wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Initialize SSL_METHOD structures at compile time. This removes the need

Browse source 
for locking code. The CRYPTO_LOCK_SSL_METHOD lock is now no longer used.
This commit is contained in:
Dr. Stephen Henson 2005-08-05 23:56:11 +00:00
parent 53b38d37a9
commit f3b656b246
22 changed files with 302 additions and 546 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
CHANGES
View file

@ -14,6 +14,10 @@
Changes between 0.9.8 and 0.9.8a [XX xxx XXXX] Changes between 0.9.8 and 0.9.8a [XX xxx XXXX]
*) Initialize SSL_METHOD structures at compile time instead of during
runtime, thus removing the need for a lock.
[Steve Henson]
*) Make PKCS7_decrypt() work even if no certificate is supplied by *) Make PKCS7_decrypt() work even if no certificate is supplied by
attempting to decrypt each encrypted key in turn. Add support to attempting to decrypt each encrypted key in turn. Add support to
smime utility. smime utility.

26
ssl/d1_clnt.c
View file

@ -136,28 +136,10 @@ static SSL_METHOD *dtls1_get_client_method(int ver)
return(NULL); return(NULL);
} }
SSL_METHOD *DTLSv1_client_method(void) IMPLEMENT_dtls1_meth_func(DTLSv1_client_method,
{ ssl_undefined_function,
static int init=1; dtls1_connect,
static SSL_METHOD DTLSv1_client_data; dtls1_get_client_method)
if (init)
{
CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
if (init)
{
memcpy((char *)&DTLSv1_client_data,(char *)dtlsv1_base_method(),
sizeof(SSL_METHOD));
DTLSv1_client_data.ssl_connect=dtls1_connect;
DTLSv1_client_data.get_ssl_method=dtls1_get_client_method;
init=0;
}
CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
}
return(&DTLSv1_client_data);
}
int dtls1_connect(SSL *s) int dtls1_connect(SSL *s)
{ {

46
ssl/d1_lib.c
View file

@ -63,9 +63,7 @@
const char *dtls1_version_str="DTLSv1" OPENSSL_VERSION_PTEXT; const char *dtls1_version_str="DTLSv1" OPENSSL_VERSION_PTEXT;
static long dtls1_default_timeout(void); SSL3_ENC_METHOD DTLSv1_enc_data={
static SSL3_ENC_METHOD DTLSv1_enc_data={
dtls1_enc, dtls1_enc,
tls1_mac, tls1_mac,
tls1_setup_key_block, tls1_setup_key_block,
@ -79,49 +77,17 @@ static SSL3_ENC_METHOD DTLSv1_enc_data={
tls1_alert_code, tls1_alert_code,
}; };
static SSL_METHOD DTLSv1_data= { long dtls1_default_timeout(void)
DTLS1_VERSION,
dtls1_new,
dtls1_clear,
dtls1_free,
ssl_undefined_function,
ssl_undefined_function,
ssl3_read,
ssl3_peek,
ssl3_write,
ssl3_shutdown,
ssl3_renegotiate,
ssl3_renegotiate_check,
dtls1_get_message,
dtls1_read_bytes,
dtls1_write_app_data_bytes,
dtls1_dispatch_alert,
ssl3_ctrl,
ssl3_ctx_ctrl,
ssl3_get_cipher_by_char,
ssl3_put_cipher_by_char,
ssl3_pending,
ssl3_num_ciphers,
ssl3_get_cipher,
ssl_bad_method,
dtls1_default_timeout,
&DTLSv1_enc_data,
ssl_undefined_void_function,
ssl3_callback_ctrl,
ssl3_ctx_callback_ctrl,
};
static long dtls1_default_timeout(void)
{ {
/* 2 hours, the 24 hours mentioned in the DTLSv1 spec /* 2 hours, the 24 hours mentioned in the DTLSv1 spec
* is way too long for http, the cache would over fill */ * is way too long for http, the cache would over fill */
return(60*60*2); return(60*60*2);
} }
SSL_METHOD *dtlsv1_base_method(void) IMPLEMENT_dtls1_meth_func(dtls1_base_method,
{ ssl_undefined_function,
return(&DTLSv1_data); ssl_undefined_function,
} ssl_bad_method)
int dtls1_new(SSL *s) int dtls1_new(SSL *s)
{ {

27
ssl/d1_meth.c
View file

@ -70,27 +70,8 @@ static SSL_METHOD *dtls1_get_method(int ver)
return(NULL); return(NULL);
} }
SSL_METHOD *DTLSv1_method(void) IMPLEMENT_dtls1_meth_func(DTLSv1_method,
{ dtls1_accept,
static int init=1; dtls1_connect,
static SSL_METHOD DTLSv1_data; dtls1_get_method)
if (init)
{
CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
if (init)
{
memcpy((char *)&DTLSv1_data,(char *)dtlsv1_base_method(),
sizeof(SSL_METHOD));
DTLSv1_data.ssl_connect=dtls1_connect;
DTLSv1_data.ssl_accept=dtls1_accept;
DTLSv1_data.get_ssl_method=dtls1_get_method;
init=0;
}
CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
}
return(&DTLSv1_data);
}

