generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Deprecate the use of version-specific methods

Browse Source 
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

MR: #1824
This commit is contained in:
Kurt Roeckx
2016-03-02 22:39:40 +01:00
parent 885e601d97
commit 2b8fa1d56c
6 changed files with 191 additions and 64 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
doc/ssl/SSL_CTX_new.pod
View File

@@ -92,7 +92,7 @@ These are the general-purpose I<version-flexible> SSL/TLS methods.
The actual protocol version used will be negotiated to the highest version The actual protocol version used will be negotiated to the highest version
mutually supported by the client and the server. mutually supported by the client and the server.
The supported protocols are SSLv3, TLSv1, TLSv1.1 and TLSv1.2. The supported protocols are SSLv3, TLSv1, TLSv1.1 and TLSv1.2.
Most applications should use these method, and avoid the version specific Applications should use these methods, and avoid the version-specific
methods described below. methods described below.
=item SSLv23_method(), SSLv23_server_method(), SSLv23_client_method() =item SSLv23_method(), SSLv23_server_method(), SSLv23_client_method()
@@ -196,6 +196,8 @@ SSLv23_method(), SSLv23_server_method() and SSLv23_client_method()
were deprecated and the preferred TLS_method(), TLS_server_method() were deprecated and the preferred TLS_method(), TLS_server_method()
and TLS_client_method() functions were introduced in OpenSSL 1.1.0. and TLS_client_method() functions were introduced in OpenSSL 1.1.0.
All version-specific methods were deprecated in OpenSSL 1.1.0.
=head1 SEE ALSO =head1 SEE ALSO
L<SSL_CTX_set_options(3)>, L<SSL_CTX_free(3)>, L<SSL_accept(3)>, L<SSL_CTX_set_options(3)>, L<SSL_CTX_free(3)>, L<SSL_accept(3)>,

36
include/openssl/ssl.h
View File

@@ -1642,9 +1642,9 @@ __owur const char *SSL_get_version(const SSL *s);
__owur int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth); __owur int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth);
# ifndef OPENSSL_NO_SSL3_METHOD # ifndef OPENSSL_NO_SSL3_METHOD
__owur const SSL_METHOD *SSLv3_method(void); /* SSLv3 */ DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *SSLv3_method(void)) /* SSLv3 */
__owur const SSL_METHOD *SSLv3_server_method(void); /* SSLv3 */ DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *SSLv3_server_method(void)) /* SSLv3 */
__owur const SSL_METHOD *SSLv3_client_method(void); /* SSLv3 */ DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *SSLv3_client_method(void)) /* SSLv3 */
# endif # endif
#define SSLv23_method TLS_method #define SSLv23_method TLS_method
@@ -1657,33 +1657,33 @@ __owur const SSL_METHOD *TLS_server_method(void);
