1*1a6e1177Sjsing /* $OpenBSD: ssl_methods.c,v 1.5 2019/11/17 19:07:07 jsing Exp $ */ 29158af98Sjsing /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 39158af98Sjsing * All rights reserved. 49158af98Sjsing * 59158af98Sjsing * This package is an SSL implementation written 69158af98Sjsing * by Eric Young (eay@cryptsoft.com). 79158af98Sjsing * The implementation was written so as to conform with Netscapes SSL. 89158af98Sjsing * 99158af98Sjsing * This library is free for commercial and non-commercial use as long as 109158af98Sjsing * the following conditions are aheared to. The following conditions 119158af98Sjsing * apply to all code found in this distribution, be it the RC4, RSA, 129158af98Sjsing * lhash, DES, etc., code; not just the SSL code. The SSL documentation 139158af98Sjsing * included with this distribution is covered by the same copyright terms 149158af98Sjsing * except that the holder is Tim Hudson (tjh@cryptsoft.com). 159158af98Sjsing * 169158af98Sjsing * Copyright remains Eric Young's, and as such any Copyright notices in 179158af98Sjsing * the code are not to be removed. 189158af98Sjsing * If this package is used in a product, Eric Young should be given attribution 199158af98Sjsing * as the author of the parts of the library used. 209158af98Sjsing * This can be in the form of a textual message at program startup or 219158af98Sjsing * in documentation (online or textual) provided with the package. 229158af98Sjsing * 239158af98Sjsing * Redistribution and use in source and binary forms, with or without 249158af98Sjsing * modification, are permitted provided that the following conditions 259158af98Sjsing * are met: 269158af98Sjsing * 1. Redistributions of source code must retain the copyright 279158af98Sjsing * notice, this list of conditions and the following disclaimer. 289158af98Sjsing * 2. Redistributions in binary form must reproduce the above copyright 299158af98Sjsing * notice, this list of conditions and the following disclaimer in the 309158af98Sjsing * documentation and/or other materials provided with the distribution. 319158af98Sjsing * 3. All advertising materials mentioning features or use of this software 329158af98Sjsing * must display the following acknowledgement: 339158af98Sjsing * "This product includes cryptographic software written by 349158af98Sjsing * Eric Young (eay@cryptsoft.com)" 359158af98Sjsing * The word 'cryptographic' can be left out if the rouines from the library 369158af98Sjsing * being used are not cryptographic related :-). 379158af98Sjsing * 4. If you include any Windows specific code (or a derivative thereof) from 389158af98Sjsing * the apps directory (application code) you must include an acknowledgement: 399158af98Sjsing * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 409158af98Sjsing * 419158af98Sjsing * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 429158af98Sjsing * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 439158af98Sjsing * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 449158af98Sjsing * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 459158af98Sjsing * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 469158af98Sjsing * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 479158af98Sjsing * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 489158af98Sjsing * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 499158af98Sjsing * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 509158af98Sjsing * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 519158af98Sjsing * SUCH DAMAGE. 529158af98Sjsing * 539158af98Sjsing * The licence and distribution terms for any publically available version or 549158af98Sjsing * derivative of this code cannot be changed. i.e. this code cannot simply be 559158af98Sjsing * copied and put under another distribution licence 569158af98Sjsing * [including the GNU Public Licence.] 