_1 522e1051a39Sopenharmony_ci if (min_version == TLS1_1_VERSION) 523e1051a39Sopenharmony_ci min_version = TLS1_2_VERSION; 524e1051a39Sopenharmony_ci#endif 525e1051a39Sopenharmony_ci#ifdef OPENSSL_NO_TLS1_2 526e1051a39Sopenharmony_ci if (min_version == TLS1_2_VERSION) 527e1051a39Sopenharmony_ci min_version = TLS1_3_VERSION; 528e1051a39Sopenharmony_ci#endif 529e1051a39Sopenharmony_ci /* Done massaging versions; do the check. */ 530e1051a39Sopenharmony_ci if (0 531e1051a39Sopenharmony_ci#ifdef OPENSSL_NO_SSL3 532e1051a39Sopenharmony_ci || (min_version <= SSL3_VERSION && SSL3_VERSION <= max_version) 533e1051a39Sopenharmony_ci#endif 534e1051a39Sopenharmony_ci#ifdef OPENSSL_NO_TLS1 535e1051a39Sopenharmony_ci || (min_version <= TLS1_VERSION && TLS1_VERSION <= max_version) 536e1051a39Sopenharmony_ci#endif 537e1051a39Sopenharmony_ci#ifdef OPENSSL_NO_TLS1_1 538e1051a39Sopenharmony_ci || (min_version <= TLS1_1_VERSION && TLS1_1_VERSION <= max_version) 539e1051a39Sopenharmony_ci#endif 540e1051a39Sopenharmony_ci#ifdef OPENSSL_NO_TLS1_2 541e1051a39Sopenharmony_ci || (min_version <= TLS1_2_VERSION && TLS1_2_VERSION <= max_version) 542e1051a39Sopenharmony_ci#endif 543e1051a39Sopenharmony_ci#ifdef OPENSSL_NO_TLS1_3 544e1051a39Sopenharmony_ci || (min_version <= TLS1_3_VERSION && TLS1_3_VERSION <= max_version) 545e1051a39Sopenharmony_ci#endif 546e1051a39Sopenharmony_ci ) 547e1051a39Sopenharmony_ci return 0; 548e1051a39Sopenharmony_ci } 549e1051a39Sopenharmony_ci return 1; 550e1051a39Sopenharmony_ci} 551e1051a39Sopenharmony_ci 552e1051a39Sopenharmony_ci#if defined(__TANDEM) && defined(OPENSSL_VPROC) 553e1051a39Sopenharmony_ci/* 554e1051a39Sopenharmony_ci * Define a VPROC function for HP NonStop build ssl library. 555e1051a39Sopenharmony_ci * This is used by platform version identification tools. 556e1051a39Sopenharmony_ci * Do not inline this procedure or make it static. 557e1051a39Sopenharmony_ci */ 558e1051a39Sopenharmony_ci# define OPENSSL_VPROC_STRING_(x) x##_SSL 559e1051a39Sopenharmony_ci# define OPENSSL_VPROC_STRING(x) OPENSSL_VPROC_STRING_(x) 560e1051a39Sopenharmony_ci# define OPENSSL_VPROC_FUNC OPENSSL_VPROC_STRING(OPENSSL_VPROC) 561e1051a39Sopenharmony_civoid OPENSSL_VPROC_FUNC(void) {} 562e1051a39Sopenharmony_ci#endif 563e1051a39Sopenharmony_ci 564e1051a39Sopenharmony_ci 565e1051a39Sopenharmony_cistatic void clear_ciphers(SSL *s) 566e1051a39Sopenharmony_ci{ 567e1051a39Sopenharmony_ci /* clear the current cipher */ 568e1051a39Sopenharmony_ci ssl_clear_cipher_ctx(s); 569e1051a39Sopenharmony_ci ssl_clear_hash_ctx(&s->read_hash); 570e1051a39Sopenharmony_ci ssl_clear_hash_ctx(&s->write_hash); 571e1051a39Sopenharmony_ci} 572e1051a39Sopenharmony_ci 573e1051a39Sopenharmony_ciint SSL_clear(SSL *s) 574e1051a39Sopenharmony_ci{ 575e1051a39Sopenharmony_ci if (s->method == NULL) { 576e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_NO_METHOD_SPECIFIED); 577e1051a39Sopenharmony_ci return 0; 578e1051a39Sopenharmony_ci } 579e1051a39Sopenharmony_ci 580e1051a39Sopenharmony_ci if (ssl_clear_bad_session(s)) { 581e1051a39Sopenharmony_ci SSL_SESSION_free(s->session); 582e1051a39Sopenharmony_ci s->session = NULL; 583e1051a39Sopenharmony_ci } 584e1051a39Sopenharmony_ci SSL_SESSION_free(s->psksession); 585e1051a39Sopenharmony_ci s->psksession = NULL; 586e1051a39Sopenharmony_ci OPENSSL_free(s->psksession_id); 587e1051a39Sopenharmony_ci s->psksession_id = NULL; 588e1051a39Sopenharmony_ci s->psksession_id_len = 0; 589e1051a39Sopenharmony_ci s->hello_retry_request = 0; 590e1051a39Sopenharmony_ci s->sent_tickets = 0; 591e1051a39Sopenharmony_ci 592e1051a39Sopenharmony_ci s->error = 0; 593e1051a39Sopenharmony_ci s->hit = 0; 594e1051a39Sopenharmony_ci s->shutdown = 0; 595e1051a39Sopenharmony_ci 596e1051a39Sopenharmony_ci if (s->renegotiate) { 597e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR); 598e1051a39Sopenharmony_ci return 0; 599e1051a39Sopenharmony_ci } 600e1051a39Sopenharmony_ci 601e1051a39Sopenharmony_ci ossl_statem_clear(s); 602e1051a39Sopenharmony_ci 603e1051a39Sopenharmony_ci s->version = s->method->version; 604e1051a39Sopenharmony_ci s->client_version = s->version; 605e1051a39Sopenharmony_ci s->rwstate = SSL_NOTHING; 606e1051a39Sopenharmony_ci 607e1051a39Sopenharmony_ci BUF_MEM_free(s->init_buf); 608e1051a39Sopenharmony_ci s->init_buf = NULL; 609e1051a39Sopenharmony_ci clear_ciphers(s); 610e1051a39Sopenharmony_ci s->first_packet = 0; 611e1051a39Sopenharmony_ci 612e1051a39Sopenharmony_ci s->key_update = SSL_KEY_UPDATE_NONE; 613e1051a39Sopenharmony_ci 614e1051a39Sopenharmony_ci EVP_MD_CTX_free(s->pha_dgst); 615e1051a39Sopenharmony_ci s->pha_dgst = NULL; 616e1051a39Sopenharmony_ci 617e1051a39Sopenharmony_ci /* Reset DANE verification result state */ 618e1051a39Sopenharmony_ci s->dane.mdpth = -1; 619e1051a39Sopenharmony_ci s->dane.pdpth = -1; 620e1051a39Sopenharmony_ci X509_free(s->dane.mcert); 621e1051a39Sopenharmony_ci s->dane.mcert = NULL; 622e1051a39Sopenharmony_ci s->dane.mtlsa = NULL; 623e1051a39Sopenharmony_ci 624e1051a39Sopenharmony_ci /* Clear the verification result peername */ 625e1051a39Sopenharmony_ci X509_VERIFY_PARAM_move_peername(s->param, NULL); 626e1051a39Sopenharmony_ci 627e1051a39Sopenharmony_ci /* Clear any shared connection state */ 628e1051a39Sopenharmony_ci OPENSSL_free(s->shared_sigalgs); 629e1051a39Sopenharmony_ci s->shared_sigalgs = NULL; 630e1051a39Sopenharmony_ci s->shared_sigalgslen = 0; 631e1051a39Sopenharmony_ci 632e1051a39Sopenharmony_ci /* 633e1051a39Sopenharmony_ci * Check to see if we were changed into a different method, if so, revert 634e1051a39Sopenharmony_ci * back. 635e1051a39Sopenharmony_ci */ 636e1051a39Sopenharmony_ci if (s->method != s->ctx->method) { 637e1051a39Sopenharmony_ci s->method->ssl_free(s); 638e1051a39Sopenharmony_ci s->method = s->ctx->method; 639e1051a39Sopenharmony_ci if (!s->method->ssl_new(s)) 640e1051a39Sopenharmony_ci return 0; 641e1051a39Sopenharmony_ci } else { 642e1051a39Sopenharmony_ci if (!s->method->ssl_clear(s)) 643e1051a39Sopenharmony_ci return 0; 644e1051a39Sopenharmony_ci } 645e1051a39Sopenharmony_ci 646e1051a39Sopenharmony_ci RECORD_LAYER_clear(&s->rlayer); 647e1051a39Sopenharmony_ci 648e1051a39Sopenharmony_ci return 1; 649e1051a39Sopenharmony_ci} 650e1051a39Sopenharmony_ci 651e1051a39Sopenharmony_ci#ifndef OPENSSL_NO_DEPRECATED_3_0 652e1051a39Sopenharmony_ci/** Used to change an SSL_CTXs default SSL method type */ 653e1051a39Sopenharmony_ciint SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth) 654e1051a39Sopenharmony_ci{ 655e1051a39Sopenharmony_ci STACK_OF(SSL_CIPHER) *sk; 656e1051a39Sopenharmony_ci 657e1051a39Sopenharmony_ci ctx->method = meth; 658e1051a39Sopenharmony_ci 659e1051a39Sopenharmony_ci if (!SSL_CTX_set_ciphersuites(ctx, OSSL_default_ciphersuites())) { 660e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS); 661e1051a39Sopenharmony_ci return 0; 662e1051a39Sopenharmony_ci } 663e1051a39Sopenharmony_ci sk = ssl_create_cipher_list(ctx, 664e1051a39Sopenharmony_ci ctx->tls13_ciphersuites, 665e1051a39Sopenharmony_ci &(ctx->cipher_list), 666e1051a39Sopenharmony_ci &(ctx->cipher_list_by_id), 667e1051a39Sopenharmony_ci OSSL_default_cipher_list(), ctx->cert); 668e1051a39Sopenharmony_ci if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0)) { 669e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS); 670e1051a39Sopenharmony_ci return 0; 671e1051a39Sopenharmony_ci } 672e1051a39Sopenharmony_ci return 1; 673e1051a39Sopenharmony_ci} 674e1051a39Sopenharmony_ci#endif 675e1051a39Sopenharmony_ci 676e1051a39Sopenharmony_ciSSL *SSL_new(SSL_CTX *ctx) 677e1051a39Sopenharmony_ci{ 678e1051a39Sopenharmony_ci SSL *s; 679e1051a39Sopenharmony_ci 680e1051a39Sopenharmony_ci if (ctx == NULL) { 681e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_NULL_SSL_CTX); 682e1051a39Sopenharmony_ci return NULL; 683e1051a39Sopenharmony_ci } 684e1051a39Sopenharmony_ci if (ctx->method == NULL) { 685e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION); 686e1051a39Sopenharmony_ci return NULL; 687e1051a39Sopenharmony_ci } 688e1051a39Sopenharmony_ci 689e1051a39Sopenharmony_ci s = OPENSSL_zalloc(sizeof(*s)); 690e1051a39Sopenharmony_ci if (s == NULL) 691e1051a39Sopenharmony_ci goto err; 692e1051a39Sopenharmony_ci 693e1051a39Sopenharmony_ci s->references = 1; 694e1051a39Sopenharmony_ci s->lock = CRYPTO_THREAD_lock_new(); 695e1051a39Sopenharmony_ci if (s->lock == NULL) { 696e1051a39Sopenharmony_ci OPENSSL_free(s); 697e1051a39Sopenharmony_ci s = NULL; 698e1051a39Sopenharmony_ci goto err; 699e1051a39Sopenharmony_ci } 700e1051a39Sopenharmony_ci 701e1051a39Sopenharmony_ci RECORD_LAYER_init(&s->rlayer, s); 702e1051a39Sopenharmony_ci 703e1051a39Sopenharmony_ci s->options = ctx->options; 704e1051a39Sopenharmony_ci s->dane.flags = ctx->dane.flags; 705e1051a39Sopenharmony_ci s->min_proto_version = ctx->min_proto_version; 706e1051a39Sopenharmony_ci s->max_proto_version = ctx->max_proto_version; 707e1051a39Sopenharmony_ci s->mode = ctx->mode; 708e1051a39Sopenharmony_ci s->max_cert_list = ctx->max_cert_list; 709e1051a39Sopenharmony_ci s->max_early_data = ctx->max_early_data; 710e1051a39Sopenharmony_ci s->recv_max_early_data = ctx->recv_max_early_data; 711e1051a39Sopenharmony_ci s->num_tickets = ctx->num_tickets; 712e1051a39Sopenharmony_ci s->pha_enabled = ctx->pha_enabled; 713e1051a39Sopenharmony_ci 714e1051a39Sopenharmony_ci /* Shallow copy of the ciphersuites stack */ 715e1051a39Sopenharmony_ci s->tls13_ciphersuites = sk_SSL_CIPHER_dup(ctx->tls13_ciphersuites); 716e1051a39Sopenharmony_ci if (s->tls13_ciphersuites == NULL) 717e1051a39Sopenharmony_ci goto err; 718e1051a39Sopenharmony_ci 719e1051a39Sopenharmony_ci /* 720e1051a39Sopenharmony_ci * Earlier library versions used to copy the pointer to the CERT, not 721e1051a39Sopenharmony_ci * its contents; only when setting new parameters for the per-SSL 722e1051a39Sopenharmony_ci * copy, ssl_cert_new would be called (and the direct reference to 723e1051a39Sopenharmony_ci * the per-SSL_CTX settings would be lost, but those still were 724e1051a39Sopenharmony_ci * indirectly accessed for various purposes, and for that reason they 725e1051a39Sopenharmony_ci * used to be known as s->ctx->default_cert). Now we don't look at the 726e1051a39Sopenharmony_ci * SSL_CTX's CERT after having duplicated it once. 727e1051a39Sopenharmony_ci */ 728e1051a39Sopenharmony_ci s->cert = ssl_cert_dup(ctx->cert); 729e1051a39Sopenharmony_ci if (s->cert == NULL) 730e1051a39Sopenharmony_ci goto err; 731e1051a39Sopenharmony_ci 732e1051a39Sopenharmony_ci RECORD_LAYER_set_read_ahead(&s->rlayer, ctx->read_ahead); 733e1051a39Sopenharmony_ci s->msg_callback = ctx->msg_callback; 734e1051a39Sopenharmony_ci s->msg_callback_arg = ctx->msg_callback_arg; 735e1051a39Sopenharmony_ci s->verify_mode = ctx->verify_mode; 736e1051a39Sopenharmony_ci s->not_resumable_session_cb = ctx->not_resumable_session_cb; 737e1051a39Sopenharmony_ci s->record_padding_cb = ctx->record_padding_cb; 738e1051a39Sopenharmony_ci s->record_padding_arg = ctx->record_padding_arg; 739e1051a39Sopenharmony_ci s->block_padding = ctx->block_padding; 740e1051a39Sopenharmony_ci s->sid_ctx_length = ctx->sid_ctx_length; 741e1051a39Sopenharmony_ci if (!ossl_assert(s->sid_ctx_length <= sizeof(s->sid_ctx))) 742e1051a39Sopenharmony_ci goto err; 743e1051a39Sopenharmony_ci memcpy(&s->sid_ctx, &ctx->sid_ctx, sizeof(s->sid_ctx)); 744e1051a39Sopenharmony_ci s->verify_callback = ctx->default_verify_callback; 745e1051a39Sopenharmony_ci s->generate_session_id = ctx->generate_session_id; 746e1051a39Sopenharmony_ci 747e1051a39Sopenharmony_ci s->param = X509_VERIFY_PARAM_new(); 748e1051a39Sopenharmony_ci if (s->param == NULL) 749e1051a39Sopenharmony_ci goto err; 750e1051a39Sopenharmony_ci X509_VERIFY_PARAM_inherit(s->param, ctx->param); 751e1051a39Sopenharmony_ci s->quiet_shutdown = ctx->quiet_shutdown; 752e1051a39Sopenharmony_ci 753e1051a39Sopenharmony_ci s->ext.max_fragment_len_mode = ctx->ext.max_fragment_len_mode; 754e1051a39Sopenharmony_ci s->max_send_fragment = ctx->max_send_fragment; 755e1051a39Sopenharmony_ci s->split_send_fragment = ctx->split_send_fragment; 756e1051a39Sopenharmony_ci s->max_pipelines = ctx->max_pipelines; 757e1051a39Sopenharmony_ci if (s->max_pipelines > 1) 758e1051a39Sopenharmony_ci RECORD_LAYER_set_read_ahead(&s->rlayer, 1); 759e1051a39Sopenharmony_ci if (ctx->default_read_buf_len > 0) 760e1051a39Sopenharmony_ci SSL_set_default_read_buffer_len(s, ctx->default_read_buf_len); 761e1051a39Sopenharmony_ci 762e1051a39Sopenharmony_ci SSL_CTX_up_ref(ctx); 763e1051a39Sopenharmony_ci s->ctx = ctx; 764e1051a39Sopenharmony_ci s->ext.debug_cb = 0; 765e1051a39Sopenharmony_ci s->ext.debug_arg = NULL; 766e1051a39Sopenharmony_ci s->ext.ticket_expected = 0; 767e1051a39Sopenharmony_ci s->ext.status_type = ctx->ext.status_type; 768e1051a39Sopenharmony_ci s->ext.status_expected = 0; 769e1051a39Sopenharmony_ci s->ext.ocsp.ids = NULL; 770e1051a39Sopenharmony_ci s->ext.ocsp.exts = NULL; 771e1051a39Sopenharmony_ci s->ext.ocsp.resp = NULL; 772e1051a39Sopenharmony_ci s->ext.ocsp.resp_len = 0; 773e1051a39Sopenharmony_ci SSL_CTX_up_ref(ctx); 774e1051a39Sopenharmony_ci s->session_ctx = ctx; 775e1051a39Sopenharmony_ci if (ctx->ext.ecpointformats) { 776e1051a39Sopenharmony_ci s->ext.ecpointformats = 777e1051a39Sopenharmony_ci OPENSSL_memdup(ctx->ext.ecpointformats, 778e1051a39Sopenharmony_ci ctx->ext.ecpointformats_len); 779e1051a39Sopenharmony_ci if (!s->ext.ecpointformats) { 780e1051a39Sopenharmony_ci s->ext.ecpointformats_len = 0; 781e1051a39Sopenharmony_ci goto err; 782e1051a39Sopenharmony_ci } 783e1051a39Sopenharmony_ci s->ext.ecpointformats_len = 784e1051a39Sopenharmony_ci ctx->ext.ecpointformats_len; 785e1051a39Sopenharmony_ci } 786e1051a39Sopenharmony_ci if (ctx->ext.supportedgroups) { 787e1051a39Sopenharmony_ci s->ext.supportedgroups = 788e1051a39Sopenharmony_ci OPENSSL_memdup(ctx->ext.supportedgroups, 789e1051a39Sopenharmony_ci ctx->ext.supportedgroups_len 790e1051a39Sopenharmony_ci * sizeof(*ctx->ext.supportedgroups)); 791e1051a39Sopenharmony_ci if (!s->ext.supportedgroups) { 792e1051a39Sopenharmony_ci s->ext.supportedgroups_len = 0; 793e1051a39Sopenharmony_ci goto err; 794e1051a39Sopenharmony_ci } 795e1051a39Sopenharmony_ci s->ext.supportedgroups_len = ctx->ext.supportedgroups_len; 796e1051a39Sopenharmony_ci } 797e1051a39Sopenharmony_ci 798e1051a39Sopenharmony_ci#ifndef OPENSSL_NO_NEXTPROTONEG 799e1051a39Sopenharmony_ci s->ext.npn = NULL; 800e1051a39Sopenharmony_ci#endif 801e1051a39Sopenharmony_ci 802e1051a39Sopenharmony_ci if (s->ctx->ext.alpn) { 803e1051a39Sopenharmony_ci s->ext.alpn = OPENSSL_malloc(s->ctx->ext.alpn_len); 804e1051a39Sopenharmony_ci if (s->ext.alpn == NULL) { 805e1051a39Sopenharmony_ci s->ext.alpn_len = 0; 806e1051a39Sopenharmony_ci goto err; 807e1051a39Sopenharmony_ci } 808e1051a39Sopenharmony_ci memcpy(s->ext.alpn, s->ctx->ext.alpn, s->ctx->ext.alpn_len); 809e1051a39Sopenharmony_ci s->ext.alpn_len = s->ctx->ext.alpn_len; 810e1051a39Sopenharmony_ci } 811e1051a39Sopenharmony_ci 812e1051a39Sopenharmony_ci s->verified_chain = NULL; 813e1051a39Sopenharmony_ci s->verify_result = X509_V_OK; 814e1051a39Sopenharmony_ci 815e1051a39Sopenharmony_ci s->default_passwd_callback = ctx->default_passwd_callback; 816e1051a39Sopenharmony_ci s->default_passwd_callback_userdata = ctx->default_passwd_callback_userdata; 817e1051a39Sopenharmony_ci 818e1051a39Sopenharmony_ci s->method = ctx->method; 819e1051a39Sopenharmony_ci 820e1051a39Sopenharmony_ci s->key_update = SSL_KEY_UPDATE_NONE; 821e1051a39Sopenharmony_ci 822e1051a39Sopenharmony_ci s->allow_early_data_cb = ctx->allow_early_data_cb; 823e1051a39Sopenharmony_ci s->allow_early_data_cb_data = ctx->allow_early_data_cb_data; 824e1051a39Sopenharmony_ci 825e1051a39Sopenharmony_ci if (!s->method->ssl_new(s)) 826e1051a39Sopenharmony_ci goto err; 827e1051a39Sopenharmony_ci 828e1051a39Sopenharmony_ci s->server = (ctx->method->ssl_accept == ssl_undefined_function) ? 0 : 1; 829e1051a39Sopenharmony_ci 830e1051a39Sopenharmony_ci if (!SSL_clear(s)) 831e1051a39Sopenharmony_ci goto err; 832e1051a39Sopenharmony_ci 833e1051a39Sopenharmony_ci if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data)) 834e1051a39Sopenharmony_ci goto err; 835e1051a39Sopenharmony_ci 836e1051a39Sopenharmony_ci#ifndef OPENSSL_NO_PSK 837e1051a39Sopenharmony_ci s->psk_client_callback = ctx->psk_client_callback; 838e1051a39Sopenharmony_ci s->psk_server_callback = ctx->psk_server_callback; 839e1051a39Sopenharmony_ci#endif 840e1051a39Sopenharmony_ci s->psk_find_session_cb = ctx->psk_find_session_cb; 841e1051a39Sopenharmony_ci s->psk_use_session_cb = ctx->psk_use_session_cb; 842e1051a39Sopenharmony_ci 843e1051a39Sopenharmony_ci s->async_cb = ctx->async_cb; 844e1051a39Sopenharmony_ci s->async_cb_arg = ctx->async_cb_arg; 845e1051a39Sopenharmony_ci 846e1051a39Sopenharmony_ci s->job = NULL; 847e1051a39Sopenharmony_ci 848e1051a39Sopenharmony_ci#ifndef OPENSSL_NO_CT 849e1051a39Sopenharmony_ci if (!SSL_set_ct_validation_callback(s, ctx->ct_validation_callback, 850e1051a39Sopenharmony_ci ctx->ct_validation_callback_arg)) 851e1051a39Sopenharmony_ci goto err; 852e1051a39Sopenharmony_ci#endif 853e1051a39Sopenharmony_ci 854e1051a39Sopenharmony_ci return s; 855e1051a39Sopenharmony_ci err: 856e1051a39Sopenharmony_ci SSL_free(s); 857e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); 858e1051a39Sopenharmony_ci return NULL; 859e1051a39Sopenharmony_ci} 860e1051a39Sopenharmony_ci 861e1051a39Sopenharmony_ciint SSL_is_dtls(const SSL *s) 862e1051a39Sopenharmony_ci{ 863e1051a39Sopenharmony_ci return SSL_IS_DTLS(s) ? 1 : 0; 864e1051a39Sopenharmony_ci} 865e1051a39Sopenharmony_ci 866e1051a39Sopenharmony_ciint SSL_up_ref(SSL *s) 867e1051a39Sopenharmony_ci{ 868e1051a39Sopenharmony_ci int i; 869e1051a39Sopenharmony_ci 870e1051a39Sopenharmony_ci if (CRYPTO_UP_REF(&s->references, &i, s->lock) <= 0) 871e1051a39Sopenharmony_ci return 0; 872e1051a39Sopenharmony_ci 873e1051a39Sopenharmony_ci REF_PRINT_COUNT("SSL", s); 874e1051a39Sopenharmony_ci REF_ASSERT_ISNT(i < 2); 875e1051a39Sopenharmony_ci return ((i > 1) ? 1 : 0); 876e1051a39Sopenharmony_ci} 877e1051a39Sopenharmony_ci 878e1051a39Sopenharmony_ciint SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx, 879e1051a39Sopenharmony_ci unsigned int sid_ctx_len) 880e1051a39Sopenharmony_ci{ 881e1051a39Sopenharmony_ci if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) { 882e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG); 883e1051a39Sopenharmony_ci return 0; 884e1051a39Sopenharmony_ci } 885e1051a39Sopenharmony_ci ctx->sid_ctx_length = sid_ctx_len; 886e1051a39Sopenharmony_ci memcpy(ctx->sid_ctx, sid_ctx, sid_ctx_len); 887e1051a39Sopenharmony_ci 888e1051a39Sopenharmony_ci return 1; 889e1051a39Sopenharmony_ci} 890e1051a39Sopenharmony_ci 891e1051a39Sopenharmony_ciint SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx, 892e1051a39Sopenharmony_ci unsigned int sid_ctx_len) 893e1051a39Sopenharmony_ci{ 894e1051a39Sopenharmony_ci if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) { 895e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG); 896e1051a39Sopenharmony_ci return 0; 897e1051a39Sopenharmony_ci } 898e1051a39Sopenharmony_ci ssl->sid_ctx_length = sid_ctx_len; 899e1051a39Sopenharmony_ci memcpy(ssl->sid_ctx, sid_ctx, sid_ctx_len); 900e1051a39Sopenharmony_ci 901e1051a39Sopenharmony_ci return 1; 902e1051a39Sopenharmony_ci} 903e1051a39Sopenharmony_ci 904e1051a39Sopenharmony_ciint SSL_CTX_set_generate_session_id(SSL_CTX *ctx, GEN_SESSION_CB cb) 905e1051a39Sopenharmony_ci{ 906e1051a39Sopenharmony_ci if (!CRYPTO_THREAD_write_lock(ctx->lock)) 907e1051a39Sopenharmony_ci return 0; 908e1051a39Sopenharmony_ci ctx->generate_session_id = cb; 909e1051a39Sopenharmony_ci CRYPTO_THREAD_unlock(ctx->lock); 910e1051a39Sopenharmony_ci return 1; 911e1051a39Sopenharmony_ci} 912e1051a39Sopenharmony_ci 913e1051a39Sopenharmony_ciint SSL_set_generate_session_id(SSL *ssl, GEN_SESSION_CB cb) 914e1051a39Sopenharmony_ci{ 915e1051a39Sopenharmony_ci if (!CRYPTO_THREAD_write_lock(ssl->lock)) 916e1051a39Sopenharmony_ci return 0; 917e1051a39Sopenharmony_ci ssl->generate_session_id = cb; 918e1051a39Sopenharmony_ci CRYPTO_THREAD_unlock(ssl->lock); 919e1051a39Sopenharmony_ci return 1; 920e1051a39Sopenharmony_ci} 921e1051a39Sopenharmony_ci 922e1051a39Sopenharmony_ciint SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id, 923e1051a39Sopenharmony_ci unsigned int id_len) 924e1051a39Sopenharmony_ci{ 925e1051a39Sopenharmony_ci /* 926e1051a39Sopenharmony_ci * A quick examination of SSL_SESSION_hash and SSL_SESSION_cmp shows how 927e1051a39Sopenharmony_ci * we can "construct" a session to give us the desired check - i.e. to 928e1051a39Sopenharmony_ci * find if there's a session in the hash table that would conflict with 929e1051a39Sopenharmony_ci * any new session built out of this id/id_len and the ssl_version in use 930e1051a39Sopenharmony_ci * by this SSL. 931e1051a39Sopenharmony_ci */ 932e1051a39Sopenharmony_ci SSL_SESSION r, *p; 933e1051a39Sopenharmony_ci 934e1051a39Sopenharmony_ci if (id_len > sizeof(r.session_id)) 935e1051a39Sopenharmony_ci return 0; 936e1051a39Sopenharmony_ci 937e1051a39Sopenharmony_ci r.ssl_version = ssl->version; 938e1051a39Sopenharmony_ci r.session_id_length = id_len; 939e1051a39Sopenharmony_ci memcpy(r.session_id, id, id_len); 940e1051a39Sopenharmony_ci 941e1051a39Sopenharmony_ci if (!CRYPTO_THREAD_read_lock(ssl->session_ctx->lock)) 942e1051a39Sopenharmony_ci return 0; 943e1051a39Sopenharmony_ci p = lh_SSL_SESSION_retrieve(ssl->session_ctx->sessions, &r); 944e1051a39Sopenharmony_ci CRYPTO_THREAD_unlock(ssl->session_ctx->lock); 945e1051a39Sopenharmony_ci return (p != NULL); 946e1051a39Sopenharmony_ci} 947e1051a39Sopenharmony_ci 948e1051a39Sopenharmony_ciint SSL_CTX_set_purpose(SSL_CTX *s, int purpose) 949e1051a39Sopenharmony_ci{ 950e1051a39Sopenharmony_ci return X509_VERIFY_PARAM_set_purpose(s->param, purpose); 951e1051a39Sopenharmony_ci} 952e1051a39Sopenharmony_ci 953e1051a39Sopenharmony_ciint SSL_set_purpose(SSL *s, int purpose) 954e1051a39Sopenharmony_ci{ 955e1051a39Sopenharmony_ci return X509_VERIFY_PARAM_set_purpose(s->param, purpose); 956e1051a39Sopenharmony_ci} 957e1051a39Sopenharmony_ci 958e1051a39Sopenharmony_ciint SSL_CTX_set_trust(SSL_CTX *s, int trust) 959e1051a39Sopenharmony_ci{ 960e1051a39Sopenharmony_ci return X509_VERIFY_PARAM_set_trust(s->param, trust); 961e1051a39Sopenharmony_ci} 962e1051a39Sopenharmony_ci 963e1051a39Sopenharmony_ciint SSL_set_trust(SSL *s, int trust) 964e1051a39Sopenharmony_ci{ 965e1051a39Sopenharmony_ci return X509_VERIFY_PARAM_set_trust(s->param, trust); 966e1051a39Sopenharmony_ci} 967e1051a39Sopenharmony_ci 968e1051a39Sopenharmony_ciint SSL_set1_host(SSL *s, const char *hostname) 969e1051a39Sopenharmony_ci{ 970e1051a39Sopenharmony_ci /* If a hostname is provided and parses as an IP address, 971e1051a39Sopenharmony_ci * treat it as such. */ 972e1051a39Sopenharmony_ci if (hostname && X509_VERIFY_PARAM_set1_ip_asc(s->param, hostname) == 1) 973e1051a39Sopenharmony_ci return 1; 974e1051a39Sopenharmony_ci 975e1051a39Sopenharmony_ci return X509_VERIFY_PARAM_set1_host(s->param, hostname, 0); 976e1051a39Sopenharmony_ci} 977e1051a39Sopenharmony_ci 978e1051a39Sopenharmony_ciint SSL_add1_host(SSL *s, const char *hostname) 979e1051a39Sopenharmony_ci{ 980e1051a39Sopenharmony_ci /* If a hostname is provided and parses as an IP address, 981e1051a39Sopenharmony_ci * treat it as such. */ 982e1051a39Sopenharmony_ci if (hostname) 983e1051a39Sopenharmony_ci { 984e1051a39Sopenharmony_ci ASN1_OCTET_STRING *ip; 985e1051a39Sopenharmony_ci char *old_ip; 986e1051a39Sopenharmony_ci 987e1051a39Sopenharmony_ci ip = a2i_IPADDRESS(hostname); 988e1051a39Sopenharmony_ci if (ip) { 989e1051a39Sopenharmony_ci /* We didn't want it; only to check if it *is* an IP address */ 990e1051a39Sopenharmony_ci ASN1_OCTET_STRING_free(ip); 991e1051a39Sopenharmony_ci 992e1051a39Sopenharmony_ci old_ip = X509_VERIFY_PARAM_get1_ip_asc(s->param); 993e1051a39Sopenharmony_ci if (old_ip) 994e1051a39Sopenharmony_ci { 995e1051a39Sopenharmony_ci OPENSSL_free(old_ip); 996e1051a39Sopenharmony_ci /* There can be only one IP address */ 997e1051a39Sopenharmony_ci return 0; 998e1051a39Sopenharmony_ci } 999e1051a39Sopenharmony_ci 1000e1051a39Sopenharmony_ci return X509_VERIFY_PARAM_set1_ip_asc(s->param, hostname); 1001e1051a39Sopenharmony_ci } 1002e1051a39Sopenharmony_ci } 1003e1051a39Sopenharmony_ci 1004e1051a39Sopenharmony_ci return X509_VERIFY_PARAM_add1_host(s->param, hostname, 0); 1005e1051a39Sopenharmony_ci} 1006e1051a39Sopenharmony_ci 1007e1051a39Sopenharmony_civoid SSL_set_hostflags(SSL *s, unsigned int flags) 1008e1051a39Sopenharmony_ci{ 1009e1051a39Sopenharmony_ci X509_VERIFY_PARAM_set_hostflags(s->param, flags); 1010e1051a39Sopenharmony_ci} 1011e1051a39Sopenharmony_ci 1012e1051a39Sopenharmony_ciconst char *SSL_get0_peername(SSL *s) 1013e1051a39Sopenharmony_ci{ 1014e1051a39Sopenharmony_ci return X509_VERIFY_PARAM_get0_peername(s->param); 1015e1051a39Sopenharmony_ci} 1016e1051a39Sopenharmony_ci 1017e1051a39Sopenharmony_ciint SSL_CTX_dane_enable(SSL_CTX *ctx) 1018e1051a39Sopenharmony_ci{ 1019e1051a39Sopenharmony_ci return dane_ctx_enable(&ctx->dane); 1020e1051a39Sopenharmony_ci} 1021e1051a39Sopenharmony_ci 1022e1051a39Sopenharmony_ciunsigned long SSL_CTX_dane_set_flags(SSL_CTX *ctx, unsigned long flags) 1023e1051a39Sopenharmony_ci{ 1024e1051a39Sopenharmony_ci unsigned long orig = ctx->dane.flags; 1025e1051a39Sopenharmony_ci 1026e1051a39Sopenharmony_ci ctx->dane.flags |= flags; 1027e1051a39Sopenharmony_ci return orig; 1028e1051a39Sopenharmony_ci} 1029e1051a39Sopenharmony_ci 1030e1051a39Sopenharmony_ciunsigned long SSL_CTX_dane_clear_flags(SSL_CTX *ctx, unsigned long flags) 1031e1051a39Sopenharmony_ci{ 1032e1051a39Sopenharmony_ci unsigned long orig = ctx->dane.flags; 1033e1051a39Sopenharmony_ci 1034e1051a39Sopenharmony_ci ctx->dane.flags &= ~flags; 1035e1051a39Sopenharmony_ci return orig; 1036e1051a39Sopenharmony_ci} 1037e1051a39Sopenharmony_ci 1038e1051a39Sopenharmony_ciint SSL_dane_enable(SSL *s, const char *basedomain) 1039e1051a39Sopenharmony_ci{ 1040e1051a39Sopenharmony_ci SSL_DANE *dane = &s->dane; 1041e1051a39Sopenharmony_ci 1042e1051a39Sopenharmony_ci if (s->ctx->dane.mdmax == 0) { 1043e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_CONTEXT_NOT_DANE_ENABLED); 1044e1051a39Sopenharmony_ci return 0; 1045e1051a39Sopenharmony_ci } 1046e1051a39Sopenharmony_ci if (dane->trecs != NULL) { 1047e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_DANE_ALREADY_ENABLED); 1048e1051a39Sopenharmony_ci return 0; 1049e1051a39Sopenharmony_ci } 1050e1051a39Sopenharmony_ci 1051e1051a39Sopenharmony_ci /* 1052e1051a39Sopenharmony_ci * Default SNI name. This rejects empty names, while set1_host below 1053e1051a39Sopenharmony_ci * accepts them and disables host name checks. To avoid side-effects with 1054e1051a39Sopenharmony_ci * invalid input, set the SNI name first. 1055e1051a39Sopenharmony_ci */ 1056e1051a39Sopenharmony_ci if (s->ext.hostname == NULL) { 1057e1051a39Sopenharmony_ci if (!SSL_set_tlsext_host_name(s, basedomain)) { 1058e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_ERROR_SETTING_TLSA_BASE_DOMAIN); 1059e1051a39Sopenharmony_ci return -1; 1060e1051a39Sopenharmony_ci } 1061e1051a39Sopenharmony_ci } 1062e1051a39Sopenharmony_ci 1063e1051a39Sopenharmony_ci /* Primary RFC6125 reference identifier */ 1064e1051a39Sopenharmony_ci if (!X509_VERIFY_PARAM_set1_host(s->param, basedomain, 0)) { 1065e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_ERROR_SETTING_TLSA_BASE_DOMAIN); 1066e1051a39Sopenharmony_ci return -1; 1067e1051a39Sopenharmony_ci } 1068e1051a39Sopenharmony_ci 1069e1051a39Sopenharmony_ci dane->mdpth = -1; 1070e1051a39Sopenharmony_ci dane->pdpth = -1; 1071e1051a39Sopenharmony_ci dane->dctx = &s->ctx->dane; 1072e1051a39Sopenharmony_ci dane->trecs = sk_danetls_record_new_null(); 1073e1051a39Sopenharmony_ci 1074e1051a39Sopenharmony_ci if (dane->trecs == NULL) { 1075e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); 1076e1051a39Sopenharmony_ci return -1; 1077e1051a39Sopenharmony_ci } 1078e1051a39Sopenharmony_ci return 1; 1079e1051a39Sopenharmony_ci} 1080e1051a39Sopenharmony_ci 1081e1051a39Sopenharmony_ciunsigned long SSL_dane_set_flags(SSL *ssl, unsigned long flags) 1082e1051a39Sopenharmony_ci{ 1083e1051a39Sopenharmony_ci unsigned long orig = ssl->dane.flags; 1084e1051a39Sopenharmony_ci 1085e1051a39Sopenharmony_ci ssl->dane.flags |= flags; 1086e1051a39Sopenharmony_ci return orig; 1087e1051a39Sopenharmony_ci} 1088e1051a39Sopenharmony_ci 1089e1051a39Sopenharmony_ciunsigned long SSL_dane_clear_flags(SSL *ssl, unsigned long flags) 1090e1051a39Sopenharmony_ci{ 1091e1051a39Sopenharmony_ci unsigned long orig = ssl->dane.flags; 1092e1051a39Sopenharmony_ci 1093e1051a39Sopenharmony_ci ssl->dane.flags &= ~flags; 1094e1051a39Sopenharmony_ci return orig; 1095e1051a39Sopenharmony_ci} 1096e1051a39Sopenharmony_ci 1097e1051a39Sopenharmony_ciint SSL_get0_dane_authority(SSL *s, X509 **mcert, EVP_PKEY **mspki) 1098e1051a39Sopenharmony_ci{ 1099e1051a39Sopenharmony_ci SSL_DANE *dane = &s->dane; 1100e1051a39Sopenharmony_ci 1101e1051a39Sopenharmony_ci if (!DANETLS_ENABLED(dane) || s->verify_result != X509_V_OK) 1102e1051a39Sopenharmony_ci return -1; 1103e1051a39Sopenharmony_ci if (dane->mtlsa) { 1104e1051a39Sopenharmony_ci if (mcert) 1105e1051a39Sopenharmony_ci *mcert = dane->mcert; 1106e1051a39Sopenharmony_ci if (mspki) 1107e1051a39Sopenharmony_ci *mspki = (dane->mcert == NULL) ? dane->mtlsa->spki : NULL; 1108e1051a39Sopenharmony_ci } 1109e1051a39Sopenharmony_ci return dane->mdpth; 1110e1051a39Sopenharmony_ci} 1111e1051a39Sopenharmony_ci 1112e1051a39Sopenharmony_ciint SSL_get0_dane_tlsa(SSL *s, uint8_t *usage, uint8_t *selector, 1113e1051a39Sopenharmony_ci uint8_t *mtype, const unsigned char **data, size_t *dlen) 1114e1051a39Sopenharmony_ci{ 1115e1051a39Sopenharmony_ci SSL_DANE *dane = &s->dane; 1116e1051a39Sopenharmony_ci 1117e1051a39Sopenharmony_ci if (!DANETLS_ENABLED(dane) || s->verify_result != X509_V_OK) 1118e1051a39Sopenharmony_ci return -1; 1119e1051a39Sopenharmony_ci if (dane->mtlsa) { 1120e1051a39Sopenharmony_ci if (usage) 1121e1051a39Sopenharmony_ci *usage = dane->mtlsa->usage; 1122e1051a39Sopenharmony_ci if (selector) 1123e1051a39Sopenharmony_ci *selector = dane->mtlsa->selector; 1124e1051a39Sopenharmony_ci if (mtype) 1125e1051a39Sopenharmony_ci *mtype = dane->mtlsa->mtype; 1126e1051a39Sopenharmony_ci if (data) 1127e1051a39Sopenharmony_ci *data = dane->mtlsa->data; 1128e1051a39Sopenharmony_ci if (dlen) 1129e1051a39Sopenharmony_ci *dlen = dane->mtlsa->dlen; 1130e1051a39Sopenharmony_ci } 1131e1051a39Sopenharmony_ci return dane->mdpth; 1132e1051a39Sopenharmony_ci} 1133e1051a39Sopenharmony_ci 1134e1051a39Sopenharmony_ciSSL_DANE *SSL_get0_dane(SSL *s) 1135e1051a39Sopenharmony_ci{ 1136e1051a39Sopenharmony_ci return &s->dane; 1137e1051a39Sopenharmony_ci} 1138e1051a39Sopenharmony_ci 1139e1051a39Sopenharmony_ciint SSL_dane_tlsa_add(SSL *s, uint8_t usage, uint8_t selector, 1140e1051a39Sopenharmony_ci uint8_t mtype, const unsigned char *data, size_t dlen) 1141e1051a39Sopenharmony_ci{ 1142e1051a39Sopenharmony_ci return dane_tlsa_add(&s->dane, usage, selector, mtype, data, dlen); 1143e1051a39Sopenharmony_ci} 1144e1051a39Sopenharmony_ci 1145e1051a39Sopenharmony_ciint SSL_CTX_dane_mtype_set(SSL_CTX *ctx, const EVP_MD *md, uint8_t mtype, 1146e1051a39Sopenharmony_ci uint8_t ord) 1147e1051a39Sopenharmony_ci{ 1148e1051a39Sopenharmony_ci return dane_mtype_set(&ctx->dane, md, mtype, ord); 1149e1051a39Sopenharmony_ci} 1150e1051a39Sopenharmony_ci 1151e1051a39Sopenharmony_ciint SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm) 1152e1051a39Sopenharmony_ci{ 1153e1051a39Sopenharmony_ci return X509_VERIFY_PARAM_set1(ctx->param, vpm); 1154e1051a39Sopenharmony_ci} 1155e1051a39Sopenharmony_ci 1156e1051a39Sopenharmony_ciint SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm) 1157e1051a39Sopenharmony_ci{ 1158e1051a39Sopenharmony_ci return X509_VERIFY_PARAM_set1(ssl->param, vpm); 1159e1051a39Sopenharmony_ci} 1160e1051a39Sopenharmony_ci 1161e1051a39Sopenharmony_ciX509_VERIFY_PARAM *SSL_CTX_get0_param(SSL_CTX *ctx) 1162e1051a39Sopenharmony_ci{ 1163e1051a39Sopenharmony_ci return ctx->param; 1164e1051a39Sopenharmony_ci} 1165e1051a39Sopenharmony_ci 1166e1051a39Sopenharmony_ciX509_VERIFY_PARAM *SSL_get0_param(SSL *ssl) 1167e1051a39Sopenharmony_ci{ 1168e1051a39Sopenharmony_ci return ssl->param; 1169e1051a39Sopenharmony_ci} 1170e1051a39Sopenharmony_ci 1171e1051a39Sopenharmony_civoid SSL_certs_clear(SSL *s) 1172e1051a39Sopenharmony_ci{ 1173e1051a39Sopenharmony_ci ssl_cert_clear_certs(s->cert); 1174e1051a39Sopenharmony_ci} 1175e1051a39Sopenharmony_ci 1176e1051a39Sopenharmony_civoid SSL_free(SSL *s) 1177e1051a39Sopenharmony_ci{ 1178e1051a39Sopenharmony_ci int i; 1179e1051a39Sopenharmony_ci 1180e1051a39Sopenharmony_ci if (s == NULL) 1181e1051a39Sopenharmony_ci return; 1182e1051a39Sopenharmony_ci CRYPTO_DOWN_REF(&s->references, &i, s->lock); 1183e1051a39Sopenharmony_ci REF_PRINT_COUNT("SSL", s); 1184e1051a39Sopenharmony_ci if (i > 0) 1185e1051a39Sopenharmony_ci return; 1186e1051a39Sopenharmony_ci REF_ASSERT_ISNT(i < 0); 1187e1051a39Sopenharmony_ci 1188e1051a39Sopenharmony_ci X509_VERIFY_PARAM_free(s->param); 1189e1051a39Sopenharmony_ci dane_final(&s->dane); 1190e1051a39Sopenharmony_ci CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data); 1191e1051a39Sopenharmony_ci 1192e1051a39Sopenharmony_ci RECORD_LAYER_release(&s->rlayer); 1193e1051a39Sopenharmony_ci 1194e1051a39Sopenharmony_ci /* Ignore return value */ 1195e1051a39Sopenharmony_ci ssl_free_wbio_buffer(s); 1196e1051a39Sopenharmony_ci 1197e1051a39Sopenharmony_ci BIO_free_all(s->wbio); 1198e1051a39Sopenharmony_ci s->wbio = NULL; 1199e1051a39Sopenharmony_ci BIO_free_all(s->rbio); 1200e1051a39Sopenharmony_ci s->rbio = NULL; 1201e1051a39Sopenharmony_ci 1202e1051a39Sopenharmony_ci BUF_MEM_free(s->init_buf); 1203e1051a39Sopenharmony_ci 1204e1051a39Sopenharmony_ci /* add extra stuff */ 1205e1051a39Sopenharmony_ci sk_SSL_CIPHER_free(s->cipher_list); 1206e1051a39Sopenharmony_ci sk_SSL_CIPHER_free(s->cipher_list_by_id); 1207e1051a39Sopenharmony_ci sk_SSL_CIPHER_free(s->tls13_ciphersuites); 1208e1051a39Sopenharmony_ci sk_SSL_CIPHER_free(s->peer_ciphers); 1209e1051a39Sopenharmony_ci 1210e1051a39Sopenharmony_ci /* Make the next call work :-) */ 1211e1051a39Sopenharmony_ci if (s->session != NULL) { 1212e1051a39Sopenharmony_ci ssl_clear_bad_session(s); 1213e1051a39Sopenharmony_ci SSL_SESSION_free(s->session); 1214e1051a39Sopenharmony_ci } 1215e1051a39Sopenharmony_ci SSL_SESSION_free(s->psksession); 1216e1051a39Sopenharmony_ci OPENSSL_free(s->psksession_id); 1217e1051a39Sopenharmony_ci 1218e1051a39Sopenharmony_ci clear_ciphers(s); 1219e1051a39Sopenharmony_ci 1220e1051a39Sopenharmony_ci ssl_cert_free(s->cert); 1221e1051a39Sopenharmony_ci OPENSSL_free(s->shared_sigalgs); 1222e1051a39Sopenharmony_ci /* Free up if allocated */ 1223e1051a39Sopenharmony_ci 1224e1051a39Sopenharmony_ci OPENSSL_free(s->ext.hostname); 1225e1051a39Sopenharmony_ci SSL_CTX_free(s->session_ctx); 1226e1051a39Sopenharmony_ci OPENSSL_free(s->ext.ecpointformats); 1227e1051a39Sopenharmony_ci OPENSSL_free(s->ext.peer_ecpointformats); 1228e1051a39Sopenharmony_ci OPENSSL_free(s->ext.supportedgroups); 1229e1051a39Sopenharmony_ci OPENSSL_free(s->ext.peer_supportedgroups); 1230e1051a39Sopenharmony_ci sk_X509_EXTENSION_pop_free(s->ext.ocsp.exts, X509_EXTENSION_free); 1231e1051a39Sopenharmony_ci#ifndef OPENSSL_NO_OCSP 1232e1051a39Sopenharmony_ci sk_OCSP_RESPID_pop_free(s->ext.ocsp.ids, OCSP_RESPID_free); 1233e1051a39Sopenharmony_ci#endif 1234e1051a39Sopenharmony_ci#ifndef OPENSSL_NO_CT 1235e1051a39Sopenharmony_ci SCT_LIST_free(s->scts); 1236e1051a39Sopenharmony_ci OPENSSL_free(s->ext.scts); 1237e1051a39Sopenharmony_ci#endif 1238e1051a39Sopenharmony_ci OPENSSL_free(s->ext.ocsp.resp); 1239e1051a39Sopenharmony_ci OPENSSL_free(s->ext.alpn); 1240e1051a39Sopenharmony_ci OPENSSL_free(s->ext.tls13_cookie); 1241e1051a39Sopenharmony_ci if (s->clienthello != NULL) 1242e1051a39Sopenharmony_ci OPENSSL_free(s->clienthello->pre_proc_exts); 1243e1051a39Sopenharmony_ci OPENSSL_free(s->clienthello); 1244e1051a39Sopenharmony_ci OPENSSL_free(s->pha_context); 1245e1051a39Sopenharmony_ci EVP_MD_CTX_free(s->pha_dgst); 1246e1051a39Sopenharmony_ci 1247e1051a39Sopenharmony_ci sk_X509_NAME_pop_free(s->ca_names, X509_NAME_free); 1248e1051a39Sopenharmony_ci sk_X509_NAME_pop_free(s->client_ca_names, X509_NAME_free); 1249e1051a39Sopenharmony_ci 1250e1051a39Sopenharmony_ci sk_X509_pop_free(s->verified_chain, X509_free); 1251e1051a39Sopenharmony_ci 1252e1051a39Sopenharmony_ci if (s->method != NULL) 1253e1051a39Sopenharmony_ci s->method->ssl_free(s); 1254e1051a39Sopenharmony_ci 1255e1051a39Sopenharmony_ci SSL_CTX_free(s->ctx); 1256e1051a39Sopenharmony_ci 1257e1051a39Sopenharmony_ci ASYNC_WAIT_CTX_free(s->waitctx); 1258e1051a39Sopenharmony_ci 1259e1051a39Sopenharmony_ci#if !defined(OPENSSL_NO_NEXTPROTONEG) 1260e1051a39Sopenharmony_ci OPENSSL_free(s->ext.npn); 1261e1051a39Sopenharmony_ci#endif 1262e1051a39Sopenharmony_ci 1263e1051a39Sopenharmony_ci#ifndef OPENSSL_NO_SRTP 1264e1051a39Sopenharmony_ci sk_SRTP_PROTECTION_PROFILE_free(s->srtp_profiles); 1265e1051a39Sopenharmony_ci#endif 1266e1051a39Sopenharmony_ci 1267e1051a39Sopenharmony_ci CRYPTO_THREAD_lock_free(s->lock); 1268e1051a39Sopenharmony_ci 1269e1051a39Sopenharmony_ci OPENSSL_free(s); 1270e1051a39Sopenharmony_ci} 1271e1051a39Sopenharmony_ci 1272e1051a39Sopenharmony_civoid SSL_set0_rbio(SSL *s, BIO *rbio) 1273e1051a39Sopenharmony_ci{ 1274e1051a39Sopenharmony_ci BIO_free_all(s->rbio); 1275e1051a39Sopenharmony_ci s->rbio = rbio; 1276e1051a39Sopenharmony_ci} 1277e1051a39Sopenharmony_ci 1278e1051a39Sopenharmony_civoid SSL_set0_wbio(SSL *s, BIO *wbio) 1279e1051a39Sopenharmony_ci{ 1280e1051a39Sopenharmony_ci /* 1281e1051a39Sopenharmony_ci * If the output buffering BIO is still in place, remove it 1282e1051a39Sopenharmony_ci */ 1283e1051a39Sopenharmony_ci if (s->bbio != NULL) 1284e1051a39Sopenharmony_ci s->wbio = BIO_pop(s->wbio); 1285e1051a39Sopenharmony_ci 1286e1051a39Sopenharmony_ci BIO_free_all(s->wbio); 1287e1051a39Sopenharmony_ci s->wbio = wbio; 1288e1051a39Sopenharmony_ci 1289e1051a39Sopenharmony_ci /* Re-attach |bbio| to the new |wbio|. */ 1290e1051a39Sopenharmony_ci if (s->bbio != NULL) 1291e1051a39Sopenharmony_ci s->wbio = BIO_push(s->bbio, s->wbio); 1292e1051a39Sopenharmony_ci} 1293e1051a39Sopenharmony_ci 1294e1051a39Sopenharmony_civoid SSL_set_bio(SSL *s, BIO *rbio, BIO *wbio) 1295e1051a39Sopenharmony_ci{ 1296e1051a39Sopenharmony_ci /* 1297e1051a39Sopenharmony_ci * For historical reasons, this function has many different cases in 1298e1051a39Sopenharmony_ci * ownership handling. 