Lines 237-244
Link Here
|
237 |
|
237 |
|
238 |
#ifdef USE_ITHREADS |
238 |
#ifdef USE_ITHREADS |
239 |
static perl_mutex LIB_init_mutex; |
239 |
static perl_mutex LIB_init_mutex; |
|
|
240 |
#if OPENSSL_VERSION_NUMBER < 0x10100000L |
240 |
static perl_mutex *GLOBAL_openssl_mutex = NULL; |
241 |
static perl_mutex *GLOBAL_openssl_mutex = NULL; |
241 |
#endif |
242 |
#endif |
|
|
243 |
#endif |
242 |
static int LIB_initialized; |
244 |
static int LIB_initialized; |
243 |
|
245 |
|
244 |
UV get_my_thread_id(void) /* returns threads->tid() value */ |
246 |
UV get_my_thread_id(void) /* returns threads->tid() value */ |
Lines 277-282
Link Here
|
277 |
*/ |
279 |
*/ |
278 |
#if defined(USE_ITHREADS) && defined(OPENSSL_THREADS) |
280 |
#if defined(USE_ITHREADS) && defined(OPENSSL_THREADS) |
279 |
|
281 |
|
|
|
282 |
|
283 |
#if OPENSSL_VERSION_NUMBER < 0x10100000L |
280 |
static void openssl_locking_function(int mode, int type, const char *file, int line) |
284 |
static void openssl_locking_function(int mode, int type, const char *file, int line) |
281 |
{ |
285 |
{ |
282 |
PR3("openssl_locking_function %d %d\n", mode, type); |
286 |
PR3("openssl_locking_function %d %d\n", mode, type); |
Lines 331-336
Link Here
|
331 |
MUTEX_DESTROY(&l->mutex); |
335 |
MUTEX_DESTROY(&l->mutex); |
332 |
Safefree(l); |
336 |
Safefree(l); |
333 |
} |
337 |
} |
|
|
338 |
#endif |
334 |
|
339 |
|
335 |
void openssl_threads_init(void) |
340 |
void openssl_threads_init(void) |
336 |
{ |
341 |
{ |
Lines 338-343
Link Here
|
338 |
|
343 |
|
339 |
PR1("STARTED: openssl_threads_init\n"); |
344 |
PR1("STARTED: openssl_threads_init\n"); |
340 |
|
345 |
|
|
|
346 |
#if OPENSSL_VERSION_NUMBER < 0x10100000L |
341 |
/* initialize static locking */ |
347 |
/* initialize static locking */ |
342 |
if ( !CRYPTO_get_locking_callback() ) { |
348 |
if ( !CRYPTO_get_locking_callback() ) { |
343 |
#if OPENSSL_VERSION_NUMBER < 0x10000000L |
349 |
#if OPENSSL_VERSION_NUMBER < 0x10000000L |
Lines 371-376
Link Here
|
371 |
CRYPTO_set_dynlock_lock_callback(openssl_dynlocking_lock_function); |
377 |
CRYPTO_set_dynlock_lock_callback(openssl_dynlocking_lock_function); |
372 |
CRYPTO_set_dynlock_destroy_callback(openssl_dynlocking_destroy_function); |
378 |
CRYPTO_set_dynlock_destroy_callback(openssl_dynlocking_destroy_function); |
373 |
} |
379 |
} |
|
|
380 |
#endif |
374 |
} |
381 |
} |
375 |
|
382 |
|
376 |
#endif |
383 |
#endif |
Lines 395-401
Link Here
|
395 |
if (!m) return; /* Skip aliases */ |
402 |
if (!m) return; /* Skip aliases */ |
396 |
mname = OBJ_nid2ln(EVP_MD_type(m)); |
403 |
mname = OBJ_nid2ln(EVP_MD_type(m)); |
397 |
if (strcmp(from, mname)) return; /* Skip shortnames */ |
404 |
if (strcmp(from, mname)) return; /* Skip shortnames */ |
|
|
405 |
#if OPENSSL_VERSION_NUMBER < 0x10100000L |
398 |
if (EVP_MD_flags(m) & EVP_MD_FLAG_PKEY_DIGEST) return; /* Skip clones */ |
406 |
if (EVP_MD_flags(m) & EVP_MD_FLAG_PKEY_DIGEST) return; /* Skip clones */ |
|
|
407 |
#endif |
399 |
if (strchr(mname, ' ')) mname= EVP_MD_name(m); |
408 |
if (strchr(mname, ' ')) mname= EVP_MD_name(m); |
400 |
av_push(arg, newSVpv(mname,0)); |
409 |
av_push(arg, newSVpv(mname,0)); |
401 |
} |
410 |
} |
Lines 799-804
Link Here
|
799 |
AV *ciphers = newAV(); |
808 |
AV *ciphers = newAV(); |
800 |
SV *pref_cipher = sv_newmortal(); |
809 |
SV *pref_cipher = sv_newmortal(); |
801 |
SV * cb_func, *cb_data; |
810 |
SV * cb_func, *cb_data; |
|
|
811 |
SV * secretsv; |
802 |
|
812 |
|
