From efe6f80e77510230fd46035e44e74d955132af43 Mon Sep 17 00:00:00 2001 From: Todd A Ouska Date: Fri, 26 Aug 2011 14:40:51 -0700 Subject: [PATCH] allow an app to link with cyassl and openssl, whew --- README | 21 +- cyassl/include.am | 1 + cyassl/internal.h | 221 +++++----- cyassl/openssl/crypto.h | 7 +- cyassl/openssl/des.h | 40 +- cyassl/openssl/evp.h | 66 +-- cyassl/openssl/hmac.h | 11 +- cyassl/openssl/md5.h | 15 +- cyassl/openssl/sha.h | 27 +- cyassl/openssl/ssl.h | 904 ++++++++++++---------------------------- cyassl/ssl.h | 724 ++++++++++++++++++++++++++++++++ src/internal.c | 182 ++++---- src/io.c | 8 +- src/keys.c | 10 +- src/sniffer.c | 4 +- src/ssl.c | 707 ++++++++++++++++--------------- src/tls.c | 78 ++-- 17 files changed, 1735 insertions(+), 1291 deletions(-) create mode 100644 cyassl/ssl.h diff --git a/README b/README index 9fe79e372..a02ccbbb3 100644 --- a/README +++ b/README @@ -29,7 +29,26 @@ before calling SSL_new(); Though it's not recommended. *** end Note *** -CyaSSL Release 2.0.0rc2 (6/6/2011) +CyaSSL Release 2.0.0rc3 (x/x/2011) + +Release 2.0.0rc3 for CyaSSL has bug fixes and a few new features including: +- updated autoconf support +- better make install and uninstall (uses system directories) +- make test / make check +- CyaSSL headers now in +- CTaocrypt headers now in +- OpenSSL compatibility headers now in +- examples and tests all run from home diretory so can use certs in ./certs + (see note 1) + +So previous applications that used the OpenSSL compatibility header + now need to include instead, no other +changes are required. + +Special Thanks to Brian Aker for his autoconf, install, and header patches. + + +************CyaSSL Release 2.0.0rc2 (6/6/2011) Release 2.0.0rc2 for CyaSSL has bug fixes and a few new features including: - bug fixes (Alerts, DTLS with DHE) diff --git a/cyassl/include.am b/cyassl/include.am index 30e5976b0..626d6dff5 100644 --- a/cyassl/include.am +++ b/cyassl/include.am @@ -10,6 +10,7 @@ EXTRA_DIST+= cyassl/sniffer_error.rc nobase_include_HEADERS+= \ cyassl/error.h \ cyassl/internal.h \ + cyassl/ssl.h \ cyassl/sniffer_error.h \ cyassl/sniffer.h \ cyassl/callbacks.h \ diff --git a/cyassl/internal.h b/cyassl/internal.h index 978d789a9..511b07811 100644 --- a/cyassl/internal.h +++ b/cyassl/internal.h @@ -24,6 +24,7 @@ #define CYASSL_INT_H +#include #include #include #include @@ -388,41 +389,6 @@ enum states { }; -#ifndef SSL_TYPES_DEFINED - typedef struct SSL_METHOD SSL_METHOD; - typedef struct SSL_CTX SSL_CTX; - typedef struct SSL_SESSION SSL_SESSION; - typedef struct SSL_CIPHER SSL_CIPHER; - typedef struct SSL SSL; - typedef struct X509 X509; - typedef struct X509_CHAIN X509_CHAIN; - typedef struct BIO BIO; - typedef struct BIO_METHOD BIO_METHOD; - - #undef X509_NAME - typedef struct X509_NAME X509_NAME; - - typedef struct X509_STORE_CTX { - int error; - int error_depth; - X509* current_cert; /* stunnel dereference */ - char* domain; /* subject CN domain name */ - } X509_STORE_CTX; - - - typedef int (*pem_password_cb)(char*, int, int, void*); - typedef int (*CallbackIORecv)(char *buf, int sz, void *ctx); - typedef int (*CallbackIOSend)(char *buf, int sz, void *ctx); - typedef int (*VerifyCallback)(int, X509_STORE_CTX*); - - /* make sure external "C" linkage for C++ programs with callbacks */ - void CyaSSL_SetIORecv(SSL_CTX*, CallbackIORecv); - void CyaSSL_SetIOSend(SSL_CTX*, CallbackIOSend); - - void CyaSSL_SetIOReadCtx(SSL* ssl, void *ctx); - void CyaSSL_SetIOWriteCtx(SSL* ssl, void *ctx); -#endif /* SSL_TYPES_DEFINED */ - /* SSL Version */ typedef struct ProtocolVersion { @@ -448,26 +414,26 @@ enum BIO_TYPE { }; -/* OpenSSL BIO_METHOD type */ -struct BIO_METHOD { +/* CyaSSL BIO_METHOD type */ +struct CYASSL_BIO_METHOD { byte type; /* method type */ }; -/* OpenSSL BIO type */ -struct BIO { - byte type; /* method type */ - byte close; /* close flag */ - byte eof; /* eof flag */ - SSL* ssl; /* possible associated ssl */ - int fd; /* possible file descriptor */ - BIO* prev; /* previous in chain */ - BIO* next; /* next in chain */ +/* CyaSSL BIO type */ +struct CYASSL_BIO { + byte type; /* method type */ + byte close; /* close flag */ + byte eof; /* eof flag */ + CYASSL* ssl; /* possible associated ssl */ + int fd; /* possible file descriptor */ + CYASSL_BIO* prev; /* previous in chain */ + CYASSL_BIO* next; /* next in chain */ }; -/* OpenSSL method type */ -struct SSL_METHOD { +/* CyaSSL method type */ +struct CYASSL_METHOD { ProtocolVersion version; byte side; /* connection side, server or client */ byte verifyPeer; /* request or send certificate */ @@ -478,12 +444,12 @@ struct SSL_METHOD { /* defautls to client */ -CYASSL_LOCAL void InitSSL_Method(SSL_METHOD*, ProtocolVersion); +CYASSL_LOCAL void InitSSL_Method(CYASSL_METHOD*, ProtocolVersion); /* for sniffer */ -CYASSL_LOCAL int DoFinished(SSL* ssl, const byte* input, word32* inOutIdx, +CYASSL_LOCAL int DoFinished(CYASSL* ssl, const byte* input, word32* inOutIdx, int sniff); -CYASSL_LOCAL int DoApplicationData(SSL* ssl, byte* input, word32* inOutIdx); +CYASSL_LOCAL int DoApplicationData(CYASSL* ssl, byte* input, word32* inOutIdx); /* CyaSSL buffer type */ @@ -566,12 +532,12 @@ typedef struct Suites { CYASSL_LOCAL void InitSuites(Suites*, ProtocolVersion, byte, byte, byte, byte, int); CYASSL_LOCAL -int SetCipherList(SSL_CTX* ctx, const char* list); +int SetCipherList(CYASSL_CTX* ctx, const char* list); #ifndef PSK_TYPES_DEFINED - typedef unsigned int (*psk_client_callback)(SSL*, const char*, char*, + typedef unsigned int (*psk_client_callback)(CYASSL*, const char*, char*, unsigned int, unsigned char*, unsigned int); - typedef unsigned int (*psk_server_callback)(SSL*, const char*, + typedef unsigned int (*psk_server_callback)(CYASSL*, const char*, unsigned char*, unsigned int); #endif /* PSK_TYPES_DEFINED */ @@ -590,20 +556,20 @@ int SetCipherList(SSL_CTX* ctx, const char* list); #endif -/* OpenSSL Cipher type just points back to SSL */ -struct SSL_CIPHER { - SSL* ssl; +/* CyaSSL Cipher type just points back to SSL */ +struct CYASSL_CIPHER { + CYASSL* ssl; }; -/* OpenSSL context type */ -struct SSL_CTX { - SSL_METHOD* method; +/* CyaSSL context type */ +struct CYASSL_CTX { + CYASSL_METHOD* method; buffer certificate; buffer certChain; /* chain after self, in DER, with leading size for each cert */ buffer privateKey; - Signer* caList; /* SSL_CTX owns this, SSL will reference */ + Signer* caList; /* CYASSL_CTX owns this, SSL will reference */ Suites suites; void* heap; /* for user memory overrides */ byte verifyPeer; @@ -634,21 +600,21 @@ struct SSL_CTX { CYASSL_LOCAL -void InitSSL_Ctx(SSL_CTX*, SSL_METHOD*); +void InitSSL_Ctx(CYASSL_CTX*, CYASSL_METHOD*); CYASSL_LOCAL -void FreeSSL_Ctx(SSL_CTX*); +void FreeSSL_Ctx(CYASSL_CTX*); CYASSL_LOCAL -void SSL_CtxResourceFree(SSL_CTX*); +void SSL_CtxResourceFree(CYASSL_CTX*); CYASSL_LOCAL -int DeriveTlsKeys(SSL* ssl); +int DeriveTlsKeys(CYASSL* ssl); CYASSL_LOCAL -int ProcessOldClientHello(SSL* ssl, const byte* input, word32* inOutIdx, +int ProcessOldClientHello(CYASSL* ssl, const byte* input, word32* inOutIdx, word32 inSz, word16 sz); CYASSL_LOCAL -int AddCA(SSL_CTX* ctx, buffer der); +int AddCA(CYASSL_CTX* ctx, buffer der); CYASSL_LOCAL -int IsCA(SSL_CTX* ctx, byte* hash); +int IsCA(CYASSL_CTX* ctx, byte* hash); /* All cipher suite related info */ typedef struct CipherSpecs { @@ -808,20 +774,20 @@ typedef struct x509_buffer { /* CyaSSL X509_CHAIN, for no dynamic memory SESSION_CACHE */ -struct X509_CHAIN { +struct CYASSL_X509_CHAIN { int count; /* total number in chain */ x509_buffer certs[MAX_CHAIN_DEPTH]; /* only allow max depth 4 for now */ }; -/* openSSL session type */ -struct SSL_SESSION { +/* CyaSSL session type */ +struct CYASSL_SESSION { byte sessionID[ID_LEN]; byte masterSecret[SECRET_LEN]; word32 bornOn; /* create time in seconds */ word32 timeout; /* timeout in seconds */ #ifdef SESSION_CERTS - X509_CHAIN chain; /* peer cert chain, static */ + CYASSL_X509_CHAIN chain; /* peer cert chain, static */ ProtocolVersion version; byte cipherSuite0; /* first byte, normally 0 */ byte cipherSuite; /* 2nd byte, actual suite */ @@ -830,11 +796,11 @@ struct SSL_SESSION { CYASSL_LOCAL -SSL_SESSION* GetSession(SSL*, byte*); +CYASSL_SESSION* GetSession(CYASSL*, byte*); CYASSL_LOCAL -int SetSession(SSL*, SSL_SESSION*); +int SetSession(CYASSL*, CYASSL_SESSION*); -typedef void (*hmacfp) (SSL*, byte*, const byte*, word32, int, int); +typedef void (*hmacfp) (CYASSL*, byte*, const byte*, word32, int, int); /* client connect state for nonblocking restart */ @@ -872,9 +838,9 @@ enum AcceptState { typedef struct Buffers { - buffer certificate; /* SSL_CTX owns, unless we own */ - buffer key; /* SSL_CTX owns, unless we own */ - buffer certChain; /* SSL_CTX owns */ + buffer certificate; /* CYASSL_CTX owns, unless we own */ + buffer key; /* CYASSL_CTX owns, unless we own */ + buffer certChain; /* CYASSL_CTX owns */ /* chain after self, in DER, with leading size for each cert */ buffer domainName; /* for client check */ buffer serverDH_P; @@ -955,19 +921,17 @@ typedef struct Arrays { } Arrays; -#undef X509_NAME - -struct X509_NAME { +struct CYASSL_X509_NAME { char name[ASN_NAME_MAX]; int sz; }; -struct X509 { - X509_NAME issuer; - X509_NAME subject; - int serialSz; - byte serial[EXTERNAL_SERIAL_SIZE]; +struct CYASSL_X509 { + CYASSL_X509_NAME issuer; + CYASSL_X509_NAME subject; + int serialSz; + byte serial[EXTERNAL_SERIAL_SIZE]; }; @@ -989,9 +953,9 @@ typedef struct DtlsRecordLayerHeader { } DtlsRecordLayerHeader; -/* OpenSSL ssl type */ -struct SSL { - SSL_CTX* ctx; +/* CyaSSL ssl type */ +struct CYASSL { + CYASSL_CTX* ctx; int error; ProtocolVersion version; /* negotiated version */ ProtocolVersion chVersion; /* client hello version */ @@ -1002,8 +966,8 @@ struct SSL { Keys keys; int rfd; /* read file descriptor */ int wfd; /* write file descriptor */ - BIO* biord; /* socket bio read to free/close */ - BIO* biowr; /* socket bio write to free/close */ + CYASSL_BIO* biord; /* socket bio read to free/close */ + CYASSL_BIO* biowr; /* socket bio write to free/close */ void* IOCB_ReadCtx; void* IOCB_WriteCtx; RNG rng; @@ -1017,7 +981,7 @@ struct SSL { Buffers buffers; Options options; Arrays arrays; - SSL_SESSION session; + CYASSL_SESSION session; RsaKey peerRsaKey; byte peerRsaKeyPresent; #ifdef HAVE_NTRU @@ -1039,7 +1003,7 @@ struct SSL { void* heap; /* for user overrides */ RecordLayerHeader curRL; word16 curSize; - SSL_CIPHER cipher; + CYASSL_CIPHER cipher; #ifdef HAVE_LIBZ z_stream c_stream; /* compression stream */ z_stream d_stream; /* decompression stream */ @@ -1052,16 +1016,16 @@ struct SSL { byte toInfoOn; /* track timeout info */ #endif #ifdef OPENSSL_EXTRA - X509 peerCert; /* X509 peer cert */ + CYASSL_X509 peerCert; /* X509 peer cert */ #endif }; CYASSL_LOCAL -int InitSSL(SSL*, SSL_CTX*); +int InitSSL(CYASSL*, CYASSL_CTX*); CYASSL_LOCAL -void FreeSSL(SSL*); -CYASSL_API void SSL_ResourceFree(SSL*); /* Micrium uses */ +void FreeSSL(CYASSL*); +CYASSL_API void SSL_ResourceFree(CYASSL*); /* Micrium uses */ enum { @@ -1076,7 +1040,7 @@ typedef struct EncryptedInfo { word32 ivSz; /* encrypted IV size */ long consumed; /* tracks PEM bytes consumed */ byte set; /* if encryption set */ - SSL_CTX* ctx; /* CTX owner */ + CYASSL_CTX* ctx; /* CTX owner */ } EncryptedInfo; @@ -1084,7 +1048,7 @@ typedef struct EncryptedInfo { CYASSL_LOCAL void InitHandShakeInfo(HandShakeInfo*); CYASSL_LOCAL - void FinishHandShakeInfo(HandShakeInfo*, const SSL*); + void FinishHandShakeInfo(HandShakeInfo*, const CYASSL*); CYASSL_LOCAL void AddPacketName(const char*, HandShakeInfo*); @@ -1187,49 +1151,50 @@ static const byte tls_server[FINISHED_LABEL_SZ + 1] = "server finished"; /* internal functions */ -CYASSL_LOCAL int SendChangeCipher(SSL*); -CYASSL_LOCAL int SendData(SSL*, const void*, int); -CYASSL_LOCAL int SendCertificate(SSL*); -CYASSL_LOCAL int SendCertificateRequest(SSL*); -CYASSL_LOCAL int SendServerKeyExchange(SSL*); -CYASSL_LOCAL int SendBuffered(SSL*); -CYASSL_LOCAL int ReceiveData(SSL*, byte*, int); -CYASSL_LOCAL int SendFinished(SSL*); -CYASSL_LOCAL int SendAlert(SSL*, int, int); -CYASSL_LOCAL int ProcessReply(SSL*); +CYASSL_LOCAL int SendChangeCipher(CYASSL*); +CYASSL_LOCAL int SendData(CYASSL*, const void*, int); +CYASSL_LOCAL int SendCertificate(CYASSL*); +CYASSL_LOCAL int SendCertificateRequest(CYASSL*); +CYASSL_LOCAL int SendServerKeyExchange(CYASSL*); +CYASSL_LOCAL int SendBuffered(CYASSL*); +CYASSL_LOCAL int ReceiveData(CYASSL*, byte*, int); +CYASSL_LOCAL int SendFinished(CYASSL*); +CYASSL_LOCAL int SendAlert(CYASSL*, int, int); +CYASSL_LOCAL int ProcessReply(CYASSL*); -CYASSL_LOCAL int SetCipherSpecs(SSL*); -CYASSL_LOCAL int MakeMasterSecret(SSL*); +CYASSL_LOCAL int SetCipherSpecs(CYASSL*); +CYASSL_LOCAL int MakeMasterSecret(CYASSL*); -CYASSL_LOCAL int AddSession(SSL*); -CYASSL_LOCAL int DeriveKeys(SSL* ssl); -CYASSL_LOCAL int StoreKeys(SSL* ssl, const byte* keyData); +CYASSL_LOCAL int AddSession(CYASSL*); +CYASSL_LOCAL int DeriveKeys(CYASSL* ssl); +CYASSL_LOCAL int StoreKeys(CYASSL* ssl, const byte* keyData); -CYASSL_LOCAL int IsTLS(const SSL* ssl); -CYASSL_LOCAL int IsAtLeastTLSv1_2(const SSL* ssl); +CYASSL_LOCAL int IsTLS(const CYASSL* ssl); +CYASSL_LOCAL int IsAtLeastTLSv1_2(const CYASSL* ssl); -CYASSL_LOCAL void ShrinkInputBuffer(SSL* ssl, int forcedFree); -CYASSL_LOCAL void ShrinkOutputBuffer(SSL* ssl); -CYASSL_LOCAL int SendHelloVerifyRequest(SSL* ssl); +CYASSL_LOCAL void ShrinkInputBuffer(CYASSL* ssl, int forcedFree); +CYASSL_LOCAL void ShrinkOutputBuffer(CYASSL* ssl); +CYASSL_LOCAL int SendHelloVerifyRequest(CYASSL* ssl); CYASSL_LOCAL Signer* GetCA(Signer* signers, byte* hash); -CYASSL_LOCAL void BuildTlsFinished(SSL* ssl, Hashes* hashes,const byte* sender); +CYASSL_LOCAL void BuildTlsFinished(CYASSL* ssl, Hashes* hashes, + const byte* sender); #ifndef NO_TLS - CYASSL_LOCAL int MakeTlsMasterSecret(SSL*); - CYASSL_LOCAL void TLS_hmac(SSL* ssl, byte* digest, const byte* buffer, + CYASSL_LOCAL int MakeTlsMasterSecret(CYASSL*); + CYASSL_LOCAL void TLS_hmac(CYASSL* ssl, byte* digest, const byte* buffer, word32 sz, int content, int verify); #endif #ifndef NO_CYASSL_CLIENT - CYASSL_LOCAL int SendClientHello(SSL*); - CYASSL_LOCAL int SendClientKeyExchange(SSL*); - CYASSL_LOCAL int SendCertificateVerify(SSL*); + CYASSL_LOCAL int SendClientHello(CYASSL*); + CYASSL_LOCAL int SendClientKeyExchange(CYASSL*); + CYASSL_LOCAL int SendCertificateVerify(CYASSL*); #endif /* NO_CYASSL_CLIENT */ #ifndef NO_CYASSL_SERVER - CYASSL_LOCAL int SendServerHello(SSL*); - CYASSL_LOCAL int SendServerHelloDone(SSL*); + CYASSL_LOCAL int SendServerHello(CYASSL*); + CYASSL_LOCAL int SendServerHelloDone(CYASSL*); #ifdef CYASSL_DTLS - CYASSL_LOCAL int SendHelloVerifyRequest(SSL*); + CYASSL_LOCAL int SendHelloVerifyRequest(CYASSL*); #endif #endif /* NO_CYASSL_SERVER */ diff --git a/cyassl/openssl/crypto.h b/cyassl/openssl/crypto.h index 6e63d2f9f..df9c3d9bb 100644 --- a/cyassl/openssl/crypto.h +++ b/cyassl/openssl/crypto.h @@ -7,8 +7,11 @@ #include "prefix_crypto.h" #endif -CYASSL_API const char* SSLeay_version(int type); -CYASSL_API unsigned long SSLeay(void); +CYASSL_API const char* CyaSSLeay_version(int type); +CYASSL_API unsigned long CyaSSLeay(void); + +#define SSLeay_version CyaSSLeay_version +#define SSLeay CyaSSLeay #define SSLEAY_VERSION 0x0090600fL diff --git a/cyassl/openssl/des.h b/cyassl/openssl/des.h index 95e342391..ca5c1f6dd 100644 --- a/cyassl/openssl/des.h +++ b/cyassl/openssl/des.h @@ -37,9 +37,9 @@ extern "C" { #endif -typedef unsigned char DES_cblock[8]; -typedef /* const */ DES_cblock const_DES_cblock; -typedef DES_cblock DES_key_schedule; +typedef unsigned char CYASSL_DES_cblock[8]; +typedef /* const */ CYASSL_DES_cblock CYASSL_const_DES_cblock; +typedef CYASSL_DES_cblock CYASSL_DES_key_schedule; enum { @@ -48,18 +48,34 @@ enum { }; -CYASSL_API void DES_set_key_unchecked(const_DES_cblock*, DES_key_schedule*); -CYASSL_API int DES_key_sched(const_DES_cblock* key,DES_key_schedule* schedule); -CYASSL_API void DES_cbc_encrypt(const unsigned char* input, +CYASSL_API void CyaSSL_DES_set_key_unchecked(CYASSL_const_DES_cblock*, + CYASSL_DES_key_schedule*); +CYASSL_API int CyaSSL_DES_key_sched(CYASSL_const_DES_cblock* key, + CYASSL_DES_key_schedule* schedule); +CYASSL_API void CyaSSL_DES_cbc_encrypt(const unsigned char* input, unsigned char* output, long length, - DES_key_schedule* schedule, DES_cblock* ivec, int enc); -CYASSL_API void DES_ncbc_encrypt(const unsigned char* input, + CYASSL_DES_key_schedule* schedule, CYASSL_DES_cblock* ivec, + int enc); +CYASSL_API void CyaSSL_DES_ncbc_encrypt(const unsigned char* input, unsigned char* output, long length, - DES_key_schedule* schedule, DES_cblock* ivec, int enc); + CYASSL_DES_key_schedule* schedule, + CYASSL_DES_cblock* ivec, int enc); -CYASSL_API void DES_set_odd_parity(DES_cblock*); -CYASSL_API void DES_ecb_encrypt(DES_cblock*, DES_cblock*, DES_key_schedule*, - int); +CYASSL_API void CyaSSL_DES_set_odd_parity(CYASSL_DES_cblock*); +CYASSL_API void CyaSSL_DES_ecb_encrypt(CYASSL_DES_cblock*, CYASSL_DES_cblock*, + CYASSL_DES_key_schedule*, int); + + +typedef CYASSL_DES_cblock DES_cblock; +typedef CYASSL_const_DES_cblock const_DES_cblock; +typedef CYASSL_DES_key_schedule DES_key_schedule; + +#define DES_set_key_unchecked CyaSSL_DES_set_key_unchecked +#define DES_key_sched CyaSSL_DES_key_sched +#define DES_cbc_encrypt CyaSSL_DES_cbc_encrypt +#define DES_ncbc_encrypt CyaSSL_DES_ncbc_encrypt +#define DES_set_odd_parity