1 /* $OpenBSD: ssl_methods.c,v 1.2 2019/02/14 17:50:07 jsing Exp $ */ 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 59 #include "ssl_locl.h" 60 #include "tls13_internal.h" 61 62 static const SSL_METHOD_INTERNAL DTLSv1_client_method_internal_data = { 63 .version = DTLS1_VERSION, 64 .min_version = DTLS1_VERSION, 65 .max_version = DTLS1_VERSION, 66 .ssl_new = dtls1_new, 67 .ssl_clear = dtls1_clear, 68 .ssl_free = dtls1_free, 69 .ssl_accept = ssl_undefined_function, 70 .ssl_connect = ssl3_connect, 71 .get_ssl_method = dtls1_get_client_method, 72 .get_timeout = dtls1_default_timeout, 73 .ssl_version = ssl_undefined_void_function, 74 .ssl_renegotiate = ssl3_renegotiate, 75 .ssl_renegotiate_check = ssl3_renegotiate_check, 76 .ssl_get_message = dtls1_get_message, 77 .ssl_read_bytes = dtls1_read_bytes, 78 .ssl_write_bytes = dtls1_write_app_data_bytes, 79 .ssl3_enc = &DTLSv1_enc_data, 80 }; 81 82 static const SSL_METHOD DTLSv1_client_method_data = { 83 .ssl_dispatch_alert = dtls1_dispatch_alert, 84 .num_ciphers = ssl3_num_ciphers, 85 .get_cipher = dtls1_get_cipher, 86 .get_cipher_by_char = ssl3_get_cipher_by_char, 87 .put_cipher_by_char = ssl3_put_cipher_by_char, 88 .internal = &DTLSv1_client_method_internal_data, 89 }; 90 91 const SSL_METHOD * 92 DTLSv1_client_method(void) 93 { 94 return &DTLSv1_client_method_data; 95 } 96 97 const SSL_METHOD * 98 dtls1_get_client_method(int ver) 99 { 100 if (ver == DTLS1_VERSION) 101 return (DTLSv1_client_method()); 102 return (NULL); 103 } 104 105 static const SSL_METHOD *dtls1_get_method(int ver); 106 107 static const SSL_METHOD_INTERNAL DTLSv1_method_internal_data = { 108 .version = DTLS1_VERSION, 109 .min_version = DTLS1_VERSION, 110 .max_version = DTLS1_VERSION, 111 .ssl_new = dtls1_new, 112 .ssl_clear = dtls1_clear, 113 .ssl_free = dtls1_free, 114 .ssl_accept = ssl3_accept, 115 .ssl_connect = ssl3_connect, 116 .get_ssl_method = dtls1_get_method, 117 .get_timeout = dtls1_default_timeout, 118 .ssl_version = ssl_undefined_void_function, 119 .ssl_renegotiate = ssl3_renegotiate, 120 .ssl_renegotiate_check = ssl3_renegotiate_check, 121 .ssl_get_message = dtls1_get_message, 122 .ssl_read_bytes = dtls1_read_bytes, 123 .ssl_write_bytes = dtls1_write_app_data_bytes, 124 .ssl3_enc = &DTLSv1_enc_data, 125 }; 126 127 static const SSL_METHOD DTLSv1_method_data = { 128 .ssl_dispatch_alert = dtls1_dispatch_alert, 129 .num_ciphers = ssl3_num_ciphers, 130 .get_cipher = dtls1_get_cipher, 131 .get_cipher_by_char = ssl3_get_cipher_by_char, 132 .put_cipher_by_char = ssl3_put_cipher_by_char, 133 .internal = &DTLSv1_method_internal_data, 134 }; 135 136 const SSL_METHOD * 137 DTLSv1_method(void) 138 { 139 return &DTLSv1_method_data; 140 } 141 142 static const SSL_METHOD * 143 dtls1_get_method(int ver) 144 { 145 if (ver == DTLS1_VERSION) 146 return (DTLSv1_method()); 147 return (NULL); 148 } 149 150 static const SSL_METHOD_INTERNAL DTLSv1_server_method_internal_data = { 151 .version = DTLS1_VERSION, 152 .min_version = DTLS1_VERSION, 153 .max_version = DTLS1_VERSION, 154 .ssl_new = dtls1_new, 155 .ssl_clear = dtls1_clear, 156 .ssl_free = dtls1_free, 157 .ssl_accept = ssl3_accept, 158 .ssl_connect = ssl_undefined_function, 159 .get_ssl_method = dtls1_get_server_method, 160 .get_timeout = dtls1_default_timeout, 161 .ssl_version = ssl_undefined_void_function, 162 .ssl_renegotiate = ssl3_renegotiate, 163 .ssl_renegotiate_check = ssl3_renegotiate_check, 164 .ssl_get_message = dtls1_get_message, 165 .ssl_read_bytes = dtls1_read_bytes, 166 .ssl_write_bytes = dtls1_write_app_data_bytes, 167 .ssl3_enc = &DTLSv1_enc_data, 168 }; 169 170 static const SSL_METHOD DTLSv1_server_method_data = { 171 .ssl_dispatch_alert = dtls1_dispatch_alert, 172 .num_ciphers = ssl3_num_ciphers, 173 .get_cipher = dtls1_get_cipher, 174 .get_cipher_by_char = ssl3_get_cipher_by_char, 175 .put_cipher_by_char = ssl3_put_cipher_by_char, 176 .internal = &DTLSv1_server_method_internal_data, 177 }; 178 179 const SSL_METHOD * 180 DTLSv1_server_method(void) 181 { 182 return &DTLSv1_server_method_data; 183 } 184 185 const SSL_METHOD * 186 dtls1_get_server_method(int ver) 187 { 188 if (ver == DTLS1_VERSION) 189 return (DTLSv1_server_method()); 190 return (NULL); 191 } 192 193 #ifdef LIBRESSL_HAS_TLS13 194 static const SSL_METHOD_INTERNAL TLS_client_method_internal_data = { 195 .version = TLS1_3_VERSION, 196 .min_version = TLS1_VERSION, 197 .max_version = TLS1_3_VERSION, 198 .ssl_new = tls1_new, 199 .ssl_clear = tls1_clear, 200 .ssl_free = tls1_free, 201 .ssl_accept = ssl_undefined_function, 202 .ssl_connect = tls13_legacy_connect, 203 .get_ssl_method = tls1_get_client_method, 204 .get_timeout = tls1_default_timeout, 205 .ssl_version = ssl_undefined_void_function, 206 .ssl_renegotiate = ssl_undefined_function, 207 .ssl_renegotiate_check = ssl_ok, 208 .ssl_get_message = ssl3_get_message, 209 .ssl_read_bytes = tls13_legacy_read_bytes, 210 .ssl_write_bytes = tls13_legacy_write_bytes, 211 .ssl3_enc = &TLSv1_2_enc_data, 212 }; 213 214 static const SSL_METHOD TLS_client_method_data = { 215 .ssl_dispatch_alert = ssl3_dispatch_alert, 216 .num_ciphers = ssl3_num_ciphers, 217 .get_cipher = ssl3_get_cipher, 218 .get_cipher_by_char = ssl3_get_cipher_by_char, 219 .put_cipher_by_char = ssl3_put_cipher_by_char, 220 .internal = &TLS_client_method_internal_data, 221 }; 222 #endif 223 224 static const SSL_METHOD_INTERNAL TLS_legacy_client_method_internal_data = { 225 .version = TLS1_2_VERSION, 226 .min_version = TLS1_VERSION, 227 .max_version = TLS1_2_VERSION, 228 .ssl_new = tls1_new, 229 .ssl_clear = tls1_clear, 230 .ssl_free = tls1_free, 231 .ssl_accept = ssl_undefined_function, 232 .ssl_connect = ssl3_connect, 233 .get_ssl_method = tls1_get_client_method, 234 .get_timeout = tls1_default_timeout, 235 .ssl_version = ssl_undefined_void_function, 236 .ssl_renegotiate = ssl_undefined_function, 237 .ssl_renegotiate_check = ssl_ok, 238 .ssl_get_message = ssl3_get_message, 239 .ssl_read_bytes = ssl3_read_bytes, 240 .ssl_write_bytes = ssl3_write_bytes, 241 .ssl3_enc = &TLSv1_2_enc_data, 242 }; 243 244 static const SSL_METHOD TLS_legacy_client_method_data = { 245 .ssl_dispatch_alert = ssl3_dispatch_alert, 246 .num_ciphers = ssl3_num_ciphers, 247 .get_cipher = ssl3_get_cipher, 248 .get_cipher_by_char = ssl3_get_cipher_by_char, 249 .put_cipher_by_char = ssl3_put_cipher_by_char, 250 .internal = &TLS_legacy_client_method_internal_data, 251 }; 252 253 static const SSL_METHOD_INTERNAL TLSv1_client_method_internal_data = { 254 .version = TLS1_VERSION, 255 .min_version = TLS1_VERSION, 256 .max_version = TLS1_VERSION, 257 .ssl_new = tls1_new, 258 .ssl_clear = tls1_clear, 259 .ssl_free = tls1_free, 260 .ssl_accept = ssl_undefined_function, 261 .ssl_connect = ssl3_connect, 262 .get_ssl_method = tls1_get_client_method, 263 .get_timeout = tls1_default_timeout, 264 .ssl_version = ssl_undefined_void_function, 265 .ssl_renegotiate = ssl3_renegotiate, 266 .ssl_renegotiate_check = ssl3_renegotiate_check, 267 .ssl_get_message = ssl3_get_message, 268 .ssl_read_bytes = ssl3_read_bytes, 269 .ssl_write_bytes = ssl3_write_bytes, 270 .ssl3_enc = &TLSv1_enc_data, 271 }; 272 273 static const SSL_METHOD TLSv1_client_method_data = { 274 .ssl_dispatch_alert = ssl3_dispatch_alert, 275 .num_ciphers = ssl3_num_ciphers, 276 .get_cipher = ssl3_get_cipher, 277 .get_cipher_by_char = ssl3_get_cipher_by_char, 278 .put_cipher_by_char = ssl3_put_cipher_by_char, 279 .internal = &TLSv1_client_method_internal_data, 280 }; 281 282 static const SSL_METHOD_INTERNAL TLSv1_1_client_method_internal_data = { 283 .version = TLS1_1_VERSION, 284 .min_version = TLS1_1_VERSION, 285 .max_version = TLS1_1_VERSION, 286 .ssl_new = tls1_new, 287 .ssl_clear = tls1_clear, 288 .ssl_free = tls1_free, 289 .ssl_accept = ssl_undefined_function, 290 .ssl_connect = ssl3_connect, 291 .get_ssl_method = tls1_get_client_method, 292 .get_timeout = tls1_default_timeout, 293 .ssl_version = ssl_undefined_void_function, 294 .ssl_renegotiate = ssl3_renegotiate, 295 .ssl_renegotiate_check = ssl3_renegotiate_check, 296 .ssl_get_message = ssl3_get_message, 297 .ssl_read_bytes = ssl3_read_bytes, 298 .ssl_write_bytes = ssl3_write_bytes, 299 .ssl3_enc = &TLSv1_1_enc_data, 300 }; 301 302 static const SSL_METHOD TLSv1_1_client_method_data = { 303 .ssl_dispatch_alert = ssl3_dispatch_alert, 304 .num_ciphers = ssl3_num_ciphers, 305 .get_cipher = ssl3_get_cipher, 306 .get_cipher_by_char = ssl3_get_cipher_by_char, 307 .put_cipher_by_char = ssl3_put_cipher_by_char, 308 .internal = &TLSv1_1_client_method_internal_data, 309 }; 310 311 static const SSL_METHOD_INTERNAL TLSv1_2_client_method_internal_data = { 312 .version = TLS1_2_VERSION, 313 .min_version = TLS1_2_VERSION, 314 .max_version = TLS1_2_VERSION, 315 .ssl_new = tls1_new, 316 .ssl_clear = tls1_clear, 317 .ssl_free = tls1_free, 318 .ssl_accept = ssl_undefined_function, 319 .ssl_connect = ssl3_connect, 320 .get_ssl_method = tls1_get_client_method, 321 .get_timeout = tls1_default_timeout, 322 .ssl_version = ssl_undefined_void_function, 323 .ssl_renegotiate = ssl3_renegotiate, 324 .ssl_renegotiate_check = ssl3_renegotiate_check, 325 .ssl_get_message = ssl3_get_message, 326 .ssl_read_bytes = ssl3_read_bytes, 327 .ssl_write_bytes = ssl3_write_bytes, 328 .ssl3_enc = &TLSv1_2_enc_data, 329 }; 330 331 static const SSL_METHOD TLSv1_2_client_method_data = { 332 .ssl_dispatch_alert = ssl3_dispatch_alert, 333 .num_ciphers = ssl3_num_ciphers, 334 .get_cipher = ssl3_get_cipher, 335 .get_cipher_by_char = ssl3_get_cipher_by_char, 336 .put_cipher_by_char = ssl3_put_cipher_by_char, 337 .internal = &TLSv1_2_client_method_internal_data, 338 }; 339 340 const SSL_METHOD * 341 tls1_get_client_method(int ver) 342 { 343 if (ver == TLS1_2_VERSION) 344 return (TLSv1_2_client_method()); 345 if (ver == TLS1_1_VERSION) 346 return (TLSv1_1_client_method()); 347 if (ver == TLS1_VERSION) 348 return (TLSv1_client_method()); 349 return (NULL); 350 } 351 352 const SSL_METHOD * 353 SSLv23_client_method(void) 354 { 355 return (TLS_client_method()); 356 } 357 358 const SSL_METHOD * 359 TLS_client_method(void) 360 { 361 #ifdef LIBRESSL_HAS_TLS13 362 return (&TLS_client_method_data); 363 #else 364 return tls_legacy_client_method(); 365 #endif 366 } 367 368 const SSL_METHOD * 369 tls_legacy_client_method(void) 370 { 371 return (&TLS_legacy_client_method_data); 372 } 373 374 const SSL_METHOD * 375 TLSv1_client_method(void) 376 { 377 return (&TLSv1_client_method_data); 378 } 379 380 const SSL_METHOD * 381 TLSv1_1_client_method(void) 382 { 383 return (&TLSv1_1_client_method_data); 384 } 385 386 const SSL_METHOD * 387 TLSv1_2_client_method(void) 388 { 389 return (&TLSv1_2_client_method_data); 390 } 391 392 static const SSL_METHOD *tls1_get_method(int ver); 393 394 static const SSL_METHOD_INTERNAL TLS_method_internal_data = { 395 .version = TLS1_2_VERSION, 396 .min_version = TLS1_VERSION, 397 .max_version = TLS1_2_VERSION, 398 .ssl_new = tls1_new, 399 .ssl_clear = tls1_clear, 400 .ssl_free = tls1_free, 401 .ssl_accept = ssl3_accept, 402 .ssl_connect = ssl3_connect, 403 .get_ssl_method = tls1_get_method, 404 .get_timeout = tls1_default_timeout, 405 .ssl_version = ssl_undefined_void_function, 406 .ssl_renegotiate = ssl_undefined_function, 407 .ssl_renegotiate_check = ssl_ok, 408 .ssl_get_message = ssl3_get_message, 409 .ssl_read_bytes = ssl3_read_bytes, 410 .ssl_write_bytes = ssl3_write_bytes, 411 .ssl3_enc = &TLSv1_2_enc_data, 412 }; 413 414 static const SSL_METHOD TLS_method_data = { 415 .ssl_dispatch_alert = ssl3_dispatch_alert, 416 .num_ciphers = ssl3_num_ciphers, 417 .get_cipher = ssl3_get_cipher, 418 .get_cipher_by_char = ssl3_get_cipher_by_char, 419 .put_cipher_by_char = ssl3_put_cipher_by_char, 420 .internal = &TLS_method_internal_data, 421 }; 422 423 static const SSL_METHOD_INTERNAL TLSv1_method_internal_data = { 424 .version = TLS1_VERSION, 425 .min_version = TLS1_VERSION, 426 .max_version = TLS1_VERSION, 427 .ssl_new = tls1_new, 428 .ssl_clear = tls1_clear, 429 .ssl_free = tls1_free, 430 .ssl_accept = ssl3_accept, 431 .ssl_connect = ssl3_connect, 432 .get_ssl_method = tls1_get_method, 433 .get_timeout = tls1_default_timeout, 434 .ssl_version = ssl_undefined_void_function, 435 .ssl_renegotiate = ssl3_renegotiate, 436 .ssl_renegotiate_check = ssl3_renegotiate_check, 437 .ssl_get_message = ssl3_get_message, 438 .ssl_read_bytes = ssl3_read_bytes, 439 .ssl_write_bytes = ssl3_write_bytes, 440 .ssl3_enc = &TLSv1_enc_data, 441 }; 442 443 static const SSL_METHOD TLSv1_method_data = { 444 .ssl_dispatch_alert = ssl3_dispatch_alert, 445 .num_ciphers = ssl3_num_ciphers, 446 .get_cipher = ssl3_get_cipher, 447 .get_cipher_by_char = ssl3_get_cipher_by_char, 448 .put_cipher_by_char = ssl3_put_cipher_by_char, 449 .internal = &TLSv1_method_internal_data, 450 }; 451 452 static const SSL_METHOD_INTERNAL TLSv1_1_method_internal_data = { 453 .version = TLS1_1_VERSION, 454 .min_version = TLS1_1_VERSION, 455 .max_version = TLS1_1_VERSION, 456 .ssl_new = tls1_new, 457 .ssl_clear = tls1_clear, 458 .ssl_free = tls1_free, 459 .ssl_accept = ssl3_accept, 460 .ssl_connect = ssl3_connect, 461 .get_ssl_method = tls1_get_method, 462 .get_timeout = tls1_default_timeout, 463 .ssl_version = ssl_undefined_void_function, 464 .ssl_renegotiate = ssl3_renegotiate, 465 .ssl_renegotiate_check = ssl3_renegotiate_check, 466 .ssl_get_message = ssl3_get_message, 467 .ssl_read_bytes = ssl3_read_bytes, 468 .ssl_write_bytes = ssl3_write_bytes, 469 .ssl3_enc = &TLSv1_1_enc_data, 470 }; 471 472 static const SSL_METHOD TLSv1_1_method_data = { 473 .ssl_dispatch_alert = ssl3_dispatch_alert, 474 .num_ciphers = ssl3_num_ciphers, 475 .get_cipher = ssl3_get_cipher, 476 .get_cipher_by_char = ssl3_get_cipher_by_char, 477 .put_cipher_by_char = ssl3_put_cipher_by_char, 478 .internal = &TLSv1_1_method_internal_data, 479 }; 480 481 static const SSL_METHOD_INTERNAL TLSv1_2_method_internal_data = { 482 .version = TLS1_2_VERSION, 483 .min_version = TLS1_2_VERSION, 484 .max_version = TLS1_2_VERSION, 485 .ssl_new = tls1_new, 486 .ssl_clear = tls1_clear, 487 .ssl_free = tls1_free, 488 .ssl_accept = ssl3_accept, 489 .ssl_connect = ssl3_connect, 490 .get_ssl_method = tls1_get_method, 491 .get_timeout = tls1_default_timeout, 492 .ssl_version = ssl_undefined_void_function, 493 .ssl_renegotiate = ssl3_renegotiate, 494 .ssl_renegotiate_check = ssl3_renegotiate_check, 495 .ssl_get_message = ssl3_get_message, 496 .ssl_read_bytes = ssl3_read_bytes, 497 .ssl_write_bytes = ssl3_write_bytes, 498 .ssl3_enc = &TLSv1_2_enc_data, 499 }; 500 501 static const SSL_METHOD TLSv1_2_method_data = { 502 .ssl_dispatch_alert = ssl3_dispatch_alert, 503 .num_ciphers = ssl3_num_ciphers, 504 .get_cipher = ssl3_get_cipher, 505 .get_cipher_by_char = ssl3_get_cipher_by_char, 506 .put_cipher_by_char = ssl3_put_cipher_by_char, 