803 |
PR1("STARTED: ssleay_session_secret_cb_invoke\n"); |
813 |
PR1("STARTED: ssleay_session_secret_cb_invoke\n"); |
804 |
cb_func = cb_data_advanced_get(arg, "ssleay_session_secret_cb!!func"); |
814 |
cb_func = cb_data_advanced_get(arg, "ssleay_session_secret_cb!!func"); |
Lines 811-818
Link Here
|
811 |
SAVETMPS; |
821 |
SAVETMPS; |
812 |
|
822 |
|
813 |
PUSHMARK(SP); |
823 |
PUSHMARK(SP); |
814 |
|
824 |
secretsv = sv_2mortal( newSVpv(secret, *secret_len)); |
815 |
XPUSHs( sv_2mortal( newSVpv(secret, *secret_len)) ); |
825 |
XPUSHs(secretsv); |
816 |
for (i=0; i<sk_SSL_CIPHER_num(peer_ciphers); i++) { |
826 |
for (i=0; i<sk_SSL_CIPHER_num(peer_ciphers); i++) { |
817 |
SSL_CIPHER *c = sk_SSL_CIPHER_value(peer_ciphers,i); |
827 |
SSL_CIPHER *c = sk_SSL_CIPHER_value(peer_ciphers,i); |
818 |
av_store(ciphers, i, sv_2mortal(newSVpv(SSL_CIPHER_get_name(c), 0))); |
828 |
av_store(ciphers, i, sv_2mortal(newSVpv(SSL_CIPHER_get_name(c), 0))); |
Lines 835-840
Link Here
|
835 |
/* See if there is a preferred cipher selected, if so it is an index into the stack */ |
845 |
/* See if there is a preferred cipher selected, if so it is an index into the stack */ |
836 |
if (SvIOK(pref_cipher)) |
846 |
if (SvIOK(pref_cipher)) |
837 |
*cipher = sk_SSL_CIPHER_value(peer_ciphers, SvIV(pref_cipher)); |
847 |
*cipher = sk_SSL_CIPHER_value(peer_ciphers, SvIV(pref_cipher)); |
|
|
848 |
|
849 |
#if OPENSSL_VERSION_NUMBER >= 0x10100000L |
850 |
/* Use any new master secret set by the callback function in secret */ |
851 |
STRLEN newsecretlen; |
852 |
char* newsecretdata = SvPV(secretsv, newsecretlen); |
853 |
memcpy(secret, newsecretdata, newsecretlen); |
854 |
#endif |
838 |
} |
855 |
} |
839 |
|
856 |
|
840 |
PUTBACK; |
857 |
PUTBACK; |
Lines 1404-1411
Link Here
|
1404 |
OUTPUT: |
1421 |
OUTPUT: |
1405 |
RETVAL |
1422 |
RETVAL |
1406 |
|
1423 |
|
1407 |
#ifndef OPENSSL_NO_SSL2 |
|
|
1408 |
|
1424 |
|
|
|
1425 |
#if OPENSSL_VERSION_NUMBER < 0x10100000L |
1426 |
#ifndef OPENSSL_NO_SSL2 |
1427 |
|
1409 |
SSL_CTX * |
1428 |
SSL_CTX * |
1410 |
SSL_CTX_v2_new() |
1429 |
SSL_CTX_v2_new() |
1411 |
CODE: |
1430 |
CODE: |
Lines 1414-1420
Link Here
|
1414 |
RETVAL |
1433 |
RETVAL |
1415 |
|
1434 |
|
1416 |
#endif |
1435 |
#endif |
1417 |
|
1436 |
#endif |
1418 |
#ifndef OPENSSL_NO_SSL3 |
1437 |
#ifndef OPENSSL_NO_SSL3 |
1419 |
|
1438 |
|
1420 |
SSL_CTX * |
1439 |
SSL_CTX * |
Lines 2105-2114
Link Here
|
2105 |
SSL_want(s) |
2124 |
SSL_want(s) |
2106 |
SSL * s |
2125 |
SSL * s |
2107 |
|
2126 |
|
|
|
2127 |
#if OPENSSL_VERSION_NUMBER < 0x10100000L |
2108 |
int |
2128 |
int |
2109 |
SSL_state(s) |
2129 |
SSL_state(s) |
2110 |
SSL * s |
2130 |
SSL * s |
2111 |
|
2131 |
|
|
|
2132 |
int |
2133 |
SSL_get_state(ssl) |
2134 |
SSL * ssl |
2135 |
CODE: |
2136 |
RETVAL = SSL_state(ssl); |
2137 |
OUTPUT: |
2138 |
RETVAL |
2139 |
|
2140 |
|
2141 |
#else |
2142 |
int |
2143 |
SSL_state(s) |
2144 |
SSL * s |
2145 |
CODE: |
2146 |
RETVAL = SSL_get_state(s); |
2147 |
OUTPUT: |
2148 |
RETVAL |
2149 |
|
2150 |
|
2151 |
int |
2152 |
SSL_get_state(s) |
2153 |
SSL * s |
2154 |
|
2155 |
#endif |
2112 |
#if OPENSSL_VERSION_NUMBER >= 0x0090806fL && !defined(OPENSSL_NO_TLSEXT) |
2156 |
#if OPENSSL_VERSION_NUMBER >= 0x0090806fL && !defined(OPENSSL_NO_TLSEXT) |
2113 |
|
2157 |
|
2114 |
long |
2158 |
long |
Lines 2734-2752
Link Here
|
2734 |
X509_ATTRIBUTE * att; |
2778 |
X509_ATTRIBUTE * att; |
2735 |
int count, i; |
2779 |
int count, i; |
2736 |
ASN1_STRING * s; |
