Add per-SSL 'msg_callback' with 'msg_callback_arg'.

 * [including the GNU Public Licence.]

 */

/* ====================================================================

 * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.

 * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.

 *

 * Redistribution and use in source and binary forms, with or without

 * modification, are permitted provided that the following conditions

 * [including the GNU Public Licence.]

 */

/* ====================================================================

 * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.

 * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.

 *

 * Redistribution and use in source and binary forms, with or without

 * modification, are permitted provided that the following conditions

 * copied and put under another distribution licence

 * [including the GNU Public Licence.]

 */

/* ====================================================================

 * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.

 *

 * Redistribution and use in source and binary forms, with or without

 * modification, are permitted provided that the following conditions

 * are met:

 *

 * 1. Redistributions of source code must retain the above copyright

 *    notice, this list of conditions and the following disclaimer. 

 *

 * 2. Redistributions in binary form must reproduce the above copyright

 *    notice, this list of conditions and the following disclaimer in

 *    the documentation and/or other materials provided with the

 *    distribution.

 *

 * 3. All advertising materials mentioning features or use of this

 *    software must display the following acknowledgment:

 *    "This product includes software developed by the OpenSSL Project

 *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"

 *

 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to

 *    endorse or promote products derived from this software without

 *    prior written permission. For written permission, please contact

 *    openssl-core@openssl.org.

 *

 * 5. Products derived from this software may not be called "OpenSSL"

 *    nor may "OpenSSL" appear in their names without prior written

 *    permission of the OpenSSL Project.

 *

 * 6. Redistributions of any form whatsoever must retain the following

 *    acknowledgment:

 *    "This product includes software developed by the OpenSSL Project

 *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"

 *

 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY

 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR

 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR

 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,

 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT

 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;

 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,

 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)

 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED

 * OF THE POSSIBILITY OF SUCH DAMAGE.

 * ====================================================================

 *

 * This product includes cryptographic software written by Eric Young

 * (eay@cryptsoft.com).  This product includes software written by Tim

 * Hudson (tjh@cryptsoft.com).

 *

 */

#ifndef HEADER_SSL_H 

#define HEADER_SSL_H 

struct ssl_ctx_st

	{

	SSL_METHOD *method;

	unsigned long options;

	unsigned long mode;

	long max_cert_list;

	STACK_OF(SSL_CIPHER) *cipher_list;

	/* same as above but sorted for lookup */

	void (*remove_session_cb)(struct ssl_ctx_st *ctx,SSL_SESSION *sess);

	SSL_SESSION *(*get_session_cb)(struct ssl_st *ssl,

		unsigned char *data,int len,int *copy);

	struct

		{

		int sess_connect;	/* SSL new conn - started */

	int references;

/**/	void (*info_callback)();

	/* if defined, these override the X509_verify_cert() calls */

/**/	int (*app_verify_callback)();

/**/	char *app_verify_arg; /* never used; should be void * */

	/* default values to use in SSL structures */

/**/	struct cert_st /* CERT */ *cert;

/**/	int read_ahead;

/**/	int verify_mode;

/**/	int verify_depth;

/**/	unsigned int sid_ctx_length;

/**/	unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];

/**/	int (*default_verify_callback)(int ok,X509_STORE_CTX *ctx);

	int purpose;		/* Purpose setting */

	int trust;		/* Trust setting */

	/* Default generate session ID callback. */

	GEN_SESSION_CB generate_session_id;

	int (*app_verify_callback)();

	char *app_verify_arg; /* never used; should be void * */

	/* Default password callback. */

/**/	pem_password_cb *default_passwd_callback;

	pem_password_cb *default_passwd_callback;

	/* Default password callback user data. */

/**/	void *default_passwd_callback_userdata;

	void *default_passwd_callback_userdata;

	/* get client cert callback */

/**/	int (*client_cert_cb)(/* SSL *ssl, X509 **x509, EVP_PKEY **pkey */);