1299e1051a39Sopenharmony_ci */ 1300e1051a39Sopenharmony_ci 1301e1051a39Sopenharmony_ci /* If nothing has changed, do nothing */ 1302e1051a39Sopenharmony_ci if (rbio == SSL_get_rbio(s) && wbio == SSL_get_wbio(s)) 1303e1051a39Sopenharmony_ci return; 1304e1051a39Sopenharmony_ci 1305e1051a39Sopenharmony_ci /* 1306e1051a39Sopenharmony_ci * If the two arguments are equal then one fewer reference is granted by the 1307e1051a39Sopenharmony_ci * caller than we want to take 1308e1051a39Sopenharmony_ci */ 1309e1051a39Sopenharmony_ci if (rbio != NULL && rbio == wbio) 1310e1051a39Sopenharmony_ci BIO_up_ref(rbio); 1311e1051a39Sopenharmony_ci 1312e1051a39Sopenharmony_ci /* 1313e1051a39Sopenharmony_ci * If only the wbio is changed only adopt one reference. 1314e1051a39Sopenharmony_ci */ 1315e1051a39Sopenharmony_ci if (rbio == SSL_get_rbio(s)) { 1316e1051a39Sopenharmony_ci SSL_set0_wbio(s, wbio); 1317e1051a39Sopenharmony_ci return; 1318e1051a39Sopenharmony_ci } 1319e1051a39Sopenharmony_ci /* 1320e1051a39Sopenharmony_ci * There is an asymmetry here for historical reasons. If only the rbio is 1321e1051a39Sopenharmony_ci * changed AND the rbio and wbio were originally different, then we only 1322e1051a39Sopenharmony_ci * adopt one reference. 1323e1051a39Sopenharmony_ci */ 1324e1051a39Sopenharmony_ci if (wbio == SSL_get_wbio(s) && SSL_get_rbio(s) != SSL_get_wbio(s)) { 1325e1051a39Sopenharmony_ci SSL_set0_rbio(s, rbio); 1326e1051a39Sopenharmony_ci return; 1327e1051a39Sopenharmony_ci } 1328e1051a39Sopenharmony_ci 1329e1051a39Sopenharmony_ci /* Otherwise, adopt both references. */ 1330e1051a39Sopenharmony_ci SSL_set0_rbio(s, rbio); 1331e1051a39Sopenharmony_ci SSL_set0_wbio(s, wbio); 1332e1051a39Sopenharmony_ci} 1333e1051a39Sopenharmony_ci 1334e1051a39Sopenharmony_ciBIO *SSL_get_rbio(const SSL *s) 1335e1051a39Sopenharmony_ci{ 1336e1051a39Sopenharmony_ci return s->rbio; 1337e1051a39Sopenharmony_ci} 1338e1051a39Sopenharmony_ci 1339e1051a39Sopenharmony_ciBIO *SSL_get_wbio(const SSL *s) 1340e1051a39Sopenharmony_ci{ 1341e1051a39Sopenharmony_ci if (s->bbio != NULL) { 1342e1051a39Sopenharmony_ci /* 1343e1051a39Sopenharmony_ci * If |bbio| is active, the true caller-configured BIO is its 1344e1051a39Sopenharmony_ci * |next_bio|. 1345e1051a39Sopenharmony_ci */ 1346e1051a39Sopenharmony_ci return BIO_next(s->bbio); 1347e1051a39Sopenharmony_ci } 1348e1051a39Sopenharmony_ci return s->wbio; 1349e1051a39Sopenharmony_ci} 1350e1051a39Sopenharmony_ci 1351e1051a39Sopenharmony_ciint SSL_get_fd(const SSL *s) 1352e1051a39Sopenharmony_ci{ 1353e1051a39Sopenharmony_ci return SSL_get_rfd(s); 1354e1051a39Sopenharmony_ci} 1355e1051a39Sopenharmony_ci 1356e1051a39Sopenharmony_ciint SSL_get_rfd(const SSL *s) 1357e1051a39Sopenharmony_ci{ 1358e1051a39Sopenharmony_ci int ret = -1; 1359e1051a39Sopenharmony_ci BIO *b, *r; 1360e1051a39Sopenharmony_ci 1361e1051a39Sopenharmony_ci b = SSL_get_rbio(s); 1362e1051a39Sopenharmony_ci r = BIO_find_type(b, BIO_TYPE_DESCRIPTOR); 1363e1051a39Sopenharmony_ci if (r != NULL) 1364e1051a39Sopenharmony_ci BIO_get_fd(r, &ret); 1365e1051a39Sopenharmony_ci return ret; 1366e1051a39Sopenharmony_ci} 1367e1051a39Sopenharmony_ci 1368e1051a39Sopenharmony_ciint SSL_get_wfd(const SSL *s) 1369e1051a39Sopenharmony_ci{ 1370e1051a39Sopenharmony_ci int ret = -1; 1371e1051a39Sopenharmony_ci BIO *b, *r; 1372e1051a39Sopenharmony_ci 1373e1051a39Sopenharmony_ci b = SSL_get_wbio(s); 1374e1051a39Sopenharmony_ci r = BIO_find_type(b, BIO_TYPE_DESCRIPTOR); 1375e1051a39Sopenharmony_ci if (r != NULL) 1376e1051a39Sopenharmony_ci BIO_get_fd(r, &ret); 1377e1051a39Sopenharmony_ci return ret; 1378e1051a39Sopenharmony_ci} 1379e1051a39Sopenharmony_ci 1380e1051a39Sopenharmony_ci#ifndef OPENSSL_NO_SOCK 1381e1051a39Sopenharmony_ciint SSL_set_fd(SSL *s, int fd) 1382e1051a39Sopenharmony_ci{ 1383e1051a39Sopenharmony_ci int ret = 0; 1384e1051a39Sopenharmony_ci BIO *bio = NULL; 1385e1051a39Sopenharmony_ci 1386e1051a39Sopenharmony_ci bio = BIO_new(BIO_s_socket()); 1387e1051a39Sopenharmony_ci 1388e1051a39Sopenharmony_ci if (bio == NULL) { 1389e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, ERR_R_BUF_LIB); 1390e1051a39Sopenharmony_ci goto err; 1391e1051a39Sopenharmony_ci } 1392e1051a39Sopenharmony_ci BIO_set_fd(bio, fd, BIO_NOCLOSE); 1393e1051a39Sopenharmony_ci SSL_set_bio(s, bio, bio); 1394e1051a39Sopenharmony_ci#ifndef OPENSSL_NO_KTLS 1395e1051a39Sopenharmony_ci /* 1396e1051a39Sopenharmony_ci * The new socket is created successfully regardless of ktls_enable. 1397e1051a39Sopenharmony_ci * ktls_enable doesn't change any functionality of the socket, except 1398e1051a39Sopenharmony_ci * changing the setsockopt to enable the processing of ktls_start. 1399e1051a39Sopenharmony_ci * Thus, it is not a problem to call it for non-TLS sockets. 1400e1051a39Sopenharmony_ci */ 1401e1051a39Sopenharmony_ci ktls_enable(fd); 1402e1051a39Sopenharmony_ci#endif /* OPENSSL_NO_KTLS */ 1403e1051a39Sopenharmony_ci ret = 1; 1404e1051a39Sopenharmony_ci err: 1405e1051a39Sopenharmony_ci return ret; 1406e1051a39Sopenharmony_ci} 1407e1051a39Sopenharmony_ci 1408e1051a39Sopenharmony_ciint SSL_set_wfd(SSL *s, int fd) 1409e1051a39Sopenharmony_ci{ 1410e1051a39Sopenharmony_ci BIO *rbio = SSL_get_rbio(s); 1411e1051a39Sopenharmony_ci 1412e1051a39Sopenharmony_ci if (rbio == NULL || BIO_method_type(rbio) != BIO_TYPE_SOCKET 1413e1051a39Sopenharmony_ci || (int)BIO_get_fd(rbio, NULL) != fd) { 1414e1051a39Sopenharmony_ci BIO *bio = BIO_new(BIO_s_socket()); 1415e1051a39Sopenharmony_ci 1416e1051a39Sopenharmony_ci if (bio == NULL) { 1417e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, ERR_R_BUF_LIB); 1418e1051a39Sopenharmony_ci return 0; 1419e1051a39Sopenharmony_ci } 1420e1051a39Sopenharmony_ci BIO_set_fd(bio, fd, BIO_NOCLOSE); 1421e1051a39Sopenharmony_ci SSL_set0_wbio(s, bio); 1422e1051a39Sopenharmony_ci#ifndef OPENSSL_NO_KTLS 1423e1051a39Sopenharmony_ci /* 1424e1051a39Sopenharmony_ci * The new socket is created successfully regardless of ktls_enable. 1425e1051a39Sopenharmony_ci * ktls_enable doesn't change any functionality of the socket, except 1426e1051a39Sopenharmony_ci * changing the setsockopt to enable the processing of ktls_start. 1427e1051a39Sopenharmony_ci * Thus, it is not a problem to call it for non-TLS sockets. 1428e1051a39Sopenharmony_ci */ 1429e1051a39Sopenharmony_ci ktls_enable(fd); 1430e1051a39Sopenharmony_ci#endif /* OPENSSL_NO_KTLS */ 1431e1051a39Sopenharmony_ci } else { 1432e1051a39Sopenharmony_ci BIO_up_ref(rbio); 1433e1051a39Sopenharmony_ci SSL_set0_wbio(s, rbio); 1434e1051a39Sopenharmony_ci } 1435e1051a39Sopenharmony_ci return 1; 1436e1051a39Sopenharmony_ci} 1437e1051a39Sopenharmony_ci 1438e1051a39Sopenharmony_ciint SSL_set_rfd(SSL *s, int fd) 1439e1051a39Sopenharmony_ci{ 1440e1051a39Sopenharmony_ci BIO *wbio = SSL_get_wbio(s); 1441e1051a39Sopenharmony_ci 1442e1051a39Sopenharmony_ci if (wbio == NULL || BIO_method_type(wbio) != BIO_TYPE_SOCKET 1443e1051a39Sopenharmony_ci || ((int)BIO_get_fd(wbio, NULL) != fd)) { 1444e1051a39Sopenharmony_ci BIO *bio = BIO_new(BIO_s_socket()); 1445e1051a39Sopenharmony_ci 1446e1051a39Sopenharmony_ci if (bio == NULL) { 1447e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, ERR_R_BUF_LIB); 1448e1051a39Sopenharmony_ci return 0; 1449e1051a39Sopenharmony_ci } 1450e1051a39Sopenharmony_ci BIO_set_fd(bio, fd, BIO_NOCLOSE); 1451e1051a39Sopenharmony_ci SSL_set0_rbio(s, bio); 1452e1051a39Sopenharmony_ci } else { 1453e1051a39Sopenharmony_ci BIO_up_ref(wbio); 1454e1051a39Sopenharmony_ci SSL_set0_rbio(s, wbio); 1455e1051a39Sopenharmony_ci } 1456e1051a39Sopenharmony_ci 1457e1051a39Sopenharmony_ci return 1; 1458e1051a39Sopenharmony_ci} 1459e1051a39Sopenharmony_ci#endif 1460e1051a39Sopenharmony_ci 1461e1051a39Sopenharmony_ci/* return length of latest Finished message we sent, copy to 'buf' */ 1462e1051a39Sopenharmony_cisize_t SSL_get_finished(const SSL *s, void *buf, size_t count) 1463e1051a39Sopenharmony_ci{ 1464e1051a39Sopenharmony_ci size_t ret = 0; 1465e1051a39Sopenharmony_ci 1466e1051a39Sopenharmony_ci ret = s->s3.tmp.finish_md_len; 1467e1051a39Sopenharmony_ci if (count > ret) 1468e1051a39Sopenharmony_ci count = ret; 1469e1051a39Sopenharmony_ci memcpy(buf, s->s3.tmp.finish_md, count); 1470e1051a39Sopenharmony_ci return ret; 1471e1051a39Sopenharmony_ci} 1472e1051a39Sopenharmony_ci 1473e1051a39Sopenharmony_ci/* return length of latest Finished message we expected, copy to 'buf' */ 1474e1051a39Sopenharmony_cisize_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count) 1475e1051a39Sopenharmony_ci{ 1476e1051a39Sopenharmony_ci size_t ret = 0; 1477e1051a39Sopenharmony_ci 1478e1051a39Sopenharmony_ci ret = s->s3.tmp.peer_finish_md_len; 1479e1051a39Sopenharmony_ci if (count > ret) 1480e1051a39Sopenharmony_ci count = ret; 1481e1051a39Sopenharmony_ci memcpy(buf, s->s3.tmp.peer_finish_md, count); 1482e1051a39Sopenharmony_ci return ret; 1483e1051a39Sopenharmony_ci} 1484e1051a39Sopenharmony_ci 1485e1051a39Sopenharmony_ciint SSL_get_verify_mode(const SSL *s) 1486e1051a39Sopenharmony_ci{ 1487e1051a39Sopenharmony_ci return s->verify_mode; 1488e1051a39Sopenharmony_ci} 1489e1051a39Sopenharmony_ci 1490e1051a39Sopenharmony_ciint SSL_get_verify_depth(const SSL *s) 1491e1051a39Sopenharmony_ci{ 1492e1051a39Sopenharmony_ci return X509_VERIFY_PARAM_get_depth(s->param); 1493e1051a39Sopenharmony_ci} 1494e1051a39Sopenharmony_ci 1495e1051a39Sopenharmony_ciint (*SSL_get_verify_callback(const SSL *s)) (int, X509_STORE_CTX *) { 1496e1051a39Sopenharmony_ci return s->verify_callback; 1497e1051a39Sopenharmony_ci} 1498e1051a39Sopenharmony_ci 1499e1051a39Sopenharmony_ciint SSL_CTX_get_verify_mode(const SSL_CTX *ctx) 1500e1051a39Sopenharmony_ci{ 1501e1051a39Sopenharmony_ci return ctx->verify_mode; 1502e1051a39Sopenharmony_ci} 1503e1051a39Sopenharmony_ci 1504e1051a39Sopenharmony_ciint SSL_CTX_get_verify_depth(const SSL_CTX *ctx) 1505e1051a39Sopenharmony_ci{ 1506e1051a39Sopenharmony_ci return X509_VERIFY_PARAM_get_depth(ctx->param); 1507e1051a39Sopenharmony_ci} 1508e1051a39Sopenharmony_ci 1509e1051a39Sopenharmony_ciint (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx)) (int, X509_STORE_CTX *) { 1510e1051a39Sopenharmony_ci return ctx->default_verify_callback; 1511e1051a39Sopenharmony_ci} 1512e1051a39Sopenharmony_ci 1513e1051a39Sopenharmony_civoid SSL_set_verify(SSL *s, int mode, 1514e1051a39Sopenharmony_ci int (*callback) (int ok, X509_STORE_CTX *ctx)) 1515e1051a39Sopenharmony_ci{ 1516e1051a39Sopenharmony_ci s->verify_mode = mode; 1517e1051a39Sopenharmony_ci if (callback != NULL) 1518e1051a39Sopenharmony_ci s->verify_callback = callback; 1519e1051a39Sopenharmony_ci} 1520e1051a39Sopenharmony_ci 1521e1051a39Sopenharmony_civoid SSL_set_verify_depth(SSL *s, int depth) 1522e1051a39Sopenharmony_ci{ 1523e1051a39Sopenharmony_ci X509_VERIFY_PARAM_set_depth(s->param, depth); 1524e1051a39Sopenharmony_ci} 1525e1051a39Sopenharmony_ci 1526e1051a39Sopenharmony_civoid SSL_set_read_ahead(SSL *s, int yes) 1527e1051a39Sopenharmony_ci{ 1528e1051a39Sopenharmony_ci RECORD_LAYER_set_read_ahead(&s->rlayer, yes); 1529e1051a39Sopenharmony_ci} 1530e1051a39Sopenharmony_ci 1531e1051a39Sopenharmony_ciint SSL_get_read_ahead(const SSL *s) 1532e1051a39Sopenharmony_ci{ 1533e1051a39Sopenharmony_ci return RECORD_LAYER_get_read_ahead(&s->rlayer); 1534e1051a39Sopenharmony_ci} 1535e1051a39Sopenharmony_ci 1536e1051a39Sopenharmony_ciint SSL_pending(const SSL *s) 1537e1051a39Sopenharmony_ci{ 1538e1051a39Sopenharmony_ci size_t pending = s->method->ssl_pending(s); 1539e1051a39Sopenharmony_ci 1540e1051a39Sopenharmony_ci /* 1541e1051a39Sopenharmony_ci * SSL_pending cannot work properly if read-ahead is enabled 1542e1051a39Sopenharmony_ci * (SSL_[CTX_]ctrl(..., SSL_CTRL_SET_READ_AHEAD, 1, NULL)), and it is 1543e1051a39Sopenharmony_ci * impossible to fix since SSL_pending cannot report errors that may be 1544e1051a39Sopenharmony_ci * observed while scanning the new data. (Note that SSL_pending() is 1545e1051a39Sopenharmony_ci * often used as a boolean value, so we'd better not return -1.) 1546e1051a39Sopenharmony_ci * 1547e1051a39Sopenharmony_ci * SSL_pending also cannot work properly if the value >INT_MAX. In that case 1548e1051a39Sopenharmony_ci * we just return INT_MAX. 1549e1051a39Sopenharmony_ci */ 1550e1051a39Sopenharmony_ci return pending < INT_MAX ? (int)pending : INT_MAX; 1551e1051a39Sopenharmony_ci} 1552e1051a39Sopenharmony_ci 1553e1051a39Sopenharmony_ciint SSL_has_pending(const SSL *s) 1554e1051a39Sopenharmony_ci{ 1555e1051a39Sopenharmony_ci /* 1556e1051a39Sopenharmony_ci * Similar to SSL_pending() but returns a 1 to indicate that we have 1557e1051a39Sopenharmony_ci * processed or unprocessed data available or 0 otherwise (as opposed to the 1558e1051a39Sopenharmony_ci * number of bytes available). Unlike SSL_pending() this will take into 1559e1051a39Sopenharmony_ci * account read_ahead data. A 1 return simply indicates that we have data. 1560e1051a39Sopenharmony_ci * That data may not result in any application data, or we may fail to parse 1561e1051a39Sopenharmony_ci * the records for some reason. 1562e1051a39Sopenharmony_ci */ 1563e1051a39Sopenharmony_ci 1564e1051a39Sopenharmony_ci /* Check buffered app data if any first */ 1565e1051a39Sopenharmony_ci if (SSL_IS_DTLS(s)) { 1566e1051a39Sopenharmony_ci DTLS1_RECORD_DATA *rdata; 1567e1051a39Sopenharmony_ci pitem *item, *iter; 1568e1051a39Sopenharmony_ci 1569e1051a39Sopenharmony_ci iter = pqueue_iterator(s->rlayer.d->buffered_app_data.q); 1570e1051a39Sopenharmony_ci while ((item = pqueue_next(&iter)) != NULL) { 1571e1051a39Sopenharmony_ci rdata = item->data; 1572e1051a39Sopenharmony_ci if (rdata->rrec.length > 0) 1573e1051a39Sopenharmony_ci return 1; 1574e1051a39Sopenharmony_ci } 1575e1051a39Sopenharmony_ci } 1576e1051a39Sopenharmony_ci 1577e1051a39Sopenharmony_ci if (RECORD_LAYER_processed_read_pending(&s->rlayer)) 1578e1051a39Sopenharmony_ci return 1; 1579e1051a39Sopenharmony_ci 1580e1051a39Sopenharmony_ci return RECORD_LAYER_read_pending(&s->rlayer); 1581e1051a39Sopenharmony_ci} 1582e1051a39Sopenharmony_ci 1583e1051a39Sopenharmony_ciX509 *SSL_get1_peer_certificate(const SSL *s) 1584e1051a39Sopenharmony_ci{ 1585e1051a39Sopenharmony_ci X509 *r = SSL_get0_peer_certificate(s); 1586e1051a39Sopenharmony_ci 1587e1051a39Sopenharmony_ci if (r != NULL) 1588e1051a39Sopenharmony_ci X509_up_ref(r); 1589e1051a39Sopenharmony_ci 1590e1051a39Sopenharmony_ci return r; 1591e1051a39Sopenharmony_ci} 1592e1051a39Sopenharmony_ci 1593e1051a39Sopenharmony_ciX509 *SSL_get0_peer_certificate(const SSL *s) 1594e1051a39Sopenharmony_ci{ 1595e1051a39Sopenharmony_ci if ((s == NULL) || (s->session == NULL)) 1596e1051a39Sopenharmony_ci return NULL; 1597e1051a39Sopenharmony_ci else 1598e1051a39Sopenharmony_ci return s->session->peer; 1599e1051a39Sopenharmony_ci} 1600e1051a39Sopenharmony_ci 1601e1051a39Sopenharmony_ciSTACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *s) 1602e1051a39Sopenharmony_ci{ 1603e1051a39Sopenharmony_ci STACK_OF(X509) *r; 1604e1051a39Sopenharmony_ci 1605e1051a39Sopenharmony_ci if ((s == NULL) || (s->session == NULL)) 1606e1051a39Sopenharmony_ci r = NULL; 1607e1051a39Sopenharmony_ci else 1608e1051a39Sopenharmony_ci r = s->session->peer_chain; 1609e1051a39Sopenharmony_ci 1610e1051a39Sopenharmony_ci /* 1611e1051a39Sopenharmony_ci * If we are a client, cert_chain includes the peer's own certificate; if 1612e1051a39Sopenharmony_ci * we are a server, it does not. 1613e1051a39Sopenharmony_ci */ 1614e1051a39Sopenharmony_ci 1615e1051a39Sopenharmony_ci return r; 1616e1051a39Sopenharmony_ci} 1617e1051a39Sopenharmony_ci 1618e1051a39Sopenharmony_ci/* 1619e1051a39Sopenharmony_ci * Now in theory, since the calling process own 't' it should be safe to 1620e1051a39Sopenharmony_ci * modify. We need to be able to read f without being hassled 1621e1051a39Sopenharmony_ci */ 1622e1051a39Sopenharmony_ciint SSL_copy_session_id(SSL *t, const SSL *f) 1623e1051a39Sopenharmony_ci{ 1624e1051a39Sopenharmony_ci int i; 1625e1051a39Sopenharmony_ci /* Do we need to do SSL locking? */ 1626e1051a39Sopenharmony_ci if (!SSL_set_session(t, SSL_get_session(f))) { 1627e1051a39Sopenharmony_ci return 0; 1628e1051a39Sopenharmony_ci } 1629e1051a39Sopenharmony_ci 1630e1051a39Sopenharmony_ci /* 1631e1051a39Sopenharmony_ci * what if we are setup for one protocol version but want to talk another 1632e1051a39Sopenharmony_ci */ 1633e1051a39Sopenharmony_ci if (t->method != f->method) { 1634e1051a39Sopenharmony_ci t->method->ssl_free(t); 1635e1051a39Sopenharmony_ci t->method = f->method; 1636e1051a39Sopenharmony_ci if (t->method->ssl_new(t) == 0) 1637e1051a39Sopenharmony_ci return 0; 1638e1051a39Sopenharmony_ci } 1639e1051a39Sopenharmony_ci 1640e1051a39Sopenharmony_ci CRYPTO_UP_REF(&f->cert->references, &i, f->cert->lock); 1641e1051a39Sopenharmony_ci ssl_cert_free(t->cert); 1642e1051a39Sopenharmony_ci t->cert = f->cert; 1643e1051a39Sopenharmony_ci if (!SSL_set_session_id_context(t, f->sid_ctx, (int)f->sid_ctx_length)) { 1644e1051a39Sopenharmony_ci return 0; 1645e1051a39Sopenharmony_ci } 1646e1051a39Sopenharmony_ci 1647e1051a39Sopenharmony_ci return 1; 1648e1051a39Sopenharmony_ci} 1649e1051a39Sopenharmony_ci 1650e1051a39Sopenharmony_ci/* Fix this so it checks all the valid key/cert options */ 1651e1051a39Sopenharmony_ciint SSL_CTX_check_private_key(const SSL_CTX *ctx) 1652e1051a39Sopenharmony_ci{ 1653e1051a39Sopenharmony_ci if ((ctx == NULL) || (ctx->cert->key->x509 == NULL)) { 1654e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_NO_CERTIFICATE_ASSIGNED); 1655e1051a39Sopenharmony_ci return 0; 1656e1051a39Sopenharmony_ci } 1657e1051a39Sopenharmony_ci if (ctx->cert->key->privatekey == NULL) { 1658e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_NO_PRIVATE_KEY_ASSIGNED); 1659e1051a39Sopenharmony_ci return 0; 1660e1051a39Sopenharmony_ci } 1661e1051a39Sopenharmony_ci return X509_check_private_key 1662e1051a39Sopenharmony_ci (ctx->cert->key->x509, ctx->cert->key->privatekey); 1663e1051a39Sopenharmony_ci} 1664e1051a39Sopenharmony_ci 1665e1051a39Sopenharmony_ci/* Fix this function so that it takes an optional type parameter */ 1666e1051a39Sopenharmony_ciint SSL_check_private_key(const SSL *ssl) 1667e1051a39Sopenharmony_ci{ 1668e1051a39Sopenharmony_ci if (ssl == NULL) { 1669e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER); 1670e1051a39Sopenharmony_ci return 0; 1671e1051a39Sopenharmony_ci } 1672e1051a39Sopenharmony_ci if (ssl->cert->key->x509 == NULL) { 1673e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_NO_CERTIFICATE_ASSIGNED); 1674e1051a39Sopenharmony_ci return 0; 1675e1051a39Sopenharmony_ci } 1676e1051a39Sopenharmony_ci if (ssl->cert->key->privatekey == NULL) { 1677e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_NO_PRIVATE_KEY_ASSIGNED); 1678e1051a39Sopenharmony_ci return 0; 1679e1051a39Sopenharmony_ci } 1680e1051a39Sopenharmony_ci return X509_check_private_key(ssl->cert->key->x509, 1681e1051a39Sopenharmony_ci ssl->cert->key->privatekey); 1682e1051a39Sopenharmony_ci} 1683e1051a39Sopenharmony_ci 1684e1051a39Sopenharmony_ciint SSL_waiting_for_async(SSL *s) 1685e1051a39Sopenharmony_ci{ 1686e1051a39Sopenharmony_ci if (s->job) 1687e1051a39Sopenharmony_ci return 1; 1688e1051a39Sopenharmony_ci 1689e1051a39Sopenharmony_ci return 0; 1690e1051a39Sopenharmony_ci} 1691e1051a39Sopenharmony_ci 1692e1051a39Sopenharmony_ciint SSL_get_all_async_fds(SSL *s, OSSL_ASYNC_FD *fds, size_t *numfds) 1693e1051a39Sopenharmony_ci{ 1694e1051a39Sopenharmony_ci ASYNC_WAIT_CTX *ctx = s->waitctx; 1695e1051a39Sopenharmony_ci 1696e1051a39Sopenharmony_ci if (ctx == NULL) 1697e1051a39Sopenharmony_ci return 0; 1698e1051a39Sopenharmony_ci return ASYNC_WAIT_CTX_get_all_fds(ctx, fds, numfds); 1699e1051a39Sopenharmony_ci} 1700e1051a39Sopenharmony_ci 1701e1051a39Sopenharmony_ciint SSL_get_changed_async_fds(SSL *s, OSSL_ASYNC_FD *addfd, size_t *numaddfds, 1702e1051a39Sopenharmony_ci OSSL_ASYNC_FD *delfd, size_t *numdelfds) 1703e1051a39Sopenharmony_ci{ 1704e1051a39Sopenharmony_ci ASYNC_WAIT_CTX *ctx = s->waitctx; 1705e1051a39Sopenharmony_ci 1706e1051a39Sopenharmony_ci if (ctx == NULL) 1707e1051a39Sopenharmony_ci return 0; 1708e1051a39Sopenharmony_ci return ASYNC_WAIT_CTX_get_changed_fds(ctx, addfd, numaddfds, delfd, 1709e1051a39Sopenharmony_ci numdelfds); 1710e1051a39Sopenharmony_ci} 1711e1051a39Sopenharmony_ci 1712e1051a39Sopenharmony_ciint SSL_CTX_set_async_callback(SSL_CTX *ctx, SSL_async_callback_fn callback) 1713e1051a39Sopenharmony_ci{ 1714e1051a39Sopenharmony_ci ctx->async_cb = callback; 1715e1051a39Sopenharmony_ci return 1; 1716e1051a39Sopenharmony_ci} 1717e1051a39Sopenharmony_ci 1718e1051a39Sopenharmony_ciint SSL_CTX_set_async_callback_arg(SSL_CTX *ctx, void *arg) 1719e1051a39Sopenharmony_ci{ 1720e1051a39Sopenharmony_ci ctx->async_cb_arg = arg; 1721e1051a39Sopenharmony_ci return 1; 1722e1051a39Sopenharmony_ci} 1723e1051a39Sopenharmony_ci 1724e1051a39Sopenharmony_ciint SSL_set_async_callback(SSL *s, SSL_async_callback_fn callback) 1725e1051a39Sopenharmony_ci{ 1726e1051a39Sopenharmony_ci s->async_cb = callback; 1727e1051a39Sopenharmony_ci return 1; 1728e1051a39Sopenharmony_ci} 1729e1051a39Sopenharmony_ci 1730e1051a39Sopenharmony_ciint SSL_set_async_callback_arg(SSL *s, void *arg) 1731e1051a39Sopenharmony_ci{ 1732e1051a39Sopenharmony_ci s->async_cb_arg = arg; 1733e1051a39Sopenharmony_ci return 1; 1734e1051a39Sopenharmony_ci} 1735e1051a39Sopenharmony_ci 1736e1051a39Sopenharmony_ciint SSL_get_async_status(SSL *s, int *status) 1737e1051a39Sopenharmony_ci{ 1738e1051a39Sopenharmony_ci ASYNC_WAIT_CTX *ctx = s->waitctx; 1739e1051a39Sopenharmony_ci 1740e1051a39Sopenharmony_ci if (ctx == NULL) 1741e1051a39Sopenharmony_ci return 0; 1742e1051a39Sopenharmony_ci *status = ASYNC_WAIT_CTX_get_status(ctx); 1743e1051a39Sopenharmony_ci return 1; 1744e1051a39Sopenharmony_ci} 1745e1051a39Sopenharmony_ci 1746e1051a39Sopenharmony_ciint SSL_accept(SSL *s) 1747e1051a39Sopenharmony_ci{ 1748e1051a39Sopenharmony_ci if (s->handshake_func == NULL) { 1749e1051a39Sopenharmony_ci /* Not properly initialized yet */ 1750e1051a39Sopenharmony_ci SSL_set_accept_state(s); 1751e1051a39Sopenharmony_ci } 1752e1051a39Sopenharmony_ci 1753e1051a39Sopenharmony_ci return SSL_do_handshake(s); 1754e1051a39Sopenharmony_ci} 1755e1051a39Sopenharmony_ci 1756e1051a39Sopenharmony_ciint SSL_connect(SSL *s) 1757e1051a39Sopenharmony_ci{ 1758e1051a39Sopenharmony_ci if (s->handshake_func == NULL) { 1759e1051a39Sopenharmony_ci /* Not properly initialized yet */ 1760e1051a39Sopenharmony_ci SSL_set_connect_state(s); 1761e1051a39Sopenharmony_ci } 1762e1051a39Sopenharmony_ci 1763e1051a39Sopenharmony_ci return SSL_do_handshake(s); 1764e1051a39Sopenharmony_ci} 1765e1051a39Sopenharmony_ci 1766e1051a39Sopenharmony_cilong SSL_get_default_timeout(const SSL *s) 1767e1051a39Sopenharmony_ci{ 1768e1051a39Sopenharmony_ci return s->method->get_timeout(); 1769e1051a39Sopenharmony_ci} 1770e1051a39Sopenharmony_ci 1771e1051a39Sopenharmony_cistatic int ssl_async_wait_ctx_cb(void *arg) 1772e1051a39Sopenharmony_ci{ 1773e1051a39Sopenharmony_ci SSL *s = (SSL *)arg; 1774e1051a39Sopenharmony_ci 1775e1051a39Sopenharmony_ci return s->async_cb(s, s->async_cb_arg); 1776e1051a39Sopenharmony_ci} 1777e1051a39Sopenharmony_ci 1778e1051a39Sopenharmony_cistatic int ssl_start_async_job(SSL *s, struct ssl_async_args *args, 1779e1051a39Sopenharmony_ci int (*func) (void *)) 1780e1051a39Sopenharmony_ci{ 1781e1051a39Sopenharmony_ci int ret; 1782e1051a39Sopenharmony_ci if (s->waitctx == NULL) { 1783e1051a39Sopenharmony_ci s->waitctx = ASYNC_WAIT_CTX_new(); 1784e1051a39Sopenharmony_ci if (s->waitctx == NULL) 1785e1051a39Sopenharmony_ci return -1; 1786e1051a39Sopenharmony_ci if (s->async_cb != NULL 1787e1051a39Sopenharmony_ci && !ASYNC_WAIT_CTX_set_callback 1788e1051a39Sopenharmony_ci (s->waitctx, ssl_async_wait_ctx_cb, s)) 1789e1051a39Sopenharmony_ci return -1; 1790e1051a39Sopenharmony_ci } 1791e1051a39Sopenharmony_ci 1792e1051a39Sopenharmony_ci s->rwstate = SSL_NOTHING; 1793e1051a39Sopenharmony_ci switch (ASYNC_start_job(&s->job, s->waitctx, &ret, func, args, 1794e1051a39Sopenharmony_ci sizeof(struct ssl_async_args))) { 1795e1051a39Sopenharmony_ci case ASYNC_ERR: 1796e1051a39Sopenharmony_ci s->rwstate = SSL_NOTHING; 1797e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_FAILED_TO_INIT_ASYNC); 1798e1051a39Sopenharmony_ci return -1; 1799e1051a39Sopenharmony_ci case ASYNC_PAUSE: 1800e1051a39Sopenharmony_ci s->rwstate = SSL_ASYNC_PAUSED; 1801e1051a39Sopenharmony_ci return -1; 1802e1051a39Sopenharmony_ci case ASYNC_NO_JOBS: 1803e1051a39Sopenharmony_ci s->rwstate = SSL_ASYNC_NO_JOBS; 1804e1051a39Sopenharmony_ci return -1; 1805e1051a39Sopenharmony_ci case ASYNC_FINISH: 1806e1051a39Sopenharmony_ci s->job = NULL; 1807e1051a39Sopenharmony_ci return ret; 1808e1051a39Sopenharmony_ci default: 1809e1051a39Sopenharmony_ci s->rwstate = SSL_NOTHING; 1810e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR); 1811e1051a39Sopenharmony_ci /* Shouldn't happen */ 1812e1051a39Sopenharmony_ci return -1; 1813e1051a39Sopenharmony_ci } 1814e1051a39Sopenharmony_ci} 1815e1051a39Sopenharmony_ci 1816e1051a39Sopenharmony_cistatic int ssl_io_intern(void *vargs) 1817e1051a39Sopenharmony_ci{ 1818e1051a39Sopenharmony_ci struct ssl_async_args *args; 1819e1051a39Sopenharmony_ci SSL *s; 1820e1051a39Sopenharmony_ci void *buf; 1821e1051a39Sopenharmony_ci size_t num; 1822e1051a39Sopenharmony_ci 1823e1051a39Sopenharmony_ci args = (struct ssl_async_args *)vargs; 1824e1051a39Sopenharmony_ci s = args->s; 1825e1051a39Sopenharmony_ci buf = args->buf; 1826e1051a39Sopenharmony_ci num = args->num; 1827e1051a39Sopenharmony_ci switch (args->type) { 1828e1051a39Sopenharmony_ci case READFUNC: 1829e1051a39Sopenharmony_ci return args->f.func_read(s, buf, num, &s->asyncrw); 1830e1051a39Sopenharmony_ci case WRITEFUNC: 1831e1051a39Sopenharmony_ci return args->f.func_write(s, buf, num, &s->asyncrw); 1832e1051a39Sopenharmony_ci case OTHERFUNC: 1833e1051a39Sopenharmony_ci return args->f.func_other(s); 1834e1051a39Sopenharmony_ci } 1835e1051a39Sopenharmony_ci return -1; 1836e1051a39Sopenharmony_ci} 1837e1051a39Sopenharmony_ci 1838e1051a39Sopenharmony_ciint ssl_read_internal(SSL *s, void *buf, size_t num, size_t *readbytes) 1839e1051a39Sopenharmony_ci{ 1840e1051a39Sopenharmony_ci if (s->handshake_func == NULL) { 1841e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_UNINITIALIZED); 1842e1051a39Sopenharmony_ci return -1; 1843e1051a39Sopenharmony_ci } 1844e1051a39Sopenharmony_ci 1845e1051a39Sopenharmony_ci if (s->shutdown & SSL_RECEIVED_SHUTDOWN) { 1846e1051a39Sopenharmony_ci s->rwstate = SSL_NOTHING; 1847e1051a39Sopenharmony_ci return 0; 1848e1051a39Sopenharmony_ci } 1849e1051a39Sopenharmony_ci 1850e1051a39Sopenharmony_ci if (s->early_data_state == SSL_EARLY_DATA_CONNECT_RETRY 1851e1051a39Sopenharmony_ci || s->early_data_state == SSL_EARLY_DATA_ACCEPT_RETRY) { 1852e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 1853e1051a39Sopenharmony_ci return 0; 1854e1051a39Sopenharmony_ci } 1855e1051a39Sopenharmony_ci /* 1856e1051a39Sopenharmony_ci * If we are a client and haven't received the ServerHello etc then we 1857e1051a39Sopenharmony_ci * better do that 1858e1051a39Sopenharmony_ci */ 1859e1051a39Sopenharmony_ci ossl_statem_check_finish_init(s, 0); 1860e1051a39Sopenharmony_ci 1861e1051a39Sopenharmony_ci if ((s->mode & SSL_MODE_ASYNC) && ASYNC_get_current_job() == NULL) { 1862e1051a39Sopenharmony_ci struct ssl_async_args args; 1863e1051a39Sopenharmony_ci int ret; 1864e1051a39Sopenharmony_ci 1865e1051a39Sopenharmony_ci args.s = s; 1866e1051a39Sopenharmony_ci args.buf = buf; 1867e1051a39Sopenharmony_ci args.num = num; 1868e1051a39Sopenharmony_ci args.type = READFUNC; 1869e1051a39Sopenharmony_ci args.f.func_read = s->method->ssl_read; 1870e1051a39Sopenharmony_ci 1871e1051a39Sopenharmony_ci ret = ssl_start_async_job(s, &args, ssl_io_intern); 1872e1051a39Sopenharmony_ci *readbytes = s->asyncrw; 1873e1051a39Sopenharmony_ci return ret; 1874e1051a39Sopenharmony_ci } else { 1875e1051a39Sopenharmony_ci return s->method->ssl_read(s, buf, num, readbytes); 1876e1051a39Sopenharmony_ci } 1877e1051a39Sopenharmony_ci} 1878e1051a39Sopenharmony_ci 1879e1051a39Sopenharmony_ciint SSL_read(SSL *s, void *buf, int num) 1880e1051a39Sopenharmony_ci{ 1881e1051a39Sopenharmony_ci int ret; 1882e1051a39Sopenharmony_ci size_t readbytes; 1883e1051a39Sopenharmony_ci 1884e1051a39Sopenharmony_ci if (num < 0) { 1885e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_BAD_LENGTH); 1886e1051a39Sopenharmony_ci return -1; 1887e1051a39Sopenharmony_ci } 1888e1051a39Sopenharmony_ci 1889e1051a39Sopenharmony_ci ret = ssl_read_internal(s, buf, (size_t)num, &readbytes); 1890e1051a39Sopenharmony_ci 1891e1051a39Sopenharmony_ci /* 1892e1051a39Sopenharmony_ci * The cast is safe here because ret should be <= INT_MAX because num is 1893e1051a39Sopenharmony_ci * <= INT_MAX 1894e1051a39Sopenharmony_ci */ 1895e1051a39Sopenharmony_ci if (ret > 0) 1896e1051a39Sopenharmony_ci ret = (int)readbytes; 1897e1051a39Sopenharmony_ci 1898e1051a39Sopenharmony_ci return ret; 1899e1051a39Sopenharmony_ci} 1900e1051a39Sopenharmony_ci 1901e1051a39Sopenharmony_ciint SSL_read_ex(SSL *s, void *buf, size_t num, size_t *readbytes) 1902e1051a39Sopenharmony_ci{ 1903e1051a39Sopenharmony_ci int ret = ssl_read_internal(s, buf, num, readbytes); 1904e1051a39Sopenharmony_ci 1905e1051a39Sopenharmony_ci if (ret < 0) 1906e1051a39Sopenharmony_ci ret = 0; 1907e1051a39Sopenharmony_ci return ret; 1908e1051a39Sopenharmony_ci} 1909e1051a39Sopenharmony_ci 1910e1051a39Sopenharmony_ciint SSL_read_early_data(SSL *s, void *buf, size_t num, size_t *readbytes) 1911e1051a39Sopenharmony_ci{ 1912e1051a39Sopenharmony_ci int ret; 1913e1051a39Sopenharmony_ci 1914e1051a39Sopenharmony_ci if (!s->server) { 1915e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 1916e1051a39Sopenharmony_ci return SSL_READ_EARLY_DATA_ERROR; 1917e1051a39Sopenharmony_ci } 1918e1051a39Sopenharmony_ci 1919e1051a39Sopenharmony_ci switch (s->early_data_state) { 1920e1051a39Sopenharmony_ci case SSL_EARLY_DATA_NONE: 1921e1051a39Sopenharmony_ci if (!SSL_in_before(s)) { 1922e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 1923e1051a39Sopenharmony_ci return SSL_READ_EARLY_DATA_ERROR; 1924e1051a39Sopenharmony_ci } 1925e1051a39Sopenharmony_ci /* fall through */ 1926e1051a39Sopenharmony_ci 1927e1051a39Sopenharmony_ci case SSL_EARLY_DATA_ACCEPT_RETRY: 1928e1051a39Sopenharmony_ci s->early_data_state = SSL_EARLY_DATA_ACCEPTING; 1929e1051a39Sopenharmony_ci ret = SSL_accept(s); 1930e1051a39Sopenharmony_ci if (ret <= 0) { 1931e1051a39Sopenharmony_ci /* NBIO or error */ 1932e1051a39Sopenharmony_ci s->early_data_state = SSL_EARLY_DATA_ACCEPT_RETRY; 1933e1051a39Sopenharmony_ci return SSL_READ_EARLY_DATA_ERROR; 1934e1051a39Sopenharmony_ci } 1935e1051a39Sopenharmony_ci /* fall through */ 1936e1051a39Sopenharmony_ci 1937e1051a39Sopenharmony_ci case SSL_EARLY_DATA_READ_RETRY: 1938e1051a39Sopenharmony_ci if (s->ext.early_data == SSL_EARLY_DATA_ACCEPTED) { 1939e1051a39Sopenharmony_ci s->early_data_state = SSL_EARLY_DATA_READING; 1940e1051a39Sopenharmony_ci ret = SSL_read_ex(s, buf, num, readbytes); 1941e1051a39Sopenharmony_ci /* 1942e1051a39Sopenharmony_ci * State machine will update early_data_state to 1943e1051a39Sopenharmony_ci * SSL_EARLY_DATA_FINISHED_READING if we get an EndOfEarlyData 1944e1051a39Sopenharmony_ci * message 1945e1051a39Sopenharmony_ci */ 1946e1051a39Sopenharmony_ci if (ret > 0 || (ret <= 0 && s->early_data_state 1947e1051a39Sopenharmony_ci != SSL_EARLY_DATA_FINISHED_READING)) { 1948e1051a39Sopenharmony_ci s->early_data_state = SSL_EARLY_DATA_READ_RETRY; 1949e1051a39Sopenharmony_ci return ret > 0 ? SSL_READ_EARLY_DATA_SUCCESS 1950e1051a39Sopenharmony_ci : SSL_READ_EARLY_DATA_ERROR; 1951e1051a39Sopenharmony_ci } 1952e1051a39Sopenharmony_ci } else { 1953e1051a39Sopenharmony_ci s->early_data_state = SSL_EARLY_DATA_FINISHED_READING; 1954e1051a39Sopenharmony_ci } 1955e1051a39Sopenharmony_ci *readbytes = 0; 