2780 |
ASN1_STRING * s; |
|
|
2781 |
ASN1_TYPE * t; |
2737 |
PPCODE: |
2782 |
PPCODE: |
2738 |
att = X509_REQ_get_attr(req,n); |
2783 |
att = X509_REQ_get_attr(req,n); |
2739 |
if (att->single) { |
2784 |
count = X509_ATTRIBUTE_count(att); |
2740 |
s = (att->value.single->value.asn1_string); |
2785 |
for (i=0; i<count; i++) { |
|
|
2786 |
t = X509_ATTRIBUTE_get0_type(att, i); |
2787 |
s = t->value.asn1_string; |
2741 |
XPUSHs(sv_2mortal(newSViv(PTR2IV(s)))); |
2788 |
XPUSHs(sv_2mortal(newSViv(PTR2IV(s)))); |
2742 |
} |
2789 |
} |
2743 |
else { |
|
|
2744 |
count = sk_ASN1_TYPE_num(att->value.set); |
2745 |
for (i=0; i<count; i++) { |
2746 |
s = (sk_ASN1_TYPE_value(att->value.set, i)->value.asn1_string); |
2747 |
XPUSHs(sv_2mortal(newSViv(PTR2IV(s)))); |
2748 |
} |
2749 |
} |
2750 |
|
2790 |
|
2751 |
#endif |
2791 |
#endif |
2752 |
|
2792 |
|
Lines 4439-4444
Link Here
|
4439 |
const unsigned char * sid_ctx |
4479 |
const unsigned char * sid_ctx |
4440 |
unsigned int sid_ctx_len |
4480 |
unsigned int sid_ctx_len |
4441 |
|
4481 |
|
|
|
4482 |
#if OPENSSL_VERSION_NUMBER < 0x10100000L |
4442 |
void |
4483 |
void |
4443 |
SSL_CTX_set_tmp_rsa_callback(ctx, cb) |
4484 |
SSL_CTX_set_tmp_rsa_callback(ctx, cb) |
4444 |
SSL_CTX * ctx |
4485 |
SSL_CTX * ctx |
Lines 4449-4454
Link Here
|
4449 |
SSL * ssl |
4490 |
SSL * ssl |
4450 |
cb_ssl_int_int_ret_RSA * cb |
4491 |
cb_ssl_int_int_ret_RSA * cb |
4451 |
|
4492 |
|
|
|
4493 |
#endif |
4494 |
|
4452 |
void |
4495 |
void |
4453 |
SSL_CTX_set_tmp_dh_callback(ctx, dh) |
4496 |
SSL_CTX_set_tmp_dh_callback(ctx, dh) |
4454 |
SSL_CTX * ctx |
4497 |
SSL_CTX * ctx |
Lines 4526-4531
Link Here
|
4526 |
OUTPUT: |
4569 |
OUTPUT: |
4527 |
RETVAL |
4570 |
RETVAL |
4528 |
|
4571 |
|
|
|
4572 |
#if OPENSSL_VERSION_NUMBER < 0x10100000L |
4529 |
long |
4573 |
long |
4530 |
SSL_CTX_need_tmp_RSA(ctx) |
4574 |
SSL_CTX_need_tmp_RSA(ctx) |
4531 |
SSL_CTX * ctx |
4575 |
SSL_CTX * ctx |
Lines 4534-4539
Link Here
|
4534 |
OUTPUT: |
4578 |
OUTPUT: |
4535 |
RETVAL |
4579 |
RETVAL |
4536 |
|
4580 |
|
|
|
4581 |
#endif |
4582 |
|
4537 |
int |
4583 |
int |
4538 |
SSL_CTX_set_app_data(ctx,arg) |
4584 |
SSL_CTX_set_app_data(ctx,arg) |
4539 |
SSL_CTX * ctx |
4585 |
SSL_CTX * ctx |
Lines 4575-4585
Link Here
|
4575 |
SSL_CTX * ctx |
4621 |
SSL_CTX * ctx |
4576 |
DH * dh |
4622 |
DH * dh |
4577 |
|
4623 |
|
|
|
4624 |
#if OPENSSL_VERSION_NUMBER < 0x10100000L |
4578 |
long |
4625 |
long |
4579 |
SSL_CTX_set_tmp_rsa(ctx,rsa) |
4626 |
SSL_CTX_set_tmp_rsa(ctx,rsa) |
4580 |
SSL_CTX * ctx |
4627 |
SSL_CTX * ctx |
4581 |
RSA * rsa |
4628 |
RSA * rsa |
4582 |
|
4629 |
|
|
|
4630 |
#endif |
4631 |
|
4583 |
#if OPENSSL_VERSION_NUMBER > 0x10000000L && !defined OPENSSL_NO_EC |
4632 |
#if OPENSSL_VERSION_NUMBER > 0x10000000L && !defined OPENSSL_NO_EC |
4584 |
|
4633 |
|
4585 |
EC_KEY * |
4634 |
EC_KEY * |
Lines 4622-4646
Link Here
|
4622 |
OUTPUT: |
4671 |
OUTPUT: |
4623 |
RETVAL |
4672 |
RETVAL |
4624 |
|
4673 |
|
4625 |
int |
|
|
4626 |
SSL_get_state(ssl) |
4627 |
SSL * ssl |
4628 |
CODE: |
4629 |
RETVAL = SSL_state(ssl); |
4630 |
OUTPUT: |
4631 |
RETVAL |
4632 |
|
4633 |
void |
4674 |
void |
4634 |
SSL_set_state(ssl,state) |
4675 |
SSL_set_state(ssl,state) |
4635 |
SSL * ssl |
4676 |
SSL * ssl |
4636 |
int state |
4677 |
int state |
4637 |
CODE: |
4678 |
CODE: |
4638 |
#ifdef OPENSSL_NO_SSL_INTERN |
4679 |
#if OPENSSL_VERSION_NUMBER >= 0x10100000L |
|
|
4680 |
/* not available */ |
4681 |
#elif defined(OPENSSL_NO_SSL_INTERN) |