CyaSSL_DES_set_odd_parity +#define DES_ecb_encrypt CyaSSL_DES_ecb_encrypt #ifdef __cplusplus } /* extern "C" */ diff --git a/cyassl/openssl/evp.h b/cyassl/openssl/evp.h index 489b03164..4252f21a3 100644 --- a/cyassl/openssl/evp.h +++ b/cyassl/openssl/evp.h @@ -32,46 +32,64 @@ #include "prefix_evp.h" #endif -#include "md5.h" -#include "sha.h" +#include +#include #ifdef __cplusplus extern "C" { #endif -typedef char EVP_MD; -typedef char EVP_CIPHER; +typedef char CYASSL_EVP_MD; +typedef char CYASSL_EVP_CIPHER; -CYASSL_API const EVP_MD* EVP_md5(void); -CYASSL_API const EVP_MD* EVP_sha1(void); +CYASSL_API const CYASSL_EVP_MD* CyaSSL_EVP_md5(void); +CYASSL_API const CYASSL_EVP_MD* CyaSSL_EVP_sha1(void); typedef union { - MD5_CTX md5; - SHA_CTX sha; -} Hasher; + CYASSL_MD5_CTX md5; + CYASSL_SHA_CTX sha; +} CYASSL_Hasher; -typedef struct EVP_MD_CTX { +typedef struct CYASSL_EVP_MD_CTX { unsigned char macType; /* md5 or sha for now */ - Hasher hash; -} EVP_MD_CTX; + CYASSL_Hasher hash; +} CYASSL_EVP_MD_CTX; -CYASSL_API void EVP_MD_CTX_init(EVP_MD_CTX* ctx); -CYASSL_API int EVP_MD_CTX_cleanup(EVP_MD_CTX* ctx); +CYASSL_API void CyaSSL_EVP_MD_CTX_init(CYASSL_EVP_MD_CTX* ctx); +CYASSL_API int CyaSSL_EVP_MD_CTX_cleanup(CYASSL_EVP_MD_CTX* ctx); + +CYASSL_API int CyaSSL_EVP_DigestInit(CYASSL_EVP_MD_CTX* ctx, + const CYASSL_EVP_MD* type); +CYASSL_API int CyaSSL_EVP_DigestUpdate(CYASSL_EVP_MD_CTX* ctx, const void* data, + unsigned long sz); +CYASSL_API int CyaSSL_EVP_DigestFinal(CYASSL_EVP_MD_CTX* ctx, unsigned char* md, + unsigned int* s); +CYASSL_API int CyaSSL_EVP_DigestFinal_ex(CYASSL_EVP_MD_CTX* ctx, + unsigned char* md, unsigned int* s); +CYASSL_API int CyaSSL_EVP_BytesToKey(const CYASSL_EVP_CIPHER*, + const CYASSL_EVP_MD*, const unsigned char*, + const unsigned char*, int, int, unsigned char*, + unsigned char*); + +typedef CYASSL_EVP_MD EVP_MD; +typedef CYASSL_EVP_CIPHER EVP_CIPHER; +typedef CYASSL_EVP_MD_CTX EVP_MD_CTX; + +#define EVP_md5 CyaSSL_EVP_md5 +#define EVP_sha1 CyaSSL_EVP_sha1 + +#define EVP_MD_CTX_init CyaSSL_EVP_MD_CTX_init +#define EVP_MD_CTX_cleanup CyaSSL_EVP_MD_CTX_cleanup +#define EVP_DigestInit CyaSSL_EVP_DigestInit +#define EVP_DigestUpdate CyaSSL_EVP_DigestUpdate +#define EVP_DigestFinal CyaSSL_EVP_DigestFinal +#define EVP_DigestFinal_ex CyaSSL_EVP_DigestFinal_ex +#define EVP_BytesToKey CyaSSL_EVP_BytesToKey -CYASSL_API int EVP_DigestInit(EVP_MD_CTX* ctx, const EVP_MD* type); -CYASSL_API int EVP_DigestUpdate(EVP_MD_CTX* ctx, const void* data, - unsigned long sz); -CYASSL_API int EVP_DigestFinal(EVP_MD_CTX* ctx, unsigned char* md, - unsigned int* s); -CYASSL_API int EVP_DigestFinal_ex(EVP_MD_CTX* ctx, unsigned char* md, - unsigned int* s); -CYASSL_API int EVP_BytesToKey(const EVP_CIPHER*, const EVP_MD*, - const unsigned char*, const unsigned char*, - int, int, unsigned char*, unsigned char*); #ifdef __cplusplus } /* extern "C" */ diff --git a/cyassl/openssl/hmac.h b/cyassl/openssl/hmac.h index 8c4f943fb..0ab338345 100644 --- a/cyassl/openssl/hmac.h +++ b/cyassl/openssl/hmac.h @@ -32,18 +32,21 @@ #include "prefix_hmac.h" #endif -#include "evp.h" +#include #ifdef __cplusplus extern "C" { #endif -CYASSL_API unsigned char* HMAC(const EVP_MD* evp_md, const void* key, - int key_len, const unsigned char* d, int n, - unsigned char* md, unsigned int* md_len); +CYASSL_API unsigned char* CyaSSL_HMAC(const CYASSL_EVP_MD* evp_md, + const void* key, int key_len, + const unsigned char* d, int n, unsigned char* md, + unsigned int* md_len); +#define HMAC(a,b,c,d,e,f,g) CyaSSL_HMAC((a),(b),(c),(d),(e),(f),(g)) + #ifdef __cplusplus } /* extern "C" */ #endif diff --git a/cyassl/openssl/md5.h b/cyassl/openssl/md5.h index 5b5341f4e..6dab2fbed 100644 --- a/cyassl/openssl/md5.h +++ b/cyassl/openssl/md5.h @@ -13,15 +13,20 @@ #endif -typedef struct MD5_CTX { +typedef struct CYASSL_MD5_CTX { int holder[24]; /* big enough to hold ctaocrypt md5, but check on init */ -} MD5_CTX; +} CYASSL_MD5_CTX; -CYASSL_API void MD5_Init(MD5_CTX*); -CYASSL_API void MD5_Update(MD5_CTX*, const void*, unsigned long); -CYASSL_API void MD5_Final(unsigned char*, MD5_CTX*); +CYASSL_API void CyaSSL_MD5_Init(CYASSL_MD5_CTX*); +CYASSL_API void CyaSSL_MD5_Update(CYASSL_MD5_CTX*, const void*, unsigned long); +CYASSL_API void CyaSSL_MD5_Final(unsigned char*, CYASSL_MD5_CTX*); +typedef CYASSL_MD5_CTX MD5_CTX; + +#define MD5_Init MD5_Init +#define MD5_Update MD5_Update +#define MD5_Final MD5_Final #ifdef __cplusplus } /* extern "C" */ diff --git a/cyassl/openssl/sha.h b/cyassl/openssl/sha.h index 6fc9fe252..18d3f57fe 100644 --- a/cyassl/openssl/sha.h +++ b/cyassl/openssl/sha.h @@ -13,24 +13,35 @@ #endif -typedef struct SHA_CTX { +typedef struct CYASSL_SHA_CTX { int holder[24]; /* big enough to hold ctaocrypt sha, but check on init */ -} SHA_CTX; +} CYASSL_SHA_CTX; -CYASSL_API void SHA_Init(SHA_CTX*); -CYASSL_API void SHA_Update(SHA_CTX*, const void*, unsigned long); -CYASSL_API void SHA_Final(unsigned char*, SHA_CTX*); +CYASSL_API void CyaSSL_SHA_Init(CYASSL_SHA_CTX*); +CYASSL_API void CyaSSL_SHA_Update(CYASSL_SHA_CTX*, const void*, unsigned long); +CYASSL_API void CyaSSL_SHA_Final(unsigned char*, CYASSL_SHA_CTX*); /* SHA1 points to above, shouldn't use SHA0 ever */ -CYASSL_API void SHA1_Init(SHA_CTX*); -CYASSL_API void SHA1_Update(SHA_CTX*, const void*, unsigned long); -CYASSL_API void SHA1_Final(unsigned char*, SHA_CTX*); +CYASSL_API void CyaSSL_SHA1_Init(CYASSL_SHA_CTX*); +CYASSL_API void CyaSSL_SHA1_Update(CYASSL_SHA_CTX*, const void*, unsigned long); +CYASSL_API void CyaSSL_SHA1_Final(unsigned char*, CYASSL_SHA_CTX*); enum { SHA_DIGEST_LENGTH = 20 }; +typedef CYASSL_SHA_CTX SHA_CTX; + +#define SHA_Init CyaSSL_SHA_Init +#define SHA_Update CyaSSL_SHA_Update +#define SHA_Final CyaSSL_SHA_Final + +#define SHA1_Init CyaSSL_SHA1_Init +#define SHA1_Update CyaSSL_SHA1_Update +#define SHA1_Final CyaSSL_SHA1_Final + + #ifdef __cplusplus } /* extern "C" */ #endif diff --git a/cyassl/openssl/ssl.h b/cyassl/openssl/ssl.h index 105c9e445..fbef20576 100644 --- a/cyassl/openssl/ssl.h +++ b/cyassl/openssl/ssl.h @@ -15,7 +15,7 @@ * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software + * a with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ @@ -28,16 +28,12 @@ #ifndef CYASSL_OPENSSL_H_ #define CYASSL_OPENSSL_H_ -/* for users not using preprocessor flags */ -#include +#include #ifdef USE_CYASSL_VERSION #include #endif -#ifndef NO_FILESYSTEM - #include /* ERR_print fp */ -#endif #ifdef YASSL_PREFIX #include "prefix_ssl.h" @@ -59,666 +55,314 @@ #endif -typedef struct SSL SSL; -typedef struct SSL_SESSION SSL_SESSION; -typedef struct SSL_METHOD SSL_METHOD; -typedef struct SSL_CTX SSL_CTX; +typedef CYASSL SSL; +typedef CYASSL_SESSION SSL_SESSION; +typedef CYASSL_METHOD SSL_METHOD; +typedef CYASSL_CTX SSL_CTX; -typedef struct X509 X509; -typedef struct X509_NAME X509_NAME; -typedef struct X509_CHAIN X509_CHAIN; +typedef CYASSL_X509 X509; +typedef CYASSL_X509_NAME X509_NAME; +typedef CYASSL_X509_CHAIN X509_CHAIN; /* redeclare guard */ -#define SSL_TYPES_DEFINED +#define CYASSL_TYPES_DEFINED -typedef struct EVP_PKEY EVP_PKEY; -typedef struct RSA RSA; -typedef struct BIO BIO; -typedef struct BIO_METHOD BIO_METHOD; -typedef struct SSL_CIPHER SSL_CIPHER; -typedef struct X509_LOOKUP X509_LOOKUP; -typedef struct X509_LOOKUP_METHOD X509_LOOKUP_METHOD; -typedef struct X509_CRL X509_CRL; -typedef struct X509_EXTENSION X509_EXTENSION; -typedef struct ASN1_TIME ASN1_TIME; -typedef struct ASN1_INTEGER ASN1_INTEGER; -typedef struct ASN1_OBJECT ASN1_OBJECT; -typedef struct ASN1_STRING ASN1_STRING; -typedef struct CRYPTO_dynlock_value CRYPTO_dynlock_value; +typedef CYASSL_EVP_PKEY EVP_PKEY; +typedef CYASSL_RSA RSA; +typedef CYASSL_BIO BIO; +typedef CYASSL_BIO_METHOD BIO_METHOD; +typedef CYASSL_CIPHER SSL_CIPHER; +typedef CYASSL_X509_LOOKUP X509_LOOKUP; +typedef CYASSL_X509_LOOKUP_METHOD X509_LOOKUP_METHOD; +typedef CYASSL_X509_CRL X509_CRL; +typedef CYASSL_X509_EXTENSION X509_EXTENSION; +typedef CYASSL_ASN1_TIME ASN1_TIME; +typedef CYASSL_ASN1_INTEGER ASN1_INTEGER; +typedef CYASSL_ASN1_OBJECT ASN1_OBJECT; +typedef CYASSL_ASN1_STRING ASN1_STRING; +typedef CYASSL_dynlock_value CRYPTO_dynlock_value; -#define ASN1_UTCTIME ASN1_TIME +#define ASN1_UTCTIME CYASSL_ASN1_TIME -typedef struct MD4_CTX { - int buffer[32]; /* big enough to hold, check size in Init */ -} MD4_CTX; +typedef CYASSL_MD4_CTX MD4_CTX; +typedef CYASSL_COMP_METHOD COMP_METHOD; +typedef CYASSL_X509_STORE X509_STORE; +typedef CYASSL_X509_REVOKED X509_REVOKED; +typedef CYASSL_X509_OBJECT X509_OBJECT; +typedef CYASSL_X509_STORE_CTX X509_STORE_CTX; -typedef struct COMP_METHOD { - int type; /* stunnel dereference */ -} COMP_METHOD; - - -typedef struct X509_STORE { - int cache; /* stunnel dereference */ -} X509_STORE; - - -typedef struct X509_REVOKED { - ASN1_INTEGER* serialNumber; /* stunnel dereference */ -} X509_REVOKED; - - -typedef struct X509_OBJECT { - union { - char* ptr; - X509_CRL* crl; /* stunnel dereference */ - } data; -} X509_OBJECT; - - -/* in cyassl_int.h too, change there !! */ -typedef struct X509_STORE_CTX { - int error; - int error_depth; - X509* current_cert; /* stunnel dereference */ - char* domain; /* subject CN domain name */ - /* in cyassl_int.h too, change there !! */ -} X509_STORE_CTX; - - -CYASSL_API SSL_METHOD *SSLv3_server_method(void); -CYASSL_API SSL_METHOD *SSLv3_client_method(void); -CYASSL_API SSL_METHOD *TLSv1_server_method(void); -CYASSL_API SSL_METHOD *TLSv1_client_method(void); -CYASSL_API SSL_METHOD *TLSv1_1_server_method(void); -CYASSL_API SSL_METHOD *TLSv1_1_client_method(void); -CYASSL_API SSL_METHOD *TLSv1_2_server_method(void); -CYASSL_API SSL_METHOD *TLSv1_2_client_method(void); +#define SSLv3_server_method CyaSSLv3_server_method +#define SSLv3_client_method CyaSSLv3_client_method +#define TLSv1_server_method CyaTLSv1_server_method +#define TLSv1_client_method CyaTLSv1_client_method +#define TLSv1_1_server_method CyaTLSv1_1_server_method +#define TLSv1_1_client_method CyaTLSv1_1_client_method +#define TLSv1_2_server_method CyaTLSv1_2_server_method +#define TLSv1_2_client_method CyaTLSv1_2_client_method #ifdef CYASSL_DTLS - CYASSL_API SSL_METHOD *DTLSv1_client_method(void); - CYASSL_API SSL_METHOD *DTLSv1_server_method(void); + #define DTLSv1_client_method CyaDTLSv1_client_method + #define DTLSv1_server_method CyaDTLSv1_server_method #endif + #ifndef NO_FILESYSTEM - -CYASSL_API int SSL_CTX_use_certificate_file(SSL_CTX*, const char*, int); -CYASSL_API int SSL_CTX_use_PrivateKey_file(SSL_CTX*, const char*, int); -CYASSL_API int SSL_CTX_load_verify_locations(SSL_CTX*, const char*,const char*); -CYASSL_API int SSL_CTX_use_certificate_chain_file(SSL_CTX *, const char *file); -CYASSL_API int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX*, const char*, int); - -#ifdef CYASSL_DER_LOAD - CYASSL_API int CyaSSL_CTX_load_verify_locations(SSL_CTX*, const char*, int); + #define SSL_CTX_use_certificate_file CyaSSL_CTX_use_certificate_file + #define SSL_CTX_use_PrivateKey_file CyaSSL_CTX_use_PrivateKey_file + #define SSL_CTX_load_verify_locations CyaSSL_CTX_load_verify_locations + #define SSL_CTX_use_certificate_chain_file CyaSSL_CTX_use_certificate_chain_file + #define SSL_CTX_use_RSAPrivateKey_file CyaSSL_CTX_use_RSAPrivateKey_file #endif -#ifdef HAVE_NTRU - CYASSL_API int CyaSSL_CTX_use_NTRUPrivateKey_file(SSL_CTX*, const char*); - /* load NTRU private key blob */ -#endif +#define SSL_CTX_new CyaSSL_CTX_new +#define SSL_new CyaSSL_new +#define SSL_set_fd CyaSSL_set_fd +#define SSL_get_fd CyaSSL_get_fd +#define SSL_connect CyaSSL_connect + +#define SSL_write CyaSSL_write +#define SSL_read CyaSSL_read +#define SSL_accept CyaSSL_accept +#define SSL_CTX_free CyaSSL_CTX_free +#define SSL_free CyaSSL_free +#define SSL_shutdown CyaSSL_shutdown + +#define SSL_CTX_set_quiet_shutdown CyaSSL_CTX_set_quiet_shutdown +#define SSL_get_error CyaSSL_get_error +#define SSL_set_session CyaSSL_set_session +#define SSL_get_session CyaSSL_get_session +#define SSL_flush_sessions CyaSSL_flush_sessions + +#define SSL_CTX_set_verify CyaSSL_CTX_set_verify +#define SSL_pending CyaSSL_pending +#define SSL_load_error_strings CyaSSL_load_error_strings +#define SSL_library_init CyaSSL_library_init +#define SSL_CTX_set_session_cache_mode CyaSSL_CTX_set_session_cache_mode +#define SSL_CTX_set_cipher_list CyaSSL_CTX_set_cipher_list + +#define ERR_error_string CyaSSL_ERR_error_string +#define ERR_error_string_n CyaSSL_ERR_error_string_n + +#define SSL_set_ex_data CyaSSL_set_ex_data +#define SSL_get_shutdown CyaSSL_get_shutdown +#define SSL_set_rfd CyaSSL_set_rfd +#define SSL_set_wfd CyaSSL_set_wfd +#define SSL_set_shutdown CyaSSL_set_shutdown +#define SSL_set_session_id_context CyaSSL_set_session_id_context +#define SSL_set_connect_state CyaSSL_set_connect_state +#define SSL_set_accept_state CyaSSL_set_accept_state +#define SSL_session_reused CyaSSL_session_reused +#define SSL_SESSION_free CyaSSL_SESSION_free + +#define SSL_get_version CyaSSL_get_version +#define SSL_get_current_cipher CyaSSL_get_current_cipher +#define SSL_CIPHER_description CyaSSL_CIPHER_description +#define SSL_CIPHER_get_name CyaSSL_CIPHER_get_name +#define SSL_get1_session CyaSSL_get1_session + +#define X509_free CyaSSL_X509_free +#define OPENSSL_free CyaSSL_OPENSSL_free + +#define OCSP_parse_url CyaSSL_OCSP_parse_url +#define SSLv23_client_method CyaSSLv23_client_method +#define SSLv2_client_method CyaSSLv2_client_method +#define SSLv2_server_method CyaSSLv2_server_method + +#define MD4_Init CyaSSL_MD4_Init +#define MD4_Update CyaSSL_MD4_Update +#define MD4_Final CyaSSL_MD4_Final + +#define BIO_new CyaSSL_BIO_new +#define BIO_free CyaSSL_BIO_free +#define BIO_free_all CyaSSL_BIO_free_all +#define BIO_read CyaSSL_BIO_read +#define BIO_write CyaSSL_BIO_write +#define BIO_push CyaSSL_BIO_push +#define BIO_pop CyaSSL_BIO_pop +#define BIO_flush CyaSSL_BIO_flush +#define BIO_pending CyaSSL_BIO_pending + +#define BIO_f_buffer CyaSSL_BIO_f_buffer +#define BIO_set_write_buffer_size CyaSSL_BIO_set_write_buffer_size +#define BIO_f_ssl CyaSSL_BIO_f_ssl +#define BIO_new_socket CyaSSL_BIO_new_socket +#define SSL_set_bio CyaSSL_set_bio +#define BIO_eof CyaSSL_BIO_eof +#define BIO_set_ss CyaSSL_BIO_set_ss + +#define BIO_s_mem CyaSSL_BIO_s_mem +#define BIO_f_base64 CyaSSL_BIO_f_base64 +#define BIO_set_flags CyaSSL_BIO_set_flags + +#define OpenSSL_add_all_algorithms CyaSSL_add_all_algorithms +#define SSLeay_add_ssl_algorithms CyaSSL_add_all_algorithms +#define SSLeay_add_all_algorithms CyaSSL_add_all_algorithms + +#define RAND_screen CyaSSL_RAND_screen +#define RAND_file_name CyaSSL_RAND_file_name +#define RAND_write_file CyaSSL_RAND_write_file +#define RAND_load_file CyaSSL_RAND_load_file +#define RAND_egd CyaSSL_RAND_egd + +#define COMP_zlib CyaSSL_COMP_zlib +#define COMP_rle CyaSSL_COMP_rle +#define SSL_COMP_add_compression_method CyaSSL_COMP_add_compression_method + +#define SSL_get_ex_new_index CyaSSL_get_ex_new_index + +#define CRYPTO_set_id_callback CyaSSL_set_id_callback +#define CRYPTO_set_locking_callback CyaSSL_set_locking_callback +#define CRYPTO_set_dynlock_create_callback CyaSSL_set_dynlock_create_callback +#define CRYPTO_set_dynlock_lock_callback CyaSSL_set_dynlock_lock_callback +#define CRYPTO_set_dynlock_destroy_callback CyaSSL_set_dynlock_destroy_callback +#define CRYPTO_num_locks CyaSSL_num_locks + +#define X509_STORE_CTX_get_current_cert CyaSSL_X509_STORE_CTX_get_current_cert +#define X509_STORE_CTX_get_error CyaSSL_X509_STORE_CTX_get_error +#define X509_STORE_CTX_get_error_depth CyaSSL_X509_STORE_CTX_get_error_depth + +#define X509_NAME_oneline CyaSSL_X509_NAME_oneline +#define X509_get_issuer_name CyaSSL_X509_get_issuer_name +#define X509_get_subject_name CyaSSL_X509_get_subject_name +#define X509_verify_cert_error_string CyaSSL_X509_verify_cert_error_string + +#define X509_LOOKUP_add_dir CyaSSL_X509_LOOKUP_add_dir +#define X509_LOOKUP_load_file CyaSSL_X509_LOOKUP_load_file +#define X509_LOOKUP_hash_dir CyaSSL_X509_LOOKUP_hash_dir +#define X509_LOOKUP_file CyaSSL_X509_LOOKUP_file + +#define X509_STORE_add_lookup CyaSSL_X509_STORE_add_lookup +#define X509_STORE_new CyaSSL_X509_STORE_new +#define X509_STORE_get_by_subject CyaSSL_X509_STORE_get_by_subject +#define X509_STORE_CTX_init CyaSSL_X509_STORE_CTX_init +#define X509_STORE_CTX_cleanup CyaSSL_X509_STORE_CTX_cleanup + +#define X509_CRL_get_lastUpdate CyaSSL_X509_CRL_get_lastUpdate +#define X509_CRL_get_nextUpdate CyaSSL_X509_CRL_get_nextUpdate + +#define X509_get_pubkey CyaSSL_X509_get_pubkey +#define X509_CRL_verify CyaSSL_X509_CRL_verify +#define X509_STORE_CTX_set_error CyaSSL_X509_OBJECT_free_contents +#define X509_OBJECT_free_contents CyaSSL_EVP_PKEY_free +#define EVP_PKEY_free CyaSSL_X509_cmp_current_time +#define X509_cmp_current_time CyaSSL_sk_X509_REVOKED_num +#define sk_X509_REVOKED_num CyaSSL_sk_X509_REVOKED_num +#define X509_CRL_get_REVOKED CyaSSL_X509_CRL_get_REVOKED +#define sk_X509_REVOKED_value CyaSSL_sk_X509_REVOKED_value + +#define X509_get_serialNumber CyaSSL_X509_get_serialNumber + +#define ASN1_TIME_pr CyaSSL_ASN1_TIME_pr + +#define ASN1_INTEGER_cmp CyaSSL_ASN1_INTEGER_cmp +#define ASN1_INTEGER_get CyaSSL_ASN1_INTEGER_get + +#define SSL_load_client_CA_file CyaSSL_load_client_CA_file + +#define SSL_CTX_set_client_CA_list CyaSSL_CTX_set_client_CA_list +#define X509_STORE_CTX_get_ex_data CyaSSL_X509_STORE_CTX_get_ex_data +#define SSL_get_ex_data_X509_STORE_CTX_idx CyaSSL_get_ex_data_X509_STORE_CTX_idx +#define SSL_get_ex_data CyaSSL_get_ex_data + +#define SSL_CTX_set_default_passwd_cb_userdata CyaSSL_CTX_set_default_passwd_cb_userdata +#define SSL_CTX_set_default_passwd_cb CyaSSL_CTX_set_default_passwd_cb + +#define SSL_CTX_set_timeout CyaSSL_CTX_set_timeout +#define SSL_CTX_set_info_callback CyaSSL_CTX_set_info_callback + +#define ERR_peek_error CyaSSL_ERR_peek_error +#define ERR_GET_REASON CyaSSL_ERR_GET_REASON + +#define SSL_alert_type_string CyaSSL_alert_type_string +#define SSL_alert_desc_string CyaSSL_alert_desc_string +#define SSL_state_string CyaSSL_state_string + +#define RSA_free CyaSSL_RSA_free +#define RSA_generate_key CyaSSL_RSA_generate_key +#define SSL_CTX_set_tmp_rsa_callback CyaSSL_CTX_set_tmp_rsa_callback + +#define PEM_def_callback CyaSSL_PEM_def_callback + +#define SSL_CTX_sess_accept CyaSSL_CTX_sess_accept +#define SSL_CTX_sess_connect CyaSSL_CTX_sess_connect +#define SSL_CTX_sess_accept_good CyaSSL_CTX_sess_accept_good +#define SSL_CTX_sess_connect_good CyaSSL_CTX_sess_connect_good +#define SSL_CTX_sess_accept_renegotiate CyaSSL_CTX_sess_accept_renegotiate +#define SSL_CTX_sess_connect_renegotiate CyaSSL_CTX_sess_connect_renegotiate +#define SSL_CTX_sess_hits CyaSSL_CTX_sess_hits +#define SSL_CTX_sess_cb_hits CyaSSL_CTX_sess_cb_hits +#define SSL_CTX_sess_cache_full CyaSSL_CTX_sess_cache_full +#define SSL_CTX_sess_misses CyaSSL_CTX_sess_misses +#define SSL_CTX_sess_timeouts CyaSSL_CTX_sess_timeouts +#define SSL_CTX_sess_number CyaSSL_CTX_sess_number +#define SSL_CTX_sess_get_cache_size CyaSSL_CTX_sess_get_cache_size -CYASSL_API int CyaSSL_PemCertToDer(const char*, unsigned char*, int); -#endif /* NO_FILESYSTEM */ +#define SSL_DEFAULT_CIPHER_LIST CYASSL_DEFAULT_CIPHER_LIST +#define RSA_F4 CYASSL_RSA_F4 -CYASSL_API SSL_CTX* SSL_CTX_new(SSL_METHOD*); -CYASSL_API SSL* SSL_new(SSL_CTX*); -CYASSL_API int SSL_set_fd (SSL*, int); -CYASSL_API int SSL_get_fd(const SSL*); -CYASSL_API int SSL_connect(SSL*); /* please see note at top of README - if you get an error from connect */ -CYASSL_API int SSL_write(SSL*, const void*, int); -CYASSL_API int SSL_read(SSL*, void*, int); -CYASSL_API int SSL_accept(SSL*); -CYASSL_API void SSL_CTX_free(SSL_CTX*); -CYASSL_API void SSL_free(SSL*); -CYASSL_API int SSL_shutdown(SSL*); +#define SSL_CTX_set_psk_client_callback CyaSSL_CTX_set_psk_client_callback +#define SSL_set_psk_client_callback CyaSSL_set_psk_client_callback -CYASSL_API void SSL_CTX_set_quiet_shutdown(SSL_CTX*, int); +#define SSL_get_psk_identity_hint CyaSSL_get_psk_identity_hint +#define SSL_get_psk_identity CyaSSL_get_psk_identity -CYASSL_API int SSL_get_error(SSL*, int); +#define SSL_CTX_use_psk_identity_hint CyaSSL_CTX_use_psk_identity_hint +#define SSL_use_psk_identity_hint CyaSSL_use_psk_identity_hint -CYASSL_API int SSL_set_session(SSL *ssl, SSL_SESSION *session); -CYASSL_API SSL_SESSION* SSL_get_session(SSL* ssl); -CYASSL_API void SSL_flush_sessions(SSL_CTX *ctx, long tm); +#define SSL_CTX_set_psk_server_callback CyaSSL_CTX_set_psk_server_callback +#define SSL_set_psk_server_callback CyaSSL_set_psk_server_callback +#define ERR_get_error_line_data CyaSSL_ERR_get_error_line_data -typedef int (*VerifyCallback)(int, X509_STORE_CTX*); -typedef int (*pem_password_cb)(char*, int, int, void*); - -CYASSL_API void SSL_CTX_set_verify(SSL_CTX*,int,VerifyCallback verify_callback); - - -CYASSL_API int SSL_pending(SSL*); - - -CYASSL_API void SSL_load_error_strings(void); -CYASSL_API int SSL_library_init(void); -CYASSL_API long SSL_CTX_set_session_cache_mode(SSL_CTX*, long); - -/* only supports full name from cipher_name[] delimited by : */ -CYASSL_API int SSL_CTX_set_cipher_list(SSL_CTX*, const char*); - -CYASSL_API char* ERR_error_string(unsigned long,char*); -CYASSL_API void ERR_error_string_n(unsigned long e,char *buf,unsigned long sz); - - -/* extras */ - -#define STACK_OF(x) x - -CYASSL_API int SSL_set_ex_data(SSL*, int, void*); -CYASSL_API int SSL_get_shutdown(const SSL*); -CYASSL_API int SSL_set_rfd(SSL*, int); -CYASSL_API int SSL_set_wfd(SSL*, int); -CYASSL_API void SSL_set_shutdown(SSL*, int); -CYASSL_API int SSL_set_session_id_context(SSL*, const unsigned char*, - unsigned int); -CYASSL_API void SSL_set_connect_state(SSL*); -CYASSL_API void SSL_set_accept_state(SSL*); -CYASSL_API int SSL_session_reused(SSL*); -CYASSL_API void SSL_SESSION_free(SSL_SESSION* session); - -CYASSL_API const char* SSL_get_version(SSL*); -CYASSL_API SSL_CIPHER* SSL_get_current_cipher(SSL*); -CYASSL_API char* SSL_CIPHER_description(SSL_CIPHER*, char*, int); -CYASSL_API const char* SSL_CIPHER_get_name(const SSL_CIPHER* cipher); -CYASSL_API SSL_SESSION* SSL_get1_session(SSL* ssl); /* what's ref count */ - -CYASSL_API void X509_free(X509*); -CYASSL_API void OPENSSL_free(void*); - -CYASSL_API int OCSP_parse_url(char* url, char** host, char** port, char** path, - int* ssl); - -CYASSL_API SSL_METHOD* SSLv23_client_method(void); -CYASSL_API SSL_METHOD* SSLv2_client_method(void); -CYASSL_API SSL_METHOD* SSLv2_server_method(void); - -CYASSL_API void MD4_Init(MD4_CTX*); -CYASSL_API void MD4_Update(MD4_CTX*, const void*, unsigned long); -CYASSL_API void MD4_Final(unsigned char*, MD4_CTX*); - -CYASSL_API BIO* BIO_new(BIO_METHOD*); -CYASSL_API int BIO_free(BIO*); -CYASSL_API int BIO_free_all(BIO*); -CYASSL_API int BIO_read(BIO*, void*, int); -CYASSL_API int BIO_write(BIO*, const void*, int); -CYASSL_API BIO* BIO_push(BIO*, BIO* append); -CYASSL_API BIO* BIO_pop(BIO*); -CYASSL_API int BIO_flush(BIO*); -CYASSL_API int BIO_pending(BIO*); +#define ERR_get_error CyaSSL_ERR_get_error +#define ERR_clear_error CyaSSL_ERR_clear_error -CYASSL_API BIO_METHOD* BIO_f_buffer(void); -CYASSL_API long BIO_set_write_buffer_size(BIO*, long size); -CYASSL_API BIO_METHOD* BIO_f_ssl(void); -CYASSL_API BIO* BIO_new_socket(int sfd, int flag); -CYASSL_API void SSL_set_bio(SSL*, BIO* rd, BIO* wr); -CYASSL_API int BIO_eof(BIO*); -CYASSL_API long BIO_set_ssl(BIO*, SSL*, int flag); +#define RAND_status CyaSSL_RAND_status +#define RAND_bytes CyaSSL_RAND_bytes +#define SSLv23_server_method CyaSSLv23_server_method +#define SSL_CTX_set_options CyaSSL_CTX_set_options +#define SSL_CTX_check_private_key CyaSSL_CTX_check_private_key -CYASSL_API BIO_METHOD* BIO_s_mem(void); -CYASSL_API BIO_METHOD* BIO_f_base64(void); -CYASSL_API void BIO_set_flags(BIO*, int); +#define ERR_free_strings CyaSSL_ERR_free_strings +#define ERR_remove_state CyaSSL_ERR_remove_state +#define EVP_cleanup CyaSSL_EVP_cleanup -CYASSL_API void OpenSSL_add_all_algorithms(void); -CYASSL_API int SSLeay_add_ssl_algorithms(void); -CYASSL_API int SSLeay_add_all_algorithms(void); - -CYASSL_API void RAND_screen(void); -CYASSL_API const char* RAND_file_name(char*, unsigned long); -CYASSL_API int RAND_write_file(const char*); -CYASSL_API int RAND_load_file(const char*, long); -CYASSL_API int RAND_egd(const char*); - -CYASSL_API COMP_METHOD* COMP_zlib(void); -CYASSL_API COMP_METHOD* COMP_rle(void); -CYASSL_API int SSL_COMP_add_compression_method(int, void*); +#define CRYPTO_cleanup_all_ex_data CyaSSL_cleanup_all_ex_data +#define SSL_CTX_set_mode CyaSSL_CTX_set_mode +#define SSL_CTX_get_mode CyaSSL_CTX_get_mode +#define SSL_CTX_set_default_read_ahead CyaSSL_CTX_set_default_read_ahead -CYASSL_API int SSL_get_ex_new_index(long, void*, void*, void*, void*); +#define SSL_CTX_sess_set_cache_size CyaSSL_CTX_sess_set_cache_size +#define SSL_CTX_set_default_verify_paths CyaSSL_CTX_set_default_verify_paths -CYASSL_API void CRYPTO_set_id_callback(unsigned long (*f)(void)); -CYASSL_API void CRYPTO_set_locking_callback(void (*f)(int, int, const char*, - int)); -CYASSL_API void CRYPTO_set_dynlock_create_callback(CRYPTO_dynlock_value* (*f) - (const char*, int)); -CYASSL_API void CRYPTO_set_dynlock_lock_callback(void (*f)(int, - CRYPTO_dynlock_value*, const char*, int)); -CYASSL_API void CRYPTO_set_dynlock_destroy_callback(void (*f) - (CRYPTO_dynlock_value*, const char*, int)); -CYASSL_API int CRYPTO_num_locks(void); - -CYASSL_API X509* X509_STORE_CTX_get_current_cert(X509_STORE_CTX*); -CYASSL_API int X509_STORE_CTX_get_error(X509_STORE_CTX*); -CYASSL_API int X509_STORE_CTX_get_error_depth(X509_STORE_CTX*); - -CYASSL_API char* X509_NAME_oneline(X509_NAME*, char*, int); -CYASSL_API X509_NAME* X509_get_issuer_name(X509*); -CYASSL_API X509_NAME* X509_get_subject_name(X509*); -CYASSL_API const char* X509_verify_cert_error_string(long); - -CYASSL_API int X509_LOOKUP_add_dir(X509_LOOKUP*, const char*, long); -CYASSL_API int X509_LOOKUP_load_file(X509_LOOKUP*, const char*, long); -CYASSL_API X509_LOOKUP_METHOD* X509_LOOKUP_hash_dir(void); -CYASSL_API X509_LOOKUP_METHOD* X509_LOOKUP_file(void); - -CYASSL_API X509_LOOKUP* X509_STORE_add_lookup(X509_STORE*, X509_LOOKUP_METHOD*); -CYASSL_API X509_STORE* X509_STORE_new(void); -CYASSL_API int X509_STORE_get_by_subject(X509_STORE_CTX*, int, - X509_NAME*, X509_OBJECT*); -CYASSL_API int X509_STORE_CTX_init(X509_STORE_CTX*, X509_STORE*, X509*, - STACK_OF(X509)*); -CYASSL_API void X509_STORE_CTX_cleanup(X509_STORE_CTX*); - -CYASSL_API ASN1_TIME* X509_CRL_get_lastUpdate(X509_CRL*); -CYASSL_API ASN1_TIME* X509_CRL_get_nextUpdate(X509_CRL*); - -CYASSL_API EVP_PKEY* X509_get_pubkey(X509*); -CYASSL_API int X509_CRL_verify(X509_CRL*, EVP_PKEY*); -CYASSL_API void X509_STORE_CTX_set_error(X509_STORE_CTX*, int); -CYASSL_API void X509_OBJECT_free_contents(X509_OBJECT*); -CYASSL_API void EVP_PKEY_free(EVP_PKEY*); -CYASSL_API int X509_cmp_current_time(const ASN1_TIME*); -CYASSL_API int sk_X509_REVOKED_num(X509_REVOKED*); - -CYASSL_API X509_REVOKED* X509_CRL_get_REVOKED(X509_CRL*); -CYASSL_API X509_REVOKED* sk_X509_REVOKED_value(X509_REVOKED*, int); - -CYASSL_API ASN1_INTEGER* X509_get_serialNumber(X509*); - -CYASSL_API int ASN1_TIME_print(BIO*, const ASN1_TIME*); - -CYASSL_API int ASN1_INTEGER_cmp(const ASN1_INTEGER*, const ASN1_INTEGER*); -CYASSL_API long ASN1_INTEGER_get(const ASN1_INTEGER*); - -CYASSL_API STACK_OF(X509_NAME)* SSL_load_client_CA_file(const char*); - -CYASSL_API void SSL_CTX_set_client_CA_list(SSL_CTX*, STACK_OF(X509_NAME)*); -CYASSL_API void* X509_STORE_CTX_get_ex_data(X509_STORE_CTX*, int); -CYASSL_API int SSL_get_ex_data_X509_STORE_CTX_idx(void); -CYASSL_API void* SSL_get_ex_data(const SSL*, int); - -CYASSL_API void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX*,void* userdata); -CYASSL_API void SSL_CTX_set_default_passwd_cb(SSL_CTX*, pem_password_cb); - - -CYASSL_API long SSL_CTX_set_timeout(SSL_CTX*, long); -CYASSL_API void SSL_CTX_set_info_callback(SSL_CTX*, void (*)(void)); - -CYASSL_API unsigned long ERR_peek_error(void); -CYASSL_API int ERR_GET_REASON(int); - -CYASSL_API char* SSL_alert_type_string_long(int); -CYASSL_API char* SSL_alert_desc_string_long(int); -CYASSL_API char* SSL_state_string_long(SSL*); - -CYASSL_API void RSA_free(RSA*); -CYASSL_API RSA* RSA_generate_key(int, unsigned long, void(*)(int, int, void*), - void*); -CYASSL_API void SSL_CTX_set_tmp_rsa_callback(SSL_CTX*, RSA*(*)(SSL*, int, int)); - -CYASSL_API int PEM_def_callback(char*, int num, int w, void* key); - -CYASSL_API long SSL_CTX_sess_accept(SSL_CTX*); -CYASSL_API long SSL_CTX_sess_connect(SSL_CTX*); -CYASSL_API long SSL_CTX_sess_accept_good(SSL_CTX*); -CYASSL_API long SSL_CTX_sess_connect_good(SSL_CTX*); -CYASSL_API long SSL_CTX_sess_accept_renegotiate(SSL_CTX*); -CYASSL_API long SSL_CTX_sess_connect_renegotiate(SSL_CTX*); -CYASSL_API long SSL_CTX_sess_hits(SSL_CTX*); -CYASSL_API long SSL_CTX_sess_cb_hits(SSL_CTX*); -CYASSL_API long SSL_CTX_sess_cache_full(SSL_CTX*); -CYASSL_API long SSL_CTX_sess_misses(SSL_CTX*); -CYASSL_API long SSL_CTX_sess_timeouts(SSL_CTX*); -CYASSL_API long SSL_CTX_sess_number(SSL_CTX*); -CYASSL_API long SSL_CTX_sess_get_cache_size(SSL_CTX*); - - -#define SSL_DEFAULT_CIPHER_LIST "" /* default all */ -#define RSA_F4 0x10001L - -enum { - OCSP_NOCERTS = 1, - OCSP_NOINTERN = 2, - OCSP_NOSIGS = 4, - OCSP_NOCHAIN = 8, - OCSP_NOVERIFY = 16, - OCSP_NOEXPLICIT = 32, - OCSP_NOCASIGN = 64, - OCSP_NODELEGATED = 128, - OCSP_NOCHECKS = 256, - OCSP_TRUSTOTHER = 512, - OCSP_RESPID_KEY = 1024, - OCSP_NOTIME = 2048, - - OCSP_CERTID = 2, - OCSP_REQUEST = 4, - OCSP_RESPONSE = 8, - OCSP_BASICRESP = 16, - - ASN1_GENERALIZEDTIME = 4, - - SSL_OP_MICROSOFT_SESS_ID_BUG = 1, - SSL_OP_NETSCAPE_CHALLENGE_BUG = 2, - SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG = 3, - SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG = 4, - SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER = 5, - SSL_OP_MSIE_SSLV2_RSA_PADDING = 6, - SSL_OP_SSLEAY_080_CLIENT_DH_BUG = 7, - SSL_OP_TLS_D5_BUG = 8, - SSL_OP_TLS_BLOCK_PADDING_BUG = 9, - SSL_OP_TLS_ROLLBACK_BUG = 10, - SSL_OP_ALL = 11, - SSL_OP_EPHEMERAL_RSA = 12, - SSL_OP_NO_SSLv3 = 13, - SSL_OP_NO_TLSv1 = 14, - SSL_OP_PKCS1_CHECK_1 = 15, - SSL_OP_PKCS1_CHECK_2 = 16, - SSL_OP_NETSCAPE_CA_DN_BUG = 17, - SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG = 18, - SSL_OP_SINGLE_DH_USE = 19, - SSL_OP_NO_TICKET = 20, - SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS = 21, - SSL_OP_NO_QUERY_MTU = 22, - SSL_OP_COOKIE_EXCHANGE = 23, - SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION = 24, - SSL_OP_SINGLE_ECDH_USE = 25, - SSL_OP_CIPHER_SERVER_PREFERENCE = 26, - - SSL_MAX_SSL_SESSION_ID_LENGTH = 32, - - EVP_R_BAD_DECRYPT = 2, - - SSL_CB_LOOP = 4, - SSL_ST_CONNECT = 5, - SSL_ST_ACCEPT = 6, - SSL_CB_ALERT = 7, - SSL_CB_READ = 8, - SSL_CB_HANDSHAKE_DONE = 9, - - SSL_MODE_ENABLE_PARTIAL_WRITE = 2, - - BIO_FLAGS_BASE64_NO_NL = 1, - BIO_CLOSE = 1, - BIO_NOCLOSE = 0, - - NID_undef = 0, - - X509_FILETYPE_PEM = 8, - X509_LU_X509 = 9, - X509_LU_CRL = 12, - - X509_V_ERR_CRL_SIGNATURE_FAILURE = 13, - X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD = 14, - X509_V_ERR_CRL_HAS_EXPIRED = 15, - X509_V_ERR_CERT_REVOKED = 16, - X509_V_ERR_CERT_CHAIN_TOO_LONG = 17, - X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT = 18, - X509_V_ERR_CERT_NOT_YET_VALID = 19, - X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD = 20, - X509_V_ERR_CERT_HAS_EXPIRED = 21, - X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD = 22, - - X509_V_OK = 0, - - CRYPTO_LOCK = 1, - CRYPTO_NUM_LOCKS = 10 -}; - -/* extras end */ - -#ifndef NO_FILESYSTEM -/* CyaSSL extension, provide last error from SSL_get_error - since not using thread storage error queue */ -CYASSL_API void ERR_print_errors_fp(FILE*, int err); -#endif - -enum { /* ssl Constants */ - SSL_ERROR_NONE = 0, /* for most functions */ - SSL_FAILURE = 0, /* for some functions */ - SSL_SUCCESS = 1, - - SSL_BAD_CERTTYPE = -8, - SSL_BAD_STAT = -7, - SSL_BAD_PATH = -6, - SSL_BAD_FILETYPE = -5, - SSL_BAD_FILE = -4, - SSL_NOT_IMPLEMENTED = -3, - SSL_UNKNOWN = -2, - SSL_FATAL_ERROR = -1, - - SSL_FILETYPE_ASN1 = 2, - SSL_FILETYPE_PEM = 1, - SSL_FILETYPE_DEFAULT = 2, /* ASN1 */ - SSL_FILETYPE_RAW = 3, /* NTRU raw key blob */ - - SSL_VERIFY_NONE = 0, - SSL_VERIFY_PEER = 1, - SSL_VERIFY_FAIL_IF_NO_PEER_CERT = 2, - SSL_VERIFY_CLIENT_ONCE = 4, - - SSL_SESS_CACHE_OFF = 30, - SSL_SESS_CACHE_CLIENT = 31, - SSL_SESS_CACHE_SERVER = 32, - SSL_SESS_CACHE_BOTH = 33, - SSL_SESS_CACHE_NO_AUTO_CLEAR = 34, - SSL_SESS_CACHE_NO_INTERNAL_LOOKUP = 35, - - SSL_ERROR_WANT_READ = 2, - SSL_ERROR_WANT_WRITE = 3, - SSL_ERROR_WANT_CONNECT = 7, - SSL_ERROR_WANT_ACCEPT = 8, - SSL_ERROR_SYSCALL = 5, - SSL_ERROR_WANT_X509_LOOKUP = 83, - SSL_ERROR_ZERO_RETURN = 6, - SSL_ERROR_SSL = 85, - - SSL_SENT_SHUTDOWN = 1, - SSL_RECEIVED_SHUTDOWN = 2, - SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER = 4, - SSL_OP_NO_SSLv2 = 8, - - SSL_R_SSL_HANDSHAKE_FAILURE = 101, - SSL_R_TLSV1_ALERT_UNKNOWN_CA = 102, - SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN = 103, - SSL_R_SSLV3_ALERT_BAD_CERTIFICATE = 104, - - PEM_BUFSIZE = 1024 -}; +#define SSL_CTX_set_session_id_context CyaSSL_CTX_set_session_id_context +#define SSL_get_peer_certificate CyaSSL_get_peer_certificate +#define SSL_want_read CyaSSL_want_read +#define SSL_want_write CyaSSL_want_write -#ifndef NO_PSK - typedef unsigned int (*psk_client_callback)(SSL*, const char*, char*, - unsigned int, unsigned char*, unsigned int); - CYASSL_API void SSL_CTX_set_psk_client_callback(SSL_CTX*, - psk_client_callback); - CYASSL_API void SSL_set_psk_client_callback(SSL*, psk_client_callback); - - CYASSL_API const char* SSL_get_psk_identity_hint(const SSL*); - CYASSL_API const char* SSL_get_psk_identity(const SSL*); - - CYASSL_API int SSL_CTX_use_psk_identity_hint(SSL_CTX*, const char*); - CYASSL_API int SSL_use_psk_identity_hint(SSL*, const char*); - - typedef unsigned int (*psk_server_callback)(SSL*, const char*, - unsigned char*, unsigned int); - CYASSL_API void SSL_CTX_set_psk_server_callback(SSL_CTX*, - psk_server_callback); - CYASSL_API void SSL_set_psk_server_callback(SSL*, psk_server_callback); - - #define PSK_TYPES_DEFINED -#endif /* NO_PSK */ - - -/* extra begins */ - -enum { /* ERR Constants */ - ERR_TXT_STRING = 1 -}; - -CYASSL_API unsigned long ERR_get_error_line_data(const char**, int*, - const char**, int *); - -CYASSL_API unsigned long ERR_get_error(void); -CYASSL_API void ERR_clear_error(void); - - -CYASSL_API int RAND_status(void); -CYASSL_API int RAND_bytes(unsigned char* buf, int num); -CYASSL_API SSL_METHOD *SSLv23_server_method(void); -CYASSL_API long SSL_CTX_set_options(SSL_CTX*, long); -CYASSL_API int SSL_CTX_check_private_key(SSL_CTX*); - - -CYASSL_API void ERR_free_strings(void); -CYASSL_API void ERR_remove_state(unsigned long); -CYASSL_API void EVP_cleanup(void); - -CYASSL_API void CRYPTO_cleanup_all_ex_data(void); -CYASSL_API long SSL_CTX_set_mode(SSL_CTX* ctx, long mode); -CYASSL_API long