diff options
| author | Bodo Möller <bodo@openssl.org> | 1999-05-11 07:43:16 +0000 |
|---|---|---|
| committer | Bodo Möller <bodo@openssl.org> | 1999-05-11 07:43:16 +0000 |
| commit | b31b04d951e9b65bde29657e1ae057b76f0f0a73 (patch) | |
| tree | 5dff3add3c509882b039ec19e73d6871f0ec4135 /ssl | |
| parent | 10243d97fd9d8d3162af7ec4dc582da21703eb62 (diff) | |
Make SSL library a little more fool-proof by not requiring any longer
that SSL_set_{accept,connect}_state be called before
SSL_{accept,connect} may be used.
Submitted by:
Reviewed by:
PR:
Diffstat (limited to 'ssl')
| -rw-r--r-- | ssl/ssl.h | 9 | ||||
| -rw-r--r-- | ssl/ssl_err.c | 3 | ||||
| -rw-r--r-- | ssl/ssl_lib.c | 26 |
3 files changed, 38 insertions, 0 deletions
@@ -514,6 +514,12 @@ struct ssl_st int in_handshake; int (*handshake_func)(); + /* Imagine that here's a boolean member "init" + * that is switched as soon as handshake_func becomes + * != 0 for the first time (which is why we don't actually + * need it). + */ + int server; /* are we the server side? - mostly used by SSL_clear*/ int new_session;/* 1 if we are to use a new session */ @@ -1191,6 +1197,7 @@ int SSL_COMP_add_compression_method(int id,char *cm); #define SSL_F_SSL_INIT_WBIO_BUFFER 184 #define SSL_F_SSL_LOAD_CLIENT_CA_FILE 185 #define SSL_F_SSL_NEW 186 +#define SSL_F_SSL_READ 223 #define SSL_F_SSL_RSA_PRIVATE_DECRYPT 187 #define SSL_F_SSL_RSA_PUBLIC_ENCRYPT 188 #define SSL_F_SSL_SESSION_NEW 189 @@ -1202,6 +1209,7 @@ int SSL_COMP_add_compression_method(int id,char *cm); #define SSL_F_SSL_SET_SESSION 195 #define SSL_F_SSL_SET_SESSION_ID_CONTEXT 218 #define SSL_F_SSL_SET_WFD 196 +#define SSL_F_SSL_SHUTDOWN 224 #define SSL_F_SSL_UNDEFINED_FUNCTION 197 #define SSL_F_SSL_USE_CERTIFICATE 198 #define SSL_F_SSL_USE_CERTIFICATE_ASN1 199 @@ -1394,6 +1402,7 @@ int SSL_COMP_add_compression_method(int id,char *cm); #define SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES 243 #define SSL_R_UNEXPECTED_MESSAGE 244 #define SSL_R_UNEXPECTED_RECORD 245 +#define SSL_R_UNITIALIZED 275 #define SSL_R_UNKNOWN_ALERT_TYPE 246 #define SSL_R_UNKNOWN_CERTIFICATE_TYPE 247 #define SSL_R_UNKNOWN_CIPHER_RETURNED 248 diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c index c96fb6cbcf..6f99f4cbbb 100644 --- a/ssl/ssl_err.c +++ b/ssl/ssl_err.c @@ -160,6 +160,7 @@ static ERR_STRING_DATA SSL_str_functs[]= {ERR_PACK(0,SSL_F_SSL_INIT_WBIO_BUFFER,0), "SSL_INIT_WBIO_BUFFER"}, {ERR_PACK(0,SSL_F_SSL_LOAD_CLIENT_CA_FILE,0), "SSL_load_client_CA_file"}, {ERR_PACK(0,SSL_F_SSL_NEW,0), "SSL_new"}, +{ERR_PACK(0,SSL_F_SSL_READ,0), "SSL_read"}, {ERR_PACK(0,SSL_F_SSL_RSA_PRIVATE_DECRYPT,0), "SSL_RSA_PRIVATE_DECRYPT"}, {ERR_PACK(0,SSL_F_SSL_RSA_PUBLIC_ENCRYPT,0), "SSL_RSA_PUBLIC_ENCRYPT"}, {ERR_PACK(0,SSL_F_SSL_SESSION_NEW,0), "SSL_SESSION_new"}, @@ -171,6 +172,7 @@ static ERR_STRING_DATA SSL_str_functs[]= {ERR_PACK(0,SSL_F_SSL_SET_SESSION,0), "SSL_set_session"}, {ERR_PACK(0,SSL_F_SSL_SET_SESSION_ID_CONTEXT,0), "SSL_set_session_id_context"}, {ERR_PACK(0,SSL_F_SSL_SET_WFD,0), "SSL_set_wfd"}, +{ERR_PACK(0,SSL_F_SSL_SHUTDOWN,0), "SSL_shutdown"}, {ERR_PACK(0,SSL_F_SSL_UNDEFINED_FUNCTION,0), "SSL_UNDEFINED_FUNCTION"}, {ERR_PACK(0,SSL_F_SSL_USE_CERTIFICATE,0), "SSL_use_certificate"}, {ERR_PACK(0,SSL_F_SSL_USE_CERTIFICATE_ASN1,0), "SSL_use_certificate_ASN1"}, @@ -366,6 +368,7 @@ static ERR_STRING_DATA SSL_str_reasons[]= {SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES ,"unable to load ssl3 sha1 routines"}, {SSL_R_UNEXPECTED_MESSAGE ,"unexpected message"}, {SSL_R_UNEXPECTED_RECORD ,"unexpected record"}, +{SSL_R_UNITIALIZED ,"unitialized"}, {SSL_R_UNKNOWN_ALERT_TYPE ,"unknown alert type"}, {SSL_R_UNKNOWN_CERTIFICATE_TYPE ,"unknown certificate type"}, {SSL_R_UNKNOWN_CIPHER_RETURNED ,"unknown cipher returned"}, diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index dda7882b61..8aba87433f 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -592,11 +592,19 @@ int SSL_check_private_key(SSL *ssl) int SSL_accept(SSL *s) { + if (s->handshake_func == 0) + /* Not properly initialized yet */ + SSL_set_accept_state(s); + return(s->method->ssl_accept(s)); } int SSL_connect(SSL *s) { + if (s->handshake_func == 0) + /* Not properly initialized yet */ + SSL_set_connect_state(s); + return(s->method->ssl_connect(s)); } @@ -607,6 +615,12 @@ long SSL_get_default_timeout(SSL *s) int SSL_read(SSL *s,char *buf,int num) { + if (s->handshake_func == 0) + { + SSLerr(SSL_F_SSL_READ, SSL_R_UNITIALIZED); + return -1; + } + if (s->shutdown & SSL_RECEIVED_SHUTDOWN) { s->rwstate=SSL_NOTHING; @@ -626,6 +640,12 @@ int SSL_peek(SSL *s,char *buf,int num) int SSL_write(SSL *s,const char *buf,int num) { + if (s->handshake_func == 0) + { + SSLerr(SSL_F_SSL_WRITE, SSL_R_UNITIALIZED); + return -1; + } + if (s->shutdown & SSL_SENT_SHUTDOWN) { s->rwstate=SSL_NOTHING; @@ -637,6 +657,12 @@ int SSL_write(SSL *s,const char *buf,int num) int SSL_shutdown(SSL *s) { + if (s->handshake_func == 0) + { + SSLerr(SSL_F_SSL_SHUTDOWN, SSL_R_UNITIALIZED); + return -1; + } + if ((s != NULL) && !SSL_in_init(s)) return(s->method->ssl_shutdown(s)); else |