26
ssl/d1_srvr.c
View file

@ -137,28 +137,10 @@ static SSL_METHOD *dtls1_get_server_method(int ver)
return(NULL); return(NULL);
} }
SSL_METHOD *DTLSv1_server_method(void) IMPLEMENT_dtls1_meth_func(DTLSv1_server_method,
{ dtls1_accept,
static int init=1; ssl_undefined_function,
static SSL_METHOD DTLSv1_server_data; dtls1_get_server_method)
if (init)
{
CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
if (init)
{
memcpy((char *)&DTLSv1_server_data,(char *)dtlsv1_base_method(),
sizeof(SSL_METHOD));
DTLSv1_server_data.ssl_accept=dtls1_accept;
DTLSv1_server_data.get_ssl_method=dtls1_get_server_method;
init=0;
}
CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
}
return(&DTLSv1_server_data);
}
int dtls1_accept(SSL *s) int dtls1_accept(SSL *s)
{ {

26
ssl/s23_clnt.c
View file

@ -80,28 +80,10 @@ static SSL_METHOD *ssl23_get_client_method(int ver)
return(NULL); return(NULL);
} }
SSL_METHOD *SSLv23_client_method(void) IMPLEMENT_ssl23_meth_func(SSLv23_client_method,
{ ssl_undefined_function,
static int init=1; ssl23_connect,
static SSL_METHOD SSLv23_client_data; ssl23_get_client_method)
if (init)
{
CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
if (init)
{
memcpy((char *)&SSLv23_client_data,
(char *)sslv23_base_method(),sizeof(SSL_METHOD));
SSLv23_client_data.ssl_connect=ssl23_connect;
SSLv23_client_data.get_ssl_method=ssl23_get_client_method;
init=0;
}
CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
}
return(&SSLv23_client_data);
}
int ssl23_connect(SSL *s) int ssl23_connect(SSL *s)
{ {

66
ssl/s23_lib.c
View file

@ -60,59 +60,17 @@
#include <openssl/objects.h> #include <openssl/objects.h>
#include "ssl_locl.h" #include "ssl_locl.h"
static int ssl23_num_ciphers(void ); long ssl23_default_timeout(void)
static SSL_CIPHER *ssl23_get_cipher(unsigned int u);
static int ssl23_read(SSL *s, void *buf, int len);
static int ssl23_peek(SSL *s, void *buf, int len);
static int ssl23_write(SSL *s, const void *buf, int len);
static long ssl23_default_timeout(void );
static int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p);
static SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p);
const char *SSL23_version_str="SSLv2/3 compatibility" OPENSSL_VERSION_PTEXT;
static SSL_METHOD SSLv23_data= {
TLS1_VERSION,
tls1_new,
tls1_clear,
tls1_free,
ssl_undefined_function,
ssl_undefined_function,
ssl23_read,
ssl23_peek,
ssl23_write,
ssl_undefined_function,
ssl_undefined_function,
ssl_ok,
ssl3_get_message,
ssl3_read_bytes,
ssl3_write_bytes,
ssl3_dispatch_alert,
ssl3_ctrl,
ssl3_ctx_ctrl,
ssl23_get_cipher_by_char,
ssl23_put_cipher_by_char,
ssl_undefined_const_function,
ssl23_num_ciphers,
ssl23_get_cipher,
ssl_bad_method,
ssl23_default_timeout,
&ssl3_undef_enc_method,
ssl_undefined_void_function,
ssl3_callback_ctrl,
ssl3_ctx_callback_ctrl,
};
static long ssl23_default_timeout(void)
{ {
return(300); return(300);
} }
SSL_METHOD *sslv23_base_method(void) IMPLEMENT_ssl23_meth_func(sslv23_base_method,
{ ssl_undefined_function,
return(&SSLv23_data); ssl_undefined_function,
} ssl_bad_method)
static int ssl23_num_ciphers(void) int ssl23_num_ciphers(void)
{ {
return(ssl3_num_ciphers() return(ssl3_num_ciphers()
#ifndef OPENSSL_NO_SSL2 #ifndef OPENSSL_NO_SSL2
@ -121,7 +79,7 @@ static int ssl23_num_ciphers(void)
); );
} }
static SSL_CIPHER *ssl23_get_cipher(unsigned int u) SSL_CIPHER *ssl23_get_cipher(unsigned int u)
{ {
unsigned int uu=ssl3_num_ciphers(); unsigned int uu=ssl3_num_ciphers();
@ -137,7 +95,7 @@ static SSL_CIPHER *ssl23_get_cipher(unsigned int u)
/* This function needs to check if the ciphers required are actually /* This function needs to check if the ciphers required are actually
* available */ * available */
static SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p) SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p)
{ {
SSL_CIPHER c,*cp; SSL_CIPHER c,*cp;
unsigned long id; unsigned long id;
@ -155,7 +113,7 @@ static SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p)
return(cp); return(cp);
} }
static int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p) int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
{ {
long l; long l;
@ -170,7 +128,7 @@ static int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
return(3); return(3);
} }
static int ssl23_read(SSL *s, void *buf, int len) int ssl23_read(SSL *s, void *buf, int len)
{ {
int n; int n;
@ -193,7 +151,7 @@ static int ssl23_read(SSL *s, void *buf, int len)
} }
} }
static int ssl23_peek(SSL *s, void *buf, int len) int ssl23_peek(SSL *s, void *buf, int len)
{ {
int n; int n;
@ -216,7 +174,7 @@ static int ssl23_peek(SSL *s, void *buf, int len)
} }
} }
static int ssl23_write(SSL *s, const void *buf, int len) int ssl23_write(SSL *s, const void *buf, int len)
{ {
int n; int n;

