GCC Code Coverage Report
Directory: ./ Exec Total Coverage
File: lib/libssl/t1_srvr.c Lines: 12 13 92.3 %
Date: 2017-11-13 Branches: 5 6 83.3 %

Line Branch Exec Source
1
/* $OpenBSD: t1_srvr.c,v 1.25 2017/01/26 05:31:25 jsing Exp $ */
2
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3
 * All rights reserved.
4
 *
5
 * This package is an SSL implementation written
6
 * by Eric Young (eay@cryptsoft.com).
7
 * The implementation was written so as to conform with Netscapes SSL.
8
 *
9
 * This library is free for commercial and non-commercial use as long as
10
 * the following conditions are aheared to.  The following conditions
11
 * apply to all code found in this distribution, be it the RC4, RSA,
12
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
13
 * included with this distribution is covered by the same copyright terms
14
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15
 *
16
 * Copyright remains Eric Young's, and as such any Copyright notices in
17
 * the code are not to be removed.
18
 * If this package is used in a product, Eric Young should be given attribution
19
 * as the author of the parts of the library used.
20
 * This can be in the form of a textual message at program startup or
21
 * in documentation (online or textual) provided with the package.
22
 *
23
 * Redistribution and use in source and binary forms, with or without
24
 * modification, are permitted provided that the following conditions
25
 * are met:
26
 * 1. Redistributions of source code must retain the copyright
27
 *    notice, this list of conditions and the following disclaimer.
28
 * 2. Redistributions in binary form must reproduce the above copyright
29
 *    notice, this list of conditions and the following disclaimer in the
30
 *    documentation and/or other materials provided with the distribution.
31
 * 3. All advertising materials mentioning features or use of this software
32
 *    must display the following acknowledgement:
33
 *    "This product includes cryptographic software written by
34
 *     Eric Young (eay@cryptsoft.com)"
35
 *    The word 'cryptographic' can be left out if the rouines from the library
36
 *    being used are not cryptographic related :-).
37
 * 4. If you include any Windows specific code (or a derivative thereof) from
38
 *    the apps directory (application code) you must include an acknowledgement:
39
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40
 *
41
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51
 * SUCH DAMAGE.
52
 *
53
 * The licence and distribution terms for any publically available version or
54
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
55
 * copied and put under another distribution licence
56
 * [including the GNU Public Licence.]
57
 */
58
59
#include <stdio.h>
60
61
#include "ssl_locl.h"
62
63
#include <openssl/buffer.h>
64
#include <openssl/evp.h>
65
#include <openssl/objects.h>
66
#include <openssl/x509.h>
67
68
static const SSL_METHOD_INTERNAL TLS_server_method_internal_data = {
69
	.version = TLS1_2_VERSION,
70
	.min_version = TLS1_VERSION,
71
	.max_version = TLS1_2_VERSION,
72
	.ssl_new = tls1_new,
73
	.ssl_clear = tls1_clear,
74
	.ssl_free = tls1_free,
75
	.ssl_accept = ssl3_accept,
76
	.ssl_connect = ssl_undefined_function,
77
	.ssl_read = ssl3_read,
78
	.ssl_peek = ssl3_peek,
79
	.ssl_write = ssl3_write,
80
	.ssl_shutdown = ssl3_shutdown,
81
	.ssl_pending = ssl3_pending,
82
	.get_ssl_method = tls1_get_server_method,
83
	.get_timeout = tls1_default_timeout,
84
	.ssl_version = ssl_undefined_void_function,
85
	.ssl_renegotiate = ssl_undefined_function,
86
	.ssl_renegotiate_check = ssl_ok,
87
	.ssl_get_message = ssl3_get_message,
88
	.ssl_read_bytes = ssl3_read_bytes,
89
	.ssl_write_bytes = ssl3_write_bytes,
90
	.ssl3_enc = &TLSv1_2_enc_data,
91
};
92
93
static const SSL_METHOD TLS_server_method_data = {
94
	.ssl_dispatch_alert = ssl3_dispatch_alert,
95
	.num_ciphers = ssl3_num_ciphers,
96
	.get_cipher = ssl3_get_cipher,
97
	.get_cipher_by_char = ssl3_get_cipher_by_char,
98
	.put_cipher_by_char = ssl3_put_cipher_by_char,
99
	.internal = &TLS_server_method_internal_data,
100
};
101
102
static const SSL_METHOD_INTERNAL TLSv1_server_method_internal_data = {
103
	.version = TLS1_VERSION,
104
	.min_version = TLS1_VERSION,
105
	.max_version = TLS1_VERSION,
106
	.ssl_new = tls1_new,
107
	.ssl_clear = tls1_clear,
108
	.ssl_free = tls1_free,
