0, /* client_finished_label_len */
NULL, /* server_finished_label */
0, /* server_finished_label_len */
- (int (*)(int))ssl_undefined_function
+ (int (*)(int))ssl_undefined_function,
+ (int (*)(SSL *, unsigned char *, size_t, const char *,
+ size_t, const unsigned char *, size_t,
+ int use_context)) ssl_undefined_function,
};
int SSL_clear(SSL *s)
OPENSSL_free(s->next_proto_negotiated);
#endif
+#ifndef OPENSSL_NO_SRTP
if (s->srtp_profiles)
sk_SRTP_PROTECTION_PROFILE_free(s->srtp_profiles);
+#endif
OPENSSL_free(s);
}
s->max_cert_list=larg;
return(l);
case SSL_CTRL_SET_MTU:
+#ifndef OPENSSL_NO_DTLS1
if (larg < (long)dtls1_min_mtu())
return 0;
+#endif
if (SSL_version(s) == DTLS1_VERSION ||
SSL_version(s) == DTLS1_BAD_VER)
# endif
#endif
+int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
+ const char *label, size_t llen, const unsigned char *p, size_t plen,
+ int use_context)
+ {
+ if (s->version < TLS1_VERSION)
+ return -1;
+
+ return s->method->ssl3_enc->export_keying_material(s, out, olen, label,
+ llen, p, plen,
+ use_context);
+ }
+
static unsigned long ssl_session_hash(const SSL_SESSION *a)
{
unsigned long l;
CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ret, &ret->ex_data);
ret->extra_certs=NULL;
- ret->comp_methods=SSL_COMP_get_compression_methods();
+ /* No compression for DTLS */
+ if (meth->version != DTLS1_VERSION)
+ ret->comp_methods=SSL_COMP_get_compression_methods();
ret->max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH;
a->comp_methods = NULL;
#endif
+#ifndef OPENSSL_NO_SRTP
if (a->srtp_profiles)
sk_SRTP_PROTECTION_PROFILE_free(a->srtp_profiles);
+#endif
#ifndef OPENSSL_NO_PSK
if (a->psk_identity_hint)
#endif
/* THIS NEEDS CLEANING UP */
-X509 *ssl_get_server_send_cert(SSL *s)
+CERT_PKEY *ssl_get_server_send_pkey(const SSL *s)
{
unsigned long alg_k,alg_a;
CERT *c;
i=SSL_PKEY_GOST01;
else /* if (alg_a & SSL_aNULL) */
{
- SSLerr(SSL_F_SSL_GET_SERVER_SEND_CERT,ERR_R_INTERNAL_ERROR);
+ SSLerr(SSL_F_SSL_GET_SERVER_SEND_PKEY,ERR_R_INTERNAL_ERROR);
return(NULL);
}
- if (c->pkeys[i].x509 == NULL) return(NULL);
- return(c->pkeys[i].x509);
+ return c->pkeys + i;
+ }
+
+X509 *ssl_get_server_send_cert(const SSL *s)
+ {
+ CERT_PKEY *cpk;
+ cpk = ssl_get_server_send_pkey(s);
+ if (!cpk)
+ return NULL;
+ return cpk->x509;
}
EVP_PKEY *ssl_get_sign_pkey(SSL *s,const SSL_CIPHER *cipher, const EVP_MD **pmd)
return("TLSv1.2");
else if (s->version == TLS1_1_VERSION)
return("TLSv1.1");
- if (s->version == TLS1_VERSION)
+ else if (s->version == TLS1_VERSION)
return("TLSv1");
else if (s->version == SSL3_VERSION)
return("SSLv3");
projects / oweals / openssl.git / blobdiff