__owur const SSL_METHOD *TLS_client_method(void); __owur const SSL_METHOD *TLS_client_method(void);
# ifndef OPENSSL_NO_TLS1_METHOD # ifndef OPENSSL_NO_TLS1_METHOD
__owur const SSL_METHOD *TLSv1_method(void); /* TLSv1.0 */ DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *TLSv1_method(void)) /* TLSv1.0 */
__owur const SSL_METHOD *TLSv1_server_method(void); /* TLSv1.0 */ DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *TLSv1_server_method(void)) /* TLSv1.0 */
__owur const SSL_METHOD *TLSv1_client_method(void); /* TLSv1.0 */ DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *TLSv1_client_method(void)) /* TLSv1.0 */
# endif # endif
# ifndef OPENSSL_NO_TLS1_1_METHOD # ifndef OPENSSL_NO_TLS1_1_METHOD
__owur const SSL_METHOD *TLSv1_1_method(void); /* TLSv1.1 */ DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *TLSv1_1_method(void)) /* TLSv1.1 */
__owur const SSL_METHOD *TLSv1_1_server_method(void); /* TLSv1.1 */ DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *TLSv1_1_server_method(void)) /* TLSv1.1 */
__owur const SSL_METHOD *TLSv1_1_client_method(void); /* TLSv1.1 */ DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *TLSv1_1_client_method(void)) /* TLSv1.1 */
# endif # endif
# ifndef OPENSSL_NO_TLS1_2_METHOD # ifndef OPENSSL_NO_TLS1_2_METHOD
__owur const SSL_METHOD *TLSv1_2_method(void); /* TLSv1.2 */ DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *TLSv1_2_method(void)) /* TLSv1.2 */
__owur const SSL_METHOD *TLSv1_2_server_method(void); /* TLSv1.2 */ DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *TLSv1_2_server_method(void)) /* TLSv1.2 */
__owur const SSL_METHOD *TLSv1_2_client_method(void); /* TLSv1.2 */ DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *TLSv1_2_client_method(void)) /* TLSv1.2 */
# endif # endif
# ifndef OPENSSL_NO_DTLS1_METHOD # ifndef OPENSSL_NO_DTLS1_METHOD
__owur const SSL_METHOD *DTLSv1_method(void); /* DTLSv1.0 */ DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *DTLSv1_method(void)) /* DTLSv1.0 */
__owur const SSL_METHOD *DTLSv1_server_method(void); /* DTLSv1.0 */ DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *DTLSv1_server_method(void)) /* DTLSv1.0 */
__owur const SSL_METHOD *DTLSv1_client_method(void); /* DTLSv1.0 */ DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *DTLSv1_client_method(void)) /* DTLSv1.0 */
# endif # endif
# ifndef OPENSSL_NO_DTLS1_2_METHOD # ifndef OPENSSL_NO_DTLS1_2_METHOD
__owur const SSL_METHOD *DTLSv1_2_method(void); /* DTLSv1.2 */ DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *DTLSv1_2_method(void)) /* DTLSv1.2 */
__owur const SSL_METHOD *DTLSv1_2_server_method(void); /* DTLSv1.2 */ DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *DTLSv1_2_server_method(void)) /* DTLSv1.2 */
__owur const SSL_METHOD *DTLSv1_2_client_method(void); /* DTLSv1.2 */ DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *DTLSv1_2_client_method(void)) /* DTLSv1.2 */
#endif #endif
__owur const SSL_METHOD *DTLS_method(void); /* DTLS 1.0 and 1.2 */ __owur const SSL_METHOD *DTLS_method(void); /* DTLS 1.0 and 1.2 */

181
ssl/methods.c
View File

@@ -107,7 +107,7 @@
* Hudson (tjh@cryptsoft.com). * Hudson (tjh@cryptsoft.com).
* *
*/ */
#include <stdio.h> #include <stdio.h>
#include <openssl/objects.h> #include <openssl/objects.h>
#include "ssl_locl.h" #include "ssl_locl.h"
@@ -122,19 +122,19 @@ static const SSL_METHOD *tls1_get_method(int ver)
