xref: /netbsd-src/crypto/external/bsd/openssl/dist/ssl/ssl_lib.c (revision b757af438b42b93f8c6571f026d8b8ef3eaf5fc9)
1 /*! \file ssl/ssl_lib.c
2  *  \brief Version independent SSL functions.
3  */
4 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
5  * All rights reserved.
6  *
7  * This package is an SSL implementation written
8  * by Eric Young (eay@cryptsoft.com).
9  * The implementation was written so as to conform with Netscapes SSL.
10  *
11  * This library is free for commercial and non-commercial use as long as
12  * the following conditions are aheared to.  The following conditions
13  * apply to all code found in this distribution, be it the RC4, RSA,
14  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
15  * included with this distribution is covered by the same copyright terms
16  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
17  *
18  * Copyright remains Eric Young's, and as such any Copyright notices in
19  * the code are not to be removed.
20  * If this package is used in a product, Eric Young should be given attribution
21  * as the author of the parts of the library used.
22  * This can be in the form of a textual message at program startup or
23  * in documentation (online or textual) provided with the package.
24  *
25  * Redistribution and use in source and binary forms, with or without
26  * modification, are permitted provided that the following conditions
27  * are met:
28  * 1. Redistributions of source code must retain the copyright
29  *    notice, this list of conditions and the following disclaimer.
30  * 2. Redistributions in binary form must reproduce the above copyright
31  *    notice, this list of conditions and the following disclaimer in the
32  *    documentation and/or other materials provided with the distribution.
33  * 3. All advertising materials mentioning features or use of this software
34  *    must display the following acknowledgement:
35  *    "This product includes cryptographic software written by
36  *     Eric Young (eay@cryptsoft.com)"
37  *    The word 'cryptographic' can be left out if the rouines from the library
38  *    being used are not cryptographic related :-).
39  * 4. If you include any Windows specific code (or a derivative thereof) from
40  *    the apps directory (application code) you must include an acknowledgement:
41  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
42  *
43  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
44  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
45  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
46  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
47  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
48  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
49  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
50  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
51  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
52  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
53  * SUCH DAMAGE.
54  *
55  * The licence and distribution terms for any publically available version or
56  * derivative of this code cannot be changed.  i.e. this code cannot simply be
57  * copied and put under another distribution licence
58  * [including the GNU Public Licence.]
59  */
60 /* ====================================================================
61  * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
62  *
63  * Redistribution and use in source and binary forms, with or without
64  * modification, are permitted provided that the following conditions
65  * are met:
66  *
67  * 1. Redistributions of source code must retain the above copyright
68  *    notice, this list of conditions and the following disclaimer.
69  *
70  * 2. Redistributions in binary form must reproduce the above copyright
71  *    notice, this list of conditions and the following disclaimer in
72  *    the documentation and/or other materials provided with the
73  *    distribution.
74  *
75  * 3. All advertising materials mentioning features or use of this
76  *    software must display the following acknowledgment:
77  *    "This product includes software developed by the OpenSSL Project
78  *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
79  *
80  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
81  *    endorse or promote products derived from this software without
82  *    prior written permission. For written permission, please contact
83  *    openssl-core@openssl.org.
84  *
85  * 5. Products derived from this software may not be called "OpenSSL"
86  *    nor may "OpenSSL" appear in their names without prior written
87  *    permission of the OpenSSL Project.
88  *
89  * 6. Redistributions of any form whatsoever must retain the following
90  *    acknowledgment:
91  *    "This product includes software developed by the OpenSSL Project
92  *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
93  *
94  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
95  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
96  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
97  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
98  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
99  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
100  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
101  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
102  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
103  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
104  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
105  * OF THE POSSIBILITY OF SUCH DAMAGE.
106  * ====================================================================
107  *
108  * This product includes cryptographic software written by Eric Young
109  * (eay@cryptsoft.com).  This product includes software written by Tim
110  * Hudson (tjh@cryptsoft.com).
111  *
112  */
113 /* ====================================================================
114  * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
115  * ECC cipher suite support in OpenSSL originally developed by
116  * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
117  */
118 /* ====================================================================
119  * Copyright 2005 Nokia. All rights reserved.
120  *
121  * The portions of the attached software ("Contribution") is developed by
122  * Nokia Corporation and is licensed pursuant to the OpenSSL open source
123  * license.
124  *
125  * The Contribution, originally written by Mika Kousa and Pasi Eronen of
126  * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
127  * support (see RFC 4279) to OpenSSL.
128  *
129  * No patent licenses or other rights except those expressly stated in
130  * the OpenSSL open source license shall be deemed granted or received
131  * expressly, by implication, estoppel, or otherwise.
132  *
133  * No assurances are provided by Nokia that the Contribution does not
134  * infringe the patent or other intellectual property rights of any third
135  * party or that the license provides you with all the necessary rights
136  * to make use of the Contribution.
137  *
138  * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
139  * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
140  * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
141  * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
142  * OTHERWISE.
143  */
144 
145 #ifdef REF_CHECK
146 #  include <assert.h>
147 #endif
148 #include <stdio.h>
149 #include "ssl_locl.h"
150 #include "kssl_lcl.h"
151 #include <openssl/objects.h>
152 #include <openssl/lhash.h>
153 #include <openssl/x509v3.h>
154 #include <openssl/rand.h>
155 #include <openssl/ocsp.h>
156 #ifndef OPENSSL_NO_DH
157 #include <openssl/dh.h>
158 #endif
159 #ifndef OPENSSL_NO_ENGINE
160 #include <openssl/engine.h>
161 #endif
162 
163 const char *SSL_version_str=OPENSSL_VERSION_TEXT;
164 
165 SSL3_ENC_METHOD ssl3_undef_enc_method={
166 	/* evil casts, but these functions are only called if there's a library bug */
167 	(int (*)(SSL *,int))ssl_undefined_function,
168 	(int (*)(SSL *, unsigned char *, int))ssl_undefined_function,
169 	ssl_undefined_function,
170 	(int (*)(SSL *, unsigned char *, unsigned char *, int))ssl_undefined_function,
171 	(int (*)(SSL*, int))ssl_undefined_function,
172 	(int (*)(SSL *,  const char*, int, unsigned char *))ssl_undefined_function,
173 	0,	/* finish_mac_length */
174 	(int (*)(SSL *, int, unsigned char *))ssl_undefined_function,
175 	NULL,	/* client_finished_label */
176 	0,	/* client_finished_label_len */
177 	NULL,	/* server_finished_label */
178 	0,	/* server_finished_label_len */
179 	(int (*)(int))ssl_undefined_function
180 	};
181 
182 int SSL_clear(SSL *s)
183 	{
184 
185 	if (s->method == NULL)
186 		{
187 		SSLerr(SSL_F_SSL_CLEAR,SSL_R_NO_METHOD_SPECIFIED);
188 		return(0);
189 		}
190 
191 	if (ssl_clear_bad_session(s))
192 		{
193 		SSL_SESSION_free(s->session);
194 		s->session=NULL;
195 		}
196 
197 	s->error=0;
198 	s->hit=0;
199 	s->shutdown=0;
200 
201 #if 0 /* Disabled since version 1.10 of this file (early return not
202        * needed because SSL_clear is not called when doing renegotiation) */
203 	/* This is set if we are doing dynamic renegotiation so keep
204 	 * the old cipher.  It is sort of a SSL_clear_lite :-) */
205 	if (s->renegotiate) return(1);
206 #else
207 	if (s->renegotiate)
208 		{
209 		SSLerr(SSL_F_SSL_CLEAR,ERR_R_INTERNAL_ERROR);
210 		return 0;
211 		}
212 #endif
213 
214 	s->type=0;
215 
216 	s->state=SSL_ST_BEFORE|((s->server)?SSL_ST_ACCEPT:SSL_ST_CONNECT);
217 
218 	s->version=s->method->version;
219 	s->client_version=s->version;
220 	s->rwstate=SSL_NOTHING;
221 	s->rstate=SSL_ST_READ_HEADER;
222 #if 0
223 	s->read_ahead=s->ctx->read_ahead;
224 #endif
225 
226 	if (s->init_buf != NULL)
227 		{
228 		BUF_MEM_free(s->init_buf);
229 		s->init_buf=NULL;
230 		}
231 
232 	ssl_clear_cipher_ctx(s);
233 	ssl_clear_hash_ctx(&s->read_hash);
234 	ssl_clear_hash_ctx(&s->write_hash);
235 
236 	s->first_packet=0;
237 
238 #if 1
239 	/* Check to see if we were changed into a different method, if
240 	 * so, revert back if we are not doing session-id reuse. */
241 	if (!s->in_handshake && (s->session == NULL) && (s->method != s->ctx->method))
242 		{
243 		s->method->ssl_free(s);
244 		s->method=s->ctx->method;
245 		if (!s->method->ssl_new(s))
246 			return(0);
247 		}
248 	else
249 #endif
250 		s->method->ssl_clear(s);
251 	return(1);
252 	}
253 
254 /** Used to change an SSL_CTXs default SSL method type */
255 int SSL_CTX_set_ssl_version(SSL_CTX *ctx,const SSL_METHOD *meth)
256 	{
257 	STACK_OF(SSL_CIPHER) *sk;
258 
259 	ctx->method=meth;
260 
261 	sk=ssl_create_cipher_list(ctx->method,&(ctx->cipher_list),
262 		&(ctx->cipher_list_by_id),
263 		meth->version == SSL2_VERSION ? "SSLv2" : SSL_DEFAULT_CIPHER_LIST);
264 	if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0))
265 		{
266 		SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION,SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
267 		return(0);
268 		}
269 	return(1);
270 	}
271 
272 SSL *SSL_new(SSL_CTX *ctx)
273 	{
274 	SSL *s;
275 
276 	if (ctx == NULL)
277 		{
278 		SSLerr(SSL_F_SSL_NEW,SSL_R_NULL_SSL_CTX);
279 		return(NULL);
280 		}
281 	if (ctx->method == NULL)
282 		{
283 		SSLerr(SSL_F_SSL_NEW,SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION);
284 		return(NULL);
285 		}
286 
287 	s=(SSL *)OPENSSL_malloc(sizeof(SSL));
288 	if (s == NULL) goto err;
289 	memset(s,0,sizeof(SSL));
290 
291 #ifndef	OPENSSL_NO_KRB5
292 	s->kssl_ctx = kssl_ctx_new();
293 #endif	/* OPENSSL_NO_KRB5 */
294 
295 	s->options=ctx->options;
296 	s->mode=ctx->mode;
297 	s->max_cert_list=ctx->max_cert_list;
298 
299 	if (ctx->cert != NULL)
300 		{
301 		/* Earlier library versions used to copy the pointer to
302 		 * the CERT, not its contents; only when setting new
303 		 * parameters for the per-SSL copy, ssl_cert_new would be
304 		 * called (and the direct reference to the per-SSL_CTX
305 		 * settings would be lost, but those still were indirectly
306 		 * accessed for various purposes, and for that reason they
307 		 * used to be known as s->ctx->default_cert).
