|
1 /* ssl/bio_ssl.c */ |
|
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
|
3 * All rights reserved. |
|
4 * |
|
5 * This package is an SSL implementation written |
|
6 * by Eric Young (eay@cryptsoft.com). |
|
7 * The implementation was written so as to conform with Netscapes SSL. |
|
8 * |
|
9 * This library is free for commercial and non-commercial use as long as |
|
10 * the following conditions are aheared to. The following conditions |
|
11 * apply to all code found in this distribution, be it the RC4, RSA, |
|
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation |
|
13 * included with this distribution is covered by the same copyright terms |
|
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). |
|
15 * |
|
16 * Copyright remains Eric Young's, and as such any Copyright notices in |
|
17 * the code are not to be removed. |
|
18 * If this package is used in a product, Eric Young should be given attribution |
|
19 * as the author of the parts of the library used. |
|
20 * This can be in the form of a textual message at program startup or |
|
21 * in documentation (online or textual) provided with the package. |
|
22 * |
|
23 * Redistribution and use in source and binary forms, with or without |
|
24 * modification, are permitted provided that the following conditions |
|
25 * are met: |
|
26 * 1. Redistributions of source code must retain the copyright |
|
27 * notice, this list of conditions and the following disclaimer. |
|
28 * 2. Redistributions in binary form must reproduce the above copyright |
|
29 * notice, this list of conditions and the following disclaimer in the |
|
30 * documentation and/or other materials provided with the distribution. |
|
31 * 3. All advertising materials mentioning features or use of this software |
|
32 * must display the following acknowledgement: |
|
33 * "This product includes cryptographic software written by |
|
34 * Eric Young (eay@cryptsoft.com)" |
|
35 * The word 'cryptographic' can be left out if the rouines from the library |
|
36 * being used are not cryptographic related :-). |
|
37 * 4. If you include any Windows specific code (or a derivative thereof) from |
|
38 * the apps directory (application code) you must include an acknowledgement: |
|
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" |
|
40 * |
|
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND |
|
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
|
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
|
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE |
|
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
|
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
|
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
|
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
|
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
|
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
|
51 * SUCH DAMAGE. |
|
52 * |
|
53 * The licence and distribution terms for any publically available version or |
|
54 * derivative of this code cannot be changed. i.e. this code cannot simply be |
