Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(242)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: openssl/ssl/ssl_lib.c

Issue 5692003: Allow NPN enable on a per-SSL connection basis... (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/deps/third_party/openssl/
Patch Set: Created 10 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « openssl/ssl/ssl.h ('k') | openssl/ssl/t1_lib.c » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /*! \file ssl/ssl_lib.c 1 /*! \file ssl/ssl_lib.c
2 * \brief Version independent SSL functions. 2 * \brief Version independent SSL functions.
3 */ 3 */
4 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 4 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
5 * All rights reserved. 5 * All rights reserved.
6 * 6 *
7 * This package is an SSL implementation written 7 * This package is an SSL implementation written
8 * by Eric Young (eay@cryptsoft.com). 8 * by Eric Young (eay@cryptsoft.com).
9 * The implementation was written so as to conform with Netscapes SSL. 9 * The implementation was written so as to conform with Netscapes SSL.
10 * 10 *
(...skipping 306 matching lines...) Expand 10 before | Expand all | Expand 10 after
317 s->tlsext_ticket_expected = 0; 317 s->tlsext_ticket_expected = 0;
318 s->tlsext_status_type = -1; 318 s->tlsext_status_type = -1;
319 s->tlsext_status_expected = 0; 319 s->tlsext_status_expected = 0;
320 s->tlsext_ocsp_ids = NULL; 320 s->tlsext_ocsp_ids = NULL;
321 s->tlsext_ocsp_exts = NULL; 321 s->tlsext_ocsp_exts = NULL;
322 s->tlsext_ocsp_resp = NULL; 322 s->tlsext_ocsp_resp = NULL;
323 s->tlsext_ocsp_resplen = -1; 323 s->tlsext_ocsp_resplen = -1;
324 CRYPTO_add(&ctx->references,1,CRYPTO_LOCK_SSL_CTX); 324 CRYPTO_add(&ctx->references,1,CRYPTO_LOCK_SSL_CTX);
325 s->initial_ctx=ctx; 325 s->initial_ctx=ctx;
326 s->next_proto_negotiated = NULL; 326 s->next_proto_negotiated = NULL;
327 s->next_proto_negotiated_len = 0;
328 s->next_proto_select_cb = ctx->next_proto_select_cb;
329 s->next_proto_select_cb_arg = ctx->next_proto_select_cb_arg;
327 #endif 330 #endif
328 s->verify_result=X509_V_OK; 331 s->verify_result=X509_V_OK;
329 332
330 s->method=ctx->method; 333 s->method=ctx->method;
331 334
332 if (!s->method->ssl_new(s)) 335 if (!s->method->ssl_new(s))
333 goto err; 336 goto err;
334 337
335 s->references=1; 338 s->references=1;
336 s->server=(ctx->method->ssl_accept == ssl_undefined_function)?0:1; 339 s->server=(ctx->method->ssl_accept == ssl_undefined_function)?0:1;
(...skipping 2526 matching lines...) Expand 10 before | Expand all | Expand 10 after
2863 ctx->next_protos_advertised_cb = cb; 2866 ctx->next_protos_advertised_cb = cb;
2864 ctx->next_protos_advertised_cb_arg = arg; 2867 ctx->next_protos_advertised_cb_arg = arg;
2865 } 2868 }
2866 2869
2867 /* SSL_CTX_set_next_proto_select_cb sets a callback that is called when a 2870 /* SSL_CTX_set_next_proto_select_cb sets a callback that is called when a
2868 * client needs to select a protocol from the server's provided list. |out| 2871 * client needs to select a protocol from the server's provided list. |out|
2869 * must be set to point to the selected protocol (which may be within |in|). 2872 * must be set to point to the selected protocol (which may be within |in|).
2870 * The length of the protocol name must be written into |outlen|. The server's 2873 * The length of the protocol name must be written into |outlen|. The server's
2871 * advertised protocols are provided in |in| and |inlen|. The callback can 2874 * advertised protocols are provided in |in| and |inlen|. The callback can
2872 * assume that |in| is syntactically valid. 2875 * assume that |in| is syntactically valid.
2876 * A side effect of calling this method with a non-NULL |cb| is to enable NPN
2877 * for all SSLs subsequently created from this CTX. Passing a NULL |cb| resets
2878 * the CTX so future connections will not use NPN.