308 		 * Now we don't look at the SSL_CTX's CERT after having
309 		 * duplicated it once. */
310 
311 		s->cert = ssl_cert_dup(ctx->cert);
312 		if (s->cert == NULL)
313 			goto err;
314 		}
315 	else
316 		s->cert=NULL; /* Cannot really happen (see SSL_CTX_new) */
317 
318 	s->read_ahead=ctx->read_ahead;
319 	s->msg_callback=ctx->msg_callback;
320 	s->msg_callback_arg=ctx->msg_callback_arg;
321 	s->verify_mode=ctx->verify_mode;
322 #if 0
323 	s->verify_depth=ctx->verify_depth;
324 #endif
325 	s->sid_ctx_length=ctx->sid_ctx_length;
326 	OPENSSL_assert(s->sid_ctx_length <= sizeof s->sid_ctx);
327 	memcpy(&s->sid_ctx,&ctx->sid_ctx,sizeof(s->sid_ctx));
328 	s->verify_callback=ctx->default_verify_callback;
329 	s->generate_session_id=ctx->generate_session_id;
330 
331 	s->param = X509_VERIFY_PARAM_new();
332 	if (!s->param)
333 		goto err;
334 	X509_VERIFY_PARAM_inherit(s->param, ctx->param);
335 #if 0
336 	s->purpose = ctx->purpose;
337 	s->trust = ctx->trust;
338 #endif
339 	s->quiet_shutdown=ctx->quiet_shutdown;
340 	s->max_send_fragment = ctx->max_send_fragment;
341 
342 	CRYPTO_add(&ctx->references,1,CRYPTO_LOCK_SSL_CTX);
343 	s->ctx=ctx;
344 #ifndef OPENSSL_NO_TLSEXT
345 	s->tlsext_debug_cb = 0;
346 	s->tlsext_debug_arg = NULL;
347 	s->tlsext_ticket_expected = 0;
348 	s->tlsext_status_type = -1;
349 	s->tlsext_status_expected = 0;
350 	s->tlsext_ocsp_ids = NULL;
351 	s->tlsext_ocsp_exts = NULL;
352 	s->tlsext_ocsp_resp = NULL;
353 	s->tlsext_ocsp_resplen = -1;
354 	CRYPTO_add(&ctx->references,1,CRYPTO_LOCK_SSL_CTX);
355 	s->initial_ctx=ctx;
356 #endif
357 
358 	s->verify_result=X509_V_OK;
359 
360 	s->method=ctx->method;
361 
362 	if (!s->method->ssl_new(s))
363 		goto err;
364 
365 	s->references=1;
366 	s->server=(ctx->method->ssl_accept == ssl_undefined_function)?0:1;
367 
368 	SSL_clear(s);
369 
370 	CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
371 
372 #ifndef OPENSSL_NO_PSK
373 	s->psk_client_callback=ctx->psk_client_callback;
374 	s->psk_server_callback=ctx->psk_server_callback;
375 #endif
376 
377 	return(s);
378 err:
379 	if (s != NULL)
380 		{
381 		if (s->cert != NULL)
382 			ssl_cert_free(s->cert);
383 		if (s->ctx != NULL)
384 			SSL_CTX_free(s->ctx); /* decrement reference count */
385 		OPENSSL_free(s);
386 		}
387 	SSLerr(SSL_F_SSL_NEW,ERR_R_MALLOC_FAILURE);
388 	return(NULL);
389 	}
390 
391 int SSL_CTX_set_session_id_context(SSL_CTX *ctx,const unsigned char *sid_ctx,
392 				   unsigned int sid_ctx_len)
393     {
394     if(sid_ctx_len > sizeof ctx->sid_ctx)
395 	{
396 	SSLerr(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT,SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
397 	return 0;
398 	}
399     ctx->sid_ctx_length=sid_ctx_len;
400     memcpy(ctx->sid_ctx,sid_ctx,sid_ctx_len);
401 
402     return 1;
403     }
404 
405 int SSL_set_session_id_context(SSL *ssl,const unsigned char *sid_ctx,
406 			       unsigned int sid_ctx_len)
407     {
408     if(sid_ctx_len > SSL_MAX_SID_CTX_LENGTH)
409 	{
410 	SSLerr(SSL_F_SSL_SET_SESSION_ID_CONTEXT,SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
411 	return 0;
412 	}
413     ssl->sid_ctx_length=sid_ctx_len;
414     memcpy(ssl->sid_ctx,sid_ctx,sid_ctx_len);
415 
416     return 1;
417     }
418 
419 int SSL_CTX_set_generate_session_id(SSL_CTX *ctx, GEN_SESSION_CB cb)
420 	{
421 	CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
422 	ctx->generate_session_id = cb;
423 	CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
424 	return 1;
425 	}
426 
427 int SSL_set_generate_session_id(SSL *ssl, GEN_SESSION_CB cb)
428 	{
429 	CRYPTO_w_lock(CRYPTO_LOCK_SSL);
430 	ssl->generate_session_id = cb;
431 	CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
432 	return 1;
433 	}
434 
435 int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
436 				unsigned int id_len)
437 	{
438 	/* A quick examination of SSL_SESSION_hash and SSL_SESSION_cmp shows how
439 	 * we can "construct" a session to give us the desired check - ie. to
440 	 * find if there's a session in the hash table that would conflict with
441 	 * any new session built out of this id/id_len and the ssl_version in
442 	 * use by this SSL. */
443 	SSL_SESSION r, *p;
444 
445 	if(id_len > sizeof r.session_id)
446 		return 0;
447 
448 	r.ssl_version = ssl->version;
449 	r.session_id_length = id_len;
450 	memcpy(r.session_id, id, id_len);
451 	/* NB: SSLv2 always uses a fixed 16-byte session ID, so even if a
452 	 * callback is calling us to check the uniqueness of a shorter ID, it
453 	 * must be compared as a padded-out ID because that is what it will be
454 	 * converted to when the callback has finished choosing it. */
455 	if((r.ssl_version == SSL2_VERSION) &&
456 			(id_len < SSL2_SSL_SESSION_ID_LENGTH))
457 		{
458 		memset(r.session_id + id_len, 0,
459 			SSL2_SSL_SESSION_ID_LENGTH - id_len);
460 		r.session_id_length = SSL2_SSL_SESSION_ID_LENGTH;
461 		}
462 
463 	CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
464 	p = lh_SSL_SESSION_retrieve(ssl->ctx->sessions, &r);
465 	CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
466 	return (p != NULL);
467 	}
468 
469 int SSL_CTX_set_purpose(SSL_CTX *s, int purpose)
470 	{
471 	return X509_VERIFY_PARAM_set_purpose(s->param, purpose);
472 	}
473 
474 int SSL_set_purpose(SSL *s, int purpose)
475 	{
476 	return X509_VERIFY_PARAM_set_purpose(s->param, purpose);
477 	}
478 
479 int SSL_CTX_set_trust(SSL_CTX *s, int trust)
480 	{
481 	return X509_VERIFY_PARAM_set_trust(s->param, trust);
482 	}
483 
484 int SSL_set_trust(SSL *s, int trust)
485 	{
486 	return X509_VERIFY_PARAM_set_trust(s->param, trust);
487 	}
488 
489 int SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm)
490 	{
491 	return X509_VERIFY_PARAM_set1(ctx->param, vpm);
492 	}
493 
494 int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm)
495 	{
496 	return X509_VERIFY_PARAM_set1(ssl->param, vpm);
497 	}
498 
499 void SSL_free(SSL *s)
500 	{
501 	int i;
502 
503 	if(s == NULL)
504 	    return;
505 
506 	i=CRYPTO_add(&s->references,-1,CRYPTO_LOCK_SSL);
507 #ifdef REF_PRINT
508 	REF_PRINT("SSL",s);
509 #endif
510 	if (i > 0) return;
511 #ifdef REF_CHECK
512 	if (i < 0)
513 		{
514 		fprintf(stderr,"SSL_free, bad reference count\n");
515 		abort(); /* ok */
516 		}
517 #endif
518 
519 	if (s->param)
520 		X509_VERIFY_PARAM_free(s->param);
521 
522 	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
523 
524 	if (s->bbio != NULL)
525 		{
526 		/* If the buffering BIO is in place, pop it off */
527 		if (s->bbio == s->wbio)
528 			{
529 			s->wbio=BIO_pop(s->wbio);
530 			}
531 		BIO_free(s->bbio);
532 		s->bbio=NULL;
533 		}
534 	if (s->rbio != NULL)
535 		BIO_free_all(s->rbio);
536 	if ((s->wbio != NULL) && (s->wbio != s->rbio))
537 		BIO_free_all(s->wbio);
538 
539 	if (s->init_buf != NULL) BUF_MEM_free(s->init_buf);
540 
541 	/* add extra stuff */
542 	if (s->cipher_list != NULL) sk_SSL_CIPHER_free(s->cipher_list);
543 	if (s->cipher_list_by_id != NULL) sk_SSL_CIPHER_free(s->cipher_list_by_id);
544 
545 	/* Make the next call work :-) */
546 	if (s->session != NULL)
547 		{
548 		ssl_clear_bad_session(s);
549 		SSL_SESSION_free(s->session);
550 		}
551 
552 	ssl_clear_cipher_ctx(s);
553 	ssl_clear_hash_ctx(&s->read_hash);
554 	ssl_clear_hash_ctx(&s->write_hash);
555 
556 	if (s->cert != NULL) ssl_cert_free(s->cert);
557 	/* Free up if allocated */
558 
559 #ifndef OPENSSL_NO_TLSEXT
560 	if (s->tlsext_hostname)
561 		OPENSSL_free(s->tlsext_hostname);
562 	if (s->initial_ctx) SSL_CTX_free(s->initial_ctx);
563 #ifndef OPENSSL_NO_EC
564 	if (s->tlsext_ecpointformatlist) OPENSSL_free(s->tlsext_ecpointformatlist);
565 	if (s->tlsext_ellipticcurvelist) OPENSSL_free(s->tlsext_ellipticcurvelist);
566 #endif /* OPENSSL_NO_EC */
567 	if (s->tlsext_opaque_prf_input) OPENSSL_free(s->tlsext_opaque_prf_input);
568 	if (s->tlsext_ocsp_exts)
569 		sk_X509_EXTENSION_pop_free(s->tlsext_ocsp_exts,
570 						X509_EXTENSION_free);
571 	if (s->tlsext_ocsp_ids)
572 		sk_OCSP_RESPID_pop_free(s->tlsext_ocsp_ids, OCSP_RESPID_free);
573 	if (s->tlsext_ocsp_resp)
574 		OPENSSL_free(s->tlsext_ocsp_resp);
575 #endif
576 
577 	if (s->client_CA != NULL)
578 		sk_X509_NAME_pop_free(s->client_CA,X509_NAME_free);
579 
580 	if (s->method != NULL) s->method->ssl_free(s);
581 
582 	if (s->ctx) SSL_CTX_free(s->ctx);
583 
584 #ifndef	OPENSSL_NO_KRB5
585 	if (s->kssl_ctx != NULL)
586 		kssl_ctx_free(s->kssl_ctx);
587 #endif	/* OPENSSL_NO_KRB5 */
588 
589 	OPENSSL_free(s);
590 	}
591 
592 void SSL_set_bio(SSL *s,BIO *rbio,BIO *wbio)
593 	{
594 	/* If the output buffering BIO is still in place, remove it
595 	 */
596 	if (s->bbio != NULL)
597 		{
598 		if (s->wbio == s->bbio)
599 			{
600 			s->wbio=s->wbio->next_bio;
601 			s->bbio->next_bio=NULL;
602 			}
603 		}
604 	if ((s->rbio != NULL) && (s->rbio != rbio))
605 		BIO_free_all(s->rbio);
606 	if ((s->wbio != NULL) && (s->wbio != wbio) && (s->rbio != s->wbio))
607 		BIO_free_all(s->wbio);
608 	s->rbio=rbio;
609 	s->wbio=wbio;
610 	}
611 
612 BIO *SSL_get_rbio(const SSL *s)
613 	{ return(s->rbio); }
614 
615 BIO *SSL_get_wbio(const SSL *s)
616 	{ return(s->wbio); }
617 
618 int SSL_get_fd(const SSL *s)
619 	{
620 	return(SSL_get_rfd(s));
621 	}
622 
623 int SSL_get_rfd(const SSL *s)
624 	{
625 	int ret= -1;
626 	BIO *b,*r;
627 
628 	b=SSL_get_rbio(s);
629 	r=BIO_find_type(b,BIO_TYPE_DESCRIPTOR);
630 	if (r != NULL)
631 		BIO_get_fd(r,&ret);
632 	return(ret);
633 	}
634 
635 int SSL_get_wfd(const SSL *s)
636 	{
637 	int ret= -1;
638 	BIO *b,*r;
639 
640 	b=SSL_get_wbio(s);
641 	r=BIO_find_type(b,BIO_TYPE_DESCRIPTOR);
642 	if (r != NULL)
643 		BIO_get_fd(r,&ret);
644 	return(ret);
645 	}
646 
647 #ifndef OPENSSL_NO_SOCK
648 int SSL_set_fd(SSL *s,int fd)
649 	{
650 	int ret=0;
651 	BIO *bio=NULL;
652 
653 	bio=BIO_new(BIO_s_socket());
654 
655 	if (bio == NULL)
656 		{
657 		SSLerr(SSL_F_SSL_SET_FD,ERR_R_BUF_LIB);
658 		goto err;
659 		}
660 	BIO_set_fd(bio,fd,BIO_NOCLOSE);
661 	SSL_set_bio(s,bio,bio);
662 	ret=1;
663 err:
664 	return(ret);
665 	}
666 
667 int SSL_set_wfd(SSL *s,int fd)
668 	{
669 	int ret=0;
670 	BIO *bio=NULL;
671 
672 	if ((s->rbio == NULL) || (BIO_method_type(s->rbio) != BIO_TYPE_SOCKET)
673 		|| ((int)BIO_get_fd(s->rbio,NULL) != fd))
674 		{
675 		bio=BIO_new(BIO_s_socket());
676 
677 		if (bio == NULL)
678 			{ SSLerr(SSL_F_SSL_SET_WFD,ERR_R_BUF_LIB); goto err; }
679 		BIO_set_fd(bio,fd,BIO_NOCLOSE);
680 		SSL_set_bio(s,SSL_get_rbio(s),bio);
681 		}
682 	else
683 		SSL_set_bio(s,SSL_get_rbio(s),SSL_get_rbio(s));
684 	ret=1;
685 err:
686 	return(ret);
687 	}
688 
689 int SSL_set_rfd(SSL *s,int fd)
690 	{
691 	int ret=0;
692 	BIO *bio=NULL;
693 
694 	if ((s->wbio == NULL) || (BIO_method_type(s->wbio) != BIO_TYPE_SOCKET)
695 		|| ((int)BIO_get_fd(s->wbio,NULL) != fd))
696 		{
697 		bio=BIO_new(BIO_s_socket());
698 
699 		if (bio == NULL)
700 			{
701 			SSLerr(SSL_F_SSL_SET_RFD,ERR_R_BUF_LIB);
702 			goto err;
703 			}
704 		BIO_set_fd(bio,fd,BIO_NOCLOSE);
705 		SSL_set_bio(s,bio,SSL_get_wbio(s));
706 		}
707 	else
708 		SSL_set_bio(s,SSL_get_wbio(s),SSL_get_wbio(s));
709 	ret=1;
710 err:
711 	return(ret);
712 	}
713 #endif
714 
715 
716 /* return length of latest Finished message we sent, copy to 'buf' */
717 size_t SSL_get_finished(const SSL *s, void *buf, size_t count)
718 	{
719 	size_t ret = 0;
720 
721 	if (s->s3 != NULL)
722 		{
723 		ret = s->s3->tmp.finish_md_len;
724 		if (count > ret)
725 			count = ret;
726 		memcpy(buf, s->s3->tmp.finish_md, count);
727 		}
728 	return ret;
729 	}
730 
731 /* return length of latest Finished message we expected, copy to 'buf' */
732 size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count)
733 	{
734 	size_t ret = 0;
735 
736 	if (s->s3 != NULL)
737 		{
738 		ret = s->s3->tmp.peer_finish_md_len;
739 		if (count > ret)
740 			count = ret;
741 		memcpy(buf, s->s3->tmp.peer_finish_md, count);
742 		}
743 	return ret;
744 	}
745 
746 
747 int SSL_get_verify_mode(const SSL *s)
748 	{
749 	return(s->verify_mode);
750 	}
751 
752 int SSL_get_verify_depth(const SSL *s)
753 	{
754 	return X509_VERIFY_PARAM_get_depth(s->param);
755 	}
756 
757 int (*SSL_get_verify_callback(const SSL *s))(int,X509_STORE_CTX *)
758 	{
759 	return(s->verify_callback);
760 	}
761 
762 int SSL_CTX_get_verify_mode(const SSL_CTX *ctx)
763 	{
764 	return(ctx->verify_mode);
765 	}
766 
767 int SSL_CTX_get_verify_depth(const SSL_CTX *ctx)
768 	{
769 	return X509_VERIFY_PARAM_get_depth(ctx->param);
770 	}
771 
772 int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))(int,X509_STORE_CTX *)
773 	{
774 	return(ctx->default_verify_callback);
775 	}
776 
777 void SSL_set_verify(SSL *s,int mode,
778 		    int (*callback)(int ok,X509_STORE_CTX *ctx))
779 	{
780 	s->verify_mode=mode;
781 	if (callback != NULL)
782 		s->verify_callback=callback;
783 	}
784 
785 void SSL_set_verify_depth(SSL *s,int depth)
786 	{
787 	X509_VERIFY_PARAM_set_depth(s->param, depth);
788 	}
789 
790 void SSL_set_read_ahead(SSL *s,int yes)
791 	{
792 	s->read_ahead=yes;
793 	}
794 
795 int SSL_get_read_ahead(const SSL *s)
796 	{
797 	return(s->read_ahead);
798 	}
799 
800 int SSL_pending(const SSL *s)
801 	{
802 	/* SSL_pending cannot work properly if read-ahead is enabled
803 	 * (SSL_[CTX_]ctrl(..., SSL_CTRL_SET_READ_AHEAD, 1, NULL)),
804 	 * and it is impossible to fix since SSL_pending cannot report
805 	 * errors that may be observed while scanning the new data.
806 	 * (Note that SSL_pending() is often used as a boolean value,
807 	 * so we'd better not return -1.)