|
55 * copied and put under another distribution licence |
|
56 * [including the GNU Public Licence.] |
|
57 */ |
|
58 /* |
|
59 © Portions copyright (c) 2006 Nokia Corporation. All rights reserved. |
|
60 */ |
|
61 |
|
62 #include <stdio.h> |
|
63 #include <stdlib.h> |
|
64 #include <string.h> |
|
65 #include <errno.h> |
|
66 #include <openssl/crypto.h> |
|
67 #include <openssl/bio.h> |
|
68 #include <openssl/err.h> |
|
69 #include <openssl/ssl.h> |
|
70 |
|
71 #if (defined(SYMBIAN) && (defined(__WINSCW__) || defined(__WINS__))) |
|
72 #include "libssl_wsd.h" |
|
73 #endif |
|
74 |
|
75 static int ssl_write(BIO *h, const char *buf, int num); |
|
76 static int ssl_read(BIO *h, char *buf, int size); |
|
77 static int ssl_puts(BIO *h, const char *str); |
|
78 static long ssl_ctrl(BIO *h, int cmd, long arg1, void *arg2); |
|
79 static int ssl_new(BIO *h); |
|
80 static int ssl_free(BIO *data); |
|
81 static long ssl_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp); |
|
82 typedef struct bio_ssl_st |
|
83 { |
|
84 SSL *ssl; /* The ssl handle :-) */ |
|
85 /* re-negotiate every time the total number of bytes is this size */ |
|
86 int num_renegotiates; |
|
87 unsigned long renegotiate_count; |
|
88 unsigned long byte_count; |
|
89 unsigned long renegotiate_timeout; |
|
90 unsigned long last_time; |
|
91 } BIO_SSL; |
|
92 |
|
93 #ifdef __cplusplus |
|
94 extern "C" |
|
95 { |
|
96 #endif |
|
97 #ifndef EMULATOR |
|
98 |
|
99 static BIO_METHOD methods_sslp= |
|
100 #else |
|
101 const BIO_METHOD temp_methods_sslp= |
|
102 |
|
103 #endif |
|
104 { |
|
105 BIO_TYPE_SSL,"ssl", |
|
106 ssl_write, |
|
107 ssl_read, |
|
108 ssl_puts, |
|
109 NULL, /* ssl_gets, */ |
|
110 ssl_ctrl, |
|
111 ssl_new, |
|
112 ssl_free, |
|
113 ssl_callback_ctrl, |
|
114 }; |
|
115 #ifdef __cplusplus |
|
116 } |
|
117 #endif |
|
118 |
|
119 #ifdef EMULATOR |
|
120 |
|
121 GET_STATIC_VAR_FROM_TLS(methods_sslp,bio_ssl,BIO_METHOD) |
|
122 |
|
123 #define methods_sslp (*GET_WSD_VAR_NAME(methods_sslp,bio_ssl,s)()) |
|
124 |
|
125 #endif //EMULATOR |
|
126 |
|
127 |
|
128 |
|
129 EXPORT_C BIO_METHOD *BIO_f_ssl(void) |
|
130 { |
|
131 return(&methods_sslp); |
|
132 } |
|
133 |
|
134 static int ssl_new(BIO *bi) |
|
135 { |
|
136 BIO_SSL *bs; |
|
137 |
|
138 bs=(BIO_SSL *)OPENSSL_malloc(sizeof(BIO_SSL)); |
|
139 if (bs == NULL) |
|
140 { |
|
141 BIOerr(BIO_F_SSL_NEW,ERR_R_MALLOC_FAILURE); |
|
142 return(0); |
|
143 } |
|
144 memset(bs,0,sizeof(BIO_SSL)); |
|
145 bi->init=0; |
|
146 bi->ptr=(char *)bs; |
|
147 bi->flags=0; |
|
148 return(1); |
|
149 } |
|
150 |
|
151 static int ssl_free(BIO *a) |
|
152 { |
|
153 BIO_SSL *bs; |
|
154 |
|
155 if (a == NULL) return(0); |
|
156 bs=(BIO_SSL *)a->ptr; |
|
157 if (bs->ssl != NULL) SSL_shutdown(bs->ssl); |
|
158 if (a->shutdown) |
|
159 { |
|
160 if (a->init && (bs->ssl != NULL)) |
|
161 SSL_free(bs->ssl); |
|
162 a->init=0; |
|
163 a->flags=0; |
|
164 } |
|
165 if (a->ptr != NULL) |
|
166 OPENSSL_free(a->ptr); |
|
167 return(1); |
|
168 } |
|
169 |
|