1956e1051a39Sopenharmony_ci return SSL_READ_EARLY_DATA_FINISH; 1957e1051a39Sopenharmony_ci 1958e1051a39Sopenharmony_ci default: 1959e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 1960e1051a39Sopenharmony_ci return SSL_READ_EARLY_DATA_ERROR; 1961e1051a39Sopenharmony_ci } 1962e1051a39Sopenharmony_ci} 1963e1051a39Sopenharmony_ci 1964e1051a39Sopenharmony_ciint SSL_get_early_data_status(const SSL *s) 1965e1051a39Sopenharmony_ci{ 1966e1051a39Sopenharmony_ci return s->ext.early_data; 1967e1051a39Sopenharmony_ci} 1968e1051a39Sopenharmony_ci 1969e1051a39Sopenharmony_cistatic int ssl_peek_internal(SSL *s, void *buf, size_t num, size_t *readbytes) 1970e1051a39Sopenharmony_ci{ 1971e1051a39Sopenharmony_ci if (s->handshake_func == NULL) { 1972e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_UNINITIALIZED); 1973e1051a39Sopenharmony_ci return -1; 1974e1051a39Sopenharmony_ci } 1975e1051a39Sopenharmony_ci 1976e1051a39Sopenharmony_ci if (s->shutdown & SSL_RECEIVED_SHUTDOWN) { 1977e1051a39Sopenharmony_ci return 0; 1978e1051a39Sopenharmony_ci } 1979e1051a39Sopenharmony_ci if ((s->mode & SSL_MODE_ASYNC) && ASYNC_get_current_job() == NULL) { 1980e1051a39Sopenharmony_ci struct ssl_async_args args; 1981e1051a39Sopenharmony_ci int ret; 1982e1051a39Sopenharmony_ci 1983e1051a39Sopenharmony_ci args.s = s; 1984e1051a39Sopenharmony_ci args.buf = buf; 1985e1051a39Sopenharmony_ci args.num = num; 1986e1051a39Sopenharmony_ci args.type = READFUNC; 1987e1051a39Sopenharmony_ci args.f.func_read = s->method->ssl_peek; 1988e1051a39Sopenharmony_ci 1989e1051a39Sopenharmony_ci ret = ssl_start_async_job(s, &args, ssl_io_intern); 1990e1051a39Sopenharmony_ci *readbytes = s->asyncrw; 1991e1051a39Sopenharmony_ci return ret; 1992e1051a39Sopenharmony_ci } else { 1993e1051a39Sopenharmony_ci return s->method->ssl_peek(s, buf, num, readbytes); 1994e1051a39Sopenharmony_ci } 1995e1051a39Sopenharmony_ci} 1996e1051a39Sopenharmony_ci 1997e1051a39Sopenharmony_ciint SSL_peek(SSL *s, void *buf, int num) 1998e1051a39Sopenharmony_ci{ 1999e1051a39Sopenharmony_ci int ret; 2000e1051a39Sopenharmony_ci size_t readbytes; 2001e1051a39Sopenharmony_ci 2002e1051a39Sopenharmony_ci if (num < 0) { 2003e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_BAD_LENGTH); 2004e1051a39Sopenharmony_ci return -1; 2005e1051a39Sopenharmony_ci } 2006e1051a39Sopenharmony_ci 2007e1051a39Sopenharmony_ci ret = ssl_peek_internal(s, buf, (size_t)num, &readbytes); 2008e1051a39Sopenharmony_ci 2009e1051a39Sopenharmony_ci /* 2010e1051a39Sopenharmony_ci * The cast is safe here because ret should be <= INT_MAX because num is 2011e1051a39Sopenharmony_ci * <= INT_MAX 2012e1051a39Sopenharmony_ci */ 2013e1051a39Sopenharmony_ci if (ret > 0) 2014e1051a39Sopenharmony_ci ret = (int)readbytes; 2015e1051a39Sopenharmony_ci 2016e1051a39Sopenharmony_ci return ret; 2017e1051a39Sopenharmony_ci} 2018e1051a39Sopenharmony_ci 2019e1051a39Sopenharmony_ci 2020e1051a39Sopenharmony_ciint SSL_peek_ex(SSL *s, void *buf, size_t num, size_t *readbytes) 2021e1051a39Sopenharmony_ci{ 2022e1051a39Sopenharmony_ci int ret = ssl_peek_internal(s, buf, num, readbytes); 2023e1051a39Sopenharmony_ci 2024e1051a39Sopenharmony_ci if (ret < 0) 2025e1051a39Sopenharmony_ci ret = 0; 2026e1051a39Sopenharmony_ci return ret; 2027e1051a39Sopenharmony_ci} 2028e1051a39Sopenharmony_ci 2029e1051a39Sopenharmony_ciint ssl_write_internal(SSL *s, const void *buf, size_t num, size_t *written) 2030e1051a39Sopenharmony_ci{ 2031e1051a39Sopenharmony_ci if (s->handshake_func == NULL) { 2032e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_UNINITIALIZED); 2033e1051a39Sopenharmony_ci return -1; 2034e1051a39Sopenharmony_ci } 2035e1051a39Sopenharmony_ci 2036e1051a39Sopenharmony_ci if (s->shutdown & SSL_SENT_SHUTDOWN) { 2037e1051a39Sopenharmony_ci s->rwstate = SSL_NOTHING; 2038e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_PROTOCOL_IS_SHUTDOWN); 2039e1051a39Sopenharmony_ci return -1; 2040e1051a39Sopenharmony_ci } 2041e1051a39Sopenharmony_ci 2042e1051a39Sopenharmony_ci if (s->early_data_state == SSL_EARLY_DATA_CONNECT_RETRY 2043e1051a39Sopenharmony_ci || s->early_data_state == SSL_EARLY_DATA_ACCEPT_RETRY 2044e1051a39Sopenharmony_ci || s->early_data_state == SSL_EARLY_DATA_READ_RETRY) { 2045e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 2046e1051a39Sopenharmony_ci return 0; 2047e1051a39Sopenharmony_ci } 2048e1051a39Sopenharmony_ci /* If we are a client and haven't sent the Finished we better do that */ 2049e1051a39Sopenharmony_ci ossl_statem_check_finish_init(s, 1); 2050e1051a39Sopenharmony_ci 2051e1051a39Sopenharmony_ci if ((s->mode & SSL_MODE_ASYNC) && ASYNC_get_current_job() == NULL) { 2052e1051a39Sopenharmony_ci int ret; 2053e1051a39Sopenharmony_ci struct ssl_async_args args; 2054e1051a39Sopenharmony_ci 2055e1051a39Sopenharmony_ci args.s = s; 2056e1051a39Sopenharmony_ci args.buf = (void *)buf; 2057e1051a39Sopenharmony_ci args.num = num; 2058e1051a39Sopenharmony_ci args.type = WRITEFUNC; 2059e1051a39Sopenharmony_ci args.f.func_write = s->method->ssl_write; 2060e1051a39Sopenharmony_ci 2061e1051a39Sopenharmony_ci ret = ssl_start_async_job(s, &args, ssl_io_intern); 2062e1051a39Sopenharmony_ci *written = s->asyncrw; 2063e1051a39Sopenharmony_ci return ret; 2064e1051a39Sopenharmony_ci } else { 2065e1051a39Sopenharmony_ci return s->method->ssl_write(s, buf, num, written); 2066e1051a39Sopenharmony_ci } 2067e1051a39Sopenharmony_ci} 2068e1051a39Sopenharmony_ci 2069e1051a39Sopenharmony_ciossl_ssize_t SSL_sendfile(SSL *s, int fd, off_t offset, size_t size, int flags) 2070e1051a39Sopenharmony_ci{ 2071e1051a39Sopenharmony_ci ossl_ssize_t ret; 2072e1051a39Sopenharmony_ci 2073e1051a39Sopenharmony_ci if (s->handshake_func == NULL) { 2074e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_UNINITIALIZED); 2075e1051a39Sopenharmony_ci return -1; 2076e1051a39Sopenharmony_ci } 2077e1051a39Sopenharmony_ci 2078e1051a39Sopenharmony_ci if (s->shutdown & SSL_SENT_SHUTDOWN) { 2079e1051a39Sopenharmony_ci s->rwstate = SSL_NOTHING; 2080e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_PROTOCOL_IS_SHUTDOWN); 2081e1051a39Sopenharmony_ci return -1; 2082e1051a39Sopenharmony_ci } 2083e1051a39Sopenharmony_ci 2084e1051a39Sopenharmony_ci if (!BIO_get_ktls_send(s->wbio)) { 2085e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_UNINITIALIZED); 2086e1051a39Sopenharmony_ci return -1; 2087e1051a39Sopenharmony_ci } 2088e1051a39Sopenharmony_ci 2089e1051a39Sopenharmony_ci /* If we have an alert to send, lets send it */ 2090e1051a39Sopenharmony_ci if (s->s3.alert_dispatch) { 2091e1051a39Sopenharmony_ci ret = (ossl_ssize_t)s->method->ssl_dispatch_alert(s); 2092e1051a39Sopenharmony_ci if (ret <= 0) { 2093e1051a39Sopenharmony_ci /* SSLfatal() already called if appropriate */ 2094e1051a39Sopenharmony_ci return ret; 2095e1051a39Sopenharmony_ci } 2096e1051a39Sopenharmony_ci /* if it went, fall through and send more stuff */ 2097e1051a39Sopenharmony_ci } 2098e1051a39Sopenharmony_ci 2099e1051a39Sopenharmony_ci s->rwstate = SSL_WRITING; 2100e1051a39Sopenharmony_ci if (BIO_flush(s->wbio) <= 0) { 2101e1051a39Sopenharmony_ci if (!BIO_should_retry(s->wbio)) { 2102e1051a39Sopenharmony_ci s->rwstate = SSL_NOTHING; 2103e1051a39Sopenharmony_ci } else { 2104e1051a39Sopenharmony_ci#ifdef EAGAIN 2105e1051a39Sopenharmony_ci set_sys_error(EAGAIN); 2106e1051a39Sopenharmony_ci#endif 2107e1051a39Sopenharmony_ci } 2108e1051a39Sopenharmony_ci return -1; 2109e1051a39Sopenharmony_ci } 2110e1051a39Sopenharmony_ci 2111e1051a39Sopenharmony_ci#ifdef OPENSSL_NO_KTLS 2112e1051a39Sopenharmony_ci ERR_raise_data(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR, 2113e1051a39Sopenharmony_ci "can't call ktls_sendfile(), ktls disabled"); 2114e1051a39Sopenharmony_ci return -1; 2115e1051a39Sopenharmony_ci#else 2116e1051a39Sopenharmony_ci ret = ktls_sendfile(SSL_get_wfd(s), fd, offset, size, flags); 2117e1051a39Sopenharmony_ci if (ret < 0) { 2118e1051a39Sopenharmony_ci#if defined(EAGAIN) && defined(EINTR) && defined(EBUSY) 2119e1051a39Sopenharmony_ci if ((get_last_sys_error() == EAGAIN) || 2120e1051a39Sopenharmony_ci (get_last_sys_error() == EINTR) || 2121e1051a39Sopenharmony_ci (get_last_sys_error() == EBUSY)) 2122e1051a39Sopenharmony_ci BIO_set_retry_write(s->wbio); 2123e1051a39Sopenharmony_ci else 2124e1051a39Sopenharmony_ci#endif 2125e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_UNINITIALIZED); 2126e1051a39Sopenharmony_ci return ret; 2127e1051a39Sopenharmony_ci } 2128e1051a39Sopenharmony_ci s->rwstate = SSL_NOTHING; 2129e1051a39Sopenharmony_ci return ret; 2130e1051a39Sopenharmony_ci#endif 2131e1051a39Sopenharmony_ci} 2132e1051a39Sopenharmony_ci 2133e1051a39Sopenharmony_ciint SSL_write(SSL *s, const void *buf, int num) 2134e1051a39Sopenharmony_ci{ 2135e1051a39Sopenharmony_ci int ret; 2136e1051a39Sopenharmony_ci size_t written; 2137e1051a39Sopenharmony_ci 2138e1051a39Sopenharmony_ci if (num < 0) { 2139e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_BAD_LENGTH); 2140e1051a39Sopenharmony_ci return -1; 2141e1051a39Sopenharmony_ci } 2142e1051a39Sopenharmony_ci 2143e1051a39Sopenharmony_ci ret = ssl_write_internal(s, buf, (size_t)num, &written); 2144e1051a39Sopenharmony_ci 2145e1051a39Sopenharmony_ci /* 2146e1051a39Sopenharmony_ci * The cast is safe here because ret should be <= INT_MAX because num is 2147e1051a39Sopenharmony_ci * <= INT_MAX 2148e1051a39Sopenharmony_ci */ 2149e1051a39Sopenharmony_ci if (ret > 0) 2150e1051a39Sopenharmony_ci ret = (int)written; 2151e1051a39Sopenharmony_ci 2152e1051a39Sopenharmony_ci return ret; 2153e1051a39Sopenharmony_ci} 2154e1051a39Sopenharmony_ci 2155e1051a39Sopenharmony_ciint SSL_write_ex(SSL *s, const void *buf, size_t num, size_t *written) 2156e1051a39Sopenharmony_ci{ 2157e1051a39Sopenharmony_ci int ret = ssl_write_internal(s, buf, num, written); 2158e1051a39Sopenharmony_ci 2159e1051a39Sopenharmony_ci if (ret < 0) 2160e1051a39Sopenharmony_ci ret = 0; 2161e1051a39Sopenharmony_ci return ret; 2162e1051a39Sopenharmony_ci} 2163e1051a39Sopenharmony_ci 2164e1051a39Sopenharmony_ciint SSL_write_early_data(SSL *s, const void *buf, size_t num, size_t *written) 2165e1051a39Sopenharmony_ci{ 2166e1051a39Sopenharmony_ci int ret, early_data_state; 2167e1051a39Sopenharmony_ci size_t writtmp; 2168e1051a39Sopenharmony_ci uint32_t partialwrite; 2169e1051a39Sopenharmony_ci 2170e1051a39Sopenharmony_ci switch (s->early_data_state) { 2171e1051a39Sopenharmony_ci case SSL_EARLY_DATA_NONE: 2172e1051a39Sopenharmony_ci if (s->server 2173e1051a39Sopenharmony_ci || !SSL_in_before(s) 2174e1051a39Sopenharmony_ci || ((s->session == NULL || s->session->ext.max_early_data == 0) 2175e1051a39Sopenharmony_ci && (s->psk_use_session_cb == NULL))) { 2176e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 2177e1051a39Sopenharmony_ci return 0; 2178e1051a39Sopenharmony_ci } 2179e1051a39Sopenharmony_ci /* fall through */ 2180e1051a39Sopenharmony_ci 2181e1051a39Sopenharmony_ci case SSL_EARLY_DATA_CONNECT_RETRY: 2182e1051a39Sopenharmony_ci s->early_data_state = SSL_EARLY_DATA_CONNECTING; 2183e1051a39Sopenharmony_ci ret = SSL_connect(s); 2184e1051a39Sopenharmony_ci if (ret <= 0) { 2185e1051a39Sopenharmony_ci /* NBIO or error */ 2186e1051a39Sopenharmony_ci s->early_data_state = SSL_EARLY_DATA_CONNECT_RETRY; 2187e1051a39Sopenharmony_ci return 0; 2188e1051a39Sopenharmony_ci } 2189e1051a39Sopenharmony_ci /* fall through */ 2190e1051a39Sopenharmony_ci 2191e1051a39Sopenharmony_ci case SSL_EARLY_DATA_WRITE_RETRY: 2192e1051a39Sopenharmony_ci s->early_data_state = SSL_EARLY_DATA_WRITING; 2193e1051a39Sopenharmony_ci /* 2194e1051a39Sopenharmony_ci * We disable partial write for early data because we don't keep track 2195e1051a39Sopenharmony_ci * of how many bytes we've written between the SSL_write_ex() call and 2196e1051a39Sopenharmony_ci * the flush if the flush needs to be retried) 2197e1051a39Sopenharmony_ci */ 2198e1051a39Sopenharmony_ci partialwrite = s->mode & SSL_MODE_ENABLE_PARTIAL_WRITE; 2199e1051a39Sopenharmony_ci s->mode &= ~SSL_MODE_ENABLE_PARTIAL_WRITE; 2200e1051a39Sopenharmony_ci ret = SSL_write_ex(s, buf, num, &writtmp); 2201e1051a39Sopenharmony_ci s->mode |= partialwrite; 2202e1051a39Sopenharmony_ci if (!ret) { 2203e1051a39Sopenharmony_ci s->early_data_state = SSL_EARLY_DATA_WRITE_RETRY; 2204e1051a39Sopenharmony_ci return ret; 2205e1051a39Sopenharmony_ci } 2206e1051a39Sopenharmony_ci s->early_data_state = SSL_EARLY_DATA_WRITE_FLUSH; 2207e1051a39Sopenharmony_ci /* fall through */ 2208e1051a39Sopenharmony_ci 2209e1051a39Sopenharmony_ci case SSL_EARLY_DATA_WRITE_FLUSH: 2210e1051a39Sopenharmony_ci /* The buffering BIO is still in place so we need to flush it */ 2211e1051a39Sopenharmony_ci if (statem_flush(s) != 1) 2212e1051a39Sopenharmony_ci return 0; 2213e1051a39Sopenharmony_ci *written = num; 2214e1051a39Sopenharmony_ci s->early_data_state = SSL_EARLY_DATA_WRITE_RETRY; 2215e1051a39Sopenharmony_ci return 1; 2216e1051a39Sopenharmony_ci 2217e1051a39Sopenharmony_ci case SSL_EARLY_DATA_FINISHED_READING: 2218e1051a39Sopenharmony_ci case SSL_EARLY_DATA_READ_RETRY: 2219e1051a39Sopenharmony_ci early_data_state = s->early_data_state; 2220e1051a39Sopenharmony_ci /* We are a server writing to an unauthenticated client */ 2221e1051a39Sopenharmony_ci s->early_data_state = SSL_EARLY_DATA_UNAUTH_WRITING; 2222e1051a39Sopenharmony_ci ret = SSL_write_ex(s, buf, num, written); 2223e1051a39Sopenharmony_ci /* The buffering BIO is still in place */ 2224e1051a39Sopenharmony_ci if (ret) 2225e1051a39Sopenharmony_ci (void)BIO_flush(s->wbio); 2226e1051a39Sopenharmony_ci s->early_data_state = early_data_state; 2227e1051a39Sopenharmony_ci return ret; 2228e1051a39Sopenharmony_ci 2229e1051a39Sopenharmony_ci default: 2230e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 2231e1051a39Sopenharmony_ci return 0; 2232e1051a39Sopenharmony_ci } 2233e1051a39Sopenharmony_ci} 2234e1051a39Sopenharmony_ci 2235e1051a39Sopenharmony_ciint SSL_shutdown(SSL *s) 2236e1051a39Sopenharmony_ci{ 2237e1051a39Sopenharmony_ci /* 2238e1051a39Sopenharmony_ci * Note that this function behaves differently from what one might 2239e1051a39Sopenharmony_ci * expect. Return values are 0 for no success (yet), 1 for success; but 2240e1051a39Sopenharmony_ci * calling it once is usually not enough, even if blocking I/O is used 2241e1051a39Sopenharmony_ci * (see ssl3_shutdown). 2242e1051a39Sopenharmony_ci */ 2243e1051a39Sopenharmony_ci 2244e1051a39Sopenharmony_ci if (s->handshake_func == NULL) { 2245e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_UNINITIALIZED); 2246e1051a39Sopenharmony_ci return -1; 2247e1051a39Sopenharmony_ci } 2248e1051a39Sopenharmony_ci 2249e1051a39Sopenharmony_ci if (!SSL_in_init(s)) { 2250e1051a39Sopenharmony_ci if ((s->mode & SSL_MODE_ASYNC) && ASYNC_get_current_job() == NULL) { 2251e1051a39Sopenharmony_ci struct ssl_async_args args; 2252e1051a39Sopenharmony_ci 2253e1051a39Sopenharmony_ci memset(&args, 0, sizeof(args)); 2254e1051a39Sopenharmony_ci args.s = s; 2255e1051a39Sopenharmony_ci args.type = OTHERFUNC; 2256e1051a39Sopenharmony_ci args.f.func_other = s->method->ssl_shutdown; 2257e1051a39Sopenharmony_ci 2258e1051a39Sopenharmony_ci return ssl_start_async_job(s, &args, ssl_io_intern); 2259e1051a39Sopenharmony_ci } else { 2260e1051a39Sopenharmony_ci return s->method->ssl_shutdown(s); 2261e1051a39Sopenharmony_ci } 2262e1051a39Sopenharmony_ci } else { 2263e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_SHUTDOWN_WHILE_IN_INIT); 2264e1051a39Sopenharmony_ci return -1; 2265e1051a39Sopenharmony_ci } 2266e1051a39Sopenharmony_ci} 2267e1051a39Sopenharmony_ci 2268e1051a39Sopenharmony_ciint SSL_key_update(SSL *s, int updatetype) 2269e1051a39Sopenharmony_ci{ 2270e1051a39Sopenharmony_ci if (!SSL_IS_TLS13(s)) { 2271e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_WRONG_SSL_VERSION); 2272e1051a39Sopenharmony_ci return 0; 2273e1051a39Sopenharmony_ci } 2274e1051a39Sopenharmony_ci 2275e1051a39Sopenharmony_ci if (updatetype != SSL_KEY_UPDATE_NOT_REQUESTED 2276e1051a39Sopenharmony_ci && updatetype != SSL_KEY_UPDATE_REQUESTED) { 2277e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_INVALID_KEY_UPDATE_TYPE); 2278e1051a39Sopenharmony_ci return 0; 2279e1051a39Sopenharmony_ci } 2280e1051a39Sopenharmony_ci 2281e1051a39Sopenharmony_ci if (!SSL_is_init_finished(s)) { 2282e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_STILL_IN_INIT); 2283e1051a39Sopenharmony_ci return 0; 2284e1051a39Sopenharmony_ci } 2285e1051a39Sopenharmony_ci 2286e1051a39Sopenharmony_ci if (RECORD_LAYER_write_pending(&s->rlayer)) { 2287e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_BAD_WRITE_RETRY); 2288e1051a39Sopenharmony_ci return 0; 2289e1051a39Sopenharmony_ci } 2290e1051a39Sopenharmony_ci 2291e1051a39Sopenharmony_ci ossl_statem_set_in_init(s, 1); 2292e1051a39Sopenharmony_ci s->key_update = updatetype; 2293e1051a39Sopenharmony_ci return 1; 2294e1051a39Sopenharmony_ci} 2295e1051a39Sopenharmony_ci 2296e1051a39Sopenharmony_ciint SSL_get_key_update_type(const SSL *s) 2297e1051a39Sopenharmony_ci{ 2298e1051a39Sopenharmony_ci return s->key_update; 2299e1051a39Sopenharmony_ci} 2300e1051a39Sopenharmony_ci 2301e1051a39Sopenharmony_ci/* 2302e1051a39Sopenharmony_ci * Can we accept a renegotiation request? If yes, set the flag and 2303e1051a39Sopenharmony_ci * return 1 if yes. If not, raise error and return 0. 2304e1051a39Sopenharmony_ci */ 2305e1051a39Sopenharmony_cistatic int can_renegotiate(const SSL *s) 2306e1051a39Sopenharmony_ci{ 2307e1051a39Sopenharmony_ci if (SSL_IS_TLS13(s)) { 2308e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_WRONG_SSL_VERSION); 2309e1051a39Sopenharmony_ci return 0; 2310e1051a39Sopenharmony_ci } 2311e1051a39Sopenharmony_ci 2312e1051a39Sopenharmony_ci if ((s->options & SSL_OP_NO_RENEGOTIATION) != 0) { 2313e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_NO_RENEGOTIATION); 2314e1051a39Sopenharmony_ci return 0; 2315e1051a39Sopenharmony_ci } 2316e1051a39Sopenharmony_ci 2317e1051a39Sopenharmony_ci return 1; 2318e1051a39Sopenharmony_ci} 2319e1051a39Sopenharmony_ci 2320e1051a39Sopenharmony_ciint SSL_renegotiate(SSL *s) 2321e1051a39Sopenharmony_ci{ 2322e1051a39Sopenharmony_ci if (!can_renegotiate(s)) 2323e1051a39Sopenharmony_ci return 0; 2324e1051a39Sopenharmony_ci 2325e1051a39Sopenharmony_ci s->renegotiate = 1; 2326e1051a39Sopenharmony_ci s->new_session = 1; 2327e1051a39Sopenharmony_ci return s->method->ssl_renegotiate(s); 2328e1051a39Sopenharmony_ci} 2329e1051a39Sopenharmony_ci 2330e1051a39Sopenharmony_ciint SSL_renegotiate_abbreviated(SSL *s) 2331e1051a39Sopenharmony_ci{ 2332e1051a39Sopenharmony_ci if (!can_renegotiate(s)) 2333e1051a39Sopenharmony_ci return 0; 2334e1051a39Sopenharmony_ci 2335e1051a39Sopenharmony_ci s->renegotiate = 1; 2336e1051a39Sopenharmony_ci s->new_session = 0; 2337e1051a39Sopenharmony_ci return s->method->ssl_renegotiate(s); 2338e1051a39Sopenharmony_ci} 2339e1051a39Sopenharmony_ci 2340e1051a39Sopenharmony_ciint SSL_renegotiate_pending(const SSL *s) 2341e1051a39Sopenharmony_ci{ 2342e1051a39Sopenharmony_ci /* 2343e1051a39Sopenharmony_ci * becomes true when negotiation is requested; false again once a 2344e1051a39Sopenharmony_ci * handshake has finished 2345e1051a39Sopenharmony_ci */ 2346e1051a39Sopenharmony_ci return (s->renegotiate != 0); 2347e1051a39Sopenharmony_ci} 2348e1051a39Sopenharmony_ci 2349e1051a39Sopenharmony_ciint SSL_new_session_ticket(SSL *s) 2350e1051a39Sopenharmony_ci{ 2351e1051a39Sopenharmony_ci /* If we are in init because we're sending tickets, okay to send more. */ 2352e1051a39Sopenharmony_ci if ((SSL_in_init(s) && s->ext.extra_tickets_expected == 0) 2353e1051a39Sopenharmony_ci || SSL_IS_FIRST_HANDSHAKE(s) || !s->server 2354e1051a39Sopenharmony_ci || !SSL_IS_TLS13(s)) 2355e1051a39Sopenharmony_ci return 0; 2356e1051a39Sopenharmony_ci s->ext.extra_tickets_expected++; 2357e1051a39Sopenharmony_ci if (!RECORD_LAYER_write_pending(&s->rlayer) && !SSL_in_init(s)) 2358e1051a39Sopenharmony_ci ossl_statem_set_in_init(s, 1); 2359e1051a39Sopenharmony_ci return 1; 2360e1051a39Sopenharmony_ci} 2361e1051a39Sopenharmony_ci 2362e1051a39Sopenharmony_cilong SSL_ctrl(SSL *s, int cmd, long larg, void *parg) 2363e1051a39Sopenharmony_ci{ 2364e1051a39Sopenharmony_ci long l; 2365e1051a39Sopenharmony_ci 2366e1051a39Sopenharmony_ci switch (cmd) { 2367e1051a39Sopenharmony_ci case SSL_CTRL_GET_READ_AHEAD: 2368e1051a39Sopenharmony_ci return RECORD_LAYER_get_read_ahead(&s->rlayer); 2369e1051a39Sopenharmony_ci case SSL_CTRL_SET_READ_AHEAD: 2370e1051a39Sopenharmony_ci l = RECORD_LAYER_get_read_ahead(&s->rlayer); 2371e1051a39Sopenharmony_ci RECORD_LAYER_set_read_ahead(&s->rlayer, larg); 2372e1051a39Sopenharmony_ci return l; 2373e1051a39Sopenharmony_ci 2374e1051a39Sopenharmony_ci case SSL_CTRL_SET_MSG_CALLBACK_ARG: 2375e1051a39Sopenharmony_ci s->msg_callback_arg = parg; 2376e1051a39Sopenharmony_ci return 1; 2377e1051a39Sopenharmony_ci 2378e1051a39Sopenharmony_ci case SSL_CTRL_MODE: 2379e1051a39Sopenharmony_ci return (s->mode |= larg); 2380e1051a39Sopenharmony_ci case SSL_CTRL_CLEAR_MODE: 2381e1051a39Sopenharmony_ci return (s->mode &= ~larg); 2382e1051a39Sopenharmony_ci case SSL_CTRL_GET_MAX_CERT_LIST: 2383e1051a39Sopenharmony_ci return (long)s->max_cert_list; 2384e1051a39Sopenharmony_ci case SSL_CTRL_SET_MAX_CERT_LIST: 2385e1051a39Sopenharmony_ci if (larg < 0) 2386e1051a39Sopenharmony_ci return 0; 2387e1051a39Sopenharmony_ci l = (long)s->max_cert_list; 2388e1051a39Sopenharmony_ci s->max_cert_list = (size_t)larg; 2389e1051a39Sopenharmony_ci return l; 2390e1051a39Sopenharmony_ci case SSL_CTRL_SET_MAX_SEND_FRAGMENT: 2391e1051a39Sopenharmony_ci if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH) 2392e1051a39Sopenharmony_ci return 0; 2393e1051a39Sopenharmony_ci#ifndef OPENSSL_NO_KTLS 2394e1051a39Sopenharmony_ci if (s->wbio != NULL && BIO_get_ktls_send(s->wbio)) 2395e1051a39Sopenharmony_ci return 0; 2396e1051a39Sopenharmony_ci#endif /* OPENSSL_NO_KTLS */ 2397e1051a39Sopenharmony_ci s->max_send_fragment = larg; 2398e1051a39Sopenharmony_ci if (s->max_send_fragment < s->split_send_fragment) 2399e1051a39Sopenharmony_ci s->split_send_fragment = s->max_send_fragment; 2400e1051a39Sopenharmony_ci return 1; 2401e1051a39Sopenharmony_ci case SSL_CTRL_SET_SPLIT_SEND_FRAGMENT: 2402e1051a39Sopenharmony_ci if ((size_t)larg > s->max_send_fragment || larg == 0) 2403e1051a39Sopenharmony_ci return 0; 2404e1051a39Sopenharmony_ci s->split_send_fragment = larg; 2405e1051a39Sopenharmony_ci return 1; 2406e1051a39Sopenharmony_ci case SSL_CTRL_SET_MAX_PIPELINES: 2407e1051a39Sopenharmony_ci if (larg < 1 || larg > SSL_MAX_PIPELINES) 2408e1051a39Sopenharmony_ci return 0; 2409e1051a39Sopenharmony_ci s->max_pipelines = larg; 2410e1051a39Sopenharmony_ci if (larg > 1) 2411e1051a39Sopenharmony_ci RECORD_LAYER_set_read_ahead(&s->rlayer, 1); 2412e1051a39Sopenharmony_ci return 1; 2413e1051a39Sopenharmony_ci case SSL_CTRL_GET_RI_SUPPORT: 2414e1051a39Sopenharmony_ci return s->s3.send_connection_binding; 2415e1051a39Sopenharmony_ci case SSL_CTRL_SET_RETRY_VERIFY: 2416e1051a39Sopenharmony_ci s->rwstate = SSL_RETRY_VERIFY; 2417e1051a39Sopenharmony_ci return 1; 2418e1051a39Sopenharmony_ci case SSL_CTRL_CERT_FLAGS: 2419e1051a39Sopenharmony_ci return (s->cert->cert_flags |= larg); 2420e1051a39Sopenharmony_ci case SSL_CTRL_CLEAR_CERT_FLAGS: 2421e1051a39Sopenharmony_ci return (s->cert->cert_flags &= ~larg); 2422e1051a39Sopenharmony_ci 2423e1051a39Sopenharmony_ci case SSL_CTRL_GET_RAW_CIPHERLIST: 2424e1051a39Sopenharmony_ci if (parg) { 2425e1051a39Sopenharmony_ci if (s->s3.tmp.ciphers_raw == NULL) 2426e1051a39Sopenharmony_ci return 0; 2427e1051a39Sopenharmony_ci *(unsigned char **)parg = s->s3.tmp.ciphers_raw; 2428e1051a39Sopenharmony_ci return (int)s->s3.tmp.ciphers_rawlen; 2429e1051a39Sopenharmony_ci } else { 2430e1051a39Sopenharmony_ci return TLS_CIPHER_LEN; 2431e1051a39Sopenharmony_ci } 2432e1051a39Sopenharmony_ci case SSL_CTRL_GET_EXTMS_SUPPORT: 2433e1051a39Sopenharmony_ci if (!s->session || SSL_in_init(s) || ossl_statem_get_in_handshake(s)) 2434e1051a39Sopenharmony_ci return -1; 2435e1051a39Sopenharmony_ci if (s->session->flags & SSL_SESS_FLAG_EXTMS) 2436e1051a39Sopenharmony_ci return 1; 2437e1051a39Sopenharmony_ci else 2438e1051a39Sopenharmony_ci return 0; 2439e1051a39Sopenharmony_ci case SSL_CTRL_SET_MIN_PROTO_VERSION: 2440e1051a39Sopenharmony_ci return ssl_check_allowed_versions(larg, s->max_proto_version) 2441e1051a39Sopenharmony_ci && ssl_set_version_bound(s->ctx->method->version, (int)larg, 2442e1051a39Sopenharmony_ci &s->min_proto_version); 2443e1051a39Sopenharmony_ci case SSL_CTRL_GET_MIN_PROTO_VERSION: 2444e1051a39Sopenharmony_ci return s->min_proto_version; 2445e1051a39Sopenharmony_ci case SSL_CTRL_SET_MAX_PROTO_VERSION: 2446e1051a39Sopenharmony_ci return ssl_check_allowed_versions(s->min_proto_version, larg) 2447e1051a39Sopenharmony_ci && ssl_set_version_bound(s->ctx->method->version, (int)larg, 2448e1051a39Sopenharmony_ci &s->max_proto_version); 2449e1051a39Sopenharmony_ci case SSL_CTRL_GET_MAX_PROTO_VERSION: 2450e1051a39Sopenharmony_ci return s->max_proto_version; 2451e1051a39Sopenharmony_ci default: 2452e1051a39Sopenharmony_ci return s->method->ssl_ctrl(s, cmd, larg, parg); 2453e1051a39Sopenharmony_ci } 2454e1051a39Sopenharmony_ci} 2455e1051a39Sopenharmony_ci 2456e1051a39Sopenharmony_cilong SSL_callback_ctrl(SSL *s, int cmd, void (*fp) (void)) 2457e1051a39Sopenharmony_ci{ 2458e1051a39Sopenharmony_ci switch (cmd) { 2459e1051a39Sopenharmony_ci case SSL_CTRL_SET_MSG_CALLBACK: 2460e1051a39Sopenharmony_ci s->msg_callback = (void (*) 2461e1051a39Sopenharmony_ci (int write_p, int version, int content_type, 2462e1051a39Sopenharmony_ci const void *buf, size_t len, SSL *ssl, 2463e1051a39Sopenharmony_ci void *arg))(fp); 2464e1051a39Sopenharmony_ci return 1; 2465e1051a39Sopenharmony_ci 2466e1051a39Sopenharmony_ci default: 2467e1051a39Sopenharmony_ci return s->method->ssl_callback_ctrl(s, cmd, fp); 2468e1051a39Sopenharmony_ci } 2469e1051a39Sopenharmony_ci} 2470e1051a39Sopenharmony_ci 2471e1051a39Sopenharmony_ciLHASH_OF(SSL_SESSION) *SSL_CTX_sessions(SSL_CTX *ctx) 2472e1051a39Sopenharmony_ci{ 2473e1051a39Sopenharmony_ci return ctx->sessions; 2474e1051a39Sopenharmony_ci} 2475e1051a39Sopenharmony_ci 2476e1051a39Sopenharmony_cistatic int ssl_tsan_load(SSL_CTX *ctx, TSAN_QUALIFIER int *stat) 2477e1051a39Sopenharmony_ci{ 2478e1051a39Sopenharmony_ci int res = 0; 2479e1051a39Sopenharmony_ci 2480e1051a39Sopenharmony_ci if (ssl_tsan_lock(ctx)) { 2481e1051a39Sopenharmony_ci res = tsan_load(stat); 2482e1051a39Sopenharmony_ci ssl_tsan_unlock(ctx); 2483e1051a39Sopenharmony_ci } 2484e1051a39Sopenharmony_ci return res; 2485e1051a39Sopenharmony_ci} 2486e1051a39Sopenharmony_ci 2487e1051a39Sopenharmony_cilong SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) 2488e1051a39Sopenharmony_ci{ 2489e1051a39Sopenharmony_ci long l; 2490e1051a39Sopenharmony_ci /* For some cases with ctx == NULL perform syntax checks */ 2491e1051a39Sopenharmony_ci if (ctx == NULL) { 2492e1051a39Sopenharmony_ci switch (cmd) { 2493e1051a39Sopenharmony_ci case SSL_CTRL_SET_GROUPS_LIST: 2494e1051a39Sopenharmony_ci return tls1_set_groups_list(ctx, NULL, NULL, parg); 2495e1051a39Sopenharmony_ci case SSL_CTRL_SET_SIGALGS_LIST: 2496e1051a39Sopenharmony_ci case SSL_CTRL_SET_CLIENT_SIGALGS_LIST: 2497e1051a39Sopenharmony_ci return tls1_set_sigalgs_list(NULL, parg, 0); 2498e1051a39Sopenharmony_ci default: 2499e1051a39Sopenharmony_ci return 0; 2500e1051a39Sopenharmony_ci } 2501e1051a39Sopenharmony_ci } 2502e1051a39Sopenharmony_ci 2503e1051a39Sopenharmony_ci switch (cmd) { 2504e1051a39Sopenharmony_ci case SSL_CTRL_GET_READ_AHEAD: 2505e1051a39Sopenharmony_ci return ctx->read_ahead; 2506e1051a39Sopenharmony_ci case SSL_CTRL_SET_READ_AHEAD: 2507e1051a39Sopenharmony_ci l = ctx->read_ahead; 2508e1051a39Sopenharmony_ci ctx->read_ahead = larg; 2509e1051a39Sopenharmony_ci return l; 2510e1051a39Sopenharmony_ci 2511e1051a39Sopenharmony_ci case SSL_CTRL_SET_MSG_CALLBACK_ARG: 2512e1051a39Sopenharmony_ci ctx->msg_callback_arg = parg; 2513e1051a39Sopenharmony_ci return 1; 2514e1051a39Sopenharmony_ci 2515e1051a39Sopenharmony_ci case SSL_CTRL_GET_MAX_CERT_LIST: 2516e1051a39Sopenharmony_ci return (long)ctx->max_cert_list; 2517e1051a39Sopenharmony_ci case SSL_CTRL_SET_MAX_CERT_LIST: 2518e1051a39Sopenharmony_ci if (larg < 0) 2519e1051a39Sopenharmony_ci return 0; 2520e1051a39Sopenharmony_ci l = (long)ctx->max_cert_list; 2521e1051a39Sopenharmony_ci ctx->max_cert_list = (size_t)larg; 2522e1051a39Sopenharmony_ci return l; 2523e1051a39Sopenharmony_ci 2524e1051a39Sopenharmony_ci case SSL_CTRL_SET_SESS_CACHE_SIZE: 2525e1051a39Sopenharmony_ci if (larg < 0) 2526e1051a39Sopenharmony_ci return 0; 2527e1051a39Sopenharmony_ci l = (long)ctx->session_cache_size; 2528e1051a39Sopenharmony_ci ctx->session_cache_size = (size_t)larg; 2529e1051a39Sopenharmony_ci return l; 2530e1051a39Sopenharmony_ci case SSL_CTRL_GET_SESS_CACHE_SIZE: 2531e1051a39Sopenharmony_ci return (long)ctx->session_cache_size; 2532e1051a39Sopenharmony_ci case SSL_CTRL_SET_SESS_CACHE_MODE: 2533e1051a39Sopenharmony_ci l = ctx->session_cache_mode; 2534e1051a39Sopenharmony_ci ctx->session_cache_mode = larg; 2535e1051a39Sopenharmony_ci return l; 2536e1051a39Sopenharmony_ci case SSL_CTRL_GET_SESS_CACHE_MODE: 2537e1051a39Sopenharmony_ci return ctx->session_cache_mode; 2538e1051a39Sopenharmony_ci 2539e1051a39Sopenharmony_ci case SSL_CTRL_SESS_NUMBER: 2540e1051a39Sopenharmony_ci return lh_SSL_SESSION_num_items(ctx->sessions); 2541e1051a39Sopenharmony_ci case SSL_CTRL_SESS_CONNECT: 2542e1051a39Sopenharmony_ci return ssl_tsan_load(ctx, &ctx->stats.sess_connect); 2543e1051a39Sopenharmony_ci case SSL_CTRL_SESS_CONNECT_GOOD: 2544e1051a39Sopenharmony_ci return ssl_tsan_load(ctx, &ctx->stats.sess_connect_good); 2545e1051a39Sopenharmony_ci case SSL_CTRL_SESS_CONNECT_RENEGOTIATE: 2546e1051a39Sopenharmony_ci return ssl_tsan_load(ctx, &ctx->stats.sess_connect_renegotiate); 2547e1051a39Sopenharmony_ci case SSL_CTRL_SESS_ACCEPT: 2548e1051a39Sopenharmony_ci return ssl_tsan_load(ctx, &ctx->stats.sess_accept); 2549e1051a39Sopenharmony_ci case SSL_CTRL_SESS_ACCEPT_GOOD: 2550e1051a39Sopenharmony_ci return ssl_tsan_load(ctx, &ctx->stats.sess_accept_good); 2551e1051a39Sopenharmony_ci case SSL_CTRL_SESS_ACCEPT_RENEGOTIATE: 2552e1051a39Sopenharmony_ci return ssl_tsan_load(ctx, &ctx->stats.sess_accept_renegotiate); 2553e1051a39Sopenharmony_ci case SSL_CTRL_SESS_HIT: 2554e1051a39Sopenharmony_ci return ssl_tsan_load(ctx, &ctx->stats.sess_hit); 2555e1051a39Sopenharmony_ci case SSL_CTRL_SESS_CB_HIT: 2556e1051a39Sopenharmony_ci return ssl_tsan_load(ctx, &ctx->stats.sess_cb_hit); 2557e1051a39Sopenharmony_ci case SSL_CTRL_SESS_MISSES: 2558e1051a39Sopenharmony_ci return ssl_tsan_load(ctx, &ctx->stats.sess_miss); 2559e1051a39Sopenharmony_ci case SSL_CTRL_SESS_TIMEOUTS: 2560e1051a39Sopenharmony_ci return ssl_tsan_load(ctx, &ctx->stats.sess_timeout); 2561e1051a39Sopenharmony_ci case SSL_CTRL_SESS_CACHE_FULL: 2562e1051a39Sopenharmony_ci return ssl_tsan_load(ctx, &ctx->stats.sess_cache_full); 2563e1051a39Sopenharmony_ci case SSL_CTRL_MODE: 2564e1051a39Sopenharmony_ci return (ctx->mode |= larg); 2565e1051a39Sopenharmony_ci case SSL_CTRL_CLEAR_MODE: 2566e1051a39Sopenharmony_ci return (ctx->mode &= ~larg); 2567e1051a39Sopenharmony_ci case SSL_CTRL_SET_MAX_SEND_FRAGMENT: 2568e1051a39Sopenharmony_ci if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH) 2569e1051a39Sopenharmony_ci return 0; 2570e1051a39Sopenharmony_ci ctx->max_send_fragment = larg; 2571e1051a39Sopenharmony_ci if (ctx->max_send_fragment < ctx->split_send_fragment) 2572e1051a39Sopenharmony_ci ctx->split_send_fragment = ctx->max_send_fragment; 2573e1051a39Sopenharmony_ci return 1; 2574e1051a39Sopenharmony_ci case SSL_CTRL_SET_SPLIT_SEND_FRAGMENT: 2575e1051a39Sopenharmony_ci if ((size_t)larg > ctx->max_send_fragment || larg == 0) 2576e1051a39Sopenharmony_ci return 0; 2577e1051a39Sopenharmony_ci ctx->split_send_fragment = larg; 2578e1051a39Sopenharmony_ci return 1; 2579e1051a39Sopenharmony_ci case SSL_CTRL_SET_MAX_PIPELINES: 2580e1051a39Sopenharmony_ci if (larg < 1 || larg > SSL_MAX_PIPELINES) 2581e1051a39Sopenharmony_ci return 0; 2582e1051a39Sopenharmony_ci ctx->max_pipelines = larg; 2583e1051a39Sopenharmony_ci return 1; 2584e1051a39Sopenharmony_ci case SSL_CTRL_CERT_FLAGS: 2585e1051a39Sopenharmony_ci return (ctx->cert->cert_flags |= larg); 2586e1051a39Sopenharmony_ci case SSL_CTRL_CLEAR_CERT_FLAGS: 2587e1051a39Sopenharmony_ci return (ctx->cert->cert_flags &= ~larg); 2588e1051a39Sopenharmony_ci case SSL_CTRL_SET_MIN_PROTO_VERSION: 2589e1051a39Sopenharmony_ci return ssl_check_allowed_versions(larg, ctx->max_proto_version) 2590e1051a39Sopenharmony_ci && ssl_set_version_bound(ctx->method->version, (int)larg, 2591e1051a39Sopenharmony_ci &ctx->min_proto_version); 2592e1051a39Sopenharmony_ci case SSL_CTRL_GET_MIN_PROTO_VERSION: 2593e1051a39Sopenharmony_ci return ctx->min_proto_version; 2594e1051a39Sopenharmony_ci case SSL_CTRL_SET_MAX_PROTO_VERSION: 2595e1051a39Sopenharmony_ci return ssl_check_allowed_versions(ctx->min_proto_version, larg) 2596e1051a39Sopenharmony_ci && ssl_set_version_bound(ctx->method->version, (int)larg, 2597e1051a39Sopenharmony_ci &ctx->max_proto_version); 2598e1051a39Sopenharmony_ci case SSL_CTRL_GET_MAX_PROTO_VERSION: 2599e1051a39Sopenharmony_ci return ctx->max_proto_version; 2600e1051a39Sopenharmony_ci default: 2601e1051a39Sopenharmony_ci return ctx->method->ssl_ctx_ctrl(ctx, cmd, larg, parg); 2602e1051a39Sopenharmony_ci } 2603e1051a39Sopenharmony_ci} 2604e1051a39Sopenharmony_ci 2605e1051a39Sopenharmony_cilong SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void)) 2606e1051a39Sopenharmony_ci{ 2607e1051a39Sopenharmony_ci switch (cmd) { 2608e1051a39Sopenharmony_ci case SSL_CTRL_SET_MSG_CALLBACK: 2609e1051a39Sopenharmony_ci ctx->msg_callback = (void (*) 2610e1051a39Sopenharmony_ci (int write_p, int version, int content_type, 2611e1051a39Sopenharmony_ci const void *buf, size_t len, SSL *ssl, 2612e1051a39Sopenharmony_ci void *arg))(fp); 2613e1051a39Sopenharmony_ci return 1; 2614e1051a39Sopenharmony_ci 2615e1051a39Sopenharmony_ci default: 2616e1051a39Sopenharmony_ci return ctx->method->ssl_ctx_callback_ctrl(ctx, cmd, fp); 2617e1051a39Sopenharmony_ci } 2618e1051a39Sopenharmony_ci} 2619e1051a39Sopenharmony_ci 2620e1051a39Sopenharmony_ciint ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b) 2621e1051a39Sopenharmony_ci{ 2622e1051a39Sopenharmony_ci if (a->id > b->id) 2623e1051a39Sopenharmony_ci return 1; 2624e1051a39Sopenharmony_ci if (a->id < b->id) 2625e1051a39Sopenharmony_ci return -1; 2626e1051a39Sopenharmony_ci return 0; 2627e1051a39Sopenharmony_ci} 2628e1051a39Sopenharmony_ci 2629e1051a39Sopenharmony_ciint ssl_cipher_ptr_id_cmp(const SSL_CIPHER *const *ap, 2630e1051a39Sopenharmony_ci const SSL_CIPHER *const *bp) 2631e1051a39Sopenharmony_ci{ 2632e1051a39Sopenharmony_ci if ((*ap)->id > (*bp)->id) 2633e1051a39Sopenharmony_ci return 1; 2634e1051a39Sopenharmony_ci if ((*ap)->id < (*bp)->id) 2635e1051a39Sopenharmony_ci return -1; 2636e1051a39Sopenharmony_ci return 0; 2637e1051a39Sopenharmony_ci} 2638e1051a39Sopenharmony_ci 2639e1051a39Sopenharmony_ci/** return a STACK of the ciphers available for the SSL and in order of 2640e1051a39Sopenharmony_ci * preference */ 2641e1051a39Sopenharmony_ciSTACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s) 2642e1051a39Sopenharmony_ci{ 2643e1051a39Sopenharmony_ci if (s != NULL) { 2644e1051a39Sopenharmony_ci if (s->cipher_list != NULL) { 2645e1051a39Sopenharmony_ci return s->cipher_list; 2646e1051a39Sopenharmony_ci } else if ((s->ctx != NULL) && (s->ctx->cipher_list != NULL)) { 2647e1051a39Sopenharmony_ci return s->ctx->cipher_list; 2648e1051a39Sopenharmony_ci } 2649e1051a39Sopenharmony_ci } 2650e1051a39Sopenharmony_ci return NULL; 2651e1051a39Sopenharmony_ci} 2652e1051a39Sopenharmony_ci 2653e1051a39Sopenharmony_ciSTACK_OF(SSL_CIPHER) *SSL_get_client_ciphers(const SSL *s) 2654e1051a39Sopenharmony_ci{ 2655e1051a39Sopenharmony_ci if ((s == NULL) || !s->server) 2656e1051a39Sopenharmony_ci return NULL; 2657e1051a39Sopenharmony_ci return s->peer_ciphers; 2658e1051a39Sopenharmony_ci} 2659e1051a39Sopenharmony_ci 2660e1051a39Sopenharmony_ciSTACK_OF(SSL_CIPHER) *SSL_get1_supported_ciphers(SSL *s) 2661e1051a39Sopenharmony_ci{ 2662e1051a39Sopenharmony_ci STACK_OF(SSL_CIPHER) *sk = NULL, *ciphers; 2663e1051a39Sopenharmony_ci int i; 2664e1051a39Sopenharmony_ci 2665e1051a39Sopenharmony_ci ciphers = SSL_get_ciphers(s); 2666e1051a39Sopenharmony_ci if (!ciphers) 2667e1051a39Sopenharmony_ci return NULL; 2668e1051a39Sopenharmony_ci if (!ssl_set_client_disabled(s)) 2669e1051a39Sopenharmony_ci return NULL; 2670e1051a39Sopenharmony_ci for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) { 2671e1051a39Sopenharmony_ci const SSL_CIPHER *c = sk_SSL_CIPHER_value(ciphers, i); 2672e1051a39Sopenharmony_ci if (!ssl_cipher_disabled(s, c, SSL_SECOP_CIPHER_SUPPORTED, 0)) { 2673e1051a39Sopenharmony_ci if (!sk) 2674e1051a39Sopenharmony_ci sk = sk_SSL_CIPHER_new_null(); 2675e1051a39Sopenharmony_ci if (!sk) 2676e1051a39Sopenharmony_ci return NULL; 2677e1051a39Sopenharmony_ci if (!sk_SSL_CIPHER_push(sk, c)) { 2678e1051a39Sopenharmony_ci sk_SSL_CIPHER_free(sk); 2679e1051a39Sopenharmony_ci return NULL; 2680e1051a39Sopenharmony_ci } 2681e1051a39Sopenharmony_ci } 2682e1051a39Sopenharmony_ci } 2683e1051a39Sopenharmony_ci return sk; 2684e1051a39Sopenharmony_ci} 2685e1051a39Sopenharmony_ci 2686e1051a39Sopenharmony_ci/** return a STACK of the ciphers available for the SSL and in order of 2687e1051a39Sopenharmony_ci * algorithm id */ 2688e1051a39Sopenharmony_ciSTACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s) 2689e1051a39Sopenharmony_ci{ 2690e1051a39Sopenharmony_ci if (s != NULL) { 2691e1051a39Sopenharmony_ci if (s->cipher_list_by_id != NULL) { 2692e1051a39Sopenharmony_ci return s->cipher_list_by_id; 2693e1051a39Sopenharmony_ci } else if ((s->ctx != NULL) && (s->ctx->cipher_list_by_id != NULL)) { 2694e1051a39Sopenharmony_ci return s->ctx->cipher_list_by_id; 2695e1051a39Sopenharmony_ci } 2696e1051a39Sopenharmony_ci } 2697e1051a39Sopenharmony_ci return NULL; 2698e1051a39Sopenharmony_ci} 2699e1051a39Sopenharmony_ci 2700e1051a39Sopenharmony_ci/** The old interface to get the same thing as SSL_get_ciphers() */ 2701e1051a39Sopenharmony_ciconst char *SSL_get_cipher_list(const SSL *s, int n) 2702e1051a39Sopenharmony_ci{ 2703e1051a39Sopenharmony_ci const SSL_CIPHER *c; 2704e1051a39Sopenharmony_ci STACK_OF(SSL_CIPHER) *sk; 2705e1051a39Sopenharmony_ci 2706e1051a39Sopenharmony_ci if (s == NULL) 2707e1051a39Sopenharmony_ci return NULL; 2708e1051a39Sopenharmony_ci sk = SSL_get_ciphers(s); 2709e1051a39Sopenharmony_ci if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= n)) 2710e1051a39Sopenharmony_ci return NULL; 2711e1051a39Sopenharmony_ci c = sk_SSL_CIPHER_value(sk, n); 2712e1051a39Sopenharmony_ci if (c == NULL) 2713e1051a39Sopenharmony_ci return NULL; 2714e1051a39Sopenharmony_ci return c->name; 2715e1051a39Sopenharmony_ci} 2716e1051a39Sopenharmony_ci 2717e1051a39Sopenharmony_ci/** return a STACK of the ciphers available for the SSL_CTX and in order of 2718e1051a39Sopenharmony_ci * preference */ 2719e1051a39Sopenharmony_ciSTACK_OF(SSL_CIPHER) *SSL_CTX_get_ciphers(const SSL_CTX *ctx) 2720e1051a39Sopenharmony_ci{ 2721e1051a39Sopenharmony_ci if (ctx != NULL) 2722e1051a39Sopenharmony_ci return ctx->cipher_list; 2723e1051a39Sopenharmony_ci return NULL; 2724e1051a39Sopenharmony_ci} 2725e1051a39Sopenharmony_ci 2726e1051a39Sopenharmony_ci/* 2727e1051a39Sopenharmony_ci * Distinguish between ciphers controlled by set_ciphersuite() and 2728e1051a39Sopenharmony_ci * set_cipher_list() when counting. 