	/* what we put in client cert requests */

	STACK_OF(X509_NAME) *client_CA;

/**/	int quiet_shutdown;

	int (*client_cert_cb)(/* SSL *ssl, X509 **x509, EVP_PKEY **pkey */);

	CRYPTO_EX_DATA ex_data;

	STACK_OF(X509) *extra_certs;

	STACK_OF(SSL_COMP) *comp_methods; /* stack of SSL_COMP, SSLv3/TLSv1 */

	/* Default values used when no per-SSL value is defined follow */

	void (*info_callback)(); /* used if SSL's info_callback is NULL */

	/* what we put in client cert requests */

	STACK_OF(X509_NAME) *client_CA;

	/* Default values to use in SSL structures follow (these are copied by SSL_new) */

	unsigned long options;

	unsigned long mode;

	long max_cert_list;

	struct cert_st /* CERT */ *cert;

	int read_ahead;

	/* callback that allows applications to peek at protocol messages */

	void (*msg_callback)(int write, int version, int content_type, size_t len, const char *buf, SSL *ssl, void *arg);

	void *msg_callback_arg;

	int verify_mode;

	int verify_depth;

	unsigned int sid_ctx_length;

	unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];

	int (*default_verify_callback)(int ok,X509_STORE_CTX *ctx); /* called 'verify_callback' in the SSL */

	/* Default generate session ID callback. */

	GEN_SESSION_CB generate_session_id;

	int purpose;		/* Purpose setting */

	int trust;		/* Trust setting */

	int quiet_shutdown;

	};

#define SSL_SESS_CACHE_OFF			0x0000

	int read_ahead;		/* Read as many input bytes as possible

	               	 	 * (for non-blocking reads) */

	/* callback that allows applications to peek at protocol messages */

	void (*msg_callback)(int write, int version, int content_type, size_t len, const char *buf, SSL *ssl, void *arg);

	void *msg_callback_arg;

	int hit;		/* reusing a previous session */

	int purpose;		/* Purpose setting */

				 * 1 fail if verify fails */

	int verify_depth;

	int (*verify_callback)(int ok,X509_STORE_CTX *ctx); /* fail if callback returns 0 */

	void (*info_callback)(); /* optional informational callback */

	int error;		/* error bytes to be written */

#define SSL_CTRL_SET_TMP_DH			3

#define SSL_CTRL_SET_TMP_RSA_CB			4

#define SSL_CTRL_SET_TMP_DH_CB			5

/* Add these ones */

#define SSL_CTRL_GET_SESSION_REUSED		6

#define SSL_CTRL_GET_CLIENT_CERT_REQUEST	7

#define SSL_CTRL_GET_NUM_RENEGOTIATIONS		8

#define SSL_CTRL_GET_FLAGS			11

#define SSL_CTRL_EXTRA_CHAIN_CERT		12

#define SSL_CTRL_SET_MSG_CALLBACK               13

#define SSL_CTRL_SET_MSG_CALLBACK_ARG           14

/* Stats */

#define SSL_CTRL_SESS_NUMBER			20

#define SSL_CTRL_SESS_CONNECT			21

 * copied and put under another distribution licence

 * [including the GNU Public Licence.]

 */

/* ====================================================================

 * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.

 *

 * Redistribution and use in source and binary forms, with or without

 * modification, are permitted provided that the following conditions

 * are met:

 *

 * 1. Redistributions of source code must retain the above copyright

 *    notice, this list of conditions and the following disclaimer. 

 *

 * 2. Redistributions in binary form must reproduce the above copyright

 *    notice, this list of conditions and the following disclaimer in

 *    the documentation and/or other materials provided with the

 *    distribution.

 *

 * 3. All advertising materials mentioning features or use of this

 *    software must display the following acknowledgment:

 *    "This product includes software developed by the OpenSSL Project

 *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"

 *

 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to

 *    endorse or promote products derived from this software without

 *    prior written permission. For written permission, please contact

 *    openssl-core@openssl.org.

