Loading apps/s_cb.c +0 −13 Original line number Diff line number Diff line Loading @@ -285,19 +285,6 @@ int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key, return 1; } typedef struct { X509 *cert; EVP_PKEY *key; STACK_OF(X509) *chain; struct ssl_excert_st *next; } SSL_EXCERT; static int set_cert_cb(SSL *ssl, void *arg) { return 1; } int ssl_print_sigalgs(BIO *out, SSL *s) { int i, nsig; Loading ssl/s3_clnt.c +0 −7 Original line number Diff line number Diff line Loading @@ -3161,13 +3161,6 @@ int ssl3_send_client_certificate(SSL *s) if (s->state == SSL3_ST_CW_CERT_A) { /* Let cert callback update client certificates if required */ if (s->cert->cert_cb && s->cert->cert_cb(s, s->cert->cert_cb_arg) <= 0) { ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_INTERNAL_ERROR); return 0; } if (ssl3_check_client_certificate(s)) s->state=SSL3_ST_CW_CERT_C; else Loading ssl/s3_srvr.c +0 −8 Original line number Diff line number Diff line Loading @@ -1341,14 +1341,6 @@ int ssl3_get_client_hello(SSL *s) SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_CIPHERS_PASSED); goto f_err; } /* Let cert callback update server certificates if required */ if (s->cert->cert_cb && s->cert->cert_cb(s, s->cert->cert_cb_arg) <= 0) { al=SSL_AD_INTERNAL_ERROR; SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_CERT_CB_ERROR); goto f_err; } ciphers=NULL; c=ssl3_choose_cipher(s,s->session->ciphers, SSL_get_ciphers(s)); Loading ssl/ssl.h +0 −4 Original line number Diff line number Diff line Loading @@ -1759,7 +1759,6 @@ int (*SSL_get_verify_callback(const SSL *s))(int,X509_STORE_CTX *); void SSL_set_verify(SSL *s, int mode, int (*callback)(int ok,X509_STORE_CTX *ctx)); void SSL_set_verify_depth(SSL *s, int depth); void SSL_set_cert_cb(SSL *s, int (*cb)(SSL *ssl, void *arg), void *arg); #ifndef OPENSSL_NO_RSA int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa); #endif Loading Loading @@ -1838,7 +1837,6 @@ void SSL_CTX_set_verify(SSL_CTX *ctx,int mode, int (*callback)(int, X509_STORE_CTX *)); void SSL_CTX_set_verify_depth(SSL_CTX *ctx,int depth); void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, int (*cb)(X509_STORE_CTX *,void *), void *arg); void SSL_CTX_set_cert_cb(SSL_CTX *c, int (*cb)(SSL *ssl, void *arg), void *arg); #ifndef OPENSSL_NO_RSA int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa); #endif Loading Loading @@ -1894,7 +1892,6 @@ char *SSL_get_srp_username(SSL *s); char *SSL_get_srp_userinfo(SSL *s); #endif void SSL_certs_clear(SSL *s); void SSL_free(SSL *ssl); int SSL_accept(SSL *ssl); int SSL_connect(SSL *ssl); Loading Loading @@ -2390,7 +2387,6 @@ void ERR_load_SSL_strings(void); #define SSL_R_CA_DN_TOO_LONG 132 #define SSL_R_CCS_RECEIVED_EARLY 133 #define SSL_R_CERTIFICATE_VERIFY_FAILED 134 #define SSL_R_CERT_CB_ERROR 371 #define SSL_R_CERT_LENGTH_MISMATCH 135 #define SSL_R_CHALLENGE_IS_DIFFERENT 136 #define SSL_R_CIPHER_CODE_WRONG_LENGTH 137 Loading ssl/ssl_cert.c +25 −37 Original line number Diff line number Diff line Loading @@ -345,9 +345,6 @@ CERT *ssl_cert_dup(CERT *cert) ret->sigalgs = NULL; ret->sigalgslen = 0; ret->cert_cb = cert->cert_cb; ret->cert_cb_arg = cert->cert_cb_arg; return(ret); #if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_ECDH) Loading @@ -366,37 +363,22 @@ err: EC_KEY_free(ret->ecdh_tmp); #endif ssl_cert_clear_certs(ret); return NULL; } /* Free up and clear all certificates and chains */ void ssl_cert_clear_certs(CERT *c) { int i; for (i = 0; i < SSL_PKEY_NUM; i++) { CERT_PKEY *cpk = c->pkeys + i; if (cpk->x509) { X509_free(cpk->x509); cpk->x509 = NULL; } if (cpk->privatekey) { EVP_PKEY_free(cpk->privatekey); cpk->privatekey = NULL; } if (cpk->chain) { sk_X509_pop_free(cpk->chain, X509_free); cpk->chain = NULL; } CERT_PKEY *rpk = ret->pkeys + i; if (rpk->x509 != NULL) X509_free(rpk->x509); if (rpk->privatekey != NULL) EVP_PKEY_free(rpk->privatekey); if (rpk->chain) sk_X509_pop_free(rpk->chain, X509_free); } return NULL; } void ssl_cert_free(CERT *c) { int i; Loading Loading @@ -427,8 +409,20 @@ void ssl_cert_free(CERT *c) if (c->ecdh_tmp) EC_KEY_free(c->ecdh_tmp); #endif ssl_cert_clear_certs(c); for (i=0; i<SSL_PKEY_NUM; i++) { CERT_PKEY *cpk = c->pkeys + i; if (cpk->x509 != NULL) X509_free(cpk->x509); if (cpk->privatekey != NULL) EVP_PKEY_free(cpk->privatekey); if (cpk->chain) sk_X509_pop_free(cpk->chain, X509_free); #if 0 if (c->pkeys[i].publickey != NULL) EVP_PKEY_free(c->pkeys[i].publickey); #endif } if (c->sigalgs) OPENSSL_free(c->sigalgs); OPENSSL_free(c); Loading Loading @@ -516,12 +510,6 @@ int ssl_cert_add1_chain_cert(CERT *c, X509 *x) return 1; } void ssl_cert_set_cert_cb(CERT *c, int (*cb)(SSL *ssl, void *arg), void *arg) { c->cert_cb = cb; c->cert_cb_arg = arg; } SESS_CERT *ssl_sess_cert_new(void) { SESS_CERT *ret; Loading Loading
apps/s_cb.c +0 −13 Original line number Diff line number Diff line Loading @@ -285,19 +285,6 @@ int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key, return 1; } typedef struct { X509 *cert; EVP_PKEY *key; STACK_OF(X509) *chain; struct ssl_excert_st *next; } SSL_EXCERT; static int set_cert_cb(SSL *ssl, void *arg) { return 1; } int ssl_print_sigalgs(BIO *out, SSL *s) { int i, nsig; Loading
ssl/s3_clnt.c +0 −7 Original line number Diff line number Diff line Loading @@ -3161,13 +3161,6 @@ int ssl3_send_client_certificate(SSL *s) if (s->state == SSL3_ST_CW_CERT_A) { /* Let cert callback update client certificates if required */ if (s->cert->cert_cb && s->cert->cert_cb(s, s->cert->cert_cb_arg) <= 0) { ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_INTERNAL_ERROR); return 0; } if (ssl3_check_client_certificate(s)) s->state=SSL3_ST_CW_CERT_C; else Loading
ssl/s3_srvr.c +0 −8 Original line number Diff line number Diff line Loading @@ -1341,14 +1341,6 @@ int ssl3_get_client_hello(SSL *s) SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_CIPHERS_PASSED); goto f_err; } /* Let cert callback update server certificates if required */ if (s->cert->cert_cb && s->cert->cert_cb(s, s->cert->cert_cb_arg) <= 0) { al=SSL_AD_INTERNAL_ERROR; SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_CERT_CB_ERROR); goto f_err; } ciphers=NULL; c=ssl3_choose_cipher(s,s->session->ciphers, SSL_get_ciphers(s)); Loading
