Lines Matching refs:ssl
149 #include <openssl/ssl.h>
202 SSL *const ssl = hs->ssl;
206 assert(ssl->handshake_func == ssl3_accept);
207 assert(ssl->server);
214 ssl_do_info_callback(ssl, SSL_CB_HANDSHAKE_START, 1);
219 ret = ssl->method->ssl_get_message(ssl);
249 ssl->method->received_flight(ssl);
258 if (ssl->session != NULL) {
291 ((alg_a & SSL_aPSK) && ssl->psk_identity_hint)) {
349 ret = ssl->method->read_change_cipher_spec(ssl);
373 if (ssl->s3->tlsext_channel_id_valid) {
388 ssl->method->received_flight(ssl);
389 if (ssl->session != NULL) {
398 if (ssl->session == NULL && ssl->s3->tlsext_channel_id_valid) {
417 if (!ssl->method->add_change_cipher_spec(ssl) ||
432 if (ssl->session != NULL) {
440 ret = ssl->method->flush_flight(ssl);
447 ssl->method->expect_flight(ssl);
468 ssl->method->release_current_message(ssl, 1 /* free_buffer */);
473 ssl->retain_only_sha256_of_client_certs) {
476 ssl->ctx->x509_method->session_clear(hs->new_session);
479 SSL_SESSION_free(ssl->s3->established_session);
480 if (ssl->session != NULL) {
481 SSL_SESSION_up_ref(ssl->session);
482 ssl->s3->established_session = ssl->session;
484 ssl->s3->established_session = hs->new_session;
485 ssl->s3->established_session->not_resumable = 0;
495 ssl->s3->initial_handshake_complete = 1;
498 ssl_do_info_callback(ssl, SSL_CB_HANDSHAKE_DONE, 1);
509 ssl_do_info_callback(ssl, SSL_CB_ACCEPT_LOOP, 1);
514 ssl_do_info_callback(ssl, SSL_CB_ACCEPT_EXIT, ret);
540 SSL *const ssl = hs->ssl;
541 assert(!ssl->s3->have_version);
543 if (!ssl_get_version_range(ssl, &min_version, &max_version)) {
573 if (!ssl->method->version_from_wire(&ext_version, ext_version)) {
590 if (SSL_is_dtls(ssl)) {
632 ssl->version = ssl->method->version_to_wire(version);
634 /* At this point, the connection's version is known and |ssl->version| is
636 ssl->s3->have_version = 1;
687 SSL *const ssl = hs->ssl;
688 if (ssl3_protocol_version(ssl) >= TLS1_3_VERSION) {
697 if (ssl_has_certificate(ssl)) {
698 int type = ssl_private_key_type(ssl);
707 if (ssl->cert->dh_tmp != NULL || ssl->cert->dh_tmp_cb != NULL) {
718 if (ssl->psk_server_callback != NULL) {
730 SSL *const ssl = hs->ssl;
750 if (ssl->options & SSL_OP_CIPHER_SERVER_PREFERENCE) {
768 if (SSL_CIPHER_get_min_version(c) > ssl3_protocol_version(ssl) ||
769 SSL_CIPHER_get_max_version(c) < ssl3_protocol_version(ssl)) {
807 SSL *const ssl = hs->ssl;
808 if (!ssl_check_message_type(ssl, SSL3_MT_CLIENT_HELLO)) {
813 if (!ssl_client_hello_init(ssl, &client_hello, ssl->init_msg,
814 ssl->init_num)) {
816 ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
821 if (ssl->ctx->select_certificate_cb != NULL) {
822 switch (ssl->ctx->select_certificate_cb(&client_hello)) {
824 ssl->rwstate = SSL_CERTIFICATE_SELECTION_PENDING;
830 ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
840 ssl3_send_alert(ssl, SSL3_AL_FATAL, alert);
849 OPENSSL_memcpy(ssl->s3->client_random, client_hello.random,
856 (ssl3_protocol_version(ssl) >= TLS1_3_VERSION &&
859 ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
873 SSL *const ssl = hs->ssl;
875 if (ssl->cert->cert_cb != NULL) {
876 int rv = ssl->cert->cert_cb(ssl, ssl->cert->cert_cb_arg);
879 ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
883 ssl->rwstate = SSL_X509_LOOKUP;
888 if (!ssl->ctx->x509_method->ssl_auto_chain_if_needed(ssl)) {
892 if (ssl3_protocol_version(ssl) >= TLS1_3_VERSION) {
900 if (!ssl_client_hello_init(ssl, &client_hello, ssl->init_msg,
901 ssl->init_num)) {
908 ssl3_choose_cipher(hs, &client_hello, ssl_get_cipher_preferences(ssl));
911 ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
919 SSL *const ssl = hs->ssl;
