Loading CHANGES +3 −0 Original line number Diff line number Diff line Loading @@ -863,6 +863,9 @@ Changes between 0.9.8l (?) and 0.9.8m (?) [xx XXX xxxx] *) Add "missing" ssl ctrls to clear options and mode. [Steve Henson] *) If client attempts to renegotiate and doesn't support RI respond with a no_renegotiation alert as required by draft-ietf-tls-renegotiation. Some renegotiating TLS clients will continue a connection gracefully Loading ssl/ssl.h +12 −2 Original line number Diff line number Diff line Loading @@ -607,17 +607,25 @@ typedef struct ssl_session_st #define SSL_CTX_set_options(ctx,op) \ SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,(op),NULL) #define SSL_CTX_clear_options(ctx,op) \ SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_OPTIONS,(op),NULL) #define SSL_CTX_get_options(ctx) \ SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,0,NULL) #define SSL_set_options(ssl,op) \ SSL_ctrl((ssl),SSL_CTRL_OPTIONS,(op),NULL) #define SSL_clear_options(ssl,op) \ SSL_ctrl((ssl),SSL_CTRL_CLEAR_OPTIONS,(op),NULL) #define SSL_get_options(ssl) \ SSL_ctrl((ssl),SSL_CTRL_OPTIONS,0,NULL) #define SSL_CTX_set_mode(ctx,op) \ SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,(op),NULL) #define SSL_CTX_clear_mode(ctx,op) \ SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_MODE,(op),NULL) #define SSL_CTX_get_mode(ctx) \ SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,0,NULL) #define SSL_clear_mode(ssl,op) \ SSL_ctrl((ssl),SSL_CTRL_CLEAR_MODE,(op),NULL) #define SSL_set_mode(ssl,op) \ SSL_ctrl((ssl),SSL_CTRL_MODE,(op),NULL) #define SSL_get_mode(ssl) \ Loading Loading @@ -1376,8 +1384,6 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION) #define SSL_CTRL_SET_MAX_SEND_FRAGMENT 52 #define SSL_CTRL_GET_RI_SUPPORT 53 /* see tls1.h for macros based on these */ #ifndef OPENSSL_NO_TLSEXT #define SSL_CTRL_SET_TLSEXT_SERVERNAME_CB 53 Loading Loading @@ -1407,6 +1413,10 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION) #define DTLS_CTRL_HANDLE_TIMEOUT 74 #define DTLS_CTRL_LISTEN 75 #define SSL_CTRL_GET_RI_SUPPORT 76 #define SSL_CTRL_CLEAR_OPTIONS 77 #define SSL_CTRL_CLEAR_MODE 78 #define DTLSv1_get_timeout(ssl, arg) \ SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg) #define DTLSv1_handle_timeout(ssl) \ Loading ssl/ssl_lib.c +8 −0 Original line number Diff line number Diff line Loading @@ -1041,8 +1041,12 @@ long SSL_ctrl(SSL *s,int cmd,long larg,void *parg) case SSL_CTRL_OPTIONS: return(s->options|=larg); case SSL_CTRL_CLEAR_OPTIONS: return(s->options&=~larg); case SSL_CTRL_MODE: return(s->mode|=larg); case SSL_CTRL_CLEAR_MODE: return(s->mode &=~larg); case SSL_CTRL_GET_MAX_CERT_LIST: return(s->max_cert_list); case SSL_CTRL_SET_MAX_CERT_LIST: Loading Loading @@ -1152,8 +1156,12 @@ long SSL_CTX_ctrl(SSL_CTX *ctx,int cmd,long larg,void *parg) return(ctx->stats.sess_cache_full); case SSL_CTRL_OPTIONS: return(ctx->options|=larg); case SSL_CTRL_CLEAR_OPTIONS: return(ctx->options&=~larg); case SSL_CTRL_MODE: return(ctx->mode|=larg); case SSL_CTRL_CLEAR_MODE: return(ctx->mode&=~larg); case SSL_CTRL_SET_MAX_SEND_FRAGMENT: if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH) return 0; Loading Loading