27
ssl/s23_meth.c
View file

@ -73,27 +73,8 @@ static SSL_METHOD *ssl23_get_method(int ver)
return(NULL); return(NULL);
} }
SSL_METHOD *SSLv23_method(void) IMPLEMENT_ssl23_meth_func(SSLv23_method,
{ ssl23_accept,
static int init=1; ssl23_connect,
static SSL_METHOD SSLv23_data; ssl23_get_method)
if (init)
{
CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
if (init)
{
memcpy((char *)&SSLv23_data,(char *)sslv23_base_method(),
sizeof(SSL_METHOD));
SSLv23_data.ssl_connect=ssl23_connect;
SSLv23_data.ssl_accept=ssl23_accept;
SSLv23_data.get_ssl_method=ssl23_get_method;
init=0;
}
CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
}
return(&SSLv23_data);
}

26
ssl/s23_srvr.c
View file

@ -132,28 +132,10 @@ static SSL_METHOD *ssl23_get_server_method(int ver)
return(NULL); return(NULL);
} }
SSL_METHOD *SSLv23_server_method(void) IMPLEMENT_ssl23_meth_func(SSLv23_server_method,
{ ssl23_accept,
static int init=1; ssl_undefined_function,
static SSL_METHOD SSLv23_server_data; ssl23_get_server_method)
if (init)
{
CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
if (init)
{
memcpy((char *)&SSLv23_server_data,
(char *)sslv23_base_method(),sizeof(SSL_METHOD));
SSLv23_server_data.ssl_accept=ssl23_accept;
SSLv23_server_data.get_ssl_method=ssl23_get_server_method;
init=0;
}
CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
}
return(&SSLv23_server_data);
}
int ssl23_accept(SSL *s) int ssl23_accept(SSL *s)
{ {

26
ssl/s2_clnt.c
View file

@ -137,28 +137,10 @@ static SSL_METHOD *ssl2_get_client_method(int ver)
return(NULL); return(NULL);
} }
SSL_METHOD *SSLv2_client_method(void) IMPLEMENT_ssl2_meth_func(SSLv2_client_method,
{ ssl_undefined_function,
static int init=1; ssl2_connect,
static SSL_METHOD SSLv2_client_data; ssl2_get_client_method)
if (init)
{
CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
if (init)
{
memcpy((char *)&SSLv2_client_data,(char *)sslv2_base_method(),
sizeof(SSL_METHOD));
SSLv2_client_data.ssl_connect=ssl2_connect;
SSLv2_client_data.get_ssl_method=ssl2_get_client_method;
init=0;
}
CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
}
return(&SSLv2_client_data);
}
int ssl2_connect(SSL *s) int ssl2_connect(SSL *s)
{ {