579158af98Sjsing */ 589158af98Sjsing 599158af98Sjsing #include "ssl_locl.h" 60efee3f2fSjsing #include "tls13_internal.h" 619158af98Sjsing 629158af98Sjsing static const SSL_METHOD_INTERNAL DTLSv1_client_method_internal_data = { 639158af98Sjsing .version = DTLS1_VERSION, 649158af98Sjsing .min_version = DTLS1_VERSION, 659158af98Sjsing .max_version = DTLS1_VERSION, 669158af98Sjsing .ssl_new = dtls1_new, 679158af98Sjsing .ssl_clear = dtls1_clear, 689158af98Sjsing .ssl_free = dtls1_free, 699158af98Sjsing .ssl_accept = ssl_undefined_function, 709158af98Sjsing .ssl_connect = ssl3_connect, 71*1a6e1177Sjsing .ssl_shutdown = ssl3_shutdown, 729158af98Sjsing .get_ssl_method = dtls1_get_client_method, 739158af98Sjsing .get_timeout = dtls1_default_timeout, 749158af98Sjsing .ssl_version = ssl_undefined_void_function, 759158af98Sjsing .ssl_renegotiate = ssl3_renegotiate, 769158af98Sjsing .ssl_renegotiate_check = ssl3_renegotiate_check, 779158af98Sjsing .ssl_get_message = dtls1_get_message, 789158af98Sjsing .ssl_read_bytes = dtls1_read_bytes, 799158af98Sjsing .ssl_write_bytes = dtls1_write_app_data_bytes, 809158af98Sjsing .ssl3_enc = &DTLSv1_enc_data, 819158af98Sjsing }; 829158af98Sjsing 839158af98Sjsing static const SSL_METHOD DTLSv1_client_method_data = { 849158af98Sjsing .ssl_dispatch_alert = dtls1_dispatch_alert, 859158af98Sjsing .num_ciphers = ssl3_num_ciphers, 869158af98Sjsing .get_cipher = dtls1_get_cipher, 879158af98Sjsing .get_cipher_by_char = ssl3_get_cipher_by_char, 889158af98Sjsing .put_cipher_by_char = ssl3_put_cipher_by_char, 899158af98Sjsing .internal = &DTLSv1_client_method_internal_data, 909158af98Sjsing }; 919158af98Sjsing 929158af98Sjsing const SSL_METHOD * 939158af98Sjsing DTLSv1_client_method(void) 949158af98Sjsing { 959158af98Sjsing return &DTLSv1_client_method_data; 969158af98Sjsing } 979158af98Sjsing 989158af98Sjsing const SSL_METHOD * 9971023d34Sjsing DTLS_client_method(void) 10071023d34Sjsing { 10171023d34Sjsing return DTLSv1_client_method(); 10271023d34Sjsing } 10371023d34Sjsing 10471023d34Sjsing const SSL_METHOD * 1059158af98Sjsing dtls1_get_client_method(int ver) 1069158af98Sjsing { 1079158af98Sjsing if (ver == DTLS1_VERSION) 1089158af98Sjsing return (DTLSv1_client_method()); 1099158af98Sjsing return (NULL); 1109158af98Sjsing } 1119158af98Sjsing 1129158af98Sjsing static const SSL_METHOD *dtls1_get_method(int ver); 1139158af98Sjsing 1149158af98Sjsing static const SSL_METHOD_INTERNAL DTLSv1_method_internal_data = { 1159158af98Sjsing .version = DTLS1_VERSION, 1169158af98Sjsing .min_version = DTLS1_VERSION, 1179158af98Sjsing .max_version = DTLS1_VERSION, 1189158af98Sjsing .ssl_new = dtls1_new, 1199158af98Sjsing .ssl_clear = dtls1_clear, 1209158af98Sjsing .ssl_free = dtls1_free, 1219158af98Sjsing .ssl_accept = ssl3_accept, 1229158af98Sjsing .ssl_connect = ssl3_connect, 123*1a6e1177Sjsing .ssl_shutdown = ssl3_shutdown, 1249158af98Sjsing .get_ssl_method = dtls1_get_method, 1259158af98Sjsing .get_timeout = dtls1_default_timeout, 1269158af98Sjsing .ssl_version = ssl_undefined_void_function, 1279158af98Sjsing .ssl_renegotiate = ssl3_renegotiate, 1289158af98Sjsing .ssl_renegotiate_check = ssl3_renegotiate_check, 1299158af98Sjsing .ssl_get_message = dtls1_get_message, 1309158af98Sjsing .ssl_read_bytes = dtls1_read_bytes, 1319158af98Sjsing .ssl_write_bytes = dtls1_write_app_data_bytes, 1329158af98Sjsing .ssl3_enc = &DTLSv1_enc_data, 1339158af98Sjsing }; 1349158af98Sjsing 1359158af98Sjsing static const SSL_METHOD DTLSv1_method_data = { 1369158af98Sjsing .ssl_dispatch_alert = dtls1_dispatch_alert, 1379158af98Sjsing .num_ciphers = ssl3_num_ciphers, 1389158af98Sjsing .get_cipher = dtls1_get_cipher, 1399158af98Sjsing .get_cipher_by_char = ssl3_get_cipher_by_char, 1409158af98Sjsing .put_cipher_by_char = ssl3_put_cipher_by_char, 1419158af98Sjsing .internal = &DTLSv1_method_internal_data, 1429158af98Sjsing }; 1439158af98Sjsing 1449158af98Sjsing const SSL_METHOD * 1459158af98Sjsing DTLSv1_method(void) 1469158af98Sjsing { 1479158af98Sjsing return &DTLSv1_method_data; 1489158af98Sjsing } 1499158af98Sjsing 15071023d34Sjsing const SSL_METHOD * 15171023d34Sjsing DTLS_method(void) 15271023d34Sjsing { 15371023d34Sjsing return DTLSv1_method(); 15471023d34Sjsing } 15571023d34Sjsing 1569158af98Sjsing static const SSL_METHOD * 1579158af98Sjsing dtls1_get_method(int ver) 1589158af98Sjsing { 1599158af98Sjsing if (ver == DTLS1_VERSION) 1609158af98Sjsing return (DTLSv1_method()); 1619158af98Sjsing return (NULL); 1629158af98Sjsing } 1639158af98Sjsing 1649158af98Sjsing static const SSL_METHOD_INTERNAL DTLSv1_server_method_internal_data = { 1659158af98Sjsing .version = DTLS1_VERSION, 1669158af98Sjsing .min_version = DTLS1_VERSION, 1679158af98Sjsing .max_version = DTLS1_VERSION, 1689158af98Sjsing .ssl_new = dtls1_new, 1699158af98Sjsing .ssl_clear = dtls1_clear, 1709158af98Sjsing .ssl_free = dtls1_free, 1719158af98Sjsing .ssl_accept = ssl3_accept, 1729158af98Sjsing .ssl_connect = ssl_undefined_function, 173*1a6e1177Sjsing .ssl_shutdown = ssl3_shutdown, 1749158af98Sjsing .get_ssl_method = dtls1_get_server_method, 1759158af98Sjsing .get_timeout = dtls1_default_timeout, 1769158af98Sjsing .ssl_version = ssl_undefined_void_function, 1779158af98Sjsing .ssl_renegotiate = ssl3_renegotiate, 1789158af98Sjsing .ssl_renegotiate_check = ssl3_renegotiate_check, 1799158af98Sjsing .ssl_get_message = dtls1_get_message, 1809158af98Sjsing .ssl_read_bytes = dtls1_read_bytes, 1819158af98Sjsing .ssl_write_bytes = dtls1_write_app_data_bytes, 1829158af98Sjsing .ssl3_enc = &DTLSv1_enc_data, 1839158af98Sjsing }; 1849158af98Sjsing 1859158af98Sjsing static const SSL_METHOD DTLSv1_server_method_data = { 1869158af98Sjsing .ssl_dispatch_alert = dtls1_dispatch_alert, 1879158af98Sjsing .num_ciphers = ssl3_num_ciphers, 1889158af98Sjsing .get_cipher = dtls1_get_cipher, 1899158af98Sjsing .get_cipher_by_char = ssl3_get_cipher_by_char, 1909158af98Sjsing .put_cipher_by_char = ssl3_put_cipher_by_char, 1919158af98Sjsing .internal = &DTLSv1_server_method_internal_data, 1929158af98Sjsing }; 1939158af98Sjsing 1949158af98Sjsing const SSL_METHOD * 1959158af98Sjsing DTLSv1_server_method(void) 1969158af98Sjsing { 1979158af98Sjsing return &DTLSv1_server_method_data; 1989158af98Sjsing } 1999158af98Sjsing 2009158af98Sjsing const SSL_METHOD * 20171023d34Sjsing DTLS_server_method(void) 20271023d34Sjsing { 20371023d34Sjsing return DTLSv1_server_method(); 20471023d34Sjsing } 20571023d34Sjsing 20671023d34Sjsing const SSL_METHOD * 2079158af98Sjsing dtls1_get_server_method(int ver) 2089158af98Sjsing { 2099158af98Sjsing if (ver == DTLS1_VERSION) 2109158af98Sjsing return (DTLSv1_server_method()); 2119158af98Sjsing return (NULL); 2129158af98Sjsing } 2139158af98Sjsing 21464a0a0c8Sjsing #ifdef LIBRESSL_HAS_TLS1_3 2159158af98Sjsing static const SSL_METHOD_INTERNAL TLS_client_method_internal_data = { 216efee3f2fSjsing .version = TLS1_3_VERSION, 217efee3f2fSjsing .min_version = TLS1_VERSION, 218efee3f2fSjsing .max_version = TLS1_3_VERSION, 219efee3f2fSjsing .ssl_new = tls1_new, 220efee3f2fSjsing .ssl_clear = tls1_clear, 221efee3f2fSjsing .ssl_free = tls1_free, 222efee3f2fSjsing .ssl_accept = ssl_undefined_function, 223efee3f2fSjsing .ssl_connect = tls13_legacy_connect, 224*1a6e1177Sjsing .ssl_shutdown = ssl3_shutdown, 225efee3f2fSjsing .get_ssl_method = tls1_get_client_method, 226efee3f2fSjsing .get_timeout = tls1_default_timeout, 227efee3f2fSjsing .ssl_version = ssl_undefined_void_function, 228efee3f2fSjsing .ssl_renegotiate = ssl_undefined_function, 229efee3f2fSjsing .ssl_renegotiate_check = ssl_ok, 230efee3f2fSjsing .ssl_get_message = ssl3_get_message, 231efee3f2fSjsing .ssl_read_bytes = tls13_legacy_read_bytes, 232efee3f2fSjsing .ssl_write_bytes = tls13_legacy_write_bytes, 233efee3f2fSjsing .ssl3_enc = &TLSv1_2_enc_data, 234efee3f2fSjsing }; 235efee3f2fSjsing 236efee3f2fSjsing static const SSL_METHOD TLS_client_method_data = { 237efee3f2fSjsing .ssl_dispatch_alert = ssl3_dispatch_alert, 238efee3f2fSjsing .num_ciphers = ssl3_num_ciphers, 239efee3f2fSjsing .get_cipher = ssl3_get_cipher, 240efee3f2fSjsing .get_cipher_by_char = ssl3_get_cipher_by_char, 241efee3f2fSjsing .put_cipher_by_char = ssl3_put_cipher_by_char, 242efee3f2fSjsing .internal = &TLS_client_method_internal_data, 243efee3f2fSjsing }; 244efee3f2fSjsing #endif 245efee3f2fSjsing 246efee3f2fSjsing static const SSL_METHOD_INTERNAL TLS_legacy_client_method_internal_data = { 2479158af98Sjsing .version = TLS1_2_VERSION, 2489158af98Sjsing .min_version = TLS1_VERSION, 2499158af98Sjsing .max_version = TLS1_2_VERSION, 2509158af98Sjsing .ssl_new = tls1_new, 2519158af98Sjsing .ssl_clear = tls1_clear, 2529158af98Sjsing .ssl_free = tls1_free, 2539158af98Sjsing .ssl_accept = ssl_undefined_function, 2549158af98Sjsing .ssl_connect = ssl3_connect, 255*1a6e1177Sjsing .ssl_shutdown = ssl3_shutdown, 2569158af98Sjsing .get_ssl_method = tls1_get_client_method, 2579158af98Sjsing .get_timeout = tls1_default_timeout, 2589158af98Sjsing .ssl_version = ssl_undefined_void_function, 2599158af98Sjsing .ssl_renegotiate = ssl_undefined_function, 2609158af98Sjsing .ssl_renegotiate_check = ssl_ok, 2619158af98Sjsing .ssl_get_message = ssl3_get_message, 2629158af98Sjsing .ssl_read_bytes = ssl3_read_bytes, 