Let the TLSv1_method() etc. functions return a const SSL_METHOD
pointer and make the SSL_METHOD parameter in SSL_CTX_new, SSL_CTX_set_ssl_version and SSL_set_ssl_method const.
This commit is contained in:
Nils Larsch
parent
8e5ef8538a
commit
4ebb342fcd
5
CHANGES
5
CHANGES
@ -4,6 +4,11 @@
|
|||||||
|
|
||||||
Changes between 0.9.8 and 0.9.9 [xx XXX xxxx]
|
Changes between 0.9.8 and 0.9.9 [xx XXX xxxx]
|
||||||
|
|
||||||
|
*) Let the TLSv1_method() etc. functions return a 'const' SSL_METHOD
|
||||||
|
pointer and make the SSL_METHOD parameter in SSL_CTX_new,
|
||||||
|
SSL_CTX_set_ssl_version and SSL_set_ssl_method 'const'.
|
||||||
|
[Nils Larsch]
|
||||||
|
|
||||||
*) Modify CRL distribution points extension code to print out previously
|
*) Modify CRL distribution points extension code to print out previously
|
||||||
unsupported fields. Enhance extension setting code to allow setting of
|
unsupported fields. Enhance extension setting code to allow setting of
|
||||||
all fields.
|
all fields.
|
||||||
|
|||||||
@ -90,7 +90,7 @@ int MAIN(int argc, char **argv)
|
|||||||
SSL_CTX *ctx=NULL;
|
SSL_CTX *ctx=NULL;
|
||||||
SSL *ssl=NULL;
|
SSL *ssl=NULL;
|
||||||
char *ciphers=NULL;
|
char *ciphers=NULL;
|
||||||
SSL_METHOD *meth=NULL;
|
const SSL_METHOD *meth=NULL;
|
||||||
STACK_OF(SSL_CIPHER) *sk;
|
STACK_OF(SSL_CIPHER) *sk;
|
||||||
char buf[512];
|
char buf[512];
|
||||||
BIO *STDout=NULL;
|
BIO *STDout=NULL;
|
||||||
|
|||||||
@ -262,7 +262,7 @@ int MAIN(int argc, char **argv)
|
|||||||
int ret=1,in_init=1,i,nbio_test=0;
|
int ret=1,in_init=1,i,nbio_test=0;
|
||||||
int starttls_proto = 0;
|
int starttls_proto = 0;
|
||||||
int prexit = 0, vflags = 0;
|
int prexit = 0, vflags = 0;
|
||||||
SSL_METHOD *meth=NULL;
|
const SSL_METHOD *meth=NULL;
|
||||||
#ifdef sock_type
|
#ifdef sock_type
|
||||||
#undef sock_type
|
#undef sock_type
|
||||||
#endif
|
#endif
|
||||||
|
|||||||
@ -544,7 +544,7 @@ int MAIN(int argc, char *argv[])
|
|||||||
int off=0;
|
int off=0;
|
||||||
int no_tmp_rsa=0,no_dhe=0,no_ecdhe=0,nocert=0;
|
int no_tmp_rsa=0,no_dhe=0,no_ecdhe=0,nocert=0;
|
||||||
int state=0;
|
int state=0;
|
||||||
SSL_METHOD *meth=NULL;
|
const SSL_METHOD *meth=NULL;
|
||||||
#ifdef sock_type
|
#ifdef sock_type
|
||||||
#undef sock_type
|
#undef sock_type
|
||||||
#endif
|
#endif
|
||||||
|
|||||||
@ -177,7 +177,7 @@ static char *tm_cipher=NULL;
|
|||||||
static int tm_verify = SSL_VERIFY_NONE;
|
static int tm_verify = SSL_VERIFY_NONE;
|
||||||
static int maxTime = SECONDS;
|
static int maxTime = SECONDS;
|
||||||
static SSL_CTX *tm_ctx=NULL;
|
static SSL_CTX *tm_ctx=NULL;
|
||||||
static SSL_METHOD *s_time_meth=NULL;
|
static const SSL_METHOD *s_time_meth=NULL;
|
||||||
static char *s_www_path=NULL;
|
static char *s_www_path=NULL;
|
||||||
static long bytes_read=0;
|
static long bytes_read=0;
|
||||||
static int st_bugs=0;
|
static int st_bugs=0;
|
||||||
|
|||||||
@ -8,7 +8,7 @@ SSL_CTX_new - create a new SSL_CTX object as framework for TLS/SSL enabled funct
|
|||||||
|
|
||||||
#include <openssl/ssl.h>
|
#include <openssl/ssl.h>
|
||||||
|
|
||||||
SSL_CTX *SSL_CTX_new(SSL_METHOD *method);
|
SSL_CTX *SSL_CTX_new(const SSL_METHOD *method);
|
||||||
|
|
||||||
=head1 DESCRIPTION
|
=head1 DESCRIPTION
|
||||||
|
|
||||||
|
|||||||
@ -9,9 +9,9 @@ SSL_CTX_set_ssl_version, SSL_set_ssl_method, SSL_get_ssl_method
|
|||||||
|
|
||||||
#include <openssl/ssl.h>
|
#include <openssl/ssl.h>
|
||||||
|
|
||||||
int SSL_CTX_set_ssl_version(SSL_CTX *ctx, SSL_METHOD *method);
|
int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *method);
|
||||||
int SSL_set_ssl_method(SSL *s, SSL_METHOD *method);
|
int SSL_set_ssl_method(SSL *s, const SSL_METHOD *method);
|
||||||
SSL_METHOD *SSL_get_ssl_method(SSL *ssl);
|
const SSL_METHOD *SSL_get_ssl_method(SSL *ssl);
|
||||||
|
|
||||||
=head1 DESCRIPTION
|
=head1 DESCRIPTION
|
||||||
|
|
||||||
|
|||||||
@ -130,39 +130,39 @@ protocol methods defined in B<SSL_METHOD> structures.