4639 |
SSL_set_state(ssl,state); |
4682 |
SSL_set_state(ssl,state); |
4640 |
#else |
4683 |
#else |
4641 |
ssl->state = state; |
4684 |
ssl->state = state; |
4642 |
#endif |
4685 |
#endif |
4643 |
|
4686 |
|
|
|
4687 |
#if OPENSSL_VERSION_NUMBER < 0x10100000L |
4644 |
long |
4688 |
long |
4645 |
SSL_need_tmp_RSA(ssl) |
4689 |
SSL_need_tmp_RSA(ssl) |
4646 |
SSL * ssl |
4690 |
SSL * ssl |
Lines 4649-4654
Link Here
|
4649 |
OUTPUT: |
4693 |
OUTPUT: |
4650 |
RETVAL |
4694 |
RETVAL |
4651 |
|
4695 |
|
|
|
4696 |
|
4697 |
#endif |
4698 |
|
4652 |
long |
4699 |
long |
4653 |
SSL_num_renegotiations(ssl) |
4700 |
SSL_num_renegotiations(ssl) |
4654 |
SSL * ssl |
4701 |
SSL * ssl |
Lines 4668-4677
Link Here
|
4668 |
long |
4715 |
long |
4669 |
SSL_session_reused(ssl) |
4716 |
SSL_session_reused(ssl) |
4670 |
SSL * ssl |
4717 |
SSL * ssl |
4671 |
CODE: |
|
|
4672 |
RETVAL = SSL_ctrl(ssl,SSL_CTRL_GET_SESSION_REUSED,0,NULL); |
4673 |
OUTPUT: |
4674 |
RETVAL |
4675 |
|
4718 |
|
4676 |
int |
4719 |
int |
4677 |
SSL_SESSION_set_app_data(s,a) |
4720 |
SSL_SESSION_set_app_data(s,a) |
Lines 4714-4719
Link Here
|
4714 |
SSL * ssl |
4757 |
SSL * ssl |
4715 |
DH * dh |
4758 |
DH * dh |
4716 |
|
4759 |
|
|
|
4760 |
#if OPENSSL_VERSION_NUMBER < 0x10100000L |
4717 |
long |
4761 |
long |
4718 |
SSL_set_tmp_rsa(ssl,rsa) |
4762 |
SSL_set_tmp_rsa(ssl,rsa) |
4719 |
SSL * ssl |
4763 |
SSL * ssl |
Lines 4723-4728
Link Here
|
4723 |
OUTPUT: |
4767 |
OUTPUT: |
4724 |
RETVAL |
4768 |
RETVAL |
4725 |
|
4769 |
|
|
|
4770 |
#endif |
4726 |
|
4771 |
|
4727 |
#ifdef __ANDROID__ |
4772 |
#ifdef __ANDROID__ |
4728 |
|
4773 |
|
Lines 4855-4867
Link Here
|
4855 |
OUTPUT: |
4900 |
OUTPUT: |
4856 |
RETVAL |
4901 |
RETVAL |
4857 |
|
4902 |
|
|
|
4903 |
#if OPENSSL_VERSION_NUMBER >= 0x10100000L |
4858 |
void |
4904 |
void |
4859 |
SSL_SESSION_get_master_key(s) |
4905 |
SSL_SESSION_get_master_key(s) |
4860 |
SSL_SESSION * s |
4906 |
SSL_SESSION * s |
|
|
4907 |
PREINIT: |
4908 |
size_t master_key_length; |
4909 |
unsigned char* master_key; |
4861 |
CODE: |
4910 |
CODE: |
4862 |
ST(0) = sv_newmortal(); /* Undefined to start with */ |
4911 |
ST(0) = sv_newmortal(); /* Undefined to start with */ |
|
|
4912 |
master_key_length = SSL_SESSION_get_master_key(s, 0, 0); /* get the length */ |
4913 |
New(0, master_key, master_key_length, unsigned char); |
4914 |
SSL_SESSION_get_master_key(s, master_key, master_key_length); |
4915 |
sv_setpvn(ST(0), (const char*)master_key, master_key_length); |
4916 |
Safefree(master_key); |
4917 |
|
4918 |
#else |
4919 |
void |
4920 |
SSL_SESSION_get_master_key(s) |
4921 |
SSL_SESSION * s |
4922 |
CODE: |
4923 |
ST(0) = sv_newmortal(); /* Undefined to start with */ |
4863 |
sv_setpvn(ST(0), (const char*)s->master_key, s->master_key_length); |
4924 |
sv_setpvn(ST(0), (const char*)s->master_key, s->master_key_length); |
4864 |
|
4925 |
|
|
|
4926 |
#endif |
4927 |
|
4928 |
#if OPENSSL_VERSION_NUMBER < 0x10100000L |
4929 |
|
4865 |
void |
4930 |
void |
4866 |
SSL_SESSION_set_master_key(s,key) |
4931 |
SSL_SESSION_set_master_key(s,key) |
4867 |
SSL_SESSION * s |
4932 |
SSL_SESSION * s |
Lines 4873-4896
Link Here
|
4873 |
memcpy(s->master_key, key, len); |
4938 |
memcpy(s->master_key, key, len); |
4874 |
s->master_key_length = len; |
4939 |
s->master_key_length = len; |
4875 |
|
4940 |
|
|
|
4941 |
#endif |
4942 |
|
4943 |
#if OPENSSL_VERSION_NUMBER >= 0x10100000L |
4944 |
|
4876 |
void |
4945 |
void |
4877 |
SSL_get_client_random(s) |