2873 * 2879 *
2874 * The client must select a protocol. It is fatal to the connection if this 2880 * When enabled, the client must select a protocol. It is fatal to the
2875 * callback returns a value other than SSL_TLSEXT_ERR_OK. 2881 * connection if this callback returns a value other than SSL_TLSEXT_ERR_OK.
2876 */ 2882 */
2877 void SSL_CTX_set_next_proto_select_cb(SSL_CTX *ctx, int (*cb) (SSL *s, unsigned char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen, void *arg), void *arg) 2883 void SSL_CTX_set_next_proto_select_cb(SSL_CTX *ctx, int (*cb) (SSL *s, unsigned char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen, void *arg), void *arg)
2878 { 2884 {
2879 ctx->next_proto_select_cb = cb; 2885 ctx->next_proto_select_cb = cb;
2880 ctx->next_proto_select_cb_arg = arg; 2886 ctx->next_proto_select_cb_arg = arg;
2881 } 2887 }
2882 2888
2889 /* SSL_set_next_proto_select_cb is a per-connection alternative to
2890 * SSL_CTX_set_next_proto_select_cb, see that function for full description of
2891 * the parameters.
2892 * This method may also be used to modify a CTX default, for example disable
2893 * NPN by passing a NULL |cb| or modify the callback argument by passing a
2894 * valid |cb| and an updated |arg|.
2895 */
2896 void SSL_set_next_proto_select_cb(SSL *s, int (*cb) (SSL *ssl, unsigned char **o ut, unsigned char *outlen, const unsigned char *in, unsigned int inlen, void *ar g), void *arg)
2897 {
2898 s->next_proto_select_cb = cb;
2899 s->next_proto_select_cb_arg = arg;
2900 }
2901
2883 /* SSL_CTX_set_snap_start_orbit sets the orbit value which will be echoed back 2902 /* SSL_CTX_set_snap_start_orbit sets the orbit value which will be echoed back
2884 * to the client and enables Snap Start for this context. 2903 * to the client and enables Snap Start for this context.
2885 * 2904 *
2886 * An orbit value can be used to spatially partition the state needed to support 2905 * An orbit value can be used to spatially partition the state needed to support
2887 * Snap Start. See the comments above SSL_set_suggested_server_random_validity 2906 * Snap Start. See the comments above SSL_set_suggested_server_random_validity
2888 * (below). */ 2907 * (below). */
2889 void SSL_CTX_set_snap_start_orbit(SSL_CTX *ctx, const unsigned char orbit[8]) 2908 void SSL_CTX_set_snap_start_orbit(SSL_CTX *ctx, const unsigned char orbit[8])
2890 { 2909 {
2891 memcpy(ctx->snap_start_orbit, orbit, sizeof(ctx->snap_start_orbit)); 2910 memcpy(ctx->snap_start_orbit, orbit, sizeof(ctx->snap_start_orbit));
2892 ctx->snap_start_orbit_valid = 1; 2911 ctx->snap_start_orbit_valid = 1;
(...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after
2948 (s->state == SSL3_ST_CR_SESSION_TICKET_A || /* r eady to write app-data*/ 2967 (s->state == SSL3_ST_CR_SESSION_TICKET_A || /* r eady to write app-data*/
2949 s->state == SSL3_ST_CR_FINISHED_A)); 2968 s->state == SSL3_ST_CR_FINISHED_A));
2950 } 2969 }
2951 2970
2952 #if defined(_WINDLL) && defined(OPENSSL_SYS_WIN16) 2971 #if defined(_WINDLL) && defined(OPENSSL_SYS_WIN16)
2953 #include "../crypto/bio/bss_file.c" 2972 #include "../crypto/bio/bss_file.c"
2954 #endif 2973 #endif
2955 2974
2956 IMPLEMENT_STACK_OF(SSL_CIPHER) 2975 IMPLEMENT_STACK_OF(SSL_CIPHER)
2957 IMPLEMENT_STACK_OF(SSL_COMP) 2976 IMPLEMENT_STACK_OF(SSL_COMP)
OLDNEW
« no previous file with comments | « openssl/ssl/ssl.h ('k') | openssl/ssl/t1_lib.c » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698