|
|||||||
|
|
||||||
=over 4
|
=over 4
|
||||||
|
|
||||||
=item SSL_METHOD *B<SSLv2_client_method>(void);
|
=item const SSL_METHOD *B<SSLv2_client_method>(void);
|
||||||
|
|
||||||
Constructor for the SSLv2 SSL_METHOD structure for a dedicated client.
|
Constructor for the SSLv2 SSL_METHOD structure for a dedicated client.
|
||||||
|
|
||||||
=item SSL_METHOD *B<SSLv2_server_method>(void);
|
=item const SSL_METHOD *B<SSLv2_server_method>(void);
|
||||||
|
|
||||||
Constructor for the SSLv2 SSL_METHOD structure for a dedicated server.
|
Constructor for the SSLv2 SSL_METHOD structure for a dedicated server.
|
||||||
|
|
||||||
=item SSL_METHOD *B<SSLv2_method>(void);
|
=item const SSL_METHOD *B<SSLv2_method>(void);
|
||||||
|
|
||||||
Constructor for the SSLv2 SSL_METHOD structure for combined client and server.
|
Constructor for the SSLv2 SSL_METHOD structure for combined client and server.
|
||||||
|
|
||||||
=item SSL_METHOD *B<SSLv3_client_method>(void);
|
=item const SSL_METHOD *B<SSLv3_client_method>(void);
|
||||||
|
|
||||||
Constructor for the SSLv3 SSL_METHOD structure for a dedicated client.
|
Constructor for the SSLv3 SSL_METHOD structure for a dedicated client.
|
||||||
|
|
||||||
=item SSL_METHOD *B<SSLv3_server_method>(void);
|
=item const SSL_METHOD *B<SSLv3_server_method>(void);
|
||||||
|
|
||||||
Constructor for the SSLv3 SSL_METHOD structure for a dedicated server.
|
Constructor for the SSLv3 SSL_METHOD structure for a dedicated server.
|
||||||
|
|
||||||
=item SSL_METHOD *B<SSLv3_method>(void);
|
=item const SSL_METHOD *B<SSLv3_method>(void);
|
||||||
|
|
||||||
Constructor for the SSLv3 SSL_METHOD structure for combined client and server.
|
Constructor for the SSLv3 SSL_METHOD structure for combined client and server.
|
||||||
|
|
||||||
=item SSL_METHOD *B<TLSv1_client_method>(void);
|
=item const SSL_METHOD *B<TLSv1_client_method>(void);
|
||||||
|
|
||||||
Constructor for the TLSv1 SSL_METHOD structure for a dedicated client.
|
Constructor for the TLSv1 SSL_METHOD structure for a dedicated client.
|
||||||
|
|
||||||
=item SSL_METHOD *B<TLSv1_server_method>(void);
|
=item cosnt SSL_METHOD *B<TLSv1_server_method>(void);
|
||||||
|
|
||||||
Constructor for the TLSv1 SSL_METHOD structure for a dedicated server.
|
Constructor for the TLSv1 SSL_METHOD structure for a dedicated server.
|
||||||
|
|
||||||
=item SSL_METHOD *B<TLSv1_method>(void);
|
=item const SSL_METHOD *B<TLSv1_method>(void);
|
||||||
|
|
||||||
Constructor for the TLSv1 SSL_METHOD structure for combined client and server.
|
Constructor for the TLSv1 SSL_METHOD structure for combined client and server.
|
||||||
|
|
||||||
@ -249,7 +249,7 @@ protocol context defined in the B<SSL_CTX> structure.
|
|||||||
|
|
||||||
=item long B<SSL_CTX_need_tmp_RSA>(SSL_CTX *ctx);
|
=item long B<SSL_CTX_need_tmp_RSA>(SSL_CTX *ctx);
|
||||||
|
|
||||||
=item SSL_CTX *B<SSL_CTX_new>(SSL_METHOD *meth);
|
=item SSL_CTX *B<SSL_CTX_new>(const SSL_METHOD *meth);
|
||||||
|
|
||||||
=item int B<SSL_CTX_remove_session>(SSL_CTX *ctx, SSL_SESSION *c);
|
=item int B<SSL_CTX_remove_session>(SSL_CTX *ctx, SSL_SESSION *c);
|
||||||
|
|
||||||
@ -327,7 +327,7 @@ protocol context defined in the B<SSL_CTX> structure.