return TLS_method(); return TLS_method();
#ifndef OPENSSL_NO_TLS1_2 #ifndef OPENSSL_NO_TLS1_2
if (ver == TLS1_2_VERSION) if (ver == TLS1_2_VERSION)
return TLSv1_2_method(); return tlsv1_2_method();
#endif #endif
#ifndef OPENSSL_NO_TLS1_1 #ifndef OPENSSL_NO_TLS1_1
if (ver == TLS1_1_VERSION) if (ver == TLS1_1_VERSION)
return TLSv1_1_method(); return tlsv1_1_method();
#endif #endif
#ifndef OPENSSL_NO_TLS1 #ifndef OPENSSL_NO_TLS1
if (ver == TLS1_VERSION) if (ver == TLS1_VERSION)
return TLSv1_method(); return tlsv1_method();
#endif #endif
#ifndef OPENSSL_NO_SSL3 #ifndef OPENSSL_NO_SSL3
if (ver == SSL3_VERSION) if (ver == SSL3_VERSION)
return (SSLv3_method()); return (sslv3_method());
else else
#endif #endif
return NULL; return NULL;
@@ -147,27 +147,27 @@ IMPLEMENT_tls_meth_func(TLS_ANY_VERSION, 0, 0,
#ifndef OPENSSL_NO_TLS1_2_METHOD #ifndef OPENSSL_NO_TLS1_2_METHOD
IMPLEMENT_tls_meth_func(TLS1_2_VERSION, 0, SSL_OP_NO_TLSv1_2, IMPLEMENT_tls_meth_func(TLS1_2_VERSION, 0, SSL_OP_NO_TLSv1_2,
TLSv1_2_method, tlsv1_2_method,
ossl_statem_accept, ossl_statem_accept,
ossl_statem_connect, tls1_get_method, TLSv1_2_enc_data) ossl_statem_connect, tls1_get_method, TLSv1_2_enc_data)
#endif #endif
#ifndef OPENSSL_NO_TLS1_1_METHOD #ifndef OPENSSL_NO_TLS1_1_METHOD
IMPLEMENT_tls_meth_func(TLS1_1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_TLSv1_1, IMPLEMENT_tls_meth_func(TLS1_1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_TLSv1_1,
TLSv1_1_method, tlsv1_1_method,
ossl_statem_accept, ossl_statem_accept,
ossl_statem_connect, tls1_get_method, TLSv1_1_enc_data) ossl_statem_connect, tls1_get_method, TLSv1_1_enc_data)
#endif #endif
#ifndef OPENSSL_NO_TLS1_METHOD #ifndef OPENSSL_NO_TLS1_METHOD
IMPLEMENT_tls_meth_func(TLS1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_TLSv1, IMPLEMENT_tls_meth_func(TLS1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_TLSv1,
TLSv1_method, tlsv1_method,
ossl_statem_accept, ossl_statem_accept,
ossl_statem_connect, tls1_get_method, TLSv1_enc_data) ossl_statem_connect, tls1_get_method, TLSv1_enc_data)
#endif #endif
#ifndef OPENSSL_NO_SSL3_METHOD #ifndef OPENSSL_NO_SSL3_METHOD
IMPLEMENT_ssl3_meth_func(SSLv3_method, ossl_statem_accept, ossl_statem_connect, IMPLEMENT_ssl3_meth_func(sslv3_method, ossl_statem_accept, ossl_statem_connect,
tls1_get_method) tls1_get_method)
#endif #endif
@@ -182,19 +182,19 @@ static const SSL_METHOD *tls1_get_server_method(int ver)
return TLS_server_method(); return TLS_server_method();
#ifndef OPENSSL_NO_TLS1_2 #ifndef OPENSSL_NO_TLS1_2
if (ver == TLS1_2_VERSION) if (ver == TLS1_2_VERSION)
return TLSv1_2_server_method(); return tlsv1_2_server_method();
#endif #endif
#ifndef OPENSSL_NO_TLS1_1 #ifndef OPENSSL_NO_TLS1_1
if (ver == TLS1_1_VERSION) if (ver == TLS1_1_VERSION)
return TLSv1_1_server_method(); return tlsv1_1_server_method();
#endif #endif
#ifndef OPENSSL_NO_TLS1 #ifndef OPENSSL_NO_TLS1
if (ver == TLS1_VERSION) if (ver == TLS1_VERSION)
return TLSv1_server_method(); return tlsv1_server_method();
#endif #endif
#ifndef OPENSSL_NO_SSL3 #ifndef OPENSSL_NO_SSL3