SSL_CTX_get_mode(SSL_CTX* ctx); -CYASSL_API void SSL_CTX_set_default_read_ahead(SSL_CTX* ctx, int m); - -CYASSL_API long SSL_CTX_sess_set_cache_size(SSL_CTX*, long); - -CYASSL_API int SSL_CTX_set_default_verify_paths(SSL_CTX*); -CYASSL_API int SSL_CTX_set_session_id_context(SSL_CTX*, const unsigned char*, - unsigned int); - -CYASSL_API X509* SSL_get_peer_certificate(SSL* ssl); - -CYASSL_API int SSL_want_read(SSL*); -CYASSL_API int SSL_want_write(SSL*); - -CYASSL_API int BIO_printf(BIO*, const char*, ...); -CYASSL_API int ASN1_UTCTIME_print(BIO*, const ASN1_UTCTIME*); - -CYASSL_API int sk_num(X509_REVOKED*); -CYASSL_API void* sk_value(X509_REVOKED*, int); - -/* stunnel 4.28 needs */ -CYASSL_API void* SSL_CTX_get_ex_data(const SSL_CTX*, int); -CYASSL_API int SSL_CTX_set_ex_data(SSL_CTX*, int, void*); -CYASSL_API void SSL_CTX_sess_set_get_cb(SSL_CTX*, SSL_SESSION*(*f)(SSL*, - unsigned char*, int, int*)); -CYASSL_API void SSL_CTX_sess_set_new_cb(SSL_CTX*, int (*f)(SSL*,SSL_SESSION*)); -CYASSL_API void SSL_CTX_sess_set_remove_cb(SSL_CTX*, void (*f)(SSL_CTX*, - SSL_SESSION*)); - -CYASSL_API int i2d_SSL_SESSION(SSL_SESSION*, unsigned char**); -CYASSL_API SSL_SESSION* d2i_SSL_SESSION(SSL_SESSION**,const unsigned char**, - long); +#define BIO_prf CyaSSL_BIO_prf +#define ASN1_UTCTIME_pr CyaSSL_ASN1_UTCTIME_pr -CYASSL_API long SSL_SESSION_get_timeout(const SSL_SESSION*); -CYASSL_API long SSL_SESSION_get_time(const SSL_SESSION*); -CYASSL_API int SSL_CTX_get_ex_new_index(long, void*, void*, void*, void*); - -/* extra ends */ +#define sk_num CyaSSL_sk_num +#define sk_value CyaSSL_sk_value +#define SSL_CTX_get_ex_data CyaSSL_CTX_get_ex_data +#define SSL_CTX_set_ex_data CyaSSL_CTX_set_ex_data +#define SSL_CTX_sess_set_get_cb CyaSSL_CTX_sess_set_get_cb +#define SSL_CTX_sess_set_new_cb CyaSSL_CTX_sess_set_new_cb +#define SSL_CTX_sess_set_remove_cb CyaSSL_CTX_sess_set_remove_cb -/* CyaSSL extensions */ +#define i2d_SSL_SESSION CyaSSL_i2d_SSL_SESSION +#define d2i_SSL_SESSION CyaSSL_d2i_SSL_SESSION +#define SSL_SESSION_get_timeout CyaSSL_SESSION_get_timeout +#define SSL_SESSION_get_time CyaSSL_SESSION_get_time +#define SSL_CTX_get_ex_new_index CyaSSL_CTX_get_ex_new_index -/* call before SSL_connect, if verifying will add name check to - date check and signature check */ -CYASSL_API int CyaSSL_check_domain_name(SSL* ssl, const char* dn); - -/* need to call once to load library (session cache) */ -CYASSL_API int CyaSSL_Init(void); -/* call when done to cleanup/free session cache mutex / resources */ -CYASSL_API int CyaSSL_Cleanup(void); - -/* turn logging on, only if compiled in */ -CYASSL_API int CyaSSL_Debugging_ON(void); -/* turn logging off */ -CYASSL_API void CyaSSL_Debugging_OFF(void); - -/* do accept or connect depedning on side */ -CYASSL_API int CyaSSL_negotiate(SSL* ssl); -/* turn on CyaSSL data compression */ -CYASSL_API int CyaSSL_set_compression(SSL* ssl); - -/* get CyaSSL peer X509_CHAIN */ -CYASSL_API X509_CHAIN* CyaSSL_get_peer_chain(SSL* ssl); -/* peer chain count */ -CYASSL_API int CyaSSL_get_chain_count(X509_CHAIN* chain); -/* index cert length */ -CYASSL_API int CyaSSL_get_chain_length(X509_CHAIN*, int idx); -/* index cert */ -CYASSL_API unsigned char* CyaSSL_get_chain_cert(X509_CHAIN*, int idx); -/* get index cert in PEM */ -CYASSL_API int CyaSSL_get_chain_cert_pem(X509_CHAIN*, int idx, - unsigned char* buffer, int inLen, int* outLen); -CYASSL_API const unsigned char* CyaSSL_get_sessionID(const SSL_SESSION* sess); -CYASSL_API int CyaSSL_X509_get_serial_number(X509*, unsigned char*, int*); - -/* connect enough to get peer cert */ -CYASSL_API int CyaSSL_connect_cert(SSL* ssl); - -/* server CTX Diffie-Hellman parameters */ -CYASSL_API int CyaSSL_SetTmpDH(SSL*, unsigned char* p, int pSz, - unsigned char* g, int gSz); - -#ifndef _WIN32 - #ifndef NO_WRITEV - #ifdef __PPU - #include - #include - #else - #include - #endif - /* allow writev style writing */ - CYASSL_API int CyaSSL_writev(SSL* ssl, const struct iovec* iov, - int iovcnt); - #endif -#endif - - -/* SSL_CTX versions */ -CYASSL_API int CyaSSL_CTX_load_verify_buffer(SSL_CTX*, const unsigned char*, - long, int); -CYASSL_API int CyaSSL_CTX_use_certificate_buffer(SSL_CTX*, const unsigned char*, long,int); -CYASSL_API int CyaSSL_CTX_use_PrivateKey_buffer(SSL_CTX*, const unsigned char*, - long, int); -CYASSL_API int CyaSSL_CTX_use_certificate_chain_buffer(SSL_CTX*, - const unsigned char*, long); - -/* SSL versions */ -CYASSL_API int CyaSSL_use_certificate_buffer(SSL*, const unsigned char*, long, - int); -CYASSL_API int CyaSSL_use_PrivateKey_buffer(SSL*, const unsigned char*, long, - int); -CYASSL_API int CyaSSL_use_certificate_chain_buffer(SSL*,const unsigned char*, - long); - -/* I/O callbacks */ -typedef int (*CallbackIORecv)(char *buf, int sz, void *ctx); -typedef int (*CallbackIOSend)(char *buf, int sz, void *ctx); - -CYASSL_API void CyaSSL_SetIORecv(SSL_CTX*, CallbackIORecv); -CYASSL_API void CyaSSL_SetIOSend(SSL_CTX*, CallbackIOSend); - -CYASSL_API void CyaSSL_SetIOReadCtx(SSL* ssl, void *ctx); -CYASSL_API void CyaSSL_SetIOWriteCtx(SSL* ssl, void *ctx); - - -#ifdef CYASSL_CALLBACKS - -/* used internally by CyaSSL while OpenSSL types aren't */ -#include "cyassl_callbacks.h" - -typedef int (*HandShakeCallBack)(HandShakeInfo*); -typedef int (*TimeoutCallBack)(TimeoutInfo*); - -/* CyaSSL connect extension allowing HandShakeCallBack and/or TimeoutCallBack - for diagnostics */ -CYASSL_API int CyaSSL_connect_ex(SSL*, HandShakeCallBack, TimeoutCallBack, - Timeval); -CYASSL_API int CyaSSL_accept_ex(SSL*, HandShakeCallBack, TimeoutCallBack, - Timeval); - -#endif /* CYASSL_CALLBACKS */ #ifdef __cplusplus diff --git a/cyassl/ssl.h b/cyassl/ssl.h new file mode 100644 index 000000000..251da6128 --- /dev/null +++ b/cyassl/ssl.h @@ -0,0 +1,724 @@ +/* ssl.h + * + * Copyright (C) 2006-2011 Sawtooth Consulting Ltd. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + + +/* CyaSSL API */ + +#ifndef CYASSL_SSL_H +#define CYASSL_SSL_H + + +/* for users not using preprocessor flags*/ +#include + + +#ifndef NO_FILESYSTEM + #include /* ERR_pr fp */ +#endif + + +#ifdef __cplusplus + extern "C" { +#endif + + +typedef struct CYASSL CYASSL; +typedef struct CYASSL_SESSION CYASSL_SESSION; +typedef struct CYASSL_METHOD CYASSL_METHOD; +typedef struct CYASSL_CTX CYASSL_CTX; + +typedef struct CYASSL_X509 CYASSL_X509; +typedef struct CYASSL_X509_NAME CYASSL_X509_NAME; +typedef struct CYASSL_X509_CHAIN CYASSL_X509_CHAIN; + + +/* redeclare guard */ +#define CYASSL_TYPES_DEFINED + + +typedef struct CYASSL_EVP_PKEY CYASSL_EVP_PKEY; +typedef struct CYASSL_RSA CYASSL_RSA; +typedef struct CYASSL_BIO CYASSL_BIO; +typedef struct CYASSL_BIO_METHOD CYASSL_BIO_METHOD; +typedef struct CYASSL_CIPHER CYASSL_CIPHER; +typedef struct CYASSL_X509_LOOKUP CYASSL_X509_LOOKUP; +typedef struct CYASSL_X509_LOOKUP_METHOD CYASSL_X509_LOOKUP_METHOD; +typedef struct CYASSL_X509_CRL CYASSL_X509_CRL; +typedef struct CYASSL_X509_EXTENSION CYASSL_X509_EXTENSION; +typedef struct CYASSL_ASN1_TIME CYASSL_ASN1_TIME; +typedef struct CYASSL_ASN1_INTEGER CYASSL_ASN1_INTEGER; +typedef struct CYASSL_ASN1_OBJECT CYASSL_ASN1_OBJECT; +typedef struct CYASSL_ASN1_STRING CYASSL_ASN1_STRING; +typedef struct CYASSL_dynlock_value CYASSL_dynlock_value; + +#define CYASSL_ASN1_UTCTIME CYASSL_ASN1_TIME + +typedef struct CYASSL_MD4_CTX { + int buffer[32]; /* big enough to hold, check size in Init */ +} CYASSL_MD4_CTX; + + +typedef struct CYASSL_COMP_METHOD { + int type; /* stunnel dereference */ +} CYASSL_COMP_METHOD; + + +typedef struct CYASSL_X509_STORE { + int cache; /* stunnel dereference */ +} CYASSL_X509_STORE; + + +typedef struct CYASSL_X509_REVOKED { + CYASSL_ASN1_INTEGER* serialNumber; /* stunnel dereference */ +} CYASSL_X509_REVOKED; + + +typedef struct CYASSL_X509_OBJECT { + union { + char* ptr; + CYASSL_X509_CRL* crl; /* stunnel dereference */ + } data; +} CYASSL_X509_OBJECT; + + +/* in internal.h too, change there !! */ +typedef struct CYASSL_X509_STORE_CTX { + int error; + int error_depth; + CYASSL_X509* current_cert; /* stunnel dereference */ + char* domain; /* subject CN domain name */ + /* in internal.h too, change there !! */ +} CYASSL_X509_STORE_CTX; + + +CYASSL_API CYASSL_METHOD *CyaSSLv3_server_method(void); +CYASSL_API CYASSL_METHOD *CyaSSLv3_client_method(void); +CYASSL_API CYASSL_METHOD *CyaTLSv1_server_method(void); +CYASSL_API CYASSL_METHOD *CyaTLSv1_client_method(void); +CYASSL_API CYASSL_METHOD *CyaTLSv1_1_server_method(void); +CYASSL_API CYASSL_METHOD *CyaTLSv1_1_client_method(void); +CYASSL_API CYASSL_METHOD *CyaTLSv1_2_server_method(void); +CYASSL_API CYASSL_METHOD *CyaTLSv1_2_client_method(void); + +#ifdef CYASSL_DTLS + CYASSL_API CYASSL_METHOD *CyaDTLSv1_client_method(void); + CYASSL_API CYASSL_METHOD *CyaDTLSv1_server_method(void); +#endif + +#ifndef NO_FILESYSTEM + +CYASSL_API int CyaSSL_CTX_use_certificate_file(CYASSL_CTX*, const char*, int); +CYASSL_API int CyaSSL_CTX_use_PrivateKey_file(CYASSL_CTX*, const char*, int); +CYASSL_API int CyaSSL_CTX_load_verify_locations(CYASSL_CTX*, const char*, + const char*); +CYASSL_API int CyaSSL_CTX_use_certificate_chain_file(CYASSL_CTX *, + const char *file); +CYASSL_API int CyaSSL_CTX_use_RSAPrivateKey_file(CYASSL_CTX*, const char*, int); + +#ifdef CYASSL_DER_LOAD + CYASSL_API int CyaSSL_CTX_load_verify_locations(CYASSL_CTX*, + const char*, int); +#endif + +#ifdef HAVE_NTRU + CYASSL_API int CyaSSL_CTX_use_NTRUPrivateKey_file(CYASSL_CTX*, const char*); + /* load NTRU private key blob */ +#endif + +CYASSL_API int CyaSSL_PemCertToDer(const char*, unsigned char*, int); + +#endif /* NO_FILESYSTEM */ + +CYASSL_API CYASSL_CTX* CyaSSL_CTX_new(CYASSL_METHOD*); +CYASSL_API CYASSL* CyaSSL_new(CYASSL_CTX*); +CYASSL_API int CyaSSL_set_fd (CYASSL*, int); +CYASSL_API int CyaSSL_get_fd(const CYASSL*); +CYASSL_API int CyaSSL_connect(CYASSL*); /* please see note at top of README + if you get an error from connect */ +CYASSL_API int CyaSSL_write(CYASSL*, const void*, int); +CYASSL_API int CyaSSL_read(CYASSL*, void*, int); +CYASSL_API int CyaSSL_accept(CYASSL*); +CYASSL_API void CyaSSL_CTX_free(CYASSL_CTX*); +CYASSL_API void CyaSSL_free(CYASSL*); +CYASSL_API int CyaSSL_shutdown(CYASSL*); + +CYASSL_API void CyaSSL_CTX_set_quiet_shutdown(CYASSL_CTX*, int); + +CYASSL_API int CyaSSL_get_error(CYASSL*, int); + +CYASSL_API int CyaSSL_set_session(CYASSL* ssl,CYASSL_SESSION* session); +CYASSL_API CYASSL_SESSION* CyaSSL_get_session(CYASSL* ssl); +CYASSL_API void CyaSSL_flush_sessions(CYASSL_CTX *ctx, long tm); + + +typedef int (*VerifyCallback)(int, CYASSL_X509_STORE_CTX*); +typedef int (*pem_password_cb)(char*, int, int, void*); + +CYASSL_API void CyaSSL_CTX_set_verify(CYASSL_CTX*, int, + VerifyCallback verify_callback); + + +CYASSL_API int CyaSSL_pending(CYASSL*); + + +CYASSL_API void CyaSSL_load_error_strings(void); +CYASSL_API int CyaSSL_library_init(void); +CYASSL_API long CyaSSL_CTX_set_session_cache_mode(CYASSL_CTX*, long); + +/* only supports full name from cipher_name[] delimited by : */ +CYASSL_API int CyaSSL_CTX_set_cipher_list(CYASSL_CTX*, const char*); + +CYASSL_API char* CyaSSL_ERR_error_string(unsigned long,char*); +CYASSL_API void CyaSSL_ERR_error_string_n(unsigned long e, char* buf, + unsigned long sz); + +/* extras */ + +#define STACK_OF(x) x + +CYASSL_API int CyaSSL_set_ex_data(CYASSL*, int, void*); +CYASSL_API int CyaSSL_get_shutdown(const CYASSL*); +CYASSL_API int CyaSSL_set_rfd(CYASSL*, int); +CYASSL_API int CyaSSL_set_wfd(CYASSL*, int); +CYASSL_API void CyaSSL_set_shutdown(CYASSL*, int); +CYASSL_API int CyaSSL_set_session_id_context(CYASSL*, const unsigned char*, + unsigned int); +CYASSL_API void CyaSSL_set_connect_state(CYASSL*); +CYASSL_API void CyaSSL_set_accept_state(CYASSL*); +CYASSL_API int CyaSSL_session_reused(CYASSL*); +CYASSL_API void CyaSSL_SESSION_free(CYASSL_SESSION* session); + +CYASSL_API const char* CyaSSL_get_version(CYASSL*); +CYASSL_API CYASSL_CIPHER* CyaSSL_get_current_cipher(CYASSL*); +CYASSL_API char* CyaSSL_CIPHER_description(CYASSL_CIPHER*, char*, int); +CYASSL_API const char* CyaSSL_CIPHER_get_name(const CYASSL_CIPHER* cipher); +CYASSL_API CYASSL_SESSION* CyaSSL_get1_session(CYASSL* ssl); + /* what's ref count */ + +CYASSL_API void CyaSSL_X509_free(CYASSL_X509*); +CYASSL_API void CyaSSL_OpenSSL_free(void*); + +CYASSL_API int CyaSSL_OCSP_parse_url(char* url, char** host, char** port, + char** path, int* ssl); + +CYASSL_API CYASSL_METHOD* CyaSSLv23_client_method(void); +CYASSL_API CYASSL_METHOD* CyaSSLv2_client_method(void); +CYASSL_API CYASSL_METHOD* CyaSSLv2_server_method(void); + +CYASSL_API void CyaSSL_MD4_Init(CYASSL_MD4_CTX*); +CYASSL_API void CyaSSL_MD4_Update(CYASSL_MD4_CTX*, const void*, unsigned long); +CYASSL_API void CyaSSL_MD4_Final(unsigned char*, CYASSL_MD4_CTX*); + +CYASSL_API CYASSL_BIO* CyaSSL_BIO_new(CYASSL_BIO_METHOD*); +CYASSL_API int CyaSSL_BIO_free(CYASSL_BIO*); +CYASSL_API int CyaSSL_BIO_free_all(CYASSL_BIO*); +CYASSL_API int CyaSSL_BIO_read(CYASSL_BIO*, void*, int); +CYASSL_API int CyaSSL_BIO_write(CYASSL_BIO*, const void*, int); +CYASSL_API CYASSL_BIO* CyaSSL_BIO_push(CYASSL_BIO*, CYASSL_BIO* append); +CYASSL_API CYASSL_BIO* CyaSSL_BIO_pop(CYASSL_BIO*); +CYASSL_API int CyaSSL_BIO_flush(CYASSL_BIO*); +CYASSL_API int CyaSSL_BIO_pending(CYASSL_BIO*); + +CYASSL_API CYASSL_BIO_METHOD* CyaSSL_BIO_f_buffer(void); +CYASSL_API long CyaSSL_BIO_set_write_buffer_size(CYASSL_BIO*, long size); +CYASSL_API CYASSL_BIO_METHOD* CyaSSL_BIO_f_ssl(void); +CYASSL_API CYASSL_BIO* CyaSSL_BIO_new_socket(int sfd, int flag); +CYASSL_API void CyaSSL_set_bio(CYASSL*, CYASSL_BIO* rd, CYASSL_BIO* wr); +CYASSL_API int CyaSSL_BIO_eof(CYASSL_BIO*); +CYASSL_API long CyaSSL_BIO_set_ssl(CYASSL_BIO*, CYASSL*, int flag); + +CYASSL_API CYASSL_BIO_METHOD* CyaSSL_BIO_s_mem(void); +CYASSL_API CYASSL_BIO_METHOD* CyaSSL_BIO_f_base64(void); +CYASSL_API void CyaSSL_BIO_set_flags(CYASSL_BIO*, int); + +CYASSL_API int CyaSSL_add_all_algorithms(void); + +CYASSL_API void CyaSSL_RAND_screen(void); +CYASSL_API const char* CyaSSL_RAND_file_name(char*, unsigned long); +CYASSL_API int CyaSSL_RAND_write_file(const char*); +CYASSL_API int CyaSSL_RAND_load_file(const char*, long); +CYASSL_API int CyaSSL_RAND_egd(const char*); + +CYASSL_API CYASSL_COMP_METHOD* CyaSSL_COMP_zlib(void); +CYASSL_API CYASSL_COMP_METHOD* CyaSSL_COMP_rle(void); +CYASSL_API int CyaSSL_COMP_add_compression_method(int, void*); + +CYASSL_API int CyaSSL_get_ex_new_index(long, void*, void*, void*, void*); + +CYASSL_API void CyaSSL_set_id_callback(unsigned long (*f)(void)); +CYASSL_API void CyaSSL_set_locking_callback(void (*f)(int, int, const char*, + int)); +CYASSL_API void CyaSSL_set_dynlock_create_callback(CYASSL_dynlock_value* (*f) + (const char*, int)); +CYASSL_API void CyaSSL_set_dynlock_lock_callback(void (*f)(int, + CYASSL_dynlock_value*, const char*, int)); +CYASSL_API void CyaSSL_set_dynlock_destroy_callback(void (*f) + (CYASSL_dynlock_value*, const char*, int)); +CYASSL_API int CyaSSL_num_locks(void); + +CYASSL_API CYASSL_X509* CyaSSL_X509_STORE_CTX_get_current_cert( + CYASSL_X509_STORE_CTX*); +CYASSL_API int CyaSSL_X509_STORE_CTX_get_error(CYASSL_X509_STORE_CTX*); +CYASSL_API int CyaSSL_X509_STORE_CTX_get_error_depth(CYASSL_X509_STORE_CTX*); + +CYASSL_API char* CyaSSL_X509_NAME_oneline(CYASSL_X509_NAME*, char*, int); +CYASSL_API CYASSL_X509_NAME* CyaSSL_X509_get_issuer_name(CYASSL_X509*); +CYASSL_API CYASSL_X509_NAME* CyaSSL_X509_get_subject_name(CYASSL_X509*); +CYASSL_API const char* CyaSSL_X509_verify_cert_error_string(long); + +CYASSL_API int CyaSSL_X509_LOOKUP_add_dir(CYASSL_X509_LOOKUP*,const char*,long); +CYASSL_API int CyaSSL_X509_LOOKUP_load_file(CYASSL_X509_LOOKUP*, const char*, + long); +CYASSL_API CYASSL_X509_LOOKUP_METHOD* CyaSSL_X509_LOOKUP_hash_dir(void); +CYASSL_API CYASSL_X509_LOOKUP_METHOD* CyaSSL_X509_LOOKUP_file(void); + +CYASSL_API CYASSL_X509_LOOKUP* CyaSSL_X509_STORE_add_lookup(CYASSL_X509_STORE*, + CYASSL_X509_LOOKUP_METHOD*); +CYASSL_API CYASSL_X509_STORE* CyaSSL_X509_STORE_new(void); +CYASSL_API int CyaSSL_X509_STORE_get_by_subject(CYASSL_X509_STORE_CTX*, + int, CYASSL_X509_NAME*, CYASSL_X509_OBJECT*); +CYASSL_API int CyaSSL_X509_STORE_CTX_init(CYASSL_X509_STORE_CTX*, + CYASSL_X509_STORE*, CYASSL_X509*, STACK_OF(CYASSL_X509)*); +CYASSL_API void CyaSSL_X509_STORE_CTX_cleanup(CYASSL_X509_STORE_CTX*); + +CYASSL_API CYASSL_ASN1_TIME* CyaSSL_X509_CRL_get_lastUpdate(CYASSL_X509_CRL*); +CYASSL_API CYASSL_ASN1_TIME* CyaSSL_X509_CRL_get_nextUpdate(CYASSL_X509_CRL*); + +CYASSL_API CYASSL_EVP_PKEY* CyaSSL_X509_get_pubkey(CYASSL_X509*); +CYASSL_API int CyaSSL_X509_CRL_verify(CYASSL_X509_CRL*, CYASSL_EVP_PKEY*); +CYASSL_API void CyaSSL_X509_STORE_CTX_set_error(CYASSL_X509_STORE_CTX*, + int); +CYASSL_API void CyaSSL_X509_OBJECT_free_contents(CYASSL_X509_OBJECT*); +CYASSL_API void CyaSSL_EVP_PKEY_free(CYASSL_EVP_PKEY*); +CYASSL_API int CyaSSL_X509_cmp_current_time(const CYASSL_ASN1_TIME*); +CYASSL_API int CyaSSL_sk_X509_REVOKED_num(CYASSL_X509_REVOKED*); + +CYASSL_API CYASSL_X509_REVOKED* CyaSSL_X509_CRL_get_REVOKED(CYASSL_X509_CRL*); +CYASSL_API CYASSL_X509_REVOKED* CyaSSL_sk_X509_REVOKED_value( + CYASSL_X509_REVOKED*,int); +CYASSL_API CYASSL_ASN1_INTEGER* CyaSSL_X509_get_serialNumber(CYASSL_X509*); + +CYASSL_API int CyaSSL_ASN1_TIME_print(CYASSL_BIO*, const CYASSL_ASN1_TIME*); + +CYASSL_API int CyaSSL_ASN1_INTEGER_cmp(const CYASSL_ASN1_INTEGER*, + const CYASSL_ASN1_INTEGER*); +CYASSL_API long CyaSSL_ASN1_INTEGER_get(const CYASSL_ASN1_INTEGER*); + +CYASSL_API