2729e1051a39Sopenharmony_ci */ 2730e1051a39Sopenharmony_cistatic int cipher_list_tls12_num(STACK_OF(SSL_CIPHER) *sk) 2731e1051a39Sopenharmony_ci{ 2732e1051a39Sopenharmony_ci int i, num = 0; 2733e1051a39Sopenharmony_ci const SSL_CIPHER *c; 2734e1051a39Sopenharmony_ci 2735e1051a39Sopenharmony_ci if (sk == NULL) 2736e1051a39Sopenharmony_ci return 0; 2737e1051a39Sopenharmony_ci for (i = 0; i < sk_SSL_CIPHER_num(sk); ++i) { 2738e1051a39Sopenharmony_ci c = sk_SSL_CIPHER_value(sk, i); 2739e1051a39Sopenharmony_ci if (c->min_tls >= TLS1_3_VERSION) 2740e1051a39Sopenharmony_ci continue; 2741e1051a39Sopenharmony_ci num++; 2742e1051a39Sopenharmony_ci } 2743e1051a39Sopenharmony_ci return num; 2744e1051a39Sopenharmony_ci} 2745e1051a39Sopenharmony_ci 2746e1051a39Sopenharmony_ci/** specify the ciphers to be used by default by the SSL_CTX */ 2747e1051a39Sopenharmony_ciint SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str) 2748e1051a39Sopenharmony_ci{ 2749e1051a39Sopenharmony_ci STACK_OF(SSL_CIPHER) *sk; 2750e1051a39Sopenharmony_ci 2751e1051a39Sopenharmony_ci sk = ssl_create_cipher_list(ctx, ctx->tls13_ciphersuites, 2752e1051a39Sopenharmony_ci &ctx->cipher_list, &ctx->cipher_list_by_id, str, 2753e1051a39Sopenharmony_ci ctx->cert); 2754e1051a39Sopenharmony_ci /* 2755e1051a39Sopenharmony_ci * ssl_create_cipher_list may return an empty stack if it was unable to 2756e1051a39Sopenharmony_ci * find a cipher matching the given rule string (for example if the rule 2757e1051a39Sopenharmony_ci * string specifies a cipher which has been disabled). This is not an 2758e1051a39Sopenharmony_ci * error as far as ssl_create_cipher_list is concerned, and hence 2759e1051a39Sopenharmony_ci * ctx->cipher_list and ctx->cipher_list_by_id has been updated. 2760e1051a39Sopenharmony_ci */ 2761e1051a39Sopenharmony_ci if (sk == NULL) 2762e1051a39Sopenharmony_ci return 0; 2763e1051a39Sopenharmony_ci else if (cipher_list_tls12_num(sk) == 0) { 2764e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_NO_CIPHER_MATCH); 2765e1051a39Sopenharmony_ci return 0; 2766e1051a39Sopenharmony_ci } 2767e1051a39Sopenharmony_ci return 1; 2768e1051a39Sopenharmony_ci} 2769e1051a39Sopenharmony_ci 2770e1051a39Sopenharmony_ci/** specify the ciphers to be used by the SSL */ 2771e1051a39Sopenharmony_ciint SSL_set_cipher_list(SSL *s, const char *str) 2772e1051a39Sopenharmony_ci{ 2773e1051a39Sopenharmony_ci STACK_OF(SSL_CIPHER) *sk; 2774e1051a39Sopenharmony_ci 2775e1051a39Sopenharmony_ci sk = ssl_create_cipher_list(s->ctx, s->tls13_ciphersuites, 2776e1051a39Sopenharmony_ci &s->cipher_list, &s->cipher_list_by_id, str, 2777e1051a39Sopenharmony_ci s->cert); 2778e1051a39Sopenharmony_ci /* see comment in SSL_CTX_set_cipher_list */ 2779e1051a39Sopenharmony_ci if (sk == NULL) 2780e1051a39Sopenharmony_ci return 0; 2781e1051a39Sopenharmony_ci else if (cipher_list_tls12_num(sk) == 0) { 2782e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_NO_CIPHER_MATCH); 2783e1051a39Sopenharmony_ci return 0; 2784e1051a39Sopenharmony_ci } 2785e1051a39Sopenharmony_ci return 1; 2786e1051a39Sopenharmony_ci} 2787e1051a39Sopenharmony_ci 2788e1051a39Sopenharmony_cichar *SSL_get_shared_ciphers(const SSL *s, char *buf, int size) 2789e1051a39Sopenharmony_ci{ 2790e1051a39Sopenharmony_ci char *p; 2791e1051a39Sopenharmony_ci STACK_OF(SSL_CIPHER) *clntsk, *srvrsk; 2792e1051a39Sopenharmony_ci const SSL_CIPHER *c; 2793e1051a39Sopenharmony_ci int i; 2794e1051a39Sopenharmony_ci 2795e1051a39Sopenharmony_ci if (!s->server 2796e1051a39Sopenharmony_ci || s->peer_ciphers == NULL 2797e1051a39Sopenharmony_ci || size < 2) 2798e1051a39Sopenharmony_ci return NULL; 2799e1051a39Sopenharmony_ci 2800e1051a39Sopenharmony_ci p = buf; 2801e1051a39Sopenharmony_ci clntsk = s->peer_ciphers; 2802e1051a39Sopenharmony_ci srvrsk = SSL_get_ciphers(s); 2803e1051a39Sopenharmony_ci if (clntsk == NULL || srvrsk == NULL) 2804e1051a39Sopenharmony_ci return NULL; 2805e1051a39Sopenharmony_ci 2806e1051a39Sopenharmony_ci if (sk_SSL_CIPHER_num(clntsk) == 0 || sk_SSL_CIPHER_num(srvrsk) == 0) 2807e1051a39Sopenharmony_ci return NULL; 2808e1051a39Sopenharmony_ci 2809e1051a39Sopenharmony_ci for (i = 0; i < sk_SSL_CIPHER_num(clntsk); i++) { 2810e1051a39Sopenharmony_ci int n; 2811e1051a39Sopenharmony_ci 2812e1051a39Sopenharmony_ci c = sk_SSL_CIPHER_value(clntsk, i); 2813e1051a39Sopenharmony_ci if (sk_SSL_CIPHER_find(srvrsk, c) < 0) 2814e1051a39Sopenharmony_ci continue; 2815e1051a39Sopenharmony_ci 2816e1051a39Sopenharmony_ci n = strlen(c->name); 2817e1051a39Sopenharmony_ci if (n + 1 > size) { 2818e1051a39Sopenharmony_ci if (p != buf) 2819e1051a39Sopenharmony_ci --p; 2820e1051a39Sopenharmony_ci *p = '\0'; 2821e1051a39Sopenharmony_ci return buf; 2822e1051a39Sopenharmony_ci } 2823e1051a39Sopenharmony_ci strcpy(p, c->name); 2824e1051a39Sopenharmony_ci p += n; 2825e1051a39Sopenharmony_ci *(p++) = ':'; 2826e1051a39Sopenharmony_ci size -= n + 1; 2827e1051a39Sopenharmony_ci } 2828e1051a39Sopenharmony_ci p[-1] = '\0'; 2829e1051a39Sopenharmony_ci return buf; 2830e1051a39Sopenharmony_ci} 2831e1051a39Sopenharmony_ci 2832e1051a39Sopenharmony_ci/** 2833e1051a39Sopenharmony_ci * Return the requested servername (SNI) value. Note that the behaviour varies 2834e1051a39Sopenharmony_ci * depending on: 2835e1051a39Sopenharmony_ci * - whether this is called by the client or the server, 2836e1051a39Sopenharmony_ci * - if we are before or during/after the handshake, 2837e1051a39Sopenharmony_ci * - if a resumption or normal handshake is being attempted/has occurred 2838e1051a39Sopenharmony_ci * - whether we have negotiated TLSv1.2 (or below) or TLSv1.3 2839e1051a39Sopenharmony_ci * 2840e1051a39Sopenharmony_ci * Note that only the host_name type is defined (RFC 3546). 2841e1051a39Sopenharmony_ci */ 2842e1051a39Sopenharmony_ciconst char *SSL_get_servername(const SSL *s, const int type) 2843e1051a39Sopenharmony_ci{ 2844e1051a39Sopenharmony_ci /* 2845e1051a39Sopenharmony_ci * If we don't know if we are the client or the server yet then we assume 2846e1051a39Sopenharmony_ci * client. 2847e1051a39Sopenharmony_ci */ 2848e1051a39Sopenharmony_ci int server = s->handshake_func == NULL ? 0 : s->server; 2849e1051a39Sopenharmony_ci if (type != TLSEXT_NAMETYPE_host_name) 2850e1051a39Sopenharmony_ci return NULL; 2851e1051a39Sopenharmony_ci 2852e1051a39Sopenharmony_ci if (server) { 2853e1051a39Sopenharmony_ci /** 2854e1051a39Sopenharmony_ci * Server side 2855e1051a39Sopenharmony_ci * In TLSv1.3 on the server SNI is not associated with the session 2856e1051a39Sopenharmony_ci * but in TLSv1.2 or below it is. 2857e1051a39Sopenharmony_ci * 2858e1051a39Sopenharmony_ci * Before the handshake: 2859e1051a39Sopenharmony_ci * - return NULL 2860e1051a39Sopenharmony_ci * 2861e1051a39Sopenharmony_ci * During/after the handshake (TLSv1.2 or below resumption occurred): 2862e1051a39Sopenharmony_ci * - If a servername was accepted by the server in the original 2863e1051a39Sopenharmony_ci * handshake then it will return that servername, or NULL otherwise. 2864e1051a39Sopenharmony_ci * 2865e1051a39Sopenharmony_ci * During/after the handshake (TLSv1.2 or below resumption did not occur): 2866e1051a39Sopenharmony_ci * - The function will return the servername requested by the client in 2867e1051a39Sopenharmony_ci * this handshake or NULL if none was requested. 2868e1051a39Sopenharmony_ci */ 2869e1051a39Sopenharmony_ci if (s->hit && !SSL_IS_TLS13(s)) 2870e1051a39Sopenharmony_ci return s->session->ext.hostname; 2871e1051a39Sopenharmony_ci } else { 2872e1051a39Sopenharmony_ci /** 2873e1051a39Sopenharmony_ci * Client side 2874e1051a39Sopenharmony_ci * 2875e1051a39Sopenharmony_ci * Before the handshake: 2876e1051a39Sopenharmony_ci * - If a servername has been set via a call to 2877e1051a39Sopenharmony_ci * SSL_set_tlsext_host_name() then it will return that servername 2878e1051a39Sopenharmony_ci * - If one has not been set, but a TLSv1.2 resumption is being 2879e1051a39Sopenharmony_ci * attempted and the session from the original handshake had a 2880e1051a39Sopenharmony_ci * servername accepted by the server then it will return that 2881e1051a39Sopenharmony_ci * servername 2882e1051a39Sopenharmony_ci * - Otherwise it returns NULL 2883e1051a39Sopenharmony_ci * 2884e1051a39Sopenharmony_ci * During/after the handshake (TLSv1.2 or below resumption occurred): 2885e1051a39Sopenharmony_ci * - If the session from the original handshake had a servername accepted 2886e1051a39Sopenharmony_ci * by the server then it will return that servername. 2887e1051a39Sopenharmony_ci * - Otherwise it returns the servername set via 2888e1051a39Sopenharmony_ci * SSL_set_tlsext_host_name() (or NULL if it was not called). 2889e1051a39Sopenharmony_ci * 2890e1051a39Sopenharmony_ci * During/after the handshake (TLSv1.2 or below resumption did not occur): 2891e1051a39Sopenharmony_ci * - It will return the servername set via SSL_set_tlsext_host_name() 2892e1051a39Sopenharmony_ci * (or NULL if it was not called). 2893e1051a39Sopenharmony_ci */ 2894e1051a39Sopenharmony_ci if (SSL_in_before(s)) { 2895e1051a39Sopenharmony_ci if (s->ext.hostname == NULL 2896e1051a39Sopenharmony_ci && s->session != NULL 2897e1051a39Sopenharmony_ci && s->session->ssl_version != TLS1_3_VERSION) 2898e1051a39Sopenharmony_ci return s->session->ext.hostname; 2899e1051a39Sopenharmony_ci } else { 2900e1051a39Sopenharmony_ci if (!SSL_IS_TLS13(s) && s->hit && s->session->ext.hostname != NULL) 2901e1051a39Sopenharmony_ci return s->session->ext.hostname; 2902e1051a39Sopenharmony_ci } 2903e1051a39Sopenharmony_ci } 2904e1051a39Sopenharmony_ci 2905e1051a39Sopenharmony_ci return s->ext.hostname; 2906e1051a39Sopenharmony_ci} 2907e1051a39Sopenharmony_ci 2908e1051a39Sopenharmony_ciint SSL_get_servername_type(const SSL *s) 2909e1051a39Sopenharmony_ci{ 2910e1051a39Sopenharmony_ci if (SSL_get_servername(s, TLSEXT_NAMETYPE_host_name) != NULL) 2911e1051a39Sopenharmony_ci return TLSEXT_NAMETYPE_host_name; 2912e1051a39Sopenharmony_ci return -1; 2913e1051a39Sopenharmony_ci} 2914e1051a39Sopenharmony_ci 2915e1051a39Sopenharmony_ci/* 2916e1051a39Sopenharmony_ci * SSL_select_next_proto implements the standard protocol selection. It is 2917e1051a39Sopenharmony_ci * expected that this function is called from the callback set by 2918e1051a39Sopenharmony_ci * SSL_CTX_set_next_proto_select_cb. The protocol data is assumed to be a 2919e1051a39Sopenharmony_ci * vector of 8-bit, length prefixed byte strings. The length byte itself is 2920e1051a39Sopenharmony_ci * not included in the length. A byte string of length 0 is invalid. No byte 2921e1051a39Sopenharmony_ci * string may be truncated. The current, but experimental algorithm for 2922e1051a39Sopenharmony_ci * selecting the protocol is: 1) If the server doesn't support NPN then this 2923e1051a39Sopenharmony_ci * is indicated to the callback. In this case, the client application has to 2924e1051a39Sopenharmony_ci * abort the connection or have a default application level protocol. 2) If 2925e1051a39Sopenharmony_ci * the server supports NPN, but advertises an empty list then the client 2926e1051a39Sopenharmony_ci * selects the first protocol in its list, but indicates via the API that this 2927e1051a39Sopenharmony_ci * fallback case was enacted. 3) Otherwise, the client finds the first 2928e1051a39Sopenharmony_ci * protocol in the server's list that it supports and selects this protocol. 2929e1051a39Sopenharmony_ci * This is because it's assumed that the server has better information about 2930e1051a39Sopenharmony_ci * which protocol a client should use. 4) If the client doesn't support any 2931e1051a39Sopenharmony_ci * of the server's advertised protocols, then this is treated the same as 2932e1051a39Sopenharmony_ci * case 2. It returns either OPENSSL_NPN_NEGOTIATED if a common protocol was 2933e1051a39Sopenharmony_ci * found, or OPENSSL_NPN_NO_OVERLAP if the fallback case was reached. 2934e1051a39Sopenharmony_ci */ 2935e1051a39Sopenharmony_ciint SSL_select_next_proto(unsigned char **out, unsigned char *outlen, 2936e1051a39Sopenharmony_ci const unsigned char *server, 2937e1051a39Sopenharmony_ci unsigned int server_len, 2938e1051a39Sopenharmony_ci const unsigned char *client, unsigned int client_len) 2939e1051a39Sopenharmony_ci{ 2940e1051a39Sopenharmony_ci PACKET cpkt, csubpkt, spkt, ssubpkt; 2941e1051a39Sopenharmony_ci 2942e1051a39Sopenharmony_ci if (!PACKET_buf_init(&cpkt, client, client_len) 2943e1051a39Sopenharmony_ci || !PACKET_get_length_prefixed_1(&cpkt, &csubpkt) 2944e1051a39Sopenharmony_ci || PACKET_remaining(&csubpkt) == 0) { 2945e1051a39Sopenharmony_ci *out = NULL; 2946e1051a39Sopenharmony_ci *outlen = 0; 2947e1051a39Sopenharmony_ci return OPENSSL_NPN_NO_OVERLAP; 2948e1051a39Sopenharmony_ci } 2949e1051a39Sopenharmony_ci 2950e1051a39Sopenharmony_ci /* 2951e1051a39Sopenharmony_ci * Set the default opportunistic protocol. Will be overwritten if we find 2952e1051a39Sopenharmony_ci * a match. 2953e1051a39Sopenharmony_ci */ 2954e1051a39Sopenharmony_ci *out = (unsigned char *)PACKET_data(&csubpkt); 2955e1051a39Sopenharmony_ci *outlen = (unsigned char)PACKET_remaining(&csubpkt); 2956e1051a39Sopenharmony_ci 2957e1051a39Sopenharmony_ci /* 2958e1051a39Sopenharmony_ci * For each protocol in server preference order, see if we support it. 2959e1051a39Sopenharmony_ci */ 2960e1051a39Sopenharmony_ci if (PACKET_buf_init(&spkt, server, server_len)) { 2961e1051a39Sopenharmony_ci while (PACKET_get_length_prefixed_1(&spkt, &ssubpkt)) { 2962e1051a39Sopenharmony_ci if (PACKET_remaining(&ssubpkt) == 0) 2963e1051a39Sopenharmony_ci continue; /* Invalid - ignore it */ 2964e1051a39Sopenharmony_ci if (PACKET_buf_init(&cpkt, client, client_len)) { 2965e1051a39Sopenharmony_ci while (PACKET_get_length_prefixed_1(&cpkt, &csubpkt)) { 2966e1051a39Sopenharmony_ci if (PACKET_equal(&csubpkt, PACKET_data(&ssubpkt), 2967e1051a39Sopenharmony_ci PACKET_remaining(&ssubpkt))) { 2968e1051a39Sopenharmony_ci /* We found a match */ 2969e1051a39Sopenharmony_ci *out = (unsigned char *)PACKET_data(&ssubpkt); 2970e1051a39Sopenharmony_ci *outlen = (unsigned char)PACKET_remaining(&ssubpkt); 2971e1051a39Sopenharmony_ci return OPENSSL_NPN_NEGOTIATED; 2972e1051a39Sopenharmony_ci } 2973e1051a39Sopenharmony_ci } 2974e1051a39Sopenharmony_ci /* Ignore spurious trailing bytes in the client list */ 2975e1051a39Sopenharmony_ci } else { 2976e1051a39Sopenharmony_ci /* This should never happen */ 2977e1051a39Sopenharmony_ci return OPENSSL_NPN_NO_OVERLAP; 2978e1051a39Sopenharmony_ci } 2979e1051a39Sopenharmony_ci } 2980e1051a39Sopenharmony_ci /* Ignore spurious trailing bytes in the server list */ 2981e1051a39Sopenharmony_ci } 2982e1051a39Sopenharmony_ci 2983e1051a39Sopenharmony_ci /* 2984e1051a39Sopenharmony_ci * There's no overlap between our protocols and the server's list. We use 2985e1051a39Sopenharmony_ci * the default opportunistic protocol selected earlier 2986e1051a39Sopenharmony_ci */ 2987e1051a39Sopenharmony_ci return OPENSSL_NPN_NO_OVERLAP; 2988e1051a39Sopenharmony_ci} 2989e1051a39Sopenharmony_ci 2990e1051a39Sopenharmony_ci#ifndef OPENSSL_NO_NEXTPROTONEG 2991e1051a39Sopenharmony_ci/* 2992e1051a39Sopenharmony_ci * SSL_get0_next_proto_negotiated sets *data and *len to point to the 2993e1051a39Sopenharmony_ci * client's requested protocol for this connection and returns 0. If the 2994e1051a39Sopenharmony_ci * client didn't request any protocol, then *data is set to NULL. Note that 2995e1051a39Sopenharmony_ci * the client can request any protocol it chooses. The value returned from 2996e1051a39Sopenharmony_ci * this function need not be a member of the list of supported protocols 2997e1051a39Sopenharmony_ci * provided by the callback. 2998e1051a39Sopenharmony_ci */ 2999e1051a39Sopenharmony_civoid SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data, 3000e1051a39Sopenharmony_ci unsigned *len) 3001e1051a39Sopenharmony_ci{ 3002e1051a39Sopenharmony_ci *data = s->ext.npn; 3003e1051a39Sopenharmony_ci if (*data == NULL) { 3004e1051a39Sopenharmony_ci *len = 0; 3005e1051a39Sopenharmony_ci } else { 3006e1051a39Sopenharmony_ci *len = (unsigned int)s->ext.npn_len; 3007e1051a39Sopenharmony_ci } 3008e1051a39Sopenharmony_ci} 3009e1051a39Sopenharmony_ci 3010e1051a39Sopenharmony_ci/* 3011e1051a39Sopenharmony_ci * SSL_CTX_set_npn_advertised_cb sets a callback that is called when 3012e1051a39Sopenharmony_ci * a TLS server needs a list of supported protocols for Next Protocol 3013e1051a39Sopenharmony_ci * Negotiation. The returned list must be in wire format. The list is 3014e1051a39Sopenharmony_ci * returned by setting |out| to point to it and |outlen| to its length. This 3015e1051a39Sopenharmony_ci * memory will not be modified, but one should assume that the SSL* keeps a 3016e1051a39Sopenharmony_ci * reference to it. The callback should return SSL_TLSEXT_ERR_OK if it 3017e1051a39Sopenharmony_ci * wishes to advertise. Otherwise, no such extension will be included in the 3018e1051a39Sopenharmony_ci * ServerHello. 3019e1051a39Sopenharmony_ci */ 3020e1051a39Sopenharmony_civoid SSL_CTX_set_npn_advertised_cb(SSL_CTX *ctx, 3021e1051a39Sopenharmony_ci SSL_CTX_npn_advertised_cb_func cb, 3022e1051a39Sopenharmony_ci void *arg) 3023e1051a39Sopenharmony_ci{ 3024e1051a39Sopenharmony_ci ctx->ext.npn_advertised_cb = cb; 3025e1051a39Sopenharmony_ci ctx->ext.npn_advertised_cb_arg = arg; 3026e1051a39Sopenharmony_ci} 3027e1051a39Sopenharmony_ci 3028e1051a39Sopenharmony_ci/* 3029e1051a39Sopenharmony_ci * SSL_CTX_set_next_proto_select_cb sets a callback that is called when a 3030e1051a39Sopenharmony_ci * client needs to select a protocol from the server's provided list. |out| 3031e1051a39Sopenharmony_ci * must be set to point to the selected protocol (which may be within |in|). 3032e1051a39Sopenharmony_ci * The length of the protocol name must be written into |outlen|. The 3033e1051a39Sopenharmony_ci * server's advertised protocols are provided in |in| and |inlen|. The 3034e1051a39Sopenharmony_ci * callback can assume that |in| is syntactically valid. The client must 3035e1051a39Sopenharmony_ci * select a protocol. It is fatal to the connection if this callback returns 3036e1051a39Sopenharmony_ci * a value other than SSL_TLSEXT_ERR_OK. 3037e1051a39Sopenharmony_ci */ 3038e1051a39Sopenharmony_civoid SSL_CTX_set_npn_select_cb(SSL_CTX *ctx, 3039e1051a39Sopenharmony_ci SSL_CTX_npn_select_cb_func cb, 3040e1051a39Sopenharmony_ci void *arg) 3041e1051a39Sopenharmony_ci{ 3042e1051a39Sopenharmony_ci ctx->ext.npn_select_cb = cb; 3043e1051a39Sopenharmony_ci ctx->ext.npn_select_cb_arg = arg; 3044e1051a39Sopenharmony_ci} 3045e1051a39Sopenharmony_ci#endif 3046e1051a39Sopenharmony_ci 3047e1051a39Sopenharmony_cistatic int alpn_value_ok(const unsigned char *protos, unsigned int protos_len) 3048e1051a39Sopenharmony_ci{ 3049e1051a39Sopenharmony_ci unsigned int idx; 3050e1051a39Sopenharmony_ci 3051e1051a39Sopenharmony_ci if (protos_len < 2 || protos == NULL) 3052e1051a39Sopenharmony_ci return 0; 3053e1051a39Sopenharmony_ci 3054e1051a39Sopenharmony_ci for (idx = 0; idx < protos_len; idx += protos[idx] + 1) { 3055e1051a39Sopenharmony_ci if (protos[idx] == 0) 3056e1051a39Sopenharmony_ci return 0; 3057e1051a39Sopenharmony_ci } 3058e1051a39Sopenharmony_ci return idx == protos_len; 3059e1051a39Sopenharmony_ci} 3060e1051a39Sopenharmony_ci/* 3061e1051a39Sopenharmony_ci * SSL_CTX_set_alpn_protos sets the ALPN protocol list on |ctx| to |protos|. 3062e1051a39Sopenharmony_ci * |protos| must be in wire-format (i.e. a series of non-empty, 8-bit 3063e1051a39Sopenharmony_ci * length-prefixed strings). Returns 0 on success. 3064e1051a39Sopenharmony_ci */ 3065e1051a39Sopenharmony_ciint SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos, 3066e1051a39Sopenharmony_ci unsigned int protos_len) 3067e1051a39Sopenharmony_ci{ 3068e1051a39Sopenharmony_ci unsigned char *alpn; 3069e1051a39Sopenharmony_ci 3070e1051a39Sopenharmony_ci if (protos_len == 0 || protos == NULL) { 3071e1051a39Sopenharmony_ci OPENSSL_free(ctx->ext.alpn); 3072e1051a39Sopenharmony_ci ctx->ext.alpn = NULL; 3073e1051a39Sopenharmony_ci ctx->ext.alpn_len = 0; 3074e1051a39Sopenharmony_ci return 0; 3075e1051a39Sopenharmony_ci } 3076e1051a39Sopenharmony_ci /* Not valid per RFC */ 3077e1051a39Sopenharmony_ci if (!alpn_value_ok(protos, protos_len)) 3078e1051a39Sopenharmony_ci return 1; 3079e1051a39Sopenharmony_ci 3080e1051a39Sopenharmony_ci alpn = OPENSSL_memdup(protos, protos_len); 3081e1051a39Sopenharmony_ci if (alpn == NULL) { 3082e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); 3083e1051a39Sopenharmony_ci return 1; 3084e1051a39Sopenharmony_ci } 3085e1051a39Sopenharmony_ci OPENSSL_free(ctx->ext.alpn); 3086e1051a39Sopenharmony_ci ctx->ext.alpn = alpn; 3087e1051a39Sopenharmony_ci ctx->ext.alpn_len = protos_len; 3088e1051a39Sopenharmony_ci 3089e1051a39Sopenharmony_ci return 0; 3090e1051a39Sopenharmony_ci} 3091e1051a39Sopenharmony_ci 3092e1051a39Sopenharmony_ci/* 3093e1051a39Sopenharmony_ci * SSL_set_alpn_protos sets the ALPN protocol list on |ssl| to |protos|. 3094e1051a39Sopenharmony_ci * |protos| must be in wire-format (i.e. a series of non-empty, 8-bit 3095e1051a39Sopenharmony_ci * length-prefixed strings). Returns 0 on success. 3096e1051a39Sopenharmony_ci */ 3097e1051a39Sopenharmony_ciint SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos, 3098e1051a39Sopenharmony_ci unsigned int protos_len) 3099e1051a39Sopenharmony_ci{ 3100e1051a39Sopenharmony_ci unsigned char *alpn; 3101e1051a39Sopenharmony_ci 3102e1051a39Sopenharmony_ci if (protos_len == 0 || protos == NULL) { 3103e1051a39Sopenharmony_ci OPENSSL_free(ssl->ext.alpn); 3104e1051a39Sopenharmony_ci ssl->ext.alpn = NULL; 3105e1051a39Sopenharmony_ci ssl->ext.alpn_len = 0; 3106e1051a39Sopenharmony_ci return 0; 3107e1051a39Sopenharmony_ci } 3108e1051a39Sopenharmony_ci /* Not valid per RFC */ 3109e1051a39Sopenharmony_ci if (!alpn_value_ok(protos, protos_len)) 3110e1051a39Sopenharmony_ci return 1; 3111e1051a39Sopenharmony_ci 3112e1051a39Sopenharmony_ci alpn = OPENSSL_memdup(protos, protos_len); 3113e1051a39Sopenharmony_ci if (alpn == NULL) { 3114e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); 3115e1051a39Sopenharmony_ci return 1; 3116e1051a39Sopenharmony_ci } 3117e1051a39Sopenharmony_ci OPENSSL_free(ssl->ext.alpn); 3118e1051a39Sopenharmony_ci ssl->ext.alpn = alpn; 3119e1051a39Sopenharmony_ci ssl->ext.alpn_len = protos_len; 3120e1051a39Sopenharmony_ci 3121e1051a39Sopenharmony_ci return 0; 3122e1051a39Sopenharmony_ci} 3123e1051a39Sopenharmony_ci 3124e1051a39Sopenharmony_ci/* 3125e1051a39Sopenharmony_ci * SSL_CTX_set_alpn_select_cb sets a callback function on |ctx| that is 3126e1051a39Sopenharmony_ci * called during ClientHello processing in order to select an ALPN protocol 3127e1051a39Sopenharmony_ci * from the client's list of offered protocols. 3128e1051a39Sopenharmony_ci */ 3129e1051a39Sopenharmony_civoid SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx, 3130e1051a39Sopenharmony_ci SSL_CTX_alpn_select_cb_func cb, 3131e1051a39Sopenharmony_ci void *arg) 3132e1051a39Sopenharmony_ci{ 3133e1051a39Sopenharmony_ci ctx->ext.alpn_select_cb = cb; 3134e1051a39Sopenharmony_ci ctx->ext.alpn_select_cb_arg = arg; 3135e1051a39Sopenharmony_ci} 3136e1051a39Sopenharmony_ci 3137e1051a39Sopenharmony_ci/* 3138e1051a39Sopenharmony_ci * SSL_get0_alpn_selected gets the selected ALPN protocol (if any) from |ssl|. 3139e1051a39Sopenharmony_ci * On return it sets |*data| to point to |*len| bytes of protocol name 3140e1051a39Sopenharmony_ci * (not including the leading length-prefix byte). If the server didn't 3141e1051a39Sopenharmony_ci * respond with a negotiated protocol then |*len| will be zero. 3142e1051a39Sopenharmony_ci */ 3143e1051a39Sopenharmony_civoid SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data, 3144e1051a39Sopenharmony_ci unsigned int *len) 3145e1051a39Sopenharmony_ci{ 3146e1051a39Sopenharmony_ci *data = ssl->s3.alpn_selected; 3147e1051a39Sopenharmony_ci if (*data == NULL) 3148e1051a39Sopenharmony_ci *len = 0; 3149e1051a39Sopenharmony_ci else 3150e1051a39Sopenharmony_ci *len = (unsigned int)ssl->s3.alpn_selected_len; 3151e1051a39Sopenharmony_ci} 3152e1051a39Sopenharmony_ci 3153e1051a39Sopenharmony_ciint SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen, 3154e1051a39Sopenharmony_ci const char *label, size_t llen, 3155e1051a39Sopenharmony_ci const unsigned char *context, size_t contextlen, 3156e1051a39Sopenharmony_ci int use_context) 3157e1051a39Sopenharmony_ci{ 3158e1051a39Sopenharmony_ci if (s->session == NULL 3159e1051a39Sopenharmony_ci || (s->version < TLS1_VERSION && s->version != DTLS1_BAD_VER)) 3160e1051a39Sopenharmony_ci return -1; 3161e1051a39Sopenharmony_ci 3162e1051a39Sopenharmony_ci return s->method->ssl3_enc->export_keying_material(s, out, olen, label, 3163e1051a39Sopenharmony_ci llen, context, 3164e1051a39Sopenharmony_ci contextlen, use_context); 3165e1051a39Sopenharmony_ci} 3166e1051a39Sopenharmony_ci 3167e1051a39Sopenharmony_ciint SSL_export_keying_material_early(SSL *s, unsigned char *out, size_t olen, 3168e1051a39Sopenharmony_ci const char *label, size_t llen, 3169e1051a39Sopenharmony_ci const unsigned char *context, 3170e1051a39Sopenharmony_ci size_t contextlen) 3171e1051a39Sopenharmony_ci{ 3172e1051a39Sopenharmony_ci if (s->version != TLS1_3_VERSION) 3173e1051a39Sopenharmony_ci return 0; 3174e1051a39Sopenharmony_ci 3175e1051a39Sopenharmony_ci return tls13_export_keying_material_early(s, out, olen, label, llen, 3176e1051a39Sopenharmony_ci context, contextlen); 3177e1051a39Sopenharmony_ci} 3178e1051a39Sopenharmony_ci 3179e1051a39Sopenharmony_cistatic unsigned long ssl_session_hash(const SSL_SESSION *a) 3180e1051a39Sopenharmony_ci{ 3181e1051a39Sopenharmony_ci const unsigned char *session_id = a->session_id; 3182e1051a39Sopenharmony_ci unsigned long l; 3183e1051a39Sopenharmony_ci unsigned char tmp_storage[4]; 3184e1051a39Sopenharmony_ci 3185e1051a39Sopenharmony_ci if (a->session_id_length < sizeof(tmp_storage)) { 3186e1051a39Sopenharmony_ci memset(tmp_storage, 0, sizeof(tmp_storage)); 3187e1051a39Sopenharmony_ci memcpy(tmp_storage, a->session_id, a->session_id_length); 3188e1051a39Sopenharmony_ci session_id = tmp_storage; 3189e1051a39Sopenharmony_ci } 3190e1051a39Sopenharmony_ci 3191e1051a39Sopenharmony_ci l = (unsigned long) 3192e1051a39Sopenharmony_ci ((unsigned long)session_id[0]) | 3193e1051a39Sopenharmony_ci ((unsigned long)session_id[1] << 8L) | 3194e1051a39Sopenharmony_ci ((unsigned long)session_id[2] << 16L) | 3195e1051a39Sopenharmony_ci ((unsigned long)session_id[3] << 24L); 3196e1051a39Sopenharmony_ci return l; 3197e1051a39Sopenharmony_ci} 3198e1051a39Sopenharmony_ci 3199e1051a39Sopenharmony_ci/* 3200e1051a39Sopenharmony_ci * NB: If this function (or indeed the hash function which uses a sort of 3201e1051a39Sopenharmony_ci * coarser function than this one) is changed, ensure 3202e1051a39Sopenharmony_ci * SSL_CTX_has_matching_session_id() is checked accordingly. It relies on 3203e1051a39Sopenharmony_ci * being able to construct an SSL_SESSION that will collide with any existing 3204e1051a39Sopenharmony_ci * session with a matching session ID. 3205e1051a39Sopenharmony_ci */ 3206e1051a39Sopenharmony_cistatic int ssl_session_cmp(const SSL_SESSION *a, const SSL_SESSION *b) 3207e1051a39Sopenharmony_ci{ 3208e1051a39Sopenharmony_ci if (a->ssl_version != b->ssl_version) 3209e1051a39Sopenharmony_ci return 1; 3210e1051a39Sopenharmony_ci if (a->session_id_length != b->session_id_length) 3211e1051a39Sopenharmony_ci return 1; 3212e1051a39Sopenharmony_ci return memcmp(a->session_id, b->session_id, a->session_id_length); 3213e1051a39Sopenharmony_ci} 3214e1051a39Sopenharmony_ci 3215e1051a39Sopenharmony_ci/* 3216e1051a39Sopenharmony_ci * These wrapper functions should remain rather than redeclaring 3217e1051a39Sopenharmony_ci * SSL_SESSION_hash and SSL_SESSION_cmp for void* types and casting each 3218e1051a39Sopenharmony_ci * variable. The reason is that the functions aren't static, they're exposed 3219e1051a39Sopenharmony_ci * via ssl.h. 3220e1051a39Sopenharmony_ci */ 3221e1051a39Sopenharmony_ci 3222e1051a39Sopenharmony_ciSSL_CTX *SSL_CTX_new_ex(OSSL_LIB_CTX *libctx, const char *propq, 3223e1051a39Sopenharmony_ci const SSL_METHOD *meth) 3224e1051a39Sopenharmony_ci{ 3225e1051a39Sopenharmony_ci SSL_CTX *ret = NULL; 3226e1051a39Sopenharmony_ci 3227e1051a39Sopenharmony_ci if (meth == NULL) { 3228e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_NULL_SSL_METHOD_PASSED); 3229e1051a39Sopenharmony_ci return NULL; 3230e1051a39Sopenharmony_ci } 3231e1051a39Sopenharmony_ci 3232e1051a39Sopenharmony_ci if (!OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL)) 3233e1051a39Sopenharmony_ci return NULL; 3234e1051a39Sopenharmony_ci 3235e1051a39Sopenharmony_ci if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0) { 3236e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_X509_VERIFICATION_SETUP_PROBLEMS); 3237e1051a39Sopenharmony_ci goto err; 3238e1051a39Sopenharmony_ci } 3239e1051a39Sopenharmony_ci ret = OPENSSL_zalloc(sizeof(*ret)); 3240e1051a39Sopenharmony_ci if (ret == NULL) 3241e1051a39Sopenharmony_ci goto err; 3242e1051a39Sopenharmony_ci 3243e1051a39Sopenharmony_ci /* Init the reference counting before any call to SSL_CTX_free */ 3244e1051a39Sopenharmony_ci ret->references = 1; 3245e1051a39Sopenharmony_ci ret->lock = CRYPTO_THREAD_lock_new(); 3246e1051a39Sopenharmony_ci if (ret->lock == NULL) { 3247e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); 3248e1051a39Sopenharmony_ci OPENSSL_free(ret); 3249e1051a39Sopenharmony_ci return NULL; 3250e1051a39Sopenharmony_ci } 3251e1051a39Sopenharmony_ci 3252e1051a39Sopenharmony_ci#ifdef TSAN_REQUIRES_LOCKING 3253e1051a39Sopenharmony_ci ret->tsan_lock = CRYPTO_THREAD_lock_new(); 3254e1051a39Sopenharmony_ci if (ret->tsan_lock == NULL) { 3255e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); 3256e1051a39Sopenharmony_ci goto err; 3257e1051a39Sopenharmony_ci } 3258e1051a39Sopenharmony_ci#endif 3259e1051a39Sopenharmony_ci 3260e1051a39Sopenharmony_ci ret->libctx = libctx; 3261e1051a39Sopenharmony_ci if (propq != NULL) { 3262e1051a39Sopenharmony_ci ret->propq = OPENSSL_strdup(propq); 3263e1051a39Sopenharmony_ci if (ret->propq == NULL) 3264e1051a39Sopenharmony_ci goto err; 3265e1051a39Sopenharmony_ci } 3266e1051a39Sopenharmony_ci 3267e1051a39Sopenharmony_ci ret->method = meth; 3268e1051a39Sopenharmony_ci ret->min_proto_version = 0; 3269e1051a39Sopenharmony_ci ret->max_proto_version = 0; 3270e1051a39Sopenharmony_ci ret->mode = SSL_MODE_AUTO_RETRY; 3271e1051a39Sopenharmony_ci ret->session_cache_mode = SSL_SESS_CACHE_SERVER; 3272e1051a39Sopenharmony_ci ret->session_cache_size = SSL_SESSION_CACHE_MAX_SIZE_DEFAULT; 3273e1051a39Sopenharmony_ci /* We take the system default. */ 3274e1051a39Sopenharmony_ci ret->session_timeout = meth->get_timeout(); 3275e1051a39Sopenharmony_ci ret->max_cert_list = SSL_MAX_CERT_LIST_DEFAULT; 3276e1051a39Sopenharmony_ci ret->verify_mode = SSL_VERIFY_NONE; 3277e1051a39Sopenharmony_ci if ((ret->cert = ssl_cert_new()) == NULL) 3278e1051a39Sopenharmony_ci goto err; 3279e1051a39Sopenharmony_ci 3280e1051a39Sopenharmony_ci ret->sessions = lh_SSL_SESSION_new(ssl_session_hash, ssl_session_cmp); 3281e1051a39Sopenharmony_ci if (ret->sessions == NULL) 3282e1051a39Sopenharmony_ci goto err; 3283e1051a39Sopenharmony_ci ret->cert_store = X509_STORE_new(); 3284e1051a39Sopenharmony_ci if (ret->cert_store == NULL) 3285e1051a39Sopenharmony_ci goto err; 3286e1051a39Sopenharmony_ci#ifndef OPENSSL_NO_CT 3287e1051a39Sopenharmony_ci ret->ctlog_store = CTLOG_STORE_new_ex(libctx, propq); 3288e1051a39Sopenharmony_ci if (ret->ctlog_store == NULL) 3289e1051a39Sopenharmony_ci goto err; 3290e1051a39Sopenharmony_ci#endif 3291e1051a39Sopenharmony_ci 3292e1051a39Sopenharmony_ci /* initialize cipher/digest methods table */ 3293e1051a39Sopenharmony_ci if (!ssl_load_ciphers(ret)) 3294e1051a39Sopenharmony_ci goto err2; 3295e1051a39Sopenharmony_ci /* initialise sig algs */ 3296e1051a39Sopenharmony_ci if (!ssl_setup_sig_algs(ret)) 3297e1051a39Sopenharmony_ci goto err2; 3298e1051a39Sopenharmony_ci 3299e1051a39Sopenharmony_ci 3300e1051a39Sopenharmony_ci if (!ssl_load_groups(ret)) 3301e1051a39Sopenharmony_ci goto err2; 3302e1051a39Sopenharmony_ci 3303e1051a39Sopenharmony_ci if (!SSL_CTX_set_ciphersuites(ret, OSSL_default_ciphersuites())) 3304e1051a39Sopenharmony_ci goto err; 3305e1051a39Sopenharmony_ci 3306e1051a39Sopenharmony_ci if (!ssl_create_cipher_list(ret, 3307e1051a39Sopenharmony_ci ret->tls13_ciphersuites, 3308e1051a39Sopenharmony_ci &ret->cipher_list, &ret->cipher_list_by_id, 3309e1051a39Sopenharmony_ci OSSL_default_cipher_list(), ret->cert) 3310e1051a39Sopenharmony_ci || sk_SSL_CIPHER_num(ret->cipher_list) <= 0) { 3311e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_LIBRARY_HAS_NO_CIPHERS); 3312e1051a39Sopenharmony_ci goto err2; 3313e1051a39Sopenharmony_ci } 3314e1051a39Sopenharmony_ci 3315e1051a39Sopenharmony_ci ret->param = X509_VERIFY_PARAM_new(); 3316e1051a39Sopenharmony_ci if (ret->param == NULL) 3317e1051a39Sopenharmony_ci goto err; 3318e1051a39Sopenharmony_ci 3319e1051a39Sopenharmony_ci /* 3320e1051a39Sopenharmony_ci * If these aren't available from the provider we'll get NULL returns. 