generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

New functions SSL_get_finished, SSL_get_peer_finished.

Browse Source 
Add short state string for MS SGC.
This commit is contained in:
Bodo Möller
2000-01-06 01:19:17 +00:00
parent 9fb617e252
commit ca03109c3a
4 changed files with 50 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
CHANGES
View File

@@ -4,7 +4,16 @@
Changes between 0.9.4 and 0.9.5 [xx XXX 1999] Changes between 0.9.4 and 0.9.5 [xx XXX 1999]
*) Clean up 'Finished' handling. *) Clean up 'Finished' handling, and add functions SSL_get_finished and
SSL_get_peer_finished to allow applications to obtain the latest
Finished messages sent to the peer or expected from the peer,
respectively. (SSL_get_peer_finished is usually the Finished message
actually received from the peer, otherwise the protocol will be aborted.)
As the Finished message are message digests of the complete handshake
(with a total of 192 bits for TLS 1.0 and more for SSL 3.0), they can
be used for external authentication procedures when the authentication
provided by SSL/TLS is not desired or is not enough.
[Bodo Moeller] [Bodo Moeller]
*) Enhanced support for Alpha Linux is added. Now ./config checks if *) Enhanced support for Alpha Linux is added. Now ./config checks if

7
ssl/ssl.h
View File

@@ -704,6 +704,13 @@ struct ssl_st
#define SSL_ST_READ_BODY 0xF1 #define SSL_ST_READ_BODY 0xF1
#define SSL_ST_READ_DONE 0xF2 #define SSL_ST_READ_DONE 0xF2
/* Obtain latest Finished message
* -- that we sent (SSL_get_finished)
* -- that we expected from peer (SSL_get_peer_finished).
* Returns length (0 == no Finished so far), copies up to 'count' bytes. */
size_t SSL_get_finished(SSL *s, void *buf, size_t count);
size_t SSL_get_peer_finished(SSL *s, void *buf, size_t count);
/* use either SSL_VERIFY_NONE or SSL_VERIFY_PEER, the last 2 options /* use either SSL_VERIFY_NONE or SSL_VERIFY_PEER, the last 2 options
* are 'ored' with SSL_VERIFY_PEER if they are desired */ * are 'ored' with SSL_VERIFY_PEER if they are desired */
#define SSL_VERIFY_NONE 0x00 #define SSL_VERIFY_NONE 0x00

32
ssl/ssl_lib.c
View File

@@ -477,6 +477,38 @@ err:
} }
#endif #endif
/* return length of latest Finished message we sent, copy to 'buf' */
size_t SSL_get_finished(SSL *s, void *buf, size_t count)
{
size_t ret = 0;
if (s->s3 != NULL)
{
ret = s->s3->tmp.finish_md_len;
if (count > ret)
count = ret;
memcpy(buf, s->s3->tmp.finish_md, count);
}
return ret;
}
/* return length of latest Finished message we expected, copy to 'buf' */
size_t SSL_get_peer_finished(SSL *s, void *buf, size_t count)
{
size_t ret = 0;
if (s->s3 != NULL)
{
ret = s->s3->tmp.peer_finish_md_len;
if (count > ret)
count = ret;
memcpy(buf, s->s3->tmp.peer_finish_md, count);
}
return ret;
}
int SSL_get_verify_mode(SSL *s) int SSL_get_verify_mode(SSL *s)
{ {
return(s->verify_mode); return(s->verify_mode);

1
ssl/ssl_stat.c
View File

@@ -313,6 +313,7 @@ case SSL3_ST_SW_HELLO_REQ_C: str="3WHR_C"; break;
case SSL3_ST_SR_CLNT_HELLO_A: str="3RCH_A"; break; case SSL3_ST_SR_CLNT_HELLO_A: str="3RCH_A"; break;
case SSL3_ST_SR_CLNT_HELLO_B: str="3RCH_B"; break; case SSL3_ST_SR_CLNT_HELLO_B: str="3RCH_B"; break;
case SSL3_ST_SR_CLNT_HELLO_C: str="3RCH_C"; break; case SSL3_ST_SR_CLNT_HELLO_C: str="3RCH_C"; break;
case SSL3_ST_SR_MS_SGC: str="3RMSSG"; break;
case SSL3_ST_SW_SRVR_HELLO_A: str="3WSH_A"; break; case SSL3_ST_SW_SRVR_HELLO_A: str="3WSH_A"; break;
case SSL3_ST_SW_SRVR_HELLO_B: str="3WSH_B"; break; case SSL3_ST_SW_SRVR_HELLO_B: str="3WSH_B"; break;
case SSL3_ST_SW_CERT_A: str="3WSC_A"; break; case SSL3_ST_SW_CERT_A: str="3WSC_A"; break;