New ctrls to retrieve supported signature algorithms and curves and

extensions to s_client and s_server to print out retrieved valued. Extend CERT structure to cache supported signature algorithm data.
2012-03-06 14:28:21 +00:00
parent 62b6948a27
commit e7f8ff4382
11 changed files with 197 additions and 24 deletions
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -3365,6 +3365,32 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
 		else
 			return ssl_cert_add0_chain_cert(s->cert, (X509 *)parg);

+	case SSL_CTRL_GET_CURVELIST:
+		{
+		unsigned char *clist;
+		size_t clistlen;
+		if (!s->session)
+			return 0;
+		clist = s->session->tlsext_ellipticcurvelist;
+		clistlen = s->session->tlsext_ellipticcurvelist_length / 2;
+		if (parg)
+			{
+			size_t i;
+			int *cptr = parg;
+			unsigned int cid, nid;
+			for (i = 0; i < clistlen; i++)
+				{
+				n2s(clist, cid);
+				nid = tls1_ec_curve_id2nid(cid);
+				if (nid != 0)
+					cptr[i] = nid;
+				else
+					cptr[i] = TLSEXT_nid_unknown | cid;
+				}
+			}
+		return (int)clistlen;
+		}
+
 	default:
 		break;
 		}