|
|||||||
|
|
||||||
=item void B<SSL_CTX_set_session_cache_mode>(SSL_CTX *ctx, int mode);
|
=item void B<SSL_CTX_set_session_cache_mode>(SSL_CTX *ctx, int mode);
|
||||||
|
|
||||||
=item int B<SSL_CTX_set_ssl_version>(SSL_CTX *ctx, SSL_METHOD *meth);
|
=item int B<SSL_CTX_set_ssl_version>(SSL_CTX *ctx, const SSL_METHOD *meth);
|
||||||
|
|
||||||
=item void B<SSL_CTX_set_timeout>(SSL_CTX *ctx, long t);
|
=item void B<SSL_CTX_set_timeout>(SSL_CTX *ctx, long t);
|
||||||
|
|
||||||
@ -512,7 +512,7 @@ connection defined in the B<SSL> structure.
|
|||||||
|
|
||||||
=item int B<SSL_get_shutdown>(const SSL *ssl);
|
=item int B<SSL_get_shutdown>(const SSL *ssl);
|
||||||
|
|
||||||
=item SSL_METHOD *B<SSL_get_ssl_method>(SSL *ssl);
|
=item const SSL_METHOD *B<SSL_get_ssl_method>(SSL *ssl);
|
||||||
|
|
||||||
=item int B<SSL_get_state>(const SSL *ssl);
|
=item int B<SSL_get_state>(const SSL *ssl);
|
||||||
|
|
||||||
@ -596,7 +596,7 @@ connection defined in the B<SSL> structure.
|
|||||||
|
|
||||||
=item void B<SSL_set_shutdown>(SSL *ssl, int mode);
|
=item void B<SSL_set_shutdown>(SSL *ssl, int mode);
|
||||||
|
|
||||||
=item int B<SSL_set_ssl_method>(SSL *ssl, SSL_METHOD *meth);
|
=item int B<SSL_set_ssl_method>(SSL *ssl, const SSL_METHOD *meth);
|
||||||
|
|
||||||
=item void B<SSL_set_time>(SSL *ssl, long t);
|
=item void B<SSL_set_time>(SSL *ssl, long t);
|
||||||
|
|
||||||
|
|||||||
@ -125,10 +125,10 @@
|
|||||||
#include <openssl/dh.h>
|
#include <openssl/dh.h>
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
static SSL_METHOD *dtls1_get_client_method(int ver);
|
static const SSL_METHOD *dtls1_get_client_method(int ver);
|
||||||
static int dtls1_get_hello_verify(SSL *s);
|
static int dtls1_get_hello_verify(SSL *s);
|
||||||
|
|
||||||
static SSL_METHOD *dtls1_get_client_method(int ver)
|
static const SSL_METHOD *dtls1_get_client_method(int ver)
|
||||||
{
|
{
|
||||||
if (ver == DTLS1_VERSION)
|
if (ver == DTLS1_VERSION)
|
||||||
return(DTLSv1_client_method());
|
return(DTLSv1_client_method());
|
||||||
|
|||||||
@ -61,8 +61,8 @@
|
|||||||
#include <openssl/objects.h>
|
#include <openssl/objects.h>
|
||||||
#include "ssl_locl.h"
|
#include "ssl_locl.h"
|
||||||
|
|
||||||
static SSL_METHOD *dtls1_get_method(int ver);
|
static const SSL_METHOD *dtls1_get_method(int ver);
|
||||||
static SSL_METHOD *dtls1_get_method(int ver)
|
static const SSL_METHOD *dtls1_get_method(int ver)
|
||||||
{
|
{
|
||||||
if (ver == DTLS1_VERSION)
|
if (ver == DTLS1_VERSION)
|
||||||
return(DTLSv1_method());
|
return(DTLSv1_method());
|
||||||
|
|||||||
@ -126,10 +126,10 @@
|
|||||||
#include <openssl/dh.h>
|
#include <openssl/dh.h>
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
static SSL_METHOD *dtls1_get_server_method(int ver);
|
static const SSL_METHOD *dtls1_get_server_method(int ver);
|
||||||
static int dtls1_send_hello_verify_request(SSL *s);
|
static int dtls1_send_hello_verify_request(SSL *s);
|
||||||
|
|
||||||
static SSL_METHOD *dtls1_get_server_method(int ver)
|
static const SSL_METHOD *dtls1_get_server_method(int ver)
|
||||||
{
|
{
|
||||||
if (ver == DTLS1_VERSION)
|
if (ver == DTLS1_VERSION)
|
||||||
return(DTLSv1_server_method());
|
return(DTLSv1_server_method());
|
||||||
|
|||||||
@ -63,10 +63,10 @@
|
|||||||
#include <openssl/objects.h>
|
#include <openssl/objects.h>
|
||||||
#include <openssl/evp.h>
|
#include <openssl/evp.h>
|
||||||
|
|
||||||
static SSL_METHOD *ssl23_get_client_method(int ver);
|
static const SSL_METHOD *ssl23_get_client_method(int ver);
|
||||||
static int ssl23_client_hello(SSL *s);
|
static int ssl23_client_hello(SSL *s);
|
||||||
static int ssl23_get_server_hello(SSL *s);
|
static int ssl23_get_server_hello(SSL *s);
|
||||||
static SSL_METHOD *ssl23_get_client_method(int ver)