3321e1051a39Sopenharmony_ci * That's fine but will cause errors later if SSLv3 is negotiated 3322e1051a39Sopenharmony_ci */ 3323e1051a39Sopenharmony_ci ret->md5 = ssl_evp_md_fetch(libctx, NID_md5, propq); 3324e1051a39Sopenharmony_ci ret->sha1 = ssl_evp_md_fetch(libctx, NID_sha1, propq); 3325e1051a39Sopenharmony_ci 3326e1051a39Sopenharmony_ci if ((ret->ca_names = sk_X509_NAME_new_null()) == NULL) 3327e1051a39Sopenharmony_ci goto err; 3328e1051a39Sopenharmony_ci 3329e1051a39Sopenharmony_ci if ((ret->client_ca_names = sk_X509_NAME_new_null()) == NULL) 3330e1051a39Sopenharmony_ci goto err; 3331e1051a39Sopenharmony_ci 3332e1051a39Sopenharmony_ci if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ret, &ret->ex_data)) 3333e1051a39Sopenharmony_ci goto err; 3334e1051a39Sopenharmony_ci 3335e1051a39Sopenharmony_ci if ((ret->ext.secure = OPENSSL_secure_zalloc(sizeof(*ret->ext.secure))) == NULL) 3336e1051a39Sopenharmony_ci goto err; 3337e1051a39Sopenharmony_ci 3338e1051a39Sopenharmony_ci /* No compression for DTLS */ 3339e1051a39Sopenharmony_ci if (!(meth->ssl3_enc->enc_flags & SSL_ENC_FLAG_DTLS)) 3340e1051a39Sopenharmony_ci ret->comp_methods = SSL_COMP_get_compression_methods(); 3341e1051a39Sopenharmony_ci 3342e1051a39Sopenharmony_ci ret->max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH; 3343e1051a39Sopenharmony_ci ret->split_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH; 3344e1051a39Sopenharmony_ci 3345e1051a39Sopenharmony_ci /* Setup RFC5077 ticket keys */ 3346e1051a39Sopenharmony_ci if ((RAND_bytes_ex(libctx, ret->ext.tick_key_name, 3347e1051a39Sopenharmony_ci sizeof(ret->ext.tick_key_name), 0) <= 0) 3348e1051a39Sopenharmony_ci || (RAND_priv_bytes_ex(libctx, ret->ext.secure->tick_hmac_key, 3349e1051a39Sopenharmony_ci sizeof(ret->ext.secure->tick_hmac_key), 0) <= 0) 3350e1051a39Sopenharmony_ci || (RAND_priv_bytes_ex(libctx, ret->ext.secure->tick_aes_key, 3351e1051a39Sopenharmony_ci sizeof(ret->ext.secure->tick_aes_key), 0) <= 0)) 3352e1051a39Sopenharmony_ci ret->options |= SSL_OP_NO_TICKET; 3353e1051a39Sopenharmony_ci 3354e1051a39Sopenharmony_ci if (RAND_priv_bytes_ex(libctx, ret->ext.cookie_hmac_key, 3355e1051a39Sopenharmony_ci sizeof(ret->ext.cookie_hmac_key), 0) <= 0) 3356e1051a39Sopenharmony_ci goto err; 3357e1051a39Sopenharmony_ci 3358e1051a39Sopenharmony_ci#ifndef OPENSSL_NO_SRP 3359e1051a39Sopenharmony_ci if (!ssl_ctx_srp_ctx_init_intern(ret)) 3360e1051a39Sopenharmony_ci goto err; 3361e1051a39Sopenharmony_ci#endif 3362e1051a39Sopenharmony_ci#ifndef OPENSSL_NO_ENGINE 3363e1051a39Sopenharmony_ci# ifdef OPENSSL_SSL_CLIENT_ENGINE_AUTO 3364e1051a39Sopenharmony_ci# define eng_strx(x) #x 3365e1051a39Sopenharmony_ci# define eng_str(x) eng_strx(x) 3366e1051a39Sopenharmony_ci /* Use specific client engine automatically... ignore errors */ 3367e1051a39Sopenharmony_ci { 3368e1051a39Sopenharmony_ci ENGINE *eng; 3369e1051a39Sopenharmony_ci eng = ENGINE_by_id(eng_str(OPENSSL_SSL_CLIENT_ENGINE_AUTO)); 3370e1051a39Sopenharmony_ci if (!eng) { 3371e1051a39Sopenharmony_ci ERR_clear_error(); 3372e1051a39Sopenharmony_ci ENGINE_load_builtin_engines(); 3373e1051a39Sopenharmony_ci eng = ENGINE_by_id(eng_str(OPENSSL_SSL_CLIENT_ENGINE_AUTO)); 3374e1051a39Sopenharmony_ci } 3375e1051a39Sopenharmony_ci if (!eng || !SSL_CTX_set_client_cert_engine(ret, eng)) 3376e1051a39Sopenharmony_ci ERR_clear_error(); 3377e1051a39Sopenharmony_ci } 3378e1051a39Sopenharmony_ci# endif 3379e1051a39Sopenharmony_ci#endif 3380e1051a39Sopenharmony_ci /* 3381e1051a39Sopenharmony_ci * Disable compression by default to prevent CRIME. Applications can 3382e1051a39Sopenharmony_ci * re-enable compression by configuring 3383e1051a39Sopenharmony_ci * SSL_CTX_clear_options(ctx, SSL_OP_NO_COMPRESSION); 3384e1051a39Sopenharmony_ci * or by using the SSL_CONF library. Similarly we also enable TLSv1.3 3385e1051a39Sopenharmony_ci * middlebox compatibility by default. This may be disabled by default in 3386e1051a39Sopenharmony_ci * a later OpenSSL version. 3387e1051a39Sopenharmony_ci */ 3388e1051a39Sopenharmony_ci ret->options |= SSL_OP_NO_COMPRESSION | SSL_OP_ENABLE_MIDDLEBOX_COMPAT; 3389e1051a39Sopenharmony_ci 3390e1051a39Sopenharmony_ci ret->ext.status_type = TLSEXT_STATUSTYPE_nothing; 3391e1051a39Sopenharmony_ci 3392e1051a39Sopenharmony_ci /* 3393e1051a39Sopenharmony_ci * We cannot usefully set a default max_early_data here (which gets 3394e1051a39Sopenharmony_ci * propagated in SSL_new(), for the following reason: setting the 3395e1051a39Sopenharmony_ci * SSL field causes tls_construct_stoc_early_data() to tell the 3396e1051a39Sopenharmony_ci * client that early data will be accepted when constructing a TLS 1.3 3397e1051a39Sopenharmony_ci * session ticket, and the client will accordingly send us early data 3398e1051a39Sopenharmony_ci * when using that ticket (if the client has early data to send). 3399e1051a39Sopenharmony_ci * However, in order for the early data to actually be consumed by 3400e1051a39Sopenharmony_ci * the application, the application must also have calls to 3401e1051a39Sopenharmony_ci * SSL_read_early_data(); otherwise we'll just skip past the early data 3402e1051a39Sopenharmony_ci * and ignore it. So, since the application must add calls to 3403e1051a39Sopenharmony_ci * SSL_read_early_data(), we also require them to add 3404e1051a39Sopenharmony_ci * calls to SSL_CTX_set_max_early_data() in order to use early data, 3405e1051a39Sopenharmony_ci * eliminating the bandwidth-wasting early data in the case described 3406e1051a39Sopenharmony_ci * above. 3407e1051a39Sopenharmony_ci */ 3408e1051a39Sopenharmony_ci ret->max_early_data = 0; 3409e1051a39Sopenharmony_ci 3410e1051a39Sopenharmony_ci /* 3411e1051a39Sopenharmony_ci * Default recv_max_early_data is a fully loaded single record. Could be 3412e1051a39Sopenharmony_ci * split across multiple records in practice. We set this differently to 3413e1051a39Sopenharmony_ci * max_early_data so that, in the default case, we do not advertise any 3414e1051a39Sopenharmony_ci * support for early_data, but if a client were to send us some (e.g. 3415e1051a39Sopenharmony_ci * because of an old, stale ticket) then we will tolerate it and skip over 3416e1051a39Sopenharmony_ci * it. 3417e1051a39Sopenharmony_ci */ 3418e1051a39Sopenharmony_ci ret->recv_max_early_data = SSL3_RT_MAX_PLAIN_LENGTH; 3419e1051a39Sopenharmony_ci 3420e1051a39Sopenharmony_ci /* By default we send two session tickets automatically in TLSv1.3 */ 3421e1051a39Sopenharmony_ci ret->num_tickets = 2; 3422e1051a39Sopenharmony_ci 3423e1051a39Sopenharmony_ci ssl_ctx_system_config(ret); 3424e1051a39Sopenharmony_ci 3425e1051a39Sopenharmony_ci return ret; 3426e1051a39Sopenharmony_ci err: 3427e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); 3428e1051a39Sopenharmony_ci err2: 3429e1051a39Sopenharmony_ci SSL_CTX_free(ret); 3430e1051a39Sopenharmony_ci return NULL; 3431e1051a39Sopenharmony_ci} 3432e1051a39Sopenharmony_ci 3433e1051a39Sopenharmony_ciSSL_CTX *SSL_CTX_new(const SSL_METHOD *meth) 3434e1051a39Sopenharmony_ci{ 3435e1051a39Sopenharmony_ci return SSL_CTX_new_ex(NULL, NULL, meth); 3436e1051a39Sopenharmony_ci} 3437e1051a39Sopenharmony_ci 3438e1051a39Sopenharmony_ciint SSL_CTX_up_ref(SSL_CTX *ctx) 3439e1051a39Sopenharmony_ci{ 3440e1051a39Sopenharmony_ci int i; 3441e1051a39Sopenharmony_ci 3442e1051a39Sopenharmony_ci if (CRYPTO_UP_REF(&ctx->references, &i, ctx->lock) <= 0) 3443e1051a39Sopenharmony_ci return 0; 3444e1051a39Sopenharmony_ci 3445e1051a39Sopenharmony_ci REF_PRINT_COUNT("SSL_CTX", ctx); 3446e1051a39Sopenharmony_ci REF_ASSERT_ISNT(i < 2); 3447e1051a39Sopenharmony_ci return ((i > 1) ? 1 : 0); 3448e1051a39Sopenharmony_ci} 3449e1051a39Sopenharmony_ci 3450e1051a39Sopenharmony_civoid SSL_CTX_free(SSL_CTX *a) 3451e1051a39Sopenharmony_ci{ 3452e1051a39Sopenharmony_ci int i; 3453e1051a39Sopenharmony_ci size_t j; 3454e1051a39Sopenharmony_ci 3455e1051a39Sopenharmony_ci if (a == NULL) 3456e1051a39Sopenharmony_ci return; 3457e1051a39Sopenharmony_ci 3458e1051a39Sopenharmony_ci CRYPTO_DOWN_REF(&a->references, &i, a->lock); 3459e1051a39Sopenharmony_ci REF_PRINT_COUNT("SSL_CTX", a); 3460e1051a39Sopenharmony_ci if (i > 0) 3461e1051a39Sopenharmony_ci return; 3462e1051a39Sopenharmony_ci REF_ASSERT_ISNT(i < 0); 3463e1051a39Sopenharmony_ci 3464e1051a39Sopenharmony_ci X509_VERIFY_PARAM_free(a->param); 3465e1051a39Sopenharmony_ci dane_ctx_final(&a->dane); 3466e1051a39Sopenharmony_ci 3467e1051a39Sopenharmony_ci /* 3468e1051a39Sopenharmony_ci * Free internal session cache. However: the remove_cb() may reference 3469e1051a39Sopenharmony_ci * the ex_data of SSL_CTX, thus the ex_data store can only be removed 3470e1051a39Sopenharmony_ci * after the sessions were flushed. 3471e1051a39Sopenharmony_ci * As the ex_data handling routines might also touch the session cache, 3472e1051a39Sopenharmony_ci * the most secure solution seems to be: empty (flush) the cache, then 3473e1051a39Sopenharmony_ci * free ex_data, then finally free the cache. 3474e1051a39Sopenharmony_ci * (See ticket [openssl.org #212].) 3475e1051a39Sopenharmony_ci */ 3476e1051a39Sopenharmony_ci if (a->sessions != NULL) 3477e1051a39Sopenharmony_ci SSL_CTX_flush_sessions(a, 0); 3478e1051a39Sopenharmony_ci 3479e1051a39Sopenharmony_ci CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_CTX, a, &a->ex_data); 3480e1051a39Sopenharmony_ci lh_SSL_SESSION_free(a->sessions); 3481e1051a39Sopenharmony_ci X509_STORE_free(a->cert_store); 3482e1051a39Sopenharmony_ci#ifndef OPENSSL_NO_CT 3483e1051a39Sopenharmony_ci CTLOG_STORE_free(a->ctlog_store); 3484e1051a39Sopenharmony_ci#endif 3485e1051a39Sopenharmony_ci sk_SSL_CIPHER_free(a->cipher_list); 3486e1051a39Sopenharmony_ci sk_SSL_CIPHER_free(a->cipher_list_by_id); 3487e1051a39Sopenharmony_ci sk_SSL_CIPHER_free(a->tls13_ciphersuites); 3488e1051a39Sopenharmony_ci ssl_cert_free(a->cert); 3489e1051a39Sopenharmony_ci sk_X509_NAME_pop_free(a->ca_names, X509_NAME_free); 3490e1051a39Sopenharmony_ci sk_X509_NAME_pop_free(a->client_ca_names, X509_NAME_free); 3491e1051a39Sopenharmony_ci sk_X509_pop_free(a->extra_certs, X509_free); 3492e1051a39Sopenharmony_ci a->comp_methods = NULL; 3493e1051a39Sopenharmony_ci#ifndef OPENSSL_NO_SRTP 3494e1051a39Sopenharmony_ci sk_SRTP_PROTECTION_PROFILE_free(a->srtp_profiles); 3495e1051a39Sopenharmony_ci#endif 3496e1051a39Sopenharmony_ci#ifndef OPENSSL_NO_SRP 3497e1051a39Sopenharmony_ci ssl_ctx_srp_ctx_free_intern(a); 3498e1051a39Sopenharmony_ci#endif 3499e1051a39Sopenharmony_ci#ifndef OPENSSL_NO_ENGINE 3500e1051a39Sopenharmony_ci tls_engine_finish(a->client_cert_engine); 3501e1051a39Sopenharmony_ci#endif 3502e1051a39Sopenharmony_ci 3503e1051a39Sopenharmony_ci OPENSSL_free(a->ext.ecpointformats); 3504e1051a39Sopenharmony_ci OPENSSL_free(a->ext.supportedgroups); 3505e1051a39Sopenharmony_ci OPENSSL_free(a->ext.supported_groups_default); 3506e1051a39Sopenharmony_ci OPENSSL_free(a->ext.alpn); 3507e1051a39Sopenharmony_ci OPENSSL_secure_free(a->ext.secure); 3508e1051a39Sopenharmony_ci 3509e1051a39Sopenharmony_ci ssl_evp_md_free(a->md5); 3510e1051a39Sopenharmony_ci ssl_evp_md_free(a->sha1); 3511e1051a39Sopenharmony_ci 3512e1051a39Sopenharmony_ci for (j = 0; j < SSL_ENC_NUM_IDX; j++) 3513e1051a39Sopenharmony_ci ssl_evp_cipher_free(a->ssl_cipher_methods[j]); 3514e1051a39Sopenharmony_ci for (j = 0; j < SSL_MD_NUM_IDX; j++) 3515e1051a39Sopenharmony_ci ssl_evp_md_free(a->ssl_digest_methods[j]); 3516e1051a39Sopenharmony_ci for (j = 0; j < a->group_list_len; j++) { 3517e1051a39Sopenharmony_ci OPENSSL_free(a->group_list[j].tlsname); 3518e1051a39Sopenharmony_ci OPENSSL_free(a->group_list[j].realname); 3519e1051a39Sopenharmony_ci OPENSSL_free(a->group_list[j].algorithm); 3520e1051a39Sopenharmony_ci } 3521e1051a39Sopenharmony_ci OPENSSL_free(a->group_list); 3522e1051a39Sopenharmony_ci 3523e1051a39Sopenharmony_ci OPENSSL_free(a->sigalg_lookup_cache); 3524e1051a39Sopenharmony_ci 3525e1051a39Sopenharmony_ci CRYPTO_THREAD_lock_free(a->lock); 3526e1051a39Sopenharmony_ci#ifdef TSAN_REQUIRES_LOCKING 3527e1051a39Sopenharmony_ci CRYPTO_THREAD_lock_free(a->tsan_lock); 3528e1051a39Sopenharmony_ci#endif 3529e1051a39Sopenharmony_ci 3530e1051a39Sopenharmony_ci OPENSSL_free(a->propq); 3531e1051a39Sopenharmony_ci 3532e1051a39Sopenharmony_ci OPENSSL_free(a); 3533e1051a39Sopenharmony_ci} 3534e1051a39Sopenharmony_ci 3535e1051a39Sopenharmony_civoid SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb) 3536e1051a39Sopenharmony_ci{ 3537e1051a39Sopenharmony_ci ctx->default_passwd_callback = cb; 3538e1051a39Sopenharmony_ci} 3539e1051a39Sopenharmony_ci 3540e1051a39Sopenharmony_civoid SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u) 3541e1051a39Sopenharmony_ci{ 3542e1051a39Sopenharmony_ci ctx->default_passwd_callback_userdata = u; 3543e1051a39Sopenharmony_ci} 3544e1051a39Sopenharmony_ci 3545e1051a39Sopenharmony_cipem_password_cb *SSL_CTX_get_default_passwd_cb(SSL_CTX *ctx) 3546e1051a39Sopenharmony_ci{ 3547e1051a39Sopenharmony_ci return ctx->default_passwd_callback; 3548e1051a39Sopenharmony_ci} 3549e1051a39Sopenharmony_ci 3550e1051a39Sopenharmony_civoid *SSL_CTX_get_default_passwd_cb_userdata(SSL_CTX *ctx) 3551e1051a39Sopenharmony_ci{ 3552e1051a39Sopenharmony_ci return ctx->default_passwd_callback_userdata; 3553e1051a39Sopenharmony_ci} 3554e1051a39Sopenharmony_ci 3555e1051a39Sopenharmony_civoid SSL_set_default_passwd_cb(SSL *s, pem_password_cb *cb) 3556e1051a39Sopenharmony_ci{ 3557e1051a39Sopenharmony_ci s->default_passwd_callback = cb; 3558e1051a39Sopenharmony_ci} 3559e1051a39Sopenharmony_ci 3560e1051a39Sopenharmony_civoid SSL_set_default_passwd_cb_userdata(SSL *s, void *u) 3561e1051a39Sopenharmony_ci{ 3562e1051a39Sopenharmony_ci s->default_passwd_callback_userdata = u; 3563e1051a39Sopenharmony_ci} 3564e1051a39Sopenharmony_ci 3565e1051a39Sopenharmony_cipem_password_cb *SSL_get_default_passwd_cb(SSL *s) 3566e1051a39Sopenharmony_ci{ 3567e1051a39Sopenharmony_ci return s->default_passwd_callback; 3568e1051a39Sopenharmony_ci} 3569e1051a39Sopenharmony_ci 3570e1051a39Sopenharmony_civoid *SSL_get_default_passwd_cb_userdata(SSL *s) 3571e1051a39Sopenharmony_ci{ 3572e1051a39Sopenharmony_ci return s->default_passwd_callback_userdata; 3573e1051a39Sopenharmony_ci} 3574e1051a39Sopenharmony_ci 3575e1051a39Sopenharmony_civoid SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, 3576e1051a39Sopenharmony_ci int (*cb) (X509_STORE_CTX *, void *), 3577e1051a39Sopenharmony_ci void *arg) 3578e1051a39Sopenharmony_ci{ 3579e1051a39Sopenharmony_ci ctx->app_verify_callback = cb; 3580e1051a39Sopenharmony_ci ctx->app_verify_arg = arg; 3581e1051a39Sopenharmony_ci} 3582e1051a39Sopenharmony_ci 3583e1051a39Sopenharmony_civoid SSL_CTX_set_verify(SSL_CTX *ctx, int mode, 3584e1051a39Sopenharmony_ci int (*cb) (int, X509_STORE_CTX *)) 3585e1051a39Sopenharmony_ci{ 3586e1051a39Sopenharmony_ci ctx->verify_mode = mode; 3587e1051a39Sopenharmony_ci ctx->default_verify_callback = cb; 3588e1051a39Sopenharmony_ci} 3589e1051a39Sopenharmony_ci 3590e1051a39Sopenharmony_civoid SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth) 3591e1051a39Sopenharmony_ci{ 3592e1051a39Sopenharmony_ci X509_VERIFY_PARAM_set_depth(ctx->param, depth); 3593e1051a39Sopenharmony_ci} 3594e1051a39Sopenharmony_ci 3595e1051a39Sopenharmony_civoid SSL_CTX_set_cert_cb(SSL_CTX *c, int (*cb) (SSL *ssl, void *arg), void *arg) 3596e1051a39Sopenharmony_ci{ 3597e1051a39Sopenharmony_ci ssl_cert_set_cert_cb(c->cert, cb, arg); 3598e1051a39Sopenharmony_ci} 3599e1051a39Sopenharmony_ci 3600e1051a39Sopenharmony_civoid SSL_set_cert_cb(SSL *s, int (*cb) (SSL *ssl, void *arg), void *arg) 3601e1051a39Sopenharmony_ci{ 3602e1051a39Sopenharmony_ci ssl_cert_set_cert_cb(s->cert, cb, arg); 3603e1051a39Sopenharmony_ci} 3604e1051a39Sopenharmony_ci 3605e1051a39Sopenharmony_civoid ssl_set_masks(SSL *s) 3606e1051a39Sopenharmony_ci{ 3607e1051a39Sopenharmony_ci CERT *c = s->cert; 3608e1051a39Sopenharmony_ci uint32_t *pvalid = s->s3.tmp.valid_flags; 3609e1051a39Sopenharmony_ci int rsa_enc, rsa_sign, dh_tmp, dsa_sign; 3610e1051a39Sopenharmony_ci unsigned long mask_k, mask_a; 3611e1051a39Sopenharmony_ci int have_ecc_cert, ecdsa_ok; 3612e1051a39Sopenharmony_ci 3613e1051a39Sopenharmony_ci if (c == NULL) 3614e1051a39Sopenharmony_ci return; 3615e1051a39Sopenharmony_ci 3616e1051a39Sopenharmony_ci dh_tmp = (c->dh_tmp != NULL 3617e1051a39Sopenharmony_ci || c->dh_tmp_cb != NULL 3618e1051a39Sopenharmony_ci || c->dh_tmp_auto); 3619e1051a39Sopenharmony_ci 3620e1051a39Sopenharmony_ci rsa_enc = pvalid[SSL_PKEY_RSA] & CERT_PKEY_VALID; 3621e1051a39Sopenharmony_ci rsa_sign = pvalid[SSL_PKEY_RSA] & CERT_PKEY_VALID; 3622e1051a39Sopenharmony_ci dsa_sign = pvalid[SSL_PKEY_DSA_SIGN] & CERT_PKEY_VALID; 3623e1051a39Sopenharmony_ci have_ecc_cert = pvalid[SSL_PKEY_ECC] & CERT_PKEY_VALID; 3624e1051a39Sopenharmony_ci mask_k = 0; 3625e1051a39Sopenharmony_ci mask_a = 0; 3626e1051a39Sopenharmony_ci 3627e1051a39Sopenharmony_ci OSSL_TRACE4(TLS_CIPHER, "dh_tmp=%d rsa_enc=%d rsa_sign=%d dsa_sign=%d\n", 3628e1051a39Sopenharmony_ci dh_tmp, rsa_enc, rsa_sign, dsa_sign); 3629e1051a39Sopenharmony_ci 3630e1051a39Sopenharmony_ci#ifndef OPENSSL_NO_GOST 3631e1051a39Sopenharmony_ci if (ssl_has_cert(s, SSL_PKEY_GOST12_512)) { 3632e1051a39Sopenharmony_ci mask_k |= SSL_kGOST | SSL_kGOST18; 3633e1051a39Sopenharmony_ci mask_a |= SSL_aGOST12; 3634e1051a39Sopenharmony_ci } 3635e1051a39Sopenharmony_ci if (ssl_has_cert(s, SSL_PKEY_GOST12_256)) { 3636e1051a39Sopenharmony_ci mask_k |= SSL_kGOST | SSL_kGOST18; 3637e1051a39Sopenharmony_ci mask_a |= SSL_aGOST12; 3638e1051a39Sopenharmony_ci } 3639e1051a39Sopenharmony_ci if (ssl_has_cert(s, SSL_PKEY_GOST01)) { 3640e1051a39Sopenharmony_ci mask_k |= SSL_kGOST; 3641e1051a39Sopenharmony_ci mask_a |= SSL_aGOST01; 3642e1051a39Sopenharmony_ci } 3643e1051a39Sopenharmony_ci#endif 3644e1051a39Sopenharmony_ci 3645e1051a39Sopenharmony_ci if (rsa_enc) 3646e1051a39Sopenharmony_ci mask_k |= SSL_kRSA; 3647e1051a39Sopenharmony_ci 3648e1051a39Sopenharmony_ci if (dh_tmp) 3649e1051a39Sopenharmony_ci mask_k |= SSL_kDHE; 3650e1051a39Sopenharmony_ci 3651e1051a39Sopenharmony_ci /* 3652e1051a39Sopenharmony_ci * If we only have an RSA-PSS certificate allow RSA authentication 3653e1051a39Sopenharmony_ci * if TLS 1.2 and peer supports it. 3654e1051a39Sopenharmony_ci */ 3655e1051a39Sopenharmony_ci 3656e1051a39Sopenharmony_ci if (rsa_enc || rsa_sign || (ssl_has_cert(s, SSL_PKEY_RSA_PSS_SIGN) 3657e1051a39Sopenharmony_ci && pvalid[SSL_PKEY_RSA_PSS_SIGN] & CERT_PKEY_EXPLICIT_SIGN 3658e1051a39Sopenharmony_ci && TLS1_get_version(s) == TLS1_2_VERSION)) 3659e1051a39Sopenharmony_ci mask_a |= SSL_aRSA; 3660e1051a39Sopenharmony_ci 3661e1051a39Sopenharmony_ci if (dsa_sign) { 3662e1051a39Sopenharmony_ci mask_a |= SSL_aDSS; 3663e1051a39Sopenharmony_ci } 3664e1051a39Sopenharmony_ci 3665e1051a39Sopenharmony_ci mask_a |= SSL_aNULL; 3666e1051a39Sopenharmony_ci 3667e1051a39Sopenharmony_ci /* 3668e1051a39Sopenharmony_ci * An ECC certificate may be usable for ECDH and/or ECDSA cipher suites 3669e1051a39Sopenharmony_ci * depending on the key usage extension. 3670e1051a39Sopenharmony_ci */ 3671e1051a39Sopenharmony_ci if (have_ecc_cert) { 3672e1051a39Sopenharmony_ci uint32_t ex_kusage; 3673e1051a39Sopenharmony_ci ex_kusage = X509_get_key_usage(c->pkeys[SSL_PKEY_ECC].x509); 3674e1051a39Sopenharmony_ci ecdsa_ok = ex_kusage & X509v3_KU_DIGITAL_SIGNATURE; 3675e1051a39Sopenharmony_ci if (!(pvalid[SSL_PKEY_ECC] & CERT_PKEY_SIGN)) 3676e1051a39Sopenharmony_ci ecdsa_ok = 0; 3677e1051a39Sopenharmony_ci if (ecdsa_ok) 3678e1051a39Sopenharmony_ci mask_a |= SSL_aECDSA; 3679e1051a39Sopenharmony_ci } 3680e1051a39Sopenharmony_ci /* Allow Ed25519 for TLS 1.2 if peer supports it */ 3681e1051a39Sopenharmony_ci if (!(mask_a & SSL_aECDSA) && ssl_has_cert(s, SSL_PKEY_ED25519) 3682e1051a39Sopenharmony_ci && pvalid[SSL_PKEY_ED25519] & CERT_PKEY_EXPLICIT_SIGN 3683e1051a39Sopenharmony_ci && TLS1_get_version(s) == TLS1_2_VERSION) 3684e1051a39Sopenharmony_ci mask_a |= SSL_aECDSA; 3685e1051a39Sopenharmony_ci 3686e1051a39Sopenharmony_ci /* Allow Ed448 for TLS 1.2 if peer supports it */ 3687e1051a39Sopenharmony_ci if (!(mask_a & SSL_aECDSA) && ssl_has_cert(s, SSL_PKEY_ED448) 3688e1051a39Sopenharmony_ci && pvalid[SSL_PKEY_ED448] & CERT_PKEY_EXPLICIT_SIGN 3689e1051a39Sopenharmony_ci && TLS1_get_version(s) == TLS1_2_VERSION) 3690e1051a39Sopenharmony_ci mask_a |= SSL_aECDSA; 3691e1051a39Sopenharmony_ci 3692e1051a39Sopenharmony_ci mask_k |= SSL_kECDHE; 3693e1051a39Sopenharmony_ci 3694e1051a39Sopenharmony_ci#ifndef OPENSSL_NO_PSK 3695e1051a39Sopenharmony_ci mask_k |= SSL_kPSK; 3696e1051a39Sopenharmony_ci mask_a |= SSL_aPSK; 3697e1051a39Sopenharmony_ci if (mask_k & SSL_kRSA) 3698e1051a39Sopenharmony_ci mask_k |= SSL_kRSAPSK; 3699e1051a39Sopenharmony_ci if (mask_k & SSL_kDHE) 3700e1051a39Sopenharmony_ci mask_k |= SSL_kDHEPSK; 3701e1051a39Sopenharmony_ci if (mask_k & SSL_kECDHE) 3702e1051a39Sopenharmony_ci mask_k |= SSL_kECDHEPSK; 3703e1051a39Sopenharmony_ci#endif 3704e1051a39Sopenharmony_ci 3705e1051a39Sopenharmony_ci s->s3.tmp.mask_k = mask_k; 3706e1051a39Sopenharmony_ci s->s3.tmp.mask_a = mask_a; 3707e1051a39Sopenharmony_ci} 3708e1051a39Sopenharmony_ci 3709e1051a39Sopenharmony_ciint ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s) 3710e1051a39Sopenharmony_ci{ 3711e1051a39Sopenharmony_ci if (s->s3.tmp.new_cipher->algorithm_auth & SSL_aECDSA) { 3712e1051a39Sopenharmony_ci /* key usage, if present, must allow signing */ 3713e1051a39Sopenharmony_ci if (!(X509_get_key_usage(x) & X509v3_KU_DIGITAL_SIGNATURE)) { 3714e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_ECC_CERT_NOT_FOR_SIGNING); 3715e1051a39Sopenharmony_ci return 0; 3716e1051a39Sopenharmony_ci } 3717e1051a39Sopenharmony_ci } 3718e1051a39Sopenharmony_ci return 1; /* all checks are ok */ 3719e1051a39Sopenharmony_ci} 3720e1051a39Sopenharmony_ci 3721e1051a39Sopenharmony_ciint ssl_get_server_cert_serverinfo(SSL *s, const unsigned char **serverinfo, 3722e1051a39Sopenharmony_ci size_t *serverinfo_length) 3723e1051a39Sopenharmony_ci{ 3724e1051a39Sopenharmony_ci CERT_PKEY *cpk = s->s3.tmp.cert; 3725e1051a39Sopenharmony_ci *serverinfo_length = 0; 3726e1051a39Sopenharmony_ci 3727e1051a39Sopenharmony_ci if (cpk == NULL || cpk->serverinfo == NULL) 3728e1051a39Sopenharmony_ci return 0; 3729e1051a39Sopenharmony_ci 3730e1051a39Sopenharmony_ci *serverinfo = cpk->serverinfo; 3731e1051a39Sopenharmony_ci *serverinfo_length = cpk->serverinfo_length; 3732e1051a39Sopenharmony_ci return 1; 3733e1051a39Sopenharmony_ci} 3734e1051a39Sopenharmony_ci 3735e1051a39Sopenharmony_civoid ssl_update_cache(SSL *s, int mode) 3736e1051a39Sopenharmony_ci{ 3737e1051a39Sopenharmony_ci int i; 3738e1051a39Sopenharmony_ci 3739e1051a39Sopenharmony_ci /* 3740e1051a39Sopenharmony_ci * If the session_id_length is 0, we are not supposed to cache it, and it 3741e1051a39Sopenharmony_ci * would be rather hard to do anyway :-). Also if the session has already 3742e1051a39Sopenharmony_ci * been marked as not_resumable we should not cache it for later reuse. 3743e1051a39Sopenharmony_ci */ 3744e1051a39Sopenharmony_ci if (s->session->session_id_length == 0 || s->session->not_resumable) 3745e1051a39Sopenharmony_ci return; 3746e1051a39Sopenharmony_ci 3747e1051a39Sopenharmony_ci /* 3748e1051a39Sopenharmony_ci * If sid_ctx_length is 0 there is no specific application context 3749e1051a39Sopenharmony_ci * associated with this session, so when we try to resume it and 3750e1051a39Sopenharmony_ci * SSL_VERIFY_PEER is requested to verify the client identity, we have no 3751e1051a39Sopenharmony_ci * indication that this is actually a session for the proper application 3752e1051a39Sopenharmony_ci * context, and the *handshake* will fail, not just the resumption attempt. 3753e1051a39Sopenharmony_ci * Do not cache (on the server) these sessions that are not resumable 3754e1051a39Sopenharmony_ci * (clients can set SSL_VERIFY_PEER without needing a sid_ctx set). 3755e1051a39Sopenharmony_ci */ 3756e1051a39Sopenharmony_ci if (s->server && s->session->sid_ctx_length == 0 3757e1051a39Sopenharmony_ci && (s->verify_mode & SSL_VERIFY_PEER) != 0) 3758e1051a39Sopenharmony_ci return; 3759e1051a39Sopenharmony_ci 3760e1051a39Sopenharmony_ci i = s->session_ctx->session_cache_mode; 3761e1051a39Sopenharmony_ci if ((i & mode) != 0 3762e1051a39Sopenharmony_ci && (!s->hit || SSL_IS_TLS13(s))) { 3763e1051a39Sopenharmony_ci /* 3764e1051a39Sopenharmony_ci * Add the session to the internal cache. In server side TLSv1.3 we 3765e1051a39Sopenharmony_ci * normally don't do this because by default it's a full stateless ticket 3766e1051a39Sopenharmony_ci * with only a dummy session id so there is no reason to cache it, 3767e1051a39Sopenharmony_ci * unless: 3768e1051a39Sopenharmony_ci * - we are doing early_data, in which case we cache so that we can 3769e1051a39Sopenharmony_ci * detect replays 3770e1051a39Sopenharmony_ci * - the application has set a remove_session_cb so needs to know about 3771e1051a39Sopenharmony_ci * session timeout events 3772e1051a39Sopenharmony_ci * - SSL_OP_NO_TICKET is set in which case it is a stateful ticket 3773e1051a39Sopenharmony_ci */ 3774e1051a39Sopenharmony_ci if ((i & SSL_SESS_CACHE_NO_INTERNAL_STORE) == 0 3775e1051a39Sopenharmony_ci && (!SSL_IS_TLS13(s) 3776e1051a39Sopenharmony_ci || !s->server 3777e1051a39Sopenharmony_ci || (s->max_early_data > 0 3778e1051a39Sopenharmony_ci && (s->options & SSL_OP_NO_ANTI_REPLAY) == 0) 3779e1051a39Sopenharmony_ci || s->session_ctx->remove_session_cb != NULL 3780e1051a39Sopenharmony_ci || (s->options & SSL_OP_NO_TICKET) != 0)) 3781e1051a39Sopenharmony_ci SSL_CTX_add_session(s->session_ctx, s->session); 3782e1051a39Sopenharmony_ci 3783e1051a39Sopenharmony_ci /* 3784e1051a39Sopenharmony_ci * Add the session to the external cache. We do this even in server side 3785e1051a39Sopenharmony_ci * TLSv1.3 without early data because some applications just want to 3786e1051a39Sopenharmony_ci * know about the creation of a session and aren't doing a full cache. 3787e1051a39Sopenharmony_ci */ 3788e1051a39Sopenharmony_ci if (s->session_ctx->new_session_cb != NULL) { 3789e1051a39Sopenharmony_ci SSL_SESSION_up_ref(s->session); 3790e1051a39Sopenharmony_ci if (!s->session_ctx->new_session_cb(s, s->session)) 3791e1051a39Sopenharmony_ci SSL_SESSION_free(s->session); 3792e1051a39Sopenharmony_ci } 3793e1051a39Sopenharmony_ci } 3794e1051a39Sopenharmony_ci 3795e1051a39Sopenharmony_ci /* auto flush every 255 connections */ 3796e1051a39Sopenharmony_ci if ((!(i & SSL_SESS_CACHE_NO_AUTO_CLEAR)) && ((i & mode) == mode)) { 3797e1051a39Sopenharmony_ci TSAN_QUALIFIER int *stat; 3798e1051a39Sopenharmony_ci 3799e1051a39Sopenharmony_ci if (mode & SSL_SESS_CACHE_CLIENT) 3800e1051a39Sopenharmony_ci stat = &s->session_ctx->stats.sess_connect_good; 3801e1051a39Sopenharmony_ci else 3802e1051a39Sopenharmony_ci stat = &s->session_ctx->stats.sess_accept_good; 3803e1051a39Sopenharmony_ci if ((ssl_tsan_load(s->session_ctx, stat) & 0xff) == 0xff) 3804e1051a39Sopenharmony_ci SSL_CTX_flush_sessions(s->session_ctx, (unsigned long)time(NULL)); 3805e1051a39Sopenharmony_ci } 3806e1051a39Sopenharmony_ci} 3807e1051a39Sopenharmony_ci 3808e1051a39Sopenharmony_ciconst SSL_METHOD *SSL_CTX_get_ssl_method(const SSL_CTX *ctx) 3809e1051a39Sopenharmony_ci{ 3810e1051a39Sopenharmony_ci return ctx->method; 3811e1051a39Sopenharmony_ci} 3812e1051a39Sopenharmony_ci 3813e1051a39Sopenharmony_ciconst SSL_METHOD *SSL_get_ssl_method(const SSL *s) 3814e1051a39Sopenharmony_ci{ 3815e1051a39Sopenharmony_ci return s->method; 3816e1051a39Sopenharmony_ci} 3817e1051a39Sopenharmony_ci 3818e1051a39Sopenharmony_ciint SSL_set_ssl_method(SSL *s, const SSL_METHOD *meth) 3819e1051a39Sopenharmony_ci{ 3820e1051a39Sopenharmony_ci int ret = 1; 3821e1051a39Sopenharmony_ci 3822e1051a39Sopenharmony_ci if (s->method != meth) { 3823e1051a39Sopenharmony_ci const SSL_METHOD *sm = s->method; 3824e1051a39Sopenharmony_ci int (*hf) (SSL *) = s->handshake_func; 3825e1051a39Sopenharmony_ci 3826e1051a39Sopenharmony_ci if (sm->version == meth->version) 3827e1051a39Sopenharmony_ci s->method = meth; 3828e1051a39Sopenharmony_ci else { 3829e1051a39Sopenharmony_ci sm->ssl_free(s); 3830e1051a39Sopenharmony_ci s->method = meth; 3831e1051a39Sopenharmony_ci ret = s->method->ssl_new(s); 3832e1051a39Sopenharmony_ci } 3833e1051a39Sopenharmony_ci 3834e1051a39Sopenharmony_ci if (hf == sm->ssl_connect) 3835e1051a39Sopenharmony_ci s->handshake_func = meth->ssl_connect; 3836e1051a39Sopenharmony_ci else if (hf == sm->ssl_accept) 3837e1051a39Sopenharmony_ci s->handshake_func = meth->ssl_accept; 3838e1051a39Sopenharmony_ci } 3839e1051a39Sopenharmony_ci return ret; 3840e1051a39Sopenharmony_ci} 3841e1051a39Sopenharmony_ci 3842e1051a39Sopenharmony_ciint SSL_get_error(const SSL *s, int i) 3843e1051a39Sopenharmony_ci{ 3844e1051a39Sopenharmony_ci int reason; 3845e1051a39Sopenharmony_ci unsigned long l; 3846e1051a39Sopenharmony_ci BIO *bio; 3847e1051a39Sopenharmony_ci 3848e1051a39Sopenharmony_ci if (i > 0) 3849e1051a39Sopenharmony_ci return SSL_ERROR_NONE; 3850e1051a39Sopenharmony_ci 3851e1051a39Sopenharmony_ci /* 3852e1051a39Sopenharmony_ci * Make things return SSL_ERROR_SYSCALL when doing SSL_do_handshake etc, 3853e1051a39Sopenharmony_ci * where we do encode the error 3854e1051a39Sopenharmony_ci */ 3855e1051a39Sopenharmony_ci if ((l = ERR_peek_error()) != 0) { 3856e1051a39Sopenharmony_ci if (ERR_GET_LIB(l) == ERR_LIB_SYS) 3857e1051a39Sopenharmony_ci return SSL_ERROR_SYSCALL; 3858e1051a39Sopenharmony_ci else 3859e1051a39Sopenharmony_ci return SSL_ERROR_SSL; 3860e1051a39Sopenharmony_ci } 3861e1051a39Sopenharmony_ci 3862e1051a39Sopenharmony_ci if (SSL_want_read(s)) { 3863e1051a39Sopenharmony_ci bio = SSL_get_rbio(s); 3864e1051a39Sopenharmony_ci if (BIO_should_read(bio)) 3865e1051a39Sopenharmony_ci return SSL_ERROR_WANT_READ; 3866e1051a39Sopenharmony_ci else if (BIO_should_write(bio)) 3867e1051a39Sopenharmony_ci /* 3868e1051a39Sopenharmony_ci * This one doesn't make too much sense ... We never try to write 3869e1051a39Sopenharmony_ci * to the rbio, and an application program where rbio and wbio 3870e1051a39Sopenharmony_ci * are separate couldn't even know what it should wait for. 3871e1051a39Sopenharmony_ci * However if we ever set s->rwstate incorrectly (so that we have 3872e1051a39Sopenharmony_ci * SSL_want_read(s) instead of SSL_want_write(s)) and rbio and 3873e1051a39Sopenharmony_ci * wbio *are* the same, this test works around that bug; so it 3874e1051a39Sopenharmony_ci * might be safer to keep it. 3875e1051a39Sopenharmony_ci */ 3876e1051a39Sopenharmony_ci return SSL_ERROR_WANT_WRITE; 3877e1051a39Sopenharmony_ci else if (BIO_should_io_special(bio)) { 3878e1051a39Sopenharmony_ci reason = BIO_get_retry_reason(bio); 3879e1051a39Sopenharmony_ci if (reason == BIO_RR_CONNECT) 3880e1051a39Sopenharmony_ci return SSL_ERROR_WANT_CONNECT; 3881e1051a39Sopenharmony_ci else if (reason == BIO_RR_ACCEPT) 3882e1051a39Sopenharmony_ci return SSL_ERROR_WANT_ACCEPT; 3883e1051a39Sopenharmony_ci else 3884e1051a39Sopenharmony_ci return SSL_ERROR_SYSCALL; /* unknown */ 3885e1051a39Sopenharmony_ci } 3886e1051a39Sopenharmony_ci } 3887e1051a39Sopenharmony_ci 3888e1051a39Sopenharmony_ci if (SSL_want_write(s)) { 3889e1051a39Sopenharmony_ci /* Access wbio directly - in order to use the buffered bio if present */ 3890e1051a39Sopenharmony_ci bio = s->wbio; 3891e1051a39Sopenharmony_ci if (BIO_should_write(bio)) 3892e1051a39Sopenharmony_ci return SSL_ERROR_WANT_WRITE; 3893e1051a39Sopenharmony_ci else if (BIO_should_read(bio)) 3894e1051a39Sopenharmony_ci /* 3895e1051a39Sopenharmony_ci * See above (SSL_want_read(s) with BIO_should_write(bio)) 3896e1051a39Sopenharmony_ci */ 3897e1051a39Sopenharmony_ci return SSL_ERROR_WANT_READ; 3898e1051a39Sopenharmony_ci else if (BIO_should_io_special(bio)) { 3899e1051a39Sopenharmony_ci reason = BIO_get_retry_reason(bio); 3900e1051a39Sopenharmony_ci if (reason == BIO_RR_CONNECT) 3901e1051a39Sopenharmony_ci return SSL_ERROR_WANT_CONNECT; 3902e1051a39Sopenharmony_ci else if (reason == BIO_RR_ACCEPT) 3903e1051a39Sopenharmony_ci return SSL_ERROR_WANT_ACCEPT; 3904e1051a39Sopenharmony_ci else 3905e1051a39Sopenharmony_ci return SSL_ERROR_SYSCALL; 3906e1051a39Sopenharmony_ci } 3907e1051a39Sopenharmony_ci } 3908e1051a39Sopenharmony_ci if (SSL_want_x509_lookup(s)) 3909e1051a39Sopenharmony_ci return SSL_ERROR_WANT_X509_LOOKUP; 3910e1051a39Sopenharmony_ci if (SSL_want_retry_verify(s)) 3911e1051a39Sopenharmony_ci return SSL_ERROR_WANT_RETRY_VERIFY; 3912e1051a39Sopenharmony_ci if (SSL_want_async(s)) 3913e1051a39Sopenharmony_ci return SSL_ERROR_WANT_ASYNC; 3914e1051a39Sopenharmony_ci if (SSL_want_async_job(s)) 3915e1051a39Sopenharmony_ci return SSL_ERROR_WANT_ASYNC_JOB; 3916e1051a39Sopenharmony_ci if (SSL_want_client_hello_cb(s)) 3917e1051a39Sopenharmony_ci return SSL_ERROR_WANT_CLIENT_HELLO_CB; 3918e1051a39Sopenharmony_ci 3919e1051a39Sopenharmony_ci if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) && 3920e1051a39Sopenharmony_ci (s->s3.warn_alert == SSL_AD_CLOSE_NOTIFY)) 3921e1051a39Sopenharmony_ci return SSL_ERROR_ZERO_RETURN; 3922e1051a39Sopenharmony_ci 3923e1051a39Sopenharmony_ci return SSL_ERROR_SYSCALL; 3924e1051a39Sopenharmony_ci} 3925e1051a39Sopenharmony_ci 3926e1051a39Sopenharmony_cistatic int ssl_do_handshake_intern(void *vargs) 