Add ctrls to clear options and mode.
Change RI ctrl so it doesn't clash.
This commit is contained in:
Dr. Stephen Henson
parent
17bb051628
commit
cb4823fdd6
3
CHANGES
3
CHANGES
@ -4,6 +4,9 @@
|
|||||||
|
|
||||||
Changes between 0.9.8l (?) and 0.9.8m (?) [xx XXX xxxx]
|
Changes between 0.9.8l (?) and 0.9.8m (?) [xx XXX xxxx]
|
||||||
|
|
||||||
|
*) Add "missing" ssl ctrls to clear options and mode.
|
||||||
|
[Steve Henson]
|
||||||
|
|
||||||
*) If client attempts to renegotiate and doesn't support RI respond with
|
*) If client attempts to renegotiate and doesn't support RI respond with
|
||||||
a no_renegotiation alert as required by draft-ietf-tls-renegotiation.
|
a no_renegotiation alert as required by draft-ietf-tls-renegotiation.
|
||||||
Some renegotiating TLS clients will continue a connection gracefully
|
Some renegotiating TLS clients will continue a connection gracefully
|
||||||
|
|||||||
14
ssl/ssl.h
14
ssl/ssl.h
@ -564,17 +564,25 @@ typedef struct ssl_session_st
|
|||||||
|
|
||||||
#define SSL_CTX_set_options(ctx,op) \
|
#define SSL_CTX_set_options(ctx,op) \
|
||||||
SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,(op),NULL)
|
SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,(op),NULL)
|
||||||
|
#define SSL_CTX_clear_options(ctx,op) \
|
||||||
|
SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_OPTIONS,(op),NULL)
|
||||||
#define SSL_CTX_get_options(ctx) \
|
#define SSL_CTX_get_options(ctx) \
|
||||||
SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,0,NULL)
|
SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,0,NULL)
|
||||||
#define SSL_set_options(ssl,op) \
|
#define SSL_set_options(ssl,op) \
|
||||||
SSL_ctrl((ssl),SSL_CTRL_OPTIONS,(op),NULL)
|
SSL_ctrl((ssl),SSL_CTRL_OPTIONS,(op),NULL)
|
||||||
|
#define SSL_clear_options(ssl,op) \
|
||||||
|
SSL_ctrl((ssl),SSL_CTRL_CLEAR_OPTIONS,(op),NULL)
|
||||||
#define SSL_get_options(ssl) \
|
#define SSL_get_options(ssl) \
|
||||||
SSL_ctrl((ssl),SSL_CTRL_OPTIONS,0,NULL)
|
SSL_ctrl((ssl),SSL_CTRL_OPTIONS,0,NULL)
|
||||||
|
|
||||||
#define SSL_CTX_set_mode(ctx,op) \
|
#define SSL_CTX_set_mode(ctx,op) \
|
||||||
SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,(op),NULL)
|
SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,(op),NULL)
|
||||||
|
#define SSL_CTX_clear_mode(ctx,op) \
|
||||||
|
SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_MODE,(op),NULL)
|
||||||
#define SSL_CTX_get_mode(ctx) \
|
#define SSL_CTX_get_mode(ctx) \
|
||||||
SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,0,NULL)
|
SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,0,NULL)
|
||||||
|
#define SSL_clear_mode(ssl,op) \
|
||||||
|
SSL_ctrl((ssl),SSL_CTRL_CLEAR_MODE,(op),NULL)
|
||||||
#define SSL_set_mode(ssl,op) \
|
#define SSL_set_mode(ssl,op) \
|
||||||
SSL_ctrl((ssl),SSL_CTRL_MODE,(op),NULL)
|