if (ver == SSL3_VERSION) if (ver == SSL3_VERSION)
return (SSLv3_server_method()); return (sslv3_server_method());
#endif #endif
return NULL; return NULL;
} }
@@ -207,7 +207,7 @@ IMPLEMENT_tls_meth_func(TLS_ANY_VERSION, 0, 0,
#ifndef OPENSSL_NO_TLS1_2_METHOD #ifndef OPENSSL_NO_TLS1_2_METHOD
IMPLEMENT_tls_meth_func(TLS1_2_VERSION, 0, SSL_OP_NO_TLSv1_2, IMPLEMENT_tls_meth_func(TLS1_2_VERSION, 0, SSL_OP_NO_TLSv1_2,
TLSv1_2_server_method, tlsv1_2_server_method,
ossl_statem_accept, ossl_statem_accept,
ssl_undefined_function, ssl_undefined_function,
tls1_get_server_method, TLSv1_2_enc_data) tls1_get_server_method, TLSv1_2_enc_data)
@@ -215,7 +215,7 @@ IMPLEMENT_tls_meth_func(TLS1_2_VERSION, 0, SSL_OP_NO_TLSv1_2,
#ifndef OPENSSL_NO_TLS1_1_METHOD #ifndef OPENSSL_NO_TLS1_1_METHOD
IMPLEMENT_tls_meth_func(TLS1_1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_TLSv1_1, IMPLEMENT_tls_meth_func(TLS1_1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_TLSv1_1,
TLSv1_1_server_method, tlsv1_1_server_method,
ossl_statem_accept, ossl_statem_accept,
ssl_undefined_function, ssl_undefined_function,
tls1_get_server_method, TLSv1_1_enc_data) tls1_get_server_method, TLSv1_1_enc_data)
@@ -223,14 +223,14 @@ IMPLEMENT_tls_meth_func(TLS1_1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_TLSv1_1,
#ifndef OPENSSL_NO_TLS1_METHOD #ifndef OPENSSL_NO_TLS1_METHOD
IMPLEMENT_tls_meth_func(TLS1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_TLSv1, IMPLEMENT_tls_meth_func(TLS1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_TLSv1,
TLSv1_server_method, tlsv1_server_method,
ossl_statem_accept, ossl_statem_accept,
ssl_undefined_function, ssl_undefined_function,
tls1_get_server_method, TLSv1_enc_data) tls1_get_server_method, TLSv1_enc_data)
#endif #endif
#ifndef OPENSSL_NO_SSL3_METHOD #ifndef OPENSSL_NO_SSL3_METHOD
IMPLEMENT_ssl3_meth_func(SSLv3_server_method, IMPLEMENT_ssl3_meth_func(sslv3_server_method,
ossl_statem_accept, ossl_statem_accept,
ssl_undefined_function, tls1_get_server_method) ssl_undefined_function, tls1_get_server_method)
#endif #endif
@@ -246,19 +246,19 @@ static const SSL_METHOD *tls1_get_client_method(int ver)
return TLS_client_method(); return TLS_client_method();
#ifndef OPENSSL_NO_TLS1_2 #ifndef OPENSSL_NO_TLS1_2
if (ver == TLS1_2_VERSION) if (ver == TLS1_2_VERSION)
return TLSv1_2_client_method(); return tlsv1_2_client_method();
#endif #endif
#ifndef OPENSSL_NO_TLS1_1 #ifndef OPENSSL_NO_TLS1_1
if (ver == TLS1_1_VERSION) if (ver == TLS1_1_VERSION)
return TLSv1_1_client_method(); return tlsv1_1_client_method();
#endif #endif
#ifndef OPENSSL_NO_TLS1 #ifndef OPENSSL_NO_TLS1
if (ver == TLS1_VERSION) if (ver == TLS1_VERSION)
return TLSv1_client_method(); return tlsv1_client_method();
#endif #endif
#ifndef OPENSSL_NO_SSL3 #ifndef OPENSSL_NO_SSL3
if (ver == SSL3_VERSION) if (ver == SSL3_VERSION)
return (SSLv3_client_method()); return (sslv3_client_method());
#endif #endif
return NULL; return NULL;
} }
@@ -271,7 +271,7 @@ IMPLEMENT_tls_meth_func(TLS_ANY_VERSION, 0, 0,
#ifndef OPENSSL_NO_TLS1_2_METHOD #ifndef OPENSSL_NO_TLS1_2_METHOD