170 static int ssl_read(BIO *b, char *out, int outl) |
|
171 { |
|
172 int ret=1; |
|
173 BIO_SSL *sb; |
|
174 SSL *ssl; |
|
175 int retry_reason=0; |
|
176 int r=0; |
|
177 |
|
178 if (out == NULL) return(0); |
|
179 sb=(BIO_SSL *)b->ptr; |
|
180 ssl=sb->ssl; |
|
181 |
|
182 BIO_clear_retry_flags(b); |
|
183 |
|
184 #if 0 |
|
185 if (!SSL_is_init_finished(ssl)) |
|
186 { |
|
187 /* ret=SSL_do_handshake(ssl); */ |
|
188 if (ret > 0) |
|
189 { |
|
190 |
|
191 outflags=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY); |
|
192 ret= -1; |
|
193 goto end; |
|
194 } |
|
195 } |
|
196 #endif |
|
197 /* if (ret > 0) */ |
|
198 ret=SSL_read(ssl,out,outl); |
|
199 |
|
200 switch (SSL_get_error(ssl,ret)) |
|
201 { |
|
202 case SSL_ERROR_NONE: |
|
203 if (ret <= 0) break; |
|
204 if (sb->renegotiate_count > 0) |
|
205 { |
|
206 sb->byte_count+=ret; |
|
207 if (sb->byte_count > sb->renegotiate_count) |
|
208 { |
|
209 sb->byte_count=0; |
|
210 sb->num_renegotiates++; |
|
211 SSL_renegotiate(ssl); |
|
212 r=1; |
|
213 } |
|
214 } |
|
215 if ((sb->renegotiate_timeout > 0) && (!r)) |
|
216 { |
|
217 unsigned long tm; |
|
218 |
|
219 tm=(unsigned long)time(NULL); |
|
220 if (tm > sb->last_time+sb->renegotiate_timeout) |
|
221 { |
|
222 sb->last_time=tm; |
|
223 sb->num_renegotiates++; |
|
224 SSL_renegotiate(ssl); |
|
225 } |
|
226 } |
|
227 |
|
228 break; |
|
229 case SSL_ERROR_WANT_READ: |
|
230 BIO_set_retry_read(b); |
|
231 break; |
|
232 case SSL_ERROR_WANT_WRITE: |
|
233 BIO_set_retry_write(b); |
|
234 break; |
|
235 case SSL_ERROR_WANT_X509_LOOKUP: |
|
236 BIO_set_retry_special(b); |
|
237 retry_reason=BIO_RR_SSL_X509_LOOKUP; |
|
238 break; |
|
239 case SSL_ERROR_WANT_ACCEPT: |
|
240 BIO_set_retry_special(b); |
|
241 retry_reason=BIO_RR_ACCEPT; |
|
242 break; |
|
243 case SSL_ERROR_WANT_CONNECT: |
|
244 BIO_set_retry_special(b); |
|
245 retry_reason=BIO_RR_CONNECT; |
|
246 break; |
|
247 case SSL_ERROR_SYSCALL: |
|
248 case SSL_ERROR_SSL: |
|
249 case SSL_ERROR_ZERO_RETURN: |
|
250 default: |
|
251 break; |
|
252 } |
|
253 |
|
254 b->retry_reason=retry_reason; |
|
255 return(ret); |
|
256 } |
|
257 |
|
258 static int ssl_write(BIO *b, const char *out, int outl) |
|
259 { |
|
260 int ret,r=0; |
|
261 int retry_reason=0; |
|
262 SSL *ssl; |
|
263 BIO_SSL *bs; |
|
264 |
|
265 if (out == NULL) return(0); |
|
266 bs=(BIO_SSL *)b->ptr; |
|
267 ssl=bs->ssl; |
|
268 |
|
269 BIO_clear_retry_flags(b); |
|
270 |
|
271 /* ret=SSL_do_handshake(ssl); |
|
272 if (ret > 0) */ |
|
273 ret=SSL_write(ssl,out,outl); |
|
274 |
|
275 switch (SSL_get_error(ssl,ret)) |
|
276 { |
|
277 case SSL_ERROR_NONE: |
|
278 if (ret <= 0) break; |
|
279 if (bs->renegotiate_count > 0) |
|
280 { |
|
281 bs->byte_count+=ret; |
|
282 if (bs->byte_count > bs->renegotiate_count) |
|
283 { |
|
284 bs->byte_count=0; |
|
285 bs->num_renegotiates++; |
|
286 SSL_renegotiate(ssl); |
|
287 r=1; |
|
288 } |
|
289 } |
|
290 if ((bs->renegotiate_timeout > 0) && (!r)) |
|
291 { |
|
292 unsigned long tm; |
|
293 |
|
294 tm=(unsigned long)time(NULL); |
|
295 if (tm > bs->last_time+bs->renegotiate_timeout) |