43
ssl/s2_lib.c
View file

@ -63,7 +63,6 @@
#include <openssl/evp.h> #include <openssl/evp.h>
#include <openssl/md5.h> #include <openssl/md5.h>
static long ssl2_default_timeout(void );
const char *ssl2_version_str="SSLv2" OPENSSL_VERSION_PTEXT; const char *ssl2_version_str="SSLv2" OPENSSL_VERSION_PTEXT;
#define SSL2_NUM_CIPHERS (sizeof(ssl2_ciphers)/sizeof(SSL_CIPHER)) #define SSL2_NUM_CIPHERS (sizeof(ssl2_ciphers)/sizeof(SSL_CIPHER))
@ -211,47 +210,15 @@ OPENSSL_GLOBAL SSL_CIPHER ssl2_ciphers[]={
/* end of list :-) */ /* end of list :-) */
}; };
static SSL_METHOD SSLv2_data= { long ssl2_default_timeout(void)
SSL2_VERSION,
ssl2_new, /* local */
ssl2_clear, /* local */
ssl2_free, /* local */
ssl_undefined_function,
ssl_undefined_function,
ssl2_read,
ssl2_peek,
ssl2_write,
ssl2_shutdown,
ssl_ok, /* NULL - renegotiate */
ssl_ok, /* NULL - check renegotiate */
NULL, /* NULL - ssl_get_message */
NULL, /* NULL - ssl_get_record */
NULL, /* NULL - ssl_write_bytes */
NULL, /* NULL - dispatch_alert */
ssl2_ctrl, /* local */
ssl2_ctx_ctrl, /* local */
ssl2_get_cipher_by_char,
ssl2_put_cipher_by_char,
ssl2_pending,
ssl2_num_ciphers,
ssl2_get_cipher,
ssl_bad_method,
ssl2_default_timeout,
&ssl3_undef_enc_method,
ssl_undefined_void_function,
ssl2_callback_ctrl, /* local */
ssl2_ctx_callback_ctrl, /* local */
};
static long ssl2_default_timeout(void)
{ {
return(300); return(300);
} }
SSL_METHOD *sslv2_base_method(void) IMPLEMENT_ssl2_meth_func(sslv2_base_method,
{ ssl_undefined_function,
return(&SSLv2_data); ssl_undefined_function,
} ssl_bad_method)
int ssl2_num_ciphers(void) int ssl2_num_ciphers(void)
{ {

26
ssl/s2_meth.c
View file

@ -70,29 +70,11 @@ static SSL_METHOD *ssl2_get_method(int ver)
return(NULL); return(NULL);
} }
SSL_METHOD *SSLv2_method(void) IMPLEMENT_ssl2_meth_func(SSLv2_method,
{ ssl2_accept,
static int init=1; ssl2_connect,
static SSL_METHOD SSLv2_data; ssl2_get_method)
if (init)
{
CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
if (init)
{
memcpy((char *)&SSLv2_data,(char *)sslv2_base_method(),
sizeof(SSL_METHOD));
SSLv2_data.ssl_connect=ssl2_connect;
SSLv2_data.ssl_accept=ssl2_accept;
SSLv2_data.get_ssl_method=ssl2_get_method;
init=0;
}
CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
}
return(&SSLv2_data);
}
#else /* !OPENSSL_NO_SSL2 */ #else /* !OPENSSL_NO_SSL2 */
# if PEDANTIC # if PEDANTIC

26
ssl/s2_srvr.c
View file

@ -137,28 +137,10 @@ static SSL_METHOD *ssl2_get_server_method(int ver)
return(NULL); return(NULL);
} }
SSL_METHOD *SSLv2_server_method(void) IMPLEMENT_ssl2_meth_func(SSLv2_server_method,
{ ssl2_accept,
static int init=1; ssl_undefined_function,
static SSL_METHOD SSLv2_server_data; ssl2_get_server_method)
if (init)
{
CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
if (init)
{
memcpy((char *)&SSLv2_server_data,(char *)sslv2_base_method(),
sizeof(SSL_METHOD));
SSLv2_server_data.ssl_accept=ssl2_accept;
SSLv2_server_data.get_ssl_method=ssl2_get_server_method;
init=0;
}
CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
}
return(&SSLv2_server_data);
}
int ssl2_accept(SSL *s) int ssl2_accept(SSL *s)
{ {

26
ssl/s3_clnt.c
View file

@ -151,28 +151,10 @@ static SSL_METHOD *ssl3_get_client_method(int ver)
return(NULL); return(NULL);
} }
SSL_METHOD *SSLv3_client_method(void) IMPLEMENT_ssl3_meth_func(SSLv3_client_method,
{ ssl_undefined_function,
static int init=1; ssl3_connect,
static SSL_METHOD SSLv3_client_data; ssl3_get_client_method)
if (init)
{
CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
if (init)
{
memcpy((char *)&SSLv3_client_data,(char *)sslv3_base_method(),
sizeof(SSL_METHOD));
SSLv3_client_data.ssl_connect=ssl3_connect;
SSLv3_client_data.get_ssl_method=ssl3_get_client_method;
init=0;
}
CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
}
return(&SSLv3_client_data);
}
int ssl3_connect(SSL *s) int ssl3_connect(SSL *s)
{ {