3927e1051a39Sopenharmony_ci{ 3928e1051a39Sopenharmony_ci struct ssl_async_args *args; 3929e1051a39Sopenharmony_ci SSL *s; 3930e1051a39Sopenharmony_ci 3931e1051a39Sopenharmony_ci args = (struct ssl_async_args *)vargs; 3932e1051a39Sopenharmony_ci s = args->s; 3933e1051a39Sopenharmony_ci 3934e1051a39Sopenharmony_ci return s->handshake_func(s); 3935e1051a39Sopenharmony_ci} 3936e1051a39Sopenharmony_ci 3937e1051a39Sopenharmony_ciint SSL_do_handshake(SSL *s) 3938e1051a39Sopenharmony_ci{ 3939e1051a39Sopenharmony_ci int ret = 1; 3940e1051a39Sopenharmony_ci 3941e1051a39Sopenharmony_ci if (s->handshake_func == NULL) { 3942e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_CONNECTION_TYPE_NOT_SET); 3943e1051a39Sopenharmony_ci return -1; 3944e1051a39Sopenharmony_ci } 3945e1051a39Sopenharmony_ci 3946e1051a39Sopenharmony_ci ossl_statem_check_finish_init(s, -1); 3947e1051a39Sopenharmony_ci 3948e1051a39Sopenharmony_ci s->method->ssl_renegotiate_check(s, 0); 3949e1051a39Sopenharmony_ci 3950e1051a39Sopenharmony_ci if (SSL_in_init(s) || SSL_in_before(s)) { 3951e1051a39Sopenharmony_ci if ((s->mode & SSL_MODE_ASYNC) && ASYNC_get_current_job() == NULL) { 3952e1051a39Sopenharmony_ci struct ssl_async_args args; 3953e1051a39Sopenharmony_ci 3954e1051a39Sopenharmony_ci memset(&args, 0, sizeof(args)); 3955e1051a39Sopenharmony_ci args.s = s; 3956e1051a39Sopenharmony_ci 3957e1051a39Sopenharmony_ci ret = ssl_start_async_job(s, &args, ssl_do_handshake_intern); 3958e1051a39Sopenharmony_ci } else { 3959e1051a39Sopenharmony_ci ret = s->handshake_func(s); 3960e1051a39Sopenharmony_ci } 3961e1051a39Sopenharmony_ci } 3962e1051a39Sopenharmony_ci return ret; 3963e1051a39Sopenharmony_ci} 3964e1051a39Sopenharmony_ci 3965e1051a39Sopenharmony_civoid SSL_set_accept_state(SSL *s) 3966e1051a39Sopenharmony_ci{ 3967e1051a39Sopenharmony_ci s->server = 1; 3968e1051a39Sopenharmony_ci s->shutdown = 0; 3969e1051a39Sopenharmony_ci ossl_statem_clear(s); 3970e1051a39Sopenharmony_ci s->handshake_func = s->method->ssl_accept; 3971e1051a39Sopenharmony_ci clear_ciphers(s); 3972e1051a39Sopenharmony_ci} 3973e1051a39Sopenharmony_ci 3974e1051a39Sopenharmony_civoid SSL_set_connect_state(SSL *s) 3975e1051a39Sopenharmony_ci{ 3976e1051a39Sopenharmony_ci s->server = 0; 3977e1051a39Sopenharmony_ci s->shutdown = 0; 3978e1051a39Sopenharmony_ci ossl_statem_clear(s); 3979e1051a39Sopenharmony_ci s->handshake_func = s->method->ssl_connect; 3980e1051a39Sopenharmony_ci clear_ciphers(s); 3981e1051a39Sopenharmony_ci} 3982e1051a39Sopenharmony_ci 3983e1051a39Sopenharmony_ciint ssl_undefined_function(SSL *s) 3984e1051a39Sopenharmony_ci{ 3985e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3986e1051a39Sopenharmony_ci return 0; 3987e1051a39Sopenharmony_ci} 3988e1051a39Sopenharmony_ci 3989e1051a39Sopenharmony_ciint ssl_undefined_void_function(void) 3990e1051a39Sopenharmony_ci{ 3991e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3992e1051a39Sopenharmony_ci return 0; 3993e1051a39Sopenharmony_ci} 3994e1051a39Sopenharmony_ci 3995e1051a39Sopenharmony_ciint ssl_undefined_const_function(const SSL *s) 3996e1051a39Sopenharmony_ci{ 3997e1051a39Sopenharmony_ci return 0; 3998e1051a39Sopenharmony_ci} 3999e1051a39Sopenharmony_ci 4000e1051a39Sopenharmony_ciconst SSL_METHOD *ssl_bad_method(int ver) 4001e1051a39Sopenharmony_ci{ 4002e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 4003e1051a39Sopenharmony_ci return NULL; 4004e1051a39Sopenharmony_ci} 4005e1051a39Sopenharmony_ci 4006e1051a39Sopenharmony_ciconst char *ssl_protocol_to_string(int version) 4007e1051a39Sopenharmony_ci{ 4008e1051a39Sopenharmony_ci switch(version) 4009e1051a39Sopenharmony_ci { 4010e1051a39Sopenharmony_ci case TLS1_3_VERSION: 4011e1051a39Sopenharmony_ci return "TLSv1.3"; 4012e1051a39Sopenharmony_ci 4013e1051a39Sopenharmony_ci case TLS1_2_VERSION: 4014e1051a39Sopenharmony_ci return "TLSv1.2"; 4015e1051a39Sopenharmony_ci 4016e1051a39Sopenharmony_ci case TLS1_1_VERSION: 4017e1051a39Sopenharmony_ci return "TLSv1.1"; 4018e1051a39Sopenharmony_ci 4019e1051a39Sopenharmony_ci case TLS1_VERSION: 4020e1051a39Sopenharmony_ci return "TLSv1"; 4021e1051a39Sopenharmony_ci 4022e1051a39Sopenharmony_ci case SSL3_VERSION: 4023e1051a39Sopenharmony_ci return "SSLv3"; 4024e1051a39Sopenharmony_ci 4025e1051a39Sopenharmony_ci case DTLS1_BAD_VER: 4026e1051a39Sopenharmony_ci return "DTLSv0.9"; 4027e1051a39Sopenharmony_ci 4028e1051a39Sopenharmony_ci case DTLS1_VERSION: 4029e1051a39Sopenharmony_ci return "DTLSv1"; 4030e1051a39Sopenharmony_ci 4031e1051a39Sopenharmony_ci case DTLS1_2_VERSION: 4032e1051a39Sopenharmony_ci return "DTLSv1.2"; 4033e1051a39Sopenharmony_ci 4034e1051a39Sopenharmony_ci default: 4035e1051a39Sopenharmony_ci return "unknown"; 4036e1051a39Sopenharmony_ci } 4037e1051a39Sopenharmony_ci} 4038e1051a39Sopenharmony_ci 4039e1051a39Sopenharmony_ciconst char *SSL_get_version(const SSL *s) 4040e1051a39Sopenharmony_ci{ 4041e1051a39Sopenharmony_ci return ssl_protocol_to_string(s->version); 4042e1051a39Sopenharmony_ci} 4043e1051a39Sopenharmony_ci 4044e1051a39Sopenharmony_cistatic int dup_ca_names(STACK_OF(X509_NAME) **dst, STACK_OF(X509_NAME) *src) 4045e1051a39Sopenharmony_ci{ 4046e1051a39Sopenharmony_ci STACK_OF(X509_NAME) *sk; 4047e1051a39Sopenharmony_ci X509_NAME *xn; 4048e1051a39Sopenharmony_ci int i; 4049e1051a39Sopenharmony_ci 4050e1051a39Sopenharmony_ci if (src == NULL) { 4051e1051a39Sopenharmony_ci *dst = NULL; 4052e1051a39Sopenharmony_ci return 1; 4053e1051a39Sopenharmony_ci } 4054e1051a39Sopenharmony_ci 4055e1051a39Sopenharmony_ci if ((sk = sk_X509_NAME_new_null()) == NULL) 4056e1051a39Sopenharmony_ci return 0; 4057e1051a39Sopenharmony_ci for (i = 0; i < sk_X509_NAME_num(src); i++) { 4058e1051a39Sopenharmony_ci xn = X509_NAME_dup(sk_X509_NAME_value(src, i)); 4059e1051a39Sopenharmony_ci if (xn == NULL) { 4060e1051a39Sopenharmony_ci sk_X509_NAME_pop_free(sk, X509_NAME_free); 4061e1051a39Sopenharmony_ci return 0; 4062e1051a39Sopenharmony_ci } 4063e1051a39Sopenharmony_ci if (sk_X509_NAME_insert(sk, xn, i) == 0) { 4064e1051a39Sopenharmony_ci X509_NAME_free(xn); 4065e1051a39Sopenharmony_ci sk_X509_NAME_pop_free(sk, X509_NAME_free); 4066e1051a39Sopenharmony_ci return 0; 4067e1051a39Sopenharmony_ci } 4068e1051a39Sopenharmony_ci } 4069e1051a39Sopenharmony_ci *dst = sk; 4070e1051a39Sopenharmony_ci 4071e1051a39Sopenharmony_ci return 1; 4072e1051a39Sopenharmony_ci} 4073e1051a39Sopenharmony_ci 4074e1051a39Sopenharmony_ciSSL *SSL_dup(SSL *s) 4075e1051a39Sopenharmony_ci{ 4076e1051a39Sopenharmony_ci SSL *ret; 4077e1051a39Sopenharmony_ci int i; 4078e1051a39Sopenharmony_ci 4079e1051a39Sopenharmony_ci /* If we're not quiescent, just up_ref! */ 4080e1051a39Sopenharmony_ci if (!SSL_in_init(s) || !SSL_in_before(s)) { 4081e1051a39Sopenharmony_ci CRYPTO_UP_REF(&s->references, &i, s->lock); 4082e1051a39Sopenharmony_ci return s; 4083e1051a39Sopenharmony_ci } 4084e1051a39Sopenharmony_ci 4085e1051a39Sopenharmony_ci /* 4086e1051a39Sopenharmony_ci * Otherwise, copy configuration state, and session if set. 4087e1051a39Sopenharmony_ci */ 4088e1051a39Sopenharmony_ci if ((ret = SSL_new(SSL_get_SSL_CTX(s))) == NULL) 4089e1051a39Sopenharmony_ci return NULL; 4090e1051a39Sopenharmony_ci 4091e1051a39Sopenharmony_ci if (s->session != NULL) { 4092e1051a39Sopenharmony_ci /* 4093e1051a39Sopenharmony_ci * Arranges to share the same session via up_ref. This "copies" 4094e1051a39Sopenharmony_ci * session-id, SSL_METHOD, sid_ctx, and 'cert' 4095e1051a39Sopenharmony_ci */ 4096e1051a39Sopenharmony_ci if (!SSL_copy_session_id(ret, s)) 4097e1051a39Sopenharmony_ci goto err; 4098e1051a39Sopenharmony_ci } else { 4099e1051a39Sopenharmony_ci /* 4100e1051a39Sopenharmony_ci * No session has been established yet, so we have to expect that 4101e1051a39Sopenharmony_ci * s->cert or ret->cert will be changed later -- they should not both 4102e1051a39Sopenharmony_ci * point to the same object, and thus we can't use 4103e1051a39Sopenharmony_ci * SSL_copy_session_id. 4104e1051a39Sopenharmony_ci */ 4105e1051a39Sopenharmony_ci if (!SSL_set_ssl_method(ret, s->method)) 4106e1051a39Sopenharmony_ci goto err; 4107e1051a39Sopenharmony_ci 4108e1051a39Sopenharmony_ci if (s->cert != NULL) { 4109e1051a39Sopenharmony_ci ssl_cert_free(ret->cert); 4110e1051a39Sopenharmony_ci ret->cert = ssl_cert_dup(s->cert); 4111e1051a39Sopenharmony_ci if (ret->cert == NULL) 4112e1051a39Sopenharmony_ci goto err; 4113e1051a39Sopenharmony_ci } 4114e1051a39Sopenharmony_ci 4115e1051a39Sopenharmony_ci if (!SSL_set_session_id_context(ret, s->sid_ctx, 4116e1051a39Sopenharmony_ci (int)s->sid_ctx_length)) 4117e1051a39Sopenharmony_ci goto err; 4118e1051a39Sopenharmony_ci } 4119e1051a39Sopenharmony_ci 4120e1051a39Sopenharmony_ci if (!ssl_dane_dup(ret, s)) 4121e1051a39Sopenharmony_ci goto err; 4122e1051a39Sopenharmony_ci ret->version = s->version; 4123e1051a39Sopenharmony_ci ret->options = s->options; 4124e1051a39Sopenharmony_ci ret->min_proto_version = s->min_proto_version; 4125e1051a39Sopenharmony_ci ret->max_proto_version = s->max_proto_version; 4126e1051a39Sopenharmony_ci ret->mode = s->mode; 4127e1051a39Sopenharmony_ci SSL_set_max_cert_list(ret, SSL_get_max_cert_list(s)); 4128e1051a39Sopenharmony_ci SSL_set_read_ahead(ret, SSL_get_read_ahead(s)); 4129e1051a39Sopenharmony_ci ret->msg_callback = s->msg_callback; 4130e1051a39Sopenharmony_ci ret->msg_callback_arg = s->msg_callback_arg; 4131e1051a39Sopenharmony_ci SSL_set_verify(ret, SSL_get_verify_mode(s), SSL_get_verify_callback(s)); 4132e1051a39Sopenharmony_ci SSL_set_verify_depth(ret, SSL_get_verify_depth(s)); 4133e1051a39Sopenharmony_ci ret->generate_session_id = s->generate_session_id; 4134e1051a39Sopenharmony_ci 4135e1051a39Sopenharmony_ci SSL_set_info_callback(ret, SSL_get_info_callback(s)); 4136e1051a39Sopenharmony_ci 4137e1051a39Sopenharmony_ci /* copy app data, a little dangerous perhaps */ 4138e1051a39Sopenharmony_ci if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL, &ret->ex_data, &s->ex_data)) 4139e1051a39Sopenharmony_ci goto err; 4140e1051a39Sopenharmony_ci 4141e1051a39Sopenharmony_ci ret->server = s->server; 4142e1051a39Sopenharmony_ci if (s->handshake_func) { 4143e1051a39Sopenharmony_ci if (s->server) 4144e1051a39Sopenharmony_ci SSL_set_accept_state(ret); 4145e1051a39Sopenharmony_ci else 4146e1051a39Sopenharmony_ci SSL_set_connect_state(ret); 4147e1051a39Sopenharmony_ci } 4148e1051a39Sopenharmony_ci ret->shutdown = s->shutdown; 4149e1051a39Sopenharmony_ci ret->hit = s->hit; 4150e1051a39Sopenharmony_ci 4151e1051a39Sopenharmony_ci ret->default_passwd_callback = s->default_passwd_callback; 4152e1051a39Sopenharmony_ci ret->default_passwd_callback_userdata = s->default_passwd_callback_userdata; 4153e1051a39Sopenharmony_ci 4154e1051a39Sopenharmony_ci X509_VERIFY_PARAM_inherit(ret->param, s->param); 4155e1051a39Sopenharmony_ci 4156e1051a39Sopenharmony_ci /* dup the cipher_list and cipher_list_by_id stacks */ 4157e1051a39Sopenharmony_ci if (s->cipher_list != NULL) { 4158e1051a39Sopenharmony_ci if ((ret->cipher_list = sk_SSL_CIPHER_dup(s->cipher_list)) == NULL) 4159e1051a39Sopenharmony_ci goto err; 4160e1051a39Sopenharmony_ci } 4161e1051a39Sopenharmony_ci if (s->cipher_list_by_id != NULL) 4162e1051a39Sopenharmony_ci if ((ret->cipher_list_by_id = sk_SSL_CIPHER_dup(s->cipher_list_by_id)) 4163e1051a39Sopenharmony_ci == NULL) 4164e1051a39Sopenharmony_ci goto err; 4165e1051a39Sopenharmony_ci 4166e1051a39Sopenharmony_ci /* Dup the client_CA list */ 4167e1051a39Sopenharmony_ci if (!dup_ca_names(&ret->ca_names, s->ca_names) 4168e1051a39Sopenharmony_ci || !dup_ca_names(&ret->client_ca_names, s->client_ca_names)) 4169e1051a39Sopenharmony_ci goto err; 4170e1051a39Sopenharmony_ci 4171e1051a39Sopenharmony_ci return ret; 4172e1051a39Sopenharmony_ci 4173e1051a39Sopenharmony_ci err: 4174e1051a39Sopenharmony_ci SSL_free(ret); 4175e1051a39Sopenharmony_ci return NULL; 4176e1051a39Sopenharmony_ci} 4177e1051a39Sopenharmony_ci 4178e1051a39Sopenharmony_civoid ssl_clear_cipher_ctx(SSL *s) 4179e1051a39Sopenharmony_ci{ 4180e1051a39Sopenharmony_ci if (s->enc_read_ctx != NULL) { 4181e1051a39Sopenharmony_ci EVP_CIPHER_CTX_free(s->enc_read_ctx); 4182e1051a39Sopenharmony_ci s->enc_read_ctx = NULL; 4183e1051a39Sopenharmony_ci } 4184e1051a39Sopenharmony_ci if (s->enc_write_ctx != NULL) { 4185e1051a39Sopenharmony_ci EVP_CIPHER_CTX_free(s->enc_write_ctx); 4186e1051a39Sopenharmony_ci s->enc_write_ctx = NULL; 4187e1051a39Sopenharmony_ci } 4188e1051a39Sopenharmony_ci#ifndef OPENSSL_NO_COMP 4189e1051a39Sopenharmony_ci COMP_CTX_free(s->expand); 4190e1051a39Sopenharmony_ci s->expand = NULL; 4191e1051a39Sopenharmony_ci COMP_CTX_free(s->compress); 4192e1051a39Sopenharmony_ci s->compress = NULL; 4193e1051a39Sopenharmony_ci#endif 4194e1051a39Sopenharmony_ci} 4195e1051a39Sopenharmony_ci 4196e1051a39Sopenharmony_ciX509 *SSL_get_certificate(const SSL *s) 4197e1051a39Sopenharmony_ci{ 4198e1051a39Sopenharmony_ci if (s->cert != NULL) 4199e1051a39Sopenharmony_ci return s->cert->key->x509; 4200e1051a39Sopenharmony_ci else 4201e1051a39Sopenharmony_ci return NULL; 4202e1051a39Sopenharmony_ci} 4203e1051a39Sopenharmony_ci 4204e1051a39Sopenharmony_ciEVP_PKEY *SSL_get_privatekey(const SSL *s) 4205e1051a39Sopenharmony_ci{ 4206e1051a39Sopenharmony_ci if (s->cert != NULL) 4207e1051a39Sopenharmony_ci return s->cert->key->privatekey; 4208e1051a39Sopenharmony_ci else 4209e1051a39Sopenharmony_ci return NULL; 4210e1051a39Sopenharmony_ci} 4211e1051a39Sopenharmony_ci 4212e1051a39Sopenharmony_ciX509 *SSL_CTX_get0_certificate(const SSL_CTX *ctx) 4213e1051a39Sopenharmony_ci{ 4214e1051a39Sopenharmony_ci if (ctx->cert != NULL) 4215e1051a39Sopenharmony_ci return ctx->cert->key->x509; 4216e1051a39Sopenharmony_ci else 4217e1051a39Sopenharmony_ci return NULL; 4218e1051a39Sopenharmony_ci} 4219e1051a39Sopenharmony_ci 4220e1051a39Sopenharmony_ciEVP_PKEY *SSL_CTX_get0_privatekey(const SSL_CTX *ctx) 4221e1051a39Sopenharmony_ci{ 4222e1051a39Sopenharmony_ci if (ctx->cert != NULL) 4223e1051a39Sopenharmony_ci return ctx->cert->key->privatekey; 4224e1051a39Sopenharmony_ci else 4225e1051a39Sopenharmony_ci return NULL; 4226e1051a39Sopenharmony_ci} 4227e1051a39Sopenharmony_ci 4228e1051a39Sopenharmony_ciconst SSL_CIPHER *SSL_get_current_cipher(const SSL *s) 4229e1051a39Sopenharmony_ci{ 4230e1051a39Sopenharmony_ci if ((s->session != NULL) && (s->session->cipher != NULL)) 4231e1051a39Sopenharmony_ci return s->session->cipher; 4232e1051a39Sopenharmony_ci return NULL; 4233e1051a39Sopenharmony_ci} 4234e1051a39Sopenharmony_ci 4235e1051a39Sopenharmony_ciconst SSL_CIPHER *SSL_get_pending_cipher(const SSL *s) 4236e1051a39Sopenharmony_ci{ 4237e1051a39Sopenharmony_ci return s->s3.tmp.new_cipher; 4238e1051a39Sopenharmony_ci} 4239e1051a39Sopenharmony_ci 4240e1051a39Sopenharmony_ciconst COMP_METHOD *SSL_get_current_compression(const SSL *s) 4241e1051a39Sopenharmony_ci{ 4242e1051a39Sopenharmony_ci#ifndef OPENSSL_NO_COMP 4243e1051a39Sopenharmony_ci return s->compress ? COMP_CTX_get_method(s->compress) : NULL; 4244e1051a39Sopenharmony_ci#else 4245e1051a39Sopenharmony_ci return NULL; 4246e1051a39Sopenharmony_ci#endif 4247e1051a39Sopenharmony_ci} 4248e1051a39Sopenharmony_ci 4249e1051a39Sopenharmony_ciconst COMP_METHOD *SSL_get_current_expansion(const SSL *s) 4250e1051a39Sopenharmony_ci{ 4251e1051a39Sopenharmony_ci#ifndef OPENSSL_NO_COMP 4252e1051a39Sopenharmony_ci return s->expand ? COMP_CTX_get_method(s->expand) : NULL; 4253e1051a39Sopenharmony_ci#else 4254e1051a39Sopenharmony_ci return NULL; 4255e1051a39Sopenharmony_ci#endif 4256e1051a39Sopenharmony_ci} 4257e1051a39Sopenharmony_ci 4258e1051a39Sopenharmony_ciint ssl_init_wbio_buffer(SSL *s) 4259e1051a39Sopenharmony_ci{ 4260e1051a39Sopenharmony_ci BIO *bbio; 4261e1051a39Sopenharmony_ci 4262e1051a39Sopenharmony_ci if (s->bbio != NULL) { 4263e1051a39Sopenharmony_ci /* Already buffered. */ 4264e1051a39Sopenharmony_ci return 1; 4265e1051a39Sopenharmony_ci } 4266e1051a39Sopenharmony_ci 4267e1051a39Sopenharmony_ci bbio = BIO_new(BIO_f_buffer()); 4268e1051a39Sopenharmony_ci if (bbio == NULL || BIO_set_read_buffer_size(bbio, 1) <= 0) { 4269e1051a39Sopenharmony_ci BIO_free(bbio); 4270e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, ERR_R_BUF_LIB); 4271e1051a39Sopenharmony_ci return 0; 4272e1051a39Sopenharmony_ci } 4273e1051a39Sopenharmony_ci s->bbio = bbio; 4274e1051a39Sopenharmony_ci s->wbio = BIO_push(bbio, s->wbio); 4275e1051a39Sopenharmony_ci 4276e1051a39Sopenharmony_ci return 1; 4277e1051a39Sopenharmony_ci} 4278e1051a39Sopenharmony_ci 4279e1051a39Sopenharmony_ciint ssl_free_wbio_buffer(SSL *s) 4280e1051a39Sopenharmony_ci{ 4281e1051a39Sopenharmony_ci /* callers ensure s is never null */ 4282e1051a39Sopenharmony_ci if (s->bbio == NULL) 4283e1051a39Sopenharmony_ci return 1; 4284e1051a39Sopenharmony_ci 4285e1051a39Sopenharmony_ci s->wbio = BIO_pop(s->wbio); 4286e1051a39Sopenharmony_ci BIO_free(s->bbio); 4287e1051a39Sopenharmony_ci s->bbio = NULL; 4288e1051a39Sopenharmony_ci 4289e1051a39Sopenharmony_ci return 1; 4290e1051a39Sopenharmony_ci} 4291e1051a39Sopenharmony_ci 4292e1051a39Sopenharmony_civoid SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode) 4293e1051a39Sopenharmony_ci{ 4294e1051a39Sopenharmony_ci ctx->quiet_shutdown = mode; 4295e1051a39Sopenharmony_ci} 4296e1051a39Sopenharmony_ci 4297e1051a39Sopenharmony_ciint SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx) 4298e1051a39Sopenharmony_ci{ 4299e1051a39Sopenharmony_ci return ctx->quiet_shutdown; 4300e1051a39Sopenharmony_ci} 4301e1051a39Sopenharmony_ci 4302e1051a39Sopenharmony_civoid SSL_set_quiet_shutdown(SSL *s, int mode) 4303e1051a39Sopenharmony_ci{ 4304e1051a39Sopenharmony_ci s->quiet_shutdown = mode; 4305e1051a39Sopenharmony_ci} 4306e1051a39Sopenharmony_ci 4307e1051a39Sopenharmony_ciint SSL_get_quiet_shutdown(const SSL *s) 4308e1051a39Sopenharmony_ci{ 4309e1051a39Sopenharmony_ci return s->quiet_shutdown; 4310e1051a39Sopenharmony_ci} 4311e1051a39Sopenharmony_ci 4312e1051a39Sopenharmony_civoid SSL_set_shutdown(SSL *s, int mode) 4313e1051a39Sopenharmony_ci{ 4314e1051a39Sopenharmony_ci s->shutdown = mode; 4315e1051a39Sopenharmony_ci} 4316e1051a39Sopenharmony_ci 4317e1051a39Sopenharmony_ciint SSL_get_shutdown(const SSL *s) 4318e1051a39Sopenharmony_ci{ 4319e1051a39Sopenharmony_ci return s->shutdown; 4320e1051a39Sopenharmony_ci} 4321e1051a39Sopenharmony_ci 4322e1051a39Sopenharmony_ciint SSL_version(const SSL *s) 4323e1051a39Sopenharmony_ci{ 4324e1051a39Sopenharmony_ci return s->version; 4325e1051a39Sopenharmony_ci} 4326e1051a39Sopenharmony_ci 4327e1051a39Sopenharmony_ciint SSL_client_version(const SSL *s) 4328e1051a39Sopenharmony_ci{ 4329e1051a39Sopenharmony_ci return s->client_version; 4330e1051a39Sopenharmony_ci} 4331e1051a39Sopenharmony_ci 4332e1051a39Sopenharmony_ciSSL_CTX *SSL_get_SSL_CTX(const SSL *ssl) 4333e1051a39Sopenharmony_ci{ 4334e1051a39Sopenharmony_ci return ssl->ctx; 4335e1051a39Sopenharmony_ci} 4336e1051a39Sopenharmony_ci 4337e1051a39Sopenharmony_ciSSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX *ctx) 4338e1051a39Sopenharmony_ci{ 4339e1051a39Sopenharmony_ci CERT *new_cert; 4340e1051a39Sopenharmony_ci if (ssl->ctx == ctx) 4341e1051a39Sopenharmony_ci return ssl->ctx; 4342e1051a39Sopenharmony_ci if (ctx == NULL) 4343e1051a39Sopenharmony_ci ctx = ssl->session_ctx; 4344e1051a39Sopenharmony_ci new_cert = ssl_cert_dup(ctx->cert); 4345e1051a39Sopenharmony_ci if (new_cert == NULL) { 4346e1051a39Sopenharmony_ci return NULL; 4347e1051a39Sopenharmony_ci } 4348e1051a39Sopenharmony_ci 4349e1051a39Sopenharmony_ci if (!custom_exts_copy_flags(&new_cert->custext, &ssl->cert->custext)) { 4350e1051a39Sopenharmony_ci ssl_cert_free(new_cert); 4351e1051a39Sopenharmony_ci return NULL; 4352e1051a39Sopenharmony_ci } 4353e1051a39Sopenharmony_ci 4354e1051a39Sopenharmony_ci ssl_cert_free(ssl->cert); 4355e1051a39Sopenharmony_ci ssl->cert = new_cert; 4356e1051a39Sopenharmony_ci 4357e1051a39Sopenharmony_ci /* 4358e1051a39Sopenharmony_ci * Program invariant: |sid_ctx| has fixed size (SSL_MAX_SID_CTX_LENGTH), 4359e1051a39Sopenharmony_ci * so setter APIs must prevent invalid lengths from entering the system. 4360e1051a39Sopenharmony_ci */ 4361e1051a39Sopenharmony_ci if (!ossl_assert(ssl->sid_ctx_length <= sizeof(ssl->sid_ctx))) 4362e1051a39Sopenharmony_ci return NULL; 4363e1051a39Sopenharmony_ci 4364e1051a39Sopenharmony_ci /* 4365e1051a39Sopenharmony_ci * If the session ID context matches that of the parent SSL_CTX, 4366e1051a39Sopenharmony_ci * inherit it from the new SSL_CTX as well. If however the context does 4367e1051a39Sopenharmony_ci * not match (i.e., it was set per-ssl with SSL_set_session_id_context), 4368e1051a39Sopenharmony_ci * leave it unchanged. 4369e1051a39Sopenharmony_ci */ 4370e1051a39Sopenharmony_ci if ((ssl->ctx != NULL) && 4371e1051a39Sopenharmony_ci (ssl->sid_ctx_length == ssl->ctx->sid_ctx_length) && 4372e1051a39Sopenharmony_ci (memcmp(ssl->sid_ctx, ssl->ctx->sid_ctx, ssl->sid_ctx_length) == 0)) { 4373e1051a39Sopenharmony_ci ssl->sid_ctx_length = ctx->sid_ctx_length; 4374e1051a39Sopenharmony_ci memcpy(&ssl->sid_ctx, &ctx->sid_ctx, sizeof(ssl->sid_ctx)); 4375e1051a39Sopenharmony_ci } 4376e1051a39Sopenharmony_ci 4377e1051a39Sopenharmony_ci SSL_CTX_up_ref(ctx); 4378e1051a39Sopenharmony_ci SSL_CTX_free(ssl->ctx); /* decrement reference count */ 4379e1051a39Sopenharmony_ci ssl->ctx = ctx; 4380e1051a39Sopenharmony_ci 4381e1051a39Sopenharmony_ci return ssl->ctx; 4382e1051a39Sopenharmony_ci} 4383e1051a39Sopenharmony_ci 4384e1051a39Sopenharmony_ciint SSL_CTX_set_default_verify_paths(SSL_CTX *ctx) 4385e1051a39Sopenharmony_ci{ 4386e1051a39Sopenharmony_ci return X509_STORE_set_default_paths_ex(ctx->cert_store, ctx->libctx, 4387e1051a39Sopenharmony_ci ctx->propq); 4388e1051a39Sopenharmony_ci} 4389e1051a39Sopenharmony_ci 4390e1051a39Sopenharmony_ciint SSL_CTX_set_default_verify_dir(SSL_CTX *ctx) 4391e1051a39Sopenharmony_ci{ 4392e1051a39Sopenharmony_ci X509_LOOKUP *lookup; 4393e1051a39Sopenharmony_ci 4394e1051a39Sopenharmony_ci lookup = X509_STORE_add_lookup(ctx->cert_store, X509_LOOKUP_hash_dir()); 4395e1051a39Sopenharmony_ci if (lookup == NULL) 4396e1051a39Sopenharmony_ci return 0; 4397e1051a39Sopenharmony_ci 4398e1051a39Sopenharmony_ci /* We ignore errors, in case the directory doesn't exist */ 4399e1051a39Sopenharmony_ci ERR_set_mark(); 4400e1051a39Sopenharmony_ci 4401e1051a39Sopenharmony_ci X509_LOOKUP_add_dir(lookup, NULL, X509_FILETYPE_DEFAULT); 4402e1051a39Sopenharmony_ci 4403e1051a39Sopenharmony_ci ERR_pop_to_mark(); 4404e1051a39Sopenharmony_ci 4405e1051a39Sopenharmony_ci return 1; 4406e1051a39Sopenharmony_ci} 4407e1051a39Sopenharmony_ci 4408e1051a39Sopenharmony_ciint SSL_CTX_set_default_verify_file(SSL_CTX *ctx) 4409e1051a39Sopenharmony_ci{ 4410e1051a39Sopenharmony_ci X509_LOOKUP *lookup; 4411e1051a39Sopenharmony_ci 4412e1051a39Sopenharmony_ci lookup = X509_STORE_add_lookup(ctx->cert_store, X509_LOOKUP_file()); 4413e1051a39Sopenharmony_ci if (lookup == NULL) 4414e1051a39Sopenharmony_ci return 0; 4415e1051a39Sopenharmony_ci 4416e1051a39Sopenharmony_ci /* We ignore errors, in case the file doesn't exist */ 4417e1051a39Sopenharmony_ci ERR_set_mark(); 4418e1051a39Sopenharmony_ci 4419e1051a39Sopenharmony_ci X509_LOOKUP_load_file_ex(lookup, NULL, X509_FILETYPE_DEFAULT, ctx->libctx, 4420e1051a39Sopenharmony_ci ctx->propq); 4421e1051a39Sopenharmony_ci 4422e1051a39Sopenharmony_ci ERR_pop_to_mark(); 4423e1051a39Sopenharmony_ci 4424e1051a39Sopenharmony_ci return 1; 4425e1051a39Sopenharmony_ci} 4426e1051a39Sopenharmony_ci 4427e1051a39Sopenharmony_ciint SSL_CTX_set_default_verify_store(SSL_CTX *ctx) 4428e1051a39Sopenharmony_ci{ 4429e1051a39Sopenharmony_ci X509_LOOKUP *lookup; 4430e1051a39Sopenharmony_ci 4431e1051a39Sopenharmony_ci lookup = X509_STORE_add_lookup(ctx->cert_store, X509_LOOKUP_store()); 4432e1051a39Sopenharmony_ci if (lookup == NULL) 4433e1051a39Sopenharmony_ci return 0; 4434e1051a39Sopenharmony_ci 4435e1051a39Sopenharmony_ci /* We ignore errors, in case the directory doesn't exist */ 4436e1051a39Sopenharmony_ci ERR_set_mark(); 4437e1051a39Sopenharmony_ci 4438e1051a39Sopenharmony_ci X509_LOOKUP_add_store_ex(lookup, NULL, ctx->libctx, ctx->propq); 4439e1051a39Sopenharmony_ci 4440e1051a39Sopenharmony_ci ERR_pop_to_mark(); 4441e1051a39Sopenharmony_ci 4442e1051a39Sopenharmony_ci return 1; 4443e1051a39Sopenharmony_ci} 4444e1051a39Sopenharmony_ci 4445e1051a39Sopenharmony_ciint SSL_CTX_load_verify_file(SSL_CTX *ctx, const char *CAfile) 4446e1051a39Sopenharmony_ci{ 4447e1051a39Sopenharmony_ci return X509_STORE_load_file_ex(ctx->cert_store, CAfile, ctx->libctx, 4448e1051a39Sopenharmony_ci ctx->propq); 4449e1051a39Sopenharmony_ci} 4450e1051a39Sopenharmony_ci 4451e1051a39Sopenharmony_ciint SSL_CTX_load_verify_dir(SSL_CTX *ctx, const char *CApath) 4452e1051a39Sopenharmony_ci{ 4453e1051a39Sopenharmony_ci return X509_STORE_load_path(ctx->cert_store, CApath); 4454e1051a39Sopenharmony_ci} 4455e1051a39Sopenharmony_ci 4456e1051a39Sopenharmony_ciint SSL_CTX_load_verify_store(SSL_CTX *ctx, const char *CAstore) 4457e1051a39Sopenharmony_ci{ 4458e1051a39Sopenharmony_ci return X509_STORE_load_store_ex(ctx->cert_store, CAstore, ctx->libctx, 4459e1051a39Sopenharmony_ci ctx->propq); 4460e1051a39Sopenharmony_ci} 4461e1051a39Sopenharmony_ci 4462e1051a39Sopenharmony_ciint SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile, 4463e1051a39Sopenharmony_ci const char *CApath) 4464e1051a39Sopenharmony_ci{ 4465e1051a39Sopenharmony_ci if (CAfile == NULL && CApath == NULL) 4466e1051a39Sopenharmony_ci return 0; 4467e1051a39Sopenharmony_ci if (CAfile != NULL && !SSL_CTX_load_verify_file(ctx, CAfile)) 4468e1051a39Sopenharmony_ci return 0; 4469e1051a39Sopenharmony_ci if (CApath != NULL && !SSL_CTX_load_verify_dir(ctx, CApath)) 4470e1051a39Sopenharmony_ci return 0; 4471e1051a39Sopenharmony_ci return 1; 4472e1051a39Sopenharmony_ci} 4473e1051a39Sopenharmony_ci 4474e1051a39Sopenharmony_civoid SSL_set_info_callback(SSL *ssl, 4475e1051a39Sopenharmony_ci void (*cb) (const SSL *ssl, int type, int val)) 4476e1051a39Sopenharmony_ci{ 4477e1051a39Sopenharmony_ci ssl->info_callback = cb; 4478e1051a39Sopenharmony_ci} 4479e1051a39Sopenharmony_ci 4480e1051a39Sopenharmony_ci/* 4481e1051a39Sopenharmony_ci * One compiler (Diab DCC) doesn't like argument names in returned function 4482e1051a39Sopenharmony_ci * pointer. 4483e1051a39Sopenharmony_ci */ 4484e1051a39Sopenharmony_civoid (*SSL_get_info_callback(const SSL *ssl)) (const SSL * /* ssl */ , 4485e1051a39Sopenharmony_ci int /* type */ , 4486e1051a39Sopenharmony_ci int /* val */ ) { 4487e1051a39Sopenharmony_ci return ssl->info_callback; 4488e1051a39Sopenharmony_ci} 4489e1051a39Sopenharmony_ci 4490e1051a39Sopenharmony_civoid SSL_set_verify_result(SSL *ssl, long arg) 4491e1051a39Sopenharmony_ci{ 4492e1051a39Sopenharmony_ci ssl->verify_result = arg; 4493e1051a39Sopenharmony_ci} 4494e1051a39Sopenharmony_ci 4495e1051a39Sopenharmony_cilong SSL_get_verify_result(const SSL *ssl) 4496e1051a39Sopenharmony_ci{ 4497e1051a39Sopenharmony_ci return ssl->verify_result; 4498e1051a39Sopenharmony_ci} 4499e1051a39Sopenharmony_ci 4500e1051a39Sopenharmony_cisize_t SSL_get_client_random(const SSL *ssl, unsigned char *out, size_t outlen) 4501e1051a39Sopenharmony_ci{ 4502e1051a39Sopenharmony_ci if (outlen == 0) 4503e1051a39Sopenharmony_ci return sizeof(ssl->s3.client_random); 4504e1051a39Sopenharmony_ci if (outlen > sizeof(ssl->s3.client_random)) 4505e1051a39Sopenharmony_ci outlen = sizeof(ssl->s3.client_random); 4506e1051a39Sopenharmony_ci memcpy(out, ssl->s3.client_random, outlen); 4507e1051a39Sopenharmony_ci return outlen; 4508e1051a39Sopenharmony_ci} 4509e1051a39Sopenharmony_ci 4510e1051a39Sopenharmony_cisize_t SSL_get_server_random(const SSL *ssl, unsigned char *out, size_t outlen) 4511e1051a39Sopenharmony_ci{ 4512e1051a39Sopenharmony_ci if (outlen == 0) 4513e1051a39Sopenharmony_ci return sizeof(ssl->s3.server_random); 4514e1051a39Sopenharmony_ci if (outlen > sizeof(ssl->s3.server_random)) 4515e1051a39Sopenharmony_ci outlen = sizeof(ssl->s3.server_random); 4516e1051a39Sopenharmony_ci memcpy(out, ssl->s3.server_random, outlen); 4517e1051a39Sopenharmony_ci return outlen; 4518e1051a39Sopenharmony_ci} 4519e1051a39Sopenharmony_ci 4520e1051a39Sopenharmony_cisize_t SSL_SESSION_get_master_key(const SSL_SESSION *session, 4521e1051a39Sopenharmony_ci unsigned char *out, size_t outlen) 4522e1051a39Sopenharmony_ci{ 4523e1051a39Sopenharmony_ci if (outlen == 0) 4524e1051a39Sopenharmony_ci return session->master_key_length; 4525e1051a39Sopenharmony_ci if (outlen > session->master_key_length) 4526e1051a39Sopenharmony_ci outlen = session->master_key_length; 4527e1051a39Sopenharmony_ci memcpy(out, session->master_key, outlen); 4528e1051a39Sopenharmony_ci return outlen; 4529e1051a39Sopenharmony_ci} 4530e1051a39Sopenharmony_ci 4531e1051a39Sopenharmony_ciint SSL_SESSION_set1_master_key(SSL_SESSION *sess, const unsigned char *in, 4532e1051a39Sopenharmony_ci size_t len) 4533e1051a39Sopenharmony_ci{ 4534e1051a39Sopenharmony_ci if (len > sizeof(sess->master_key)) 4535e1051a39Sopenharmony_ci return 0; 4536e1051a39Sopenharmony_ci 4537e1051a39Sopenharmony_ci memcpy(sess->master_key, in, len); 4538e1051a39Sopenharmony_ci sess->master_key_length = len; 4539e1051a39Sopenharmony_ci return 1; 4540e1051a39Sopenharmony_ci} 4541e1051a39Sopenharmony_ci 4542e1051a39Sopenharmony_ci 4543e1051a39Sopenharmony_ciint SSL_set_ex_data(SSL *s, int idx, void *arg) 4544e1051a39Sopenharmony_ci{ 4545e1051a39Sopenharmony_ci return CRYPTO_set_ex_data(&s->ex_data, idx, arg); 4546e1051a39Sopenharmony_ci} 4547e1051a39Sopenharmony_ci 4548e1051a39Sopenharmony_civoid *SSL_get_ex_data(const SSL *s, int idx) 4549e1051a39Sopenharmony_ci{ 4550e1051a39Sopenharmony_ci return CRYPTO_get_ex_data(&s->ex_data, idx); 4551e1051a39Sopenharmony_ci} 4552e1051a39Sopenharmony_ci 4553e1051a39Sopenharmony_ciint SSL_CTX_set_ex_data(SSL_CTX *s, int idx, void *arg) 4554e1051a39Sopenharmony_ci{ 4555e1051a39Sopenharmony_ci return CRYPTO_set_ex_data(&s->ex_data, idx, arg); 4556e1051a39Sopenharmony_ci} 4557e1051a39Sopenharmony_ci 4558e1051a39Sopenharmony_civoid *SSL_CTX_get_ex_data(const SSL_CTX *s, int idx) 4559e1051a39Sopenharmony_ci{ 4560e1051a39Sopenharmony_ci return CRYPTO_get_ex_data(&s->ex_data, idx); 4561e1051a39Sopenharmony_ci} 4562e1051a39Sopenharmony_ci 4563e1051a39Sopenharmony_ciX509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *ctx) 4564e1051a39Sopenharmony_ci{ 4565e1051a39Sopenharmony_ci return ctx->cert_store; 4566e1051a39Sopenharmony_ci} 4567e1051a39Sopenharmony_ci 4568e1051a39Sopenharmony_civoid SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *store) 4569e1051a39Sopenharmony_ci{ 4570e1051a39Sopenharmony_ci X509_STORE_free(ctx->cert_store); 4571e1051a39Sopenharmony_ci ctx->cert_store = store; 4572e1051a39Sopenharmony_ci} 4573e1051a39Sopenharmony_ci 4574e1051a39Sopenharmony_civoid SSL_CTX_set1_cert_store(SSL_CTX *ctx, X509_STORE *store) 4575e1051a39Sopenharmony_ci{ 4576e1051a39Sopenharmony_ci if (store != NULL) 4577e1051a39Sopenharmony_ci X509_STORE_up_ref(store); 4578e1051a39Sopenharmony_ci SSL_CTX_set_cert_store(ctx, store); 4579e1051a39Sopenharmony_ci} 4580e1051a39Sopenharmony_ci 4581e1051a39Sopenharmony_ciint SSL_want(const SSL *s) 4582e1051a39Sopenharmony_ci{ 4583e1051a39Sopenharmony_ci return s->rwstate; 4584e1051a39Sopenharmony_ci} 4585e1051a39Sopenharmony_ci 4586e1051a39Sopenharmony_ci#ifndef OPENSSL_NO_PSK 4587e1051a39Sopenharmony_ciint SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *identity_hint) 4588e1051a39Sopenharmony_ci{ 4589e1051a39Sopenharmony_ci if (identity_hint != NULL && strlen(identity_hint) > PSK_MAX_IDENTITY_LEN) { 4590e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_DATA_LENGTH_TOO_LONG); 4591e1051a39Sopenharmony_ci return 0; 4592e1051a39Sopenharmony_ci } 4593e1051a39Sopenharmony_ci OPENSSL_free(ctx->cert->psk_identity_hint); 4594e1051a39Sopenharmony_ci if (identity_hint != NULL) { 4595e1051a39Sopenharmony_ci ctx->cert->psk_identity_hint = OPENSSL_strdup(identity_hint); 4596e1051a39Sopenharmony_ci if (ctx->cert->psk_identity_hint == NULL) 4597e1051a39Sopenharmony_ci return 0; 4598e1051a39Sopenharmony_ci } else 4599e1051a39Sopenharmony_ci ctx->cert->psk_identity_hint = NULL; 4600e1051a39Sopenharmony_ci return 1; 4601e1051a39Sopenharmony_ci} 4602e1051a39Sopenharmony_ci 4603e1051a39Sopenharmony_ciint SSL_use_psk_identity_hint(SSL *s, const char *identity_hint) 4604e1051a39Sopenharmony_ci{ 4605e1051a39Sopenharmony_ci if (s == NULL) 4606e1051a39Sopenharmony_ci return 0; 4607e1051a39Sopenharmony_ci 4608e1051a39Sopenharmony_ci if (identity_hint != NULL && strlen(identity_hint) > PSK_MAX_IDENTITY_LEN) { 4609e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_DATA_LENGTH_TOO_LONG); 4610e1051a39Sopenharmony_ci return 0; 4611e1051a39Sopenharmony_ci } 4612e1051a39Sopenharmony_ci OPENSSL_free(s->cert->psk_identity_hint); 4613e1051a39Sopenharmony_ci if (identity_hint != NULL) { 4614e1051a39Sopenharmony_ci s->cert->psk_identity_hint = OPENSSL_strdup(identity_hint); 4615e1051a39Sopenharmony_ci if (s->cert->psk_identity_hint == NULL) 4616e1051a39Sopenharmony_ci return 0; 4617e1051a39Sopenharmony_ci } else 4618e1051a39Sopenharmony_ci s->cert->psk_identity_hint = NULL; 4619e1051a39Sopenharmony_ci return 1; 4620e1051a39Sopenharmony_ci} 4621e1051a39Sopenharmony_ci 4622e1051a39Sopenharmony_ciconst char *SSL_get_psk_identity_hint(const SSL *s) 4623e1051a39Sopenharmony_ci{ 4624e1051a39Sopenharmony_ci if (s == NULL || s->session == NULL) 4625e1051a39Sopenharmony_ci return NULL; 4626e1051a39Sopenharmony_ci return s->session->psk_identity_hint; 4627e1051a39Sopenharmony_ci} 4628e1051a39Sopenharmony_ci 4629e1051a39Sopenharmony_ciconst char *SSL_get_psk_identity(const SSL *s) 4630e1051a39Sopenharmony_ci{ 4631e1051a39Sopenharmony_ci if (s == NULL || s->session == NULL) 4632e1051a39Sopenharmony_ci return NULL; 4633e1051a39Sopenharmony_ci return s->session->psk_identity; 4634e1051a39Sopenharmony_ci} 4635e1051a39Sopenharmony_ci 4636e1051a39Sopenharmony_civoid SSL_set_psk_client_callback(SSL *s, SSL_psk_client_cb_func cb) 4637e1051a39Sopenharmony_ci{ 4638e1051a39Sopenharmony_ci s->psk_client_callback = cb; 4639e1051a39Sopenharmony_ci} 4640e1051a39Sopenharmony_ci 4641e1051a39Sopenharmony_civoid SSL_CTX_set_psk_client_callback(SSL_CTX *ctx, SSL_psk_client_cb_func cb) 4642e1051a39Sopenharmony_ci{ 4643e1051a39Sopenharmony_ci ctx->psk_client_callback = cb; 4644e1051a39Sopenharmony_ci} 4645e1051a39Sopenharmony_ci 4646e1051a39Sopenharmony_civoid SSL_set_psk_server_callback(SSL *s, SSL_psk_server_cb_func cb) 4647e1051a39Sopenharmony_ci{ 4648e1051a39Sopenharmony_ci s->psk_server_callback = cb; 4649e1051a39Sopenharmony_ci} 4650e1051a39Sopenharmony_ci 4651e1051a39Sopenharmony_civoid SSL_CTX_set_psk_server_callback(SSL_CTX *ctx, SSL_psk_server_cb_func cb) 4652e1051a39Sopenharmony_ci{ 4653e1051a39Sopenharmony_ci ctx->psk_server_callback = cb; 4654e1051a39Sopenharmony_ci} 4655e1051a39Sopenharmony_ci#endif 4656e1051a39Sopenharmony_ci 4657e1051a39Sopenharmony_civoid SSL_set_psk_find_session_callback(SSL *s, SSL_psk_find_session_cb_func cb) 4658e1051a39Sopenharmony_ci{ 4659e1051a39Sopenharmony_ci s->psk_find_session_cb = cb; 4660e1051a39Sopenharmony_ci} 4661e1051a39Sopenharmony_ci 4662e1051a39Sopenharmony_civoid SSL_CTX_set_psk_find_session_callback(SSL_CTX *ctx, 4663e1051a39Sopenharmony_ci SSL_psk_find_session_cb_func cb) 4664e1051a39Sopenharmony_ci{ 4665e1051a39Sopenharmony_ci