808 	 */
809 	return(s->method->ssl_pending(s));
810 	}
811 
812 X509 *SSL_get_peer_certificate(const SSL *s)
813 	{
814 	X509 *r;
815 
816 	if ((s == NULL) || (s->session == NULL))
817 		r=NULL;
818 	else
819 		r=s->session->peer;
820 
821 	if (r == NULL) return(r);
822 
823 	CRYPTO_add(&r->references,1,CRYPTO_LOCK_X509);
824 
825 	return(r);
826 	}
827 
828 STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *s)
829 	{
830 	STACK_OF(X509) *r;
831 
832 	if ((s == NULL) || (s->session == NULL) || (s->session->sess_cert == NULL))
833 		r=NULL;
834 	else
835 		r=s->session->sess_cert->cert_chain;
836 
837 	/* If we are a client, cert_chain includes the peer's own
838 	 * certificate; if we are a server, it does not. */
839 
840 	return(r);
841 	}
842 
843 /* Now in theory, since the calling process own 't' it should be safe to
844  * modify.  We need to be able to read f without being hassled */
845 void SSL_copy_session_id(SSL *t,const SSL *f)
846 	{
847 	CERT *tmp;
848 
849 	/* Do we need to to SSL locking? */
850 	SSL_set_session(t,SSL_get_session(f));
851 
852 	/* what if we are setup as SSLv2 but want to talk SSLv3 or
853 	 * vice-versa */
854 	if (t->method != f->method)
855 		{
856 		t->method->ssl_free(t);	/* cleanup current */
857 		t->method=f->method;	/* change method */
858 		t->method->ssl_new(t);	/* setup new */
859 		}
860 
861 	tmp=t->cert;
862 	if (f->cert != NULL)
863 		{
864 		CRYPTO_add(&f->cert->references,1,CRYPTO_LOCK_SSL_CERT);
865 		t->cert=f->cert;
866 		}
867 	else
868 		t->cert=NULL;
869 	if (tmp != NULL) ssl_cert_free(tmp);
870 	SSL_set_session_id_context(t,f->sid_ctx,f->sid_ctx_length);
871 	}
872 
873 /* Fix this so it checks all the valid key/cert options */
874 int SSL_CTX_check_private_key(const SSL_CTX *ctx)
875 	{
876 	if (	(ctx == NULL) ||
877 		(ctx->cert == NULL) ||
878 		(ctx->cert->key->x509 == NULL))
879 		{
880 		SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,SSL_R_NO_CERTIFICATE_ASSIGNED);
881 		return(0);
882 		}
883 	if 	(ctx->cert->key->privatekey == NULL)
884 		{
885 		SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,SSL_R_NO_PRIVATE_KEY_ASSIGNED);
886 		return(0);
887 		}
888 	return(X509_check_private_key(ctx->cert->key->x509, ctx->cert->key->privatekey));
889 	}
890 
891 /* Fix this function so that it takes an optional type parameter */
892 int SSL_check_private_key(const SSL *ssl)
893 	{
894 	if (ssl == NULL)
895 		{
896 		SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,ERR_R_PASSED_NULL_PARAMETER);
897 		return(0);
898 		}
899 	if (ssl->cert == NULL)
900 		{
901 		SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,SSL_R_NO_CERTIFICATE_ASSIGNED);
902 		return 0;
903 		}
904 	if (ssl->cert->key->x509 == NULL)
905 		{
906 		SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,SSL_R_NO_CERTIFICATE_ASSIGNED);
907 		return(0);
908 		}
909 	if (ssl->cert->key->privatekey == NULL)
910 		{
911 		SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,SSL_R_NO_PRIVATE_KEY_ASSIGNED);
912 		return(0);
913 		}
914 	return(X509_check_private_key(ssl->cert->key->x509,
915 		ssl->cert->key->privatekey));
916 	}
917 
918 int SSL_accept(SSL *s)
919 	{
920 	if (s->handshake_func == 0)
921 		/* Not properly initialized yet */
922 		SSL_set_accept_state(s);
923 
924 	return(s->method->ssl_accept(s));
925 	}
926 
927 int SSL_connect(SSL *s)
928 	{
929 	if (s->handshake_func == 0)
930 		/* Not properly initialized yet */
931 		SSL_set_connect_state(s);
932 
933 	return(s->method->ssl_connect(s));
934 	}
935 
936 long SSL_get_default_timeout(const SSL *s)
937 	{
938 	return(s->method->get_timeout());
939 	}
940 
941 int SSL_read(SSL *s,void *buf,int num)
942 	{
943 	if (s->handshake_func == 0)
944 		{
945 		SSLerr(SSL_F_SSL_READ, SSL_R_UNINITIALIZED);
946 		return -1;
947 		}
948 
949 	if (s->shutdown & SSL_RECEIVED_SHUTDOWN)
950 		{
951 		s->rwstate=SSL_NOTHING;
952 		return(0);
953 		}
954 	return(s->method->ssl_read(s,buf,num));
955 	}
956 
957 int SSL_peek(SSL *s,void *buf,int num)
958 	{
959 	if (s->handshake_func == 0)
960 		{
961 		SSLerr(SSL_F_SSL_PEEK, SSL_R_UNINITIALIZED);
962 		return -1;
963 		}
964 
965 	if (s->shutdown & SSL_RECEIVED_SHUTDOWN)
966 		{
967 		return(0);
968 		}
969 	return(s->method->ssl_peek(s,buf,num));
970 	}
971 
972 int SSL_write(SSL *s,const void *buf,int num)
973 	{
974 	if (s->handshake_func == 0)
975 		{
976 		SSLerr(SSL_F_SSL_WRITE, SSL_R_UNINITIALIZED);
977 		return -1;
978 		}
979 
980 	if (s->shutdown & SSL_SENT_SHUTDOWN)
981 		{
982 		s->rwstate=SSL_NOTHING;
983 		SSLerr(SSL_F_SSL_WRITE,SSL_R_PROTOCOL_IS_SHUTDOWN);
984 		return(-1);
985 		}
986 	return(s->method->ssl_write(s,buf,num));
987 	}
988 
989 int SSL_shutdown(SSL *s)
990 	{
991 	/* Note that this function behaves differently from what one might
992 	 * expect.  Return values are 0 for no success (yet),
993 	 * 1 for success; but calling it once is usually not enough,
994 	 * even if blocking I/O is used (see ssl3_shutdown).
995 	 */
996 
997 	if (s->handshake_func == 0)
998 		{
999 		SSLerr(SSL_F_SSL_SHUTDOWN, SSL_R_UNINITIALIZED);
1000 		return -1;
1001 		}
1002 
1003 	if ((s != NULL) && !SSL_in_init(s))
1004 		return(s->method->ssl_shutdown(s));
1005 	else
1006 		return(1);
1007 	}
1008 
1009 int SSL_renegotiate(SSL *s)
1010 	{
1011 	if (s->renegotiate == 0)
1012 		s->renegotiate=1;
1013 
1014 	s->new_session=1;
1015 
1016 	return(s->method->ssl_renegotiate(s));
1017 	}
1018 
1019 int SSL_renegotiate_abbreviated(SSL *s)
1020 {
1021 	if (s->renegotiate == 0)
1022 		s->renegotiate=1;
1023 
1024 	s->new_session=0;
1025 
1026 	return(s->method->ssl_renegotiate(s));
1027 }
1028 
1029 int SSL_renegotiate_pending(SSL *s)
1030 	{
1031 	/* becomes true when negotiation is requested;
1032 	 * false again once a handshake has finished */
1033 	return (s->renegotiate != 0);
1034 	}
1035 
1036 long SSL_ctrl(SSL *s,int cmd,long larg,void *parg)
1037 	{
1038 	long l;
1039 
1040 	switch (cmd)
1041 		{
1042 	case SSL_CTRL_GET_READ_AHEAD:
1043 		return(s->read_ahead);
1044 	case SSL_CTRL_SET_READ_AHEAD:
1045 		l=s->read_ahead;
1046 		s->read_ahead=larg;
1047 		return(l);
1048 
1049 	case SSL_CTRL_SET_MSG_CALLBACK_ARG:
1050 		s->msg_callback_arg = parg;
1051 		return 1;
1052 
1053 	case SSL_CTRL_OPTIONS:
1054 		return(s->options|=larg);
1055 	case SSL_CTRL_CLEAR_OPTIONS:
1056 		return(s->options&=~larg);
1057 	case SSL_CTRL_MODE:
1058 		return(s->mode|=larg);
1059 	case SSL_CTRL_CLEAR_MODE:
1060 		return(s->mode &=~larg);
1061 	case SSL_CTRL_GET_MAX_CERT_LIST:
1062 		return(s->max_cert_list);
1063 	case SSL_CTRL_SET_MAX_CERT_LIST:
1064 		l=s->max_cert_list;
1065 		s->max_cert_list=larg;
1066 		return(l);
1067 	case SSL_CTRL_SET_MTU:
1068 		if (SSL_version(s) == DTLS1_VERSION ||
1069 		    SSL_version(s) == DTLS1_BAD_VER)
1070 			{
1071 			s->d1->mtu = larg;
1072 			return larg;
1073 			}
1074 		return 0;
1075 	case SSL_CTRL_SET_MAX_SEND_FRAGMENT:
1076 		if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH)
1077 			return 0;
1078 		s->max_send_fragment = larg;
1079 		return 1;
1080 	case SSL_CTRL_GET_RI_SUPPORT:
1081 		if (s->s3)
1082 			return s->s3->send_connection_binding;
1083 		else return 0;
1084 	default:
1085 		return(s->method->ssl_ctrl(s,cmd,larg,parg));
1086 		}
1087 	}
1088 
1089 long SSL_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
1090 	{
1091 	switch(cmd)
1092 		{
1093 	case SSL_CTRL_SET_MSG_CALLBACK:
1094 		s->msg_callback = (void (*)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg))(fp);
1095 		return 1;
1096 
1097 	default:
1098 		return(s->method->ssl_callback_ctrl(s,cmd,fp));
1099 		}
1100 	}
1101 
1102 LHASH_OF(SSL_SESSION) *SSL_CTX_sessions(SSL_CTX *ctx)
1103 	{
1104 	return ctx->sessions;
1105 	}
1106 
1107 long SSL_CTX_ctrl(SSL_CTX *ctx,int cmd,long larg,void *parg)
1108 	{
1109 	long l;
1110 
1111 	switch (cmd)
1112 		{
1113 	case SSL_CTRL_GET_READ_AHEAD:
1114 		return(ctx->read_ahead);
1115 	case SSL_CTRL_SET_READ_AHEAD:
1116 		l=ctx->read_ahead;
1117 		ctx->read_ahead=larg;
1118 		return(l);
1119 
1120 	case SSL_CTRL_SET_MSG_CALLBACK_ARG:
1121 		ctx->msg_callback_arg = parg;
1122 		return 1;
1123 
1124 	case SSL_CTRL_GET_MAX_CERT_LIST:
1125 		return(ctx->max_cert_list);
1126 	case SSL_CTRL_SET_MAX_CERT_LIST:
1127 		l=ctx->max_cert_list;
1128 		ctx->max_cert_list=larg;
1129 		return(l);
1130 
1131 	case SSL_CTRL_SET_SESS_CACHE_SIZE:
1132 		l=ctx->session_cache_size;
1133 		ctx->session_cache_size=larg;
1134 		return(l);
1135 	case SSL_CTRL_GET_SESS_CACHE_SIZE:
1136 		return(ctx->session_cache_size);
1137 	case SSL_CTRL_SET_SESS_CACHE_MODE:
1138 		l=ctx->session_cache_mode;
1139 		ctx->session_cache_mode=larg;
1140 		return(l);
1141 	case SSL_CTRL_GET_SESS_CACHE_MODE:
1142 		return(ctx->session_cache_mode);
1143 
1144 	case SSL_CTRL_SESS_NUMBER:
1145 		return(lh_SSL_SESSION_num_items(ctx->sessions));
1146 	case SSL_CTRL_SESS_CONNECT:
1147 		return(ctx->stats.sess_connect);
1148 	case SSL_CTRL_SESS_CONNECT_GOOD:
1149 		return(ctx->stats.sess_connect_good);
1150 	case SSL_CTRL_SESS_CONNECT_RENEGOTIATE:
1151 		return(ctx->stats.sess_connect_renegotiate);
1152 	case SSL_CTRL_SESS_ACCEPT:
1153 		return(ctx->stats.sess_accept);
1154 	case SSL_CTRL_SESS_ACCEPT_GOOD:
1155 		return(ctx->stats.sess_accept_good);
1156 	case SSL_CTRL_SESS_ACCEPT_RENEGOTIATE:
1157 		return(ctx->stats.sess_accept_renegotiate);
1158 	case SSL_CTRL_SESS_HIT:
1159 		return(ctx->stats.sess_hit);
1160 	case SSL_CTRL_SESS_CB_HIT:
1161 		return(ctx->stats.sess_cb_hit);
1162 	case SSL_CTRL_SESS_MISSES:
1163 		return(ctx->stats.sess_miss);
1164 	case SSL_CTRL_SESS_TIMEOUTS:
1165 		return(ctx->stats.sess_timeout);
1166 	case SSL_CTRL_SESS_CACHE_FULL:
1167 		return(ctx->stats.sess_cache_full);
1168 	case SSL_CTRL_OPTIONS:
1169 		return(ctx->options|=larg);
1170 	case SSL_CTRL_CLEAR_OPTIONS:
1171 		return(ctx->options&=~larg);
1172 	case SSL_CTRL_MODE:
1173 		return(ctx->mode|=larg);
1174 	case SSL_CTRL_CLEAR_MODE:
1175 		return(ctx->mode&=~larg);
1176 	case SSL_CTRL_SET_MAX_SEND_FRAGMENT:
1177 		if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH)
1178 			return 0;
1179 		ctx->max_send_fragment = larg;
1180 		return 1;
1181 	default:
1182 		return(ctx->method->ssl_ctx_ctrl(ctx,cmd,larg,parg));
1183 		}
1184 	}
1185 
1186 long SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
1187 	{
1188 	switch(cmd)
1189 		{
1190 	case SSL_CTRL_SET_MSG_CALLBACK:
1191 		ctx->msg_callback = (void (*)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg))(fp);
1192 		return 1;
1193 
1194 	default:
1195 		return(ctx->method->ssl_ctx_callback_ctrl(ctx,cmd,fp));
1196 		}
1197 	}
1198 
1199 int ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b)
1200 	{
1201 	long l;
1202 
1203 	l=a->id-b->id;
1204 	if (l == 0L)
1205 		return(0);
1206 	else
1207 		return((l > 0)?1:-1);
1208 	}
1209 
1210 int ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap,
1211 			const SSL_CIPHER * const *bp)
1212 	{
1213 	long l;
1214 
1215 	l=(*ap)->id-(*bp)->id;
1216 	if (l == 0L)
1217 		return(0);
1218 	else
1219 		return((l > 0)?1:-1);
1220 	}
1221 
1222 /** return a STACK of the ciphers available for the SSL and in order of
1223  * preference */
1224 STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s)
1225 	{
1226 	if (s != NULL)
1227 		{
1228 		if (s->cipher_list != NULL)
1229 			{
1230 			return(s->cipher_list);
1231 			}
1232 		else if ((s->ctx != NULL) &&
1233 			(s->ctx->cipher_list != NULL))
1234 			{
1235 			return(s->ctx->cipher_list);
1236 			}
1237 		}
1238 	return(NULL);
1239 	}
1240 
1241 /** return a STACK of the ciphers available for the SSL and in order of
1242  * algorithm id */
1243 STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s)
1244 	{
1245 	if (s != NULL)
1246 		{
1247 		if (s->cipher_list_by_id != NULL)
1248 			{
1249 			return(s->cipher_list_by_id);
1250 			}
1251 		else if ((s->ctx != NULL) &&
1252 			(s->ctx->cipher_list_by_id != NULL))
1253 			{
1254 			return(s->ctx->cipher_list_by_id);
1255 			}
1256 		}
1257 	return(NULL);
1258 	}
1259 
1260 /** The old interface to get the same thing as SSL_get_ciphers() */
1261 const char *SSL_get_cipher_list(const SSL *s,int n)
1262 	{
1263 	SSL_CIPHER *c;
1264 	STACK_OF(SSL_CIPHER) *sk;
1265 
1266 	if (s == NULL) return(NULL);
1267 	sk=SSL_get_ciphers(s);
1268 	if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= n))
1269 		return(NULL);
1270 	c=sk_SSL_CIPHER_value(sk,n);
1271 	if (c == NULL) return(NULL);
1272 	return(c->name);
1273 	}
1274 
1275 /** specify the ciphers to be used by default by the SSL_CTX */
1276 int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str)
1277 	{
1278 	STACK_OF(SSL_CIPHER) *sk;
1279 
1280 	sk=ssl_create_cipher_list(ctx->method,&ctx->cipher_list,
1281 		&ctx->cipher_list_by_id,str);
1282 	/* ssl_create_cipher_list may return an empty stack if it
1283 	 * was unable to find a cipher matching the given rule string
1284 	 * (for example if the rule string specifies a cipher which