 *

 * 5. Products derived from this software may not be called "OpenSSL"

 *    nor may "OpenSSL" appear in their names without prior written

 *    permission of the OpenSSL Project.

 *

 * 6. Redistributions of any form whatsoever must retain the following

 *    acknowledgment:

 *    "This product includes software developed by the OpenSSL Project

 *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"

 *

 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY

 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR

 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR

 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,

 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT

 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;

 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,

 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)

 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED

 * OF THE POSSIBILITY OF SUCH DAMAGE.

 * ====================================================================

 *

 * This product includes cryptographic software written by Eric Young

 * (eay@cryptsoft.com).  This product includes software written by Tim

 * Hudson (tjh@cryptsoft.com).

 *

 */

#ifdef REF_CHECK

	s->kssl_ctx = kssl_ctx_new();

#endif	/* OPENSSL_NO_KRB5 */

	s->options=ctx->options;

	s->mode=ctx->mode;

	s->max_cert_list=ctx->max_cert_list;

	if (ctx->cert != NULL)

		{

		/* Earlier library versions used to copy the pointer to

		}

	else

		s->cert=NULL; /* Cannot really happen (see SSL_CTX_new) */

	s->sid_ctx_length=ctx->sid_ctx_length;

	memcpy(&s->sid_ctx,&ctx->sid_ctx,sizeof(s->sid_ctx));

	s->read_ahead=ctx->read_ahead;

	s->msg_callback=ctx->msg_callback;

	s->msg_callback_arg=ctx->msg_callback_arg;

	s->verify_mode=ctx->verify_mode;

	s->verify_depth=ctx->verify_depth;

	s->sid_ctx_length=ctx->sid_ctx_length;

	memcpy(&s->sid_ctx,&ctx->sid_ctx,sizeof(s->sid_ctx));

	s->verify_callback=ctx->default_verify_callback;

	s->generate_session_id=ctx->generate_session_id;

	s->purpose = ctx->purpose;

	s->trust = ctx->trust;

	s->quiet_shutdown=ctx->quiet_shutdown;

	CRYPTO_add(&ctx->references,1,CRYPTO_LOCK_SSL_CTX);

	s->ctx=ctx;

	if (!s->method->ssl_new(s))

		goto err;

	s->quiet_shutdown=ctx->quiet_shutdown;

	s->references=1;

	s->server=(ctx->method->ssl_accept == ssl_undefined_function)?0:1;

	s->options=ctx->options;

	s->mode=ctx->mode;

	s->max_cert_list=ctx->max_cert_list;

	s->read_ahead=ctx->read_ahead; /* used to happen in SSL_clear */

	SSL_clear(s);

	CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);

		l=s->read_ahead;

		s->read_ahead=larg;

		return(l);

	case SSL_CTRL_SET_MSG_CALLBACK_ARG:

		s->msg_callback_arg = parg;

		return 1;

	case SSL_CTRL_OPTIONS:

		return(s->options|=larg);

	case SSL_CTRL_MODE:

	{

	switch(cmd)

		{

	case SSL_CTRL_SET_MSG_CALLBACK:

		s->msg_callback = (void (*)(int write, int version, int content_type, size_t len, const char *buf, SSL *ssl, void *arg))(fp);

		return 1;

	default:

		return(s->method->ssl_callback_ctrl(s,cmd,fp));

		}

		l=ctx->read_ahead;

		ctx->read_ahead=larg;

		return(l);

	case SSL_CTRL_SET_MSG_CALLBACK_ARG:

		ctx->msg_callback_arg = parg;

		return 1;

	case SSL_CTRL_GET_MAX_CERT_LIST:

		return(ctx->max_cert_list);

	case SSL_CTRL_SET_MAX_CERT_LIST:

	{

	switch(cmd)

		{

	case SSL_CTRL_SET_MSG_CALLBACK:

		ctx->msg_callback = (void (*)(int write, int version, int content_type, size_t len, const char *buf, SSL *ssl, void *arg))(fp);

		return 1;

	default:

		return(ctx->method->ssl_ctx_callback_ctrl(ctx,cmd,fp));