|
296 { |
|
297 bs->last_time=tm; |
|
298 bs->num_renegotiates++; |
|
299 SSL_renegotiate(ssl); |
|
300 } |
|
301 } |
|
302 break; |
|
303 case SSL_ERROR_WANT_WRITE: |
|
304 BIO_set_retry_write(b); |
|
305 break; |
|
306 case SSL_ERROR_WANT_READ: |
|
307 BIO_set_retry_read(b); |
|
308 break; |
|
309 case SSL_ERROR_WANT_X509_LOOKUP: |
|
310 BIO_set_retry_special(b); |
|
311 retry_reason=BIO_RR_SSL_X509_LOOKUP; |
|
312 break; |
|
313 case SSL_ERROR_WANT_CONNECT: |
|
314 BIO_set_retry_special(b); |
|
315 retry_reason=BIO_RR_CONNECT; |
|
316 case SSL_ERROR_SYSCALL: |
|
317 case SSL_ERROR_SSL: |
|
318 default: |
|
319 break; |
|
320 } |
|
321 |
|
322 b->retry_reason=retry_reason; |
|
323 return(ret); |
|
324 } |
|
325 |
|
326 static long ssl_ctrl(BIO *b, int cmd, long num, void *ptr) |
|
327 { |
|
328 SSL **sslp,*ssl; |
|
329 BIO_SSL *bs; |
|
330 BIO *dbio,*bio; |
|
331 long ret=1; |
|
332 |
|
333 bs=(BIO_SSL *)b->ptr; |
|
334 ssl=bs->ssl; |
|
335 if ((ssl == NULL) && (cmd != BIO_C_SET_SSL)) |
|
336 return(0); |
|
337 switch (cmd) |
|
338 { |
|
339 case BIO_CTRL_RESET: |
|
340 SSL_shutdown(ssl); |
|
341 |
|
342 if (ssl->handshake_func == ssl->method->ssl_connect) |
|
343 SSL_set_connect_state(ssl); |
|
344 else if (ssl->handshake_func == ssl->method->ssl_accept) |
|
345 SSL_set_accept_state(ssl); |
|
346 |
|
347 SSL_clear(ssl); |
|
348 |
|
349 if (b->next_bio != NULL) |
|
350 ret=BIO_ctrl(b->next_bio,cmd,num,ptr); |
|
351 else if (ssl->rbio != NULL) |
|
352 ret=BIO_ctrl(ssl->rbio,cmd,num,ptr); |
|
353 else |
|
354 ret=1; |
|
355 break; |
|
356 case BIO_CTRL_INFO: |
|
357 ret=0; |
|
358 break; |
|
359 case BIO_C_SSL_MODE: |
|
360 if (num) /* client mode */ |
|
361 SSL_set_connect_state(ssl); |
|
362 else |
|
363 SSL_set_accept_state(ssl); |
|
364 break; |
|
365 case BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT: |
|
366 ret=bs->renegotiate_timeout; |
|
367 if (num < 60) num=5; |
|
368 bs->renegotiate_timeout=(unsigned long)num; |
|
369 bs->last_time=(unsigned long)time(NULL); |
|
370 break; |
|
371 case BIO_C_SET_SSL_RENEGOTIATE_BYTES: |
|
372 ret=bs->renegotiate_count; |
|
373 if ((long)num >=512) |
|
374 bs->renegotiate_count=(unsigned long)num; |
|
375 break; |
|
376 case BIO_C_GET_SSL_NUM_RENEGOTIATES: |
|
377 ret=bs->num_renegotiates; |
|
378 break; |
|
379 case BIO_C_SET_SSL: |
|
380 if (ssl != NULL) |
|
381 ssl_free(b); |
|
382 b->shutdown=(int)num; |
|
383 ssl=(SSL *)ptr; |
|
384 ((BIO_SSL *)b->ptr)->ssl=ssl; |
|
385 bio=SSL_get_rbio(ssl); |
|
386 if (bio != NULL) |
|
387 { |
|
388 if (b->next_bio != NULL) |
|
389 BIO_push(bio,b->next_bio); |
|
390 b->next_bio=bio; |
|
391 CRYPTO_add(&bio->references,1,CRYPTO_LOCK_BIO); |
|
392 } |
|
393 b->init=1; |
|
394 break; |
|
395 case BIO_C_GET_SSL: |
|
396 if (ptr != NULL) |
|
397 { |
|
398 sslp=(SSL **)ptr; |
|
399 *sslp=ssl; |
|
400 } |
|
401 else |
|
402 ret=0; |
|
403 break; |
|
404 case BIO_CTRL_GET_CLOSE: |
|
405 ret=b->shutdown; |
|
406 break; |
|
407 case BIO_CTRL_SET_CLOSE: |
|
408 b->shutdown=(int)num; |
|
409 break; |
|