1285 	 * has been disabled). This is not an error as far as
1286 	 * ssl_create_cipher_list is concerned, and hence
1287 	 * ctx->cipher_list and ctx->cipher_list_by_id has been
1288 	 * updated. */
1289 	if (sk == NULL)
1290 		return 0;
1291 	else if (sk_SSL_CIPHER_num(sk) == 0)
1292 		{
1293 		SSLerr(SSL_F_SSL_CTX_SET_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH);
1294 		return 0;
1295 		}
1296 	return 1;
1297 	}
1298 
1299 /** specify the ciphers to be used by the SSL */
1300 int SSL_set_cipher_list(SSL *s,const char *str)
1301 	{
1302 	STACK_OF(SSL_CIPHER) *sk;
1303 
1304 	sk=ssl_create_cipher_list(s->ctx->method,&s->cipher_list,
1305 		&s->cipher_list_by_id,str);
1306 	/* see comment in SSL_CTX_set_cipher_list */
1307 	if (sk == NULL)
1308 		return 0;
1309 	else if (sk_SSL_CIPHER_num(sk) == 0)
1310 		{
1311 		SSLerr(SSL_F_SSL_SET_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH);
1312 		return 0;
1313 		}
1314 	return 1;
1315 	}
1316 
1317 /* works well for SSLv2, not so good for SSLv3 */
1318 char *SSL_get_shared_ciphers(const SSL *s,char *buf,int len)
1319 	{
1320 	char *p;
1321 	STACK_OF(SSL_CIPHER) *sk;
1322 	SSL_CIPHER *c;
1323 	int i;
1324 
1325 	if ((s->session == NULL) || (s->session->ciphers == NULL) ||
1326 		(len < 2))
1327 		return(NULL);
1328 
1329 	p=buf;
1330 	sk=s->session->ciphers;
1331 	for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
1332 		{
1333 		int n;
1334 
1335 		c=sk_SSL_CIPHER_value(sk,i);
1336 		n=strlen(c->name);
1337 		if (n+1 > len)
1338 			{
1339 			if (p != buf)
1340 				--p;
1341 			*p='\0';
1342 			return buf;
1343 			}
1344 		strcpy(p,c->name);
1345 		p+=n;
1346 		*(p++)=':';
1347 		len-=n+1;
1348 		}
1349 	p[-1]='\0';
1350 	return(buf);
1351 	}
1352 
1353 int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p,
1354 			     int (*put_cb)(const SSL_CIPHER *, unsigned char *))
1355 	{
1356 	int i,j=0;
1357 	SSL_CIPHER *c;
1358 	unsigned char *q;
1359 #ifndef OPENSSL_NO_KRB5
1360 	int nokrb5 = !kssl_tgt_is_available(s->kssl_ctx);
1361 #endif /* OPENSSL_NO_KRB5 */
1362 
1363 	if (sk == NULL) return(0);
1364 	q=p;
1365 
1366 	for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
1367 		{
1368 		c=sk_SSL_CIPHER_value(sk,i);
1369 #ifndef OPENSSL_NO_KRB5
1370 		if (((c->algorithm_mkey & SSL_kKRB5) || (c->algorithm_auth & SSL_aKRB5)) &&
1371 		    nokrb5)
1372 		    continue;
1373 #endif /* OPENSSL_NO_KRB5 */
1374 #ifndef OPENSSL_NO_PSK
1375 		/* with PSK there must be client callback set */
1376 		if (((c->algorithm_mkey & SSL_kPSK) || (c->algorithm_auth & SSL_aPSK)) &&
1377 		    s->psk_client_callback == NULL)
1378 			continue;
1379 #endif /* OPENSSL_NO_PSK */
1380 		j = put_cb ? put_cb(c,p) : ssl_put_cipher_by_char(s,c,p);
1381 		p+=j;
1382 		}
1383 	/* If p == q, no ciphers and caller indicates an error. Otherwise
1384 	 * add SCSV if not renegotiating.
1385 	 */
1386 	if (p != q && !s->renegotiate)
1387 		{
1388 		static SSL_CIPHER scsv =
1389 			{
1390 			0, NULL, SSL3_CK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0
1391 			};
1392 		j = put_cb ? put_cb(&scsv,p) : ssl_put_cipher_by_char(s,&scsv,p);
1393 		p+=j;
1394 #ifdef OPENSSL_RI_DEBUG
1395 		fprintf(stderr, "SCSV sent by client\n");
1396 #endif
1397 		}
1398 
1399 	return(p-q);
1400 	}
1401 
1402 STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num,
1403 					       STACK_OF(SSL_CIPHER) **skp)
1404 	{
1405 	const SSL_CIPHER *c;
1406 	STACK_OF(SSL_CIPHER) *sk;
1407 	int i,n;
1408 	if (s->s3)
1409 		s->s3->send_connection_binding = 0;
1410 
1411 	n=ssl_put_cipher_by_char(s,NULL,NULL);
1412 	if ((num%n) != 0)
1413 		{
1414 		SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
1415 		return(NULL);
1416 		}
1417 	if ((skp == NULL) || (*skp == NULL))
1418 		sk=sk_SSL_CIPHER_new_null(); /* change perhaps later */
1419 	else
1420 		{
1421 		sk= *skp;
1422 		sk_SSL_CIPHER_zero(sk);
1423 		}
1424 
1425 	for (i=0; i<num; i+=n)
1426 		{
1427 		/* Check for SCSV */
1428 		if (s->s3 && (n != 3 || !p[0]) &&
1429 			(p[n-2] == ((SSL3_CK_SCSV >> 8) & 0xff)) &&
1430 			(p[n-1] == (SSL3_CK_SCSV & 0xff)))
1431 			{
1432 			/* SCSV fatal if renegotiating */
1433 			if (s->renegotiate)
1434 				{
1435 				SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING);
1436 				ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
1437 				goto err;
1438 				}
1439 			s->s3->send_connection_binding = 1;
1440 			p += n;
1441 #ifdef OPENSSL_RI_DEBUG
1442 			fprintf(stderr, "SCSV received by server\n");
1443 #endif
1444 			continue;
1445 			}
1446 
1447 		c=ssl_get_cipher_by_char(s,p);
1448 		p+=n;
1449 		if (c != NULL)
1450 			{
1451 			if (!sk_SSL_CIPHER_push(sk,c))
1452 				{
1453 				SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,ERR_R_MALLOC_FAILURE);
1454 				goto err;
1455 				}
1456 			}
1457 		}
1458 
1459 	if (skp != NULL)
1460 		*skp=sk;
1461 	return(sk);
1462 err:
1463 	if ((skp == NULL) || (*skp == NULL))
1464 		sk_SSL_CIPHER_free(sk);
1465 	return(NULL);
1466 	}
1467 
1468 
1469 #ifndef OPENSSL_NO_TLSEXT
1470 /** return a servername extension value if provided in Client Hello, or NULL.
1471  * So far, only host_name types are defined (RFC 3546).
1472  */
1473 
1474 const char *SSL_get_servername(const SSL *s, const int type)
1475 	{
1476 	if (type != TLSEXT_NAMETYPE_host_name)
1477 		return NULL;
1478 
1479 	return s->session && !s->tlsext_hostname ?
1480 		s->session->tlsext_hostname :
1481 		s->tlsext_hostname;
1482 	}
1483 
1484 int SSL_get_servername_type(const SSL *s)
1485 	{
1486 	if (s->session && (!s->tlsext_hostname ? s->session->tlsext_hostname : s->tlsext_hostname))
1487 		return TLSEXT_NAMETYPE_host_name;
1488 	return -1;
1489 	}
1490 #endif
1491 
1492 static unsigned long ssl_session_hash(const SSL_SESSION *a)
1493 	{
1494 	unsigned long l;
1495 
1496 	l=(unsigned long)
1497 		((unsigned int) a->session_id[0]     )|
1498 		((unsigned int) a->session_id[1]<< 8L)|
1499 		((unsigned long)a->session_id[2]<<16L)|
1500 		((unsigned long)a->session_id[3]<<24L);
1501 	return(l);
1502 	}
1503 
1504 /* NB: If this function (or indeed the hash function which uses a sort of
1505  * coarser function than this one) is changed, ensure
1506  * SSL_CTX_has_matching_session_id() is checked accordingly. It relies on being
1507  * able to construct an SSL_SESSION that will collide with any existing session
1508  * with a matching session ID. */
1509 static int ssl_session_cmp(const SSL_SESSION *a,const SSL_SESSION *b)
1510 	{
1511 	if (a->ssl_version != b->ssl_version)
1512 		return(1);
1513 	if (a->session_id_length != b->session_id_length)
1514 		return(1);
1515 	return(memcmp(a->session_id,b->session_id,a->session_id_length));
1516 	}
1517 
1518 /* These wrapper functions should remain rather than redeclaring
1519  * SSL_SESSION_hash and SSL_SESSION_cmp for void* types and casting each
1520  * variable. The reason is that the functions aren't static, they're exposed via
1521  * ssl.h. */
1522 static IMPLEMENT_LHASH_HASH_FN(ssl_session, SSL_SESSION)
1523 static IMPLEMENT_LHASH_COMP_FN(ssl_session, SSL_SESSION)
1524 
1525 SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
1526 	{
1527 	SSL_CTX *ret=NULL;
1528 
1529 	if (meth == NULL)
1530 		{
1531 		SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_NULL_SSL_METHOD_PASSED);
1532 		return(NULL);
1533 		}
1534 
1535 #ifdef OPENSSL_FIPS
1536 	if (FIPS_mode() && (meth->version < TLS1_VERSION))
1537 		{
1538 		SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
1539 		return NULL;
1540 		}
1541 #endif
1542 
1543 	if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0)
1544 		{
1545 		SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_X509_VERIFICATION_SETUP_PROBLEMS);
1546 		goto err;
1547 		}
1548 	ret=(SSL_CTX *)OPENSSL_malloc(sizeof(SSL_CTX));
1549 	if (ret == NULL)
1550 		goto err;
1551 
1552 	memset(ret,0,sizeof(SSL_CTX));
1553 
1554 	ret->method=meth;
1555 
1556 	ret->cert_store=NULL;
1557 	ret->session_cache_mode=SSL_SESS_CACHE_SERVER;
1558 	ret->session_cache_size=SSL_SESSION_CACHE_MAX_SIZE_DEFAULT;
1559 	ret->session_cache_head=NULL;
1560 	ret->session_cache_tail=NULL;
1561 
1562 	/* We take the system default */
1563 	ret->session_timeout=meth->get_timeout();
1564 
1565 	ret->new_session_cb=0;
1566 	ret->remove_session_cb=0;
1567 	ret->get_session_cb=0;
1568 	ret->generate_session_id=0;
1569 
1570 	memset((char *)&ret->stats,0,sizeof(ret->stats));
1571 
1572 	ret->references=1;
1573 	ret->quiet_shutdown=0;
1574 
1575 /*	ret->cipher=NULL;*/
1576 /*	ret->s2->challenge=NULL;
1577 	ret->master_key=NULL;
1578 	ret->key_arg=NULL;
1579 	ret->s2->conn_id=NULL; */
1580 
1581 	ret->info_callback=NULL;
1582 
1583 	ret->app_verify_callback=0;
1584 	ret->app_verify_arg=NULL;
1585 
1586 	ret->max_cert_list=SSL_MAX_CERT_LIST_DEFAULT;
1587 	ret->read_ahead=0;
1588 	ret->msg_callback=0;
1589 	ret->msg_callback_arg=NULL;
1590 	ret->verify_mode=SSL_VERIFY_NONE;
1591 #if 0
1592 	ret->verify_depth=-1; /* Don't impose a limit (but x509_lu.c does) */
1593 #endif
1594 	ret->sid_ctx_length=0;
1595 	ret->default_verify_callback=NULL;
1596 	if ((ret->cert=ssl_cert_new()) == NULL)
1597 		goto err;
1598 
1599 	ret->default_passwd_callback=0;
1600 	ret->default_passwd_callback_userdata=NULL;
1601 	ret->client_cert_cb=0;
1602 	ret->app_gen_cookie_cb=0;
1603 	ret->app_verify_cookie_cb=0;
1604 
1605 	ret->sessions=lh_SSL_SESSION_new();
1606 	if (ret->sessions == NULL) goto err;
1607 	ret->cert_store=X509_STORE_new();
1608 	if (ret->cert_store == NULL) goto err;
1609 
1610 	ssl_create_cipher_list(ret->method,
1611 		&ret->cipher_list,&ret->cipher_list_by_id,
1612 		meth->version == SSL2_VERSION ? "SSLv2" : SSL_DEFAULT_CIPHER_LIST);
1613 	if (ret->cipher_list == NULL
1614 	    || sk_SSL_CIPHER_num(ret->cipher_list) <= 0)
1615 		{
1616 		SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_LIBRARY_HAS_NO_CIPHERS);
1617 		goto err2;
1618 		}
1619 
1620 	ret->param = X509_VERIFY_PARAM_new();
1621 	if (!ret->param)
1622 		goto err;
1623 
1624 	if ((ret->rsa_md5=EVP_get_digestbyname("ssl2-md5")) == NULL)
1625 		{
1626 		SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES);
1627 		goto err2;
1628 		}
1629 	if ((ret->md5=EVP_get_digestbyname("ssl3-md5")) == NULL)
1630 		{
1631 		SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES);
1632 		goto err2;
1633 		}
1634 	if ((ret->sha1=EVP_get_digestbyname("ssl3-sha1")) == NULL)
1635 		{
1636 		SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES);
1637 		goto err2;
1638 		}
1639 
1640 	if ((ret->client_CA=sk_X509_NAME_new_null()) == NULL)
1641 		goto err;
1642 
1643 	CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ret, &ret->ex_data);
1644 
1645 	ret->extra_certs=NULL;
1646 	ret->comp_methods=SSL_COMP_get_compression_methods();
1647 
1648 	ret->max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH;
1649 
1650 #ifndef OPENSSL_NO_TLSEXT
1651 	ret->tlsext_servername_callback = 0;
1652 	ret->tlsext_servername_arg = NULL;
1653 	/* Setup RFC4507 ticket keys */
1654 	if ((RAND_pseudo_bytes(ret->tlsext_tick_key_name, 16) <= 0)
1655 		|| (RAND_bytes(ret->tlsext_tick_hmac_key, 16) <= 0)
1656 		|| (RAND_bytes(ret->tlsext_tick_aes_key, 16) <= 0))
1657 		ret->options |= SSL_OP_NO_TICKET;
1658 
1659 	ret->tlsext_status_cb = 0;
1660 	ret->tlsext_status_arg = NULL;
1661 
1662 #endif
1663 #ifndef OPENSSL_NO_PSK
1664 	ret->psk_identity_hint=NULL;
1665 	ret->psk_client_callback=NULL;
1666 	ret->psk_server_callback=NULL;
1667 #endif
1668 #ifndef OPENSSL_NO_SRP
1669 	SSL_CTX_SRP_CTX_init(ret);
1670 #endif
1671 #ifndef OPENSSL_NO_BUF_FREELISTS
1672 	ret->freelist_max_len = SSL_MAX_BUF_FREELIST_LEN_DEFAULT;
1673 	ret->rbuf_freelist = OPENSSL_malloc(sizeof(SSL3_BUF_FREELIST));
1674 	if (!ret->rbuf_freelist)
1675 		goto err;
1676 	ret->rbuf_freelist->chunklen = 0;
1677 	ret->rbuf_freelist->len = 0;
1678 	ret->rbuf_freelist->head = NULL;
1679 	ret->wbuf_freelist = OPENSSL_malloc(sizeof(SSL3_BUF_FREELIST));
1680 	if (!ret->wbuf_freelist)
1681 		{
1682 		OPENSSL_free(ret->rbuf_freelist);
1683 		goto err;
1684 		}
1685 	ret->wbuf_freelist->chunklen = 0;
1686 	ret->wbuf_freelist->len = 0;
1687 	ret->wbuf_freelist->head = NULL;
1688 #endif
1689 #ifndef OPENSSL_NO_ENGINE
1690 	ret->client_cert_engine = NULL;
1691 #ifdef OPENSSL_SSL_CLIENT_ENGINE_AUTO
1692 #define eng_strx(x)	#x
1693 #define eng_str(x)	eng_strx(x)
1694 	/* Use specific client engine automatically... ignore errors */
1695 	{
1696 	ENGINE *eng;
1697 	eng = ENGINE_by_id(eng_str(OPENSSL_SSL_CLIENT_ENGINE_AUTO));
1698 	if (!eng)
1699 		{
1700 		ERR_clear_error();
1701 		ENGINE_load_builtin_engines();
1702 		eng = ENGINE_by_id(eng_str(OPENSSL_SSL_CLIENT_ENGINE_AUTO));
1703 		}
1704 	if (!eng || !SSL_CTX_set_client_cert_engine(ret, eng))
1705 		ERR_clear_error();
1706 	}
1707 #endif
1708 #endif
1709 	/* Default is to connect to non-RI servers. When RI is more widely
1710 	 * deployed might change this.