		}

	/* We take the system default */

	ret->session_timeout=meth->get_timeout();

	ret->new_session_cb=NULL;

	ret->remove_session_cb=NULL;

	ret->get_session_cb=NULL;

	ret->generate_session_id=NULL;

	ret->new_session_cb=0;

	ret->remove_session_cb=0;

	ret->get_session_cb=0;

	ret->generate_session_id=0;

	memset((char *)&ret->stats,0,sizeof(ret->stats));

	ret->key_arg=NULL;

	ret->s2->conn_id=NULL; */

	ret->info_callback=NULL;

	ret->info_callback=0;

	ret->app_verify_callback=NULL;

	ret->app_verify_callback=0;

	ret->app_verify_arg=NULL;

	ret->max_cert_list=SSL_MAX_CERT_LIST_DEFAULT;

	ret->read_ahead=0;

	ret->msg_callback=0;

	ret->msg_callback_arg=NULL;

	ret->verify_mode=SSL_VERIFY_NONE;

	ret->verify_depth=-1; /* Don't impose a limit (but x509_lu.c does) */

	ret->sid_ctx_length=0;

	ret->default_verify_callback=NULL;

	if ((ret->cert=ssl_cert_new()) == NULL)

		goto err;

	ret->default_passwd_callback=NULL;

	ret->default_passwd_callback=0;

	ret->default_passwd_callback_userdata=NULL;

	ret->client_cert_cb=NULL;

	ret->client_cert_cb=0;

	ret->sessions=lh_new(LHASH_HASH_FN(SSL_SESSION_hash),

			LHASH_COMP_FN(SSL_SESSION_cmp));

	if ((ret=SSL_new(SSL_get_SSL_CTX(s))) == NULL)

	    return(NULL);

	ret->version = s->version;

	ret->type = s->type;

	ret->method = s->method;

	if (s->session != NULL)

		{

		/* This copies session-id, SSL_METHOD, sid_ctx, and 'cert' */

			s->sid_ctx, s->sid_ctx_length);

		}

	ret->options=s->options;

	ret->mode=s->mode;

	SSL_set_max_cert_list(ret,SSL_get_max_cert_list(s));

	SSL_set_read_ahead(ret,SSL_get_read_ahead(s));

	ret->msg_callback = s->msg_callback;

	ret->msg_callback_arg = s->msg_callback_arg;

	SSL_set_verify(ret,SSL_get_verify_mode(s),

		SSL_get_verify_callback(s));

	SSL_set_verify_depth(ret,SSL_get_verify_depth(s));

	ret->generate_session_id = s->generate_session_id;

	SSL_set_info_callback(ret,SSL_get_info_callback(s));

	ret->debug=s->debug;

	ret->options=s->options;

	/* copy app data, a little dangerous perhaps */

	if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL, &ret->ex_data, &s->ex_data))

		else

			ret->wbio=ret->rbio;

		}

	ret->rwstate = s->rwstate;

	ret->in_handshake = s->in_handshake;

	ret->handshake_func = s->handshake_func;

	ret->server = s->server;

	ret->new_session = s->new_session;

	ret->quiet_shutdown = s->quiet_shutdown;

	ret->shutdown=s->shutdown;

	ret->state=s->state; /* SSL_dup does not really work at any state, though */

	ret->rstate=s->rstate;

	ret->init_num = 0; /* would have to copy ret->init_buf, ret->init_msg, ret->init_num, ret->init_off */

	ret->hit=s->hit;

	ret->purpose=s->purpose;

	ret->trust=s->trust;

	/* dup the cipher_list and cipher_list_by_id stacks */

	if (s->cipher_list != NULL)

			}

		}

	ret->shutdown=s->shutdown;

	ret->state=s->state;

	ret->handshake_func=s->handshake_func;

	ret->server=s->server;

	if (0)

		{

err: