Loading include/openssl/ssl.h +2 −1 Original line number Diff line number Diff line Loading @@ -2120,6 +2120,7 @@ int ERR_load_SSL_strings(void); # define SSL_F_SSL_CHECK_PRIVATE_KEY 163 # define SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT 280 # define SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG 279 # define SSL_F_SSL_CIPHER_LIST_TO_BYTES 425 # define SSL_F_SSL_CIPHER_PROCESS_RULESTR 230 # define SSL_F_SSL_CIPHER_STRENGTH_SORT 231 # define SSL_F_SSL_CLEAR 164 Loading Loading @@ -2456,9 +2457,9 @@ int ERR_load_SSL_strings(void); # define SSL_R_SSL_SECTION_NOT_FOUND 136 # define SSL_R_SSL_SESSION_ID_CALLBACK_FAILED 301 # define SSL_R_SSL_SESSION_ID_CONFLICT 302 # define SSL_R_SSL_SESSION_ID_TOO_LONG 408 # define SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG 273 # define SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH 303 # define SSL_R_SSL_SESSION_ID_TOO_LONG 408 # define SSL_R_SSL_SESSION_VERSION_MISMATCH 210 # define SSL_R_TLSV1_ALERT_ACCESS_DENIED 1049 # define SSL_R_TLSV1_ALERT_DECODE_ERROR 1050 Loading ssl/d1_lib.c +4 −0 Original line number Diff line number Diff line Loading @@ -44,6 +44,8 @@ const SSL3_ENC_METHOD DTLSv1_enc_data = { SSL_ENC_FLAG_DTLS | SSL_ENC_FLAG_EXPLICIT_IV, DTLS1_HM_HEADER_LENGTH, dtls1_set_handshake_header, dtls1_set_handshake_header2, dtls1_close_construct_packet, dtls1_handshake_write }; Loading @@ -63,6 +65,8 @@ const SSL3_ENC_METHOD DTLSv1_2_enc_data = { | SSL_ENC_FLAG_SHA256_PRF | SSL_ENC_FLAG_TLS1_2_CIPHERS, DTLS1_HM_HEADER_LENGTH, dtls1_set_handshake_header, dtls1_set_handshake_header2, dtls1_close_construct_packet, dtls1_handshake_write }; Loading ssl/d1_srtp.c +0 −43 Original line number Diff line number Diff line Loading @@ -136,49 +136,6 @@ SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s) return s->srtp_profile; } /* * Note: this function returns 0 length if there are no profiles specified */ int ssl_add_clienthello_use_srtp_ext(SSL *s, unsigned char *p, int *len, int maxlen) { int ct = 0; int i; STACK_OF(SRTP_PROTECTION_PROFILE) *clnt = 0; SRTP_PROTECTION_PROFILE *prof; clnt = SSL_get_srtp_profiles(s); ct = sk_SRTP_PROTECTION_PROFILE_num(clnt); /* -1 if clnt == 0 */ if (p) { if (ct == 0) { SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT, SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST); return 1; } if ((2 + ct * 2 + 1) > maxlen) { SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT, SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG); return 1; } /* Add the length */ s2n(ct * 2, p); for (i = 0; i < ct; i++) { prof = sk_SRTP_PROTECTION_PROFILE_value(clnt, i); s2n(prof->id, p); } /* Add an empty use_mki value */ *p++ = 0; } *len = 2 + ct * 2 + 1; return 0; } int ssl_parse_clienthello_use_srtp_ext(SSL *s, PACKET *pkt, int *al) { SRTP_PROTECTION_PROFILE *sprof; Loading ssl/s3_lib.c +39 −1 Original line number Diff line number Diff line Loading @@ -2751,6 +2751,8 @@ const SSL3_ENC_METHOD SSLv3_enc_data = { 0, SSL3_HM_HEADER_LENGTH, ssl3_set_handshake_header, ssl3_set_handshake_header2, tls_close_construct_packet, ssl3_handshake_write }; Loading Loading @@ -2787,6 +2789,22 @@ int ssl3_set_handshake_header(SSL *s, int htype, unsigned long len) return 1; } /* * Temporary name. To be renamed ssl3_set_handshake_header() once all PACKETW * conversion is complete. The old ssl3_set_handshake_heder() can be deleted * at that point. * TODO - RENAME ME */ int ssl3_set_handshake_header2(SSL *s, PACKETW *pkt, PACKETW *body, int htype) { /* Set the content type and 3 bytes for the message len */ if (!PACKETW_put_bytes(pkt, htype, 1) || !PACKETW_get_sub_packet_len(pkt, body, 3)) return 0; return 1; } int ssl3_handshake_write(SSL *s) { return ssl3_do_write(s, SSL3_RT_HANDSHAKE); Loading Loading @@ -3553,7 +3571,13 @@ const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p) return