|
static const SSL_METHOD *ssl23_get_client_method(int ver)
|
||||||
{
|
{
|
||||||
#ifndef OPENSSL_NO_SSL2
|
#ifndef OPENSSL_NO_SSL2
|
||||||
if (ver == SSL2_VERSION)
|
if (ver == SSL2_VERSION)
|
||||||
|
|||||||
@ -60,8 +60,8 @@
|
|||||||
#include <openssl/objects.h>
|
#include <openssl/objects.h>
|
||||||
#include "ssl_locl.h"
|
#include "ssl_locl.h"
|
||||||
|
|
||||||
static SSL_METHOD *ssl23_get_method(int ver);
|
static const SSL_METHOD *ssl23_get_method(int ver);
|
||||||
static SSL_METHOD *ssl23_get_method(int ver)
|
static const SSL_METHOD *ssl23_get_method(int ver)
|
||||||
{
|
{
|
||||||
if (ver == SSL2_VERSION)
|
if (ver == SSL2_VERSION)
|
||||||
return(SSLv2_method());
|
return(SSLv2_method());
|
||||||
|
|||||||
@ -116,9 +116,9 @@
|
|||||||
#include <openssl/objects.h>
|
#include <openssl/objects.h>
|
||||||
#include <openssl/evp.h>
|
#include <openssl/evp.h>
|
||||||
|
|
||||||
static SSL_METHOD *ssl23_get_server_method(int ver);
|
static const SSL_METHOD *ssl23_get_server_method(int ver);
|
||||||
int ssl23_get_client_hello(SSL *s);
|
int ssl23_get_client_hello(SSL *s);
|
||||||
static SSL_METHOD *ssl23_get_server_method(int ver)
|
static const SSL_METHOD *ssl23_get_server_method(int ver)
|
||||||
{
|
{
|
||||||
#ifndef OPENSSL_NO_SSL2
|
#ifndef OPENSSL_NO_SSL2
|
||||||
if (ver == SSL2_VERSION)
|
if (ver == SSL2_VERSION)
|
||||||
|
|||||||
@ -117,7 +117,7 @@
|
|||||||
#include <openssl/objects.h>
|
#include <openssl/objects.h>
|
||||||
#include <openssl/evp.h>
|
#include <openssl/evp.h>
|
||||||
|
|
||||||
static SSL_METHOD *ssl2_get_client_method(int ver);
|
static const SSL_METHOD *ssl2_get_client_method(int ver);
|
||||||
static int get_server_finished(SSL *s);
|
static int get_server_finished(SSL *s);
|
||||||
static int get_server_verify(SSL *s);
|
static int get_server_verify(SSL *s);
|
||||||
static int get_server_hello(SSL *s);
|
static int get_server_hello(SSL *s);
|
||||||
@ -129,7 +129,7 @@ static int ssl_rsa_public_encrypt(SESS_CERT *sc, int len, unsigned char *from,
|
|||||||
unsigned char *to,int padding);
|
unsigned char *to,int padding);
|
||||||
#define BREAK break
|
#define BREAK break
|
||||||
|
|
||||||
static SSL_METHOD *ssl2_get_client_method(int ver)
|
static const SSL_METHOD *ssl2_get_client_method(int ver)
|
||||||
{
|
{
|
||||||
if (ver == SSL2_VERSION)
|
if (ver == SSL2_VERSION)
|
||||||
return(SSLv2_client_method());
|
return(SSLv2_client_method());
|
||||||
|
|||||||
@ -61,8 +61,8 @@
|
|||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
#include <openssl/objects.h>
|
#include <openssl/objects.h>
|
||||||
|
|
||||||
static SSL_METHOD *ssl2_get_method(int ver);
|
static const SSL_METHOD *ssl2_get_method(int ver);
|
||||||
static SSL_METHOD *ssl2_get_method(int ver)
|
static const SSL_METHOD *ssl2_get_method(int ver)
|
||||||
{
|
{
|
||||||
if (ver == SSL2_VERSION)
|
if (ver == SSL2_VERSION)
|
||||||
return(SSLv2_method());
|
return(SSLv2_method());
|
||||||
|
|||||||
@ -117,7 +117,7 @@
|
|||||||
#include <openssl/objects.h>
|
#include <openssl/objects.h>
|
||||||
#include <openssl/evp.h>
|
#include <openssl/evp.h>
|
||||||
|
|
||||||
static SSL_METHOD *ssl2_get_server_method(int ver);
|
static const SSL_METHOD *ssl2_get_server_method(int ver);
|
||||||
static int get_client_master_key(SSL *s);
|
static int get_client_master_key(SSL *s);
|
||||||
static int get_client_hello(SSL *s);
|
static int get_client_hello(SSL *s);
|
||||||
static int server_hello(SSL *s);
|
static int server_hello(SSL *s);
|
||||||
@ -129,7 +129,7 @@ static int ssl_rsa_private_decrypt(CERT *c, int len, unsigned char *from,
|
|||||||
unsigned char *to,int padding);
|
unsigned char *to,int padding);
|
||||||
#define BREAK break
|
#define BREAK break
|
||||||
|
|
||||||