4946 |
SSL_get_client_random(s) |
4878 |
SSL * s |
4947 |
SSL * s |
|
|
4948 |
PREINIT: |
4949 |
size_t random_length; |
4950 |
unsigned char* random_data; |
4879 |
CODE: |
4951 |
CODE: |
4880 |
ST(0) = sv_newmortal(); /* Undefined to start with */ |
4952 |
ST(0) = sv_newmortal(); /* Undefined to start with */ |
|
|
4953 |
random_length = SSL_get_client_random(s, 0, 0); /* get the length */ |
4954 |
New(0, random_data, random_length, unsigned char); |
4955 |
SSL_get_client_random(s, random_data, random_length); |
4956 |
sv_setpvn(ST(0), (const char*)random_data, random_length); |
4957 |
Safefree(random_data); |
4958 |
|
4959 |
#else |
4960 |
|
4961 |
void |
4962 |
SSL_get_client_random(s) |
4963 |
SSL * s |
4964 |
CODE: |
4965 |
ST(0) = sv_newmortal(); /* Undefined to start with */ |
4881 |
sv_setpvn(ST(0), (const char*)s->s3->client_random, SSL3_RANDOM_SIZE); |
4966 |
sv_setpvn(ST(0), (const char*)s->s3->client_random, SSL3_RANDOM_SIZE); |
4882 |
|
4967 |
|
|
|
4968 |
#endif |
4969 |
|
4970 |
#if OPENSSL_VERSION_NUMBER >= 0x10100000L |
4971 |
|
4883 |
void |
4972 |
void |
4884 |
SSL_get_server_random(s) |
4973 |
SSL_get_server_random(s) |
4885 |
SSL * s |
4974 |
SSL * s |
|
|
4975 |
PREINIT: |
4976 |
size_t random_length; |
4977 |
unsigned char* random_data; |
4886 |
CODE: |
4978 |
CODE: |
4887 |
ST(0) = sv_newmortal(); /* Undefined to start with */ |
4979 |
ST(0) = sv_newmortal(); /* Undefined to start with */ |
|
|
4980 |
random_length = SSL_get_server_random(s, 0, 0); /* get the length */ |
4981 |
New(0, random_data, random_length, unsigned char); |
4982 |
SSL_get_server_random(s, random_data, random_length); |
4983 |
sv_setpvn(ST(0), (const char*)random_data, random_length); |
4984 |
Safefree(random_data); |
4985 |
|
4986 |
#else |
4987 |
|
4988 |
void |
4989 |
SSL_get_server_random(s) |
4990 |
SSL * s |
4991 |
CODE: |
4992 |
ST(0) = sv_newmortal(); /* Undefined to start with */ |
4888 |
sv_setpvn(ST(0), (const char*)s->s3->server_random, SSL3_RANDOM_SIZE); |
4993 |
sv_setpvn(ST(0), (const char*)s->s3->server_random, SSL3_RANDOM_SIZE); |
4889 |
|
4994 |
|
|
|
4995 |
#endif |
4996 |
|
4890 |
int |
4997 |
int |
4891 |
SSL_get_keyblock_size(s) |
4998 |
SSL_get_keyblock_size(s) |
4892 |
SSL * s |
4999 |
SSL * s |
4893 |
CODE: |
5000 |
CODE: |
|
|
5001 |
#if OPENSSL_VERSION_NUMBER >= 0x10100000L |
5002 |
const SSL_CIPHER *ssl_cipher; |
5003 |
int cipher, digest; |
5004 |
const EVP_CIPHER *c; |
5005 |
const EVP_MD *h; |
5006 |
|
5007 |
ssl_cipher = SSL_get_current_cipher(s); |
5008 |
cipher = SSL_CIPHER_get_cipher_nid(ssl_cipher); |
5009 |
digest = SSL_CIPHER_get_digest_nid(ssl_cipher); |
5010 |
c = EVP_get_cipherbynid(cipher); |
5011 |
h = EVP_get_digestbynid(digest); |
5012 |
RETVAL = 2 * (EVP_CIPHER_key_length(c) + EVP_MD_size(h) + |
5013 |
EVP_CIPHER_iv_length(c)); |
5014 |
#else |
4894 |
if (s == NULL || |
5015 |
if (s == NULL || |
4895 |
s->enc_read_ctx == NULL || |
5016 |
s->enc_read_ctx == NULL || |
4896 |
s->enc_read_ctx->cipher == NULL || |
5017 |
s->enc_read_ctx->cipher == NULL || |
Lines 4919-4924
Link Here
|
4919 |
EVP_CIPHER_iv_length(c))) |
5040 |
EVP_CIPHER_iv_length(c))) |
4920 |
: -1; |
5041 |
: -1; |
4921 |
} |
5042 |
} |
|
|
5043 |
#endif |
5044 |
|
4922 |
OUTPUT: |
5045 |
OUTPUT: |
4923 |
RETVAL |
5046 |
RETVAL |
4924 |
|
5047 |
|
Lines 4956-4964
Link Here
|
4956 |
else { |
5079 |
else { |
4957 |
cb_data_advanced_put(s, "ssleay_session_secret_cb!!func", newSVsv(callback)); |