cp; } int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p) /* * Old version of the ssl3_put_cipher_by_char function used by code that has not * yet been converted to PACKETW yet. It will be deleted once PACKETW conversion * is complete. * TODO - DELETE ME */ int ssl3_put_cipher_by_char_old(const SSL_CIPHER *c, unsigned char *p) { long l; Loading @@ -3567,6 +3591,20 @@ int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p) return (2); } int ssl3_put_cipher_by_char(const SSL_CIPHER *c, PACKETW *pkt, size_t *len) { if ((c->id & 0xff000000) != 0x03000000) { *len = 0; return 1; } if (!PACKETW_put_bytes(pkt, c->id & 0xffff, 2)) return 0; *len = 2; return 1; } /* * ssl3_choose_cipher - choose a cipher from those offered by the client * @s: SSL connection Loading ssl/ssl_err.c +2 −2 Original line number Diff line number Diff line Loading @@ -107,6 +107,7 @@ static ERR_STRING_DATA SSL_str_functs[] = { "ssl_check_serverhello_tlsext"}, {ERR_FUNC(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG), "ssl_check_srvr_ecc_cert_and_alg"}, {ERR_FUNC(SSL_F_SSL_CIPHER_LIST_TO_BYTES), "ssl_cipher_list_to_bytes"}, {ERR_FUNC(SSL_F_SSL_CIPHER_PROCESS_RULESTR), "ssl_cipher_process_rulestr"}, {ERR_FUNC(SSL_F_SSL_CIPHER_STRENGTH_SORT), "ssl_cipher_strength_sort"}, Loading Loading @@ -567,10 +568,9 @@ static ERR_STRING_DATA SSL_str_reasons[] = { {ERR_REASON(SSL_R_SSL_SESSION_ID_CONFLICT), "ssl session id conflict"}, {ERR_REASON(SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG), "ssl session id context too long"}, {ERR_REASON(SSL_R_SSL_SESSION_ID_TOO_LONG), "ssl session id too long"}, {ERR_REASON(SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH), "ssl session id has bad length"}, {ERR_REASON(SSL_R_SSL_SESSION_ID_TOO_LONG), "ssl session id too long"}, {ERR_REASON(SSL_R_SSL_SESSION_VERSION_MISMATCH), "ssl session version mismatch"}, {ERR_REASON(SSL_R_TLSV1_ALERT_ACCESS_DENIED), Loading Loading
include/openssl/ssl.h +2 −1 Original line number Diff line number Diff line Loading @@ -2120,6 +2120,7 @@ int ERR_load_SSL_strings(void); # define SSL_F_SSL_CHECK_PRIVATE_KEY 163 # define SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT 280 # define SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG 279 # define SSL_F_SSL_CIPHER_LIST_TO_BYTES 425 # define SSL_F_SSL_CIPHER_PROCESS_RULESTR 230 # define SSL_F_SSL_CIPHER_STRENGTH_SORT 231 # define SSL_F_SSL_CLEAR 164 Loading Loading @@ -2456,9 +2457,9 @@ int ERR_load_SSL_strings(void); # define SSL_R_SSL_SECTION_NOT_FOUND 136 # define SSL_R_SSL_SESSION_ID_CALLBACK_FAILED 301 # define SSL_R_SSL_SESSION_ID_CONFLICT 302 # define SSL_R_SSL_SESSION_ID_TOO_LONG 408 # define SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG 273 # define SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH 303 # define SSL_R_SSL_SESSION_ID_TOO_LONG 408 # define SSL_R_SSL_SESSION_VERSION_MISMATCH 210 # define SSL_R_TLSV1_ALERT_ACCESS_DENIED 1049 # define SSL_R_TLSV1_ALERT_DECODE_ERROR 1050 Loading
ssl/d1_lib.c +4 −0 Original line number Diff line number Diff line Loading @@ -44,6 +44,8 @@ const SSL3_ENC_METHOD DTLSv1_enc_data = { SSL_ENC_FLAG_DTLS | SSL_ENC_FLAG_EXPLICIT_IV, DTLS1_HM_HEADER_LENGTH, dtls1_set_handshake_header, dtls1_set_handshake_header2, dtls1_close_construct_packet, dtls1_handshake_write }; Loading @@ -63,6 +65,8 @@ const SSL3_ENC_METHOD DTLSv1_2_enc_data = { | SSL_ENC_FLAG_SHA256_PRF | SSL_ENC_FLAG_TLS1_2_CIPHERS, DTLS1_HM_HEADER_LENGTH, dtls1_set_handshake_header, dtls1_set_handshake_header2, dtls1_close_construct_packet, dtls1_handshake_write }; Loading