IMPLEMENT_tls_meth_func(TLS1_2_VERSION, 0, SSL_OP_NO_TLSv1_2, IMPLEMENT_tls_meth_func(TLS1_2_VERSION, 0, SSL_OP_NO_TLSv1_2,
TLSv1_2_client_method, tlsv1_2_client_method,
ssl_undefined_function, ssl_undefined_function,
ossl_statem_connect, ossl_statem_connect,
tls1_get_client_method, TLSv1_2_enc_data) tls1_get_client_method, TLSv1_2_enc_data)
@@ -279,7 +279,7 @@ IMPLEMENT_tls_meth_func(TLS1_2_VERSION, 0, SSL_OP_NO_TLSv1_2,
#ifndef OPENSSL_NO_TLS1_1_METHOD #ifndef OPENSSL_NO_TLS1_1_METHOD
IMPLEMENT_tls_meth_func(TLS1_1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_TLSv1_1, IMPLEMENT_tls_meth_func(TLS1_1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_TLSv1_1,
TLSv1_1_client_method, tlsv1_1_client_method,
ssl_undefined_function, ssl_undefined_function,
ossl_statem_connect, ossl_statem_connect,
tls1_get_client_method, TLSv1_1_enc_data) tls1_get_client_method, TLSv1_1_enc_data)
@@ -287,14 +287,14 @@ IMPLEMENT_tls_meth_func(TLS1_1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_TLSv1_1,
#ifndef OPENSSL_NO_TLS1_METHOD #ifndef OPENSSL_NO_TLS1_METHOD
IMPLEMENT_tls_meth_func(TLS1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_TLSv1, IMPLEMENT_tls_meth_func(TLS1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_TLSv1,
TLSv1_client_method, tlsv1_client_method,
ssl_undefined_function, ssl_undefined_function,
ossl_statem_connect, ossl_statem_connect,
tls1_get_client_method, TLSv1_enc_data) tls1_get_client_method, TLSv1_enc_data)
#endif #endif
#ifndef OPENSSL_NO_SSL3_METHOD #ifndef OPENSSL_NO_SSL3_METHOD
IMPLEMENT_ssl3_meth_func(SSLv3_client_method, IMPLEMENT_ssl3_meth_func(sslv3_client_method,
ssl_undefined_function, ssl_undefined_function,
ossl_statem_connect, tls1_get_client_method) ossl_statem_connect, tls1_get_client_method)
#endif #endif
@@ -309,11 +309,11 @@ static const SSL_METHOD *dtls1_get_method(int ver)
return DTLS_method(); return DTLS_method();
#ifndef OPENSSL_NO_DTLS1 #ifndef OPENSSL_NO_DTLS1
else if (ver == DTLS1_VERSION) else if (ver == DTLS1_VERSION)
return DTLSv1_method(); return dtlsv1_method();
#endif #endif
#ifndef OPENSSL_NO_DTLS1_2 #ifndef OPENSSL_NO_DTLS1_2
else if (ver == DTLS1_2_VERSION) else if (ver == DTLS1_2_VERSION)
return DTLSv1_2_method(); return dtlsv1_2_method();
#endif #endif
else else
return NULL; return NULL;
@@ -321,7 +321,7 @@ static const SSL_METHOD *dtls1_get_method(int ver)
#ifndef OPENSSL_NO_DTLS1_METHOD #ifndef OPENSSL_NO_DTLS1_METHOD
IMPLEMENT_dtls1_meth_func(DTLS1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_DTLSv1, IMPLEMENT_dtls1_meth_func(DTLS1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_DTLSv1,
DTLSv1_method, dtlsv1_method,
ossl_statem_accept, ossl_statem_accept,
ossl_statem_connect, ossl_statem_connect,
dtls1_get_method, DTLSv1_enc_data) dtls1_get_method, DTLSv1_enc_data)
@@ -329,7 +329,7 @@ IMPLEMENT_dtls1_meth_func(DTLS1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_DTLSv1,
#ifndef OPENSSL_NO_DTLS1_2_METHOD #ifndef OPENSSL_NO_DTLS1_2_METHOD
IMPLEMENT_dtls1_meth_func(DTLS1_2_VERSION, 0, SSL_OP_NO_DTLSv1_2, IMPLEMENT_dtls1_meth_func(DTLS1_2_VERSION, 0, SSL_OP_NO_DTLSv1_2,