925 if (!ssl_client_hello_init(ssl, &client_hello, ssl->init_msg,
926 ssl->init_num)) {
932 switch (ssl_get_prev_session(ssl, &session, &tickets_supported, &renew_ticket,
939 ssl->rwstate = SSL_PENDING_SESSION;
942 ssl->rwstate = SSL_PENDING_TICKET;
967 ssl->session = session;
969 ssl->s3->session_reused = 1;
972 ssl_set_session(ssl, NULL);
978 if (!(ssl->ctx->session_cache_mode & SSL_SESS_CACHE_SERVER)) {
983 if (ssl->ctx->dos_protection_cb != NULL &&
984 ssl->ctx->dos_protection_cb(&client_hello) == 0) {
991 if (ssl->session == NULL) {
1005 hs->cert_request = !!(ssl->verify_mode & SSL_VERIFY_PEER);
1007 if ((ssl->verify_mode & SSL_VERIFY_PEER_IF_NO_OBC) &&
1008 ssl->s3->tlsext_channel_id_valid) {
1031 if (!SSL_TRANSCRIPT_init_hash(&hs->transcript, ssl3_protocol_version(ssl),
1046 ssl3_send_alert(ssl, SSL3_AL_FATAL, al);
1055 SSL *const ssl = hs->ssl;
1059 if (ssl->s3->tlsext_channel_id_valid &&
1061 ssl->s3->tlsext_channel_id_valid = 0;
1067 if (ssl->session != NULL &&
1068 ssl->session->original_handshake_hash_len == 0) {
1069 ssl->s3->tlsext_channel_id_valid = 0;
1073 ssl_get_current_time(ssl, &now);
1074 ssl->s3->server_random[0] = now.tv_sec >> 24;
1075 ssl->s3->server_random[1] = now.tv_sec >> 16;
1076 ssl->s3->server_random[2] = now.tv_sec >> 8;
1077 ssl->s3->server_random[3] = now.tv_sec;
1078 if (!RAND_bytes(ssl->s3->server_random + 4, SSL3_RANDOM_SIZE - 4)) {
1086 if (ssl->session != NULL) {
1087 session = ssl->session;
1091 if (!ssl->method->init_message(ssl, &cbb, &body, SSL3_MT_SERVER_HELLO) ||
1092 !CBB_add_u16(&body, ssl->version) ||
1093 !CBB_add_bytes(&body, ssl->s3->server_random, SSL3_RANDOM_SIZE) ||
1100 !ssl_add_message_cbb(ssl, &cbb)) {
1110 SSL *const ssl = hs->ssl;
1111 if (!ssl_has_certificate(ssl)) {
1116 if (!ssl3_output_cert_chain(ssl)) {
1123 SSL *const ssl = hs->ssl;
1125 if (!ssl->method->init_message(ssl, &cbb, &body,
1130 CRYPTO_BUFFER_data(ssl->cert->ocsp_response),
1131 CRYPTO_BUFFER_len(ssl->cert->ocsp_response)) ||
1132 !ssl_add_message_cbb(ssl, &cbb)) {
1142 SSL *const ssl = hs->ssl;
1159 (ssl->psk_identity_hint == NULL) ? 0 : strlen(ssl->psk_identity_hint);
1161 !CBB_add_bytes(&child, (const uint8_t *)ssl->psk_identity_hint,
1169 DH *params = ssl->cert->dh_tmp;
1170 if (params == NULL && ssl->cert->dh_tmp_cb != NULL) {
1171 params = ssl->cert->dh_tmp_cb(ssl, 0, 1024);
1175 ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
1199 ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
1223 if (!ssl->method->init_message(ssl, &cbb, &body,
1231 if (!ssl_has_private_key(ssl)) {
1232 ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
1241 if (ssl3_protocol_version(ssl) >= TLS1_2_VERSION) {
1244 ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
1250 const size_t max_sig_len = ssl_private_key_max_signature_len(ssl);
1265 !CBB_add_bytes(&transcript, ssl->s3->client_random,
1267 !CBB_add_bytes(&transcript, ssl->s3->server_random,
1274 ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
1278 sign_result = ssl_private_key_sign(ssl, ptr, &sig_len, max_sig_len,
1284 sign_result = ssl_private_key_complete(ssl, ptr, &sig_len, max_sig_len);
1296 ssl->rwstate = SSL_PRIVATE_KEY_OPERATION;
1302 if (!ssl_add_message_cbb(ssl, &cbb)) {
1317 static int add_cert_types(SSL *ssl, CBB *cbb) {
1322 size_t num_sig_algs = tls12_get_verify_sigalgs(ssl, &sig_algs);
1347 if (ssl->version >= TLS1_VERSION && have_ecdsa_sign &&
1356 SSL *const ssl = hs->ssl;
1358 if (!ssl->method->init_message(ssl, &cbb, &body,
1361 !add_cert_types(ssl, &cert_types)) {
1365 if (ssl3_protocol_version(ssl) >= TLS1_2_VERSION) {
1367 size_t num_sigalgs = tls12_get_verify_sigalgs(ssl, &sigalgs);