410 case BIO_CTRL_WPENDING: |
|
411 ret=BIO_ctrl(ssl->wbio,cmd,num,ptr); |
|
412 break; |
|
413 case BIO_CTRL_PENDING: |
|
414 ret=SSL_pending(ssl); |
|
415 if (ret == 0) |
|
416 ret=BIO_pending(ssl->rbio); |
|
417 break; |
|
418 case BIO_CTRL_FLUSH: |
|
419 BIO_clear_retry_flags(b); |
|
420 ret=BIO_ctrl(ssl->wbio,cmd,num,ptr); |
|
421 BIO_copy_next_retry(b); |
|
422 break; |
|
423 case BIO_CTRL_PUSH: |
|
424 if ((b->next_bio != NULL) && (b->next_bio != ssl->rbio)) |
|
425 { |
|
426 SSL_set_bio(ssl,b->next_bio,b->next_bio); |
|
427 CRYPTO_add(&b->next_bio->references,1,CRYPTO_LOCK_BIO); |
|
428 } |
|
429 break; |
|
430 case BIO_CTRL_POP: |
|
431 /* ugly bit of a hack */ |
|
432 if (ssl->rbio != ssl->wbio) /* we are in trouble :-( */ |
|
433 { |
|
434 BIO_free_all(ssl->wbio); |
|
435 } |
|
436 if (b->next_bio != NULL) |
|
437 { |
|
438 CRYPTO_add(&b->next_bio->references,1,CRYPTO_LOCK_BIO); |
|
439 } |
|
440 ssl->wbio=NULL; |
|
441 ssl->rbio=NULL; |
|
442 break; |
|
443 case BIO_C_DO_STATE_MACHINE: |
|
444 BIO_clear_retry_flags(b); |
|
445 |
|
446 b->retry_reason=0; |
|
447 ret=(int)SSL_do_handshake(ssl); |
|
448 |
|
449 switch (SSL_get_error(ssl,(int)ret)) |
|
450 { |
|
451 case SSL_ERROR_WANT_READ: |
|
452 BIO_set_flags(b, |
|
453 BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY); |
|
454 break; |
|
455 case SSL_ERROR_WANT_WRITE: |
|
456 BIO_set_flags(b, |
|
457 BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY); |
|
458 break; |
|
459 case SSL_ERROR_WANT_CONNECT: |
|
460 BIO_set_flags(b, |
|
461 BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY); |
|
462 b->retry_reason=b->next_bio->retry_reason; |
|
463 break; |
|
464 default: |
|
465 break; |
|
466 } |
|
467 break; |
|
468 case BIO_CTRL_DUP: |
|
469 dbio=(BIO *)ptr; |
|
470 if (((BIO_SSL *)dbio->ptr)->ssl != NULL) |
|
471 SSL_free(((BIO_SSL *)dbio->ptr)->ssl); |
|
472 ((BIO_SSL *)dbio->ptr)->ssl=SSL_dup(ssl); |
|
473 ((BIO_SSL *)dbio->ptr)->renegotiate_count= |
|
474 ((BIO_SSL *)b->ptr)->renegotiate_count; |
|
475 ((BIO_SSL *)dbio->ptr)->byte_count= |
|
476 ((BIO_SSL *)b->ptr)->byte_count; |
|
477 ((BIO_SSL *)dbio->ptr)->renegotiate_timeout= |
|
478 ((BIO_SSL *)b->ptr)->renegotiate_timeout; |
|
479 ((BIO_SSL *)dbio->ptr)->last_time= |
|
480 ((BIO_SSL *)b->ptr)->last_time; |
|
481 ret=(((BIO_SSL *)dbio->ptr)->ssl != NULL); |
|
482 break; |
|
483 case BIO_C_GET_FD: |
|
484 ret=BIO_ctrl(ssl->rbio,cmd,num,ptr); |
|
485 break; |
|
486 case BIO_CTRL_SET_CALLBACK: |
|
487 { |
|
488 #if 0 /* FIXME: Should this be used? -- Richard Levitte */ |
|
489 SSLerr(SSL_F_SSL_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); |
|
490 ret = -1; |
|
491 #else |
|
492 ret=0; |
|
493 #endif |
|
494 } |
|
495 break; |
|
496 case BIO_CTRL_GET_CALLBACK: |
|
497 { |
|
498 void (**fptr)(const SSL *xssl,int type,int val); |
|
499 |
|
500 fptr=(void (**)(const SSL *xssl,int type,int val))ptr; |
|
501 *fptr=SSL_get_info_callback(ssl); |
|
502 } |
|
503 break; |
|
504 default: |
|
505 ret=BIO_ctrl(ssl->rbio,cmd,num,ptr); |
|
506 break; |
|
507 } |
|
508 return(ret); |