static SSL_METHOD *ssl2_get_server_method(int ver)
|
static const SSL_METHOD *ssl2_get_server_method(int ver)
|
||||||
{
|
{
|
||||||
if (ver == SSL2_VERSION)
|
if (ver == SSL2_VERSION)
|
||||||
return(SSLv2_server_method());
|
return(SSLv2_server_method());
|
||||||
|
|||||||
@ -135,7 +135,7 @@
|
|||||||
#endif
|
#endif
|
||||||
#include <openssl/bn.h>
|
#include <openssl/bn.h>
|
||||||
|
|
||||||
static SSL_METHOD *ssl3_get_client_method(int ver);
|
static const SSL_METHOD *ssl3_get_client_method(int ver);
|
||||||
static int ca_dn_cmp(const X509_NAME * const *a,const X509_NAME * const *b);
|
static int ca_dn_cmp(const X509_NAME * const *a,const X509_NAME * const *b);
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_ECDH
|
#ifndef OPENSSL_NO_ECDH
|
||||||
@ -143,7 +143,7 @@ static int curve_id2nid(int curve_id);
|
|||||||
int check_srvr_ecc_cert_and_alg(X509 *x, SSL_CIPHER *cs);
|
int check_srvr_ecc_cert_and_alg(X509 *x, SSL_CIPHER *cs);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
static SSL_METHOD *ssl3_get_client_method(int ver)
|
static const SSL_METHOD *ssl3_get_client_method(int ver)
|
||||||
{
|
{
|
||||||
if (ver == SSL3_VERSION)
|
if (ver == SSL3_VERSION)
|
||||||
return(SSLv3_client_method());
|
return(SSLv3_client_method());
|
||||||
|
|||||||
@ -60,8 +60,8 @@
|
|||||||
#include <openssl/objects.h>
|
#include <openssl/objects.h>
|
||||||
#include "ssl_locl.h"
|
#include "ssl_locl.h"
|
||||||
|
|
||||||
static SSL_METHOD *ssl3_get_method(int ver);
|
static const SSL_METHOD *ssl3_get_method(int ver);
|
||||||
static SSL_METHOD *ssl3_get_method(int ver)
|
static const SSL_METHOD *ssl3_get_method(int ver)
|
||||||
{
|
{
|
||||||
if (ver == SSL3_VERSION)
|
if (ver == SSL3_VERSION)
|
||||||
return(SSLv3_method());
|
return(SSLv3_method());
|
||||||
|
|||||||
@ -142,13 +142,13 @@
|
|||||||
#endif
|
#endif
|
||||||
#include <openssl/md5.h>
|
#include <openssl/md5.h>
|
||||||
|
|
||||||
static SSL_METHOD *ssl3_get_server_method(int ver);
|
static const SSL_METHOD *ssl3_get_server_method(int ver);
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_ECDH
|
#ifndef OPENSSL_NO_ECDH
|
||||||
static int nid2curve_id(int nid);
|
static int nid2curve_id(int nid);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
static SSL_METHOD *ssl3_get_server_method(int ver)
|
static const SSL_METHOD *ssl3_get_server_method(int ver)
|
||||||
{
|
{
|
||||||
if (ver == SSL3_VERSION)
|
if (ver == SSL3_VERSION)
|
||||||
return(SSLv3_server_method());
|
return(SSLv3_server_method());
|
||||||
|
|||||||
44
ssl/ssl.h
44
ssl/ssl.h
@ -389,7 +389,7 @@ typedef struct ssl_method_st
|
|||||||
int (*ssl_pending)(const SSL *s);
|
int (*ssl_pending)(const SSL *s);
|
||||||
int (*num_ciphers)(void);
|
int (*num_ciphers)(void);
|
||||||
SSL_CIPHER *(*get_cipher)(unsigned ncipher);
|
SSL_CIPHER *(*get_cipher)(unsigned ncipher);
|
||||||
struct ssl_method_st *(*get_ssl_method)(int version);
|
const struct ssl_method_st *(*get_ssl_method)(int version);
|
||||||
long (*get_timeout)(void);
|
long (*get_timeout)(void);
|
||||||
struct ssl3_enc_method *ssl3_enc; /* Extra SSLv3/TLS stuff */
|
struct ssl3_enc_method *ssl3_enc; /* Extra SSLv3/TLS stuff */
|
||||||
int (*ssl_version)(void);
|
int (*ssl_version)(void);
|
||||||
@ -616,7 +616,7 @@ DECLARE_STACK_OF(SSL_COMP)
|
|||||||
|
|
||||||
struct ssl_ctx_st
|
struct ssl_ctx_st
|
||||||
{
|
{
|
||||||
SSL_METHOD *method;
|
const SSL_METHOD *method;
|
||||||
|
|
||||||
STACK_OF(SSL_CIPHER) *cipher_list;
|
STACK_OF(SSL_CIPHER) *cipher_list;
|
||||||
/* same as above but sorted for lookup */
|
/* same as above but sorted for lookup */
|
||||||
@ -818,7 +818,7 @@ struct ssl_st
|
|||||||
int version;
|
int version;
|
||||||
int type; /* SSL_ST_CONNECT or SSL_ST_ACCEPT */
|