1379 if (!ssl_add_client_CA_list(ssl, &body) ||
1380 !ssl_add_message_cbb(ssl, &cbb)) {
1393 SSL *const ssl = hs->ssl;
1395 if (!ssl->method->init_message(ssl, &cbb, &body, SSL3_MT_SERVER_HELLO_DONE) ||
1396 !ssl_add_message_cbb(ssl, &cbb)) {
1406 SSL *const ssl = hs->ssl;
1409 int msg_ret = ssl->method->ssl_get_message(ssl);
1414 if (ssl->s3->tmp.message_type != SSL3_MT_CERTIFICATE) {
1415 if (ssl->version == SSL3_VERSION &&
1416 ssl->s3->tmp.message_type == SSL3_MT_CLIENT_KEY_EXCHANGE) {
1419 if (ssl->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT) {
1421 ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
1428 ssl->s3->tmp.reuse_message = 1;
1433 ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
1442 CBS_init(&certificate_msg, ssl->init_msg, ssl->init_num);
1450 ssl->retain_only_sha256_of_client_certs ? hs->new_session->peer_sha256
1452 &certificate_msg, ssl->ctx->pool);
1454 ssl3_send_alert(ssl, SSL3_AL_FATAL, alert);
1459 !ssl->ctx->x509_method->session_cache_objects(hs->new_session)) {
1461 ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
1471 if (ssl->version == SSL3_VERSION) {
1473 ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
1477 if (ssl->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT) {
1480 ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
1491 if (ssl->retain_only_sha256_of_client_certs) {
1495 if (!ssl->ctx->x509_method->session_verify_cert_chain(hs->new_session, ssl)) {
1503 SSL *const ssl = hs->ssl;
1516 int ret = ssl->method->ssl_get_message(ssl);
1521 if (!ssl_check_message_type(ssl, SSL3_MT_CLIENT_KEY_EXCHANGE) ||
1527 CBS_init(&client_key_exchange, ssl->init_msg, ssl->init_num);
1544 if (ssl->psk_server_callback == NULL) {
1564 psk_len = ssl->psk_server_callback(ssl, hs->new_session->psk_identity, psk,
1582 const size_t rsa_size = ssl_private_key_max_signature_len(ssl);
1592 if (!ssl_has_private_key(ssl) ||
1593 ssl_private_key_type(ssl) != NID_rsaEncryption) {
1599 if (ssl->version > SSL3_VERSION) {
1615 ssl, decrypt_buf, &decrypt_len, rsa_size,
1622 ssl_private_key_complete(ssl, decrypt_buf, &decrypt_len, rsa_size);
1631 ssl->rwstate = SSL_PRIVATE_KEY_OPERATION;
1762 ssl3_send_alert(ssl, SSL3_AL_FATAL, al);
1774 SSL *const ssl = hs->ssl;
1786 int msg_ret = ssl->method->ssl_get_message(ssl);
1791 if (!ssl_check_message_type(ssl, SSL3_MT_CERTIFICATE_VERIFY)) {
1795 CBS_init(&certificate_verify, ssl->init_msg, ssl->init_num);
1799 if (ssl3_protocol_version(ssl) >= TLS1_2_VERSION) {
1805 if (!tls12_check_peer_sigalg(ssl, &al, signature_algorithm)) {
1830 if (ssl3_protocol_version(ssl) == SSL3_VERSION) {
1847 ssl, CBS_data(&signature), CBS_len(&signature), signature_algorithm,
1872 ssl3_send_alert(ssl, SSL3_AL_FATAL, al);
1880 SSL *const ssl = hs->ssl;
1881 int ret = ssl->method->ssl_get_message(ssl);
1886 if (!ssl_check_message_type(ssl, SSL3_MT_NEXT_PROTO) ||
1892 CBS_init(&next_protocol, ssl->init_msg, ssl->init_num);
1897 ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
1901 if (!CBS_stow(&selected_protocol, &ssl->s3->next_proto_negotiated,
1902 &ssl->s3->next_proto_negotiated_len)) {
1911 SSL *const ssl = hs->ssl;
1912 int msg_ret = ssl->method->ssl_get_message(ssl);
1917 if (!ssl_check_message_type(ssl, SSL3_MT_CHANNEL_ID) ||
1926 SSL *const ssl = hs->ssl;
1929 if (ssl->session == NULL) {
1931 ssl_session_rebase_time(ssl, hs->new_session);
1936 session_copy = SSL_SESSION_dup(ssl->session, SSL_SESSION_INCLUDE_NONAUTH);
1941 ssl_session_rebase_time(ssl, session_copy);
1947 ssl->method->init_message(ssl, &cbb, &body, SSL3_MT_NEW_SESSION_TICKET) &&
1950 ssl_encrypt_ticket(ssl, &ticket, session) &&
1951 ssl_add_message_cbb(ssl, &cbb);