46
ssl/s3_lib.c
View file

@ -135,8 +135,6 @@ const char *ssl3_version_str="SSLv3" OPENSSL_VERSION_PTEXT;
#define SSL3_NUM_CIPHERS (sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER)) #define SSL3_NUM_CIPHERS (sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER))
static long ssl3_default_timeout(void );
OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
/* The RSA ciphers */ /* The RSA ciphers */
/* Cipher 01 */ /* Cipher 01 */
@ -1356,7 +1354,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
/* end of list */ /* end of list */
}; };
static SSL3_ENC_METHOD SSLv3_enc_data={ SSL3_ENC_METHOD SSLv3_enc_data={
ssl3_enc, ssl3_enc,
ssl3_mac, ssl3_mac,
ssl3_setup_key_block, ssl3_setup_key_block,
@ -1370,49 +1368,17 @@ static SSL3_ENC_METHOD SSLv3_enc_data={
ssl3_alert_code, ssl3_alert_code,
}; };
static SSL_METHOD SSLv3_data= { long ssl3_default_timeout(void)
SSL3_VERSION,
ssl3_new,
ssl3_clear,
ssl3_free,
ssl_undefined_function,
ssl_undefined_function,
ssl3_read,
ssl3_peek,
ssl3_write,
ssl3_shutdown,
ssl3_renegotiate,
ssl3_renegotiate_check,
ssl3_get_message,
ssl3_read_bytes,
ssl3_write_bytes,
ssl3_dispatch_alert,
ssl3_ctrl,
ssl3_ctx_ctrl,
ssl3_get_cipher_by_char,
ssl3_put_cipher_by_char,
ssl3_pending,
ssl3_num_ciphers,
ssl3_get_cipher,
ssl_bad_method,
ssl3_default_timeout,
&SSLv3_enc_data,
ssl_undefined_void_function,
ssl3_callback_ctrl,
ssl3_ctx_callback_ctrl,
};
static long ssl3_default_timeout(void)
{ {
/* 2 hours, the 24 hours mentioned in the SSLv3 spec /* 2 hours, the 24 hours mentioned in the SSLv3 spec
* is way too long for http, the cache would over fill */ * is way too long for http, the cache would over fill */
return(60*60*2); return(60*60*2);
} }
SSL_METHOD *sslv3_base_method(void) IMPLEMENT_ssl3_meth_func(sslv3_base_method,
{ ssl_undefined_function,
return(&SSLv3_data); ssl_undefined_function,
} ssl_bad_method)
int ssl3_num_ciphers(void) int ssl3_num_ciphers(void)
{ {

26
ssl/s3_meth.c
View file

@ -69,27 +69,9 @@ static SSL_METHOD *ssl3_get_method(int ver)
return(NULL); return(NULL);
} }
SSL_METHOD *SSLv3_method(void) IMPLEMENT_ssl3_meth_func(SSLv3_method,
{ ssl3_accept,
static int init=1; ssl3_connect,
static SSL_METHOD SSLv3_data; ssl3_get_method)
if (init)
{
CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
if (init)
{
memcpy((char *)&SSLv3_data,(char *)sslv3_base_method(),
sizeof(SSL_METHOD));
SSLv3_data.ssl_connect=ssl3_connect;
SSLv3_data.ssl_accept=ssl3_accept;
SSLv3_data.get_ssl_method=ssl3_get_method;
init=0;
}
CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
}
return(&SSLv3_data);
}

26
ssl/s3_srvr.c
View file

@ -156,28 +156,10 @@ static SSL_METHOD *ssl3_get_server_method(int ver)
return(NULL); return(NULL);
} }
SSL_METHOD *SSLv3_server_method(void) IMPLEMENT_ssl3_meth_func(SSLv3_server_method,
{ ssl3_accept,
static int init=1; ssl_undefined_function,
static SSL_METHOD SSLv3_server_data; ssl3_get_server_method)
if (init)
{
CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
if (init)
{
memcpy((char *)&SSLv3_server_data,(char *)sslv3_base_method(),
sizeof(SSL_METHOD));
SSLv3_server_data.ssl_accept=ssl3_accept;
SSLv3_server_data.get_ssl_method=ssl3_get_server_method;
init=0;
}
CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
}
return(&SSLv3_server_data);
}
int ssl3_accept(SSL *s) int ssl3_accept(SSL *s)
{ {