int type; /* SSL_ST_CONNECT or SSL_ST_ACCEPT */
|
||||||
|
|
||||||
SSL_METHOD *method; /* SSLv3 */
|
const SSL_METHOD *method; /* SSLv3 */
|
||||||
|
|
||||||
/* There are 2 BIO's even though they are normally both the
|
/* There are 2 BIO's even though they are normally both the
|
||||||
* same. This is so data can be read and written to different
|
* same. This is so data can be read and written to different
|
||||||
@ -1212,7 +1212,7 @@ void BIO_ssl_shutdown(BIO *ssl_bio);
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
int SSL_CTX_set_cipher_list(SSL_CTX *,const char *str);
|
int SSL_CTX_set_cipher_list(SSL_CTX *,const char *str);
|
||||||
SSL_CTX *SSL_CTX_new(SSL_METHOD *meth);
|
SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth);
|
||||||
void SSL_CTX_free(SSL_CTX *);
|
void SSL_CTX_free(SSL_CTX *);
|
||||||
long SSL_CTX_set_timeout(SSL_CTX *ctx,long t);
|
long SSL_CTX_set_timeout(SSL_CTX *ctx,long t);
|
||||||
long SSL_CTX_get_timeout(const SSL_CTX *ctx);
|
long SSL_CTX_get_timeout(const SSL_CTX *ctx);
|
||||||
@ -1371,27 +1371,27 @@ int SSL_get_error(const SSL *s,int ret_code);
|
|||||||
const char *SSL_get_version(const SSL *s);
|
const char *SSL_get_version(const SSL *s);
|
||||||
|
|
||||||
/* This sets the 'default' SSL version that SSL_new() will create */
|
/* This sets the 'default' SSL version that SSL_new() will create */
|
||||||
int SSL_CTX_set_ssl_version(SSL_CTX *ctx,SSL_METHOD *meth);
|
int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth);
|
||||||
|
|
||||||
SSL_METHOD *SSLv2_method(void); /* SSLv2 */
|
const SSL_METHOD *SSLv2_method(void); /* SSLv2 */
|
||||||
SSL_METHOD *SSLv2_server_method(void); /* SSLv2 */
|
const SSL_METHOD *SSLv2_server_method(void); /* SSLv2 */
|
||||||
SSL_METHOD *SSLv2_client_method(void); /* SSLv2 */
|
const SSL_METHOD *SSLv2_client_method(void); /* SSLv2 */
|
||||||
|
|
||||||
SSL_METHOD *SSLv3_method(void); /* SSLv3 */
|
const SSL_METHOD *SSLv3_method(void); /* SSLv3 */
|
||||||
SSL_METHOD *SSLv3_server_method(void); /* SSLv3 */
|
const SSL_METHOD *SSLv3_server_method(void); /* SSLv3 */
|
||||||
SSL_METHOD *SSLv3_client_method(void); /* SSLv3 */
|
const SSL_METHOD *SSLv3_client_method(void); /* SSLv3 */
|
||||||
|
|
||||||
SSL_METHOD *SSLv23_method(void); /* SSLv3 but can rollback to v2 */
|
const SSL_METHOD *SSLv23_method(void); /* SSLv3 but can rollback to v2 */
|
||||||
SSL_METHOD *SSLv23_server_method(void); /* SSLv3 but can rollback to v2 */
|
const SSL_METHOD *SSLv23_server_method(void); /* SSLv3 but can rollback to v2 */
|
||||||
SSL_METHOD *SSLv23_client_method(void); /* SSLv3 but can rollback to v2 */
|
const SSL_METHOD *SSLv23_client_method(void); /* SSLv3 but can rollback to v2 */
|
||||||
|
|
||||||
SSL_METHOD *TLSv1_method(void); /* TLSv1.0 */
|
const SSL_METHOD *TLSv1_method(void); /* TLSv1.0 */
|
||||||
SSL_METHOD *TLSv1_server_method(void); /* TLSv1.0 */
|
const SSL_METHOD *TLSv1_server_method(void); /* TLSv1.0 */
|
||||||
SSL_METHOD *TLSv1_client_method(void); /* TLSv1.0 */
|
const SSL_METHOD *TLSv1_client_method(void); /* TLSv1.0 */
|
||||||
|
|
||||||
SSL_METHOD *DTLSv1_method(void); /* DTLSv1.0 */
|
const SSL_METHOD *DTLSv1_method(void); /* DTLSv1.0 */
|
||||||
SSL_METHOD *DTLSv1_server_method(void); /* DTLSv1.0 */
|
const SSL_METHOD *DTLSv1_server_method(void); /* DTLSv1.0 */
|
||||||
SSL_METHOD *DTLSv1_client_method(void); /* DTLSv1.0 */
|
const SSL_METHOD *DTLSv1_client_method(void); /* DTLSv1.0 */
|
||||||
|
|
||||||
STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s);
|
STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s);
|
||||||
|
|
||||||
@ -1400,8 +1400,8 @@ int SSL_renegotiate(SSL *s);
|
|||||||
int SSL_renegotiate_pending(SSL *s);
|
int SSL_renegotiate_pending(SSL *s);
|
||||||
int SSL_shutdown(SSL *s);
