Bodo Moeller
25
ssl/s3_lib.c
25
ssl/s3_lib.c
@@ -2492,6 +2492,29 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
|
||||
break;
|
||||
|
||||
#endif /* !OPENSSL_NO_TLSEXT */
|
||||
|
||||
case SSL_CTRL_CHECK_PROTO_VERSION:
|
||||
/* For library-internal use; checks that the current protocol
|
||||
* is the highest enabled version (according to s->ctx->method,
|
||||
* as version negotiation may have changed s->method). */
|
||||
if (s->version == s->ctx->method->version)
|
||||
return 1;
|
||||
/* Apparently we're using a version-flexible SSL_METHOD
|
||||
* (not at its highest protocol version). */
|
||||
if (s->ctx->method->version == SSLv23_method()->version)
|
||||
{
|
||||
#if TLS_MAX_VERSION != TLS1_VERSION
|
||||
# error Code needs update for SSLv23_method() support beyond TLS1_VERSION.
|
||||
#endif
|
||||
if (!(s->options & SSL_OP_NO_TLSv1))
|
||||
return s->version == TLS1_VERSION;
|
||||
if (!(s->options & SSL_OP_NO_SSLv3))
|
||||
return s->version == SSL3_VERSION;
|
||||
if (!(s->options & SSL_OP_NO_SSLv2))
|
||||
return s->version == SSL2_VERSION;
|
||||
}
|
||||
return 0; /* Unexpected state; fail closed. */
|
||||
|
||||
default:
|
||||
break;
|
||||
}
|
||||
@@ -2793,6 +2816,7 @@ long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
|
||||
break;
|
||||
|
||||
#endif
|
||||
|
||||
default:
|
||||
return(0);
|
||||
}
|
||||
@@ -3347,4 +3371,3 @@ need to go to SSL_ST_ACCEPT.
|
||||
}
|
||||
return(ret);
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user