Loading CHANGES +4 −0 Original line number Diff line number Diff line Loading @@ -4,6 +4,10 @@ Changes between 1.0.1 and 1.0.2 [xx XXX xxxx] *) New ctrl and macro to retrieve supported points extensions. Print out extension in s_server. [Steve Henson] *) New functions to retrieve certificate signature and signature OID NID. [Steve Henson] Loading apps/s_apps.h +1 −0 Original line number Diff line number Diff line Loading @@ -161,6 +161,7 @@ int set_cert_key_and_authz(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key, unsigned char *authz, size_t authz_length); # endif int ssl_print_sigalgs(BIO *out, SSL *s); int ssl_print_point_formats(BIO *out, SSL *s); int ssl_print_curves(BIO *out, SSL *s); #endif int ssl_print_tmp_key(BIO *out, SSL *s); Loading apps/s_cb.c +39 −0 Original line number Diff line number Diff line Loading @@ -419,6 +419,45 @@ int ssl_print_sigalgs(BIO *out, SSL *s) return 1; } int ssl_print_point_formats(BIO *out, SSL *s) { int i, nformats; const char *pformats; nformats = SSL_get0_ec_point_formats(s, &pformats); if (nformats <= 0) return 1; BIO_puts(out, "Supported Elliptic Curve Point Formats: "); for (i = 0; i < nformats; i++, pformats++) { if (i) BIO_puts(out, ":"); switch(*pformats) { case TLSEXT_ECPOINTFORMAT_uncompressed: BIO_puts(out, "uncompressed"); break; case TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime: BIO_puts(out, "ansiX962_compressed_prime"); break; case TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2: BIO_puts(out, "ansiX962_compressed_char2"); break; default: BIO_printf(out, "unknown(%d)", (int)*pformats); break; } } if (nformats <= 0) BIO_puts(out, "NONE"); BIO_puts(out, "\n"); return 1; } int ssl_print_curves(BIO *out, SSL *s) { int i, ncurves, *curves, nid; Loading ssl/s3_lib.c +13 −0 Original line number Diff line number Diff line Loading @@ -3514,6 +3514,19 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) return 0; } case SSL_CTRL_GET_EC_POINT_FORMATS: if (!s->server) return 0; else { SSL_SESSION *sess = s->session; const unsigned char **pformat = parg; if (!sess || !sess->tlsext_ecpointformatlist) return 0; *pformat = sess->tlsext_ecpointformatlist; return (int)sess->tlsext_ecpointformatlist_length; } default: break; } Loading ssl/ssl.h +4 −0 Original line number Diff line number Diff line Loading @@ -1700,6 +1700,7 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION) #define SSL_CTRL_GET_PEER_SIGNATURE_NID 108 #define SSL_CTRL_GET_SERVER_TMP_KEY 109 #define SSL_CTRL_GET_RAW_CIPHERLIST 110 #define SSL_CTRL_GET_EC_POINT_FORMATS 111 #define DTLSv1_get_timeout(ssl, arg) \ SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg) Loading Loading @@ -1833,6 +1834,9 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION) #define SSL_get0_raw_cipherlist(s, plst) \ SSL_ctrl(s,SSL_CTRL_GET_RAW_CIPHERLIST,0,plst) #define SSL_get0_ec_point_formats(s, plst) \ SSL_ctrl(s,SSL_CTRL_GET_EC_POINT_FORMATS,0,plst) #ifndef OPENSSL_NO_BIO BIO_METHOD *BIO_f_ssl(void); BIO *BIO_new_ssl(SSL_CTX *ctx,int client); Loading Loading
CHANGES +4 −0 Original line number Diff line number Diff line Loading @@ -4,6 +4,10 @@ Changes between 1.0.1 and 1.0.2 [xx XXX xxxx] *) New ctrl and macro to retrieve supported points extensions. Print out extension in s_server. [Steve Henson] *) New functions to retrieve certificate signature and signature OID NID. [Steve Henson] Loading
apps/s_apps.h +1 −0 Original line number Diff line number Diff line Loading @@ -161,6 +161,7 @@ int set_cert_key_and_authz(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key, unsigned char *authz, size_t authz_length); # endif int ssl_print_sigalgs(BIO *out, SSL *s); int ssl_print_point_formats(BIO *out, SSL *s); int ssl_print_curves(BIO *out, SSL *s); #endif int ssl_print_tmp_key(BIO *out, SSL *s); Loading
apps/s_cb.c +39 −0 Original line number Diff line number Diff line Loading @@ -419,6 +419,45 @@ int ssl_print_sigalgs(BIO *out, SSL *s) return 1; } int ssl_print_point_formats(BIO *out, SSL *s) { int i, nformats; const char *pformats; nformats = SSL_get0_ec_point_formats(s, &pformats); if (nformats <= 0) return 1; BIO_puts(out, "Supported Elliptic Curve Point Formats: "); for (i = 0; i < nformats; i++, pformats++) { if (i) BIO_puts(out, ":"); switch(*pformats) { case TLSEXT_ECPOINTFORMAT_uncompressed: BIO_puts(out, "uncompressed"); break; case TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime: BIO_puts(out, "ansiX962_compressed_prime"); break; case TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2: BIO_puts(out, "ansiX962_compressed_char2"); break; default: BIO_printf(out, "unknown(%d)", (int)*pformats); break; } } if (nformats <= 0) BIO_puts(out, "NONE"); BIO_puts(out, "\n"); return 1; } int ssl_print_curves(BIO *out, SSL *s) { int i, ncurves, *curves, nid; Loading
ssl/s3_lib.c +13 −0 Original line number Diff line number Diff line Loading @@ -3514,6 +3514,19 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) return 0; } case SSL_CTRL_GET_EC_POINT_FORMATS: if (!s->server) return 0; else { SSL_SESSION *sess = s->session; const unsigned char **pformat = parg; if (!sess || !sess->tlsext_ecpointformatlist) return 0; *pformat = sess->tlsext_ecpointformatlist; return (int)sess->tlsext_ecpointformatlist_length; } default: break; } Loading
ssl/ssl.h +4 −0 Original line number Diff line number Diff line Loading @@ -1700,6 +1700,7 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION) #define SSL_CTRL_GET_PEER_SIGNATURE_NID 108 #define SSL_CTRL_GET_SERVER_TMP_KEY 109 #define SSL_CTRL_GET_RAW_CIPHERLIST 110 #define SSL_CTRL_GET_EC_POINT_FORMATS 111 #define DTLSv1_get_timeout(ssl, arg) \ SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg) Loading Loading @@ -1833,6 +1834,9 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION) #define SSL_get0_raw_cipherlist(s, plst) \ SSL_ctrl(s,SSL_CTRL_GET_RAW_CIPHERLIST,0,plst) #define SSL_get0_ec_point_formats(s, plst) \ SSL_ctrl(s,SSL_CTRL_GET_EC_POINT_FORMATS,0,plst) #ifndef OPENSSL_NO_BIO BIO_METHOD *BIO_f_ssl(void); BIO *BIO_new_ssl(SSL_CTX *ctx,int client); Loading