203
ssl/ssl_locl.h
View file

@ -515,6 +515,195 @@ SSL_METHOD *sslv2_base_method(void);
SSL_METHOD *sslv23_base_method(void); SSL_METHOD *sslv23_base_method(void);
SSL_METHOD *sslv3_base_method(void); SSL_METHOD *sslv3_base_method(void);
extern SSL3_ENC_METHOD TLSv1_enc_data;
extern SSL3_ENC_METHOD SSLv3_enc_data;
extern SSL3_ENC_METHOD DTLSv1_enc_data;
#define IMPLEMENT_tls1_meth_func(func_name, s_accept, s_connect, s_get_meth) \
SSL_METHOD *func_name(void) \
{ \
static SSL_METHOD func_name##_data= { \
TLS1_VERSION, \
tls1_new, \
tls1_clear, \
tls1_free, \
s_accept, \
s_connect, \
ssl3_read, \
ssl3_peek, \
ssl3_write, \
ssl3_shutdown, \
ssl3_renegotiate, \
ssl3_renegotiate_check, \
ssl3_get_message, \
ssl3_read_bytes, \
ssl3_write_bytes, \
ssl3_dispatch_alert, \
ssl3_ctrl, \
ssl3_ctx_ctrl, \
ssl3_get_cipher_by_char, \
ssl3_put_cipher_by_char, \
ssl3_pending, \
ssl3_num_ciphers, \
ssl3_get_cipher, \
s_get_meth, \
tls1_default_timeout, \
&TLSv1_enc_data, \
ssl_undefined_void_function, \
ssl3_callback_ctrl, \
ssl3_ctx_callback_ctrl, \
}; \
return &func_name##_data; \
}
#define IMPLEMENT_ssl3_meth_func(func_name, s_accept, s_connect, s_get_meth) \
SSL_METHOD *func_name(void) \
{ \
static SSL_METHOD func_name##_data= { \
SSL3_VERSION, \
ssl3_new, \
ssl3_clear, \
ssl3_free, \
s_accept, \
s_connect, \
ssl3_read, \
ssl3_peek, \
ssl3_write, \
ssl3_shutdown, \
ssl3_renegotiate, \
ssl3_renegotiate_check, \
ssl3_get_message, \
ssl3_read_bytes, \
ssl3_write_bytes, \
ssl3_dispatch_alert, \
ssl3_ctrl, \
ssl3_ctx_ctrl, \
ssl3_get_cipher_by_char, \
ssl3_put_cipher_by_char, \
ssl3_pending, \
ssl3_num_ciphers, \
ssl3_get_cipher, \
s_get_meth, \
ssl3_default_timeout, \
&SSLv3_enc_data, \
ssl_undefined_void_function, \
ssl3_callback_ctrl, \
ssl3_ctx_callback_ctrl, \
}; \
return &func_name##_data; \
}
#define IMPLEMENT_ssl23_meth_func(func_name, s_accept, s_connect, s_get_meth) \
SSL_METHOD *func_name(void) \
{ \
static SSL_METHOD func_name##_data= { \
TLS1_VERSION, \
tls1_new, \
tls1_clear, \
tls1_free, \
s_accept, \
s_connect, \
ssl23_read, \
ssl23_peek, \
ssl23_write, \
ssl_undefined_function, \
ssl_undefined_function, \
ssl_ok, \
ssl3_get_message, \
ssl3_read_bytes, \
ssl3_write_bytes, \
ssl3_dispatch_alert, \
ssl3_ctrl, \
ssl3_ctx_ctrl, \
ssl23_get_cipher_by_char, \
ssl23_put_cipher_by_char, \
ssl_undefined_const_function, \
ssl23_num_ciphers, \
ssl23_get_cipher, \
s_get_meth, \
ssl23_default_timeout, \
&ssl3_undef_enc_method, \
ssl_undefined_void_function, \
ssl3_callback_ctrl, \
ssl3_ctx_callback_ctrl, \
}; \
return &func_name##_data; \
}
#define IMPLEMENT_ssl2_meth_func(func_name, s_accept, s_connect, s_get_meth) \
SSL_METHOD *func_name(void) \
{ \
static SSL_METHOD func_name##_data= { \
SSL2_VERSION, \
ssl2_new, /* local */ \
ssl2_clear, /* local */ \
ssl2_free, /* local */ \
s_accept, \
s_connect, \
ssl2_read, \
ssl2_peek, \
ssl2_write, \
ssl2_shutdown, \
ssl_ok, /* NULL - renegotiate */ \
ssl_ok, /* NULL - check renegotiate */ \
NULL, /* NULL - ssl_get_message */ \
NULL, /* NULL - ssl_get_record */ \
NULL, /* NULL - ssl_write_bytes */ \
NULL, /* NULL - dispatch_alert */ \
ssl2_ctrl, /* local */ \
ssl2_ctx_ctrl, /* local */ \
ssl2_get_cipher_by_char, \
ssl2_put_cipher_by_char, \
ssl2_pending, \
ssl2_num_ciphers, \
ssl2_get_cipher, \
s_get_meth, \
ssl2_default_timeout, \
&ssl3_undef_enc_method, \
ssl_undefined_void_function, \
ssl2_callback_ctrl, /* local */ \
ssl2_ctx_callback_ctrl, /* local */ \
}; \
return &func_name##_data; \
}
#define IMPLEMENT_dtls1_meth_func(func_name, s_accept, s_connect, s_get_meth) \
SSL_METHOD *func_name(void) \
{ \
static SSL_METHOD func_name##_data= { \
DTLS1_VERSION, \
dtls1_new, \