CHANGES +3 −0 Original line number Diff line number Diff line Loading @@ -863,6 +863,9 @@ Changes between 0.9.8l (?) and 0.9.8m (?) [xx XXX xxxx] *) Add "missing" ssl ctrls to clear options and mode. [Steve Henson] *) If client attempts to renegotiate and doesn't support RI respond with a no_renegotiation alert as required by draft-ietf-tls-renegotiation. Some renegotiating TLS clients will continue a connection gracefully Loading
ssl/ssl.h +12 −2 Original line number Diff line number Diff line Loading @@ -607,17 +607,25 @@ typedef struct ssl_session_st #define SSL_CTX_set_options(ctx,op) \ SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,(op),NULL) #define SSL_CTX_clear_options(ctx,op) \ SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_OPTIONS,(op),NULL) #define SSL_CTX_get_options(ctx) \ SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,0,NULL) #define SSL_set_options(ssl,op) \ SSL_ctrl((ssl),SSL_CTRL_OPTIONS,(op),NULL) #define SSL_clear_options(ssl,op) \ SSL_ctrl((ssl),SSL_CTRL_CLEAR_OPTIONS,(op),NULL) #define SSL_get_options(ssl) \ SSL_ctrl((ssl),SSL_CTRL_OPTIONS,0,NULL) #define SSL_CTX_set_mode(ctx,op) \ SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,(op),NULL) #define SSL_CTX_clear_mode(ctx,op) \ SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_MODE,(op),NULL) #define SSL_CTX_get_mode(ctx) \ SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,0,NULL) #define SSL_clear_mode(ssl,op) \ SSL_ctrl((ssl),SSL_CTRL_CLEAR_MODE,(op),NULL) #define SSL_set_mode(ssl,op) \ SSL_ctrl((ssl),SSL_CTRL_MODE,(op),NULL) #define SSL_get_mode(ssl) \ Loading Loading @@ -1376,8 +1384,6 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION) #define SSL_CTRL_SET_MAX_SEND_FRAGMENT 52 #define SSL_CTRL_GET_RI_SUPPORT 53 /* see tls1.h for macros based on these */ #ifndef OPENSSL_NO_TLSEXT #define SSL_CTRL_SET_TLSEXT_SERVERNAME_CB 53 Loading Loading @@ -1407,6 +1413,10 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION) #define DTLS_CTRL_HANDLE_TIMEOUT 74 #define DTLS_CTRL_LISTEN 75 #define SSL_CTRL_GET_RI_SUPPORT 76 #define SSL_CTRL_CLEAR_OPTIONS 77 #define SSL_CTRL_CLEAR_MODE 78 #define DTLSv1_get_timeout(ssl, arg) \ SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg) #define DTLSv1_handle_timeout(ssl) \ Loading
ssl/ssl_lib.c +8 −0 Original line number Diff line number Diff line Loading @@ -1041,8 +1041,12 @@ long SSL_ctrl(SSL *s,int cmd,long larg,void *parg) case SSL_CTRL_OPTIONS: return(s->options|=larg); case SSL_CTRL_CLEAR_OPTIONS: return(s->options&=~larg); case SSL_CTRL_MODE: return(s->mode|=larg); case SSL_CTRL_CLEAR_MODE: return(s->mode &=~larg); case SSL_CTRL_GET_MAX_CERT_LIST: return(s->max_cert_list); case SSL_CTRL_SET_MAX_CERT_LIST: Loading Loading @@ -1152,8 +1156,12 @@ long SSL_CTX_ctrl(SSL_CTX *ctx,int cmd,long larg,void *parg) return(ctx->stats.sess_cache_full); case SSL_CTRL_OPTIONS: return(ctx->options|=larg); case SSL_CTRL_CLEAR_OPTIONS: return(ctx->options&=~larg); case SSL_CTRL_MODE: return(ctx->mode|=larg); case SSL_CTRL_CLEAR_MODE: return(ctx->mode&=~larg); case SSL_CTRL_SET_MAX_SEND_FRAGMENT: if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH) return 0; Loading