DTLSv1_2_method, dtlsv1_2_method,
ossl_statem_accept, ossl_statem_accept,
ossl_statem_connect, ossl_statem_connect,
dtls1_get_method, DTLSv1_2_enc_data) dtls1_get_method, DTLSv1_2_enc_data)
@@ -351,11 +351,11 @@ static const SSL_METHOD *dtls1_get_server_method(int ver)
return DTLS_server_method(); return DTLS_server_method();
#ifndef OPENSSL_NO_DTLS1 #ifndef OPENSSL_NO_DTLS1
else if (ver == DTLS1_VERSION) else if (ver == DTLS1_VERSION)
return DTLSv1_server_method(); return dtlsv1_server_method();
#endif #endif
#ifndef OPENSSL_NO_DTLS1_2 #ifndef OPENSSL_NO_DTLS1_2
else if (ver == DTLS1_2_VERSION) else if (ver == DTLS1_2_VERSION)
return DTLSv1_2_server_method(); return dtlsv1_2_server_method();
#endif #endif
else else
return NULL; return NULL;
@@ -363,7 +363,7 @@ static const SSL_METHOD *dtls1_get_server_method(int ver)
#ifndef OPENSSL_NO_DTLS1_METHOD #ifndef OPENSSL_NO_DTLS1_METHOD
IMPLEMENT_dtls1_meth_func(DTLS1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_DTLSv1, IMPLEMENT_dtls1_meth_func(DTLS1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_DTLSv1,
DTLSv1_server_method, dtlsv1_server_method,
ossl_statem_accept, ossl_statem_accept,
ssl_undefined_function, ssl_undefined_function,
dtls1_get_server_method, DTLSv1_enc_data) dtls1_get_server_method, DTLSv1_enc_data)
@@ -371,7 +371,7 @@ IMPLEMENT_dtls1_meth_func(DTLS1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_DTLSv1,
#ifndef OPENSSL_NO_DTLS1_2_METHOD #ifndef OPENSSL_NO_DTLS1_2_METHOD
IMPLEMENT_dtls1_meth_func(DTLS1_2_VERSION, 0, SSL_OP_NO_DTLSv1_2, IMPLEMENT_dtls1_meth_func(DTLS1_2_VERSION, 0, SSL_OP_NO_DTLSv1_2,
DTLSv1_2_server_method, dtlsv1_2_server_method,
ossl_statem_accept, ossl_statem_accept,
ssl_undefined_function, ssl_undefined_function,
dtls1_get_server_method, DTLSv1_2_enc_data) dtls1_get_server_method, DTLSv1_2_enc_data)
@@ -394,11 +394,11 @@ static const SSL_METHOD *dtls1_get_client_method(int ver)
return DTLS_client_method(); return DTLS_client_method();
#ifndef OPENSSL_NO_DTLS1 #ifndef OPENSSL_NO_DTLS1
else if (ver == DTLS1_VERSION || ver == DTLS1_BAD_VER) else if (ver == DTLS1_VERSION || ver == DTLS1_BAD_VER)
return DTLSv1_client_method(); return dtlsv1_client_method();
#endif #endif
#ifndef OPENSSL_NO_DTLS1_2 #ifndef OPENSSL_NO_DTLS1_2
else if (ver == DTLS1_2_VERSION) else if (ver == DTLS1_2_VERSION)
return DTLSv1_2_client_method(); return dtlsv1_2_client_method();
#endif #endif
else else
return NULL; return NULL;
@@ -406,7 +406,7 @@ static const SSL_METHOD *dtls1_get_client_method(int ver)
#ifndef OPENSSL_NO_DTLS1_METHOD #ifndef OPENSSL_NO_DTLS1_METHOD
IMPLEMENT_dtls1_meth_func(DTLS1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_DTLSv1, IMPLEMENT_dtls1_meth_func(DTLS1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_DTLSv1,
DTLSv1_client_method, dtlsv1_client_method,
ssl_undefined_function, ssl_undefined_function,
ossl_statem_connect, ossl_statem_connect,
dtls1_get_client_method, DTLSv1_enc_data) dtls1_get_client_method, DTLSv1_enc_data)
