diff options
| author | Bodo Möller <bodo@openssl.org> | 2001-10-20 17:56:36 +0000 |
|---|---|---|
| committer | Bodo Möller <bodo@openssl.org> | 2001-10-20 17:56:36 +0000 |
| commit | a661b6535744f41b428bb35a7fc3e5747900e9ef (patch) | |
| tree | b0407e3532c11891d2a7a9d22475a2db85db5ce7 /ssl/s3_pkt.c | |
| parent | 98e665493818493e9a2bb4fce30127aca052f47a (diff) | |
New functions SSL[_CTX]_set_msg_callback().
New macros SSL[_CTX]_set_msg_callback_arg().
Message callback imlementation for SSL 3.0/TLS 1.0 (no SSL 2.0 yet).
New '-msg' option for 'openssl s_client' and 'openssl s_server'
that enable a message callback that displays all protocol messages.
In ssl3_get_client_hello (ssl/s3_srvr.c), generate a fatal alert if
client_version is smaller than the protocol version in use.
Also change ssl23_get_client_hello (ssl/s23_srvr.c) to select TLS 1.0
if the client demanded SSL 3.0 but only TLS 1.0 is enabled; then the
client will at least see that alert.
Fix SSL[_CTX]_ctrl prototype (void * instead of char * for generic
pointer).
Add/update some OpenSSL copyright notices.
Diffstat (limited to 'ssl/s3_pkt.c')
| -rw-r--r-- | ssl/s3_pkt.c | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c index b76aabee80..3baf6c50a8 100644 --- a/ssl/s3_pkt.c +++ b/ssl/s3_pkt.c @@ -911,6 +911,9 @@ start: goto err; } + if (s->msg_callback) + s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, s->s3->handshake_fragment, 4, s, s->msg_callback_arg); + if (SSL_is_init_finished(s) && !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) && !s->s3->renegotiate) @@ -956,6 +959,9 @@ start: s->s3->alert_fragment_len = 0; + if (s->msg_callback) + s->msg_callback(0, s->version, SSL3_RT_ALERT, s->s3->alert_fragment, 2, s, s->msg_callback_arg); + if (s->info_callback != NULL) cb=s->info_callback; else if (s->ctx->info_callback != NULL) @@ -1019,6 +1025,10 @@ start: } rr->length=0; + + if (s->msg_callback) + s->msg_callback(0, s->version, SSL3_RT_CHANGE_CIPHER_SPEC, rr->data, 1, s, s->msg_callback_arg); + s->s3->change_cipher_spec=1; if (!do_change_cipher_spec(s)) goto err; @@ -1177,6 +1187,8 @@ void ssl3_send_alert(SSL *s, int level, int desc) { /* Map tls/ssl alert value to correct one */ desc=s->method->ssl3_enc->alert_value(desc); + if (s->version == SSL3_VERSION && desc == SSL_AD_PROTOCOL_VERSION) + desc = SSL_AD_HANDSHAKE_FAILURE; /* SSL 3.0 does not have protocol_version alerts */ if (desc < 0) return; /* If a fatal one, remove from cache */ if ((level == 2) && (s->session != NULL)) @@ -1210,6 +1222,9 @@ int ssl3_dispatch_alert(SSL *s) if (s->s3->send_alert[0] == SSL3_AL_FATAL) (void)BIO_flush(s->wbio); + if (s->msg_callback) + s->msg_callback(1, s->version, SSL3_RT_ALERT, s->s3->send_alert, 2, s, s->msg_callback_arg); + if (s->info_callback != NULL) cb=s->info_callback; else if (s->ctx->info_callback != NULL) |