ssl/ssl.h +0 −4 Original line number Diff line number Diff line Loading @@ -1759,7 +1759,6 @@ int (*SSL_get_verify_callback(const SSL *s))(int,X509_STORE_CTX *); void SSL_set_verify(SSL *s, int mode, int (*callback)(int ok,X509_STORE_CTX *ctx)); void SSL_set_verify_depth(SSL *s, int depth); void SSL_set_cert_cb(SSL *s, int (*cb)(SSL *ssl, void *arg), void *arg); #ifndef OPENSSL_NO_RSA int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa); #endif Loading Loading @@ -1838,7 +1837,6 @@ void SSL_CTX_set_verify(SSL_CTX *ctx,int mode, int (*callback)(int, X509_STORE_CTX *)); void SSL_CTX_set_verify_depth(SSL_CTX *ctx,int depth); void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, int (*cb)(X509_STORE_CTX *,void *), void *arg); void SSL_CTX_set_cert_cb(SSL_CTX *c, int (*cb)(SSL *ssl, void *arg), void *arg); #ifndef OPENSSL_NO_RSA int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa); #endif Loading Loading @@ -1894,7 +1892,6 @@ char *SSL_get_srp_username(SSL *s); char *SSL_get_srp_userinfo(SSL *s); #endif void SSL_certs_clear(SSL *s); void SSL_free(SSL *ssl); int SSL_accept(SSL *ssl); int SSL_connect(SSL *ssl); Loading Loading @@ -2390,7 +2387,6 @@ void ERR_load_SSL_strings(void); #define SSL_R_CA_DN_TOO_LONG 132 #define SSL_R_CCS_RECEIVED_EARLY 133 #define SSL_R_CERTIFICATE_VERIFY_FAILED 134 #define SSL_R_CERT_CB_ERROR 371 #define SSL_R_CERT_LENGTH_MISMATCH 135 #define SSL_R_CHALLENGE_IS_DIFFERENT 136 #define SSL_R_CIPHER_CODE_WRONG_LENGTH 137 Loading
ssl/ssl_cert.c +25 −37 Original line number Diff line number Diff line Loading @@ -345,9 +345,6 @@ CERT *ssl_cert_dup(CERT *cert) ret->sigalgs = NULL; ret->sigalgslen = 0; ret->cert_cb = cert->cert_cb; ret->cert_cb_arg = cert->cert_cb_arg; return(ret); #if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_ECDH) Loading @@ -366,37 +363,22 @@ err: EC_KEY_free(ret->ecdh_tmp); #endif ssl_cert_clear_certs(ret); return NULL; } /* Free up and clear all certificates and chains */ void ssl_cert_clear_certs(CERT *c) { int i; for (i = 0; i < SSL_PKEY_NUM; i++) { CERT_PKEY *cpk = c->pkeys + i; if (cpk->x509) { X509_free(cpk->x509); cpk->x509 = NULL; } if (cpk->privatekey) { EVP_PKEY_free(cpk->privatekey); cpk->privatekey = NULL; } if (cpk->chain) { sk_X509_pop_free(cpk->chain, X509_free); cpk->chain = NULL; } CERT_PKEY *rpk = ret->pkeys + i; if (rpk->x509 != NULL) X509_free(rpk->x509); if (rpk->privatekey != NULL) EVP_PKEY_free(rpk->privatekey); if (rpk->chain) sk_X509_pop_free(rpk->chain, X509_free); } return NULL; } void ssl_cert_free(CERT *c) { int i; Loading Loading @@ -427,8 +409,20 @@ void ssl_cert_free(CERT *c) if (c->ecdh_tmp) EC_KEY_free(c->ecdh_tmp); #endif ssl_cert_clear_certs(c); for (i=0; i<SSL_PKEY_NUM; i++) { CERT_PKEY *cpk = c->pkeys + i; if (cpk->x509 != NULL) X509_free(cpk->x509); if (cpk->privatekey != NULL) EVP_PKEY_free(cpk->privatekey); if (cpk->chain) sk_X509_pop_free(cpk->chain, X509_free); #if 0 if (c->pkeys[i].publickey != NULL) EVP_PKEY_free(c->pkeys[i].publickey); #endif } if (c->sigalgs) OPENSSL_free(c->sigalgs); OPENSSL_free(c); Loading Loading @@ -516,12 +510,6 @@ int ssl_cert_add1_chain_cert(CERT *c, X509 *x) return 1; } void ssl_cert_set_cert_cb(CERT *c, int (*cb)(SSL *ssl, void *arg), void *arg) { c->cert_cb = cb; c->cert_cb_arg = arg; } SESS_CERT *ssl_sess_cert_new(void) { SESS_CERT *ret; Loading