5080 |
cb_data_advanced_put(s, "ssleay_session_secret_cb!!func", newSVsv(callback)); |
4958 |
cb_data_advanced_put(s, "ssleay_session_secret_cb!!data", newSVsv(data)); |
5081 |
cb_data_advanced_put(s, "ssleay_session_secret_cb!!data", newSVsv(data)); |
4959 |
SSL_set_session_secret_cb(s, (int (*)(SSL *s, void *secret, int *secret_len, |
5082 |
SSL_set_session_secret_cb(s, (tls_session_secret_cb_fn)&ssleay_session_secret_cb_invoke, s); |
4960 |
STACK_OF(SSL_CIPHER) *peer_ciphers, |
|
|
4961 |
SSL_CIPHER **cipher, void *arg))&ssleay_session_secret_cb_invoke, s); |
4962 |
} |
5083 |
} |
4963 |
|
5084 |
|
4964 |
#endif |
5085 |
#endif |
Lines 5382-5388
Link Here
|
5382 |
P_X509_get_signature_alg(x) |
5503 |
P_X509_get_signature_alg(x) |
5383 |
X509 * x |
5504 |
X509 * x |
5384 |
CODE: |
5505 |
CODE: |
|
|
5506 |
#if OPENSSL_VERSION_NUMBER >= 0x10100000L |
5507 |
RETVAL = (X509_get0_tbs_sigalg(x)->algorithm); |
5508 |
#else |
5385 |
RETVAL = (x->cert_info->signature->algorithm); |
5509 |
RETVAL = (x->cert_info->signature->algorithm); |
|
|
5510 |
#endif |
5386 |
OUTPUT: |
5511 |
OUTPUT: |
5387 |
RETVAL |
5512 |
RETVAL |
5388 |
|
5513 |
|
Lines 5389-5396
Link Here
|
5389 |
ASN1_OBJECT * |
5514 |
ASN1_OBJECT * |
5390 |
P_X509_get_pubkey_alg(x) |
5515 |
P_X509_get_pubkey_alg(x) |
5391 |
X509 * x |
5516 |
X509 * x |
|
|
5517 |
PREINIT: |
5392 |
CODE: |
5518 |
CODE: |
|
|
5519 |
#if OPENSSL_VERSION_NUMBER >= 0x10100000L |
5520 |
{ |
5521 |
X509_ALGOR * algor; |
5522 |
X509_PUBKEY_get0_param(0, 0, 0, &algor, X509_get_X509_PUBKEY(x)); |
5523 |
RETVAL = (algor->algorithm); |
5524 |
} |
5525 |
#else |
5393 |
RETVAL = (x->cert_info->key->algor->algorithm); |
5526 |
RETVAL = (x->cert_info->key->algor->algorithm); |
|
|
5527 |
#endif |
5394 |
OUTPUT: |
5528 |
OUTPUT: |
5395 |
RETVAL |
5529 |
RETVAL |
5396 |
|
5530 |
|
Lines 5705-5712
Link Here
|
5705 |
* response does not contain the chain up to the trusted root */ |
5839 |
* response does not contain the chain up to the trusted root */ |
5706 |
STACK_OF(X509) *chain = SSL_get_peer_cert_chain(ssl); |
5840 |
STACK_OF(X509) *chain = SSL_get_peer_cert_chain(ssl); |
5707 |
for(i=0;i<sk_X509_num(chain);i++) { |
5841 |
for(i=0;i<sk_X509_num(chain);i++) { |
5708 |
if (!bsr->certs) bsr->certs = sk_X509_new_null(); |
5842 |
OCSP_basic_add1_cert(bsr, sk_X509_value(chain,i)); |
5709 |
sk_X509_push(bsr->certs,X509_dup(sk_X509_value(chain,i))); |
|
|
5710 |
} |
5843 |
} |
5711 |
TRACE(1,"run basic verify"); |
5844 |
TRACE(1,"run basic verify"); |
5712 |
RETVAL = OCSP_basic_verify(bsr, NULL, store, flags); |
5845 |
RETVAL = OCSP_basic_verify(bsr, NULL, store, flags); |
Lines 5718-5724
Link Here
|
5718 |
X509 *issuer; |
5851 |
X509 *issuer; |
5719 |
X509 *last = sk_X509_value(chain,sk_X509_num(chain)-1); |
5852 |
X509 *last = sk_X509_value(chain,sk_X509_num(chain)-1); |
5720 |
if ( (issuer = find_issuer(last,store,chain))) { |
5853 |
if ( (issuer = find_issuer(last,store,chain))) { |
5721 |
sk_X509_push(bsr->certs,X509_dup(issuer)); |
5854 |
OCSP_basic_add1_cert(bsr, X509_dup(issuer)); |
5722 |
TRACE(1,"run OCSP_basic_verify with issuer for last chain element"); |
5855 |
TRACE(1,"run OCSP_basic_verify with issuer for last chain element"); |
5723 |
RETVAL = OCSP_basic_verify(bsr, NULL, store, flags); |
5856 |
RETVAL = OCSP_basic_verify(bsr, NULL, store, flags); |
5724 |
} |
5857 |
} |
Lines 5736-5742
Link Here
|
5736 |
OCSP_BASICRESP *bsr; |
5869 |
OCSP_BASICRESP *bsr; |
5737 |
int i,want_array; |