|
int SSL_shutdown(SSL *s);
|
||||||
|
|
||||||
SSL_METHOD *SSL_get_ssl_method(SSL *s);
|
const SSL_METHOD *SSL_get_ssl_method(SSL *s);
|
||||||
int SSL_set_ssl_method(SSL *s,SSL_METHOD *method);
|
int SSL_set_ssl_method(SSL *s, const SSL_METHOD *method);
|
||||||
const char *SSL_alert_type_string_long(int value);
|
const char *SSL_alert_type_string_long(int value);
|
||||||
const char *SSL_alert_type_string(int value);
|
const char *SSL_alert_type_string(int value);
|
||||||
const char *SSL_alert_desc_string_long(int value);
|
const char *SSL_alert_desc_string_long(int value);
|
||||||
|
|||||||
@ -212,7 +212,7 @@ int SSL_clear(SSL *s)
|
|||||||
}
|
}
|
||||||
|
|
||||||
/** Used to change an SSL_CTXs default SSL method type */
|
/** Used to change an SSL_CTXs default SSL method type */
|
||||||
int SSL_CTX_set_ssl_version(SSL_CTX *ctx,SSL_METHOD *meth)
|
int SSL_CTX_set_ssl_version(SSL_CTX *ctx,const SSL_METHOD *meth)
|
||||||
{
|
{
|
||||||
STACK_OF(SSL_CIPHER) *sk;
|
STACK_OF(SSL_CIPHER) *sk;
|
||||||
|
|
||||||
@ -1330,7 +1330,7 @@ int SSL_SESSION_cmp(const SSL_SESSION *a,const SSL_SESSION *b)
|
|||||||
static IMPLEMENT_LHASH_HASH_FN(SSL_SESSION_hash, SSL_SESSION *)
|
static IMPLEMENT_LHASH_HASH_FN(SSL_SESSION_hash, SSL_SESSION *)
|
||||||
static IMPLEMENT_LHASH_COMP_FN(SSL_SESSION_cmp, SSL_SESSION *)
|
static IMPLEMENT_LHASH_COMP_FN(SSL_SESSION_cmp, SSL_SESSION *)
|
||||||
|
|
||||||
SSL_CTX *SSL_CTX_new(SSL_METHOD *meth)
|
SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
|
||||||
{
|
{
|
||||||
SSL_CTX *ret=NULL;
|
SSL_CTX *ret=NULL;
|
||||||
|
|
||||||
@ -1899,12 +1899,12 @@ void ssl_update_cache(SSL *s,int mode)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
SSL_METHOD *SSL_get_ssl_method(SSL *s)
|
const SSL_METHOD *SSL_get_ssl_method(SSL *s)
|
||||||
{
|
{
|
||||||
return(s->method);
|
return(s->method);
|
||||||
}
|
}
|
||||||
|
|
||||||
int SSL_set_ssl_method(SSL *s,SSL_METHOD *meth)
|
int SSL_set_ssl_method(SSL *s, const SSL_METHOD *meth)
|
||||||
{
|
{
|
||||||
int conn= -1;
|
int conn= -1;
|
||||||
int ret=1;
|
int ret=1;
|
||||||
|
|||||||
@ -517,9 +517,9 @@ extern SSL3_ENC_METHOD SSLv3_enc_data;
|
|||||||
extern SSL3_ENC_METHOD DTLSv1_enc_data;
|
extern SSL3_ENC_METHOD DTLSv1_enc_data;
|
||||||
|
|
||||||
#define IMPLEMENT_tls1_meth_func(func_name, s_accept, s_connect, s_get_meth) \
|
#define IMPLEMENT_tls1_meth_func(func_name, s_accept, s_connect, s_get_meth) \
|
||||||
SSL_METHOD *func_name(void) \
|
const SSL_METHOD *func_name(void) \
|
||||||
{ \
|
{ \
|
||||||
static SSL_METHOD func_name##_data= { \
|
static const SSL_METHOD func_name##_data= { \
|
||||||
TLS1_VERSION, \
|
TLS1_VERSION, \
|
||||||
tls1_new, \
|
tls1_new, \
|
||||||
tls1_clear, \
|
tls1_clear, \
|
||||||
@ -554,9 +554,9 @@ SSL_METHOD *func_name(void) \
|
|||||||
}
|
}
|
||||||
|
|
||||||
#define IMPLEMENT_ssl3_meth_func(func_name, s_accept, s_connect, s_get_meth) \
|
#define IMPLEMENT_ssl3_meth_func(func_name, s_accept, s_connect, s_get_meth) \
|
||||||
SSL_METHOD *func_name(void) \
|
const SSL_METHOD *func_name(void) \
|
||||||
{ \
|
{ \
|
||||||
static SSL_METHOD func_name##_data= { \
|
static const SSL_METHOD func_name##_data= { \
|
||||||
SSL3_VERSION, \
|
SSL3_VERSION, \
|
||||||
ssl3_new, \
|
ssl3_new, \
|
||||||
ssl3_clear, \
|
ssl3_clear, \
|
||||||
@ -591,9 +591,9 @@ SSL_METHOD *func_name(void) \
|
|||||||
}
|
}
|
||||||
|
|
||||||
#define IMPLEMENT_ssl23_meth_func(func_name, s_accept, s_connect, s_get_meth) \
|
#define IMPLEMENT_ssl23_meth_func(func_name, s_accept, s_connect, s_get_meth) \
|
||||||
SSL_METHOD *func_name(void) \
|
const SSL_METHOD *func_name(void) \
|
||||||
{ \
|
{ \
|
||||||
static SSL_METHOD func_name##_data= { \
|
static const SSL_METHOD func_name##_data= { \
|
||||||