dtls1_clear, \
dtls1_free, \
s_accept, \
s_connect, \
ssl3_read, \
ssl3_peek, \
ssl3_write, \
ssl3_shutdown, \
ssl3_renegotiate, \
ssl3_renegotiate_check, \
dtls1_get_message, \
dtls1_read_bytes, \
dtls1_write_app_data_bytes, \
dtls1_dispatch_alert, \
ssl3_ctrl, \
ssl3_ctx_ctrl, \
ssl3_get_cipher_by_char, \
ssl3_put_cipher_by_char, \
ssl3_pending, \
ssl3_num_ciphers, \
ssl3_get_cipher, \
s_get_meth, \
dtls1_default_timeout, \
&DTLSv1_enc_data, \
ssl_undefined_void_function, \
ssl3_callback_ctrl, \
ssl3_ctx_callback_ctrl, \
}; \
return &func_name##_data; \
}
void ssl_clear_cipher_ctx(SSL *s); void ssl_clear_cipher_ctx(SSL *s);
int ssl_clear_bad_session(SSL *s); int ssl_clear_bad_session(SSL *s);
CERT *ssl_cert_new(void); CERT *ssl_cert_new(void);
@ -578,6 +767,7 @@ long ssl2_ctx_ctrl(SSL_CTX *s,int cmd, long larg, void *parg);
long ssl2_callback_ctrl(SSL *s,int cmd, void (*fp)(void)); long ssl2_callback_ctrl(SSL *s,int cmd, void (*fp)(void));
long ssl2_ctx_callback_ctrl(SSL_CTX *s,int cmd, void (*fp)(void)); long ssl2_ctx_callback_ctrl(SSL_CTX *s,int cmd, void (*fp)(void));
int ssl2_pending(const SSL *s); int ssl2_pending(const SSL *s);
long ssl2_default_timeout(void );
SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p); SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p);
int ssl3_put_cipher_by_char(const SSL_CIPHER *c,unsigned char *p); int ssl3_put_cipher_by_char(const SSL_CIPHER *c,unsigned char *p);
@ -629,7 +819,18 @@ int ssl3_pending(const SSL *s);
void ssl3_record_sequence_update(unsigned char *seq); void ssl3_record_sequence_update(unsigned char *seq);
int ssl3_do_change_cipher_spec(SSL *ssl); int ssl3_do_change_cipher_spec(SSL *ssl);
long ssl3_default_timeout(void );
int ssl23_num_ciphers(void );
SSL_CIPHER *ssl23_get_cipher(unsigned int u);
int ssl23_read(SSL *s, void *buf, int len);
int ssl23_peek(SSL *s, void *buf, int len);
int ssl23_write(SSL *s, const void *buf, int len);
int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p);
SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p);
long ssl23_default_timeout(void );
long tls1_default_timeout(void);
int dtls1_do_write(SSL *s,int type); int dtls1_do_write(SSL *s,int type);
int ssl3_read_n(SSL *s, int n, int max, int extend); int ssl3_read_n(SSL *s, int n, int max, int extend);
int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek); int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek);
@ -640,6 +841,7 @@ int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
unsigned char *dtls1_set_message_header(SSL *s, unsigned char *dtls1_set_message_header(SSL *s,
unsigned char *p, unsigned char mt, unsigned long len, unsigned char *p, unsigned char mt, unsigned long len,
unsigned long frag_off, unsigned long frag_len); unsigned long frag_off, unsigned long frag_len);
int dtls1_write_app_data_bytes(SSL *s, int type, const void *buf, int len); int dtls1_write_app_data_bytes(SSL *s, int type, const void *buf, int len);
int dtls1_write_bytes(SSL *s, int type, const void *buf, int len); int dtls1_write_bytes(SSL *s, int type, const void *buf, int len);
@ -654,6 +856,7 @@ void dtls1_clear_record_buffer(SSL *s);
void dtls1_get_message_header(unsigned char *data, struct hm_header_st *msg_hdr); void dtls1_get_message_header(unsigned char *data, struct hm_header_st *msg_hdr);
void dtls1_get_ccs_header(unsigned char *data, struct ccs_header_st *ccs_hdr); void dtls1_get_ccs_header(unsigned char *data, struct ccs_header_st *ccs_hdr);
void dtls1_reset_seq_numbers(SSL *s, int rw); void dtls1_reset_seq_numbers(SSL *s, int rw);
long dtls1_default_timeout(void);
/* some client-only functions */ /* some client-only functions */