1711 	 */
1712 	ret->options |= SSL_OP_LEGACY_SERVER_CONNECT;
1713 	/* Disable TLS v1.2 by default for now */
1714 	ret->options |= SSL_OP_NO_TLSv1_2;
1715 
1716 	return(ret);
1717 err:
1718 	SSLerr(SSL_F_SSL_CTX_NEW,ERR_R_MALLOC_FAILURE);
1719 err2:
1720 	if (ret != NULL) SSL_CTX_free(ret);
1721 	return(NULL);
1722 	}
1723 
1724 #if 0
1725 static void SSL_COMP_free(SSL_COMP *comp)
1726     { OPENSSL_free(comp); }
1727 #endif
1728 
1729 #ifndef OPENSSL_NO_BUF_FREELISTS
1730 static void
1731 ssl_buf_freelist_free(SSL3_BUF_FREELIST *list)
1732 	{
1733 	SSL3_BUF_FREELIST_ENTRY *ent, *next;
1734 	for (ent = list->head; ent; ent = next)
1735 		{
1736 		next = ent->next;
1737 		OPENSSL_free(ent);
1738 		}
1739 	OPENSSL_free(list);
1740 	}
1741 #endif
1742 
1743 void SSL_CTX_free(SSL_CTX *a)
1744 	{
1745 	int i;
1746 
1747 	if (a == NULL) return;
1748 
1749 	i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_SSL_CTX);
1750 #ifdef REF_PRINT
1751 	REF_PRINT("SSL_CTX",a);
1752 #endif
1753 	if (i > 0) return;
1754 #ifdef REF_CHECK
1755 	if (i < 0)
1756 		{
1757 		fprintf(stderr,"SSL_CTX_free, bad reference count\n");
1758 		abort(); /* ok */
1759 		}
1760 #endif
1761 
1762 	if (a->param)
1763 		X509_VERIFY_PARAM_free(a->param);
1764 
1765 	/*
1766 	 * Free internal session cache. However: the remove_cb() may reference
1767 	 * the ex_data of SSL_CTX, thus the ex_data store can only be removed
1768 	 * after the sessions were flushed.
1769 	 * As the ex_data handling routines might also touch the session cache,
1770 	 * the most secure solution seems to be: empty (flush) the cache, then
1771 	 * free ex_data, then finally free the cache.
1772 	 * (See ticket [openssl.org #212].)
1773 	 */
1774 	if (a->sessions != NULL)
1775 		SSL_CTX_flush_sessions(a,0);
1776 
1777 	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_CTX, a, &a->ex_data);
1778 
1779 	if (a->sessions != NULL)
1780 		lh_SSL_SESSION_free(a->sessions);
1781 
1782 	if (a->cert_store != NULL)
1783 		X509_STORE_free(a->cert_store);
1784 	if (a->cipher_list != NULL)
1785 		sk_SSL_CIPHER_free(a->cipher_list);
1786 	if (a->cipher_list_by_id != NULL)
1787 		sk_SSL_CIPHER_free(a->cipher_list_by_id);
1788 	if (a->cert != NULL)
1789 		ssl_cert_free(a->cert);
1790 	if (a->client_CA != NULL)
1791 		sk_X509_NAME_pop_free(a->client_CA,X509_NAME_free);
1792 	if (a->extra_certs != NULL)
1793 		sk_X509_pop_free(a->extra_certs,X509_free);
1794 #if 0 /* This should never be done, since it removes a global database */
1795 	if (a->comp_methods != NULL)
1796 		sk_SSL_COMP_pop_free(a->comp_methods,SSL_COMP_free);
1797 #else
1798 	a->comp_methods = NULL;
1799 #endif
1800 
1801 #ifndef OPENSSL_NO_PSK
1802 	if (a->psk_identity_hint)
1803 		OPENSSL_free(a->psk_identity_hint);
1804 #endif
1805 #ifndef OPENSSL_NO_SRP
1806 	SSL_CTX_SRP_CTX_free(a);
1807 #endif
1808 #ifndef OPENSSL_NO_ENGINE
1809 	if (a->client_cert_engine)
1810 		ENGINE_finish(a->client_cert_engine);
1811 #endif
1812 
1813 #ifndef OPENSSL_NO_BUF_FREELISTS
1814 	if (a->wbuf_freelist)
1815 		ssl_buf_freelist_free(a->wbuf_freelist);
1816 	if (a->rbuf_freelist)
1817 		ssl_buf_freelist_free(a->rbuf_freelist);
1818 #endif
1819 
1820 	OPENSSL_free(a);
1821 	}
1822 
1823 void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb)
1824 	{
1825 	ctx->default_passwd_callback=cb;
1826 	}
1827 
1828 void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx,void *u)
1829 	{
1830 	ctx->default_passwd_callback_userdata=u;
1831 	}
1832 
1833 void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, int (*cb)(X509_STORE_CTX *,void *), void *arg)
1834 	{
1835 	ctx->app_verify_callback=cb;
1836 	ctx->app_verify_arg=arg;
1837 	}
1838 
1839 void SSL_CTX_set_verify(SSL_CTX *ctx,int mode,int (*cb)(int, X509_STORE_CTX *))
1840 	{
1841 	ctx->verify_mode=mode;
1842 	ctx->default_verify_callback=cb;
1843 	}
1844 
1845 void SSL_CTX_set_verify_depth(SSL_CTX *ctx,int depth)
1846 	{
1847 	X509_VERIFY_PARAM_set_depth(ctx->param, depth);
1848 	}
1849 
1850 void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
1851 	{
1852 	CERT_PKEY *cpk;
1853 	int rsa_enc,rsa_tmp,rsa_sign,dh_tmp,dh_rsa,dh_dsa,dsa_sign;
1854 	int rsa_enc_export,dh_rsa_export,dh_dsa_export;
1855 	int rsa_tmp_export,dh_tmp_export,kl;
1856 	unsigned long mask_k,mask_a,emask_k,emask_a;
1857 	int have_ecc_cert, ecdh_ok, ecdsa_ok, ecc_pkey_size;
1858 #ifndef OPENSSL_NO_ECDH
1859 	int have_ecdh_tmp;
1860 #endif
1861 	X509 *x = NULL;
1862 	EVP_PKEY *ecc_pkey = NULL;
1863 	int signature_nid = 0;
1864 
1865 	if (c == NULL) return;
1866 
1867 	kl=SSL_C_EXPORT_PKEYLENGTH(cipher);
1868 
1869 #ifndef OPENSSL_NO_RSA
1870 	rsa_tmp=(c->rsa_tmp != NULL || c->rsa_tmp_cb != NULL);
1871 	rsa_tmp_export=(c->rsa_tmp_cb != NULL ||
1872 		(rsa_tmp && RSA_size(c->rsa_tmp)*8 <= kl));
1873 #else
1874 	rsa_tmp=rsa_tmp_export=0;
1875 #endif
1876 #ifndef OPENSSL_NO_DH
1877 	dh_tmp=(c->dh_tmp != NULL || c->dh_tmp_cb != NULL);
1878 	dh_tmp_export=(c->dh_tmp_cb != NULL ||
1879 		(dh_tmp && DH_size(c->dh_tmp)*8 <= kl));
1880 #else
1881 	dh_tmp=dh_tmp_export=0;
1882 #endif
1883 
1884 #ifndef OPENSSL_NO_ECDH
1885 	have_ecdh_tmp=(c->ecdh_tmp != NULL || c->ecdh_tmp_cb != NULL);
1886 #endif
1887 	cpk= &(c->pkeys[SSL_PKEY_RSA_ENC]);
1888 	rsa_enc= (cpk->x509 != NULL && cpk->privatekey != NULL);
1889 	rsa_enc_export=(rsa_enc && EVP_PKEY_size(cpk->privatekey)*8 <= kl);
1890 	cpk= &(c->pkeys[SSL_PKEY_RSA_SIGN]);
1891 	rsa_sign=(cpk->x509 != NULL && cpk->privatekey != NULL);
1892 	cpk= &(c->pkeys[SSL_PKEY_DSA_SIGN]);
1893 	dsa_sign=(cpk->x509 != NULL && cpk->privatekey != NULL);
1894 	cpk= &(c->pkeys[SSL_PKEY_DH_RSA]);
1895 	dh_rsa=  (cpk->x509 != NULL && cpk->privatekey != NULL);
1896 	dh_rsa_export=(dh_rsa && EVP_PKEY_size(cpk->privatekey)*8 <= kl);
1897 	cpk= &(c->pkeys[SSL_PKEY_DH_DSA]);
1898 /* FIX THIS EAY EAY EAY */
1899 	dh_dsa=  (cpk->x509 != NULL && cpk->privatekey != NULL);
1900 	dh_dsa_export=(dh_dsa && EVP_PKEY_size(cpk->privatekey)*8 <= kl);
1901 	cpk= &(c->pkeys[SSL_PKEY_ECC]);
1902 	have_ecc_cert= (cpk->x509 != NULL && cpk->privatekey != NULL);
1903 	mask_k=0;
1904 	mask_a=0;
1905 	emask_k=0;
1906 	emask_a=0;
1907 
1908 
1909 
1910 #ifdef CIPHER_DEBUG
1911 	printf("rt=%d rte=%d dht=%d ecdht=%d re=%d ree=%d rs=%d ds=%d dhr=%d dhd=%d\n",
1912 	        rsa_tmp,rsa_tmp_export,dh_tmp,have_ecdh_tmp,
1913 		rsa_enc,rsa_enc_export,rsa_sign,dsa_sign,dh_rsa,dh_dsa);
1914 #endif
1915 
1916 	cpk = &(c->pkeys[SSL_PKEY_GOST01]);
1917 	if (cpk->x509 != NULL && cpk->privatekey !=NULL) {
1918 		mask_k |= SSL_kGOST;
1919 		mask_a |= SSL_aGOST01;
1920 	}
1921 	cpk = &(c->pkeys[SSL_PKEY_GOST94]);
1922 	if (cpk->x509 != NULL && cpk->privatekey !=NULL) {
1923 		mask_k |= SSL_kGOST;
1924 		mask_a |= SSL_aGOST94;
1925 	}
1926 
1927 	if (rsa_enc || (rsa_tmp && rsa_sign))
1928 		mask_k|=SSL_kRSA;
1929 	if (rsa_enc_export || (rsa_tmp_export && (rsa_sign || rsa_enc)))
1930 		emask_k|=SSL_kRSA;
1931 
1932 #if 0
1933 	/* The match needs to be both kEDH and aRSA or aDSA, so don't worry */
1934 	if (	(dh_tmp || dh_rsa || dh_dsa) &&
1935 		(rsa_enc || rsa_sign || dsa_sign))
1936 		mask_k|=SSL_kEDH;
1937 	if ((dh_tmp_export || dh_rsa_export || dh_dsa_export) &&
1938 		(rsa_enc || rsa_sign || dsa_sign))
1939 		emask_k|=SSL_kEDH;
1940 #endif
1941 
1942 	if (dh_tmp_export)
1943 		emask_k|=SSL_kEDH;
1944 
1945 	if (dh_tmp)
1946 		mask_k|=SSL_kEDH;
1947 
1948 	if (dh_rsa) mask_k|=SSL_kDHr;
1949 	if (dh_rsa_export) emask_k|=SSL_kDHr;
1950 
1951 	if (dh_dsa) mask_k|=SSL_kDHd;
1952 	if (dh_dsa_export) emask_k|=SSL_kDHd;
1953 
1954 	if (rsa_enc || rsa_sign)
1955 		{
1956 		mask_a|=SSL_aRSA;
1957 		emask_a|=SSL_aRSA;
1958 		}
1959 
1960 	if (dsa_sign)
1961 		{
1962 		mask_a|=SSL_aDSS;
1963 		emask_a|=SSL_aDSS;
1964 		}
1965 
1966 	mask_a|=SSL_aNULL;
1967 	emask_a|=SSL_aNULL;
1968 
1969 #ifndef OPENSSL_NO_KRB5
1970 	mask_k|=SSL_kKRB5;
1971 	mask_a|=SSL_aKRB5;
1972 	emask_k|=SSL_kKRB5;
1973 	emask_a|=SSL_aKRB5;
1974 #endif
1975 
1976 	/* An ECC certificate may be usable for ECDH and/or
1977 	 * ECDSA cipher suites depending on the key usage extension.