507 .internal = &TLSv1_2_method_internal_data, 508 }; 509 510 static const SSL_METHOD * 511 tls1_get_method(int ver) 512 { 513 if (ver == TLS1_2_VERSION) 514 return (TLSv1_2_method()); 515 if (ver == TLS1_1_VERSION) 516 return (TLSv1_1_method()); 517 if (ver == TLS1_VERSION) 518 return (TLSv1_method()); 519 return (NULL); 520 } 521 522 const SSL_METHOD * 523 SSLv23_method(void) 524 { 525 return (TLS_method()); 526 } 527 528 const SSL_METHOD * 529 TLS_method(void) 530 { 531 return &TLS_method_data; 532 } 533 534 const SSL_METHOD * 535 TLSv1_method(void) 536 { 537 return (&TLSv1_method_data); 538 } 539 540 const SSL_METHOD * 541 TLSv1_1_method(void) 542 { 543 return (&TLSv1_1_method_data); 544 } 545 546 const SSL_METHOD * 547 TLSv1_2_method(void) 548 { 549 return (&TLSv1_2_method_data); 550 } 551 552 static const SSL_METHOD_INTERNAL TLS_server_method_internal_data = { 553 .version = TLS1_2_VERSION, 554 .min_version = TLS1_VERSION, 555 .max_version = TLS1_2_VERSION, 556 .ssl_new = tls1_new, 557 .ssl_clear = tls1_clear, 558 .ssl_free = tls1_free, 559 .ssl_accept = ssl3_accept, 560 .ssl_connect = ssl_undefined_function, 561 .get_ssl_method = tls1_get_server_method, 562 .get_timeout = tls1_default_timeout, 563 .ssl_version = ssl_undefined_void_function, 564 .ssl_renegotiate = ssl_undefined_function, 565 .ssl_renegotiate_check = ssl_ok, 566 .ssl_get_message = ssl3_get_message, 567 .ssl_read_bytes = ssl3_read_bytes, 568 .ssl_write_bytes = ssl3_write_bytes, 569 .ssl3_enc = &TLSv1_2_enc_data, 570 }; 571 572 static const SSL_METHOD TLS_server_method_data = { 573 .ssl_dispatch_alert = ssl3_dispatch_alert, 574 .num_ciphers = ssl3_num_ciphers, 575 .get_cipher = ssl3_get_cipher, 576 .get_cipher_by_char = ssl3_get_cipher_by_char, 577 .put_cipher_by_char = ssl3_put_cipher_by_char, 578 .internal = &TLS_server_method_internal_data, 579 }; 580 581 static const SSL_METHOD_INTERNAL TLSv1_server_method_internal_data = { 582 .version = TLS1_VERSION, 583 .min_version = TLS1_VERSION, 584 .max_version = TLS1_VERSION, 585 .ssl_new = tls1_new, 586 .ssl_clear = tls1_clear, 587 .ssl_free = tls1_free, 588 .ssl_accept = ssl3_accept, 589 .ssl_connect = ssl_undefined_function, 590 .get_ssl_method = tls1_get_server_method, 591 .get_timeout = tls1_default_timeout, 592 .ssl_version = ssl_undefined_void_function, 593 .ssl_renegotiate = ssl3_renegotiate, 594 .ssl_renegotiate_check = ssl3_renegotiate_check, 595 .ssl_get_message = ssl3_get_message, 596 .ssl_read_bytes = ssl3_read_bytes, 597 .ssl_write_bytes = ssl3_write_bytes, 598 .ssl3_enc = &TLSv1_enc_data, 599 }; 600 601 static const SSL_METHOD TLSv1_server_method_data = { 602 .ssl_dispatch_alert = ssl3_dispatch_alert, 603 .num_ciphers = ssl3_num_ciphers, 604 .get_cipher = ssl3_get_cipher, 605 .get_cipher_by_char = ssl3_get_cipher_by_char, 606 .put_cipher_by_char = ssl3_put_cipher_by_char, 607 .internal = &TLSv1_server_method_internal_data, 608 }; 609 610 static const SSL_METHOD_INTERNAL