ssl/d1_srtp.c +0 −43 Original line number Diff line number Diff line Loading @@ -136,49 +136,6 @@ SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s) return s->srtp_profile; } /* * Note: this function returns 0 length if there are no profiles specified */ int ssl_add_clienthello_use_srtp_ext(SSL *s, unsigned char *p, int *len, int maxlen) { int ct = 0; int i; STACK_OF(SRTP_PROTECTION_PROFILE) *clnt = 0; SRTP_PROTECTION_PROFILE *prof; clnt = SSL_get_srtp_profiles(s); ct = sk_SRTP_PROTECTION_PROFILE_num(clnt); /* -1 if clnt == 0 */ if (p) { if (ct == 0) { SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT, SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST); return 1; } if ((2 + ct * 2 + 1) > maxlen) { SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT, SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG); return 1; } /* Add the length */ s2n(ct * 2, p); for (i = 0; i < ct; i++) { prof = sk_SRTP_PROTECTION_PROFILE_value(clnt, i); s2n(prof->id, p); } /* Add an empty use_mki value */ *p++ = 0; } *len = 2 + ct * 2 + 1; return 0; } int ssl_parse_clienthello_use_srtp_ext(SSL *s, PACKET *pkt, int *al) { SRTP_PROTECTION_PROFILE *sprof; Loading
ssl/s3_lib.c +39 −1 Original line number Diff line number Diff line Loading @@ -2751,6 +2751,8 @@ const SSL3_ENC_METHOD SSLv3_enc_data = { 0, SSL3_HM_HEADER_LENGTH, ssl3_set_handshake_header, ssl3_set_handshake_header2, tls_close_construct_packet, ssl3_handshake_write }; Loading Loading @@ -2787,6 +2789,22 @@ int ssl3_set_handshake_header(SSL *s, int htype, unsigned long len) return 1; } /* * Temporary name. To be renamed ssl3_set_handshake_header() once all PACKETW * conversion is complete. The old ssl3_set_handshake_heder() can be deleted * at that point. * TODO - RENAME ME */ int ssl3_set_handshake_header2(SSL *s, PACKETW *pkt, PACKETW *body, int htype) { /* Set the content type and 3 bytes for the message len */ if (!PACKETW_put_bytes(pkt, htype, 1) || !PACKETW_get_sub_packet_len(pkt, body, 3)) return 0; return 1; } int ssl3_handshake_write(SSL *s) { return ssl3_do_write(s, SSL3_RT_HANDSHAKE); Loading Loading @@ -3553,7 +3571,13 @@ const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p) return cp; } int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p) /* * Old version of the ssl3_put_cipher_by_char function used by code that has not * yet been converted to PACKETW yet. It will be deleted once PACKETW conversion * is complete. * TODO - DELETE ME */ int ssl3_put_cipher_by_char_old(const SSL_CIPHER *c, unsigned char *p) { long l; Loading @@ -3567,6 +3591,20 @@ int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p) return (2); } int ssl3_put_cipher_by_char(const SSL_CIPHER *c, PACKETW *pkt, size_t *len) { if ((c->id & 0xff000000) != 0x03000000) { *len = 0; return 1; } if (!PACKETW_put_bytes(pkt, c->id & 0xffff, 2)) return 0; *len = 2; return 1; } /* * ssl3_choose_cipher - choose a cipher from those offered by the client * @s: SSL connection Loading
ssl/ssl_err.c +2 −2 Original line number Diff line number Diff line Loading @@ -107,6 +107,7 @@ static ERR_STRING_DATA SSL_str_functs[] = { "ssl_check_serverhello_tlsext"}, {ERR_FUNC(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG), "ssl_check_srvr_ecc_cert_and_alg"}, {ERR_FUNC(SSL_F_SSL_CIPHER_LIST_TO_BYTES), "ssl_cipher_list_to_bytes"}, {ERR_FUNC(SSL_F_SSL_CIPHER_PROCESS_RULESTR), "ssl_cipher_process_rulestr"}, {ERR_FUNC(SSL_F_SSL_CIPHER_STRENGTH_SORT), "ssl_cipher_strength_sort"}, Loading Loading @@ -567,10 +568,9 @@ static ERR_STRING_DATA SSL_str_reasons[] = { {ERR_REASON(SSL_R_SSL_SESSION_ID_CONFLICT), "ssl session id conflict"}, {ERR_REASON(SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG), "ssl session id context too long"}, {ERR_REASON(SSL_R_SSL_SESSION_ID_TOO_LONG), "ssl session id too long"}, {ERR_REASON(SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH), "ssl session id has bad length"}, {ERR_REASON(SSL_R_SSL_SESSION_ID_TOO_LONG), "ssl session id too long"}, {ERR_REASON(SSL_R_SSL_SESSION_VERSION_MISMATCH), "ssl session version mismatch"}, {ERR_REASON(SSL_R_TLSV1_ALERT_ACCESS_DENIED), Loading
Rich Salz <rsalz@openssl.org>Rich Salz <rsalz@openssl.org>