1978 	 */
1979 	if (have_ecc_cert)
1980 		{
1981 		/* This call populates extension flags (ex_flags) */
1982 		x = (c->pkeys[SSL_PKEY_ECC]).x509;
1983 		X509_check_purpose(x, -1, 0);
1984 		ecdh_ok = (x->ex_flags & EXFLAG_KUSAGE) ?
1985 		    (x->ex_kusage & X509v3_KU_KEY_AGREEMENT) : 1;
1986 		ecdsa_ok = (x->ex_flags & EXFLAG_KUSAGE) ?
1987 		    (x->ex_kusage & X509v3_KU_DIGITAL_SIGNATURE) : 1;
1988 		ecc_pkey = X509_get_pubkey(x);
1989 		ecc_pkey_size = (ecc_pkey != NULL) ?
1990 		    EVP_PKEY_bits(ecc_pkey) : 0;
1991 		EVP_PKEY_free(ecc_pkey);
1992 		if ((x->sig_alg) && (x->sig_alg->algorithm))
1993 			signature_nid = OBJ_obj2nid(x->sig_alg->algorithm);
1994 #ifndef OPENSSL_NO_ECDH
1995 		if (ecdh_ok)
1996 			{
1997 			const char *sig = OBJ_nid2ln(signature_nid);
1998 			if (sig == NULL)
1999 				{
2000 				ERR_clear_error();
2001 				sig = "unknown";
2002 				}
2003 
2004 			if (strstr(sig, "WithRSA"))
2005 				{
2006 				mask_k|=SSL_kECDHr;
2007 				mask_a|=SSL_aECDH;
2008 				if (ecc_pkey_size <= 163)
2009 					{
2010 					emask_k|=SSL_kECDHr;
2011 					emask_a|=SSL_aECDH;
2012 					}
2013 				}
2014 
2015 			if (signature_nid == NID_ecdsa_with_SHA1)
2016 				{
2017 				mask_k|=SSL_kECDHe;
2018 				mask_a|=SSL_aECDH;
2019 				if (ecc_pkey_size <= 163)
2020 					{
2021 					emask_k|=SSL_kECDHe;
2022 					emask_a|=SSL_aECDH;
2023 					}
2024 				}
2025 			}
2026 #endif
2027 #ifndef OPENSSL_NO_ECDSA
2028 		if (ecdsa_ok)
2029 			{
2030 			mask_a|=SSL_aECDSA;
2031 			emask_a|=SSL_aECDSA;
2032 			}
2033 #endif
2034 		}
2035 
2036 #ifndef OPENSSL_NO_ECDH
2037 	if (have_ecdh_tmp)
2038 		{
2039 		mask_k|=SSL_kEECDH;
2040 		emask_k|=SSL_kEECDH;
2041 		}
2042 #endif
2043 
2044 #ifndef OPENSSL_NO_PSK
2045 	mask_k |= SSL_kPSK;
2046 	mask_a |= SSL_aPSK;
2047 	emask_k |= SSL_kPSK;
2048 	emask_a |= SSL_aPSK;
2049 #endif
2050 
2051 	c->mask_k=mask_k;
2052 	c->mask_a=mask_a;
2053 	c->export_mask_k=emask_k;
2054 	c->export_mask_a=emask_a;
2055 	c->valid=1;
2056 	}
2057 
2058 /* This handy macro borrowed from crypto/x509v3/v3_purp.c */
2059 #define ku_reject(x, usage) \
2060 	(((x)->ex_flags & EXFLAG_KUSAGE) && !((x)->ex_kusage & (usage)))
2061 
2062 #ifndef OPENSSL_NO_EC
2063 
2064 int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
2065 	{
2066 	unsigned long alg_k, alg_a;
2067 	EVP_PKEY *pkey = NULL;
2068 	int keysize = 0;
2069 	int signature_nid = 0;
2070 	const SSL_CIPHER *cs = s->s3->tmp.new_cipher;
2071 
2072 	alg_k = cs->algorithm_mkey;
2073 	alg_a = cs->algorithm_auth;
2074 
2075 	if (SSL_C_IS_EXPORT(cs))
2076 		{
2077 		/* ECDH key length in export ciphers must be <= 163 bits */
2078 		pkey = X509_get_pubkey(x);
2079 		if (pkey == NULL) return 0;
2080 		keysize = EVP_PKEY_bits(pkey);
2081 		EVP_PKEY_free(pkey);
2082 		if (keysize > 163) return 0;
2083 		}
2084 
2085 	/* This call populates the ex_flags field correctly */
2086 	X509_check_purpose(x, -1, 0);
2087 	if ((x->sig_alg) && (x->sig_alg->algorithm))
2088 		signature_nid = OBJ_obj2nid(x->sig_alg->algorithm);
2089 	if (alg_k & SSL_kECDHe || alg_k & SSL_kECDHr)
2090 		{
2091 		/* key usage, if present, must allow key agreement */
2092 		if (ku_reject(x, X509v3_KU_KEY_AGREEMENT))
2093 			{
2094 			SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG, SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT);
2095 			return 0;
2096 			}
2097 		if ((alg_k & SSL_kECDHe) && TLS1_get_version(s) < TLS1_2_VERSION)
2098 			{
2099 			/* signature alg must be ECDSA */
2100 			if (signature_nid != NID_ecdsa_with_SHA1)
2101 				{
2102 				SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG, SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE);
2103 				return 0;
2104 				}
2105 			}
2106 		if ((alg_k & SSL_kECDHr) && TLS1_get_version(s) < TLS1_2_VERSION)
2107 			{
2108 			/* signature alg must be RSA */
2109 
2110 			const char *sig = OBJ_nid2ln(signature_nid);
2111 			if (sig == NULL)
2112 				{
2113 				ERR_clear_error();
2114 				sig = "unknown";
2115 				}
2116 			if (strstr(sig, "WithRSA") == NULL)
2117 				{
2118 				SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG, SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE);
2119 				return 0;
2120 				}
2121 			}
2122 		}
2123 	if (alg_a & SSL_aECDSA)
2124 		{
2125 		/* key usage, if present, must allow signing */
2126 		if (ku_reject(x, X509v3_KU_DIGITAL_SIGNATURE))
2127 			{
2128 			SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG, SSL_R_ECC_CERT_NOT_FOR_SIGNING);
2129 			return 0;
2130 			}
2131 		}
2132 
2133 	return 1;  /* all checks are ok */
2134 	}
2135 
2136 #endif
2137 
2138 /* THIS NEEDS CLEANING UP */
2139 X509 *ssl_get_server_send_cert(SSL *s)
2140 	{
2141 	unsigned long alg_k,alg_a;
2142 	CERT *c;
2143 	int i;
2144 
2145 	c=s->cert;
2146 	ssl_set_cert_masks(c, s->s3->tmp.new_cipher);
2147 
2148 	alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
2149 	alg_a = s->s3->tmp.new_cipher->algorithm_auth;
2150 
2151 	if (alg_k & (SSL_kECDHr|SSL_kECDHe))
2152 		{
2153 		/* we don't need to look at SSL_kEECDH
2154 		 * since no certificate is needed for
2155 		 * anon ECDH and for authenticated
2156 		 * EECDH, the check for the auth
2157 		 * algorithm will set i correctly
2158 		 * NOTE: For ECDH-RSA, we need an ECC
2159 		 * not an RSA cert but for EECDH-RSA
2160 		 * we need an RSA cert. Placing the
2161 		 * checks for SSL_kECDH before RSA
2162 		 * checks ensures the correct cert is chosen.
2163 		 */
2164 		i=SSL_PKEY_ECC;
2165 		}
2166 	else if (alg_a & SSL_aECDSA)
2167 		{
2168 		i=SSL_PKEY_ECC;
2169 		}
2170 	else if (alg_k & SSL_kDHr)
2171 		i=SSL_PKEY_DH_RSA;
2172 	else if (alg_k & SSL_kDHd)
2173 		i=SSL_PKEY_DH_DSA;
2174 	else if (alg_a & SSL_aDSS)
2175 		i=SSL_PKEY_DSA_SIGN;
2176 	else if (alg_a & SSL_aRSA)
2177 		{
2178 		if (c->pkeys[SSL_PKEY_RSA_ENC].x509 == NULL)
2179 			i=SSL_PKEY_RSA_SIGN;
2180 		else
2181 			i=SSL_PKEY_RSA_ENC;
2182 		}
2183 	else if (alg_a & SSL_aKRB5)
2184 		{
2185 		/* VRS something else here? */
2186 		return(NULL);
2187 		}
2188 	else if (alg_a & SSL_aGOST94)
2189 		i=SSL_PKEY_GOST94;
2190 	else if (alg_a & SSL_aGOST01)
2191 		i=SSL_PKEY_GOST01;
2192 	else /* if (alg_a & SSL_aNULL) */
2193 		{
2194 		SSLerr(SSL_F_SSL_GET_SERVER_SEND_CERT,ERR_R_INTERNAL_ERROR);
2195 		return(NULL);
2196 		}
2197 	if (c->pkeys[i].x509 == NULL) return(NULL);
2198 
2199 	return(c->pkeys[i].x509);
2200 	}
2201 
2202 EVP_PKEY *ssl_get_sign_pkey(SSL *s,const SSL_CIPHER *cipher, const EVP_MD **pmd)
2203 	{
2204 	unsigned long alg_a;
2205 	CERT *c;
2206 	int idx = -1;
2207 
2208 	alg_a = cipher->algorithm_auth;
2209 	c=s->cert;
2210 
2211 	if ((alg_a & SSL_aDSS) &&
2212 		(c->pkeys[SSL_PKEY_DSA_SIGN].privatekey != NULL))
2213 		idx = SSL_PKEY_DSA_SIGN;
2214 	else if (alg_a & SSL_aRSA)
2215 		{
2216 		if (c->pkeys[SSL_PKEY_RSA_SIGN].privatekey != NULL)
2217 			idx = SSL_PKEY_RSA_SIGN;
2218 		else if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey != NULL)
2219 			idx = SSL_PKEY_RSA_ENC;
2220 		}
2221 	else if ((alg_a & SSL_aECDSA) &&
2222 	         (c->pkeys[SSL_PKEY_ECC].privatekey != NULL))
2223 		idx = SSL_PKEY_ECC;
2224 	if (idx == -1)
2225 		{
2226 		SSLerr(SSL_F_SSL_GET_SIGN_PKEY,ERR_R_INTERNAL_ERROR);
2227 		return(NULL);
2228 		}
2229 	if (pmd)
2230 		*pmd = c->pkeys[idx].digest;
2231 	return c->pkeys[idx].privatekey;
2232 	}
2233 
2234 void ssl_update_cache(SSL *s,int mode)
2235 	{
2236 	int i;
2237 
2238 	/* If the session_id_length is 0, we are not supposed to cache it,
2239 	 * and it would be rather hard to do anyway :-) */
2240 	if (s->session->session_id_length == 0) return;
2241 
2242 	i=s->session_ctx->session_cache_mode;
2243 	if ((i & mode) && (!s->hit)
2244 		&& ((i & SSL_SESS_CACHE_NO_INTERNAL_STORE)
2245 		    || SSL_CTX_add_session(s->session_ctx,s->session))
2246 		&& (s->session_ctx->new_session_cb != NULL))
2247 		{
2248 		CRYPTO_add(&s->session->references,1,CRYPTO_LOCK_SSL_SESSION);
2249 		if (!s->session_ctx->new_session_cb(s,s->session))
2250 			SSL_SESSION_free(s->session);
2251 		}
2252 
2253 	/* auto flush every 255 connections */
2254 	if ((!(i & SSL_SESS_CACHE_NO_AUTO_CLEAR)) &&
2255 		((i & mode) == mode))
2256 		{
2257 		if (  (((mode & SSL_SESS_CACHE_CLIENT)
2258 			?s->session_ctx->stats.sess_connect_good
2259 			:s->session_ctx->stats.sess_accept_good) & 0xff) == 0xff)
2260 			{
2261 			SSL_CTX_flush_sessions(s->session_ctx,(unsigned long)time(NULL));
2262 			}
2263 		}
2264 	}
2265 
2266 const SSL_METHOD *SSL_get_ssl_method(SSL *s)
2267 	{
2268 	return(s->method);
2269 	}
2270 
2271 int SSL_set_ssl_method(SSL *s, const SSL_METHOD *meth)
2272 	{
2273 	int conn= -1;
2274 	int ret=1;
2275 
2276 	if (s->method != meth)
2277 		{
2278 		if (s->handshake_func != NULL)
2279 			conn=(s->handshake_func == s->method->ssl_connect);
2280 
2281 		if (s->method->version == meth->version)
2282 			s->method=meth;
2283 		else
2284 			{
2285 			s->method->ssl_free(s);
2286 			s->method=meth;
2287 			ret=s->method->ssl_new(s);
2288 			}
2289 
2290 		if (conn == 1)
2291 			s->handshake_func=meth->ssl_connect;
2292 		else if (conn == 0)
2293 			s->handshake_func=meth->ssl_accept;
2294 		}
2295 	return(ret);
2296 	}
2297 
2298 int SSL_get_error(const SSL *s,int i)
2299 	{
2300 	int reason;
2301 	unsigned long l;
2302 	BIO *bio;
2303 
2304 	if (i > 0) return(SSL_ERROR_NONE);
2305 
2306 	/* Make things return SSL_ERROR_SYSCALL when doing SSL_do_handshake
2307 	 * etc, where we do encode the error */
2308 	if ((l=ERR_peek_error()) != 0)
2309 		{
2310 		if (ERR_GET_LIB(l) == ERR_LIB_SYS)
2311 			return(SSL_ERROR_SYSCALL);
2312 		else
2313 			return(SSL_ERROR_SSL);
2314 		}
2315 
2316 	if ((i < 0) && SSL_want_read(s))
2317 		{
2318 		bio=SSL_get_rbio(s);
2319 		if (BIO_should_read(bio))
2320 			return(SSL_ERROR_WANT_READ);
2321 		else if (BIO_should_write(bio))
2322 			/* This one doesn't make too much sense ... We never try
2323 			 * to write to the rbio, and an application program where
2324 			 * rbio and wbio are separate couldn't even know what it
2325 			 * should wait for.
2326 			 * However if we ever set s->rwstate incorrectly
2327 			 * (so that we have SSL_want_read(s) instead of
2328 			 * SSL_want_write(s)) and rbio and wbio *are* the same,
2329 			 * this test works around that bug; so it might be safer
2330 			 * to keep it. */
2331 			return(SSL_ERROR_WANT_WRITE);
2332 		else if (BIO_should_io_special(bio))
2333 			{
2334 			reason=BIO_get_retry_reason(bio);
2335 			if (reason == BIO_RR_CONNECT)
2336 				return(SSL_ERROR_WANT_CONNECT);
2337 			else if (reason == BIO_RR_ACCEPT)
2338 				return(SSL_ERROR_WANT_ACCEPT);
2339 			else
2340 				return(SSL_ERROR_SYSCALL); /* unknown */
2341 			}
2342 		}
2343 
2344 	if ((i < 0) && SSL_want_write(s))
2345 		{
2346 		bio=SSL_get_wbio(s);
2347 		if (BIO_should_write(bio))
2348 			return(SSL_ERROR_WANT_WRITE);
2349 		else if (BIO_should_read(bio))
2350 			/* See above (SSL_want_read(s) with BIO_should_write(bio)) */
2351 			return(SSL_ERROR_WANT_READ);
2352 		else if (BIO_should_io_special(bio))
2353 			{
2354 			reason=BIO_get_retry_reason(bio);
2355 			if (reason == BIO_RR_CONNECT)
2356 				return(SSL_ERROR_WANT_CONNECT);
2357 			else if (reason == BIO_RR_ACCEPT)
2358 				return(SSL_ERROR_WANT_ACCEPT);
2359 			else
2360 				return(SSL_ERROR_SYSCALL);
2361 			}
2362 		}
2363 	if ((i < 0) && SSL_want_x509_lookup(s))
2364 		{
2365 		return(SSL_ERROR_WANT_X509_LOOKUP);
2366 		}
2367 
2368 	if (i == 0)
2369 		{
2370 		if (s->version == SSL2_VERSION)
2371 			{
2372 			/* assume it is the socket being closed */
2373 			return(SSL_ERROR_ZERO_RETURN);
2374 			}
2375 		else
2376 			{
2377 			if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) &&
2378 				(s->s3->warn_alert == SSL_AD_CLOSE_NOTIFY))
2379 				return(SSL_ERROR_ZERO_RETURN);
2380 			}
2381 		}
2382 	return(SSL_ERROR_SYSCALL);
2383 	}
2384 
2385 int SSL_do_handshake(SSL *s)
2386 	{
2387 	int ret=1;
2388 
2389 	if (s->handshake_func == NULL)
2390 		{
2391 		SSLerr(SSL_F_SSL_DO_HANDSHAKE,SSL_R_CONNECTION_TYPE_NOT_SET);
2392 		return(-1);
2393 		}
2394 
2395 	s->method->ssl_renegotiate_check(s);
2396 
2397 	if (SSL_in_init(s) || SSL_in_before(s))
2398 		{
2399 		ret=s->handshake_func(s);
2400 		}
2401 	return(ret);
2402 	}
2403 
2404 /* For the next 2 functions, SSL_clear() sets shutdown and so
2405  * one of these calls will reset it */
2406 void SSL_set_accept_state(SSL *s)
2407 	{
2408 	s->server=1;
2409 	s->shutdown=0;
2410 	s->state=SSL_ST_ACCEPT|SSL_ST_BEFORE;
2411 	s->handshake_func=s->method->ssl_accept;
2412 	/* clear the current cipher */
2413 	ssl_clear_cipher_ctx(s);
2414 	ssl_clear_hash_ctx(&s->read_hash);
2415 	ssl_clear_hash_ctx(&s->write_hash);
2416 	}
2417 
2418 void SSL_set_connect_state(SSL *s)
2419 	{
2420 	s->server=0;
2421 	s->shutdown=0;
2422 	s->state=SSL_ST_CONNECT|SSL_ST_BEFORE;
2423 	s->handshake_func=s->method->ssl_connect;
2424 	/* clear the current cipher */
2425 	ssl_clear_cipher_ctx(s);
2426 	ssl_clear_hash_ctx(&s->read_hash);
2427 	ssl_clear_hash_ctx(&s->write_hash);
2428 	}
2429 
2430 int ssl_undefined_function(SSL *s)
2431 	{
2432 	SSLerr(SSL_F_SSL_UNDEFINED_FUNCTION,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2433 	return(0);
2434 	}
2435 
2436 int ssl_undefined_void_function(void)
2437 	{
2438 	SSLerr(SSL_F_SSL_UNDEFINED_VOID_FUNCTION,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2439 	return(0);
2440 	}
2441 
2442 int ssl_undefined_const_function(const SSL *s)
2443 	{
2444 	SSLerr(SSL_F_SSL_UNDEFINED_CONST_FUNCTION,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2445 	return(0);
2446 	}
2447 
2448 SSL_METHOD *ssl_bad_method(int ver)
2449 	{
2450 	SSLerr(SSL_F_SSL_BAD_METHOD,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2451 	return(NULL);
2452 	}
2453 
2454 const char *SSL_get_version(const SSL *s)
2455 	{
2456 	if (s->version == TLS1_2_VERSION)
2457 		return("TLSv1.2");
2458 	else if (s->version == TLS1_1_VERSION)
2459 		return("TLSv1.1");
2460 	if (s->version == TLS1_VERSION)
2461 		return("TLSv1");
2462 	else if (s->version == SSL3_VERSION)
2463 		return("SSLv3");
2464 	else if (s->version == SSL2_VERSION)
2465 		return("SSLv2");
2466 	else
2467 		return("unknown");
2468 	}
2469 
2470 SSL *SSL_dup(SSL *s)
2471 	{
2472 	STACK_OF(X509_NAME) *sk;
2473 	X509_NAME *xn;
2474 	SSL *ret;
2475 	int i;
2476 
2477 	if ((ret=SSL_new(SSL_get_SSL_CTX(s))) == NULL)
2478 	    return(NULL);
2479 
2480 	ret->version = s->version;
2481 	ret->type = s->type;
2482 	ret->method = s->method;
2483 
2484 	if (s->session != NULL)
2485 		{
2486 		/* This copies session-id, SSL_METHOD, sid_ctx, and 'cert' */
2487 		SSL_copy_session_id(ret,s);
2488 		}
2489 	else
2490 		{
2491 		/* No session has been established yet, so we have to expect
2492 		 * that s->cert or ret->cert will be changed later --
2493 		 * they should not both point to the same object,
2494 		 * and thus we can't use SSL_copy_session_id. */
2495 
2496 		ret->method->ssl_free(ret);
2497 		ret->method = s->method;
2498 		ret->method->ssl_new(ret);
2499 
2500 		if (s->cert != NULL)
2501 			{
2502 			if (ret->cert != NULL)
2503 				{
2504 				ssl_cert_free(ret->cert);
2505 				}
2506 			ret->cert = ssl_cert_dup(s->cert);
2507 			if (ret->cert == NULL)
2508 				goto err;
2509 			}
2510 
2511 		SSL_set_session_id_context(ret,
2512 			s->sid_ctx, s->sid_ctx_length);
2513 		}
2514 
2515 	ret->options=s->options;
2516 	ret->mode=s->mode;
2517 	SSL_set_max_cert_list(ret,SSL_get_max_cert_list(s));
2518 	SSL_set_read_ahead(ret,SSL_get_read_ahead(s));
2519 	ret->msg_callback = s->msg_callback;
2520 	ret->msg_callback_arg = s->msg_callback_arg;
2521 	SSL_set_verify(ret,SSL_get_verify_mode(s),
2522 		SSL_get_verify_callback(s));
2523 	SSL_set_verify_depth(ret,SSL_get_verify_depth(s));
2524 	ret->generate_session_id = s->generate_session_id;
2525 
2526 	SSL_set_info_callback(ret,SSL_get_info_callback(s));
2527 
2528 	ret->debug=s->debug;
2529 
2530 	/* copy app data, a little dangerous perhaps */
2531 	if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL, &ret->ex_data, &s->ex_data))
2532 		goto err;
2533 
2534 	/* setup rbio, and wbio */
2535 	if (s->rbio != NULL)
2536 		{
2537 		if (!BIO_dup_state(s->rbio,(char *)&ret->rbio))
2538 			goto err;
2539 		}
2540 	if (s->wbio != NULL)
2541 		{
2542 		if (s->wbio != s->rbio)
2543 			{
2544 			if (!BIO_dup_state(s->wbio,(char *)&ret->wbio))
2545 				goto err;
2546 			}
2547 		else
2548 			ret->wbio=ret->rbio;
2549 		}
2550 	ret->rwstate = s->rwstate;
2551 	ret->in_handshake = s->in_handshake;
2552 	ret->handshake_func = s->handshake_func;
2553 	ret->server = s->server;
2554 	ret->renegotiate = s->renegotiate;
2555 	ret->new_session = s->new_session;
2556 	ret->quiet_shutdown = s->quiet_shutdown;
2557 	ret->shutdown=s->shutdown;
2558 	ret->state=s->state; /* SSL_dup does not really work at any state, though */
2559 	ret->rstate=s->rstate;
2560 	ret->init_num = 0; /* would have to copy ret->init_buf, ret->init_msg, ret->init_num, ret->init_off */
2561 	ret->hit=s->hit;
2562 
2563 	X509_VERIFY_PARAM_inherit(ret->param, s->param);
2564 
2565 	/* dup the cipher_list and cipher_list_by_id stacks */
2566 	if (s->cipher_list != NULL)
2567 		{
2568 		if ((ret->cipher_list=sk_SSL_CIPHER_dup(s->cipher_list)) == NULL)
2569 			goto err;
2570 		}
2571 	if (s->cipher_list_by_id != NULL)
2572 		if ((ret->cipher_list_by_id=sk_SSL_CIPHER_dup(s->cipher_list_by_id))
2573 			== NULL)
2574 			goto err;
2575 
2576 	/* Dup the client_CA list */
2577 	if (s->client_CA != NULL)
2578 		{
2579 		if ((sk=sk_X509_NAME_dup(s->client_CA)) == NULL) goto err;
2580 		ret->client_CA=sk;
2581 		for (i=0; i<sk_X509_NAME_num(sk); i++)
2582 			{
2583 			xn=sk_X509_NAME_value(sk,i);
2584 			if (sk_X509_NAME_set(sk,i,X509_NAME_dup(xn)) == NULL)
2585 				{
2586 				X509_NAME_free(xn);
2587 				goto err;
2588 				}
2589 			}
2590 		}
2591 
2592 	if (0)
2593 		{
2594 err:
2595 		if (ret != NULL) SSL_free(ret);
2596 		ret=NULL;
2597 		}
2598 	return(ret);
2599 	}
2600 
2601 void ssl_clear_cipher_ctx(SSL *s)
2602 	{
2603 	if (s->enc_read_ctx != NULL)
2604 		{
2605 		EVP_CIPHER_CTX_cleanup(s->enc_read_ctx);
2606 		OPENSSL_free(s->enc_read_ctx);
2607 		s->enc_read_ctx=NULL;
2608 		}
2609 	if (s->enc_write_ctx != NULL)
2610 		{
2611 		EVP_CIPHER_CTX_cleanup(s->enc_write_ctx);
2612 		OPENSSL_free(s->enc_write_ctx);
2613 		s->enc_write_ctx=NULL;
2614 		}
2615 #ifndef OPENSSL_NO_COMP
2616 	if (s->expand != NULL)
2617 		{
2618 		COMP_CTX_free(s->expand);
2619 		s->expand=NULL;
2620 		}
2621 	if (s->compress != NULL)
2622 		{
2623 		COMP_CTX_free(s->compress);
2624 		s->compress=NULL;
2625 		}
2626 #endif
2627 	}
2628 
2629 /* Fix this function so that it takes an optional type parameter */
2630 X509 *SSL_get_certificate(const SSL *s)
2631 	{
2632 	if (s->cert != NULL)
2633 		return(s->cert->key->x509);
2634 	else
2635 		return(NULL);
2636 	}
2637 
2638 /* Fix this function so that it takes an optional type parameter */
2639 EVP_PKEY *SSL_get_privatekey(SSL *s)
2640 	{
2641 	if (s->cert != NULL)
2642 		return(s->cert->key->privatekey);
2643 	else
2644 		return(NULL);
2645 	}
2646 
2647 const SSL_CIPHER *SSL_get_current_cipher(const SSL *s)
2648 	{
2649 	if ((s->session != NULL) && (s->session->cipher != NULL))
2650 		return(s->session->cipher);
2651 	return(NULL);
2652 	}
2653 #ifdef OPENSSL_NO_COMP
2654 const void *SSL_get_current_compression(SSL *s)
2655 	{
2656 	return NULL;
2657 	}
2658 const void *SSL_get_current_expansion(SSL *s)
2659 	{
2660 	return NULL;
2661 	}
2662 #else
2663 
2664 const COMP_METHOD *SSL_get_current_compression(SSL *s)
2665 	{
2666 	if (s->compress != NULL)
2667 		return(s->compress->meth);
2668 	return(NULL);
2669 	}
2670 
2671 const COMP_METHOD *SSL_get_current_expansion(SSL *s)
2672 	{
2673 	if (s->expand != NULL)
2674 		return(s->expand->meth);
2675 	return(NULL);
2676 	}
2677 #endif
2678 
2679 int ssl_init_wbio_buffer(SSL *s,int push)
2680 	{
2681 	BIO *bbio;
2682 
2683 	if (s->bbio == NULL)
2684 		{
2685 		bbio=BIO_new(BIO_f_buffer());
2686 		if (bbio == NULL) return(0);
2687 		s->bbio=bbio;
2688 		}
2689 	else
2690 		{
2691 		bbio=s->bbio;
2692 		if (s->bbio == s->wbio)
2693 			s->wbio=BIO_pop(s->wbio);
2694 		}
2695 	(void)BIO_reset(bbio);
2696 /*	if (!BIO_set_write_buffer_size(bbio,16*1024)) */
2697 	if (!BIO_set_read_buffer_size(bbio,1))
2698 		{
2699 		SSLerr(SSL_F_SSL_INIT_WBIO_BUFFER,ERR_R_BUF_LIB);
2700 		return(0);
2701 		}
2702 	if (push)
2703 		{
2704 		if (s->wbio != bbio)
2705 			s->wbio=BIO_push(bbio,s->wbio);
2706 		}
2707 	else
2708 		{
2709 		if (s->wbio == bbio)
2710 			s->wbio=BIO_pop(bbio);
2711 		}
2712 	return(1);
2713 	}
2714 
2715 void ssl_free_wbio_buffer(SSL *s)
2716 	{
2717 	if (s->bbio == NULL) return;
2718 
2719 	if (s->bbio == s->wbio)
2720 		{
2721 		/* remove buffering */
2722 		s->wbio=BIO_pop(s->wbio);
2723 #ifdef REF_CHECK /* not the usual REF_CHECK, but this avoids adding one more preprocessor symbol */
2724 		assert(s->wbio != NULL);
2725 #endif
2726 	}
2727 	BIO_free(s->bbio);