@@ -414,7 +414,7 @@ IMPLEMENT_dtls1_meth_func(DTLS1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_DTLSv1,
#ifndef OPENSSL_NO_DTLS1_2_METHOD #ifndef OPENSSL_NO_DTLS1_2_METHOD
IMPLEMENT_dtls1_meth_func(DTLS1_2_VERSION, 0, SSL_OP_NO_DTLSv1_2, IMPLEMENT_dtls1_meth_func(DTLS1_2_VERSION, 0, SSL_OP_NO_DTLSv1_2,
DTLSv1_2_client_method, dtlsv1_2_client_method,
ssl_undefined_function, ssl_undefined_function,
ossl_statem_connect, ossl_statem_connect,
dtls1_get_client_method, DTLSv1_2_enc_data) dtls1_get_client_method, DTLSv1_2_enc_data)
@@ -425,3 +425,110 @@ IMPLEMENT_dtls1_meth_func(DTLS_ANY_VERSION, 0, 0,
ssl_undefined_function, ssl_undefined_function,
ossl_statem_connect, ossl_statem_connect,
dtls1_get_client_method, DTLSv1_2_enc_data) dtls1_get_client_method, DTLSv1_2_enc_data)
#if OPENSSL_API_COMPAT < 0x10100000L
# ifndef OPENSSL_NO_TLS1_2_METHOD
const SSL_METHOD *TLSv1_2_method(void)
{
return tlsv1_2_method();
}
const SSL_METHOD *TLSv1_2_server_method(void)
{
return tlsv1_2_server_method();
}
const SSL_METHOD *TLSv1_2_client_method(void)
{
return tlsv1_2_client_method();
}
# endif
# ifndef OPENSSL_NO_TLS1_1_METHOD
const SSL_METHOD *TLSv1_1_method(void)
{
return tlsv1_1_method();
}
const SSL_METHOD *TLSv1_1_server_method(void)
{
return tlsv1_1_server_method();
}
const SSL_METHOD *TLSv1_1_client_method(void)
{
return tlsv1_1_client_method();
}
# endif
# ifndef OPENSSL_NO_TLS1_METHOD
const SSL_METHOD *TLSv1_method(void)
{
return tlsv1_method();
}
const SSL_METHOD *TLSv1_server_method(void)
{
return tlsv1_server_method();
}
const SSL_METHOD *TLSv1_client_method(void)
{
return tlsv1_client_method();
}
# endif
# ifndef OPENSSL_NO_SSL3_METHOD
const SSL_METHOD *SSLv3_method(void)
{
return sslv3_method();
}
const SSL_METHOD *SSLv3_server_method(void)
{
return sslv3_server_method();
}
const SSL_METHOD *SSLv3_client_method(void)
{
return sslv3_client_method();
}
# endif
# ifndef OPENSSL_NO_DTLS1_2_METHOD
const SSL_METHOD *DTLSv1_2_method(void)
{
return dtlsv1_2_method();
}
const SSL_METHOD *DTLSv1_2_server_method(void)
{
return dtlsv1_2_server_method();
}
const SSL_METHOD *DTLSv1_2_client_method(void)
{
return dtlsv1_2_client_method();
}
# endif
# ifndef OPENSSL_NO_DTLS1_METHOD
const SSL_METHOD *DTLSv1_method(void)
{
return dtlsv1_method();
}
const SSL_METHOD *DTLSv1_server_method(void)
{
return dtlsv1_server_method();
}
const SSL_METHOD *DTLSv1_client_method(void)
{
return dtlsv1_client_method();
}
# endif
#endif

2
ssl/ssl_lib.c
View File

@@ -3054,7 +3054,7 @@ int ssl_undefined_const_function(const SSL *s)
return (0); return (0);
} }
SSL_METHOD *ssl_bad_method(int ver) const SSL_METHOD *ssl_bad_method(int ver)
{ {
SSLerr(SSL_F_SSL_BAD_METHOD, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); SSLerr(SSL_F_SSL_BAD_METHOD, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return (NULL); return (NULL);

20
ssl/ssl_locl.h
View File

@@ -1734,7 +1734,25 @@ typedef struct ssl3_comp_st {
extern SSL3_ENC_METHOD ssl3_undef_enc_method; extern SSL3_ENC_METHOD ssl3_undef_enc_method;
SSL_METHOD *ssl_bad_method(int ver); __owur const SSL_METHOD *ssl_bad_method(int ver);