TLS1_VERSION, \
|
TLS1_VERSION, \
|
||||||
tls1_new, \
|
tls1_new, \
|
||||||
tls1_clear, \
|
tls1_clear, \
|
||||||
@ -628,9 +628,9 @@ SSL_METHOD *func_name(void) \
|
|||||||
}
|
}
|
||||||
|
|
||||||
#define IMPLEMENT_ssl2_meth_func(func_name, s_accept, s_connect, s_get_meth) \
|
#define IMPLEMENT_ssl2_meth_func(func_name, s_accept, s_connect, s_get_meth) \
|
||||||
SSL_METHOD *func_name(void) \
|
const SSL_METHOD *func_name(void) \
|
||||||
{ \
|
{ \
|
||||||
static SSL_METHOD func_name##_data= { \
|
static const SSL_METHOD func_name##_data= { \
|
||||||
SSL2_VERSION, \
|
SSL2_VERSION, \
|
||||||
ssl2_new, /* local */ \
|
ssl2_new, /* local */ \
|
||||||
ssl2_clear, /* local */ \
|
ssl2_clear, /* local */ \
|
||||||
@ -665,9 +665,9 @@ SSL_METHOD *func_name(void) \
|
|||||||
}
|
}
|
||||||
|
|
||||||
#define IMPLEMENT_dtls1_meth_func(func_name, s_accept, s_connect, s_get_meth) \
|
#define IMPLEMENT_dtls1_meth_func(func_name, s_accept, s_connect, s_get_meth) \
|
||||||
SSL_METHOD *func_name(void) \
|
const SSL_METHOD *func_name(void) \
|
||||||
{ \
|
{ \
|
||||||
static SSL_METHOD func_name##_data= { \
|
static const SSL_METHOD func_name##_data= { \
|
||||||
DTLS1_VERSION, \
|
DTLS1_VERSION, \
|
||||||
dtls1_new, \
|
dtls1_new, \
|
||||||
dtls1_clear, \
|
dtls1_clear, \
|
||||||
|
|||||||
@ -553,7 +553,7 @@ void SSL_SESSION_free(SSL_SESSION *ss)
|
|||||||
int SSL_set_session(SSL *s, SSL_SESSION *session)
|
int SSL_set_session(SSL *s, SSL_SESSION *session)
|
||||||
{
|
{
|
||||||
int ret=0;
|
int ret=0;
|
||||||
SSL_METHOD *meth;
|
const SSL_METHOD *meth;
|
||||||
|
|
||||||
if (session != NULL)
|
if (session != NULL)
|
||||||
{
|
{
|
||||||
|
|||||||
@ -401,7 +401,7 @@ int main(int argc, char *argv[])
|
|||||||
#endif
|
#endif
|
||||||
SSL_CTX *s_ctx=NULL;
|
SSL_CTX *s_ctx=NULL;
|
||||||
SSL_CTX *c_ctx=NULL;
|
SSL_CTX *c_ctx=NULL;
|
||||||
SSL_METHOD *meth=NULL;
|
const SSL_METHOD *meth=NULL;
|
||||||
SSL *c_ssl,*s_ssl;
|
SSL *c_ssl,*s_ssl;
|
||||||
int number=1,reuse=0;
|
int number=1,reuse=0;
|
||||||
long bytes=256L;
|
long bytes=256L;
|
||||||
|
|||||||
@ -63,8 +63,8 @@
|
|||||||
#include <openssl/objects.h>
|
#include <openssl/objects.h>
|
||||||
#include <openssl/evp.h>
|
#include <openssl/evp.h>
|
||||||
|
|
||||||
static SSL_METHOD *tls1_get_client_method(int ver);
|
static const SSL_METHOD *tls1_get_client_method(int ver);
|
||||||
static SSL_METHOD *tls1_get_client_method(int ver)
|
static const SSL_METHOD *tls1_get_client_method(int ver)
|
||||||
{
|
{
|
||||||
if (ver == TLS1_VERSION)
|
if (ver == TLS1_VERSION)
|
||||||
return(TLSv1_client_method());
|
return(TLSv1_client_method());
|
||||||
|
|||||||
@ -60,8 +60,8 @@
|
|||||||
#include <openssl/objects.h>
|
#include <openssl/objects.h>
|
||||||
#include "ssl_locl.h"
|
#include "ssl_locl.h"
|
||||||
|
|
||||||
static SSL_METHOD *tls1_get_method(int ver);
|
static const SSL_METHOD *tls1_get_method(int ver);
|
||||||
static SSL_METHOD *tls1_get_method(int ver)
|
static const SSL_METHOD *tls1_get_method(int ver)
|
||||||
{
|
{
|
||||||
if (ver == TLS1_VERSION)
|
if (ver == TLS1_VERSION)
|
||||||
return(TLSv1_method());
|
return(TLSv1_method());
|
||||||
|
|||||||
@ -64,8 +64,8 @@
|
|||||||
#include <openssl/evp.h>
|
#include <openssl/evp.h>
|
||||||
#include <openssl/x509.h>
|
#include <openssl/x509.h>
|
||||||
|
|
||||||
static SSL_METHOD *tls1_get_server_method(int ver);
|
static const SSL_METHOD *tls1_get_server_method(int ver);
|
||||||
static SSL_METHOD *tls1_get_server_method(int ver)
|
static const SSL_METHOD *tls1_get_server_method(int ver)
|
||||||
{
|
{
|
||||||
if (ver == TLS1_VERSION)
|
if (ver == TLS1_VERSION)
|
||||||
return(TLSv1_server_method());
|
return(TLSv1_server_method());
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user