ctx->psk_find_session_cb = cb; 4666e1051a39Sopenharmony_ci} 4667e1051a39Sopenharmony_ci 4668e1051a39Sopenharmony_civoid SSL_set_psk_use_session_callback(SSL *s, SSL_psk_use_session_cb_func cb) 4669e1051a39Sopenharmony_ci{ 4670e1051a39Sopenharmony_ci s->psk_use_session_cb = cb; 4671e1051a39Sopenharmony_ci} 4672e1051a39Sopenharmony_ci 4673e1051a39Sopenharmony_civoid SSL_CTX_set_psk_use_session_callback(SSL_CTX *ctx, 4674e1051a39Sopenharmony_ci SSL_psk_use_session_cb_func cb) 4675e1051a39Sopenharmony_ci{ 4676e1051a39Sopenharmony_ci ctx->psk_use_session_cb = cb; 4677e1051a39Sopenharmony_ci} 4678e1051a39Sopenharmony_ci 4679e1051a39Sopenharmony_civoid SSL_CTX_set_msg_callback(SSL_CTX *ctx, 4680e1051a39Sopenharmony_ci void (*cb) (int write_p, int version, 4681e1051a39Sopenharmony_ci int content_type, const void *buf, 4682e1051a39Sopenharmony_ci size_t len, SSL *ssl, void *arg)) 4683e1051a39Sopenharmony_ci{ 4684e1051a39Sopenharmony_ci SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb); 4685e1051a39Sopenharmony_ci} 4686e1051a39Sopenharmony_ci 4687e1051a39Sopenharmony_civoid SSL_set_msg_callback(SSL *ssl, 4688e1051a39Sopenharmony_ci void (*cb) (int write_p, int version, 4689e1051a39Sopenharmony_ci int content_type, const void *buf, 4690e1051a39Sopenharmony_ci size_t len, SSL *ssl, void *arg)) 4691e1051a39Sopenharmony_ci{ 4692e1051a39Sopenharmony_ci SSL_callback_ctrl(ssl, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb); 4693e1051a39Sopenharmony_ci} 4694e1051a39Sopenharmony_ci 4695e1051a39Sopenharmony_civoid SSL_CTX_set_not_resumable_session_callback(SSL_CTX *ctx, 4696e1051a39Sopenharmony_ci int (*cb) (SSL *ssl, 4697e1051a39Sopenharmony_ci int 4698e1051a39Sopenharmony_ci is_forward_secure)) 4699e1051a39Sopenharmony_ci{ 4700e1051a39Sopenharmony_ci SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB, 4701e1051a39Sopenharmony_ci (void (*)(void))cb); 4702e1051a39Sopenharmony_ci} 4703e1051a39Sopenharmony_ci 4704e1051a39Sopenharmony_civoid SSL_set_not_resumable_session_callback(SSL *ssl, 4705e1051a39Sopenharmony_ci int (*cb) (SSL *ssl, 4706e1051a39Sopenharmony_ci int is_forward_secure)) 4707e1051a39Sopenharmony_ci{ 4708e1051a39Sopenharmony_ci SSL_callback_ctrl(ssl, SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB, 4709e1051a39Sopenharmony_ci (void (*)(void))cb); 4710e1051a39Sopenharmony_ci} 4711e1051a39Sopenharmony_ci 4712e1051a39Sopenharmony_civoid SSL_CTX_set_record_padding_callback(SSL_CTX *ctx, 4713e1051a39Sopenharmony_ci size_t (*cb) (SSL *ssl, int type, 4714e1051a39Sopenharmony_ci size_t len, void *arg)) 4715e1051a39Sopenharmony_ci{ 4716e1051a39Sopenharmony_ci ctx->record_padding_cb = cb; 4717e1051a39Sopenharmony_ci} 4718e1051a39Sopenharmony_ci 4719e1051a39Sopenharmony_civoid SSL_CTX_set_record_padding_callback_arg(SSL_CTX *ctx, void *arg) 4720e1051a39Sopenharmony_ci{ 4721e1051a39Sopenharmony_ci ctx->record_padding_arg = arg; 4722e1051a39Sopenharmony_ci} 4723e1051a39Sopenharmony_ci 4724e1051a39Sopenharmony_civoid *SSL_CTX_get_record_padding_callback_arg(const SSL_CTX *ctx) 4725e1051a39Sopenharmony_ci{ 4726e1051a39Sopenharmony_ci return ctx->record_padding_arg; 4727e1051a39Sopenharmony_ci} 4728e1051a39Sopenharmony_ci 4729e1051a39Sopenharmony_ciint SSL_CTX_set_block_padding(SSL_CTX *ctx, size_t block_size) 4730e1051a39Sopenharmony_ci{ 4731e1051a39Sopenharmony_ci /* block size of 0 or 1 is basically no padding */ 4732e1051a39Sopenharmony_ci if (block_size == 1) 4733e1051a39Sopenharmony_ci ctx->block_padding = 0; 4734e1051a39Sopenharmony_ci else if (block_size <= SSL3_RT_MAX_PLAIN_LENGTH) 4735e1051a39Sopenharmony_ci ctx->block_padding = block_size; 4736e1051a39Sopenharmony_ci else 4737e1051a39Sopenharmony_ci return 0; 4738e1051a39Sopenharmony_ci return 1; 4739e1051a39Sopenharmony_ci} 4740e1051a39Sopenharmony_ci 4741e1051a39Sopenharmony_ciint SSL_set_record_padding_callback(SSL *ssl, 4742e1051a39Sopenharmony_ci size_t (*cb) (SSL *ssl, int type, 4743e1051a39Sopenharmony_ci size_t len, void *arg)) 4744e1051a39Sopenharmony_ci{ 4745e1051a39Sopenharmony_ci BIO *b; 4746e1051a39Sopenharmony_ci 4747e1051a39Sopenharmony_ci b = SSL_get_wbio(ssl); 4748e1051a39Sopenharmony_ci if (b == NULL || !BIO_get_ktls_send(b)) { 4749e1051a39Sopenharmony_ci ssl->record_padding_cb = cb; 4750e1051a39Sopenharmony_ci return 1; 4751e1051a39Sopenharmony_ci } 4752e1051a39Sopenharmony_ci return 0; 4753e1051a39Sopenharmony_ci} 4754e1051a39Sopenharmony_ci 4755e1051a39Sopenharmony_civoid SSL_set_record_padding_callback_arg(SSL *ssl, void *arg) 4756e1051a39Sopenharmony_ci{ 4757e1051a39Sopenharmony_ci ssl->record_padding_arg = arg; 4758e1051a39Sopenharmony_ci} 4759e1051a39Sopenharmony_ci 4760e1051a39Sopenharmony_civoid *SSL_get_record_padding_callback_arg(const SSL *ssl) 4761e1051a39Sopenharmony_ci{ 4762e1051a39Sopenharmony_ci return ssl->record_padding_arg; 4763e1051a39Sopenharmony_ci} 4764e1051a39Sopenharmony_ci 4765e1051a39Sopenharmony_ciint SSL_set_block_padding(SSL *ssl, size_t block_size) 4766e1051a39Sopenharmony_ci{ 4767e1051a39Sopenharmony_ci /* block size of 0 or 1 is basically no padding */ 4768e1051a39Sopenharmony_ci if (block_size == 1) 4769e1051a39Sopenharmony_ci ssl->block_padding = 0; 4770e1051a39Sopenharmony_ci else if (block_size <= SSL3_RT_MAX_PLAIN_LENGTH) 4771e1051a39Sopenharmony_ci ssl->block_padding = block_size; 4772e1051a39Sopenharmony_ci else 4773e1051a39Sopenharmony_ci return 0; 4774e1051a39Sopenharmony_ci return 1; 4775e1051a39Sopenharmony_ci} 4776e1051a39Sopenharmony_ci 4777e1051a39Sopenharmony_ciint SSL_set_num_tickets(SSL *s, size_t num_tickets) 4778e1051a39Sopenharmony_ci{ 4779e1051a39Sopenharmony_ci s->num_tickets = num_tickets; 4780e1051a39Sopenharmony_ci 4781e1051a39Sopenharmony_ci return 1; 4782e1051a39Sopenharmony_ci} 4783e1051a39Sopenharmony_ci 4784e1051a39Sopenharmony_cisize_t SSL_get_num_tickets(const SSL *s) 4785e1051a39Sopenharmony_ci{ 4786e1051a39Sopenharmony_ci return s->num_tickets; 4787e1051a39Sopenharmony_ci} 4788e1051a39Sopenharmony_ci 4789e1051a39Sopenharmony_ciint SSL_CTX_set_num_tickets(SSL_CTX *ctx, size_t num_tickets) 4790e1051a39Sopenharmony_ci{ 4791e1051a39Sopenharmony_ci ctx->num_tickets = num_tickets; 4792e1051a39Sopenharmony_ci 4793e1051a39Sopenharmony_ci return 1; 4794e1051a39Sopenharmony_ci} 4795e1051a39Sopenharmony_ci 4796e1051a39Sopenharmony_cisize_t SSL_CTX_get_num_tickets(const SSL_CTX *ctx) 4797e1051a39Sopenharmony_ci{ 4798e1051a39Sopenharmony_ci return ctx->num_tickets; 4799e1051a39Sopenharmony_ci} 4800e1051a39Sopenharmony_ci 4801e1051a39Sopenharmony_ci/* 4802e1051a39Sopenharmony_ci * Allocates new EVP_MD_CTX and sets pointer to it into given pointer 4803e1051a39Sopenharmony_ci * variable, freeing EVP_MD_CTX previously stored in that variable, if any. 4804e1051a39Sopenharmony_ci * If EVP_MD pointer is passed, initializes ctx with this |md|. 4805e1051a39Sopenharmony_ci * Returns the newly allocated ctx; 4806e1051a39Sopenharmony_ci */ 4807e1051a39Sopenharmony_ci 4808e1051a39Sopenharmony_ciEVP_MD_CTX *ssl_replace_hash(EVP_MD_CTX **hash, const EVP_MD *md) 4809e1051a39Sopenharmony_ci{ 4810e1051a39Sopenharmony_ci ssl_clear_hash_ctx(hash); 4811e1051a39Sopenharmony_ci *hash = EVP_MD_CTX_new(); 4812e1051a39Sopenharmony_ci if (*hash == NULL || (md && EVP_DigestInit_ex(*hash, md, NULL) <= 0)) { 4813e1051a39Sopenharmony_ci EVP_MD_CTX_free(*hash); 4814e1051a39Sopenharmony_ci *hash = NULL; 4815e1051a39Sopenharmony_ci return NULL; 4816e1051a39Sopenharmony_ci } 4817e1051a39Sopenharmony_ci return *hash; 4818e1051a39Sopenharmony_ci} 4819e1051a39Sopenharmony_ci 4820e1051a39Sopenharmony_civoid ssl_clear_hash_ctx(EVP_MD_CTX **hash) 4821e1051a39Sopenharmony_ci{ 4822e1051a39Sopenharmony_ci 4823e1051a39Sopenharmony_ci EVP_MD_CTX_free(*hash); 4824e1051a39Sopenharmony_ci *hash = NULL; 4825e1051a39Sopenharmony_ci} 4826e1051a39Sopenharmony_ci 4827e1051a39Sopenharmony_ci/* Retrieve handshake hashes */ 4828e1051a39Sopenharmony_ciint ssl_handshake_hash(SSL *s, unsigned char *out, size_t outlen, 4829e1051a39Sopenharmony_ci size_t *hashlen) 4830e1051a39Sopenharmony_ci{ 4831e1051a39Sopenharmony_ci EVP_MD_CTX *ctx = NULL; 4832e1051a39Sopenharmony_ci EVP_MD_CTX *hdgst = s->s3.handshake_dgst; 4833e1051a39Sopenharmony_ci int hashleni = EVP_MD_CTX_get_size(hdgst); 4834e1051a39Sopenharmony_ci int ret = 0; 4835e1051a39Sopenharmony_ci 4836e1051a39Sopenharmony_ci if (hashleni < 0 || (size_t)hashleni > outlen) { 4837e1051a39Sopenharmony_ci SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); 4838e1051a39Sopenharmony_ci goto err; 4839e1051a39Sopenharmony_ci } 4840e1051a39Sopenharmony_ci 4841e1051a39Sopenharmony_ci ctx = EVP_MD_CTX_new(); 4842e1051a39Sopenharmony_ci if (ctx == NULL) { 4843e1051a39Sopenharmony_ci SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); 4844e1051a39Sopenharmony_ci goto err; 4845e1051a39Sopenharmony_ci } 4846e1051a39Sopenharmony_ci 4847e1051a39Sopenharmony_ci if (!EVP_MD_CTX_copy_ex(ctx, hdgst) 4848e1051a39Sopenharmony_ci || EVP_DigestFinal_ex(ctx, out, NULL) <= 0) { 4849e1051a39Sopenharmony_ci SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); 4850e1051a39Sopenharmony_ci goto err; 4851e1051a39Sopenharmony_ci } 4852e1051a39Sopenharmony_ci 4853e1051a39Sopenharmony_ci *hashlen = hashleni; 4854e1051a39Sopenharmony_ci 4855e1051a39Sopenharmony_ci ret = 1; 4856e1051a39Sopenharmony_ci err: 4857e1051a39Sopenharmony_ci EVP_MD_CTX_free(ctx); 4858e1051a39Sopenharmony_ci return ret; 4859e1051a39Sopenharmony_ci} 4860e1051a39Sopenharmony_ci 4861e1051a39Sopenharmony_ciint SSL_session_reused(const SSL *s) 4862e1051a39Sopenharmony_ci{ 4863e1051a39Sopenharmony_ci return s->hit; 4864e1051a39Sopenharmony_ci} 4865e1051a39Sopenharmony_ci 4866e1051a39Sopenharmony_ciint SSL_is_server(const SSL *s) 4867e1051a39Sopenharmony_ci{ 4868e1051a39Sopenharmony_ci return s->server; 4869e1051a39Sopenharmony_ci} 4870e1051a39Sopenharmony_ci 4871e1051a39Sopenharmony_ci#ifndef OPENSSL_NO_DEPRECATED_1_1_0 4872e1051a39Sopenharmony_civoid SSL_set_debug(SSL *s, int debug) 4873e1051a39Sopenharmony_ci{ 4874e1051a39Sopenharmony_ci /* Old function was do-nothing anyway... */ 4875e1051a39Sopenharmony_ci (void)s; 4876e1051a39Sopenharmony_ci (void)debug; 4877e1051a39Sopenharmony_ci} 4878e1051a39Sopenharmony_ci#endif 4879e1051a39Sopenharmony_ci 4880e1051a39Sopenharmony_civoid SSL_set_security_level(SSL *s, int level) 4881e1051a39Sopenharmony_ci{ 4882e1051a39Sopenharmony_ci s->cert->sec_level = level; 4883e1051a39Sopenharmony_ci} 4884e1051a39Sopenharmony_ci 4885e1051a39Sopenharmony_ciint SSL_get_security_level(const SSL *s) 4886e1051a39Sopenharmony_ci{ 4887e1051a39Sopenharmony_ci return s->cert->sec_level; 4888e1051a39Sopenharmony_ci} 4889e1051a39Sopenharmony_ci 4890e1051a39Sopenharmony_civoid SSL_set_security_callback(SSL *s, 4891e1051a39Sopenharmony_ci int (*cb) (const SSL *s, const SSL_CTX *ctx, 4892e1051a39Sopenharmony_ci int op, int bits, int nid, 4893e1051a39Sopenharmony_ci void *other, void *ex)) 4894e1051a39Sopenharmony_ci{ 4895e1051a39Sopenharmony_ci s->cert->sec_cb = cb; 4896e1051a39Sopenharmony_ci} 4897e1051a39Sopenharmony_ci 4898e1051a39Sopenharmony_ciint (*SSL_get_security_callback(const SSL *s)) (const SSL *s, 4899e1051a39Sopenharmony_ci const SSL_CTX *ctx, int op, 4900e1051a39Sopenharmony_ci int bits, int nid, void *other, 4901e1051a39Sopenharmony_ci void *ex) { 4902e1051a39Sopenharmony_ci return s->cert->sec_cb; 4903e1051a39Sopenharmony_ci} 4904e1051a39Sopenharmony_ci 4905e1051a39Sopenharmony_civoid SSL_set0_security_ex_data(SSL *s, void *ex) 4906e1051a39Sopenharmony_ci{ 4907e1051a39Sopenharmony_ci s->cert->sec_ex = ex; 4908e1051a39Sopenharmony_ci} 4909e1051a39Sopenharmony_ci 4910e1051a39Sopenharmony_civoid *SSL_get0_security_ex_data(const SSL *s) 4911e1051a39Sopenharmony_ci{ 4912e1051a39Sopenharmony_ci return s->cert->sec_ex; 4913e1051a39Sopenharmony_ci} 4914e1051a39Sopenharmony_ci 4915e1051a39Sopenharmony_civoid SSL_CTX_set_security_level(SSL_CTX *ctx, int level) 4916e1051a39Sopenharmony_ci{ 4917e1051a39Sopenharmony_ci ctx->cert->sec_level = level; 4918e1051a39Sopenharmony_ci} 4919e1051a39Sopenharmony_ci 4920e1051a39Sopenharmony_ciint SSL_CTX_get_security_level(const SSL_CTX *ctx) 4921e1051a39Sopenharmony_ci{ 4922e1051a39Sopenharmony_ci return ctx->cert->sec_level; 4923e1051a39Sopenharmony_ci} 4924e1051a39Sopenharmony_ci 4925e1051a39Sopenharmony_civoid SSL_CTX_set_security_callback(SSL_CTX *ctx, 4926e1051a39Sopenharmony_ci int (*cb) (const SSL *s, const SSL_CTX *ctx, 4927e1051a39Sopenharmony_ci int op, int bits, int nid, 4928e1051a39Sopenharmony_ci void *other, void *ex)) 4929e1051a39Sopenharmony_ci{ 4930e1051a39Sopenharmony_ci ctx->cert->sec_cb = cb; 4931e1051a39Sopenharmony_ci} 4932e1051a39Sopenharmony_ci 4933e1051a39Sopenharmony_ciint (*SSL_CTX_get_security_callback(const SSL_CTX *ctx)) (const SSL *s, 4934e1051a39Sopenharmony_ci const SSL_CTX *ctx, 4935e1051a39Sopenharmony_ci int op, int bits, 4936e1051a39Sopenharmony_ci int nid, 4937e1051a39Sopenharmony_ci void *other, 4938e1051a39Sopenharmony_ci void *ex) { 4939e1051a39Sopenharmony_ci return ctx->cert->sec_cb; 4940e1051a39Sopenharmony_ci} 4941e1051a39Sopenharmony_ci 4942e1051a39Sopenharmony_civoid SSL_CTX_set0_security_ex_data(SSL_CTX *ctx, void *ex) 4943e1051a39Sopenharmony_ci{ 4944e1051a39Sopenharmony_ci ctx->cert->sec_ex = ex; 4945e1051a39Sopenharmony_ci} 4946e1051a39Sopenharmony_ci 4947e1051a39Sopenharmony_civoid *SSL_CTX_get0_security_ex_data(const SSL_CTX *ctx) 4948e1051a39Sopenharmony_ci{ 4949e1051a39Sopenharmony_ci return ctx->cert->sec_ex; 4950e1051a39Sopenharmony_ci} 4951e1051a39Sopenharmony_ci 4952e1051a39Sopenharmony_ciuint64_t SSL_CTX_get_options(const SSL_CTX *ctx) 4953e1051a39Sopenharmony_ci{ 4954e1051a39Sopenharmony_ci return ctx->options; 4955e1051a39Sopenharmony_ci} 4956e1051a39Sopenharmony_ci 4957e1051a39Sopenharmony_ciuint64_t SSL_get_options(const SSL *s) 4958e1051a39Sopenharmony_ci{ 4959e1051a39Sopenharmony_ci return s->options; 4960e1051a39Sopenharmony_ci} 4961e1051a39Sopenharmony_ci 4962e1051a39Sopenharmony_ciuint64_t SSL_CTX_set_options(SSL_CTX *ctx, uint64_t op) 4963e1051a39Sopenharmony_ci{ 4964e1051a39Sopenharmony_ci return ctx->options |= op; 4965e1051a39Sopenharmony_ci} 4966e1051a39Sopenharmony_ci 4967e1051a39Sopenharmony_ciuint64_t SSL_set_options(SSL *s, uint64_t op) 4968e1051a39Sopenharmony_ci{ 4969e1051a39Sopenharmony_ci return s->options |= op; 4970e1051a39Sopenharmony_ci} 4971e1051a39Sopenharmony_ci 4972e1051a39Sopenharmony_ciuint64_t SSL_CTX_clear_options(SSL_CTX *ctx, uint64_t op) 4973e1051a39Sopenharmony_ci{ 4974e1051a39Sopenharmony_ci return ctx->options &= ~op; 4975e1051a39Sopenharmony_ci} 4976e1051a39Sopenharmony_ci 4977e1051a39Sopenharmony_ciuint64_t SSL_clear_options(SSL *s, uint64_t op) 4978e1051a39Sopenharmony_ci{ 4979e1051a39Sopenharmony_ci return s->options &= ~op; 4980e1051a39Sopenharmony_ci} 4981e1051a39Sopenharmony_ci 4982e1051a39Sopenharmony_ciSTACK_OF(X509) *SSL_get0_verified_chain(const SSL *s) 4983e1051a39Sopenharmony_ci{ 4984e1051a39Sopenharmony_ci return s->verified_chain; 4985e1051a39Sopenharmony_ci} 4986e1051a39Sopenharmony_ci 4987e1051a39Sopenharmony_ciIMPLEMENT_OBJ_BSEARCH_GLOBAL_CMP_FN(SSL_CIPHER, SSL_CIPHER, ssl_cipher_id); 4988e1051a39Sopenharmony_ci 4989e1051a39Sopenharmony_ci#ifndef OPENSSL_NO_CT 4990e1051a39Sopenharmony_ci 4991e1051a39Sopenharmony_ci/* 4992e1051a39Sopenharmony_ci * Moves SCTs from the |src| stack to the |dst| stack. 4993e1051a39Sopenharmony_ci * The source of each SCT will be set to |origin|. 4994e1051a39Sopenharmony_ci * If |dst| points to a NULL pointer, a new stack will be created and owned by 4995e1051a39Sopenharmony_ci * the caller. 4996e1051a39Sopenharmony_ci * Returns the number of SCTs moved, or a negative integer if an error occurs. 4997e1051a39Sopenharmony_ci * The |dst| stack is created and possibly partially populated even in case 4998e1051a39Sopenharmony_ci * of error, likewise the |src| stack may be left in an intermediate state. 4999e1051a39Sopenharmony_ci */ 5000e1051a39Sopenharmony_cistatic int ct_move_scts(STACK_OF(SCT) **dst, STACK_OF(SCT) *src, 5001e1051a39Sopenharmony_ci sct_source_t origin) 5002e1051a39Sopenharmony_ci{ 5003e1051a39Sopenharmony_ci int scts_moved = 0; 5004e1051a39Sopenharmony_ci SCT *sct = NULL; 5005e1051a39Sopenharmony_ci 5006e1051a39Sopenharmony_ci if (*dst == NULL) { 5007e1051a39Sopenharmony_ci *dst = sk_SCT_new_null(); 5008e1051a39Sopenharmony_ci if (*dst == NULL) { 5009e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); 5010e1051a39Sopenharmony_ci goto err; 5011e1051a39Sopenharmony_ci } 5012e1051a39Sopenharmony_ci } 5013e1051a39Sopenharmony_ci 5014e1051a39Sopenharmony_ci while ((sct = sk_SCT_pop(src)) != NULL) { 5015e1051a39Sopenharmony_ci if (SCT_set_source(sct, origin) != 1) 5016e1051a39Sopenharmony_ci goto err; 5017e1051a39Sopenharmony_ci 5018e1051a39Sopenharmony_ci if (!sk_SCT_push(*dst, sct)) 5019e1051a39Sopenharmony_ci goto err; 5020e1051a39Sopenharmony_ci scts_moved += 1; 5021e1051a39Sopenharmony_ci } 5022e1051a39Sopenharmony_ci 5023e1051a39Sopenharmony_ci return scts_moved; 5024e1051a39Sopenharmony_ci err: 5025e1051a39Sopenharmony_ci SCT_free(sct); 5026e1051a39Sopenharmony_ci return -1; 5027e1051a39Sopenharmony_ci} 5028e1051a39Sopenharmony_ci 5029e1051a39Sopenharmony_ci/* 5030e1051a39Sopenharmony_ci * Look for data collected during ServerHello and parse if found. 5031e1051a39Sopenharmony_ci * Returns the number of SCTs extracted. 5032e1051a39Sopenharmony_ci */ 5033e1051a39Sopenharmony_cistatic int ct_extract_tls_extension_scts(SSL *s) 5034e1051a39Sopenharmony_ci{ 5035e1051a39Sopenharmony_ci int scts_extracted = 0; 5036e1051a39Sopenharmony_ci 5037e1051a39Sopenharmony_ci if (s->ext.scts != NULL) { 5038e1051a39Sopenharmony_ci const unsigned char *p = s->ext.scts; 5039e1051a39Sopenharmony_ci STACK_OF(SCT) *scts = o2i_SCT_LIST(NULL, &p, s->ext.scts_len); 5040e1051a39Sopenharmony_ci 5041e1051a39Sopenharmony_ci scts_extracted = ct_move_scts(&s->scts, scts, SCT_SOURCE_TLS_EXTENSION); 5042e1051a39Sopenharmony_ci 5043e1051a39Sopenharmony_ci SCT_LIST_free(scts); 5044e1051a39Sopenharmony_ci } 5045e1051a39Sopenharmony_ci 5046e1051a39Sopenharmony_ci return scts_extracted; 5047e1051a39Sopenharmony_ci} 5048e1051a39Sopenharmony_ci 5049e1051a39Sopenharmony_ci/* 5050e1051a39Sopenharmony_ci * Checks for an OCSP response and then attempts to extract any SCTs found if it 5051e1051a39Sopenharmony_ci * contains an SCT X509 extension. They will be stored in |s->scts|. 5052e1051a39Sopenharmony_ci * Returns: 5053e1051a39Sopenharmony_ci * - The number of SCTs extracted, assuming an OCSP response exists. 5054e1051a39Sopenharmony_ci * - 0 if no OCSP response exists or it contains no SCTs. 5055e1051a39Sopenharmony_ci * - A negative integer if an error occurs. 5056e1051a39Sopenharmony_ci */ 5057e1051a39Sopenharmony_cistatic int ct_extract_ocsp_response_scts(SSL *s) 5058e1051a39Sopenharmony_ci{ 5059e1051a39Sopenharmony_ci# ifndef OPENSSL_NO_OCSP 5060e1051a39Sopenharmony_ci int scts_extracted = 0; 5061e1051a39Sopenharmony_ci const unsigned char *p; 5062e1051a39Sopenharmony_ci OCSP_BASICRESP *br = NULL; 5063e1051a39Sopenharmony_ci OCSP_RESPONSE *rsp = NULL; 5064e1051a39Sopenharmony_ci STACK_OF(SCT) *scts = NULL; 5065e1051a39Sopenharmony_ci int i; 5066e1051a39Sopenharmony_ci 5067e1051a39Sopenharmony_ci if (s->ext.ocsp.resp == NULL || s->ext.ocsp.resp_len == 0) 5068e1051a39Sopenharmony_ci goto err; 5069e1051a39Sopenharmony_ci 5070e1051a39Sopenharmony_ci p = s->ext.ocsp.resp; 5071e1051a39Sopenharmony_ci rsp = d2i_OCSP_RESPONSE(NULL, &p, (int)s->ext.ocsp.resp_len); 5072e1051a39Sopenharmony_ci if (rsp == NULL) 5073e1051a39Sopenharmony_ci goto err; 5074e1051a39Sopenharmony_ci 5075e1051a39Sopenharmony_ci br = OCSP_response_get1_basic(rsp); 5076e1051a39Sopenharmony_ci if (br == NULL) 5077e1051a39Sopenharmony_ci goto err; 5078e1051a39Sopenharmony_ci 5079e1051a39Sopenharmony_ci for (i = 0; i < OCSP_resp_count(br); ++i) { 5080e1051a39Sopenharmony_ci OCSP_SINGLERESP *single = OCSP_resp_get0(br, i); 5081e1051a39Sopenharmony_ci 5082e1051a39Sopenharmony_ci if (single == NULL) 5083e1051a39Sopenharmony_ci continue; 5084e1051a39Sopenharmony_ci 5085e1051a39Sopenharmony_ci scts = 5086e1051a39Sopenharmony_ci OCSP_SINGLERESP_get1_ext_d2i(single, NID_ct_cert_scts, NULL, NULL); 5087e1051a39Sopenharmony_ci scts_extracted = 5088e1051a39Sopenharmony_ci ct_move_scts(&s->scts, scts, SCT_SOURCE_OCSP_STAPLED_RESPONSE); 5089e1051a39Sopenharmony_ci if (scts_extracted < 0) 5090e1051a39Sopenharmony_ci goto err; 5091e1051a39Sopenharmony_ci } 5092e1051a39Sopenharmony_ci err: 5093e1051a39Sopenharmony_ci SCT_LIST_free(scts); 5094e1051a39Sopenharmony_ci OCSP_BASICRESP_free(br); 5095e1051a39Sopenharmony_ci OCSP_RESPONSE_free(rsp); 5096e1051a39Sopenharmony_ci return scts_extracted; 5097e1051a39Sopenharmony_ci# else 5098e1051a39Sopenharmony_ci /* Behave as if no OCSP response exists */ 5099e1051a39Sopenharmony_ci return 0; 5100e1051a39Sopenharmony_ci# endif 5101e1051a39Sopenharmony_ci} 5102e1051a39Sopenharmony_ci 5103e1051a39Sopenharmony_ci/* 5104e1051a39Sopenharmony_ci * Attempts to extract SCTs from the peer certificate. 5105e1051a39Sopenharmony_ci * Return the number of SCTs extracted, or a negative integer if an error 5106e1051a39Sopenharmony_ci * occurs. 5107e1051a39Sopenharmony_ci */ 5108e1051a39Sopenharmony_cistatic int ct_extract_x509v3_extension_scts(SSL *s) 5109e1051a39Sopenharmony_ci{ 5110e1051a39Sopenharmony_ci int scts_extracted = 0; 5111e1051a39Sopenharmony_ci X509 *cert = s->session != NULL ? s->session->peer : NULL; 5112e1051a39Sopenharmony_ci 5113e1051a39Sopenharmony_ci if (cert != NULL) { 5114e1051a39Sopenharmony_ci STACK_OF(SCT) *scts = 5115e1051a39Sopenharmony_ci X509_get_ext_d2i(cert, NID_ct_precert_scts, NULL, NULL); 5116e1051a39Sopenharmony_ci 5117e1051a39Sopenharmony_ci scts_extracted = 5118e1051a39Sopenharmony_ci ct_move_scts(&s->scts, scts, SCT_SOURCE_X509V3_EXTENSION); 5119e1051a39Sopenharmony_ci 5120e1051a39Sopenharmony_ci SCT_LIST_free(scts); 5121e1051a39Sopenharmony_ci } 5122e1051a39Sopenharmony_ci 5123e1051a39Sopenharmony_ci return scts_extracted; 5124e1051a39Sopenharmony_ci} 5125e1051a39Sopenharmony_ci 5126e1051a39Sopenharmony_ci/* 5127e1051a39Sopenharmony_ci * Attempts to find all received SCTs by checking TLS extensions, the OCSP 5128e1051a39Sopenharmony_ci * response (if it exists) and X509v3 extensions in the certificate. 5129e1051a39Sopenharmony_ci * Returns NULL if an error occurs. 5130e1051a39Sopenharmony_ci */ 5131e1051a39Sopenharmony_ciconst STACK_OF(SCT) *SSL_get0_peer_scts(SSL *s) 5132e1051a39Sopenharmony_ci{ 5133e1051a39Sopenharmony_ci if (!s->scts_parsed) { 5134e1051a39Sopenharmony_ci if (ct_extract_tls_extension_scts(s) < 0 || 5135e1051a39Sopenharmony_ci ct_extract_ocsp_response_scts(s) < 0 || 5136e1051a39Sopenharmony_ci ct_extract_x509v3_extension_scts(s) < 0) 5137e1051a39Sopenharmony_ci goto err; 5138e1051a39Sopenharmony_ci 5139e1051a39Sopenharmony_ci s->scts_parsed = 1; 5140e1051a39Sopenharmony_ci } 5141e1051a39Sopenharmony_ci return s->scts; 5142e1051a39Sopenharmony_ci err: 5143e1051a39Sopenharmony_ci return NULL; 5144e1051a39Sopenharmony_ci} 5145e1051a39Sopenharmony_ci 5146e1051a39Sopenharmony_cistatic int ct_permissive(const CT_POLICY_EVAL_CTX * ctx, 5147e1051a39Sopenharmony_ci const STACK_OF(SCT) *scts, void *unused_arg) 5148e1051a39Sopenharmony_ci{ 5149e1051a39Sopenharmony_ci return 1; 5150e1051a39Sopenharmony_ci} 5151e1051a39Sopenharmony_ci 5152e1051a39Sopenharmony_cistatic int ct_strict(const CT_POLICY_EVAL_CTX * ctx, 5153e1051a39Sopenharmony_ci const STACK_OF(SCT) *scts, void *unused_arg) 5154e1051a39Sopenharmony_ci{ 5155e1051a39Sopenharmony_ci int count = scts != NULL ? sk_SCT_num(scts) : 0; 5156e1051a39Sopenharmony_ci int i; 5157e1051a39Sopenharmony_ci 5158e1051a39Sopenharmony_ci for (i = 0; i < count; ++i) { 5159e1051a39Sopenharmony_ci SCT *sct = sk_SCT_value(scts, i); 5160e1051a39Sopenharmony_ci int status = SCT_get_validation_status(sct); 5161e1051a39Sopenharmony_ci 5162e1051a39Sopenharmony_ci if (status == SCT_VALIDATION_STATUS_VALID) 5163e1051a39Sopenharmony_ci return 1; 5164e1051a39Sopenharmony_ci } 5165e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_NO_VALID_SCTS); 5166e1051a39Sopenharmony_ci return 0; 5167e1051a39Sopenharmony_ci} 5168e1051a39Sopenharmony_ci 5169e1051a39Sopenharmony_ciint SSL_set_ct_validation_callback(SSL *s, ssl_ct_validation_cb callback, 5170e1051a39Sopenharmony_ci void *arg) 5171e1051a39Sopenharmony_ci{ 5172e1051a39Sopenharmony_ci /* 5173e1051a39Sopenharmony_ci * Since code exists that uses the custom extension handler for CT, look 5174e1051a39Sopenharmony_ci * for this and throw an error if they have already registered to use CT. 5175e1051a39Sopenharmony_ci */ 5176e1051a39Sopenharmony_ci if (callback != NULL && SSL_CTX_has_client_custom_ext(s->ctx, 5177e1051a39Sopenharmony_ci TLSEXT_TYPE_signed_certificate_timestamp)) 5178e1051a39Sopenharmony_ci { 5179e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_CUSTOM_EXT_HANDLER_ALREADY_INSTALLED); 5180e1051a39Sopenharmony_ci return 0; 5181e1051a39Sopenharmony_ci } 5182e1051a39Sopenharmony_ci 5183e1051a39Sopenharmony_ci if (callback != NULL) { 5184e1051a39Sopenharmony_ci /* 5185e1051a39Sopenharmony_ci * If we are validating CT, then we MUST accept SCTs served via OCSP 5186e1051a39Sopenharmony_ci */ 5187e1051a39Sopenharmony_ci if (!SSL_set_tlsext_status_type(s, TLSEXT_STATUSTYPE_ocsp)) 5188e1051a39Sopenharmony_ci return 0; 5189e1051a39Sopenharmony_ci } 5190e1051a39Sopenharmony_ci 5191e1051a39Sopenharmony_ci s->ct_validation_callback = callback; 5192e1051a39Sopenharmony_ci s->ct_validation_callback_arg = arg; 5193e1051a39Sopenharmony_ci 5194e1051a39Sopenharmony_ci return 1; 5195e1051a39Sopenharmony_ci} 5196e1051a39Sopenharmony_ci 5197e1051a39Sopenharmony_ciint SSL_CTX_set_ct_validation_callback(SSL_CTX *ctx, 5198e1051a39Sopenharmony_ci ssl_ct_validation_cb callback, void *arg) 5199e1051a39Sopenharmony_ci{ 5200e1051a39Sopenharmony_ci /* 5201e1051a39Sopenharmony_ci * Since code exists that uses the custom extension handler for CT, look for 5202e1051a39Sopenharmony_ci * this and throw an error if they have already registered to use CT. 5203e1051a39Sopenharmony_ci */ 5204e1051a39Sopenharmony_ci if (callback != NULL && SSL_CTX_has_client_custom_ext(ctx, 5205e1051a39Sopenharmony_ci TLSEXT_TYPE_signed_certificate_timestamp)) 5206e1051a39Sopenharmony_ci { 5207e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_CUSTOM_EXT_HANDLER_ALREADY_INSTALLED); 5208e1051a39Sopenharmony_ci return 0; 5209e1051a39Sopenharmony_ci } 5210e1051a39Sopenharmony_ci 5211e1051a39Sopenharmony_ci ctx->ct_validation_callback = callback; 5212e1051a39Sopenharmony_ci ctx->ct_validation_callback_arg = arg; 5213e1051a39Sopenharmony_ci return 1; 5214e1051a39Sopenharmony_ci} 5215e1051a39Sopenharmony_ci 5216e1051a39Sopenharmony_ciint SSL_ct_is_enabled(const SSL *s) 5217e1051a39Sopenharmony_ci{ 5218e1051a39Sopenharmony_ci return s->ct_validation_callback != NULL; 5219e1051a39Sopenharmony_ci} 5220e1051a39Sopenharmony_ci 5221e1051a39Sopenharmony_ciint SSL_CTX_ct_is_enabled(const SSL_CTX *ctx) 5222e1051a39Sopenharmony_ci{ 5223e1051a39Sopenharmony_ci return ctx->ct_validation_callback != NULL; 5224e1051a39Sopenharmony_ci} 5225e1051a39Sopenharmony_ci 5226e1051a39Sopenharmony_ciint ssl_validate_ct(SSL *s) 5227e1051a39Sopenharmony_ci{ 5228e1051a39Sopenharmony_ci int ret = 0; 5229e1051a39Sopenharmony_ci X509 *cert = s->session != NULL ? s->session->peer : NULL; 5230e1051a39Sopenharmony_ci X509 *issuer; 5231e1051a39Sopenharmony_ci SSL_DANE *dane = &s->dane; 5232e1051a39Sopenharmony_ci CT_POLICY_EVAL_CTX *ctx = NULL; 5233e1051a39Sopenharmony_ci const STACK_OF(SCT) *scts; 5234e1051a39Sopenharmony_ci 5235e1051a39Sopenharmony_ci /* 5236e1051a39Sopenharmony_ci * If no callback is set, the peer is anonymous, or its chain is invalid, 5237e1051a39Sopenharmony_ci * skip SCT validation - just return success. Applications that continue 5238e1051a39Sopenharmony_ci * handshakes without certificates, with unverified chains, or pinned leaf 5239e1051a39Sopenharmony_ci * certificates are outside the scope of the WebPKI and CT. 5240e1051a39Sopenharmony_ci * 5241e1051a39Sopenharmony_ci * The above exclusions notwithstanding the vast majority of peers will 5242e1051a39Sopenharmony_ci * have rather ordinary certificate chains validated by typical 5243e1051a39Sopenharmony_ci * applications that perform certificate verification and therefore will 5244e1051a39Sopenharmony_ci * process SCTs when enabled. 5245e1051a39Sopenharmony_ci */ 5246e1051a39Sopenharmony_ci if (s->ct_validation_callback == NULL || cert == NULL || 5247e1051a39Sopenharmony_ci s->verify_result != X509_V_OK || 5248e1051a39Sopenharmony_ci s->verified_chain == NULL || sk_X509_num(s->verified_chain) <= 1) 5249e1051a39Sopenharmony_ci return 1; 5250e1051a39Sopenharmony_ci 5251e1051a39Sopenharmony_ci /* 5252e1051a39Sopenharmony_ci * CT not applicable for chains validated via DANE-TA(2) or DANE-EE(3) 5253e1051a39Sopenharmony_ci * trust-anchors. See https://tools.ietf.org/html/rfc7671#section-4.2 5254e1051a39Sopenharmony_ci */ 5255e1051a39Sopenharmony_ci if (DANETLS_ENABLED(dane) && dane->mtlsa != NULL) { 5256e1051a39Sopenharmony_ci switch (dane->mtlsa->usage) { 5257e1051a39Sopenharmony_ci case DANETLS_USAGE_DANE_TA: 5258e1051a39Sopenharmony_ci case DANETLS_USAGE_DANE_EE: 5259e1051a39Sopenharmony_ci return 1; 5260e1051a39Sopenharmony_ci } 5261e1051a39Sopenharmony_ci } 5262e1051a39Sopenharmony_ci 5263e1051a39Sopenharmony_ci ctx = CT_POLICY_EVAL_CTX_new_ex(s->ctx->libctx, s->ctx->propq); 5264e1051a39Sopenharmony_ci if (ctx == NULL) { 5265e1051a39Sopenharmony_ci SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); 5266e1051a39Sopenharmony_ci goto end; 5267e1051a39Sopenharmony_ci } 5268e1051a39Sopenharmony_ci 5269e1051a39Sopenharmony_ci issuer = sk_X509_value(s->verified_chain, 1); 5270e1051a39Sopenharmony_ci CT_POLICY_EVAL_CTX_set1_cert(ctx, cert); 5271e1051a39Sopenharmony_ci CT_POLICY_EVAL_CTX_set1_issuer(ctx, issuer); 5272e1051a39Sopenharmony_ci CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE(ctx, s->ctx->ctlog_store); 5273e1051a39Sopenharmony_ci CT_POLICY_EVAL_CTX_set_time( 5274e1051a39Sopenharmony_ci ctx, (uint64_t)SSL_SESSION_get_time(SSL_get0_session(s)) * 1000); 5275e1051a39Sopenharmony_ci 5276e1051a39Sopenharmony_ci scts = SSL_get0_peer_scts(s); 5277e1051a39Sopenharmony_ci 5278e1051a39Sopenharmony_ci /* 5279e1051a39Sopenharmony_ci * This function returns success (> 0) only when all the SCTs are valid, 0 5280e1051a39Sopenharmony_ci * when some are invalid, and < 0 on various internal errors (out of 5281e1051a39Sopenharmony_ci * memory, etc.). Having some, or even all, invalid SCTs is not sufficient 5282e1051a39Sopenharmony_ci * reason to abort the handshake, that decision is up to the callback. 5283e1051a39Sopenharmony_ci * Therefore, we error out only in the unexpected case that the return 5284e1051a39Sopenharmony_ci * value is negative. 5285e1051a39Sopenharmony_ci * 5286e1051a39Sopenharmony_ci * XXX: One might well argue that the return value of this function is an 5287e1051a39Sopenharmony_ci * unfortunate design choice. Its job is only to determine the validation 5288e1051a39Sopenharmony_ci * status of each of the provided SCTs. So long as it correctly separates 5289e1051a39Sopenharmony_ci * the wheat from the chaff it should return success. Failure in this case 5290e1051a39Sopenharmony_ci * ought to correspond to an inability to carry out its duties. 5291e1051a39Sopenharmony_ci */ 5292e1051a39Sopenharmony_ci if (SCT_LIST_validate(scts, ctx) < 0) { 5293e1051a39Sopenharmony_ci SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_R_SCT_VERIFICATION_FAILED); 5294e1051a39Sopenharmony_ci goto end; 5295e1051a39Sopenharmony_ci } 5296e1051a39Sopenharmony_ci 5297e1051a39Sopenharmony_ci ret = s->ct_validation_callback(ctx, scts, s->ct_validation_callback_arg); 5298e1051a39Sopenharmony_ci if (ret < 0) 5299e1051a39Sopenharmony_ci ret = 0; /* This function returns 0 on failure */ 5300e1051a39Sopenharmony_ci if (!ret) 5301e1051a39Sopenharmony_ci SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_R_CALLBACK_FAILED); 5302e1051a39Sopenharmony_ci 5303e1051a39Sopenharmony_ci end: 5304e1051a39Sopenharmony_ci CT_POLICY_EVAL_CTX_free(ctx); 5305e1051a39Sopenharmony_ci /* 5306e1051a39Sopenharmony_ci * With SSL_VERIFY_NONE the session may be cached and re-used despite a 5307e1051a39Sopenharmony_ci * failure return code here. Also the application may wish the complete 5308e1051a39Sopenharmony_ci * the handshake, and then disconnect cleanly at a higher layer, after 5309e1051a39Sopenharmony_ci * checking the verification status of the completed connection. 5310e1051a39Sopenharmony_ci * 5311e1051a39Sopenharmony_ci * We therefore force a certificate verification failure which will be 5312e1051a39Sopenharmony_ci * visible via SSL_get_verify_result() and cached as part of any resumed 5313e1051a39Sopenharmony_ci * session. 5314e1051a39Sopenharmony_ci * 5315e1051a39Sopenharmony_ci * Note: the permissive callback is for information gathering only, always 5316e1051a39Sopenharmony_ci * returns success, and does not affect verification status. Only the 5317e1051a39Sopenharmony_ci * strict callback or a custom application-specified callback can trigger 5318e1051a39Sopenharmony_ci * connection failure or record a verification error. 