26
ssl/t1_clnt.c
View file

@ -72,26 +72,8 @@ static SSL_METHOD *tls1_get_client_method(int ver)
return(NULL); return(NULL);
} }
SSL_METHOD *TLSv1_client_method(void) IMPLEMENT_tls1_meth_func(TLSv1_client_method,
{ ssl_undefined_function,
static int init=1; ssl3_connect,
static SSL_METHOD TLSv1_client_data; tls1_get_client_method)
if (init)
{
CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
if (init)
{
memcpy((char *)&TLSv1_client_data,(char *)tlsv1_base_method(),
sizeof(SSL_METHOD));
TLSv1_client_data.ssl_connect=ssl3_connect;
TLSv1_client_data.get_ssl_method=tls1_get_client_method;
init=0;
}
CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
}
return(&TLSv1_client_data);
}

46
ssl/t1_lib.c
View file

@ -62,9 +62,7 @@
const char *tls1_version_str="TLSv1" OPENSSL_VERSION_PTEXT; const char *tls1_version_str="TLSv1" OPENSSL_VERSION_PTEXT;
static long tls1_default_timeout(void); SSL3_ENC_METHOD TLSv1_enc_data={
static SSL3_ENC_METHOD TLSv1_enc_data={
tls1_enc, tls1_enc,
tls1_mac, tls1_mac,
tls1_setup_key_block, tls1_setup_key_block,
@ -78,49 +76,17 @@ static SSL3_ENC_METHOD TLSv1_enc_data={
tls1_alert_code, tls1_alert_code,
}; };
static SSL_METHOD TLSv1_data= { long tls1_default_timeout(void)
TLS1_VERSION,
tls1_new,
tls1_clear,
tls1_free,
ssl_undefined_function,
ssl_undefined_function,
ssl3_read,
ssl3_peek,
ssl3_write,
ssl3_shutdown,
ssl3_renegotiate,
ssl3_renegotiate_check,
ssl3_get_message,
ssl3_read_bytes,
ssl3_write_bytes,
ssl3_dispatch_alert,
ssl3_ctrl,
ssl3_ctx_ctrl,
ssl3_get_cipher_by_char,
ssl3_put_cipher_by_char,
ssl3_pending,
ssl3_num_ciphers,
ssl3_get_cipher,
ssl_bad_method,
tls1_default_timeout,
&TLSv1_enc_data,
ssl_undefined_void_function,
ssl3_callback_ctrl,
ssl3_ctx_callback_ctrl,
};
static long tls1_default_timeout(void)
{ {
/* 2 hours, the 24 hours mentioned in the TLSv1 spec /* 2 hours, the 24 hours mentioned in the TLSv1 spec
* is way too long for http, the cache would over fill */ * is way too long for http, the cache would over fill */
return(60*60*2); return(60*60*2);
} }
SSL_METHOD *tlsv1_base_method(void) IMPLEMENT_tls1_meth_func(tlsv1_base_method,
{ ssl_undefined_function,
return(&TLSv1_data); ssl_undefined_function,
} ssl_bad_method)
int tls1_new(SSL *s) int tls1_new(SSL *s)
{ {

28
ssl/t1_meth.c
View file

@ -69,28 +69,8 @@ static SSL_METHOD *tls1_get_method(int ver)
return(NULL); return(NULL);
} }
SSL_METHOD *TLSv1_method(void) IMPLEMENT_tls1_meth_func(TLSv1_method,
{ ssl3_accept,
static int init=1; ssl3_connect,
static SSL_METHOD TLSv1_data; tls1_get_method)
if (init)
{
CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
if (init)
{
memcpy((char *)&TLSv1_data,(char *)tlsv1_base_method(),
sizeof(SSL_METHOD));
TLSv1_data.ssl_connect=ssl3_connect;
TLSv1_data.ssl_accept=ssl3_accept;
TLSv1_data.get_ssl_method=tls1_get_method;
init=0;
}
CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
}
return(&TLSv1_data);
}

26
ssl/t1_srvr.c
View file

@ -73,26 +73,8 @@ static SSL_METHOD *tls1_get_server_method(int ver)
return(NULL); return(NULL);
} }
SSL_METHOD *TLSv1_server_method(void) IMPLEMENT_tls1_meth_func(TLSv1_server_method,
{ ssl3_accept,
static int init=1; ssl_undefined_function,
static SSL_METHOD TLSv1_server_data; tls1_get_server_method)
if (init)
{
CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
if (init)
{
memcpy((char *)&TLSv1_server_data,(char *)tlsv1_base_method(),
sizeof(SSL_METHOD));
TLSv1_server_data.ssl_accept=ssl3_accept;
TLSv1_server_data.get_ssl_method=tls1_get_server_method;
init=0;
}
CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
}
return(&TLSv1_server_data);
}