SSL_ctrl((ssl),SSL_CTRL_MODE,(op),NULL)
|
||||||
#define SSL_get_mode(ssl) \
|
#define SSL_get_mode(ssl) \
|
||||||
@ -1251,8 +1259,6 @@ size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count);
|
|||||||
#define SSL_CTRL_GET_MAX_CERT_LIST 50
|
#define SSL_CTRL_GET_MAX_CERT_LIST 50
|
||||||
#define SSL_CTRL_SET_MAX_CERT_LIST 51
|
#define SSL_CTRL_SET_MAX_CERT_LIST 51
|
||||||
|
|
||||||
#define SSL_CTRL_GET_RI_SUPPORT 53
|
|
||||||
|
|
||||||
/* see tls1.h for macros based on these */
|
/* see tls1.h for macros based on these */
|
||||||
#ifndef OPENSSL_NO_TLSEXT
|
#ifndef OPENSSL_NO_TLSEXT
|
||||||
#define SSL_CTRL_SET_TLSEXT_SERVERNAME_CB 53
|
#define SSL_CTRL_SET_TLSEXT_SERVERNAME_CB 53
|
||||||
@ -1280,6 +1286,10 @@ size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count);
|
|||||||
#define DTLS_CTRL_HANDLE_TIMEOUT 74
|
#define DTLS_CTRL_HANDLE_TIMEOUT 74
|
||||||
#define DTLS_CTRL_LISTEN 75
|
#define DTLS_CTRL_LISTEN 75
|
||||||
|
|
||||||
|
#define SSL_CTRL_GET_RI_SUPPORT 76
|
||||||
|
#define SSL_CTRL_CLEAR_OPTIONS 77
|
||||||
|
#define SSL_CTRL_CLEAR_MODE 78
|
||||||
|
|
||||||
#define DTLSv1_get_timeout(ssl, arg) \
|
#define DTLSv1_get_timeout(ssl, arg) \
|
||||||
SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg)
|
SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg)
|
||||||
#define DTLSv1_handle_timeout(ssl) \
|
#define DTLSv1_handle_timeout(ssl) \
|
||||||
|
|||||||
@ -987,8 +987,12 @@ long SSL_ctrl(SSL *s,int cmd,long larg,void *parg)
|
|||||||
|
|
||||||
case SSL_CTRL_OPTIONS:
|
case SSL_CTRL_OPTIONS:
|
||||||
return(s->options|=larg);
|
return(s->options|=larg);
|
||||||
|
case SSL_CTRL_CLEAR_OPTIONS:
|
||||||
|
return(s->options&=~larg);
|
||||||
case SSL_CTRL_MODE:
|
case SSL_CTRL_MODE:
|
||||||
return(s->mode|=larg);
|
return(s->mode|=larg);
|
||||||
|
case SSL_CTRL_CLEAR_MODE:
|
||||||
|
return(s->mode &=~larg);
|
||||||
case SSL_CTRL_GET_MAX_CERT_LIST:
|
case SSL_CTRL_GET_MAX_CERT_LIST:
|
||||||
return(s->max_cert_list);
|
return(s->max_cert_list);
|
||||||
case SSL_CTRL_SET_MAX_CERT_LIST:
|
case SSL_CTRL_SET_MAX_CERT_LIST:
|
||||||
@ -1093,8 +1097,12 @@ long SSL_CTX_ctrl(SSL_CTX *ctx,int cmd,long larg,void *parg)
|
|||||||
return(ctx->stats.sess_cache_full);
|
return(ctx->stats.sess_cache_full);
|
||||||
case SSL_CTRL_OPTIONS:
|
case SSL_CTRL_OPTIONS:
|
||||||
return(ctx->options|=larg);
|
return(ctx->options|=larg);
|
||||||
|
case SSL_CTRL_CLEAR_OPTIONS:
|
||||||
|
return(ctx->options&=~larg);
|
||||||
case SSL_CTRL_MODE:
|
case SSL_CTRL_MODE:
|
||||||
return(ctx->mode|=larg);
|
return(ctx->mode|=larg);
|
||||||
|
case SSL_CTRL_CLEAR_MODE:
|
||||||
|
return(ctx->mode&=~larg);
|
||||||
default:
|
default:
|
||||||
return(ctx->method->ssl_ctx_ctrl(ctx,cmd,larg,parg));
|
return(ctx->method->ssl_ctx_ctrl(ctx,cmd,larg,parg));
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user