new ctrl to retrive value of received temporary key in server key exchange message, print out details in s_client
(backport from HEAD)
This commit is contained in:
37
ssl/s3_lib.c
37
ssl/s3_lib.c
@@ -3477,6 +3477,43 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
|
||||
else
|
||||
return 0;
|
||||
|
||||
case SSL_CTRL_GET_SERVER_TMP_KEY:
|
||||
if (s->server || !s->session || !s->session->sess_cert)
|
||||
return 0;
|
||||
else
|
||||
{
|
||||
SESS_CERT *sc;
|
||||
EVP_PKEY *ptmp;
|
||||
int rv = 0;
|
||||
sc = s->session->sess_cert;
|
||||
if (!sc->peer_rsa_tmp && !sc->peer_dh_tmp
|
||||
&& !sc->peer_ecdh_tmp)
|
||||
return 0;
|
||||
ptmp = EVP_PKEY_new();
|
||||
if (!ptmp)
|
||||
return 0;
|
||||
if (0);
|
||||
#ifndef OPENSSL_NO_RSA
|
||||
else if (sc->peer_rsa_tmp)
|
||||
rv = EVP_PKEY_set1_RSA(ptmp, sc->peer_rsa_tmp);
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_DH
|
||||
else if (sc->peer_dh_tmp)
|
||||
rv = EVP_PKEY_set1_DH(ptmp, sc->peer_dh_tmp);
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_ECDH
|
||||
else if (sc->peer_ecdh_tmp)
|
||||
rv = EVP_PKEY_set1_EC_KEY(ptmp, sc->peer_ecdh_tmp);
|
||||
#endif
|
||||
if (rv)
|
||||
{
|
||||
*(EVP_PKEY **)parg = ptmp;
|
||||
return 1;
|
||||
}
|
||||
EVP_PKEY_free(ptmp);
|
||||
return 0;
|
||||
}
|
||||
|
||||
default:
|
||||
break;
|
||||
}
|
||||
|
@@ -1698,6 +1698,7 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
|
||||
#define SSL_CTRL_SET_VERIFY_CERT_STORE 106
|
||||
#define SSL_CTRL_SET_CHAIN_CERT_STORE 107
|
||||
#define SSL_CTRL_GET_PEER_SIGNATURE_NID 108
|
||||
#define SSL_CTRL_GET_SERVER_TMP_KEY 109
|
||||
|
||||
#define DTLSv1_get_timeout(ssl, arg) \
|
||||
SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg)
|
||||
@@ -1825,6 +1826,9 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
|
||||
#define SSL_get_peer_signature_nid(s, pn) \
|
||||
SSL_ctrl(s,SSL_CTRL_GET_PEER_SIGNATURE_NID,0,pn)
|
||||
|
||||
#define SSL_get_server_tmp_key(s, pk) \
|
||||
SSL_ctrl(s,SSL_CTRL_GET_SERVER_TMP_KEY,0,pk)
|
||||
|
||||
#ifndef OPENSSL_NO_BIO
|
||||
BIO_METHOD *BIO_f_ssl(void);
|
||||
BIO *BIO_new_ssl(SSL_CTX *ctx,int client);
|
||||
|
Reference in New Issue
Block a user