|
509 } |
|
510 |
|
511 static long ssl_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp) |
|
512 { |
|
513 SSL *ssl; |
|
514 BIO_SSL *bs; |
|
515 long ret=1; |
|
516 |
|
517 bs=(BIO_SSL *)b->ptr; |
|
518 ssl=bs->ssl; |
|
519 switch (cmd) |
|
520 { |
|
521 case BIO_CTRL_SET_CALLBACK: |
|
522 { |
|
523 /* FIXME: setting this via a completely different prototype |
|
524 seems like a crap idea */ |
|
525 SSL_set_info_callback(ssl,(void (*)(const SSL *,int,int))fp); |
|
526 } |
|
527 break; |
|
528 default: |
|
529 ret=BIO_callback_ctrl(ssl->rbio,cmd,fp); |
|
530 break; |
|
531 } |
|
532 return(ret); |
|
533 } |
|
534 |
|
535 static int ssl_puts(BIO *bp, const char *str) |
|
536 { |
|
537 int n,ret; |
|
538 |
|
539 n=strlen(str); |
|
540 ret=BIO_write(bp,str,n); |
|
541 return(ret); |
|
542 } |
|
543 |
|
544 EXPORT_C BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx) |
|
545 { |
|
546 #ifndef OPENSSL_NO_SOCK |
|
547 BIO *ret=NULL,*buf=NULL,*ssl=NULL; |
|
548 |
|
549 if ((buf=BIO_new(BIO_f_buffer())) == NULL) |
|
550 return(NULL); |
|
551 if ((ssl=BIO_new_ssl_connect(ctx)) == NULL) |
|
552 goto err; |
|
553 if ((ret=BIO_push(buf,ssl)) == NULL) |
|
554 goto err; |
|
555 return(ret); |
|
556 err: |
|
557 if (buf != NULL) BIO_free(buf); |
|
558 if (ssl != NULL) BIO_free(ssl); |
|
559 #endif |
|
560 return(NULL); |
|
561 } |
|
562 |
|
563 EXPORT_C BIO *BIO_new_ssl_connect(SSL_CTX *ctx) |
|
564 { |
|
565 BIO *ret=NULL,*con=NULL,*ssl=NULL; |
|
566 |
|
567 if ((con=BIO_new(BIO_s_connect())) == NULL) |
|
568 return(NULL); |
|
569 if ((ssl=BIO_new_ssl(ctx,1)) == NULL) |
|
570 goto err; |
|
571 if ((ret=BIO_push(ssl,con)) == NULL) |
|
572 goto err; |
|
573 return(ret); |
|
574 err: |
|
575 if (con != NULL) BIO_free(con); |
|
576 if (ret != NULL) BIO_free(ret); |
|
577 return(NULL); |
|
578 } |
|
579 |
|
580 EXPORT_C BIO *BIO_new_ssl(SSL_CTX *ctx, int client) |
|
581 { |
|
582 BIO *ret; |
|
583 SSL *ssl; |
|
584 |
|
585 if ((ret=BIO_new(BIO_f_ssl())) == NULL) |
|
586 return(NULL); |
|
587 if ((ssl=SSL_new(ctx)) == NULL) |
|
588 { |
|
589 BIO_free(ret); |
|
590 return(NULL); |
|
591 } |
|
592 if (client) |
|
593 SSL_set_connect_state(ssl); |
|
594 else |
|
595 SSL_set_accept_state(ssl); |
|
596 |
|
597 BIO_set_ssl(ret,ssl,BIO_CLOSE); |
|
598 return(ret); |
|
599 } |
|
600 |
|
601 EXPORT_C int BIO_ssl_copy_session_id(BIO *t, BIO *f) |
|
602 { |
|
603 t=BIO_find_type(t,BIO_TYPE_SSL); |
|
604 f=BIO_find_type(f,BIO_TYPE_SSL); |
|
605 if ((t == NULL) || (f == NULL)) |
|
606 return(0); |
|
607 if ( (((BIO_SSL *)t->ptr)->ssl == NULL) || |
|
608 (((BIO_SSL *)f->ptr)->ssl == NULL)) |
|
609 return(0); |
|
610 SSL_copy_session_id(((BIO_SSL *)t->ptr)->ssl,((BIO_SSL *)f->ptr)->ssl); |
|
611 return(1); |
|
612 } |
|
613 |
|
614 EXPORT_C void BIO_ssl_shutdown(BIO *b) |
|
615 { |
|
616 SSL *s; |
|
617 |
|
618 while (b != NULL) |
|
619 { |
|
620 if (b->method->type == BIO_TYPE_SSL) |
|
621 { |
|
622 s=((BIO_SSL *)b->ptr)->ssl; |
|
623 SSL_shutdown(s); |
|
624 break; |
|
625 } |
|
626 b=b->next_bio; |
|
627 } |
|
628 } |