__owur const SSL_METHOD *sslv3_method(void);
__owur const SSL_METHOD *sslv3_server_method(void);
__owur const SSL_METHOD *sslv3_client_method(void);
__owur const SSL_METHOD *tlsv1_method(void);
__owur const SSL_METHOD *tlsv1_server_method(void);
__owur const SSL_METHOD *tlsv1_client_method(void);
__owur const SSL_METHOD *tlsv1_1_method(void);
__owur const SSL_METHOD *tlsv1_1_server_method(void);
__owur const SSL_METHOD *tlsv1_1_client_method(void);
__owur const SSL_METHOD *tlsv1_2_method(void);
__owur const SSL_METHOD *tlsv1_2_server_method(void);
__owur const SSL_METHOD *tlsv1_2_client_method(void);
__owur const SSL_METHOD *dtlsv1_method(void);
__owur const SSL_METHOD *dtlsv1_server_method(void);
__owur const SSL_METHOD *dtlsv1_client_method(void);
__owur const SSL_METHOD *dtlsv1_2_method(void);
__owur const SSL_METHOD *dtlsv1_2_server_method(void);
__owur const SSL_METHOD *dtlsv1_2_client_method(void);
extern const SSL3_ENC_METHOD TLSv1_enc_data; extern const SSL3_ENC_METHOD TLSv1_enc_data;
extern const SSL3_ENC_METHOD TLSv1_1_enc_data; extern const SSL3_ENC_METHOD TLSv1_1_enc_data;

12
ssl/statem/statem_lib.c
View File

@@ -716,22 +716,22 @@ typedef struct {
static const version_info tls_version_table[] = { static const version_info tls_version_table[] = {
#ifndef OPENSSL_NO_TLS1_2 #ifndef OPENSSL_NO_TLS1_2
{ TLS1_2_VERSION, TLSv1_2_client_method, TLSv1_2_server_method }, { TLS1_2_VERSION, tlsv1_2_client_method, tlsv1_2_server_method },
#else #else
{ TLS1_2_VERSION, NULL, NULL }, { TLS1_2_VERSION, NULL, NULL },
#endif #endif
#ifndef OPENSSL_NO_TLS1_1 #ifndef OPENSSL_NO_TLS1_1
{ TLS1_1_VERSION, TLSv1_1_client_method, TLSv1_1_server_method }, { TLS1_1_VERSION, tlsv1_1_client_method, tlsv1_1_server_method },
#else #else
{ TLS1_1_VERSION, NULL, NULL }, { TLS1_1_VERSION, NULL, NULL },
#endif #endif
#ifndef OPENSSL_NO_TLS1 #ifndef OPENSSL_NO_TLS1
{ TLS1_VERSION, TLSv1_client_method, TLSv1_server_method }, { TLS1_VERSION, tlsv1_client_method, tlsv1_server_method },
#else #else
{ TLS1_VERSION, NULL, NULL }, { TLS1_VERSION, NULL, NULL },
#endif #endif
#ifndef OPENSSL_NO_SSL3 #ifndef OPENSSL_NO_SSL3
{ SSL3_VERSION, SSLv3_client_method, SSLv3_server_method }, { SSL3_VERSION, sslv3_client_method, sslv3_server_method },
#else #else
{ SSL3_VERSION, NULL, NULL }, { SSL3_VERSION, NULL, NULL },
#endif #endif
@@ -744,12 +744,12 @@ static const version_info tls_version_table[] = {
static const version_info dtls_version_table[] = { static const version_info dtls_version_table[] = {
#ifndef OPENSSL_NO_DTLS1_2 #ifndef OPENSSL_NO_DTLS1_2
{ DTLS1_2_VERSION, DTLSv1_2_client_method, DTLSv1_2_server_method }, { DTLS1_2_VERSION, dtlsv1_2_client_method, dtlsv1_2_server_method },
#else #else
{ DTLS1_2_VERSION, NULL, NULL }, { DTLS1_2_VERSION, NULL, NULL },
#endif #endif
#ifndef OPENSSL_NO_DTLS1 #ifndef OPENSSL_NO_DTLS1
{ DTLS1_VERSION, DTLSv1_client_method, DTLSv1_server_method }, { DTLS1_VERSION, dtlsv1_client_method, dtlsv1_server_method },
#else #else
{ DTLS1_VERSION, NULL, NULL }, { DTLS1_VERSION, NULL, NULL },
#endif #endif