5319e1051a39Sopenharmony_ci */ 5320e1051a39Sopenharmony_ci if (ret <= 0) 5321e1051a39Sopenharmony_ci s->verify_result = X509_V_ERR_NO_VALID_SCTS; 5322e1051a39Sopenharmony_ci return ret; 5323e1051a39Sopenharmony_ci} 5324e1051a39Sopenharmony_ci 5325e1051a39Sopenharmony_ciint SSL_CTX_enable_ct(SSL_CTX *ctx, int validation_mode) 5326e1051a39Sopenharmony_ci{ 5327e1051a39Sopenharmony_ci switch (validation_mode) { 5328e1051a39Sopenharmony_ci default: 5329e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_INVALID_CT_VALIDATION_TYPE); 5330e1051a39Sopenharmony_ci return 0; 5331e1051a39Sopenharmony_ci case SSL_CT_VALIDATION_PERMISSIVE: 5332e1051a39Sopenharmony_ci return SSL_CTX_set_ct_validation_callback(ctx, ct_permissive, NULL); 5333e1051a39Sopenharmony_ci case SSL_CT_VALIDATION_STRICT: 5334e1051a39Sopenharmony_ci return SSL_CTX_set_ct_validation_callback(ctx, ct_strict, NULL); 5335e1051a39Sopenharmony_ci } 5336e1051a39Sopenharmony_ci} 5337e1051a39Sopenharmony_ci 5338e1051a39Sopenharmony_ciint SSL_enable_ct(SSL *s, int validation_mode) 5339e1051a39Sopenharmony_ci{ 5340e1051a39Sopenharmony_ci switch (validation_mode) { 5341e1051a39Sopenharmony_ci default: 5342e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_INVALID_CT_VALIDATION_TYPE); 5343e1051a39Sopenharmony_ci return 0; 5344e1051a39Sopenharmony_ci case SSL_CT_VALIDATION_PERMISSIVE: 5345e1051a39Sopenharmony_ci return SSL_set_ct_validation_callback(s, ct_permissive, NULL); 5346e1051a39Sopenharmony_ci case SSL_CT_VALIDATION_STRICT: 5347e1051a39Sopenharmony_ci return SSL_set_ct_validation_callback(s, ct_strict, NULL); 5348e1051a39Sopenharmony_ci } 5349e1051a39Sopenharmony_ci} 5350e1051a39Sopenharmony_ci 5351e1051a39Sopenharmony_ciint SSL_CTX_set_default_ctlog_list_file(SSL_CTX *ctx) 5352e1051a39Sopenharmony_ci{ 5353e1051a39Sopenharmony_ci return CTLOG_STORE_load_default_file(ctx->ctlog_store); 5354e1051a39Sopenharmony_ci} 5355e1051a39Sopenharmony_ci 5356e1051a39Sopenharmony_ciint SSL_CTX_set_ctlog_list_file(SSL_CTX *ctx, const char *path) 5357e1051a39Sopenharmony_ci{ 5358e1051a39Sopenharmony_ci return CTLOG_STORE_load_file(ctx->ctlog_store, path); 5359e1051a39Sopenharmony_ci} 5360e1051a39Sopenharmony_ci 5361e1051a39Sopenharmony_civoid SSL_CTX_set0_ctlog_store(SSL_CTX *ctx, CTLOG_STORE * logs) 5362e1051a39Sopenharmony_ci{ 5363e1051a39Sopenharmony_ci CTLOG_STORE_free(ctx->ctlog_store); 5364e1051a39Sopenharmony_ci ctx->ctlog_store = logs; 5365e1051a39Sopenharmony_ci} 5366e1051a39Sopenharmony_ci 5367e1051a39Sopenharmony_ciconst CTLOG_STORE *SSL_CTX_get0_ctlog_store(const SSL_CTX *ctx) 5368e1051a39Sopenharmony_ci{ 5369e1051a39Sopenharmony_ci return ctx->ctlog_store; 5370e1051a39Sopenharmony_ci} 5371e1051a39Sopenharmony_ci 5372e1051a39Sopenharmony_ci#endif /* OPENSSL_NO_CT */ 5373e1051a39Sopenharmony_ci 5374e1051a39Sopenharmony_civoid SSL_CTX_set_client_hello_cb(SSL_CTX *c, SSL_client_hello_cb_fn cb, 5375e1051a39Sopenharmony_ci void *arg) 5376e1051a39Sopenharmony_ci{ 5377e1051a39Sopenharmony_ci c->client_hello_cb = cb; 5378e1051a39Sopenharmony_ci c->client_hello_cb_arg = arg; 5379e1051a39Sopenharmony_ci} 5380e1051a39Sopenharmony_ci 5381e1051a39Sopenharmony_ciint SSL_client_hello_isv2(SSL *s) 5382e1051a39Sopenharmony_ci{ 5383e1051a39Sopenharmony_ci if (s->clienthello == NULL) 5384e1051a39Sopenharmony_ci return 0; 5385e1051a39Sopenharmony_ci return s->clienthello->isv2; 5386e1051a39Sopenharmony_ci} 5387e1051a39Sopenharmony_ci 5388e1051a39Sopenharmony_ciunsigned int SSL_client_hello_get0_legacy_version(SSL *s) 5389e1051a39Sopenharmony_ci{ 5390e1051a39Sopenharmony_ci if (s->clienthello == NULL) 5391e1051a39Sopenharmony_ci return 0; 5392e1051a39Sopenharmony_ci return s->clienthello->legacy_version; 5393e1051a39Sopenharmony_ci} 5394e1051a39Sopenharmony_ci 5395e1051a39Sopenharmony_cisize_t SSL_client_hello_get0_random(SSL *s, const unsigned char **out) 5396e1051a39Sopenharmony_ci{ 5397e1051a39Sopenharmony_ci if (s->clienthello == NULL) 5398e1051a39Sopenharmony_ci return 0; 5399e1051a39Sopenharmony_ci if (out != NULL) 5400e1051a39Sopenharmony_ci *out = s->clienthello->random; 5401e1051a39Sopenharmony_ci return SSL3_RANDOM_SIZE; 5402e1051a39Sopenharmony_ci} 5403e1051a39Sopenharmony_ci 5404e1051a39Sopenharmony_cisize_t SSL_client_hello_get0_session_id(SSL *s, const unsigned char **out) 5405e1051a39Sopenharmony_ci{ 5406e1051a39Sopenharmony_ci if (s->clienthello == NULL) 5407e1051a39Sopenharmony_ci return 0; 5408e1051a39Sopenharmony_ci if (out != NULL) 5409e1051a39Sopenharmony_ci *out = s->clienthello->session_id; 5410e1051a39Sopenharmony_ci return s->clienthello->session_id_len; 5411e1051a39Sopenharmony_ci} 5412e1051a39Sopenharmony_ci 5413e1051a39Sopenharmony_cisize_t SSL_client_hello_get0_ciphers(SSL *s, const unsigned char **out) 5414e1051a39Sopenharmony_ci{ 5415e1051a39Sopenharmony_ci if (s->clienthello == NULL) 5416e1051a39Sopenharmony_ci return 0; 5417e1051a39Sopenharmony_ci if (out != NULL) 5418e1051a39Sopenharmony_ci *out = PACKET_data(&s->clienthello->ciphersuites); 5419e1051a39Sopenharmony_ci return PACKET_remaining(&s->clienthello->ciphersuites); 5420e1051a39Sopenharmony_ci} 5421e1051a39Sopenharmony_ci 5422e1051a39Sopenharmony_cisize_t SSL_client_hello_get0_compression_methods(SSL *s, const unsigned char **out) 5423e1051a39Sopenharmony_ci{ 5424e1051a39Sopenharmony_ci if (s->clienthello == NULL) 5425e1051a39Sopenharmony_ci return 0; 5426e1051a39Sopenharmony_ci if (out != NULL) 5427e1051a39Sopenharmony_ci *out = s->clienthello->compressions; 5428e1051a39Sopenharmony_ci return s->clienthello->compressions_len; 5429e1051a39Sopenharmony_ci} 5430e1051a39Sopenharmony_ci 5431e1051a39Sopenharmony_ciint SSL_client_hello_get1_extensions_present(SSL *s, int **out, size_t *outlen) 5432e1051a39Sopenharmony_ci{ 5433e1051a39Sopenharmony_ci RAW_EXTENSION *ext; 5434e1051a39Sopenharmony_ci int *present; 5435e1051a39Sopenharmony_ci size_t num = 0, i; 5436e1051a39Sopenharmony_ci 5437e1051a39Sopenharmony_ci if (s->clienthello == NULL || out == NULL || outlen == NULL) 5438e1051a39Sopenharmony_ci return 0; 5439e1051a39Sopenharmony_ci for (i = 0; i < s->clienthello->pre_proc_exts_len; i++) { 5440e1051a39Sopenharmony_ci ext = s->clienthello->pre_proc_exts + i; 5441e1051a39Sopenharmony_ci if (ext->present) 5442e1051a39Sopenharmony_ci num++; 5443e1051a39Sopenharmony_ci } 5444e1051a39Sopenharmony_ci if (num == 0) { 5445e1051a39Sopenharmony_ci *out = NULL; 5446e1051a39Sopenharmony_ci *outlen = 0; 5447e1051a39Sopenharmony_ci return 1; 5448e1051a39Sopenharmony_ci } 5449e1051a39Sopenharmony_ci if ((present = OPENSSL_malloc(sizeof(*present) * num)) == NULL) { 5450e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); 5451e1051a39Sopenharmony_ci return 0; 5452e1051a39Sopenharmony_ci } 5453e1051a39Sopenharmony_ci for (i = 0; i < s->clienthello->pre_proc_exts_len; i++) { 5454e1051a39Sopenharmony_ci ext = s->clienthello->pre_proc_exts + i; 5455e1051a39Sopenharmony_ci if (ext->present) { 5456e1051a39Sopenharmony_ci if (ext->received_order >= num) 5457e1051a39Sopenharmony_ci goto err; 5458e1051a39Sopenharmony_ci present[ext->received_order] = ext->type; 5459e1051a39Sopenharmony_ci } 5460e1051a39Sopenharmony_ci } 5461e1051a39Sopenharmony_ci *out = present; 5462e1051a39Sopenharmony_ci *outlen = num; 5463e1051a39Sopenharmony_ci return 1; 5464e1051a39Sopenharmony_ci err: 5465e1051a39Sopenharmony_ci OPENSSL_free(present); 5466e1051a39Sopenharmony_ci return 0; 5467e1051a39Sopenharmony_ci} 5468e1051a39Sopenharmony_ci 5469e1051a39Sopenharmony_ciint SSL_client_hello_get0_ext(SSL *s, unsigned int type, const unsigned char **out, 5470e1051a39Sopenharmony_ci size_t *outlen) 5471e1051a39Sopenharmony_ci{ 5472e1051a39Sopenharmony_ci size_t i; 5473e1051a39Sopenharmony_ci RAW_EXTENSION *r; 5474e1051a39Sopenharmony_ci 5475e1051a39Sopenharmony_ci if (s->clienthello == NULL) 5476e1051a39Sopenharmony_ci return 0; 5477e1051a39Sopenharmony_ci for (i = 0; i < s->clienthello->pre_proc_exts_len; ++i) { 5478e1051a39Sopenharmony_ci r = s->clienthello->pre_proc_exts + i; 5479e1051a39Sopenharmony_ci if (r->present && r->type == type) { 5480e1051a39Sopenharmony_ci if (out != NULL) 5481e1051a39Sopenharmony_ci *out = PACKET_data(&r->data); 5482e1051a39Sopenharmony_ci if (outlen != NULL) 5483e1051a39Sopenharmony_ci *outlen = PACKET_remaining(&r->data); 5484e1051a39Sopenharmony_ci return 1; 5485e1051a39Sopenharmony_ci } 5486e1051a39Sopenharmony_ci } 5487e1051a39Sopenharmony_ci return 0; 5488e1051a39Sopenharmony_ci} 5489e1051a39Sopenharmony_ci 5490e1051a39Sopenharmony_ciint SSL_free_buffers(SSL *ssl) 5491e1051a39Sopenharmony_ci{ 5492e1051a39Sopenharmony_ci RECORD_LAYER *rl = &ssl->rlayer; 5493e1051a39Sopenharmony_ci 5494e1051a39Sopenharmony_ci if (RECORD_LAYER_read_pending(rl) || RECORD_LAYER_write_pending(rl)) 5495e1051a39Sopenharmony_ci return 0; 5496e1051a39Sopenharmony_ci 5497e1051a39Sopenharmony_ci if (RECORD_LAYER_data_present(rl)) 5498e1051a39Sopenharmony_ci return 0; 5499e1051a39Sopenharmony_ci 5500e1051a39Sopenharmony_ci RECORD_LAYER_release(rl); 5501e1051a39Sopenharmony_ci return 1; 5502e1051a39Sopenharmony_ci} 5503e1051a39Sopenharmony_ci 5504e1051a39Sopenharmony_ciint SSL_alloc_buffers(SSL *ssl) 5505e1051a39Sopenharmony_ci{ 5506e1051a39Sopenharmony_ci return ssl3_setup_buffers(ssl); 5507e1051a39Sopenharmony_ci} 5508e1051a39Sopenharmony_ci 5509e1051a39Sopenharmony_civoid SSL_CTX_set_keylog_callback(SSL_CTX *ctx, SSL_CTX_keylog_cb_func cb) 5510e1051a39Sopenharmony_ci{ 5511e1051a39Sopenharmony_ci ctx->keylog_callback = cb; 5512e1051a39Sopenharmony_ci} 5513e1051a39Sopenharmony_ci 5514e1051a39Sopenharmony_ciSSL_CTX_keylog_cb_func SSL_CTX_get_keylog_callback(const SSL_CTX *ctx) 5515e1051a39Sopenharmony_ci{ 5516e1051a39Sopenharmony_ci return ctx->keylog_callback; 5517e1051a39Sopenharmony_ci} 5518e1051a39Sopenharmony_ci 5519e1051a39Sopenharmony_cistatic int nss_keylog_int(const char *prefix, 5520e1051a39Sopenharmony_ci SSL *ssl, 5521e1051a39Sopenharmony_ci const uint8_t *parameter_1, 5522e1051a39Sopenharmony_ci size_t parameter_1_len, 5523e1051a39Sopenharmony_ci const uint8_t *parameter_2, 5524e1051a39Sopenharmony_ci size_t parameter_2_len) 5525e1051a39Sopenharmony_ci{ 5526e1051a39Sopenharmony_ci char *out = NULL; 5527e1051a39Sopenharmony_ci char *cursor = NULL; 5528e1051a39Sopenharmony_ci size_t out_len = 0; 5529e1051a39Sopenharmony_ci size_t i; 5530e1051a39Sopenharmony_ci size_t prefix_len; 5531e1051a39Sopenharmony_ci 5532e1051a39Sopenharmony_ci if (ssl->ctx->keylog_callback == NULL) 5533e1051a39Sopenharmony_ci return 1; 5534e1051a39Sopenharmony_ci 5535e1051a39Sopenharmony_ci /* 5536e1051a39Sopenharmony_ci * Our output buffer will contain the following strings, rendered with 5537e1051a39Sopenharmony_ci * space characters in between, terminated by a NULL character: first the 5538e1051a39Sopenharmony_ci * prefix, then the first parameter, then the second parameter. The 5539e1051a39Sopenharmony_ci * meaning of each parameter depends on the specific key material being 5540e1051a39Sopenharmony_ci * logged. Note that the first and second parameters are encoded in 5541e1051a39Sopenharmony_ci * hexadecimal, so we need a buffer that is twice their lengths. 5542e1051a39Sopenharmony_ci */ 5543e1051a39Sopenharmony_ci prefix_len = strlen(prefix); 5544e1051a39Sopenharmony_ci out_len = prefix_len + (2 * parameter_1_len) + (2 * parameter_2_len) + 3; 5545e1051a39Sopenharmony_ci if ((out = cursor = OPENSSL_malloc(out_len)) == NULL) { 5546e1051a39Sopenharmony_ci SSLfatal(ssl, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); 5547e1051a39Sopenharmony_ci return 0; 5548e1051a39Sopenharmony_ci } 5549e1051a39Sopenharmony_ci 5550e1051a39Sopenharmony_ci strcpy(cursor, prefix); 5551e1051a39Sopenharmony_ci cursor += prefix_len; 5552e1051a39Sopenharmony_ci *cursor++ = ' '; 5553e1051a39Sopenharmony_ci 5554e1051a39Sopenharmony_ci for (i = 0; i < parameter_1_len; i++) { 5555e1051a39Sopenharmony_ci sprintf(cursor, "%02x", parameter_1[i]); 5556e1051a39Sopenharmony_ci cursor += 2; 5557e1051a39Sopenharmony_ci } 5558e1051a39Sopenharmony_ci *cursor++ = ' '; 5559e1051a39Sopenharmony_ci 5560e1051a39Sopenharmony_ci for (i = 0; i < parameter_2_len; i++) { 5561e1051a39Sopenharmony_ci sprintf(cursor, "%02x", parameter_2[i]); 5562e1051a39Sopenharmony_ci cursor += 2; 5563e1051a39Sopenharmony_ci } 5564e1051a39Sopenharmony_ci *cursor = '\0'; 5565e1051a39Sopenharmony_ci 5566e1051a39Sopenharmony_ci ssl->ctx->keylog_callback(ssl, (const char *)out); 5567e1051a39Sopenharmony_ci OPENSSL_clear_free(out, out_len); 5568e1051a39Sopenharmony_ci return 1; 5569e1051a39Sopenharmony_ci 5570e1051a39Sopenharmony_ci} 5571e1051a39Sopenharmony_ci 5572e1051a39Sopenharmony_ciint ssl_log_rsa_client_key_exchange(SSL *ssl, 5573e1051a39Sopenharmony_ci const uint8_t *encrypted_premaster, 5574e1051a39Sopenharmony_ci size_t encrypted_premaster_len, 5575e1051a39Sopenharmony_ci const uint8_t *premaster, 5576e1051a39Sopenharmony_ci size_t premaster_len) 5577e1051a39Sopenharmony_ci{ 5578e1051a39Sopenharmony_ci if (encrypted_premaster_len < 8) { 5579e1051a39Sopenharmony_ci SSLfatal(ssl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); 5580e1051a39Sopenharmony_ci return 0; 5581e1051a39Sopenharmony_ci } 5582e1051a39Sopenharmony_ci 5583e1051a39Sopenharmony_ci /* We only want the first 8 bytes of the encrypted premaster as a tag. */ 5584e1051a39Sopenharmony_ci return nss_keylog_int("RSA", 5585e1051a39Sopenharmony_ci ssl, 5586e1051a39Sopenharmony_ci encrypted_premaster, 5587e1051a39Sopenharmony_ci 8, 5588e1051a39Sopenharmony_ci premaster, 5589e1051a39Sopenharmony_ci premaster_len); 5590e1051a39Sopenharmony_ci} 5591e1051a39Sopenharmony_ci 5592e1051a39Sopenharmony_ciint ssl_log_secret(SSL *ssl, 5593e1051a39Sopenharmony_ci const char *label, 5594e1051a39Sopenharmony_ci const uint8_t *secret, 5595e1051a39Sopenharmony_ci size_t secret_len) 5596e1051a39Sopenharmony_ci{ 5597e1051a39Sopenharmony_ci return nss_keylog_int(label, 5598e1051a39Sopenharmony_ci ssl, 5599e1051a39Sopenharmony_ci ssl->s3.client_random, 5600e1051a39Sopenharmony_ci SSL3_RANDOM_SIZE, 5601e1051a39Sopenharmony_ci secret, 5602e1051a39Sopenharmony_ci secret_len); 5603e1051a39Sopenharmony_ci} 5604e1051a39Sopenharmony_ci 5605e1051a39Sopenharmony_ci#define SSLV2_CIPHER_LEN 3 5606e1051a39Sopenharmony_ci 5607e1051a39Sopenharmony_ciint ssl_cache_cipherlist(SSL *s, PACKET *cipher_suites, int sslv2format) 5608e1051a39Sopenharmony_ci{ 5609e1051a39Sopenharmony_ci int n; 5610e1051a39Sopenharmony_ci 5611e1051a39Sopenharmony_ci n = sslv2format ? SSLV2_CIPHER_LEN : TLS_CIPHER_LEN; 5612e1051a39Sopenharmony_ci 5613e1051a39Sopenharmony_ci if (PACKET_remaining(cipher_suites) == 0) { 5614e1051a39Sopenharmony_ci SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_R_NO_CIPHERS_SPECIFIED); 5615e1051a39Sopenharmony_ci return 0; 5616e1051a39Sopenharmony_ci } 5617e1051a39Sopenharmony_ci 5618e1051a39Sopenharmony_ci if (PACKET_remaining(cipher_suites) % n != 0) { 5619e1051a39Sopenharmony_ci SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST); 5620e1051a39Sopenharmony_ci return 0; 5621e1051a39Sopenharmony_ci } 5622e1051a39Sopenharmony_ci 5623e1051a39Sopenharmony_ci OPENSSL_free(s->s3.tmp.ciphers_raw); 5624e1051a39Sopenharmony_ci s->s3.tmp.ciphers_raw = NULL; 5625e1051a39Sopenharmony_ci s->s3.tmp.ciphers_rawlen = 0; 5626e1051a39Sopenharmony_ci 5627e1051a39Sopenharmony_ci if (sslv2format) { 5628e1051a39Sopenharmony_ci size_t numciphers = PACKET_remaining(cipher_suites) / n; 5629e1051a39Sopenharmony_ci PACKET sslv2ciphers = *cipher_suites; 5630e1051a39Sopenharmony_ci unsigned int leadbyte; 5631e1051a39Sopenharmony_ci unsigned char *raw; 5632e1051a39Sopenharmony_ci 5633e1051a39Sopenharmony_ci /* 5634e1051a39Sopenharmony_ci * We store the raw ciphers list in SSLv3+ format so we need to do some 5635e1051a39Sopenharmony_ci * preprocessing to convert the list first. If there are any SSLv2 only 5636e1051a39Sopenharmony_ci * ciphersuites with a non-zero leading byte then we are going to 5637e1051a39Sopenharmony_ci * slightly over allocate because we won't store those. But that isn't a 5638e1051a39Sopenharmony_ci * problem. 5639e1051a39Sopenharmony_ci */ 5640e1051a39Sopenharmony_ci raw = OPENSSL_malloc(numciphers * TLS_CIPHER_LEN); 5641e1051a39Sopenharmony_ci s->s3.tmp.ciphers_raw = raw; 5642e1051a39Sopenharmony_ci if (raw == NULL) { 5643e1051a39Sopenharmony_ci SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); 5644e1051a39Sopenharmony_ci return 0; 5645e1051a39Sopenharmony_ci } 5646e1051a39Sopenharmony_ci for (s->s3.tmp.ciphers_rawlen = 0; 5647e1051a39Sopenharmony_ci PACKET_remaining(&sslv2ciphers) > 0; 5648e1051a39Sopenharmony_ci raw += TLS_CIPHER_LEN) { 5649e1051a39Sopenharmony_ci if (!PACKET_get_1(&sslv2ciphers, &leadbyte) 5650e1051a39Sopenharmony_ci || (leadbyte == 0 5651e1051a39Sopenharmony_ci && !PACKET_copy_bytes(&sslv2ciphers, raw, 5652e1051a39Sopenharmony_ci TLS_CIPHER_LEN)) 5653e1051a39Sopenharmony_ci || (leadbyte != 0 5654e1051a39Sopenharmony_ci && !PACKET_forward(&sslv2ciphers, TLS_CIPHER_LEN))) { 5655e1051a39Sopenharmony_ci SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_R_BAD_PACKET); 5656e1051a39Sopenharmony_ci OPENSSL_free(s->s3.tmp.ciphers_raw); 5657e1051a39Sopenharmony_ci s->s3.tmp.ciphers_raw = NULL; 5658e1051a39Sopenharmony_ci s->s3.tmp.ciphers_rawlen = 0; 5659e1051a39Sopenharmony_ci return 0; 5660e1051a39Sopenharmony_ci } 5661e1051a39Sopenharmony_ci if (leadbyte == 0) 5662e1051a39Sopenharmony_ci s->s3.tmp.ciphers_rawlen += TLS_CIPHER_LEN; 5663e1051a39Sopenharmony_ci } 5664e1051a39Sopenharmony_ci } else if (!PACKET_memdup(cipher_suites, &s->s3.tmp.ciphers_raw, 5665e1051a39Sopenharmony_ci &s->s3.tmp.ciphers_rawlen)) { 5666e1051a39Sopenharmony_ci SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); 5667e1051a39Sopenharmony_ci return 0; 5668e1051a39Sopenharmony_ci } 5669e1051a39Sopenharmony_ci return 1; 5670e1051a39Sopenharmony_ci} 5671e1051a39Sopenharmony_ci 5672e1051a39Sopenharmony_ciint SSL_bytes_to_cipher_list(SSL *s, const unsigned char *bytes, size_t len, 5673e1051a39Sopenharmony_ci int isv2format, STACK_OF(SSL_CIPHER) **sk, 5674e1051a39Sopenharmony_ci STACK_OF(SSL_CIPHER) **scsvs) 5675e1051a39Sopenharmony_ci{ 5676e1051a39Sopenharmony_ci PACKET pkt; 5677e1051a39Sopenharmony_ci 5678e1051a39Sopenharmony_ci if (!PACKET_buf_init(&pkt, bytes, len)) 5679e1051a39Sopenharmony_ci return 0; 5680e1051a39Sopenharmony_ci return bytes_to_cipher_list(s, &pkt, sk, scsvs, isv2format, 0); 5681e1051a39Sopenharmony_ci} 5682e1051a39Sopenharmony_ci 5683e1051a39Sopenharmony_ciint bytes_to_cipher_list(SSL *s, PACKET *cipher_suites, 5684e1051a39Sopenharmony_ci STACK_OF(SSL_CIPHER) **skp, 5685e1051a39Sopenharmony_ci STACK_OF(SSL_CIPHER) **scsvs_out, 5686e1051a39Sopenharmony_ci int sslv2format, int fatal) 5687e1051a39Sopenharmony_ci{ 5688e1051a39Sopenharmony_ci const SSL_CIPHER *c; 5689e1051a39Sopenharmony_ci STACK_OF(SSL_CIPHER) *sk = NULL; 5690e1051a39Sopenharmony_ci STACK_OF(SSL_CIPHER) *scsvs = NULL; 5691e1051a39Sopenharmony_ci int n; 5692e1051a39Sopenharmony_ci /* 3 = SSLV2_CIPHER_LEN > TLS_CIPHER_LEN = 2. */ 5693e1051a39Sopenharmony_ci unsigned char cipher[SSLV2_CIPHER_LEN]; 5694e1051a39Sopenharmony_ci 5695e1051a39Sopenharmony_ci n = sslv2format ? SSLV2_CIPHER_LEN : TLS_CIPHER_LEN; 5696e1051a39Sopenharmony_ci 5697e1051a39Sopenharmony_ci if (PACKET_remaining(cipher_suites) == 0) { 5698e1051a39Sopenharmony_ci if (fatal) 5699e1051a39Sopenharmony_ci SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_R_NO_CIPHERS_SPECIFIED); 5700e1051a39Sopenharmony_ci else 5701e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_NO_CIPHERS_SPECIFIED); 5702e1051a39Sopenharmony_ci return 0; 5703e1051a39Sopenharmony_ci } 5704e1051a39Sopenharmony_ci 5705e1051a39Sopenharmony_ci if (PACKET_remaining(cipher_suites) % n != 0) { 5706e1051a39Sopenharmony_ci if (fatal) 5707e1051a39Sopenharmony_ci SSLfatal(s, SSL_AD_DECODE_ERROR, 5708e1051a39Sopenharmony_ci SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST); 5709e1051a39Sopenharmony_ci else 5710e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST); 5711e1051a39Sopenharmony_ci return 0; 5712e1051a39Sopenharmony_ci } 5713e1051a39Sopenharmony_ci 5714e1051a39Sopenharmony_ci sk = sk_SSL_CIPHER_new_null(); 5715e1051a39Sopenharmony_ci scsvs = sk_SSL_CIPHER_new_null(); 5716e1051a39Sopenharmony_ci if (sk == NULL || scsvs == NULL) { 5717e1051a39Sopenharmony_ci if (fatal) 5718e1051a39Sopenharmony_ci SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); 5719e1051a39Sopenharmony_ci else 5720e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); 5721e1051a39Sopenharmony_ci goto err; 5722e1051a39Sopenharmony_ci } 5723e1051a39Sopenharmony_ci 5724e1051a39Sopenharmony_ci while (PACKET_copy_bytes(cipher_suites, cipher, n)) { 5725e1051a39Sopenharmony_ci /* 5726e1051a39Sopenharmony_ci * SSLv3 ciphers wrapped in an SSLv2-compatible ClientHello have the 5727e1051a39Sopenharmony_ci * first byte set to zero, while true SSLv2 ciphers have a non-zero 5728e1051a39Sopenharmony_ci * first byte. We don't support any true SSLv2 ciphers, so skip them. 5729e1051a39Sopenharmony_ci */ 5730e1051a39Sopenharmony_ci if (sslv2format && cipher[0] != '\0') 5731e1051a39Sopenharmony_ci continue; 5732e1051a39Sopenharmony_ci 5733e1051a39Sopenharmony_ci /* For SSLv2-compat, ignore leading 0-byte. */ 5734e1051a39Sopenharmony_ci c = ssl_get_cipher_by_char(s, sslv2format ? &cipher[1] : cipher, 1); 5735e1051a39Sopenharmony_ci if (c != NULL) { 5736e1051a39Sopenharmony_ci if ((c->valid && !sk_SSL_CIPHER_push(sk, c)) || 5737e1051a39Sopenharmony_ci (!c->valid && !sk_SSL_CIPHER_push(scsvs, c))) { 5738e1051a39Sopenharmony_ci if (fatal) 5739e1051a39Sopenharmony_ci SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); 5740e1051a39Sopenharmony_ci else 5741e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); 5742e1051a39Sopenharmony_ci goto err; 5743e1051a39Sopenharmony_ci } 5744e1051a39Sopenharmony_ci } 5745e1051a39Sopenharmony_ci } 5746e1051a39Sopenharmony_ci if (PACKET_remaining(cipher_suites) > 0) { 5747e1051a39Sopenharmony_ci if (fatal) 5748e1051a39Sopenharmony_ci SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_R_BAD_LENGTH); 5749e1051a39Sopenharmony_ci else 5750e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_BAD_LENGTH); 5751e1051a39Sopenharmony_ci goto err; 5752e1051a39Sopenharmony_ci } 5753e1051a39Sopenharmony_ci 5754e1051a39Sopenharmony_ci if (skp != NULL) 5755e1051a39Sopenharmony_ci *skp = sk; 5756e1051a39Sopenharmony_ci else 5757e1051a39Sopenharmony_ci sk_SSL_CIPHER_free(sk); 5758e1051a39Sopenharmony_ci if (scsvs_out != NULL) 5759e1051a39Sopenharmony_ci *scsvs_out = scsvs; 5760e1051a39Sopenharmony_ci else 5761e1051a39Sopenharmony_ci sk_SSL_CIPHER_free(scsvs); 5762e1051a39Sopenharmony_ci return 1; 5763e1051a39Sopenharmony_ci err: 5764e1051a39Sopenharmony_ci sk_SSL_CIPHER_free(sk); 5765e1051a39Sopenharmony_ci sk_SSL_CIPHER_free(scsvs); 5766e1051a39Sopenharmony_ci return 0; 5767e1051a39Sopenharmony_ci} 5768e1051a39Sopenharmony_ci 5769e1051a39Sopenharmony_ciint SSL_CTX_set_max_early_data(SSL_CTX *ctx, uint32_t max_early_data) 5770e1051a39Sopenharmony_ci{ 5771e1051a39Sopenharmony_ci ctx->max_early_data = max_early_data; 5772e1051a39Sopenharmony_ci 5773e1051a39Sopenharmony_ci return 1; 5774e1051a39Sopenharmony_ci} 5775e1051a39Sopenharmony_ci 5776e1051a39Sopenharmony_ciuint32_t SSL_CTX_get_max_early_data(const SSL_CTX *ctx) 5777e1051a39Sopenharmony_ci{ 5778e1051a39Sopenharmony_ci return ctx->max_early_data; 5779e1051a39Sopenharmony_ci} 5780e1051a39Sopenharmony_ci 5781e1051a39Sopenharmony_ciint SSL_set_max_early_data(SSL *s, uint32_t max_early_data) 5782e1051a39Sopenharmony_ci{ 5783e1051a39Sopenharmony_ci s->max_early_data = max_early_data; 5784e1051a39Sopenharmony_ci 5785e1051a39Sopenharmony_ci return 1; 5786e1051a39Sopenharmony_ci} 5787e1051a39Sopenharmony_ci 5788e1051a39Sopenharmony_ciuint32_t SSL_get_max_early_data(const SSL *s) 5789e1051a39Sopenharmony_ci{ 5790e1051a39Sopenharmony_ci return s->max_early_data; 5791e1051a39Sopenharmony_ci} 5792e1051a39Sopenharmony_ci 5793e1051a39Sopenharmony_ciint SSL_CTX_set_recv_max_early_data(SSL_CTX *ctx, uint32_t recv_max_early_data) 5794e1051a39Sopenharmony_ci{ 5795e1051a39Sopenharmony_ci ctx->recv_max_early_data = recv_max_early_data; 5796e1051a39Sopenharmony_ci 5797e1051a39Sopenharmony_ci return 1; 5798e1051a39Sopenharmony_ci} 5799e1051a39Sopenharmony_ci 5800e1051a39Sopenharmony_ciuint32_t SSL_CTX_get_recv_max_early_data(const SSL_CTX *ctx) 5801e1051a39Sopenharmony_ci{ 5802e1051a39Sopenharmony_ci return ctx->recv_max_early_data; 5803e1051a39Sopenharmony_ci} 5804e1051a39Sopenharmony_ci 5805e1051a39Sopenharmony_ciint SSL_set_recv_max_early_data(SSL *s, uint32_t recv_max_early_data) 5806e1051a39Sopenharmony_ci{ 5807e1051a39Sopenharmony_ci s->recv_max_early_data = recv_max_early_data; 5808e1051a39Sopenharmony_ci 5809e1051a39Sopenharmony_ci return 1; 5810e1051a39Sopenharmony_ci} 5811e1051a39Sopenharmony_ci 5812e1051a39Sopenharmony_ciuint32_t SSL_get_recv_max_early_data(const SSL *s) 5813e1051a39Sopenharmony_ci{ 5814e1051a39Sopenharmony_ci return s->recv_max_early_data; 5815e1051a39Sopenharmony_ci} 5816e1051a39Sopenharmony_ci 5817e1051a39Sopenharmony_ci__owur unsigned int ssl_get_max_send_fragment(const SSL *ssl) 5818e1051a39Sopenharmony_ci{ 5819e1051a39Sopenharmony_ci /* Return any active Max Fragment Len extension */ 5820e1051a39Sopenharmony_ci if (ssl->session != NULL && USE_MAX_FRAGMENT_LENGTH_EXT(ssl->session)) 5821e1051a39Sopenharmony_ci return GET_MAX_FRAGMENT_LENGTH(ssl->session); 5822e1051a39Sopenharmony_ci 5823e1051a39Sopenharmony_ci /* return current SSL connection setting */ 5824e1051a39Sopenharmony_ci return ssl->max_send_fragment; 5825e1051a39Sopenharmony_ci} 5826e1051a39Sopenharmony_ci 5827e1051a39Sopenharmony_ci__owur unsigned int ssl_get_split_send_fragment(const SSL *ssl) 5828e1051a39Sopenharmony_ci{ 5829e1051a39Sopenharmony_ci /* Return a value regarding an active Max Fragment Len extension */ 5830e1051a39Sopenharmony_ci if (ssl->session != NULL && USE_MAX_FRAGMENT_LENGTH_EXT(ssl->session) 5831e1051a39Sopenharmony_ci && ssl->split_send_fragment > GET_MAX_FRAGMENT_LENGTH(ssl->session)) 5832e1051a39Sopenharmony_ci return GET_MAX_FRAGMENT_LENGTH(ssl->session); 5833e1051a39Sopenharmony_ci 5834e1051a39Sopenharmony_ci /* else limit |split_send_fragment| to current |max_send_fragment| */ 5835e1051a39Sopenharmony_ci if (ssl->split_send_fragment > ssl->max_send_fragment) 5836e1051a39Sopenharmony_ci return ssl->max_send_fragment; 5837e1051a39Sopenharmony_ci 5838e1051a39Sopenharmony_ci /* return current SSL connection setting */ 5839e1051a39Sopenharmony_ci return ssl->split_send_fragment; 5840e1051a39Sopenharmony_ci} 5841e1051a39Sopenharmony_ci 5842e1051a39Sopenharmony_ciint SSL_stateless(SSL *s) 5843e1051a39Sopenharmony_ci{ 5844e1051a39Sopenharmony_ci int ret; 5845e1051a39Sopenharmony_ci 5846e1051a39Sopenharmony_ci /* Ensure there is no state left over from a previous invocation */ 5847e1051a39Sopenharmony_ci if (!SSL_clear(s)) 5848e1051a39Sopenharmony_ci return 0; 5849e1051a39Sopenharmony_ci 5850e1051a39Sopenharmony_ci ERR_clear_error(); 5851e1051a39Sopenharmony_ci 5852e1051a39Sopenharmony_ci s->s3.flags |= TLS1_FLAGS_STATELESS; 5853e1051a39Sopenharmony_ci ret = SSL_accept(s); 5854e1051a39Sopenharmony_ci s->s3.flags &= ~TLS1_FLAGS_STATELESS; 5855e1051a39Sopenharmony_ci 5856e1051a39Sopenharmony_ci if (ret > 0 && s->ext.cookieok) 5857e1051a39Sopenharmony_ci return 1; 5858e1051a39Sopenharmony_ci 5859e1051a39Sopenharmony_ci if (s->hello_retry_request == SSL_HRR_PENDING && !ossl_statem_in_error(s)) 5860e1051a39Sopenharmony_ci return 0; 5861e1051a39Sopenharmony_ci 5862e1051a39Sopenharmony_ci return -1; 5863e1051a39Sopenharmony_ci} 5864e1051a39Sopenharmony_ci 5865e1051a39Sopenharmony_civoid SSL_CTX_set_post_handshake_auth(SSL_CTX *ctx, int val) 5866e1051a39Sopenharmony_ci{ 5867e1051a39Sopenharmony_ci ctx->pha_enabled = val; 5868e1051a39Sopenharmony_ci} 5869e1051a39Sopenharmony_ci 5870e1051a39Sopenharmony_civoid SSL_set_post_handshake_auth(SSL *ssl, int val) 5871e1051a39Sopenharmony_ci{ 5872e1051a39Sopenharmony_ci ssl->pha_enabled = val; 5873e1051a39Sopenharmony_ci} 5874e1051a39Sopenharmony_ci 5875e1051a39Sopenharmony_ciint SSL_verify_client_post_handshake(SSL *ssl) 5876e1051a39Sopenharmony_ci{ 5877e1051a39Sopenharmony_ci if (!SSL_IS_TLS13(ssl)) { 5878e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_WRONG_SSL_VERSION); 5879e1051a39Sopenharmony_ci return 0; 5880e1051a39Sopenharmony_ci } 5881e1051a39Sopenharmony_ci if (!ssl->server) { 5882e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_NOT_SERVER); 5883e1051a39Sopenharmony_ci return 0; 5884e1051a39Sopenharmony_ci } 5885e1051a39Sopenharmony_ci 5886e1051a39Sopenharmony_ci if (!SSL_is_init_finished(ssl)) { 5887e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_STILL_IN_INIT); 5888e1051a39Sopenharmony_ci return 0; 5889e1051a39Sopenharmony_ci } 5890e1051a39Sopenharmony_ci 5891e1051a39Sopenharmony_ci switch (ssl->post_handshake_auth) { 5892e1051a39Sopenharmony_ci case SSL_PHA_NONE: 5893e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_EXTENSION_NOT_RECEIVED); 5894e1051a39Sopenharmony_ci return 0; 5895e1051a39Sopenharmony_ci default: 5896e1051a39Sopenharmony_ci case SSL_PHA_EXT_SENT: 5897e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR); 5898e1051a39Sopenharmony_ci return 0; 5899e1051a39Sopenharmony_ci case SSL_PHA_EXT_RECEIVED: 5900e1051a39Sopenharmony_ci break; 5901e1051a39Sopenharmony_ci case SSL_PHA_REQUEST_PENDING: 5902e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_REQUEST_PENDING); 5903e1051a39Sopenharmony_ci return 0; 5904e1051a39Sopenharmony_ci case SSL_PHA_REQUESTED: 5905e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_REQUEST_SENT); 5906e1051a39Sopenharmony_ci return 0; 5907e1051a39Sopenharmony_ci } 5908e1051a39Sopenharmony_ci 5909e1051a39Sopenharmony_ci ssl->post_handshake_auth = SSL_PHA_REQUEST_PENDING; 5910e1051a39Sopenharmony_ci 5911e1051a39Sopenharmony_ci /* checks verify_mode and algorithm_auth */ 5912e1051a39Sopenharmony_ci if (!send_certificate_request(ssl)) { 5913e1051a39Sopenharmony_ci ssl->post_handshake_auth = SSL_PHA_EXT_RECEIVED; /* restore on error */ 5914e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_INVALID_CONFIG); 5915e1051a39Sopenharmony_ci return 0; 5916e1051a39Sopenharmony_ci } 5917e1051a39Sopenharmony_ci 5918e1051a39Sopenharmony_ci ossl_statem_set_in_init(ssl, 1); 5919e1051a39Sopenharmony_ci return 1; 5920e1051a39Sopenharmony_ci} 5921e1051a39Sopenharmony_ci 5922e1051a39Sopenharmony_ciint SSL_CTX_set_session_ticket_cb(SSL_CTX *ctx, 5923e1051a39Sopenharmony_ci SSL_CTX_generate_session_ticket_fn gen_cb, 5924e1051a39Sopenharmony_ci SSL_CTX_decrypt_session_ticket_fn dec_cb, 5925e1051a39Sopenharmony_ci void *arg) 5926e1051a39Sopenharmony_ci{ 5927e1051a39Sopenharmony_ci ctx->generate_ticket_cb = gen_cb; 5928e1051a39Sopenharmony_ci ctx->decrypt_ticket_cb = dec_cb; 5929e1051a39Sopenharmony_ci ctx->ticket_cb_data = arg; 5930e1051a39Sopenharmony_ci return 1; 5931e1051a39Sopenharmony_ci} 5932e1051a39Sopenharmony_ci 5933e1051a39Sopenharmony_civoid SSL_CTX_set_allow_early_data_cb(SSL_CTX *ctx, 5934e1051a39Sopenharmony_ci SSL_allow_early_data_cb_fn cb, 5935e1051a39Sopenharmony_ci void *arg) 5936e1051a39Sopenharmony_ci{ 5937e1051a39Sopenharmony_ci ctx->allow_early_data_cb = cb; 5938e1051a39Sopenharmony_ci ctx->allow_early_data_cb_data = arg; 5939e1051a39Sopenharmony_ci} 5940e1051a39Sopenharmony_ci 5941e1051a39Sopenharmony_civoid SSL_set_allow_early_data_cb(SSL *s, 5942e1051a39Sopenharmony_ci SSL_allow_early_data_cb_fn cb, 5943e1051a39Sopenharmony_ci void *arg) 5944e1051a39Sopenharmony_ci{ 5945e1051a39Sopenharmony_ci s->allow_early_data_cb = cb; 5946e1051a39Sopenharmony_ci s->allow_early_data_cb_data = arg; 5947e1051a39Sopenharmony_ci} 5948e1051a39Sopenharmony_ci 5949e1051a39Sopenharmony_ciconst EVP_CIPHER *ssl_evp_cipher_fetch(OSSL_LIB_CTX *libctx, 5950e1051a39Sopenharmony_ci int nid, 5951e1051a39Sopenharmony_ci const char *properties) 5952e1051a39Sopenharmony_ci{ 5953e1051a39Sopenharmony_ci const EVP_CIPHER *ciph; 5954e1051a39Sopenharmony_ci 5955e1051a39Sopenharmony_ci ciph = tls_get_cipher_from_engine(nid); 5956e1051a39Sopenharmony_ci if (ciph != NULL) 5957e1051a39Sopenharmony_ci return ciph; 5958e1051a39Sopenharmony_ci 5959e1051a39Sopenharmony_ci /* 5960e1051a39Sopenharmony_ci * If there is no engine cipher then we do an explicit fetch. This may fail 5961e1051a39Sopenharmony_ci * and that could be ok 5962e1051a39Sopenharmony_ci */ 5963e1051a39Sopenharmony_ci ERR_set_mark(); 5964e1051a39Sopenharmony_ci ciph = EVP_CIPHER_fetch(libctx, OBJ_nid2sn(nid), properties); 5965e1051a39Sopenharmony_ci ERR_pop_to_mark(); 5966e1051a39Sopenharmony_ci return ciph; 5967e1051a39Sopenharmony_ci} 5968e1051a39Sopenharmony_ci 5969e1051a39Sopenharmony_ci 5970e1051a39Sopenharmony_ciint ssl_evp_cipher_up_ref(const EVP_CIPHER *cipher) 5971e1051a39Sopenharmony_ci{ 5972e1051a39Sopenharmony_ci /* Don't up-ref an implicit EVP_CIPHER */ 5973e1051a39Sopenharmony_ci if (EVP_CIPHER_get0_provider(cipher) == NULL) 5974e1051a39Sopenharmony_ci return 1; 5975e1051a39Sopenharmony_ci 5976e1051a39Sopenharmony_ci /* 5977e1051a39Sopenharmony_ci * The cipher was explicitly fetched and therefore it is safe to cast 5978e1051a39Sopenharmony_ci * away the const 5979e1051a39Sopenharmony_ci */ 5980e1051a39Sopenharmony_ci return EVP_CIPHER_up_ref((EVP_CIPHER *)cipher); 5981e1051a39Sopenharmony_ci} 5982e1051a39Sopenharmony_ci 5983e1051a39Sopenharmony_civoid ssl_evp_cipher_free(const EVP_CIPHER *cipher) 5984e1051a39Sopenharmony_ci{ 5985e1051a39Sopenharmony_ci if (cipher == NULL) 5986e1051a39Sopenharmony_ci return; 5987e1051a39Sopenharmony_ci 5988e1051a39Sopenharmony_ci if (EVP_CIPHER_get0_provider(cipher) != NULL) { 5989e1051a39Sopenharmony_ci /* 5990e1051a39Sopenharmony_ci * The cipher was explicitly fetched and therefore it is safe to cast 5991e1051a39Sopenharmony_ci * away the const 5992e1051a39Sopenharmony_ci */ 5993e1051a39Sopenharmony_ci EVP_CIPHER_free((EVP_CIPHER *)cipher); 5994e1051a39Sopenharmony_ci } 5995e1051a39Sopenharmony_ci} 5996e1051a39Sopenharmony_ci 5997e1051a39Sopenharmony_ciconst EVP_MD *ssl_evp_md_fetch(OSSL_LIB_CTX *libctx, 5998e1051a39Sopenharmony_ci int nid, 5999e1051a39Sopenharmony_ci const char *properties) 6000e1051a39Sopenharmony_ci{ 6001e1051a39Sopenharmony_ci const EVP_MD *md; 6002e1051a39Sopenharmony_ci 6003e1051a39Sopenharmony_ci md = tls_get_digest_from_engine(nid); 6004e1051a39Sopenharmony_ci if (md != NULL) 6005e1051a39Sopenharmony_ci return md; 6006e1051a39Sopenharmony_ci 6007e1051a39Sopenharmony_ci /* Otherwise we do an explicit fetch */ 6008e1051a39Sopenharmony_ci ERR_set_mark(); 6009e1051a39Sopenharmony_ci md = EVP_MD_fetch(libctx, OBJ_nid2sn(nid), properties); 6010e1051a39Sopenharmony_ci ERR_pop_to_mark(); 6011e1051a39Sopenharmony_ci return md; 6012e1051a39Sopenharmony_ci} 6013e1051a39Sopenharmony_ci 6014e1051a39Sopenharmony_ciint ssl_evp_md_up_ref(const EVP_MD *md) 6015e1051a39Sopenharmony_ci{ 6016e1051a39Sopenharmony_ci /* Don't up-ref an implicit EVP_MD */ 6017e1051a39Sopenharmony_ci if (EVP_MD_get0_provider(md) == NULL) 6018e1051a39Sopenharmony_ci return 1; 6019e1051a39Sopenharmony_ci 6020e1051a39Sopenharmony_ci /* 6021e1051a39Sopenharmony_ci * The digest was explicitly fetched and therefore it is safe to cast 6022e1051a39Sopenharmony_ci * away the const 6023e1051a39Sopenharmony_ci */ 6024e1051a39Sopenharmony_ci return EVP_MD_up_ref((EVP_MD *)md); 6025e1051a39Sopenharmony_ci} 6026e1051a39Sopenharmony_ci 6027e1051a39Sopenharmony_civoid ssl_evp_md_free(const EVP_MD *md) 6028e1051a39Sopenharmony_ci{ 6029e1051a39Sopenharmony_ci if (md == NULL) 6030e1051a39Sopenharmony_ci return; 6031e1051a39Sopenharmony_ci 6032e1051a39Sopenharmony_ci if (EVP_MD_get0_provider(md) != NULL) { 6033e1051a39Sopenharmony_ci /* 6034e1051a39Sopenharmony_ci * The digest was explicitly fetched and therefore it is safe to cast 6035e1051a39Sopenharmony_ci * away the const 6036e1051a39Sopenharmony_ci */ 6037e1051a39Sopenharmony_ci EVP_MD_free((EVP_MD *)md); 6038e1051a39Sopenharmony_ci } 6039e1051a39Sopenharmony_ci} 6040e1051a39Sopenharmony_ci 6041e1051a39Sopenharmony_ciint SSL_set0_tmp_dh_pkey(SSL *s, EVP_PKEY *dhpkey) 6042e1051a39Sopenharmony_ci{ 6043e1051a39Sopenharmony_ci if (!ssl_security(s, SSL_SECOP_TMP_DH, 6044e1051a39Sopenharmony_ci EVP_PKEY_get_security_bits(dhpkey), 0, dhpkey)) { 6045e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_DH_KEY_TOO_SMALL); 6046e1051a39Sopenharmony_ci return 0; 6047e1051a39Sopenharmony_ci } 6048e1051a39Sopenharmony_ci EVP_PKEY_free(s->cert->dh_tmp); 6049e1051a39Sopenharmony_ci s->cert->dh_tmp = dhpkey; 6050e1051a39Sopenharmony_ci return 1; 6051e1051a39Sopenharmony_ci} 6052e1051a39Sopenharmony_ci 6053e1051a39Sopenharmony_ciint SSL_CTX_set0_tmp_dh_pkey(SSL_CTX *ctx, EVP_PKEY *dhpkey) 6054e1051a39Sopenharmony_ci{ 6055e1051a39Sopenharmony_ci if (!ssl_ctx_security(ctx, SSL_SECOP_TMP_DH, 6056e1051a39Sopenharmony_ci EVP_PKEY_get_security_bits(dhpkey), 0, dhpkey)) { 6057e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_SSL, SSL_R_DH_KEY_TOO_SMALL); 6058e1051a39Sopenharmony_ci return 0; 6059e1051a39Sopenharmony_ci } 6060e1051a39Sopenharmony_ci EVP_PKEY_free(ctx->cert->dh_tmp); 6061e1051a39Sopenharmony_ci ctx->cert->dh_tmp = dhpkey; 6062e1051a39Sopenharmony_ci return 1; 6063e1051a39Sopenharmony_ci} 6064