5870 |
int i,want_array; |
5738 |
time_t nextupd = 0; |
5871 |
time_t nextupd = 0; |
5739 |
STACK_OF(OCSP_SINGLERESP) *sks; |
|
|
5740 |
int getall,sksn; |
5872 |
int getall,sksn; |
5741 |
|
5873 |
|
5742 |
bsr = OCSP_response_get1_basic(rsp); |
5874 |
bsr = OCSP_response_get1_basic(rsp); |
Lines 5744-5751
Link Here
|
5744 |
|
5876 |
|
5745 |
want_array = (GIMME == G_ARRAY); |
5877 |
want_array = (GIMME == G_ARRAY); |
5746 |
getall = (items <= 1); |
5878 |
getall = (items <= 1); |
5747 |
sks = bsr->tbsResponseData->responses; |
5879 |
sksn = OCSP_resp_count(bsr); |
5748 |
sksn = sk_OCSP_SINGLERESP_num(sks); |
|
|
5749 |
|
5880 |
|
5750 |
for(i=0; i < (getall ? sksn : items-1); i++) { |
5881 |
for(i=0; i < (getall ? sksn : items-1); i++) { |
5751 |
const char *error = NULL; |
5882 |
const char *error = NULL; |
Lines 5754-5762
Link Here
|
5754 |
SV *idsv = NULL; |
5885 |
SV *idsv = NULL; |
5755 |
|
5886 |
|
5756 |
if(getall) { |
5887 |
if(getall) { |
5757 |
sir = sk_OCSP_SINGLERESP_value(sks,i); |
5888 |
sir = OCSP_resp_get0(bsr,i); |
5758 |
} else { |
5889 |
} else { |
5759 |
int k; |
|
|
5760 |
STRLEN len; |
5890 |
STRLEN len; |
5761 |
const unsigned char *p; |
5891 |
const unsigned char *p; |
5762 |
|
5892 |
|
Lines 5767-5788
Link Here
|
5767 |
error = "failed to get OCSP certid from string"; |
5897 |
error = "failed to get OCSP certid from string"; |
5768 |
goto end; |
5898 |
goto end; |
5769 |
} |
5899 |
} |
5770 |
for(k=0;k<sksn;k++) { |
5900 |
int first = OCSP_resp_find(bsr, certid, -1); /* Find the first matching */ |
5771 |
if (!OCSP_id_cmp(certid,sk_OCSP_SINGLERESP_value(sks,k)->certId)) { |
5901 |
if (first >= 0) |
5772 |
sir = sk_OCSP_SINGLERESP_value(sks,k); |
5902 |
{ |
5773 |
break; |
5903 |
sir = OCSP_resp_get0(bsr,first); |
5774 |
} |
5904 |
break; |
5775 |
} |
5905 |
} |
5776 |
} |
5906 |
} |
5777 |
|
5907 |
|
5778 |
if (!sir) { |
5908 |
int status, revocationReason; |
5779 |
error = "cannot find entry for certificate in OCSP response"; |
5909 |
ASN1_GENERALIZEDTIME *revocationTime, *thisupdate, *nextupdate; |
5780 |
} else if (!OCSP_check_validity(sir->thisUpdate,sir->nextUpdate,0,-1)) { |
5910 |
if (sir) |
5781 |
error = "response not yet valid or expired"; |
5911 |
{ |
5782 |
} else if (sir->certStatus->type == V_OCSP_CERTSTATUS_REVOKED) { |
5912 |
#if OPENSSL_VERSION_NUMBER >= 0x10100000L |
5783 |
error = "certificate status is revoked"; |
5913 |
status = OCSP_single_get0_status(sir, &revocationReason, &revocationTime, &thisupdate, &nextupdate); |
5784 |
} else if (sir->certStatus->type != V_OCSP_CERTSTATUS_GOOD) { |
5914 |
#else |
5785 |
error = "certificate status is unknown"; |
5915 |
status = sir->certStatus->type; |
|
|
5916 |
revocationTime = sir->certStatus->value.revoked->revocationTime; |
5917 |
thisupdate = sir->thisUpdate; |
5918 |
nextupdate = sir->nextUpdate; |
5919 |
#endif |
5920 |
if (status == V_OCSP_CERTSTATUS_REVOKED) { |
5921 |
error = "certificate status is revoked"; |
5922 |
} else if (status != V_OCSP_CERTSTATUS_GOOD) { |
5923 |
error = "certificate status is unknown"; |
5924 |
} |
5925 |
else if (!OCSP_check_validity(thisupdate, nextupdate, 0, -1)) { |
5926 |
error = "response not yet valid or expired"; |
5927 |
} |
5928 |
} else { |
5929 |
error = "cannot find entry for certificate in OCSP response"; |
5786 |
} |
5930 |
} |
5787 |
|
5931 |
|
5788 |
end: |
5932 |
end: |
Lines 5791-5802
Link Here
|
5791 |
if (!idsv) { |
5935 |
if (!idsv) { |
5792 |