109
	.ssl_accept = ssl3_accept,
110
	.ssl_connect = ssl_undefined_function,
111
	.ssl_read = ssl3_read,
112
	.ssl_peek = ssl3_peek,
113
	.ssl_write = ssl3_write,
114
	.ssl_shutdown = ssl3_shutdown,
115
	.ssl_pending = ssl3_pending,
116
	.get_ssl_method = tls1_get_server_method,
117
	.get_timeout = tls1_default_timeout,
118
	.ssl_version = ssl_undefined_void_function,
119
	.ssl_renegotiate = ssl3_renegotiate,
120
	.ssl_renegotiate_check = ssl3_renegotiate_check,
121
	.ssl_get_message = ssl3_get_message,
122
	.ssl_read_bytes = ssl3_read_bytes,
123
	.ssl_write_bytes = ssl3_write_bytes,
124
	.ssl3_enc = &TLSv1_enc_data,
125
};
126
127
static const SSL_METHOD TLSv1_server_method_data = {
128
	.ssl_dispatch_alert = ssl3_dispatch_alert,
129
	.num_ciphers = ssl3_num_ciphers,
130
	.get_cipher = ssl3_get_cipher,
131
	.get_cipher_by_char = ssl3_get_cipher_by_char,
132
	.put_cipher_by_char = ssl3_put_cipher_by_char,
133
	.internal = &TLSv1_server_method_internal_data,
134
};
135
136
static const SSL_METHOD_INTERNAL TLSv1_1_server_method_internal_data = {
137
	.version = TLS1_1_VERSION,
138
	.min_version = TLS1_1_VERSION,
139
	.max_version = TLS1_1_VERSION,
140
	.ssl_new = tls1_new,
141
	.ssl_clear = tls1_clear,
142
	.ssl_free = tls1_free,
143
	.ssl_accept = ssl3_accept,
144
	.ssl_connect = ssl_undefined_function,
145
	.ssl_read = ssl3_read,
146
	.ssl_peek = ssl3_peek,
147
	.ssl_write = ssl3_write,
148
	.ssl_shutdown = ssl3_shutdown,
149
	.ssl_pending = ssl3_pending,
150
	.get_ssl_method = tls1_get_server_method,
151
	.get_timeout = tls1_default_timeout,
152
	.ssl_version = ssl_undefined_void_function,
153
	.ssl_renegotiate = ssl3_renegotiate,
154
	.ssl_renegotiate_check = ssl3_renegotiate_check,
155
	.ssl_get_message = ssl3_get_message,
156
	.ssl_read_bytes = ssl3_read_bytes,
157
	.ssl_write_bytes = ssl3_write_bytes,
158
	.ssl3_enc = &TLSv1_1_enc_data,
159
};
160
161
static const SSL_METHOD TLSv1_1_server_method_data = {
162
	.ssl_dispatch_alert = ssl3_dispatch_alert,
163
	.num_ciphers = ssl3_num_ciphers,
164
	.get_cipher = ssl3_get_cipher,
165
	.get_cipher_by_char = ssl3_get_cipher_by_char,
166
	.put_cipher_by_char = ssl3_put_cipher_by_char,
167
	.internal = &TLSv1_1_server_method_internal_data,
168
};
169
170
static const SSL_METHOD_INTERNAL TLSv1_2_server_method_internal_data = {
171
	.version = TLS1_2_VERSION,
172
	.min_version = TLS1_2_VERSION,
173
	.max_version = TLS1_2_VERSION,
174
	.ssl_new = tls1_new,
175
	.ssl_clear = tls1_clear,
176
	.ssl_free = tls1_free,
177
	.ssl_accept = ssl3_accept,
178
	.ssl_connect = ssl_undefined_function,
179
	.ssl_read = ssl3_read,
180
	.ssl_peek = ssl3_peek,
181
	.ssl_write = ssl3_write,
182
	.ssl_shutdown = ssl3_shutdown,
183
	.ssl_pending = ssl3_pending,
184
	.get_ssl_method = tls1_get_server_method,
185
	.get_timeout = tls1_default_timeout,
186
	.ssl_version = ssl_undefined_void_function,
187
	.ssl_renegotiate = ssl3_renegotiate,
188
	.ssl_renegotiate_check = ssl3_renegotiate_check,
189
	.ssl_get_message = ssl3_get_message,
190
	.ssl_read_bytes = ssl3_read_bytes,
191
	.ssl_write_bytes = ssl3_write_bytes,
192
	.ssl3_enc = &TLSv1_2_enc_data,
193
};
194
195
static const SSL_METHOD TLSv1_2_server_method_data = {
196
	.ssl_dispatch_alert = ssl3_dispatch_alert,
197
	.num_ciphers = ssl3_num_ciphers,
198
	.get_cipher = ssl3_get_cipher,
199
	.get_cipher_by_char = ssl3_get_cipher_by_char,
200
	.put_cipher_by_char = ssl3_put_cipher_by_char,
201
	.internal = &TLSv1_2_server_method_internal_data,
202
};
203
204
const SSL_METHOD *
205
tls1_get_server_method(int ver)
206
{
207
396
	if (ver == TLS1_2_VERSION)
208
105
		return (TLSv1_2_server_method());
209
93
	if (ver == TLS1_1_VERSION)
210
		return (TLSv1_1_server_method());
211
93
	if (ver == TLS1_VERSION)
212
57
		return (TLSv1_server_method());
213
36
	return (NULL);
214
198
}
215
216
const SSL_METHOD *
217
SSLv23_server_method(void)
218
{
219
34
	return (TLS_server_method());
220
}
221
222
const SSL_METHOD *
223
TLS_server_method(void)
224
{
225
88
	return (&TLS_server_method_data);
226
}
227
228
const SSL_METHOD *
229
TLSv1_server_method(void)
230
{
231
120
	return (&TLSv1_server_method_data);
232
}
233
234
const SSL_METHOD *
235
TLSv1_1_server_method(void)
236
{
237
6
	return (&TLSv1_1_server_method_data);
238
}
239
240
const SSL_METHOD *
241
TLSv1_2_server_method(void)
242
{
243
216
	return (&TLSv1_2_server_method_data);
244
}