2728 	s->bbio=NULL;
2729 	}
2730 
2731 void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx,int mode)
2732 	{
2733 	ctx->quiet_shutdown=mode;
2734 	}
2735 
2736 int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx)
2737 	{
2738 	return(ctx->quiet_shutdown);
2739 	}
2740 
2741 void SSL_set_quiet_shutdown(SSL *s,int mode)
2742 	{
2743 	s->quiet_shutdown=mode;
2744 	}
2745 
2746 int SSL_get_quiet_shutdown(const SSL *s)
2747 	{
2748 	return(s->quiet_shutdown);
2749 	}
2750 
2751 void SSL_set_shutdown(SSL *s,int mode)
2752 	{
2753 	s->shutdown=mode;
2754 	}
2755 
2756 int SSL_get_shutdown(const SSL *s)
2757 	{
2758 	return(s->shutdown);
2759 	}
2760 
2761 int SSL_version(const SSL *s)
2762 	{
2763 	return(s->version);
2764 	}
2765 
2766 SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl)
2767 	{
2768 	return(ssl->ctx);
2769 	}
2770 
2771 SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX* ctx)
2772 	{
2773 	if (ssl->ctx == ctx)
2774 		return ssl->ctx;
2775 #ifndef OPENSSL_NO_TLSEXT
2776 	if (ctx == NULL)
2777 		ctx = ssl->initial_ctx;
2778 #endif
2779 	if (ssl->cert != NULL)
2780 		ssl_cert_free(ssl->cert);
2781 	ssl->cert = ssl_cert_dup(ctx->cert);
2782 	CRYPTO_add(&ctx->references,1,CRYPTO_LOCK_SSL_CTX);
2783 	if (ssl->ctx != NULL)
2784 		SSL_CTX_free(ssl->ctx); /* decrement reference count */
2785 	ssl->ctx = ctx;
2786 	return(ssl->ctx);
2787 	}
2788 
2789 #ifndef OPENSSL_NO_STDIO
2790 int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx)
2791 	{
2792 	return(X509_STORE_set_default_paths(ctx->cert_store));
2793 	}
2794 
2795 int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
2796 		const char *CApath)
2797 	{
2798 	return(X509_STORE_load_locations(ctx->cert_store,CAfile,CApath));
2799 	}
2800 #endif
2801 
2802 void SSL_set_info_callback(SSL *ssl,
2803 	void (*cb)(const SSL *ssl,int type,int val))
2804 	{
2805 	ssl->info_callback=cb;
2806 	}
2807 
2808 /* One compiler (Diab DCC) doesn't like argument names in returned
2809    function pointer.  */
2810 void (*SSL_get_info_callback(const SSL *ssl))(const SSL * /*ssl*/,int /*type*/,int /*val*/)
2811 	{
2812 	return ssl->info_callback;
2813 	}
2814 
2815 int SSL_state(const SSL *ssl)
2816 	{
2817 	return(ssl->state);
2818 	}
2819 
2820 void SSL_set_state(SSL *ssl, int state)
2821 	{
2822 	ssl->state = state;
2823 	}
2824 
2825 void SSL_set_verify_result(SSL *ssl,long arg)
2826 	{
2827 	ssl->verify_result=arg;
2828 	}
2829 
2830 long SSL_get_verify_result(const SSL *ssl)
2831 	{
2832 	return(ssl->verify_result);
2833 	}
2834 
2835 int SSL_get_ex_new_index(long argl,void *argp,CRYPTO_EX_new *new_func,
2836 			 CRYPTO_EX_dup *dup_func,CRYPTO_EX_free *free_func)
2837 	{
2838 	return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL, argl, argp,
2839 				new_func, dup_func, free_func);
2840 	}
2841 
2842 int SSL_set_ex_data(SSL *s,int idx,void *arg)
2843 	{
2844 	return(CRYPTO_set_ex_data(&s->ex_data,idx,arg));
2845 	}
2846 
2847 void *SSL_get_ex_data(const SSL *s,int idx)
2848 	{
2849 	return(CRYPTO_get_ex_data(&s->ex_data,idx));
2850 	}
2851 
2852 int SSL_CTX_get_ex_new_index(long argl,void *argp,CRYPTO_EX_new *new_func,
2853 			     CRYPTO_EX_dup *dup_func,CRYPTO_EX_free *free_func)
2854 	{
2855 	return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX, argl, argp,
2856 				new_func, dup_func, free_func);
2857 	}
2858 
2859 int SSL_CTX_set_ex_data(SSL_CTX *s,int idx,void *arg)
2860 	{
2861 	return(CRYPTO_set_ex_data(&s->ex_data,idx,arg));
2862 	}
2863 
2864 void *SSL_CTX_get_ex_data(const SSL_CTX *s,int idx)
2865 	{
2866 	return(CRYPTO_get_ex_data(&s->ex_data,idx));
2867 	}
2868 
2869 int ssl_ok(SSL *s)
2870 	{
2871 	return(1);
2872 	}
2873 
2874 X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *ctx)
2875 	{
2876 	return(ctx->cert_store);
2877 	}
2878 
2879 void SSL_CTX_set_cert_store(SSL_CTX *ctx,X509_STORE *store)
2880 	{
2881 	if (ctx->cert_store != NULL)
2882 		X509_STORE_free(ctx->cert_store);
2883 	ctx->cert_store=store;
2884 	}
2885 
2886 int SSL_want(const SSL *s)
2887 	{
2888 	return(s->rwstate);
2889 	}
2890 
2891 /*!
2892  * \brief Set the callback for generating temporary RSA keys.
2893  * \param ctx the SSL context.
2894  * \param cb the callback
2895  */
2896 
2897 #ifndef OPENSSL_NO_RSA
2898 void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx,RSA *(*cb)(SSL *ssl,
2899 							  int is_export,
2900 							  int keylength))
2901     {
2902     SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TMP_RSA_CB,(void (*)(void))cb);
2903     }
2904 
2905 void SSL_set_tmp_rsa_callback(SSL *ssl,RSA *(*cb)(SSL *ssl,
2906 						  int is_export,
2907 						  int keylength))
2908     {
2909     SSL_callback_ctrl(ssl,SSL_CTRL_SET_TMP_RSA_CB,(void (*)(void))cb);
2910     }
2911 #endif
2912 
2913 #ifdef DOXYGEN
2914 /*!
2915  * \brief The RSA temporary key callback function.
2916  * \param ssl the SSL session.
2917  * \param is_export \c TRUE if the temp RSA key is for an export ciphersuite.
2918  * \param keylength if \c is_export is \c TRUE, then \c keylength is the size
2919  * of the required key in bits.
2920  * \return the temporary RSA key.
2921  * \sa SSL_CTX_set_tmp_rsa_callback, SSL_set_tmp_rsa_callback
2922  */
2923 
2924 RSA *cb(SSL *ssl,int is_export,int keylength)
2925     {}
2926 #endif
2927 
2928 /*!
2929  * \brief Set the callback for generating temporary DH keys.
2930  * \param ctx the SSL context.
2931  * \param dh the callback
2932  */
2933 
2934 #ifndef OPENSSL_NO_DH
2935 void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,DH *(*dh)(SSL *ssl,int is_export,
2936                                                         int keylength))
2937 	{
2938 	SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TMP_DH_CB,(void (*)(void))dh);
2939 	}
2940 
2941 void SSL_set_tmp_dh_callback(SSL *ssl,DH *(*dh)(SSL *ssl,int is_export,
2942                                                 int keylength))
2943 	{
2944 	SSL_callback_ctrl(ssl,SSL_CTRL_SET_TMP_DH_CB,(void (*)(void))dh);
2945 	}
2946 #endif
2947 
2948 #ifndef OPENSSL_NO_ECDH
2949 void SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx,EC_KEY *(*ecdh)(SSL *ssl,int is_export,
2950                                                                 int keylength))
2951 	{
2952 	SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TMP_ECDH_CB,(void (*)(void))ecdh);
2953 	}
2954 
2955 void SSL_set_tmp_ecdh_callback(SSL *ssl,EC_KEY *(*ecdh)(SSL *ssl,int is_export,
2956                                                         int keylength))
2957 	{
2958 	SSL_callback_ctrl(ssl,SSL_CTRL_SET_TMP_ECDH_CB,(void (*)(void))ecdh);
2959 	}
2960 #endif
2961 
2962 #ifndef OPENSSL_NO_PSK
2963 int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *identity_hint)
2964 	{
2965 	if (identity_hint != NULL && strlen(identity_hint) > PSK_MAX_IDENTITY_LEN)
2966 		{
2967 		SSLerr(SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT, SSL_R_DATA_LENGTH_TOO_LONG);
2968 		return 0;
2969 		}
2970 	if (ctx->psk_identity_hint != NULL)
2971 		OPENSSL_free(ctx->psk_identity_hint);
2972 	if (identity_hint != NULL)
2973 		{
2974 		ctx->psk_identity_hint = BUF_strdup(identity_hint);
2975 		if (ctx->psk_identity_hint == NULL)
2976 			return 0;
2977 		}
2978 	else
2979 		ctx->psk_identity_hint = NULL;
2980 	return 1;
2981 	}
2982 
2983 int SSL_use_psk_identity_hint(SSL *s, const char *identity_hint)
2984 	{
2985 	if (s == NULL)
2986 		return 0;
2987 
2988 	if (s->session == NULL)
2989 		return 1; /* session not created yet, ignored */
2990 
2991 	if (identity_hint != NULL && strlen(identity_hint) > PSK_MAX_IDENTITY_LEN)
2992 		{
2993 		SSLerr(SSL_F_SSL_USE_PSK_IDENTITY_HINT, SSL_R_DATA_LENGTH_TOO_LONG);
2994 		return 0;
2995 		}
2996 	if (s->session->psk_identity_hint != NULL)
2997 		OPENSSL_free(s->session->psk_identity_hint);
2998 	if (identity_hint != NULL)
2999 		{
3000 		s->session->psk_identity_hint = BUF_strdup(identity_hint);
3001 		if (s->session->psk_identity_hint == NULL)
3002 			return 0;
3003 		}
3004 	else
3005 		s->session->psk_identity_hint = NULL;
3006 	return 1;
3007 	}
3008 
3009 const char *SSL_get_psk_identity_hint(const SSL *s)
3010 	{
3011 	if (s == NULL || s->session == NULL)
3012 		return NULL;
3013 	return(s->session->psk_identity_hint);
3014 	}
3015 
3016 const char *SSL_get_psk_identity(const SSL *s)
3017 	{
3018 	if (s == NULL || s->session == NULL)
3019 		return NULL;
3020 	return(s->session->psk_identity);
3021 	}
3022 
3023 void SSL_set_psk_client_callback(SSL *s,
3024     unsigned int (*cb)(SSL *ssl, const char *hint,
3025                        char *identity, unsigned int max_identity_len, unsigned char *psk,
3026                        unsigned int max_psk_len))
3027 	{
3028 	s->psk_client_callback = cb;
3029 	}
3030 
3031 void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx,
3032     unsigned int (*cb)(SSL *ssl, const char *hint,
3033                        char *identity, unsigned int max_identity_len, unsigned char *psk,
3034                        unsigned int max_psk_len))
3035 	{
3036 	ctx->psk_client_callback = cb;
3037 	}
3038 
3039 void SSL_set_psk_server_callback(SSL *s,
3040     unsigned int (*cb)(SSL *ssl, const char *identity,
3041                        unsigned char *psk, unsigned int max_psk_len))
3042 	{
3043 	s->psk_server_callback = cb;
3044 	}
3045 
3046 void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx,
3047     unsigned int (*cb)(SSL *ssl, const char *identity,
3048                        unsigned char *psk, unsigned int max_psk_len))
3049 	{
3050 	ctx->psk_server_callback = cb;
3051 	}
3052 #endif
3053 
3054 void SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg))
3055 	{
3056 	SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb);
3057 	}
3058 void SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg))
3059 	{
3060 	SSL_callback_ctrl(ssl, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb);
3061 	}
3062 
3063 /* Allocates new EVP_MD_CTX and sets pointer to it into given pointer
3064  * vairable, freeing  EVP_MD_CTX previously stored in that variable, if
3065  * any. If EVP_MD pointer is passed, initializes ctx with this md
3066  * Returns newly allocated ctx;
3067  */
3068 
3069 EVP_MD_CTX *ssl_replace_hash(EVP_MD_CTX **hash,const EVP_MD *md)
3070 {
3071 	ssl_clear_hash_ctx(hash);
3072 	*hash = EVP_MD_CTX_create();
3073 	if (md) EVP_DigestInit_ex(*hash,md,NULL);
3074 	return *hash;
3075 }
3076 void ssl_clear_hash_ctx(EVP_MD_CTX **hash)
3077 {
3078 
3079 	if (*hash) EVP_MD_CTX_destroy(*hash);
3080 	*hash=NULL;
3081 }
3082 
3083 void SSL_set_debug(SSL *s, int debug)
3084 	{
3085 	s->debug = debug;
3086 	}
3087 
3088 int SSL_cache_hit(SSL *s)
3089 	{
3090 	return s->hit;
3091 	}
3092 
3093 #if defined(_WINDLL) && defined(OPENSSL_SYS_WIN16)
3094 #include "../crypto/bio/bss_file.c"
3095 #endif
3096 
3097 IMPLEMENT_STACK_OF(SSL_CIPHER)
3098 IMPLEMENT_STACK_OF(SSL_COMP)
3099 IMPLEMENT_OBJ_BSEARCH_GLOBAL_CMP_FN(SSL_CIPHER, SSL_CIPHER,
3100 				    ssl_cipher_id);
3101 
3102