TLSv1_1_server_method_internal_data = { 611 .version = TLS1_1_VERSION, 612 .min_version = TLS1_1_VERSION, 613 .max_version = TLS1_1_VERSION, 614 .ssl_new = tls1_new, 615 .ssl_clear = tls1_clear, 616 .ssl_free = tls1_free, 617 .ssl_accept = ssl3_accept, 618 .ssl_connect = ssl_undefined_function, 619 .get_ssl_method = tls1_get_server_method, 620 .get_timeout = tls1_default_timeout, 621 .ssl_version = ssl_undefined_void_function, 622 .ssl_renegotiate = ssl3_renegotiate, 623 .ssl_renegotiate_check = ssl3_renegotiate_check, 624 .ssl_get_message = ssl3_get_message, 625 .ssl_read_bytes = ssl3_read_bytes, 626 .ssl_write_bytes = ssl3_write_bytes, 627 .ssl3_enc = &TLSv1_1_enc_data, 628 }; 629 630 static const SSL_METHOD TLSv1_1_server_method_data = { 631 .ssl_dispatch_alert = ssl3_dispatch_alert, 632 .num_ciphers = ssl3_num_ciphers, 633 .get_cipher = ssl3_get_cipher, 634 .get_cipher_by_char = ssl3_get_cipher_by_char, 635 .put_cipher_by_char = ssl3_put_cipher_by_char, 636 .internal = &TLSv1_1_server_method_internal_data, 637 }; 638 639 static const SSL_METHOD_INTERNAL TLSv1_2_server_method_internal_data = { 640 .version = TLS1_2_VERSION, 641 .min_version = TLS1_2_VERSION, 642 .max_version = TLS1_2_VERSION, 643 .ssl_new = tls1_new, 644 .ssl_clear = tls1_clear, 645 .ssl_free = tls1_free, 646 .ssl_accept = ssl3_accept, 647 .ssl_connect = ssl_undefined_function, 648 .get_ssl_method = tls1_get_server_method, 649 .get_timeout = tls1_default_timeout, 650 .ssl_version = ssl_undefined_void_function, 651 .ssl_renegotiate = ssl3_renegotiate, 652 .ssl_renegotiate_check = ssl3_renegotiate_check, 653 .ssl_get_message = ssl3_get_message, 654 .ssl_read_bytes = ssl3_read_bytes, 655 .ssl_write_bytes = ssl3_write_bytes, 656 .ssl3_enc = &TLSv1_2_enc_data, 657 }; 658 659 static const SSL_METHOD TLSv1_2_server_method_data = { 660 .ssl_dispatch_alert = ssl3_dispatch_alert, 661 .num_ciphers = ssl3_num_ciphers, 662 .get_cipher = ssl3_get_cipher, 663 .get_cipher_by_char = ssl3_get_cipher_by_char, 664 .put_cipher_by_char = ssl3_put_cipher_by_char, 665 .internal = &TLSv1_2_server_method_internal_data, 666 }; 667 668 const SSL_METHOD * 669 tls1_get_server_method(int ver) 670 { 671 if (ver == TLS1_2_VERSION) 672 return (TLSv1_2_server_method()); 673 if (ver == TLS1_1_VERSION) 674 return (TLSv1_1_server_method()); 675 if (ver == TLS1_VERSION) 676 return (TLSv1_server_method()); 677 return (NULL); 678 } 679 680 const SSL_METHOD * 681 SSLv23_server_method(void) 682 { 683 return (TLS_server_method()); 684 } 685 686 const SSL_METHOD * 687 TLS_server_method(void) 688 { 689 return (&TLS_server_method_data); 690 } 691 692 const SSL_METHOD * 693 TLSv1_server_method(void) 694 { 695 return (&TLSv1_server_method_data); 696 } 697 698 const SSL_METHOD * 699 TLSv1_1_server_method(void) 700 { 701 return (&TLSv1_1_server_method_data); 702 } 703 704 const SSL_METHOD * 705 TLSv1_2_server_method(void) 706 { 707 return (&TLSv1_2_server_method_data); 708 } 709