STACK_OF(CYASSL_X509_NAME)* CyaSSL_load_client_CA_file(const char*); + +CYASSL_API void CyaSSL_CTX_set_client_CA_list(CYASSL_CTX*, + STACK_OF(CYASSL_X509_NAME)*); +CYASSL_API void* CyaSSL_X509_STORE_CTX_get_ex_data(CYASSL_X509_STORE_CTX*, int); +CYASSL_API int CyaSSL_get_ex_data_X509_STORE_CTX_idx(void); +CYASSL_API void* CyaSSL_get_ex_data(const CYASSL*, int); + +CYASSL_API void CyaSSL_CTX_set_default_passwd_cb_userdata(CYASSL_CTX*, + void* userdata); +CYASSL_API void CyaSSL_CTX_set_default_passwd_cb(CYASSL_CTX*, pem_password_cb); + + +CYASSL_API long CyaSSL_CTX_set_timeout(CYASSL_CTX*, long); +CYASSL_API void CyaSSL_CTX_set_info_callback(CYASSL_CTX*, void (*)(void)); + +CYASSL_API unsigned long CyaSSL_ERR_peek_error(void); +CYASSL_API int CyaSSL_GET_REASON(int); + +CYASSL_API char* CyaSSL_alert_type_string_long(int); +CYASSL_API char* CyaSSL_alert_desc_string_long(int); +CYASSL_API char* CyaSSL_state_string_long(CYASSL*); + +CYASSL_API void CyaSSL_RSA_free(CYASSL_RSA*); +CYASSL_API CYASSL_RSA* CyaSSL_RSA_generate_key(int, unsigned long, + void(*)(int, int, void*), void*); +CYASSL_API void CyaSSL_CTX_set_tmp_rsa_callback(CYASSL_CTX*, + CYASSL_RSA*(*)(CYASSL*, int, int)); + +CYASSL_API int CyaSSL_PEM_def_callback(char*, int num, int w, void* key); + +CYASSL_API long CyaSSL_CTX_sess_accept(CYASSL_CTX*); +CYASSL_API long CyaSSL_CTX_sess_connect(CYASSL_CTX*); +CYASSL_API long CyaSSL_CTX_sess_accept_good(CYASSL_CTX*); +CYASSL_API long CyaSSL_CTX_sess_connect_good(CYASSL_CTX*); +CYASSL_API long CyaSSL_CTX_sess_accept_renegotiate(CYASSL_CTX*); +CYASSL_API long CyaSSL_CTX_sess_connect_renegotiate(CYASSL_CTX*); +CYASSL_API long CyaSSL_CTX_sess_hits(CYASSL_CTX*); +CYASSL_API long CyaSSL_CTX_sess_cb_hits(CYASSL_CTX*); +CYASSL_API long CyaSSL_CTX_sess_cache_full(CYASSL_CTX*); +CYASSL_API long CyaSSL_CTX_sess_misses(CYASSL_CTX*); +CYASSL_API long CyaSSL_CTX_sess_timeouts(CYASSL_CTX*); +CYASSL_API long CyaSSL_CTX_sess_number(CYASSL_CTX*); +CYASSL_API long CyaSSL_CTX_sess_get_cache_size(CYASSL_CTX*); + + +#define CYASSL_DEFAULT_CIPHER_LIST "" /* default all */ +#define CYASSL_RSA_F4 0x10001L + +enum { + OCSP_NOCERTS = 1, + OCSP_NOINTERN = 2, + OCSP_NOSIGS = 4, + OCSP_NOCHAIN = 8, + OCSP_NOVERIFY = 16, + OCSP_NOEXPLICIT = 32, + OCSP_NOCASIGN = 64, + OCSP_NODELEGATED = 128, + OCSP_NOCHECKS = 256, + OCSP_TRUSTOTHER = 512, + OCSP_RESPID_KEY = 1024, + OCSP_NOTIME = 2048, + + OCSP_CERTID = 2, + OCSP_REQUEST = 4, + OCSP_RESPONSE = 8, + OCSP_BASICRESP = 16, + + ASN1_GENERALIZEDTIME = 4, + + SSL_OP_MICROSOFT_SESS_ID_BUG = 1, + SSL_OP_NETSCAPE_CHALLENGE_BUG = 2, + SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG = 3, + SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG = 4, + SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER = 5, + SSL_OP_MSIE_SSLV2_RSA_PADDING = 6, + SSL_OP_SSLEAY_080_CLIENT_DH_BUG = 7, + SSL_OP_TLS_D5_BUG = 8, + SSL_OP_TLS_BLOCK_PADDING_BUG = 9, + SSL_OP_TLS_ROLLBACK_BUG = 10, + SSL_OP_ALL = 11, + SSL_OP_EPHEMERAL_RSA = 12, + SSL_OP_NO_SSLv3 = 13, + SSL_OP_NO_TLSv1 = 14, + SSL_OP_PKCS1_CHECK_1 = 15, + SSL_OP_PKCS1_CHECK_2 = 16, + SSL_OP_NETSCAPE_CA_DN_BUG = 17, + SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG = 18, + SSL_OP_SINGLE_DH_USE = 19, + SSL_OP_NO_TICKET = 20, + SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS = 21, + SSL_OP_NO_QUERY_MTU = 22, + SSL_OP_COOKIE_EXCHANGE = 23, + SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION = 24, + SSL_OP_SINGLE_ECDH_USE = 25, + SSL_OP_CIPHER_SERVER_PREFERENCE = 26, + + SSL_MAX_SSL_SESSION_ID_LENGTH = 32, + + EVP_R_BAD_DECRYPT = 2, + + SSL_CB_LOOP = 4, + SSL_ST_CONNECT = 5, + SSL_ST_ACCEPT = 6, + SSL_CB_ALERT = 7, + SSL_CB_READ = 8, + SSL_CB_HANDSHAKE_DONE = 9, + + SSL_MODE_ENABLE_PARTIAL_WRITE = 2, + + BIO_FLAGS_BASE64_NO_NL = 1, + BIO_CLOSE = 1, + BIO_NOCLOSE = 0, + + NID_undef = 0, + + X509_FILETYPE_PEM = 8, + X509_LU_X509 = 9, + X509_LU_CRL = 12, + + X509_V_ERR_CRL_SIGNATURE_FAILURE = 13, + X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD = 14, + X509_V_ERR_CRL_HAS_EXPIRED = 15, + X509_V_ERR_CERT_REVOKED = 16, + X509_V_ERR_CERT_CHAIN_TOO_LONG = 17, + X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT = 18, + X509_V_ERR_CERT_NOT_YET_VALID = 19, + X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD = 20, + X509_V_ERR_CERT_HAS_EXPIRED = 21, + X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD = 22, + + X509_V_OK = 0, + + CRYPTO_LOCK = 1, + CRYPTO_NUM_LOCKS = 10 +}; + +/* extras end */ + +#ifndef NO_FILESYSTEM +/* CyaSSL extension, provide last error from SSL_get_error + since not using thread storage error queue */ +CYASSL_API void CyaSSL_ERR_print_errors_fp(FILE*, int err); +#endif + +enum { /* ssl Constants */ + SSL_ERROR_NONE = 0, /* for most functions */ + SSL_FAILURE = 0, /* for some functions */ + SSL_SUCCESS = 1, + + SSL_BAD_CERTTYPE = -8, + SSL_BAD_STAT = -7, + SSL_BAD_PATH = -6, + SSL_BAD_FILETYPE = -5, + SSL_BAD_FILE = -4, + SSL_NOT_IMPLEMENTED = -3, + SSL_UNKNOWN = -2, + SSL_FATAL_ERROR = -1, + + SSL_FILETYPE_ASN1 = 2, + SSL_FILETYPE_PEM = 1, + SSL_FILETYPE_DEFAULT = 2, /* ASN1 */ + SSL_FILETYPE_RAW = 3, /* NTRU raw key blob */ + + SSL_VERIFY_NONE = 0, + SSL_VERIFY_PEER = 1, + SSL_VERIFY_FAIL_IF_NO_PEER_CERT = 2, + SSL_VERIFY_CLIENT_ONCE = 4, + + SSL_SESS_CACHE_OFF = 30, + SSL_SESS_CACHE_CLIENT = 31, + SSL_SESS_CACHE_SERVER = 32, + SSL_SESS_CACHE_BOTH = 33, + SSL_SESS_CACHE_NO_AUTO_CLEAR = 34, + SSL_SESS_CACHE_NO_INTERNAL_LOOKUP = 35, + + SSL_ERROR_WANT_READ = 2, + SSL_ERROR_WANT_WRITE = 3, + SSL_ERROR_WANT_CONNECT = 7, + SSL_ERROR_WANT_ACCEPT = 8, + SSL_ERROR_SYSCALL = 5, + SSL_ERROR_WANT_X509_LOOKUP = 83, + SSL_ERROR_ZERO_RETURN = 6, + SSL_ERROR_SSL = 85, + + SSL_SENT_SHUTDOWN = 1, + SSL_RECEIVED_SHUTDOWN = 2, + SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER = 4, + SSL_OP_NO_SSLv2 = 8, + + SSL_R_SSL_HANDSHAKE_FAILURE = 101, + SSL_R_TLSV1_ALERT_UNKNOWN_CA = 102, + SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN = 103, + SSL_R_SSLV3_ALERT_BAD_CERTIFICATE = 104, + + PEM_BUFSIZE = 1024 +}; + + +#ifndef NO_PSK + typedef unsigned int (*psk_client_callback)(CYASSL*, const char*, char*, + unsigned int, unsigned char*, unsigned int); + CYASSL_API void CyaSSL_CTX_set_psk_client_callback(CYASSL_CTX*, + psk_client_callback); + CYASSL_API void CyaSSL_set_psk_client_callback(CYASSL*,psk_client_callback); + + CYASSL_API const char* CyaSSL_get_psk_identity_hint(const CYASSL*); + CYASSL_API const char* CyaSSL_get_psk_identity(const CYASSL*); + + CYASSL_API int CyaSSL_CTX_use_psk_identity_hint(CYASSL_CTX*, const char*); + CYASSL_API int CyaSSL_use_psk_identity_hint(CYASSL*, const char*); + + typedef unsigned int (*psk_server_callback)(CYASSL*, const char*, + unsigned char*, unsigned int); + CYASSL_API void CyaSSL_CTX_set_psk_server_callback(CYASSL_CTX*, + psk_server_callback); + CYASSL_API void CyaSSL_set_psk_server_callback(CYASSL*,psk_server_callback); + + #define PSK_TYPES_DEFINED +#endif /* NO_PSK */ + + +/* extra begins */ + +enum { /* ERR Constants */ + ERR_TXT_STRING = 1 +}; + +CYASSL_API unsigned long CyaSSL_ERR_get_error_line_data(const char**, int*, + const char**, int *); + +CYASSL_API unsigned long CyaSSL_ERR_get_error(void); +CYASSL_API void CyaSSL_ERR_clear_error(void); + + +CYASSL_API int CyaSSL_RAND_status(void); +CYASSL_API int CyaSSL_RAND_bytes(unsigned char* buf, int num); +CYASSL_API CYASSL_METHOD *CyaSSLv23_server_method(void); +CYASSL_API long CyaSSL_CTX_set_options(CYASSL_CTX*, long); +CYASSL_API int CyaSSL_CTX_check_private_key(CYASSL_CTX*); + + +CYASSL_API void CyaSSL_ERR_free_strings(void); +CYASSL_API void CyaSSL_ERR_remove_state(unsigned long); +CYASSL_API void CyaSSL_EVP_cleanup(void); + +CYASSL_API void CyaSSL_cleanup_all_ex_data(void); +CYASSL_API long CyaSSL_CTX_set_mode(CYASSL_CTX* ctx, long mode); +CYASSL_API long CyaSSL_CTX_get_mode(CYASSL_CTX* ctx); +CYASSL_API void CyaSSL_CTX_set_default_read_ahead(CYASSL_CTX* ctx, int m); + +CYASSL_API long CyaSSL_CTX_sess_set_cache_size(CYASSL_CTX*, long); + +CYASSL_API int CyaSSL_CTX_set_default_verify_paths(CYASSL_CTX*); +CYASSL_API int CyaSSL_CTX_set_session_id_context(CYASSL_CTX*, + const unsigned char*, unsigned int); +CYASSL_API CYASSL_X509* CyaSSL_get_peer_certificate(CYASSL* ssl); + +CYASSL_API int CyaSSL_want_read(CYASSL*); +CYASSL_API int CyaSSL_want_write(CYASSL*); + +CYASSL_API int CyaSSL_BIO_printf(CYASSL_BIO*, const char*, ...); +CYASSL_API int CyaSSL_ASN1_UTCTIME_print(CYASSL_BIO*, + const CYASSL_ASN1_UTCTIME*); +CYASSL_API int CyaSSL_sk_num(CYASSL_X509_REVOKED*); +CYASSL_API void* CyaSSL_sk_value(CYASSL_X509_REVOKED*, int); + +/* stunnel 4.28 needs */ +CYASSL_API void* CyaSSL_CTX_get_ex_data(const CYASSL_CTX*, int); +CYASSL_API int CyaSSL_CTX_set_ex_data(CYASSL_CTX*, int, void*); +CYASSL_API void CyaSSL_CTX_sess_set_get_cb(CYASSL_CTX*, + CYASSL_SESSION*(*f)(CYASSL*, unsigned char*, int, int*)); +CYASSL_API void CyaSSL_CTX_sess_set_new_cb(CYASSL_CTX*, + int (*f)(CYASSL*, CYASSL_SESSION*)); +CYASSL_API void CyaSSL_CTX_sess_set_remove_cb(CYASSL_CTX*, + void (*f)(CYASSL_CTX*, CYASSL_SESSION*)); + +CYASSL_API int CyaSSL_i2d_SSL_SESSION(CYASSL_SESSION*,unsigned char**); +CYASSL_API CYASSL_SESSION* CyaSSL_d2i_SSL_SESSION(CYASSL_SESSION**,const unsigned char**, + long); + +CYASSL_API long CyaSSL_SESSION_get_timeout(const CYASSL_SESSION*); +CYASSL_API long CyaSSL_SESSION_get_time(const CYASSL_SESSION*); +CYASSL_API int CyaSSL_CTX_get_ex_new_index(long, void*, void*, void*, void*); + +/* extra ends */ + + +/* CyaSSL extensions */ + +/* call before SSL_connect, if verifying will add name check to + date check and signature check */ +CYASSL_API int CyaSSL_check_domain_name(CYASSL* ssl, const char* dn); + +/* need to call once to load library (session cache) */ +CYASSL_API int CyaSSL_Init(void); +/* call when done to cleanup/free session cache mutex / resources */ +CYASSL_API int CyaSSL_Cleanup(void); + +/* turn logging on, only if compiled in */ +CYASSL_API int CyaSSL_Debugging_ON(void); +/* turn logging off */ +CYASSL_API void CyaSSL_Debugging_OFF(void); + +/* do accept or connect depedning on side */ +CYASSL_API int CyaSSL_negotiate(CYASSL* ssl); +/* turn on CyaSSL data compression */ +CYASSL_API int CyaSSL_set_compression(CYASSL* ssl); + +/* get CyaSSL peer X509_CHAIN */ +CYASSL_API CYASSL_X509_CHAIN* CyaSSL_get_peer_chain(CYASSL* ssl); +/* peer chain count */ +CYASSL_API int CyaSSL_get_chain_count(CYASSL_X509_CHAIN* chain); +/* index cert length */ +CYASSL_API int CyaSSL_get_chain_length(CYASSL_X509_CHAIN*, int idx); +/* index cert */ +CYASSL_API unsigned char* CyaSSL_get_chain_cert(CYASSL_X509_CHAIN*, int idx); +/* get index cert in PEM */ +CYASSL_API int CyaSSL_get_chain_cert_pem(CYASSL_X509_CHAIN*, int idx, + unsigned char* buffer, int inLen, int* outLen); +CYASSL_API const unsigned char* CyaSSL_get_sessionID(const CYASSL_SESSION* s); +CYASSL_API int CyaSSL_X509_get_serial_number(CYASSL_X509*,unsigned char*,int*); + +/* connect enough to get peer cert */ +CYASSL_API int CyaSSL_connect_cert(CYASSL* ssl); + +/* server CTX Diffie-Hellman parameters */ +CYASSL_API int CyaSSL_SetTmpDH(CYASSL*, unsigned char* p, int pSz, + unsigned char* g, int gSz); + +#ifndef _WIN32 + #ifndef NO_WRITEV + #ifdef __PPU + #include + #include + #else + #include + #endif + /* allow writev style writing */ + CYASSL_API int CyaSSL_writev(CYASSL* ssl, const struct iovec* iov, + int iovcnt); + #endif +#endif + + +/* SSL_CTX versions */ +CYASSL_API int CyaSSL_CTX_load_verify_buffer(CYASSL_CTX*, const unsigned char*, + long, int); +CYASSL_API int CyaSSL_CTX_use_certificate_buffer(CYASSL_CTX*, + const unsigned char*, long, int); +CYASSL_API int CyaSSL_CTX_use_PrivateKey_buffer(CYASSL_CTX*, + const unsigned char*, long, int); +CYASSL_API int CyaSSL_CTX_use_certificate_chain_buffer(CYASSL_CTX*, + const unsigned char*, long); +/* SSL versions */ +CYASSL_API int CyaSSL_use_certificate_buffer(CYASSL*, const unsigned char*, + long, int); +CYASSL_API int CyaSSL_use_PrivateKey_buffer(CYASSL*, const unsigned char*, long, + int); +CYASSL_API int CyaSSL_use_certificate_chain_buffer(CYASSL*, + const unsigned char*, long); + +/* I/O callbacks */ +typedef int (*CallbackIORecv)(char *buf, int sz, void *ctx); +typedef int (*CallbackIOSend)(char *buf, int sz, void *ctx); + +CYASSL_API void CyaSSL_SetIORecv(CYASSL_CTX*, CallbackIORecv); +CYASSL_API void CyaSSL_SetIOSend(CYASSL_CTX*, CallbackIOSend); + +CYASSL_API void CyaSSL_SetIOReadCtx(CYASSL* ssl, void *ctx); +CYASSL_API void CyaSSL_SetIOWriteCtx(CYASSL* ssl, void *ctx); + + +#ifdef CYASSL_CALLBACKS + +/* used internally by CyaSSL while OpenSSL types aren't */ +#include + +typedef int (*HandShakeCallBack)(HandShakeInfo*); +typedef int (*TimeoutCallBack)(TimeoutInfo*); + +/* CyaSSL connect extension allowing HandShakeCallBack and/or TimeoutCallBack + for diagnostics */ +CYASSL_API int CyaSSL_connect_ex(CYASSL*, HandShakeCallBack, TimeoutCallBack, + Timeval); +CYASSL_API int CyaSSL_accept_ex(CYASSL*, HandShakeCallBack, TimeoutCallBack, + Timeval); + +#endif /* CYASSL_CALLBACKS */ + + + + +#ifdef __cplusplus + } /* extern "C" */ +#endif + + +#endif /* CYASSL_SSL_H */ + diff --git a/src/internal.c b/src/internal.c index 5d8cdeba2..cce35b111 100644 --- a/src/internal.c +++ b/src/internal.c @@ -53,22 +53,22 @@ #endif -int CyaSSL_negotiate(SSL*); +int CyaSSL_negotiate(CYASSL*); #ifndef NO_CYASSL_CLIENT - static int DoHelloVerifyRequest(SSL* ssl, const byte* input, word32*); - static int DoServerHello(SSL* ssl, const byte* input, word32*); - static int DoCertificateRequest(SSL* ssl, const byte* input, word32*); - static int DoServerKeyExchange(SSL* ssl, const byte* input, word32*); + static int DoHelloVerifyRequest(CYASSL* ssl, const byte* input, word32*); + static int DoServerHello(CYASSL* ssl, const byte* input, word32*); + static int DoCertificateRequest(CYASSL* ssl, const byte* input, word32*); + static int DoServerKeyExchange(CYASSL* ssl, const byte* input, word32*); #endif #ifndef NO_CYASSL_SERVER - static int DoClientHello(SSL* ssl, const byte* input, word32*, word32, + static int DoClientHello(CYASSL* ssl, const byte* input, word32*, word32, word32); - static int DoCertificateVerify(SSL* ssl, byte*, word32*, word32); - static int DoClientKeyExchange(SSL* ssl, byte* input, word32*); + static int DoCertificateVerify(CYASSL* ssl, byte*, word32*, word32); + static int DoClientKeyExchange(CYASSL* ssl, byte* input, word32*); #endif typedef enum { @@ -81,10 +81,10 @@ typedef enum { runProcessingOneMessage } processReply; -static void Hmac(SSL* ssl, byte* digest, const byte* buffer, word32 sz, +static void Hmac(CYASSL* ssl, byte* digest, const byte* buffer, word32 sz, int content, int verify); -static void BuildCertHashes(SSL* ssl, Hashes* hashes); +static void BuildCertHashes(CYASSL* ssl, Hashes* hashes); #ifndef min @@ -97,7 +97,7 @@ static void BuildCertHashes(SSL* ssl, Hashes* hashes); #endif /* min */ -int IsTLS(const SSL* ssl) +int IsTLS(const CYASSL* ssl) { if (ssl->version.major == SSLv3_MAJOR && ssl->version.minor >=TLSv1_MINOR) return 1; @@ -106,7 +106,7 @@ int IsTLS(const SSL* ssl) } -int IsAtLeastTLSv1_2(const SSL* ssl) +int IsAtLeastTLSv1_2(const CYASSL* ssl) { if (ssl->version.major == SSLv3_MAJOR && ssl->version.minor >=TLSv1_2_MINOR) return 1; @@ -236,7 +236,7 @@ static INLINE void ato32(const byte* c, word32* u32) /* init zlib comp/decomp streams, 0 on success */ - static int InitStreams(SSL* ssl) + static int InitStreams(CYASSL* ssl) { ssl->c_stream.zalloc = (alloc_func)myAlloc; ssl->c_stream.zfree = (free_func)myFree; @@ -256,7 +256,7 @@ static INLINE void ato32(const byte* c, word32* u32) } - static void FreeStreams(SSL* ssl) + static void FreeStreams(CYASSL* ssl) { if (ssl->didStreamInit) { deflateEnd(&ssl->c_stream); @@ -266,7 +266,7 @@ static INLINE void ato32(const byte* c, word32* u32) /* compress in to out, return out size or error */ - static int Compress(SSL* ssl, byte* in, int inSz, byte* out, int outSz) + static int Compress(CYASSL* ssl, byte* in, int inSz, byte* out, int outSz) { int err; int currTotal = ssl->c_stream.total_out; @@ -289,7 +289,7 @@ static INLINE void ato32(const byte* c, word32* u32) /* decompress in to out, returnn out size or error */ - static int DeCompress(SSL* ssl, byte* in, int inSz, byte* out, int outSz) + static int DeCompress(CYASSL* ssl, byte* in, int inSz, byte* out, int outSz) { int err; int currTotal = ssl->d_stream.total_out; @@ -314,7 +314,7 @@ static INLINE void ato32(const byte* c, word32* u32) #endif /* HAVE_LIBZ */ -void InitSSL_Method(SSL_METHOD* method, ProtocolVersion pv) +void InitSSL_Method(CYASSL_METHOD* method, ProtocolVersion pv) { method->version = pv; method->side = CLIENT_END; @@ -325,7 +325,7 @@ void InitSSL_Method(SSL_METHOD* method, ProtocolVersion pv) } -void InitSSL_Ctx(SSL_CTX* ctx, SSL_METHOD* method) +void InitSSL_Ctx(CYASSL_CTX* ctx, CYASSL_METHOD* method) { ctx->method = method; ctx->certificate.buffer = 0; @@ -384,7 +384,7 @@ void InitSSL_Ctx(SSL_CTX* ctx, SSL_METHOD* method) /* In case contexts are held in array and don't want to free actual ctx */ -void SSL_CtxResourceFree(SSL_CTX* ctx) +void SSL_CtxResourceFree(CYASSL_CTX* ctx) { XFREE(ctx->privateKey.buffer, ctx->heap, DYNAMIC_TYPE_KEY); XFREE(ctx->certificate.buffer, ctx->heap, DYNAMIC_TYPE_CERT); @@ -395,7 +395,7 @@ void SSL_CtxResourceFree(SSL_CTX* ctx) } -void FreeSSL_Ctx(SSL_CTX* ctx) +void FreeSSL_Ctx(CYASSL_CTX* ctx) { SSL_CtxResourceFree(ctx); XFREE(ctx, ctx->heap, DYNAMIC_TYPE_CTX); @@ -626,7 +626,7 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveDH, byte