2639158af98Sjsing .ssl_write_bytes = ssl3_write_bytes, 2649158af98Sjsing .ssl3_enc = &TLSv1_2_enc_data, 2659158af98Sjsing }; 2669158af98Sjsing 267efee3f2fSjsing static const SSL_METHOD TLS_legacy_client_method_data = { 2689158af98Sjsing .ssl_dispatch_alert = ssl3_dispatch_alert, 2699158af98Sjsing .num_ciphers = ssl3_num_ciphers, 2709158af98Sjsing .get_cipher = ssl3_get_cipher, 2719158af98Sjsing .get_cipher_by_char = ssl3_get_cipher_by_char, 2729158af98Sjsing .put_cipher_by_char = ssl3_put_cipher_by_char, 273efee3f2fSjsing .internal = &TLS_legacy_client_method_internal_data, 2749158af98Sjsing }; 2759158af98Sjsing 2769158af98Sjsing static const SSL_METHOD_INTERNAL TLSv1_client_method_internal_data = { 2779158af98Sjsing .version = TLS1_VERSION, 2789158af98Sjsing .min_version = TLS1_VERSION, 2799158af98Sjsing .max_version = TLS1_VERSION, 2809158af98Sjsing .ssl_new = tls1_new, 2819158af98Sjsing .ssl_clear = tls1_clear, 2829158af98Sjsing .ssl_free = tls1_free, 2839158af98Sjsing .ssl_accept = ssl_undefined_function, 2849158af98Sjsing .ssl_connect = ssl3_connect, 285*1a6e1177Sjsing .ssl_shutdown = ssl3_shutdown, 2869158af98Sjsing .get_ssl_method = tls1_get_client_method, 2879158af98Sjsing .get_timeout = tls1_default_timeout, 2889158af98Sjsing .ssl_version = ssl_undefined_void_function, 2899158af98Sjsing .ssl_renegotiate = ssl3_renegotiate, 2909158af98Sjsing .ssl_renegotiate_check = ssl3_renegotiate_check, 2919158af98Sjsing .ssl_get_message = ssl3_get_message, 2929158af98Sjsing .ssl_read_bytes = ssl3_read_bytes, 2939158af98Sjsing .ssl_write_bytes = ssl3_write_bytes, 2949158af98Sjsing .ssl3_enc = &TLSv1_enc_data, 2959158af98Sjsing }; 2969158af98Sjsing 2979158af98Sjsing static const SSL_METHOD TLSv1_client_method_data = { 2989158af98Sjsing .ssl_dispatch_alert = ssl3_dispatch_alert, 2999158af98Sjsing .num_ciphers = ssl3_num_ciphers, 3009158af98Sjsing .get_cipher = ssl3_get_cipher, 3019158af98Sjsing .get_cipher_by_char = ssl3_get_cipher_by_char, 3029158af98Sjsing .put_cipher_by_char = ssl3_put_cipher_by_char, 3039158af98Sjsing .internal = &TLSv1_client_method_internal_data, 3049158af98Sjsing }; 3059158af98Sjsing 3069158af98Sjsing static const SSL_METHOD_INTERNAL TLSv1_1_client_method_internal_data = { 3079158af98Sjsing .version = TLS1_1_VERSION, 3089158af98Sjsing .min_version = TLS1_1_VERSION, 3099158af98Sjsing .max_version = TLS1_1_VERSION, 3109158af98Sjsing .ssl_new = tls1_new, 3119158af98Sjsing .ssl_clear = tls1_clear, 3129158af98Sjsing .ssl_free = tls1_free, 3139158af98Sjsing .ssl_accept = ssl_undefined_function, 3149158af98Sjsing .ssl_connect = ssl3_connect, 315*1a6e1177Sjsing .ssl_shutdown = ssl3_shutdown, 3169158af98Sjsing .get_ssl_method = tls1_get_client_method, 3179158af98Sjsing .get_timeout = tls1_default_timeout, 3189158af98Sjsing .ssl_version = ssl_undefined_void_function, 3199158af98Sjsing .ssl_renegotiate = ssl3_renegotiate, 3209158af98Sjsing .ssl_renegotiate_check = ssl3_renegotiate_check, 3219158af98Sjsing .ssl_get_message = ssl3_get_message, 3229158af98Sjsing .ssl_read_bytes = ssl3_read_bytes, 3239158af98Sjsing .ssl_write_bytes = ssl3_write_bytes, 3249158af98Sjsing .ssl3_enc = &TLSv1_1_enc_data, 3259158af98Sjsing }; 3269158af98Sjsing 3279158af98Sjsing static const SSL_METHOD TLSv1_1_client_method_data = { 3289158af98Sjsing .ssl_dispatch_alert = ssl3_dispatch_alert, 3299158af98Sjsing .num_ciphers = ssl3_num_ciphers, 3309158af98Sjsing .get_cipher = ssl3_get_cipher, 3319158af98Sjsing .get_cipher_by_char = ssl3_get_cipher_by_char, 3329158af98Sjsing .put_cipher_by_char = ssl3_put_cipher_by_char, 3339158af98Sjsing .internal = &TLSv1_1_client_method_internal_data, 3349158af98Sjsing }; 3359158af98Sjsing 3369158af98Sjsing static const SSL_METHOD_INTERNAL TLSv1_2_client_method_internal_data = { 3379158af98Sjsing .version = TLS1_2_VERSION, 3389158af98Sjsing .min_version = TLS1_2_VERSION, 3399158af98Sjsing .max_version = TLS1_2_VERSION, 3409158af98Sjsing .ssl_new = tls1_new, 3419158af98Sjsing .ssl_clear = tls1_clear, 3429158af98Sjsing .ssl_free = tls1_free, 3439158af98Sjsing .ssl_accept = ssl_undefined_function, 3449158af98Sjsing .ssl_connect = ssl3_connect, 345*1a6e1177Sjsing .ssl_shutdown = ssl3_shutdown, 3469158af98Sjsing .get_ssl_method = tls1_get_client_method, 3479158af98Sjsing .get_timeout = tls1_default_timeout, 3489158af98Sjsing .ssl_version = ssl_undefined_void_function, 3499158af98Sjsing .ssl_renegotiate = ssl3_renegotiate, 3509158af98Sjsing .ssl_renegotiate_check = ssl3_renegotiate_check, 3519158af98Sjsing .ssl_get_message = ssl3_get_message, 3529158af98Sjsing .ssl_read_bytes = ssl3_read_bytes, 3539158af98Sjsing .ssl_write_bytes = ssl3_write_bytes, 3549158af98Sjsing .ssl3_enc = &TLSv1_2_enc_data, 3559158af98Sjsing }; 3569158af98Sjsing 3579158af98Sjsing static const SSL_METHOD TLSv1_2_client_method_data = { 3589158af98Sjsing .ssl_dispatch_alert = ssl3_dispatch_alert, 3599158af98Sjsing .num_ciphers = ssl3_num_ciphers, 3609158af98Sjsing .get_cipher = ssl3_get_cipher, 3619158af98Sjsing .get_cipher_by_char = ssl3_get_cipher_by_char, 3629158af98Sjsing .put_cipher_by_char = ssl3_put_cipher_by_char, 3639158af98Sjsing .internal = &TLSv1_2_client_method_internal_data, 3649158af98Sjsing }; 3659158af98Sjsing 3669158af98Sjsing const SSL_METHOD * 3679158af98Sjsing tls1_get_client_method(int ver) 3689158af98Sjsing { 3699158af98Sjsing if (ver == TLS1_2_VERSION) 3709158af98Sjsing return (TLSv1_2_client_method()); 3719158af98Sjsing if (ver == TLS1_1_VERSION) 3729158af98Sjsing return (TLSv1_1_client_method()); 3739158af98Sjsing if (ver == TLS1_VERSION) 3749158af98Sjsing return (TLSv1_client_method()); 3759158af98Sjsing return (NULL); 3769158af98Sjsing } 3779158af98Sjsing 3789158af98Sjsing const SSL_METHOD * 3799158af98Sjsing SSLv23_client_method(void) 3809158af98Sjsing { 3819158af98Sjsing return (TLS_client_method()); 3829158af98Sjsing } 3839158af98Sjsing 3849158af98Sjsing const SSL_METHOD * 3859158af98Sjsing TLS_client_method(void) 3869158af98Sjsing { 38764a0a0c8Sjsing #ifdef LIBRESSL_HAS_TLS1_3 3889158af98Sjsing return (&TLS_client_method_data); 389efee3f2fSjsing #else 390efee3f2fSjsing return tls_legacy_client_method(); 391efee3f2fSjsing #endif 392efee3f2fSjsing } 393efee3f2fSjsing 394efee3f2fSjsing const SSL_METHOD * 395efee3f2fSjsing tls_legacy_client_method(void) 396efee3f2fSjsing { 397efee3f2fSjsing return (&TLS_legacy_client_method_data); 3989158af98Sjsing } 3999158af98Sjsing 4009158af98Sjsing const SSL_METHOD * 4019158af98Sjsing TLSv1_client_method(void) 4029158af98Sjsing { 4039158af98Sjsing return (&TLSv1_client_method_data); 4049158af98Sjsing } 4059158af98Sjsing 4069158af98Sjsing const SSL_METHOD * 4079158af98Sjsing TLSv1_1_client_method(void) 4089158af98Sjsing { 4099158af98Sjsing return (&TLSv1_1_client_method_data); 4109158af98Sjsing } 4119158af98Sjsing 4129158af98Sjsing const SSL_METHOD * 4139158af98Sjsing TLSv1_2_client_method(void) 4149158af98Sjsing { 4159158af98Sjsing return (&TLSv1_2_client_method_data); 4169158af98Sjsing } 4179158af98Sjsing 4189158af98Sjsing static const SSL_METHOD *tls1_get_method(int ver); 4199158af98Sjsing 4209158af98Sjsing static const SSL_METHOD_INTERNAL TLS_method_internal_data = { 4219158af98Sjsing .version = TLS1_2_VERSION, 4229158af98Sjsing .min_version = TLS1_VERSION, 4239158af98Sjsing .max_version = TLS1_2_VERSION, 4249158af98Sjsing .ssl_new = tls1_new, 4259158af98Sjsing .ssl_clear = tls1_clear, 4269158af98Sjsing .ssl_free = tls1_free, 4279158af98Sjsing .ssl_accept = ssl3_accept, 4289158af98Sjsing .ssl_connect = ssl3_connect, 429*1a6e1177Sjsing .ssl_shutdown = ssl3_shutdown, 4309158af98Sjsing .get_ssl_method = tls1_get_method, 4319158af98Sjsing .get_timeout = tls1_default_timeout, 4329158af98Sjsing .ssl_version = ssl_undefined_void_function, 4339158af98Sjsing .ssl_renegotiate = ssl_undefined_function, 4349158af98Sjsing .ssl_renegotiate_check = ssl_ok, 4359158af98Sjsing .ssl_get_message = ssl3_get_message, 4369158af98Sjsing .ssl_read_bytes = ssl3_read_bytes, 4379158af98Sjsing .ssl_write_bytes = ssl3_write_bytes, 4389158af98Sjsing .ssl3_enc = &TLSv1_2_enc_data, 4399158af98Sjsing }; 4409158af98Sjsing 4419158af98Sjsing static const SSL_METHOD TLS_method_data = { 4429158af98Sjsing .ssl_dispatch_alert = ssl3_dispatch_alert, 4439158af98Sjsing .num_ciphers = ssl3_num_ciphers, 4449158af98Sjsing .get_cipher = ssl3_get_cipher, 4459158af98Sjsing .get_cipher_by_char = ssl3_get_cipher_by_char, 4469158af98Sjsing .put_cipher_by_char = ssl3_put_cipher_by_char, 4479158af98Sjsing .internal = &TLS_method_internal_data, 4489158af98Sjsing }; 4499158af98Sjsing 4509158af98Sjsing static const SSL_METHOD_INTERNAL TLSv1_method_internal_data = { 4519158af98Sjsing .version = TLS1_VERSION, 4529158af98Sjsing .min_version = TLS1_VERSION, 4539158af98Sjsing .max_version = TLS1_VERSION, 4549158af98Sjsing .ssl_new = tls1_new, 4559158af98Sjsing .ssl_clear = tls1_clear, 4569158af98Sjsing .ssl_free = tls1_free, 4579158af98Sjsing .ssl_accept = ssl3_accept, 4589158af98Sjsing .ssl_connect = ssl3_connect, 459*1a6e1177Sjsing .ssl_shutdown = ssl3_shutdown, 4609158af98Sjsing .get_ssl_method = tls1_get_method, 4619158af98Sjsing .get_timeout = tls1_default_timeout, 4629158af98Sjsing .ssl_version = ssl_undefined_void_function, 4639158af98Sjsing .ssl_renegotiate = ssl3_renegotiate, 4649158af98Sjsing .ssl_renegotiate_check = ssl3_renegotiate_check, 4659158af98Sjsing .ssl_get_message = ssl3_get_message, 4669158af98Sjsing .ssl_read_bytes = ssl3_read_bytes, 4679158af98Sjsing .ssl_write_bytes = ssl3_write_bytes, 4689158af98Sjsing .ssl3_enc = &TLSv1_enc_data, 4699158af98Sjsing }; 4709158af98Sjsing 4719158af98Sjsing static const SSL_METHOD TLSv1_method_data = { 4729158af98Sjsing .ssl_dispatch_alert = ssl3_dispatch_alert, 4739158af98Sjsing .num_ciphers = ssl3_num_ciphers, 4749158af98Sjsing .get_cipher = ssl3_get_cipher, 4759158af98Sjsing .get_cipher_by_char = ssl3_get_cipher_by_char, 4769158af98Sjsing .put_cipher_by_char = ssl3_put_cipher_by_char, 4779158af98Sjsing .internal = &TLSv1_method_internal_data, 4789158af98Sjsing }; 4799158af98Sjsing 4809158af98Sjsing static const SSL_METHOD_INTERNAL TLSv1_1_method_internal_data = { 4819158af98Sjsing .version = TLS1_1_VERSION, 4829158af98Sjsing .min_version = TLS1_1_VERSION, 4839158af98Sjsing .max_version = TLS1_1_VERSION, 4849158af98Sjsing .ssl_new = tls1_new, 4859158af98Sjsing .ssl_clear = tls1_clear, 4869158af98Sjsing .ssl_free = tls1_free, 4879158af98Sjsing .ssl_accept = ssl3_accept, 4889158af98Sjsing .ssl_connect = ssl3_connect, 489*1a6e1177Sjsing .ssl_shutdown = ssl3_shutdown, 4909158af98Sjsing .get_ssl_method = tls1_get_method, 4919158af98Sjsing .get_timeout = tls1_default_timeout, 4929158af98Sjsing .ssl_version = ssl_undefined_void_function, 4939158af98Sjsing .ssl_renegotiate = ssl3_renegotiate, 4949158af98Sjsing .ssl_renegotiate_check = ssl3_renegotiate_check, 4959158af98Sjsing .ssl_get_message = ssl3_get_message, 4969158af98Sjsing .ssl_read_bytes = ssl3_read_bytes, 4979158af98Sjsing .ssl_write_bytes = ssl3_write_bytes, 4989158af98Sjsing .ssl3_enc = &TLSv1_1_enc_data, 4999158af98Sjsing }; 5009158af98Sjsing 5019158af98Sjsing static const SSL_METHOD TLSv1_1_method_data = { 5029158af98Sjsing .ssl_dispatch_alert = ssl3_dispatch_alert, 5039158af98Sjsing .num_ciphers = ssl3_num_ciphers, 5049158af98Sjsing .get_cipher = ssl3_get_cipher, 5059158af98Sjsing .get_cipher_by_char = ssl3_get_cipher_by_char, 5069158af98Sjsing .put_cipher_by_char = ssl3_put_cipher_by_char, 5079158af98Sjsing .internal = &TLSv1_1_method_internal_data, 5089158af98Sjsing }; 5099158af98Sjsing 5109158af98Sjsing static const SSL_METHOD_INTERNAL TLSv1_2_method_internal_data = { 5119158af98Sjsing .version = TLS1_2_VERSION, 5129158af98Sjsing .min_version = TLS1_2_VERSION, 5139158af98Sjsing .max_version = TLS1_2_VERSION, 5149158af98Sjsing .ssl_new = tls1_new, 5159158af98Sjsing .ssl_clear = tls1_clear, 5169158af98Sjsing .ssl_free = tls1_free, 5179158af98Sjsing .ssl_accept = ssl3_accept, 5189158af98Sjsing .ssl_connect = ssl3_connect, 519*1a6e1177Sjsing .ssl_shutdown = ssl3_shutdown, 5209158af98Sjsing .get_ssl_method = tls1_get_method, 5219158af98Sjsing .get_timeout = tls1_default_timeout, 5229158af98Sjsing .ssl_version = ssl_undefined_void_function, 5239158af98Sjsing .ssl_renegotiate = ssl3_renegotiate, 5249158af98Sjsing .ssl_renegotiate_check = ssl3_renegotiate_check, 5259158af98Sjsing .ssl_get_message = ssl3_get_message, 5269158af98Sjsing .ssl_read_bytes = ssl3_read_bytes, 5279158af98Sjsing .ssl_write_bytes = ssl3_write_bytes, 5289158af98Sjsing .ssl3_enc = &TLSv1_2_enc_data, 5299158af98Sjsing }; 5309158af98Sjsing 5319158af98Sjsing static const SSL_METHOD TLSv1_2_method_data = { 5329158af98Sjsing .ssl_dispatch_alert = ssl3_dispatch_alert, 5339158af98Sjsing .num_ciphers = ssl3_num_ciphers, 5349158af98Sjsing .get_cipher = ssl3_get_cipher, 5359158af98Sjsing .get_cipher_by_char = ssl3_get_cipher_by_char, 5369158af98Sjsing .put_cipher_by_char = ssl3_put_cipher_by_char, 5379158af98Sjsing .internal = &TLSv1_2_method_internal_data, 5389158af98Sjsing }; 5399158af98Sjsing 5409158af98Sjsing static const SSL_METHOD * 5419158af98Sjsing tls1_get_method(int ver) 5429158af98Sjsing { 5439158af98Sjsing if (ver == TLS1_2_VERSION) 5449158af98Sjsing return (TLSv1_2_method()); 5459158af98Sjsing if (ver == TLS1_1_VERSION) 5469158af98Sjsing return (TLSv1_1_method()); 5479158af98Sjsing if (ver == TLS1_VERSION) 5489158af98Sjsing return (TLSv1_method()); 5499158af98Sjsing return (NULL); 5509158af98Sjsing } 5519158af98Sjsing 5529158af98Sjsing const SSL_METHOD * 5539158af98Sjsing SSLv23_method(void) 5549158af98Sjsing { 5559158af98Sjsing return (TLS_method()); 5569158af98Sjsing } 5579158af98Sjsing 5589158af98Sjsing const SSL_METHOD * 5599158af98Sjsing TLS_method(void) 5609158af98Sjsing { 5619158af98Sjsing return &TLS_method_data; 5629158af98Sjsing } 5639158af98Sjsing 5649158af98Sjsing const SSL_METHOD * 5659158af98Sjsing TLSv1_method(void) 5669158af98Sjsing { 5679158af98Sjsing return (&TLSv1_method_data); 5689158af98Sjsing } 5699158af98Sjsing 5709158af98Sjsing const SSL_METHOD * 5719158af98Sjsing TLSv1_1_method(void) 5729158af98Sjsing { 5739158af98Sjsing return (&TLSv1_1_method_data); 5749158af98Sjsing } 5759158af98Sjsing 5769158af98Sjsing const SSL_METHOD * 5779158af98Sjsing TLSv1_2_method(void) 5789158af98Sjsing { 5799158af98Sjsing return (&TLSv1_2_method_data); 5809158af98Sjsing } 5819158af98Sjsing 5829158af98Sjsing static const SSL_METHOD_INTERNAL TLS_server_method_internal_data = { 5839158af98Sjsing .version = TLS1_2_VERSION, 5849158af98Sjsing .min_version = TLS1_VERSION, 5859158af98Sjsing .max_version = TLS1_2_VERSION, 5869158af98Sjsing .ssl_new = tls1_new, 5879158af98Sjsing .ssl_clear = tls1_clear, 5889158af98Sjsing .ssl_free = tls1_free, 5899158af98Sjsing .ssl_accept = ssl3_accept, 5909158af98Sjsing .ssl_connect = ssl_undefined_function, 591*1a6e1177Sjsing .ssl_shutdown = ssl3_shutdown, 5929158af98Sjsing .get_ssl_method = tls1_get_server_method, 5939158af98Sjsing .get_timeout = tls1_default_timeout, 5949158af98Sjsing .ssl_version = ssl_undefined_void_function, 5959158af98Sjsing .ssl_renegotiate = ssl_undefined_function, 5969158af98Sjsing .ssl_renegotiate_check = ssl_ok, 5979158af98Sjsing .ssl_get_message = ssl3_get_message, 5989158af98Sjsing .ssl_read_bytes = ssl3_read_bytes, 5999158af98Sjsing .ssl_write_bytes = ssl3_write_bytes, 6009158af98Sjsing .ssl3_enc = &TLSv1_2_enc_data, 6019158af98Sjsing }; 6029158af98Sjsing 6039158af98Sjsing static const SSL_METHOD TLS_server_method_data = { 6049158af98Sjsing .ssl_dispatch_alert = ssl3_dispatch_alert, 6059158af98Sjsing .num_ciphers = ssl3_num_ciphers, 6069158af98Sjsing .get_cipher = ssl3_get_cipher, 6079158af98Sjsing .get_cipher_by_char = ssl3_get_cipher_by_char, 6089158af98Sjsing .put_cipher_by_char = ssl3_put_cipher_by_char, 6099158af98Sjsing .internal = &TLS_server_method_internal_data, 6109158af98Sjsing }; 6119158af98Sjsing 6129158af98Sjsing static const SSL_METHOD_INTERNAL TLSv1_server_method_internal_data = { 6139158af98Sjsing .version = TLS1_VERSION, 6149158af98Sjsing .min_version = TLS1_VERSION, 6159158af98Sjsing .max_version = TLS1_VERSION, 6169158af98Sjsing .ssl_new = tls1_new, 6179158af98Sjsing .ssl_clear = tls1_clear, 6189158af98Sjsing .ssl_free = tls1_free, 6199158af98Sjsing .ssl_accept = ssl3_accept, 6209158af98Sjsing .ssl_connect = ssl_undefined_function, 621*1a6e1177Sjsing .ssl_shutdown = ssl3_shutdown, 6229158af98Sjsing .get_ssl_method = tls1_get_server_method, 6239158af98Sjsing .get_timeout = tls1_default_timeout, 6249158af98Sjsing .ssl_version = ssl_undefined_void_function, 6259158af98Sjsing .ssl_renegotiate = ssl3_renegotiate, 6269158af98Sjsing .ssl_renegotiate_check = ssl3_renegotiate_check, 6279158af98Sjsing .ssl_get_message = ssl3_get_message, 6289158af98Sjsing .ssl_read_bytes = ssl3_read_bytes, 6299158af98Sjsing .ssl_write_bytes = ssl3_write_bytes, 6309158af98Sjsing .ssl3_enc = &TLSv1_enc_data, 6319158af98Sjsing }; 6329158af98Sjsing 6339158af98Sjsing static const SSL_METHOD TLSv1_server_method_data = { 6349158af98Sjsing .ssl_dispatch_alert = ssl3_dispatch_alert, 6359158af98Sjsing .num_ciphers = ssl3_num_ciphers, 6369158af98Sjsing .get_cipher = ssl3_get_cipher, 6379158af98Sjsing .get_cipher_by_char = ssl3_get_cipher_by_char, 6389158af98Sjsing .put_cipher_by_char = ssl3_put_cipher_by_char, 6399158af98Sjsing .internal = &TLSv1_server_method_internal_data, 6409158af98Sjsing }; 6419158af98Sjsing 6429158af98Sjsing static const SSL_METHOD_INTERNAL TLSv1_1_server_method_internal_data = { 6439158af98Sjsing .version = TLS1_1_VERSION, 6449158af98Sjsing .min_version = TLS1_1_VERSION, 6459158af98Sjsing .max_version = TLS1_1_VERSION, 6469158af98Sjsing .ssl_new = tls1_new, 6479158af98Sjsing .ssl_clear = tls1_clear, 6489158af98Sjsing .ssl_free = tls1_free, 6499158af98Sjsing .ssl_accept = ssl3_accept, 6509158af98Sjsing .ssl_connect = ssl_undefined_function, 651*1a6e1177Sjsing .ssl_shutdown = ssl3_shutdown, 6529158af98Sjsing .get_ssl_method = tls1_get_server_method, 6539158af98Sjsing .get_timeout = tls1_default_timeout, 6549158af98Sjsing .ssl_version = ssl_undefined_void_function, 6559158af98Sjsing .ssl_renegotiate = ssl3_renegotiate, 6569158af98Sjsing .ssl_renegotiate_check = ssl3_renegotiate_check, 6579158af98Sjsing .ssl_get_message = ssl3_get_message, 6589158af98Sjsing .ssl_read_bytes = ssl3_read_bytes, 6599158af98Sjsing .ssl_write_bytes = ssl3_write_bytes, 6609158af98Sjsing .ssl3_enc = &TLSv1_1_enc_data, 6619158af98Sjsing }; 6629158af98Sjsing 6639158af98Sjsing static const SSL_METHOD TLSv1_1_server_method_data = { 6649158af98Sjsing .ssl_dispatch_alert = ssl3_dispatch_alert, 6659158af98Sjsing .num_ciphers = ssl3_num_ciphers, 6669158af98Sjsing .get_cipher = ssl3_get_cipher, 6679158af98Sjsing .get_cipher_by_char = ssl3_get_cipher_by_char, 6689158af98Sjsing .put_cipher_by_char = ssl3_put_cipher_by_char, 6699158af98Sjsing .internal = &TLSv1_1_server_method_internal_data, 6709158af98Sjsing }; 6719158af98Sjsing 6729158af98Sjsing static const SSL_METHOD_INTERNAL TLSv1_2_server_method_internal_data = { 6739158af98Sjsing .version = TLS1_2_VERSION, 6749158af98Sjsing .min_version = TLS1_2_VERSION, 6759158af98Sjsing .max_version = TLS1_2_VERSION, 6769158af98Sjsing .ssl_new = tls1_new, 6779158af98Sjsing .ssl_clear = tls1_clear, 6789158af98Sjsing .ssl_free = tls1_free, 6799158af98Sjsing .ssl_accept = ssl3_accept, 6809158af98Sjsing .ssl_connect = ssl_undefined_function, 681*1a6e1177Sjsing .ssl_shutdown = ssl3_shutdown, 6829158af98Sjsing .get_ssl_method = tls1_get_server_method, 6839158af98Sjsing .get_timeout = tls1_default_timeout, 6849158af98Sjsing .ssl_version = ssl_undefined_void_function, 6859158af98Sjsing .ssl_renegotiate = ssl3_renegotiate, 6869158af98Sjsing .ssl_renegotiate_check = ssl3_renegotiate_check, 6879158af98Sjsing .ssl_get_message = ssl3_get_message, 6889158af98Sjsing .ssl_read_bytes = ssl3_read_bytes, 6899158af98Sjsing .ssl_write_bytes = ssl3_write_bytes, 6909158af98Sjsing .ssl3_enc = &TLSv1_2_enc_data, 6919158af98Sjsing }; 6929158af98Sjsing 6939158af98Sjsing static const SSL_METHOD TLSv1_2_server_method_data = { 6949158af98Sjsing .ssl_dispatch_alert = ssl3_dispatch_alert, 6959158af98Sjsing .num_ciphers = ssl3_num_ciphers, 6969158af98Sjsing .get_cipher = ssl3_get_cipher, 6979158af98Sjsing .get_cipher_by_char = ssl3_get_cipher_by_char, 6989158af98Sjsing .put_cipher_by_char = ssl3_put_cipher_by_char, 6999158af98Sjsing .internal = &TLSv1_2_server_method_internal_data, 7009158af98Sjsing }; 7019158af98Sjsing 7029158af98Sjsing const SSL_METHOD * 7039158af98Sjsing tls1_get_server_method(int ver) 7049158af98Sjsing { 7059158af98Sjsing if (ver == TLS1_2_VERSION) 7069158af98Sjsing return (TLSv1_2_server_method()); 7079158af98Sjsing if (ver == TLS1_1_VERSION) 7089158af98Sjsing return (TLSv1_1_server_method()); 7099158af98Sjsing if (ver == TLS1_VERSION) 7109158af98Sjsing return (TLSv1_server_method()); 7119158af98Sjsing return (NULL); 7129158af98Sjsing } 7139158af98Sjsing 7149158af98Sjsing const SSL_METHOD * 7159158af98Sjsing SSLv23_server_method(void) 7169158af98Sjsing { 7179158af98Sjsing return (TLS_server_method()); 7189158af98Sjsing } 7199158af98Sjsing 7209158af98Sjsing const SSL_METHOD * 7219158af98Sjsing TLS_server_method(void) 7229158af98Sjsing { 7239158af98Sjsing return (&TLS_server_method_data); 7249158af98Sjsing } 7259158af98Sjsing 7269158af98Sjsing const SSL_METHOD * 7279158af98Sjsing TLSv1_server_method(void) 7289158af98Sjsing { 7299158af98Sjsing return (&TLSv1_server_method_data); 7309158af98Sjsing } 7319158af98Sjsing 7329158af98Sjsing const SSL_METHOD * 7339158af98Sjsing TLSv1_1_server_method(void) 7349158af98Sjsing { 7359158af98Sjsing return (&TLSv1_1_server_method_data); 7369158af98Sjsing } 7379158af98Sjsing 7389158af98Sjsing const SSL_METHOD * 7399158af98Sjsing TLSv1_2_server_method(void) 7409158af98Sjsing { 7419158af98Sjsing return (&TLSv1_2_server_method_data); 7429158af98Sjsing } 743