/* getall: create new SV with OCSP_CERTID */ |
5936 |
/* getall: create new SV with OCSP_CERTID */ |
5793 |
unsigned char *pi,*pc; |
5937 |
unsigned char *pi,*pc; |
|
|
5938 |
#if OPENSSL_VERSION_NUMBER >= 0x10100000L |
5939 |
int len = i2d_OCSP_CERTID(OCSP_SINGLERESP_get0_id(sir),NULL); |
5940 |
#else |
5794 |
int len = i2d_OCSP_CERTID(sir->certId,NULL); |
5941 |
int len = i2d_OCSP_CERTID(sir->certId,NULL); |
|
|
5942 |
#endif |
5795 |
if(!len) continue; |
5943 |
if(!len) continue; |
5796 |
Newx(pc,len,unsigned char); |
5944 |
Newx(pc,len,unsigned char); |
5797 |
if (!pc) croak("out of memory"); |
5945 |
if (!pc) croak("out of memory"); |
5798 |
pi = pc; |
5946 |
pi = pc; |
|
|
5947 |
#if OPENSSL_VERSION_NUMBER >= 0x10100000L |
5948 |
i2d_OCSP_CERTID(OCSP_SINGLERESP_get0_id(sir),&pi); |
5949 |
#else |
5799 |
i2d_OCSP_CERTID(sir->certId,&pi); |
5950 |
i2d_OCSP_CERTID(sir->certId,&pi); |
|
|
5951 |
#endif |
5800 |
idsv = newSVpv((char*)pc,len); |
5952 |
idsv = newSVpv((char*)pc,len); |
5801 |
Safefree(pc); |
5953 |
Safefree(pc); |
5802 |
} else { |
5954 |
} else { |
Lines 5809-5834
Link Here
|
5809 |
HV *details = newHV(); |
5961 |
HV *details = newHV(); |
5810 |
av_push(idav,newRV_noinc((SV*)details)); |
5962 |
av_push(idav,newRV_noinc((SV*)details)); |
5811 |
hv_store(details,"statusType",10, |
5963 |
hv_store(details,"statusType",10, |
5812 |
newSViv(sir->certStatus->type),0); |
5964 |
newSViv(status),0); |
5813 |
if (sir->nextUpdate) hv_store(details,"nextUpdate",10, |
5965 |
if (nextupdate) hv_store(details,"nextUpdate",10, |
5814 |
newSViv(ASN1_TIME_timet(sir->nextUpdate)),0); |
5966 |
newSViv(ASN1_TIME_timet(nextupdate)),0); |
5815 |
if (sir->thisUpdate) hv_store(details,"thisUpdate",10, |
5967 |
if (thisupdate) hv_store(details,"thisUpdate",10, |
5816 |
newSViv(ASN1_TIME_timet(sir->thisUpdate)),0); |
5968 |
newSViv(ASN1_TIME_timet(thisupdate)),0); |
5817 |
if (sir->certStatus->type == V_OCSP_CERTSTATUS_REVOKED) { |
5969 |
if (status == V_OCSP_CERTSTATUS_REVOKED) { |
|
|
5970 |
#if OPENSSL_VERSION_NUMBER < 0x10100000L |
5818 |
OCSP_REVOKEDINFO *rev = sir->certStatus->value.revoked; |
5971 |
OCSP_REVOKEDINFO *rev = sir->certStatus->value.revoked; |
5819 |
hv_store(details,"revocationTime",14,newSViv( |
5972 |
revocationReason = ASN1_ENUMERATED_get(rev->revocationReason); |
5820 |
ASN1_TIME_timet(rev->revocationTime)),0); |
5973 |
#endif |
5821 |
hv_store(details,"revocationReason",16,newSViv( |
5974 |
hv_store(details,"revocationTime",14,newSViv(ASN1_TIME_timet(revocationTime)),0); |
5822 |
ASN1_ENUMERATED_get(rev->revocationReason)),0); |
5975 |
hv_store(details,"revocationReason",16,newSViv(revocationReason),0); |
5823 |
hv_store(details,"revocationReason_str",20,newSVpv( |
5976 |
hv_store(details,"revocationReason_str",20,newSVpv( |
5824 |
OCSP_crl_reason_str(ASN1_ENUMERATED_get( |
5977 |
OCSP_crl_reason_str(revocationReason),0),0); |
5825 |
rev->revocationReason)),0),0); |
|
|
5826 |
} |
5978 |
} |
5827 |
} |
5979 |
} |
5828 |
XPUSHs(sv_2mortal(newRV_noinc((SV*)idav))); |
5980 |
XPUSHs(sv_2mortal(newRV_noinc((SV*)idav))); |
5829 |
} else if (!error) { |
5981 |
} else if (!error) { |
5830 |
/* compute lowest nextUpdate */ |
5982 |
/* compute lowest nextUpdate */ |
5831 |
time_t nu = ASN1_TIME_timet(sir->nextUpdate); |
5983 |
time_t nu = ASN1_TIME_timet(nextupdate); |
5832 |
if (!nextupd || nextupd>nu) nextupd = nu; |
5984 |
if (!nextupd || nextupd>nu) nextupd = nu; |
5833 |
} |
5985 |
} |
5834 |
|
5986 |
|