havePSK, } -int InitSSL(SSL* ssl, SSL_CTX* ctx) +int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx) { int ret; byte havePSK = 0; @@ -727,7 +727,7 @@ int InitSSL(SSL* ssl, SSL_CTX* ctx) ssl->options.quietShutdown = ctx->quietShutdown; ssl->options.certOnly = 0; - /* SSL_CTX still owns certificate, certChain, key, and caList buffers */ + /* CYASSL_CTX still owns certificate, certChain, key, and caList buffers */ ssl->buffers.certificate = ctx->certificate; ssl->buffers.certChain = ctx->certChain; ssl->buffers.key = ctx->privateKey; @@ -807,11 +807,11 @@ int InitSSL(SSL* ssl, SSL_CTX* ctx) } -int BIO_free(BIO*); /* cyassl_int doesn't have */ +int CyaSSL_BIO_free(CYASSL_BIO*); /* internal doesn't have */ /* In case holding SSL object in array and don't want to free actual ssl */ -void SSL_ResourceFree(SSL* ssl) +void SSL_ResourceFree(CYASSL* ssl) { XFREE(ssl->buffers.serverDH_Priv.buffer, ssl->heap, DYNAMIC_TYPE_DH); XFREE(ssl->buffers.serverDH_Pub.buffer, ssl->heap, DYNAMIC_TYPE_DH); @@ -819,7 +819,7 @@ void SSL_ResourceFree(SSL* ssl) XFREE(ssl->buffers.serverDH_P.buffer, ssl->heap, DYNAMIC_TYPE_DH); XFREE(ssl->buffers.domainName.buffer, ssl->heap, DYNAMIC_TYPE_DOMAIN); - /* SSL_CTX always owns certChain */ + /* CYASSL_CTX always owns certChain */ if (ssl->buffers.weOwnCert) XFREE(ssl->buffers.certificate.buffer, ssl->heap, DYNAMIC_TYPE_CERT); if (ssl->buffers.weOwnKey) @@ -831,9 +831,9 @@ void SSL_ResourceFree(SSL* ssl) if (ssl->buffers.outputBuffer.dynamicFlag) ShrinkOutputBuffer(ssl); #if defined(OPENSSL_EXTRA) || defined(GOAHEAD_WS) - BIO_free(ssl->biord); + CyaSSL_BIO_free(ssl->biord); if (ssl->biord != ssl->biowr) /* in case same as write */ - BIO_free(ssl->biowr); + CyaSSL_BIO_free(ssl->biowr); #endif #ifdef HAVE_LIBZ FreeStreams(ssl); @@ -847,7 +847,7 @@ void SSL_ResourceFree(SSL* ssl) } -void FreeSSL(SSL* ssl) +void FreeSSL(CYASSL* ssl) { SSL_ResourceFree(ssl); XFREE(ssl, ssl->heap, DYNAMIC_TYPE_SSL); @@ -951,7 +951,7 @@ ProtocolVersion MakeDTLSv1(void) /* add output to md5 and sha handshake hashes, exclude record header */ -static void HashOutput(SSL* ssl, const byte* output, int sz, int ivSz) +static void HashOutput(CYASSL* ssl, const byte* output, int sz, int ivSz) { const byte* adj = output + RECORD_HEADER_SZ + ivSz; sz -= RECORD_HEADER_SZ; @@ -973,7 +973,7 @@ static void HashOutput(SSL* ssl, const byte* output, int sz, int ivSz) /* add input to md5 and sha handshake hashes, include handshake header */ -static void HashInput(SSL* ssl, const byte* input, int sz) +static void HashInput(CYASSL* ssl, const byte* input, int sz) { const byte* adj = input - HANDSHAKE_HEADER_SZ; sz += HANDSHAKE_HEADER_SZ; @@ -995,7 +995,7 @@ static void HashInput(SSL* ssl, const byte* input, int sz) /* add record layer header for message */ -static void AddRecordHeader(byte* output, word32 length, byte type, SSL* ssl) +static void AddRecordHeader(byte* output, word32 length, byte type, CYASSL* ssl) { RecordLayerHeader* rl; @@ -1021,7 +1021,8 @@ static void AddRecordHeader(byte* output, word32 length, byte type, SSL* ssl) /* add handshake header for message */ -static void AddHandShakeHeader(byte* output, word32 length, byte type, SSL* ssl) +static void AddHandShakeHeader(byte* output, word32 length, byte type, + CYASSL* ssl) { HandShakeHeader* hs; (void)ssl; @@ -1045,7 +1046,7 @@ static void AddHandShakeHeader(byte* output, word32 length, byte type, SSL* ssl) /* add both headers for handshake message */ -static void AddHeaders(byte* output, word32 length, byte type, SSL* ssl) +static void AddHeaders(byte* output, word32 length, byte type, CYASSL* ssl) { if (!ssl->options.dtls) { AddRecordHeader(output, length + HANDSHAKE_HEADER_SZ, handshake, ssl); @@ -1061,7 +1062,7 @@ static void AddHeaders(byte* output, word32 length, byte type, SSL* ssl) /* return bytes received, -1 on error */ -static int Receive(SSL* ssl, byte* buf, word32 sz) +static int Receive(CYASSL* ssl, byte* buf, word32 sz) { int recvd; @@ -1109,7 +1110,7 @@ retry: /* Switch dynamic output buffer back to static, buffer is assumed clear */ -void ShrinkOutputBuffer(SSL* ssl) +void ShrinkOutputBuffer(CYASSL* ssl) { CYASSL_MSG("Shrinking output buffer\n"); XFREE(ssl->buffers.outputBuffer.buffer, ssl->heap, DYNAMIC_TYPE_OUT_BUFFER); @@ -1121,7 +1122,7 @@ void ShrinkOutputBuffer(SSL* ssl) /* Switch dynamic input buffer back to static, keep any remaining input */ /* forced free means cleaning up */ -void ShrinkInputBuffer(SSL* ssl, int forcedFree) +void ShrinkInputBuffer(CYASSL* ssl, int forcedFree) { int usedLength = ssl->buffers.inputBuffer.length - ssl->buffers.inputBuffer.idx; @@ -1144,7 +1145,7 @@ void ShrinkInputBuffer(SSL* ssl, int forcedFree) } -int SendBuffered(SSL* ssl) +int SendBuffered(CYASSL* ssl) { while (ssl->buffers.outputBuffer.length > 0) { int sent = ssl->ctx->CBIOSend((char*)ssl->buffers.outputBuffer.buffer + @@ -1203,7 +1204,7 @@ int SendBuffered(SSL* ssl) /* Grow the output buffer, should only be to send cert, should be blank */ -static INLINE int GrowOutputBuffer(SSL* ssl, int size) +static INLINE int GrowOutputBuffer(CYASSL* ssl, int size) { byte* tmp = (byte*) XMALLOC(size + ssl->buffers.outputBuffer.length, ssl->heap, DYNAMIC_TYPE_OUT_BUFFER); @@ -1227,7 +1228,7 @@ static INLINE int GrowOutputBuffer(SSL* ssl, int size) /* Grow the input buffer, should only be to read cert or big app data */ -static INLINE int GrowInputBuffer(SSL* ssl, int size, int usedLength) +static INLINE int GrowInputBuffer(CYASSL* ssl, int size, int usedLength) { byte* tmp = (byte*) XMALLOC(size + usedLength, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); @@ -1253,7 +1254,7 @@ static INLINE int GrowInputBuffer(SSL* ssl, int size, int usedLength) /* check avalaible size into output buffer */ -static INLINE int CheckAvalaibleSize(SSL *ssl, int size) +static INLINE int CheckAvalaibleSize(CYASSL *ssl, int size) { if ((word32)size > ssl->buffers.outputBuffer.bufferSize) if (GrowOutputBuffer(ssl, size) < 0) @@ -1271,7 +1272,7 @@ static INLINE int CheckAvalaibleSize(SSL *ssl, int size) } /* do all verify and sanity checks on record header */ -static int GetRecordHeader(SSL* ssl, const byte* input, word32* inOutIdx, +static int GetRecordHeader(CYASSL* ssl, const byte* input, word32* inOutIdx, RecordLayerHeader* rh, word16 *size) { if (!ssl->options.dtls) { @@ -1329,7 +1330,7 @@ static int GetRecordHeader(SSL* ssl, const byte* input, word32* inOutIdx, } -static int GetHandShakeHeader(SSL* ssl, const byte* input, word32* inOutIdx, +static int GetHandShakeHeader(CYASSL* ssl, const byte* input, word32* inOutIdx, byte *type, word32 *size) { const byte *ptr = input + *inOutIdx; @@ -1367,7 +1368,7 @@ static const byte PAD2[PAD_MD5] = }; /* calculate MD5 hash for finished */ -static void BuildMD5(SSL* ssl, Hashes* hashes, const byte* sender) +static void BuildMD5(CYASSL* ssl, Hashes* hashes, const byte* sender) { byte md5_result[MD5_DIGEST_SIZE]; @@ -1387,7 +1388,7 @@ static void BuildMD5(SSL* ssl, Hashes* hashes, const byte* sender) /* calculate SHA hash for finished */ -static void BuildSHA(SSL* ssl, Hashes* hashes, const byte* sender) +static void BuildSHA(CYASSL* ssl, Hashes* hashes, const byte* sender) { byte sha_result[SHA_DIGEST_SIZE]; @@ -1406,7 +1407,7 @@ static void BuildSHA(SSL* ssl, Hashes* hashes, const byte* sender) } -static void BuildFinished(SSL* ssl, Hashes* hashes, const byte* sender) +static void BuildFinished(CYASSL* ssl, Hashes* hashes, const byte* sender) { /* store current states, building requires get_digest which resets state */ Md5 md5 = ssl->hashMd5; @@ -1435,7 +1436,7 @@ static void BuildFinished(SSL* ssl, Hashes* hashes, const byte* sender) } -static int DoCertificate(SSL* ssl, byte* input, word32* inOutIdx) +static int DoCertificate(CYASSL* ssl, byte* input, word32* inOutIdx) { word32 listSz, i = *inOutIdx; int ret = 0; @@ -1610,7 +1611,7 @@ static int DoCertificate(SSL* ssl, byte* input, word32* inOutIdx) why = certificate_expired; if (ssl->ctx->verifyCallback) { int ok; - X509_STORE_CTX store; + CYASSL_X509_STORE_CTX store; store.error = ret; store.error_depth = totalCerts; @@ -1639,7 +1640,7 @@ static int DoCertificate(SSL* ssl, byte* input, word32* inOutIdx) } -int DoFinished(SSL* ssl, const byte* input, word32* inOutIdx, int sniff) +int DoFinished(CYASSL* ssl, const byte* input, word32* inOutIdx, int sniff) { byte verifyMAC[SHA256_DIGEST_SIZE]; int finishedSz = ssl->options.tls ? TLS_FINISHED_SZ : FINISHED_SZ; @@ -1704,7 +1705,7 @@ int DoFinished(SSL* ssl, const byte* input, word32* inOutIdx, int sniff) } -static int DoHandShakeMsg(SSL* ssl, byte* input, word32* inOutIdx, +static int DoHandShakeMsg(CYASSL* ssl, byte* input, word32* inOutIdx, word32 totalSz) { byte type; @@ -1803,7 +1804,7 @@ static int DoHandShakeMsg(SSL* ssl, byte* input, word32* inOutIdx, } -static INLINE void Encrypt(SSL* ssl, byte* out, const byte* input, word32 sz) +static INLINE void Encrypt(CYASSL* ssl, byte* out, const byte* input, word32 sz) { switch (ssl->specs.bulk_cipher_algorithm) { #ifdef BUILD_ARC4 @@ -1851,7 +1852,8 @@ static INLINE void Encrypt(SSL* ssl, byte* out, const byte* input, word32 sz) } -static INLINE void Decrypt(SSL* ssl, byte* plain, const byte* input, word32 sz) +static INLINE void Decrypt(CYASSL* ssl, byte* plain, const byte* input, + word32 sz) { switch (ssl->specs.bulk_cipher_algorithm) { #ifdef BUILD_ARC4 @@ -1891,7 +1893,7 @@ static INLINE void Decrypt(SSL* ssl, byte* plain, const byte* input, word32 sz) /* decrypt input message in place */ -static int DecryptMessage(SSL* ssl, byte* input, word32 sz, word32* idx) +static int DecryptMessage(CYASSL* ssl, byte* input, word32 sz, word32* idx) { Decrypt(ssl, input, input, sz); ssl->keys.encryptSz = sz; @@ -1902,7 +1904,7 @@ static int DecryptMessage(SSL* ssl, byte* input, word32 sz, word32* idx) } -static INLINE word32 GetSEQIncrement(SSL* ssl, int verify) +static INLINE word32 GetSEQIncrement(CYASSL* ssl, int verify) { if (verify) return ssl->keys.peer_sequence_number++; @@ -1911,7 +1913,7 @@ static INLINE word32 GetSEQIncrement(SSL* ssl, int verify) } -int DoApplicationData(SSL* ssl, byte* input, word32* inOutIdx) +int DoApplicationData(CYASSL* ssl, byte* input, word32* inOutIdx) { word32 msgSz = ssl->keys.encryptSz; word32 pad = 0, @@ -1992,7 +1994,7 @@ int DoApplicationData(SSL* ssl, byte* input, word32* inOutIdx) /* process alert, return level */ -static int DoAlert(SSL* ssl, byte* input, word32* inOutIdx, int* type) +static int DoAlert(CYASSL* ssl, byte* input, word32* inOutIdx, int* type) { byte level; @@ -2036,7 +2038,7 @@ static int DoAlert(SSL* ssl, byte* input, word32* inOutIdx, int* type) return level; } -static int GetInputData(SSL *ssl, word32 size) +static int GetInputData(CYASSL *ssl, word32 size) { int in; int inSz; @@ -2094,7 +2096,7 @@ static int GetInputData(SSL *ssl, word32 size) /* process input requests, return 0 is done, 1 is call again to complete, and negative number is error */ -int ProcessReply(SSL* ssl) +int ProcessReply(CYASSL* ssl) { int ret, type, readSz; word32 startIdx = 0; @@ -2341,7 +2343,7 @@ int ProcessReply(SSL* ssl) } -int SendChangeCipher(SSL* ssl) +int SendChangeCipher(CYASSL* ssl) { byte *output; int sendSz = RECORD_HEADER_SZ + ENUM_LEN; @@ -2378,7 +2380,7 @@ int SendChangeCipher(SSL* ssl) } -static INLINE const byte* GetMacSecret(SSL* ssl, int verify) +static INLINE const byte* GetMacSecret(CYASSL* ssl, int verify) { if ( (ssl->options.side == CLIENT_END && !verify) || (ssl->options.side == SERVER_END && verify) ) @@ -2388,7 +2390,7 @@ static INLINE const byte* GetMacSecret(SSL* ssl, int verify) } -static void Hmac(SSL* ssl, byte* digest, const byte* in, word32 sz, +static void Hmac(CYASSL* ssl, byte* digest, const byte* in, word32 sz, int content, int verify) { byte result[SHA256_DIGEST_SIZE]; /* max possible sizes */ @@ -2442,7 +2444,7 @@ static void Hmac(SSL* ssl, byte* digest, const byte* in, word32 sz, } -static void BuildMD5_CertVerify(SSL* ssl, byte* digest) +static void BuildMD5_CertVerify(CYASSL* ssl, byte* digest) { byte md5_result[MD5_DIGEST_SIZE]; @@ -2460,7 +2462,7 @@ static void BuildMD5_CertVerify(SSL* ssl, byte* digest) } -static void BuildSHA_CertVerify(SSL* ssl, byte* digest) +static void BuildSHA_CertVerify(CYASSL* ssl, byte* digest) { byte sha_result[SHA_DIGEST_SIZE]; @@ -2478,7 +2480,7 @@ static void BuildSHA_CertVerify(SSL* ssl, byte* digest) } -static void BuildCertHashes(SSL* ssl, Hashes* hashes) +static void BuildCertHashes(CYASSL* ssl, Hashes* hashes) { /* store current states, building requires get_digest which resets state */ Md5 md5 = ssl->hashMd5; @@ -2510,7 +2512,7 @@ static void BuildCertHashes(SSL* ssl, Hashes* hashes) /* Build SSL Message, encrypted */ -static int BuildMessage(SSL* ssl, byte* output, const byte* input, int inSz, +static int BuildMessage(CYASSL* ssl, byte* output, const byte* input, int inSz, int type) { word32 digestSz = ssl->specs.hash_size; @@ -2569,7 +2571,7 @@ static int BuildMessage(SSL* ssl, byte* output, const byte* input, int inSz, } -int SendFinished(SSL* ssl) +int SendFinished(CYASSL* ssl) { int sendSz, finishedSz = ssl->options.tls ? TLS_FINISHED_SZ : @@ -2637,7 +2639,7 @@ int SendFinished(SSL* ssl) } -int SendCertificate(SSL* ssl) +int SendCertificate(CYASSL* ssl) { int sendSz, length, ret = 0; word32 i = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ; @@ -2716,7 +2718,7 @@ int SendCertificate(SSL* ssl) } -int SendCertificateRequest(SSL* ssl) +int SendCertificateRequest(CYASSL* ssl) { byte *output; int ret; @@ -2778,7 +2780,7 @@ int SendCertificateRequest(SSL* ssl) } -int SendData(SSL* ssl, const void* data, int sz) +int SendData(CYASSL* ssl, const void* data, int sz) { int sent = 0, /* plainText size */ sendSz, @@ -2875,7 +2877,7 @@ int SendData(SSL* ssl, const void* data, int sz) } /* process input data */ -int ReceiveData(SSL* ssl, byte* output, int sz) +int ReceiveData(CYASSL* ssl, byte* output, int sz) { int size; @@ -2927,7 +2929,7 @@ int ReceiveData(SSL* ssl, byte* output, int sz) /* send alert message */ -int SendAlert(SSL* ssl, int severity, int type) +int SendAlert(CYASSL* ssl, int severity, int type) { byte input[ALERT_SIZE]; byte *output; @@ -3477,7 +3479,7 @@ int cipher_name_idx[] = /* return true if set, else false */ /* only supports full name from cipher_name[] delimited by : */ -int SetCipherList(SSL_CTX* ctx, const char* list) +int SetCipherList(CYASSL_CTX* ctx, const char* list) { int ret = 0, i; char name[MAX_SUITE_NAME]; @@ -3548,7 +3550,7 @@ int SetCipherList(SSL_CTX* ctx, const char* list) } /* Set Final HandShakeInfo parameters */ - void FinishHandShakeInfo(HandShakeInfo* info, const SSL* ssl) + void FinishHandShakeInfo(HandShakeInfo* info, const CYASSL* ssl) { int i; int sz = sizeof(cipher_name_idx)/sizeof(int); @@ -3680,7 +3682,7 @@ int SetCipherList(SSL_CTX* ctx, const char* list) /* client only parts */ #ifndef NO_CYASSL_CLIENT - int SendClientHello(SSL* ssl) + int SendClientHello(CYASSL* ssl) { byte *output; word32 length, idx = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ; @@ -3775,7 +3777,7 @@ int SetCipherList(SSL_CTX* ctx, const char* list) } - static int DoHelloVerifyRequest(SSL* ssl, const byte* input, + static int DoHelloVerifyRequest(CYASSL* ssl, const byte* input, word32* inOutIdx) { ProtocolVersion pv; @@ -3799,7 +3801,7 @@ int SetCipherList(SSL_CTX* ctx, const char* list) } - static int DoServerHello(SSL* ssl, const byte* input, word32* inOutIdx) + static int DoServerHello(CYASSL* ssl, const byte* input, word32* inOutIdx) { byte b; byte compression; @@ -3888,7 +3890,7 @@ int SetCipherList(SSL_CTX* ctx, const char* list) /* just read in and ignore for now TODO: */ - static int DoCertificateRequest(SSL* ssl, const byte* input, word32* + static int DoCertificateRequest(CYASSL* ssl, const byte* input, word32* inOutIdx) { word16 len; @@ -3933,7 +3935,7 @@ int SetCipherList(SSL_CTX* ctx, const char* list) } - static int DoServerKeyExchange(SSL* ssl, const byte* input, + static int DoServerKeyExchange(CYASSL* ssl, const byte* input, word32* inOutIdx) { #if defined(OPENSSL_EXTRA) || defined(HAVE_ECC) @@ -4147,7 +4149,7 @@ int SetCipherList(SSL_CTX* ctx, const char* list) } - int SendClientKeyExchange(SSL* ssl) + int SendClientKeyExchange(CYASSL* ssl) { byte encSecret[MAX_NTRU_ENCRYPT_SZ]; word32 encSz = 0; @@ -4351,7 +4353,7 @@ int SetCipherList(SSL_CTX* ctx, const char* list) return ret; } - int SendCertificateVerify(SSL* ssl) + int SendCertificateVerify(CYASSL* ssl) { byte *output; int sendSz = 0, length, ret; @@ -4452,7 +4454,7 @@ int SetCipherList(SSL_CTX* ctx, const char* list) #ifndef NO_CYASSL_SERVER - int SendServerHello(SSL* ssl) + int SendServerHello(CYASSL* ssl) { byte *output; word32 length, idx = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ; @@ -4566,7 +4568,7 @@ int SetCipherList(SSL_CTX* ctx, const char* list) #endif /* HAVE_ECC */ - int SendServerKeyExchange(SSL* ssl) + int SendServerKeyExchange(CYASSL* ssl) { int ret = 0; (void)ssl; @@ -4984,7 +4986,7 @@ int SetCipherList(SSL_CTX* ctx, const char* list) } - static int MatchSuite(SSL* ssl, Suites* peerSuites) + static int MatchSuite(CYASSL* ssl, Suites* peerSuites) { word16 i, j; @@ -5008,7 +5010,7 @@ int SetCipherList(SSL_CTX* ctx, const char* list) /* process old style client hello, deprecate? */ - int ProcessOldClientHello(SSL* ssl, const byte* input, word32* inOutIdx, + int ProcessOldClientHello(CYASSL* ssl, const byte* input, word32* inOutIdx, word32 inSz, word16 sz) { word32 idx = *inOutIdx; @@ -5130,7 +5132,7 @@ int SetCipherList(SSL_CTX* ctx, const char* list) /* DoClientHello uses same resume code */ while (ssl->options.resuming) { /* let's try */ int ret; - SSL_SESSION* session = GetSession(ssl, ssl->arrays.masterSecret); + CYASSL_SESSION* session = GetSession(ssl, ssl->arrays.masterSecret); if (!session) { ssl->options.resuming = 0; break; /* session lookup failed */ @@ -5152,7 +5154,7 @@ int SetCipherList(SSL_CTX* ctx, const char* list) } - static int DoClientHello(SSL* ssl, const byte* input, word32* inOutIdx, + static int DoClientHello(CYASSL* ssl, const byte* input, word32* inOutIdx, word32 totalSz, word32 helloSz) { byte b; @@ -5283,7 +5285,7 @@ int SetCipherList(SSL_CTX* ctx, const char* list) /* ProcessOld uses same resume code */ while (ssl->options.resuming) { /* let's try */ int ret; - SSL_SESSION* session = GetSession(ssl, ssl->arrays.masterSecret); + CYASSL_SESSION* session = GetSession(ssl, ssl->arrays.masterSecret); if (!session) { ssl->options.resuming = 0; CYASSL_MSG("Session lookup for resume failed"); @@ -5305,7 +5307,7 @@ int SetCipherList(SSL_CTX* ctx, const char* list) } - static int DoCertificateVerify(SSL* ssl, byte* input, word32* inOutsz, + static int DoCertificateVerify(CYASSL* ssl, byte* input, word32* inOutsz, word32 totalSz) { word16 sz = 0; @@ -5368,7 +5370,7 @@ int SetCipherList(SSL_CTX* ctx, const char* list) } - int SendServerHelloDone(SSL* ssl) + int SendServerHelloDone(CYASSL* ssl) { byte *output; int sendSz = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ; @@ -5404,7 +5406,7 @@ int SetCipherList(SSL_CTX* ctx, const char* list) } - int SendHelloVerifyRequest(SSL* ssl) + int SendHelloVerifyRequest(CYASSL* ssl) { byte* output; int length = VERSION_SZ + ENUM_LEN; @@ -5442,7 +5444,7 @@ int SetCipherList(SSL_CTX* ctx, const char* list) } - static int DoClientKeyExchange(SSL* ssl, byte* input, + static int DoClientKeyExchange(CYASSL* ssl, byte* input, word32* inOutIdx) { int ret = 0; diff --git a/src/io.c b/src/io.c index fc9ce3286..30a5f0450 100644 --- a/src/io.c +++ b/src/io.c @@ -202,25 +202,25 @@ int EmbedSend(char *buf, int sz, void *ctx) #endif /* CYASSL_USER_IO */ -CYASSL_API void CyaSSL_SetIORecv(SSL_CTX *ctx, CallbackIORecv CBIORecv) +CYASSL_API void CyaSSL_SetIORecv(CYASSL_CTX *ctx, CallbackIORecv CBIORecv) { ctx->CBIORecv = CBIORecv; } -CYASSL_API void CyaSSL_SetIOSend(SSL_CTX *ctx, CallbackIOSend CBIOSend) +CYASSL_API void CyaSSL_SetIOSend(CYASSL_CTX *ctx, CallbackIOSend CBIOSend) { ctx->CBIOSend = CBIOSend; } -CYASSL_API void CyaSSL_SetIOReadCtx(SSL* ssl, void *rctx) +CYASSL_API void CyaSSL_SetIOReadCtx(CYASSL* ssl, void *rctx) { ssl->IOCB_ReadCtx = rctx; } -CYASSL_API void CyaSSL_SetIOWriteCtx(SSL* ssl, void *wctx) +CYASSL_API void CyaSSL_SetIOWriteCtx(CYASSL* ssl, void *wctx) { ssl->IOCB_WriteCtx = wctx; } diff --git a/src/keys.c b/src/keys.c index 6baadb00f..880cf58bd 100644 --- a/src/keys.c +++ b/src/keys.c @@ -31,7 +31,7 @@ #endif -int SetCipherSpecs(SSL* ssl) +int SetCipherSpecs(CYASSL* ssl) { #ifdef HAVE_ECC /* ECC extensions */ @@ -646,7 +646,7 @@ static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs, /* TLS can call too */ -int StoreKeys(SSL* ssl, const byte* keyData) +int StoreKeys(CYASSL* ssl, const byte* keyData) { int sz = ssl->specs.hash_size, i; @@ -671,7 +671,7 @@ int StoreKeys(SSL* ssl, const byte* keyData) } -int DeriveKeys(SSL* ssl) +int DeriveKeys(CYASSL* ssl) { int length = 2 * ssl->specs.hash_size + 2 * ssl->specs.key_size + @@ -719,7 +719,7 @@ int DeriveKeys(SSL* ssl) } -static void CleanPreMaster(SSL* ssl) +static void CleanPreMaster(CYASSL* ssl) { int i, sz = ssl->arrays.preMasterSz; @@ -735,7 +735,7 @@ static void CleanPreMaster(SSL* ssl) /* Create and store the master secret see page 32, 6.1 */ -int MakeMasterSecret(SSL* ssl) +int MakeMasterSecret(CYASSL* ssl) { byte shaOutput[SHA_DIGEST_SIZE]; byte md5Input[ENCRYPT_LEN + SHA_DIGEST_SIZE]; diff --git a/src/sniffer.c b/src/sniffer.c index 7a5c5c54f..b52303d23 100644 --- a/src/sniffer.c +++ b/src/sniffer.c @@ -39,8 +39,8 @@ #ifdef CYASSL_SNIFFER #include -#include -#include +#include +#include #include #include diff --git a/src/ssl.c b/src/ssl.c index 8ff928049..463f562f8 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -30,7 +30,7 @@ #define TRUE 1 #define FALSE 0 -#include +#include #include #include #include @@ -49,6 +49,7 @@ #include #include #include + #include #endif @@ -63,19 +64,20 @@ -SSL_CTX* SSL_CTX_new(SSL_METHOD* method) +CYASSL_CTX* CyaSSL_CTX_new(CYASSL_METHOD* method) { - SSL_CTX* ctx = (SSL_CTX*) XMALLOC(sizeof(SSL_CTX), 0, DYNAMIC_TYPE_CTX); - CYASSL_ENTER("SSL_CTX_new"); + CYASSL_CTX* ctx = (CYASSL_CTX*) XMALLOC(sizeof(CYASSL_CTX), 0, + DYNAMIC_TYPE_CTX); + CYASSL_ENTER("CYASSL_CTX_new"); if (ctx) InitSSL_Ctx(ctx, method); - CYASSL_LEAVE("SSL_CTX_new", 0); + CYASSL_LEAVE("CYASSL_CTX_new", 0); return ctx; } -void SSL_CTX_free(SSL_CTX* ctx) +void CyaSSL_CTX_free(CYASSL_CTX* ctx) { CYASSL_ENTER("SSL_CTX_free"); if (ctx) @@ -84,9 +86,9 @@ void SSL_CTX_free(SSL_CTX* ctx) } -SSL* SSL_new(SSL_CTX* ctx) +CYASSL* CyaSSL_new(CYASSL_CTX* ctx) { - SSL* ssl = (SSL*) XMALLOC(sizeof(SSL), ctx->heap, DYNAMIC_TYPE_SSL); + CYASSL* ssl = (CYASSL*) XMALLOC(sizeof(CYASSL), ctx->heap,DYNAMIC_TYPE_SSL); CYASSL_ENTER("SSL_new"); if (ssl) if (InitSSL(ssl, ctx) < 0) { @@ -99,7 +101,7 @@ SSL* SSL_new(SSL_CTX* ctx) } -void SSL_free(SSL* ssl) +void CyaSSL_free(CYASSL* ssl) { CYASSL_ENTER("SSL_free"); if (ssl) @@ -108,7 +110,7 @@ void SSL_free(SSL* ssl) } -int SSL_set_fd(SSL* ssl, int fd) +int CyaSSL_set_fd(CYASSL* ssl, int fd) { CYASSL_ENTER("SSL_set_fd"); ssl->rfd = fd; /* not used directly to allow IO callbacks */ @@ -122,7 +124,7 @@ int SSL_set_fd(SSL* ssl, int fd) } -int SSL_get_fd(const SSL* ssl) +int CyaSSL_get_fd(const CYASSL* ssl) { CYASSL_ENTER("SSL_get_fd"); CYASSL_LEAVE("SSL_get_fd", ssl->rfd); @@ -130,19 +132,19 @@ int SSL_get_fd(const SSL* ssl) } -int CyaSSL_negotiate(SSL* ssl) +int CyaSSL_negotiate(CYASSL* ssl) { int err = SSL_FATAL_ERROR; CYASSL_ENTER("CyaSSL_negotiate"); #ifndef NO_CYASSL_SERVER if (ssl->options.side == SERVER_END) - err = SSL_accept(ssl); + err = CyaSSL_accept(ssl); #endif #ifndef NO_CYASSL_CLIENT if (ssl->options.side == CLIENT_END) - err = SSL_connect(ssl); + err = CyaSSL_connect(ssl); #endif CYASSL_LEAVE("CyaSSL_negotiate", err); @@ -155,7 +157,8 @@ int CyaSSL_negotiate(SSL* ssl) /* server CTX Diffie-Hellman parameters */ -int CyaSSL_SetTmpDH(SSL* ssl, unsigned char* p,int pSz,unsigned char* g,int gSz) +int CyaSSL_SetTmpDH(CYASSL* ssl, unsigned char* p, int pSz, unsigned char* g, + int gSz) { byte havePSK = 0; @@ -200,7 +203,7 @@ int CyaSSL_SetTmpDH(SSL* ssl, unsigned char* p,int pSz,unsigned char* g,int gSz) } -int SSL_write(SSL* ssl, const void* data, int sz) +int CyaSSL_write(CYASSL* ssl, const void* data, int sz) { int ret; @@ -221,7 +224,7 @@ int SSL_write(SSL* ssl, const void* data, int sz) } -int SSL_read(SSL* ssl, void* data, int sz) +int CyaSSL_read(CYASSL* ssl, void* data, int sz) { int ret; @@ -242,7 +245,7 @@ int SSL_read(SSL* ssl, void* data, int sz) } -int SSL_shutdown(SSL* ssl) +int CyaSSL_shutdown(CYASSL* ssl) { CYASSL_ENTER("SSL_shutdown()"); @@ -270,7 +273,7 @@ int SSL_shutdown(SSL* ssl) } -int SSL_get_error(SSL* ssl, int ret) +int CyaSSL_get_error(CYASSL* ssl, int ret) { CYASSL_ENTER("SSL_get_error"); CYASSL_LEAVE("SSL_get_error", ssl->error); @@ -287,7 +290,7 @@ int SSL_get_error(SSL* ssl, int ret) } -int SSL_want_read(SSL* ssl) +int CyaSSL_want_read(CYASSL* ssl) { CYASSL_ENTER("SSL_want_read"); if (ssl->error == WANT_READ) @@ -297,7 +300,7 @@ int SSL_want_read(SSL* ssl) } -int SSL_want_write(SSL* ssl) +int CyaSSL_want_write(CYASSL* ssl) { CYASSL_ENTER("SSL_want_write"); if (ssl->error == WANT_WRITE) @@ -307,7 +310,7 @@ int SSL_want_write(SSL* ssl) } -char* ERR_error_string(unsigned long errNumber, char* data) +char* CyaSSL_ERR_error_string(unsigned long errNumber, char* data) { static const char* msg = "Please supply a buffer for error string"; @@ -321,20 +324,20 @@ char* ERR_error_string(unsigned long errNumber, char* data) } -void ERR_error_string_n(unsigned long e, char* buf, unsigned long len) +void CyaSSL_ERR_error_string_n(unsigned long e, char* buf, unsigned long len) { - CYASSL_ENTER("ERR_error_string_n"); - if (len) ERR_error_string(e, buf); + CYASSL_ENTER("CyaSSL_ERR_error_string_n"); + if (len) CyaSSL_ERR_error_string(e, buf); } #ifndef NO_FILESYSTEM -void ERR_print_errors_fp(FILE* fp, int err) +void CyaSSL_ERR_print_errors_fp(FILE* fp, int err) { char data[MAX_ERROR_SZ + 1]; - CYASSL_ENTER("ERR_print_errors_fp"); + CYASSL_ENTER("CyaSSL_ERR_print_errors_fp"); SetErrorString(err, data); fprintf(fp, "%s", data); } @@ -342,7 +345,7 @@ void ERR_print_errors_fp(FILE* fp, int err) #endif -int SSL_pending(SSL* ssl) +int CyaSSL_pending(CYASSL* ssl) { CYASSL_ENTER("SSL_pending"); return ssl->buffers.clearOutputBuffer.length; @@ -352,7 +355,7 @@ int SSL_pending(SSL* ssl) static CyaSSL_Mutex ca_mutex; /* CA signers mutex */ /* does CA already exist on list */ -int IsCA(SSL_CTX* ctx, byte* hash) +int IsCA(CYASSL_CTX* ctx, byte* hash) { Signer* signers; int ret = 0; @@ -394,7 +397,7 @@ Signer* GetCA(Signer* signers, byte* hash) /* owns der, cyassl_int now uses too */ -int AddCA(SSL_CTX* ctx, buffer der) +int AddCA(CYASSL_CTX* ctx, buffer der) { int ret; DecodedCert cert; @@ -468,7 +471,7 @@ int AddCA(SSL_CTX* ctx, buffer der) typedef struct SessionRow { int nextIdx; /* where to place next one */ int totalCount; /* sessions ever on this row */ - SSL_SESSION Sessions[SESSIONS_PER_ROW]; + CYASSL_SESSION Sessions[SESSIONS_PER_ROW]; } SessionRow; static SessionRow SessionCache[SESSION_ROWS]; @@ -643,8 +646,8 @@ int AddCA(SSL_CTX* ctx, buffer der) /* process the buffer buff, legnth sz, into ctx of format and type used tracks bytes consumed, userChain specifies a user cert chain to pass during the handshake */ - static int ProcessBuffer(SSL_CTX* ctx, const unsigned char* buff, - long sz, int format, int type, SSL* ssl, + static int ProcessBuffer(CYASSL_CTX* ctx, const unsigned char* buff, + long sz, int format, int type, CYASSL* ssl, long* used, int userChain) { EncryptedInfo info; @@ -900,8 +903,8 @@ int AddCA(SSL_CTX* ctx, buffer der) /* CA PEM file for verification, may have multiple/chain certs to process */ -static int ProcessChainBuffer(SSL_CTX* ctx, const unsigned char* buff, - long sz, int format, int type, SSL* ssl) +static int ProcessChainBuffer(CYASSL_CTX* ctx, const unsigned char* buff, + long sz, int format, int type, CYASSL* ssl) { long used = 0; int ret = 0; @@ -955,8 +958,8 @@ static int ProcessChainBuffer(SSL_CTX* ctx, const unsigned char* buff, /* process a file with name fname into ctx of format and type userChain specifies a user certificate chain to pass during handshake */ -static int ProcessFile(SSL_CTX* ctx, const char* fname, int format, int type, - SSL* ssl, int userChain) +static int ProcessFile(CYASSL_CTX* ctx, const char* fname, int format, int type, + CYASSL* ssl, int userChain) { byte staticBuffer[FILE_BUFFER_SIZE]; byte* myBuffer = staticBuffer; @@ -998,7 +1001,7 @@ static int ProcessFile(SSL_CTX* ctx, const char* fname, int format, int type, /* just one for now TODO: add dir support from path */ -int SSL_CTX_load_verify_locations(SSL_CTX* ctx, const char* file, +int CyaSSL_CTX_load_verify_locations(CYASSL_CTX* ctx, const char* file, const char* path) { CYASSL_ENTER("SSL_CTX_load_verify_locations"); @@ -1017,7 +1020,8 @@ int SSL_CTX_load_verify_locations(SSL_CTX* ctx, const char* file, #ifdef CYASSL_DER_LOAD /* Add format parameter to allow DER load of CA files */ -int CyaSSL_CTX_load_verify_locations(SSL_CTX* ctx, const char* file, int format) +int CyaSSL_CTX_load_verify_locations(CYASSL_CTX* ctx, const char* file, + int format) { CYASSL_ENTER("CyaSSL_CTX_load_verify_locations"); if (ctx == NULL || file == NULL) @@ -1089,7 +1093,8 @@ int CyaSSL_PemCertToDer(const char* fileName, unsigned char* derBuf, int derSz) #endif /* CYASSL_CERT_GEN */ -int SSL_CTX_use_certificate_file(SSL_CTX* ctx, const char* file, int format) +int CyaSSL_CTX_use_certificate_file(CYASSL_CTX* ctx, const char* file, + int format) { CYASSL_ENTER("SSL_CTX_use_certificate_file"); if (ProcessFile(ctx, file, format, CERT_TYPE, NULL, 0) == SSL_SUCCESS) @@ -1099,7 +1104,7 @@ int SSL_CTX_use_certificate_file(SSL_CTX* ctx, const char* file, int format) } -int SSL_CTX_use_PrivateKey_file(SSL_CTX* ctx, const char* file, int format) +int CyaSSL_CTX_use_PrivateKey_file(CYASSL_CTX* ctx, const char* file,int format) { CYASSL_ENTER("SSL_CTX_use_PrivateKey_file"); if (ProcessFile(ctx, file, format, PRIVATEKEY_TYPE, NULL, 0) == SSL_SUCCESS) @@ -1109,7 +1114,7 @@ int SSL_CTX_use_PrivateKey_file(SSL_CTX* ctx, const char* file, int format) } -int SSL_CTX_use_certificate_chain_file(SSL_CTX* ctx, const char* file) +int CyaSSL_CTX_use_certificate_chain_file(CYASSL_CTX* ctx, const char* file) { /* procces up to MAX_CHAIN_DEPTH plus subject cert */ CYASSL_ENTER("SSL_CTX_use_certificate_chain_file"); @@ -1122,7 +1127,7 @@ int SSL_CTX_use_certificate_chain_file(SSL_CTX* ctx, const char* file) #ifdef HAVE_NTRU -int CyaSSL_CTX_use_NTRUPrivateKey_file(SSL_CTX* ctx, const char* file) +int CyaSSL_CTX_use_NTRUPrivateKey_file(CYASSL_CTX* ctx, const char* file) { CYASSL_ENTER("CyaSSL_CTX_use_NTRUPrivateKey_file"); if (ProcessFile(ctx, file, SSL_FILETYPE_RAW, PRIVATEKEY_TYPE, NULL, 0) @@ -1140,7 +1145,8 @@ int CyaSSL_CTX_use_NTRUPrivateKey_file(SSL_CTX* ctx, const char* file) #ifdef OPENSSL_EXTRA - int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX* ctx,const char* file,int format) + int CyaSSL_CTX_use_RSAPrivateKey_file(CYASSL_CTX* ctx,const char* file, + int format) { CYASSL_ENTER("SSL_CTX_use_RSAPrivateKey_file"); if (ProcessFile(ctx, file,format,PRIVATEKEY_TYPE,NULL,0) == SSL_SUCCESS) @@ -1154,7 +1160,7 @@ int CyaSSL_CTX_use_NTRUPrivateKey_file(SSL_CTX* ctx, const char* file) #endif /* NO_FILESYSTEM */ -void SSL_CTX_set_verify(SSL_CTX* ctx, int mode, VerifyCallback vc) +void CyaSSL_CTX_set_verify(CYASSL_CTX* ctx, int mode, VerifyCallback vc) { CYASSL_ENTER("SSL_CTX_set_verify"); if (mode & SSL_VERIFY_PEER) { @@ -1176,14 +1182,14 @@ void SSL_CTX_set_verify(SSL_CTX* ctx, int mode, VerifyCallback vc) #ifndef NO_SESSION_CACHE -SSL_SESSION* SSL_get_session(SSL* ssl) +CYASSL_SESSION* CyaSSL_get_session(CYASSL* ssl) { CYASSL_ENTER("SSL_get_session"); return GetSession(ssl, 0); } -int SSL_set_session(SSL* ssl, SSL_SESSION* session) +int CyaSSL_set_session(CYASSL* ssl, CYASSL_SESSION* session) { CYASSL_ENTER("SSL_set_session"); if (session) @@ -1195,11 +1201,11 @@ int SSL_set_session(SSL* ssl, SSL_SESSION* session) #endif /* NO_SESSION_CACHE */ -void SSL_load_error_strings(void) /* compatibility only */ +void CyaSSL_load_error_strings(void) /* compatibility only */ {} -int SSL_library_init(void) +int CyaSSL_library_init(void) { CYASSL_ENTER("SSL_library_init"); if (CyaSSL_Init() == 0) @@ -1212,7 +1218,7 @@ int SSL_library_init(void) #ifndef NO_SESSION_CACHE /* on by default if built in but allow user to turn off */ -long SSL_CTX_set_session_cache_mode(SSL_CTX* ctx, long mode) +long CyaSSL_CTX_set_session_cache_mode(CYASSL_CTX* ctx, long mode) { CYASSL_ENTER("SSL_CTX_set_session_cache_mode"); if (mode == SSL_SESS_CACHE_OFF) @@ -1227,7 +1233,7 @@ long SSL_CTX_set_session_cache_mode(SSL_CTX* ctx, long mode) #endif /* NO_SESSION_CACHE */ -int SSL_CTX_set_cipher_list(SSL_CTX* ctx, const char* list) +int CyaSSL_CTX_set_cipher_list(CYASSL_CTX* ctx, const char* list) { CYASSL_ENTER("SSL_CTX_set_cipher_list"); if (SetCipherList(ctx, list)) @@ -1240,10 +1246,11 @@ int SSL_CTX_set_cipher_list(SSL_CTX* ctx, const char* list) /* client only parts */ #ifndef NO_CYASSL_CLIENT - SSL_METHOD* SSLv3_client_method(void) + CYASSL_METHOD* CyaSSLv3_client_method(void) { - SSL_METHOD* method = (SSL_METHOD*) XMALLOC(sizeof(SSL_METHOD), 0, - DYNAMIC_TYPE_METHOD); + CYASSL_METHOD* method = + (CYASSL_METHOD*) XMALLOC(sizeof(CYASSL_METHOD), 0, + DYNAMIC_TYPE_METHOD); CYASSL_ENTER("SSLv3_client_method"); if (method) InitSSL_Method(method, MakeSSLv3()); @@ -1251,9 +1258,10 @@ int SSL_CTX_set_cipher_list(SSL_CTX* ctx, const char* list) } #ifdef CYASSL_DTLS - SSL_METHOD* DTLSv1_client_method(void) + CYASSL_METHOD* CyaDTLSv1_client_method(void) { - SSL_METHOD* method = (SSL_METHOD*) XMALLOC(sizeof(SSL_METHOD), 0, + CYASSL_METHOD* method = + (CYASSL_METHOD*) XMALLOC(sizeof(CYASSL_METHOD), 0, DYNAMIC_TYPE_METHOD); CYASSL_ENTER("DTLSv1_client_method"); if (method) @@ -1264,7 +1272,7 @@ int SSL_CTX_set_cipher_list(SSL_CTX* ctx, const char* list) /* please see note at top of README if you get an error from connect */ - int SSL_connect(SSL* ssl) + int CyaSSL_connect(CYASSL* ssl) { int neededState; @@ -1457,10 +1465,11 @@ int SSL_CTX_set_cipher_list(SSL_CTX* ctx, const char* list) /* server only parts */ #ifndef NO_CYASSL_SERVER - SSL_METHOD* SSLv3_server_method(void) + CYASSL_METHOD* CyaSSLv3_server_method(void) { - SSL_METHOD* method = (SSL_METHOD*) XMALLOC(sizeof(SSL_METHOD), 0, - DYNAMIC_TYPE_METHOD); + CYASSL_METHOD* method = + (CYASSL_METHOD*) XMALLOC(sizeof(CYASSL_METHOD), 0, + DYNAMIC_TYPE_METHOD); CYASSL_ENTER("SSLv3_server_method"); if (method) { InitSSL_Method(method, MakeSSLv3()); @@ -1471,9 +1480,10 @@ int SSL_CTX_set_cipher_list(SSL_CTX* ctx, const char* list) #ifdef CYASSL_DTLS - SSL_METHOD* DTLSv1_server_method(void) + CYASSL_METHOD* CyaDTLSv1_server_method(void) { - SSL_METHOD* method = (SSL_METHOD*) XMALLOC(sizeof(SSL_METHOD), 0, + CYASSL_METHOD* method = + (CYASSL_METHOD*) XMALLOC(sizeof(CYASSL_METHOD), 0, DYNAMIC_TYPE_METHOD); CYASSL_ENTER("DTLSv1_server_method"); if (method) { @@ -1485,7 +1495,7 @@ int SSL_CTX_set_cipher_list(SSL_CTX* ctx, const char* list) #endif - int SSL_accept(SSL* ssl) + int CyaSSL_accept(CYASSL* ssl) { byte havePSK = 0; CYASSL_ENTER("SSL_accept()"); @@ -1729,7 +1739,7 @@ static INLINE word32 HashSession(const byte* sessionID) } -void SSL_flush_sessions(SSL_CTX* ctx, long tm) +void CyaSSL_flush_sessions(CYASSL_CTX* ctx, long tm) { /* static table now, no flusing needed */ (void)ctx; @@ -1737,9 +1747,9 @@ void SSL_flush_sessions(SSL_CTX* ctx, long tm) } -SSL_SESSION* GetSession(SSL* ssl, byte* masterSecret) +CYASSL_SESSION* GetSession(CYASSL* ssl, byte* masterSecret) { - SSL_SESSION* ret = 0; + CYASSL_SESSION* ret = 0; const byte* id = ssl->arrays.sessionID; word32 row; int idx; @@ -1758,7 +1768,7 @@ SSL_SESSION* GetSession(SSL* ssl, byte* masterSecret) idx = SessionCache[row].nextIdx - 1; for (; idx >= 0; idx--) { - SSL_SESSION* current; + CYASSL_SESSION* current; if (idx >= SESSIONS_PER_ROW) /* server could have restarted, idx */ break; /* would be word32(-1) and seg fault */ @@ -1780,7 +1790,7 @@ SSL_SESSION* GetSession(SSL* ssl, byte* masterSecret) } -int SetSession(SSL* ssl, SSL_SESSION* session) +int SetSession(CYASSL* ssl, CYASSL_SESSION* session) { if (ssl->options.sessionCacheOff) return SSL_FAILURE; @@ -1801,7 +1811,7 @@ int SetSession(SSL* ssl, SSL_SESSION* session) } -int AddSession(SSL* ssl) +int AddSession(CYASSL* ssl) { word32 row, idx; @@ -1896,7 +1906,7 @@ int AddSession(SSL* ssl) #else /* NO_SESSION_CACHE */ /* No session cache version */ -SSL_SESSION* GetSession(SSL* ssl, byte* masterSecret) +CYASSL_SESSION* GetSession(CYASSL* ssl, byte* masterSecret) { return NULL; } @@ -1906,7 +1916,7 @@ SSL_SESSION* GetSession(SSL* ssl, byte* masterSecret) /* call before SSL_connect, if verifying will add name check to date check and signature check */ -int CyaSSL_check_domain_name(SSL* ssl, const char* dn) +int CyaSSL_check_domain_name(CYASSL* ssl, const char* dn) { CYASSL_ENTER("CyaSSL_check_domain_name"); if (ssl->buffers.domainName.buffer) @@ -1931,7 +1941,7 @@ int CyaSSL_check_domain_name(SSL* ssl, const char* dn) /* turn on CyaSSL zlib compression returns 0 for success, else error (not built in) */ -int CyaSSL_set_compression(SSL* ssl) +int CyaSSL_set_compression(CYASSL* ssl) { CYASSL_ENTER("CyaSSL_set_compression"); (void)ssl; @@ -1949,7 +1959,7 @@ int CyaSSL_set_compression(SSL* ssl) /* simulate writev semantics, doesn't actually do block at a time though because of SSL_write behavior and because front adds may be small */ - int CyaSSL_writev(SSL* ssl, const struct iovec* iov, int iovcnt) + int CyaSSL_writev(CYASSL* ssl, const struct iovec* iov, int iovcnt) { byte tmp[OUTPUT_RECORD_SIZE]; byte* myBuffer = tmp; @@ -1978,7 +1988,7 @@ int CyaSSL_set_compression(SSL* ssl) idx += iov[i].iov_len; } - ret = SSL_write(ssl, myBuffer, send); + ret = CyaSSL_write(ssl, myBuffer, send); if (newBuffer) XFREE(myBuffer, ssl->heap, DYNAMIC_TYPE_WRITEV); @@ -2029,7 +2039,7 @@ int CyaSSL_set_compression(SSL* ssl) } - static int CyaSSL_ex_wrapper(SSL* ssl, HandShakeCallBack hsCb, + static int CyaSSL_ex_wrapper(CYASSL* ssl, HandShakeCallBack hsCb, TimeoutCallBack toCb, Timeval timeout) { int ret = SSL_FATAL_ERROR; @@ -2091,11 +2101,11 @@ int CyaSSL_set_compression(SSL* ssl) /* do main work */ #ifndef NO_CYASSL_CLIENT if (ssl->options.side == CLIENT_END) - ret = SSL_connect(ssl); + ret = CyaSSL_connect(ssl); #endif #ifndef NO_CYASSL_SERVER if (ssl->options.side == SERVER_END) - ret = SSL_accept(ssl); + ret = CyaSSL_accept(ssl); #endif /* do callbacks */ @@ -2143,7 +2153,7 @@ int CyaSSL_set_compression(SSL* ssl) #ifndef NO_CYASSL_CLIENT - int CyaSSL_connect_ex(SSL* ssl, HandShakeCallBack hsCb, + int CyaSSL_connect_ex(CYASSL* ssl, HandShakeCallBack hsCb, TimeoutCallBack toCb, Timeval timeout) { CYASSL_ENTER("CyaSSL_connect_ex"); @@ -2155,7 +2165,7 @@ int CyaSSL_set_compression(SSL* ssl) #ifndef NO_CYASSL_SERVER - int CyaSSL_accept_ex(SSL* ssl, HandShakeCallBack hsCb, + int CyaSSL_accept_ex(CYASSL* ssl, HandShakeCallBack hsCb, TimeoutCallBack toCb,Timeval timeout) { CYASSL_ENTER("CyaSSL_accept_ex"); @@ -2169,7 +2179,8 @@ int CyaSSL_set_compression(SSL* ssl) #ifndef NO_PSK - void SSL_CTX_set_psk_client_callback(SSL_CTX* ctx, psk_client_callback cb) + void CyaSSL_CTX_set_psk_client_callback(CYASSL_CTX* ctx, + psk_client_callback cb) { CYASSL_ENTER("SSL_CTX_set_psk_client_callback"); ctx->havePSK = 1; @@ -2177,7 +2188,7 @@ int CyaSSL_set_compression(SSL* ssl) } - void SSL_set_psk_client_callback(SSL* ssl, psk_client_callback cb) + void CyaSSL_set_psk_client_callback(CYASSL* ssl, psk_client_callback cb) { CYASSL_ENTER("SSL_set_psk_client_callback"); ssl->options.havePSK = 1; @@ -2188,7 +2199,8 @@ int CyaSSL_set_compression(SSL* ssl) } - void SSL_CTX_set_psk_server_callback(SSL_CTX* ctx, psk_server_callback cb) + void CyaSSL_CTX_set_psk_server_callback(CYASSL_CTX* ctx, + psk_server_callback cb) { CYASSL_ENTER("SSL_CTX_set_psk_server_callback"); ctx->havePSK = 1; @@ -2196,7 +2208,7 @@ int CyaSSL_set_compression(SSL* ssl) } - void SSL_set_psk_server_callback(SSL* ssl, psk_server_callback cb) + void CyaSSL_set_psk_server_callback(CYASSL* ssl, psk_server_callback cb) { CYASSL_ENTER("SSL_set_psk_server_callback"); ssl->options.havePSK = 1; @@ -2208,21 +2220,21 @@ int CyaSSL_set_compression(SSL* ssl) } - const char* SSL_get_psk_identity_hint(const SSL* ssl) + const char* CyaSSL_get_psk_identity_hint(const CYASSL* ssl) { CYASSL_ENTER("SSL_get_psk_identity_hint"); return ssl->arrays.server_hint; } - const char* SSL_get_psk_identity(const SSL* ssl) + const char* CyaSSL_get_psk_identity(const CYASSL* ssl) { CYASSL_ENTER("SSL_get_psk_identity"); return ssl->arrays.client_identity; } - int SSL_CTX_use_psk_identity_hint(SSL_CTX* ctx, const char* hint) + int CyaSSL_CTX_use_psk_identity_hint(CYASSL_CTX* ctx, const char* hint) { CYASSL_ENTER("SSL_CTX_use_psk_identity_hint"); if (hint == 0) @@ -2233,7 +2245,7 @@ int CyaSSL_set_compression(SSL* ssl) } - int SSL_use_psk_identity_hint(SSL* ssl, const char* hint) + int CyaSSL_use_psk_identity_hint(CYASSL* ssl, const char* hint) { CYASSL_ENTER("SSL_use_psk_identity_hint"); if (hint == 0) @@ -2249,7 +2261,7 @@ int CyaSSL_set_compression(SSL* ssl) /* used to be defined on NO_FILESYSTEM only, but are generally useful */ /* CyaSSL extension allows DER files to be loaded from buffers as well */ - int CyaSSL_CTX_load_verify_buffer(SSL_CTX* ctx, const unsigned char* in, + int CyaSSL_CTX_load_verify_buffer(CYASSL_CTX* ctx, const unsigned char* in, long sz, int format) { CYASSL_ENTER("CyaSSL_CTX_load_verify_buffer"); @@ -2260,7 +2272,7 @@ int CyaSSL_set_compression(SSL* ssl) } - int CyaSSL_CTX_use_certificate_buffer(SSL_CTX* ctx, + int CyaSSL_CTX_use_certificate_buffer(CYASSL_CTX* ctx, const unsigned char* in, long sz, int format) { CYASSL_ENTER("CyaSSL_CTX_use_certificate_buffer"); @@ -2268,7 +2280,7 @@ int CyaSSL_set_compression(SSL* ssl) } - int CyaSSL_CTX_use_PrivateKey_buffer(SSL_CTX* ctx, + int CyaSSL_CTX_use_PrivateKey_buffer(CYASSL_CTX* ctx, const unsigned char* in, long sz, int format) { CYASSL_ENTER("CyaSSL_CTX_use_PrivateKey_buffer"); @@ -2276,7 +2288,7 @@ int CyaSSL_set_compression(SSL* ssl) } - int CyaSSL_CTX_use_certificate_chain_buffer(SSL_CTX* ctx, + int CyaSSL_CTX_use_certificate_chain_buffer(CYASSL_CTX* ctx, const unsigned char* in, long sz) { CYASSL_ENTER("CyaSSL_CTX_use_certificate_chain_buffer"); @@ -2284,7 +2296,7 @@ int CyaSSL_set_compression(SSL* ssl) NULL, 1); } - int CyaSSL_use_certificate_buffer(SSL* ssl, + int CyaSSL_use_certificate_buffer(CYASSL* ssl, const unsigned char* in, long sz, int format) { CYASSL_ENTER("CyaSSL_use_certificate_buffer"); @@ -2292,7 +2304,7 @@ int CyaSSL_set_compression(SSL* ssl) } - int CyaSSL_use_PrivateKey_buffer(SSL* ssl, + int CyaSSL_use_PrivateKey_buffer(CYASSL* ssl, const unsigned char* in, long sz, int format) { CYASSL_ENTER("CyaSSL_use_PrivateKey_buffer"); @@ -2301,7 +2313,7 @@ int CyaSSL_set_compression(SSL* ssl) } - int CyaSSL_use_certificate_chain_buffer(SSL* ssl, + int CyaSSL_use_certificate_chain_buffer(CYASSL* ssl, const unsigned char* in, long sz) { CYASSL_ENTER("CyaSSL_use_certificate_chain_buffer"); @@ -2315,15 +2327,15 @@ int CyaSSL_set_compression(SSL* ssl) #if defined(OPENSSL_EXTRA) || defined(GOAHEAD_WS) - int SSLeay_add_ssl_algorithms(void) + int CyaSSL_add_all_algorithms(void) { - CYASSL_ENTER("SSLeay_add_ssl_algorithms"); - OpenSSL_add_all_algorithms(); + CYASSL_ENTER("CyaSSL_add_all_algorithms"); + CyaSSL_Init(); return SSL_SUCCESS; } - long SSL_CTX_sess_set_cache_size(SSL_CTX* ctx, long sz) + long CyaSSL_CTX_sess_set_cache_size(CYASSL_CTX* ctx, long sz) { /* cache size fixed at compile time in CyaSSL */ (void)ctx; @@ -2332,7 +2344,7 @@ int CyaSSL_set_compression(SSL* ssl) } - void SSL_CTX_set_quiet_shutdown(SSL_CTX* ctx, int mode) + void CyaSSL_CTX_set_quiet_shutdown(CYASSL_CTX* ctx, int mode) { CYASSL_ENTER("SSL_CTX_set_quiet_shutdown"); if (mode) @@ -2340,7 +2352,7 @@ int CyaSSL_set_compression(SSL* ssl) } - int SSL_CTX_check_private_key(SSL_CTX* ctx) + int CyaSSL_CTX_check_private_key(CYASSL_CTX* ctx) { /* TODO: check private against public for RSA match */ (void)ctx; @@ -2349,32 +2361,33 @@ int CyaSSL_set_compression(SSL* ssl) } - void SSL_set_bio(SSL* ssl, BIO* rd, BIO* wr) + void CyaSSL_set_bio(CYASSL* ssl, CYASSL_BIO* rd, CYASSL_BIO* wr) { CYASSL_ENTER("SSL_set_bio"); - SSL_set_rfd(ssl, rd->fd); - SSL_set_wfd(ssl, wr->fd); + CyaSSL_set_rfd(ssl, rd->fd); + CyaSSL_set_wfd(ssl, wr->fd); ssl->biord = rd; ssl->biowr = wr; } - void SSL_CTX_set_client_CA_list(SSL_CTX* ctx, STACK_OF(X509_NAME)* names) + void CyaSSL_CTX_set_client_CA_list(CYASSL_CTX* ctx, + STACK_OF(CYASSL_X509_NAME)* names) { (void)ctx; (void)names; } - STACK_OF(X509_NAME)* SSL_load_client_CA_file(const char* fname) + STACK_OF(CYASSL_X509_NAME)* CyaSSL_load_client_CA_file(const char* fname) { (void)fname; return 0; } - int SSL_CTX_set_default_verify_paths(SSL_CTX* ctx) + int CyaSSL_CTX_set_default_verify_paths(CYASSL_CTX* ctx) { /* TODO:, not needed in goahead */ (void)ctx; @@ -2382,7 +2395,7 @@ int CyaSSL_set_compression(SSL* ssl) } - void SSL_set_accept_state(SSL* ssl) + void CyaSSL_set_accept_state(CYASSL* ssl) { byte havePSK = 0; @@ -2398,22 +2411,8 @@ int CyaSSL_set_compression(SSL* ssl) } - void OpenSSL_add_all_algorithms(void) - { - CYASSL_ENTER("OpenSSL_add_all_algorithms"); - CyaSSL_Init(); - } - - - int SSLeay_add_all_algorithms(void) - { - CYASSL_ENTER("SSLeay_add_all_algorithms"); - OpenSSL_add_all_algorithms(); - return SSL_SUCCESS; - } - - - void SSL_CTX_set_tmp_rsa_callback(SSL_CTX* ctx, RSA*(*f)(SSL*, int, int)) + void CyaSSL_CTX_set_tmp_rsa_callback(CYASSL_CTX* ctx, + CYASSL_RSA*(*f)(CYASSL*, int, int)) { /* CyaSSL verifies all these internally */ (void)ctx; @@ -2421,14 +2420,14 @@ int CyaSSL_set_compression(SSL* ssl) } - void SSL_set_shutdown(SSL* ssl, int opt) + void CyaSSL_set_shutdown(CYASSL* ssl, int opt) { (void)ssl; (void)opt; } - long SSL_CTX_set_options(SSL_CTX* ctx, long opt) + long CyaSSL_CTX_set_options(CYASSL_CTX* ctx, long opt) { /* goahead calls with 0, do nothing */ CYASSL_ENTER("SSL_CTX_set_options"); @@ -2437,7 +2436,7 @@ int CyaSSL_set_compression(SSL* ssl) } - int SSL_set_rfd(SSL* ssl, int rfd) + int CyaSSL_set_rfd(CYASSL* ssl, int rfd) { CYASSL_ENTER("SSL_set_rfd"); ssl->rfd = rfd; /* not used directly to allow IO callbacks */ @@ -2448,7 +2447,7 @@ int CyaSSL_set_compression(SSL* ssl) } - int SSL_set_wfd(SSL* ssl, int wfd) + int CyaSSL_set_wfd(CYASSL* ssl, int wfd) { CYASSL_ENTER("SSL_set_wfd"); ssl->wfd = wfd; /* not used directly to allow IO callbacks */ @@ -2459,8 +2458,8 @@ int CyaSSL_set_compression(SSL* ssl) } - RSA* RSA_generate_key(int len, unsigned long bits, void(*f)(int, - int, void*), void* data) + CYASSL_RSA* CyaSSL_RSA_generate_key(int len, unsigned long bits, + void(*f)(int, int, void*), void* data) { /* no tmp key needed, actual generation not supported */ CYASSL_ENTER("RSA_generate_key"); @@ -2472,14 +2471,14 @@ int CyaSSL_set_compression(SSL* ssl) } - X509_NAME* X509_get_issuer_name(X509* cert) + CYASSL_X509_NAME* CyaSSL_X509_get_issuer_name(CYASSL_X509* cert) { CYASSL_ENTER("X509_get_issuer_name"); return &cert->issuer; } - X509_NAME* X509_get_subject_name(X509* cert) + CYASSL_X509_NAME* CyaSSL_X509_get_subject_name(CYASSL_X509* cert) { CYASSL_ENTER("X509_get_subject_name"); return &cert->subject; @@ -2488,11 +2487,11 @@ int CyaSSL_set_compression(SSL* ssl) /* copy name into in buffer, at most sz bytes, if buffer is null will malloc buffer, call responsible for freeing */ - char* X509_NAME_oneline(X509_NAME* name, char* in, int sz) + char* CyaSSL_X509_NAME_oneline(CYASSL_X509_NAME* name, char* in, int sz) { int copySz = min(sz, name->sz); - CYASSL_ENTER("X509_NAME_oneline"); + CYASSL_ENTER("CyaSSL_X509_NAME_oneline"); if (!name->sz) return in; if (!in) { @@ -2511,30 +2510,31 @@ int CyaSSL_set_compression(SSL* ssl) } - X509* X509_STORE_CTX_get_current_cert(X509_STORE_CTX* ctx) + CYASSL_X509* CyaSSL_X509_STORE_CTX_get_current_cert( + CYASSL_X509_STORE_CTX* ctx) { (void)ctx; return 0; } - int X509_STORE_CTX_get_error(X509_STORE_CTX* ctx) + int CyaSSL_X509_STORE_CTX_get_error(CYASSL_X509_STORE_CTX* ctx) { (void)ctx; return 0; } - int X509_STORE_CTX_get_error_depth(X509_STORE_CTX* ctx) + int CyaSSL_X509_STORE_CTX_get_error_depth(CYASSL_X509_STORE_CTX* ctx) { (void)ctx; return 0; } - BIO_METHOD* BIO_f_buffer(void) + CYASSL_BIO_METHOD* CyaSSL_BIO_f_buffer(void) { - static BIO_METHOD meth; + static CYASSL_BIO_METHOD meth; CYASSL_ENTER("BIO_f_buffer"); meth.type = BIO_BUFFER; @@ -2543,7 +2543,7 @@ int CyaSSL_set_compression(SSL* ssl) } - long BIO_set_write_buffer_size(BIO* bio, long size) + long CyaSSL_BIO_set_write_buffer_size(CYASSL_BIO* bio, long size) { /* CyaSSL has internal buffer, compatibility only */ CYASSL_ENTER("BIO_set_write_buffer_size"); @@ -2552,9 +2552,9 @@ int CyaSSL_set_compression(SSL* ssl) } - BIO_METHOD* BIO_f_ssl(void) + CYASSL_BIO_METHOD* CyaSSL_BIO_f_ssl(void) { - static BIO_METHOD meth; + static CYASSL_BIO_METHOD meth; CYASSL_ENTER("BIO_f_ssl"); meth.type = BIO_SSL; @@ -2563,9 +2563,10 @@ int CyaSSL_set_compression(SSL* ssl) } - BIO* BIO_new_socket(int sfd, int closeF) + CYASSL_BIO* CyaSSL_BIO_new_socket(int sfd, int closeF) { - BIO* bio = (BIO*) XMALLOC(sizeof(BIO), 0, DYNAMIC_TYPE_OPENSSL); + CYASSL_BIO* bio = (CYASSL_BIO*) XMALLOC(sizeof(CYASSL_BIO), 0, + DYNAMIC_TYPE_OPENSSL); CYASSL_ENTER("BIO_new_socket"); if (bio) { @@ -2581,7 +2582,7 @@ int CyaSSL_set_compression(SSL* ssl) } - int BIO_eof(BIO* b) + int CyaSSL_BIO_eof(CYASSL_BIO* b) { CYASSL_ENTER("BIO_eof"); if (b->eof) @@ -2591,7 +2592,7 @@ int CyaSSL_set_compression(SSL* ssl) } - long BIO_set_ssl(BIO* b, SSL* ssl, int closeF) + long CyaSSL_BIO_set_ssl(CYASSL_BIO* b, CYASSL* ssl, int closeF) { CYASSL_ENTER("BIO_set_ssl"); b->ssl = ssl; @@ -2602,9 +2603,10 @@ int CyaSSL_set_compression(SSL* ssl) } - BIO* BIO_new(BIO_METHOD* method) + CYASSL_BIO* CyaSSL_BIO_new(CYASSL_BIO_METHOD* method) { - BIO* bio = (BIO*) XMALLOC(sizeof(BIO), 0, DYNAMIC_TYPE_OPENSSL); + CYASSL_BIO* bio = (CYASSL_BIO*) XMALLOC(sizeof(CYASSL_BIO), 0, + DYNAMIC_TYPE_OPENSSL); CYASSL_ENTER("BIO_new"); if (bio) { bio->type = method->type; @@ -2625,14 +2627,14 @@ int CyaSSL_set_compression(SSL* ssl) #define CloseSocket(s) close(s) #endif - int BIO_free(BIO* bio) + int CyaSSL_BIO_free(CYASSL_BIO* bio) { /* unchain?, doesn't matter in goahead since from free all */ CYASSL_ENTER("BIO_free"); if (bio) { if (bio->close) { if (bio->ssl) - SSL_free(bio->ssl); + CyaSSL_free(bio->ssl); if (bio->fd) CloseSocket(bio->fd); } @@ -2642,23 +2644,23 @@ int CyaSSL_set_compression(SSL* ssl) } - int BIO_free_all(BIO* bio) + int CyaSSL_BIO_free_all(CYASSL_BIO* bio) { CYASSL_ENTER("BIO_free_all"); while (bio) { - BIO* next = bio->next; - BIO_free(bio); + CYASSL_BIO* next = bio->next; + CyaSSL_BIO_free(bio); bio = next; } return 0; } - int BIO_read(BIO* bio, void* buf, int len) + int CyaSSL_BIO_read(CYASSL_BIO* bio, void* buf, int len) { int ret; - SSL* ssl = 0; - BIO* front = bio; + CYASSL* ssl = 0; + CYASSL_BIO* front = bio; CYASSL_ENTER("BIO_read"); /* already got eof, again is error */ @@ -2670,11 +2672,11 @@ int CyaSSL_set_compression(SSL* ssl) if (ssl == 0) return BAD_FUNC_ARG; - ret = SSL_read(ssl, buf, len); + ret = CyaSSL_read(ssl, buf, len); if (ret == 0) front->eof = 1; else if (ret < 0) { - int err = SSL_get_error(ssl, 0); + int err = CyaSSL_get_error(ssl, 0); if ( !(err == SSL_ERROR_WANT_READ || err == SSL_ERROR_WANT_WRITE) ) front->eof = 1; } @@ -2682,11 +2684,11 @@ int CyaSSL_set_compression(SSL* ssl) } - int BIO_write(BIO* bio, const void* data, int len) + int CyaSSL_BIO_write(CYASSL_BIO* bio, const void* data, int len) { int ret; - SSL* ssl = 0; - BIO* front = bio; + CYASSL* ssl = 0; + CYASSL_BIO* front = bio; CYASSL_ENTER("BIO_write"); /* already got eof, again is error */ @@ -2698,11 +2700,11 @@ int CyaSSL_set_compression(SSL* ssl) if (ssl == 0) return BAD_FUNC_ARG; - ret = SSL_write(ssl, data, len); + ret = CyaSSL_write(ssl, data, len); if (ret == 0) front->eof = 1; else if (ret < 0) { - int err = SSL_get_error(ssl, 0); + int err = CyaSSL_get_error(ssl, 0); if ( !(err == SSL_ERROR_WANT_READ || err == SSL_ERROR_WANT_WRITE) ) front->eof = 1; } @@ -2711,7 +2713,7 @@ int CyaSSL_set_compression(SSL* ssl) } - BIO* BIO_push(BIO* top, BIO* append) + CYASSL_BIO* CyaSSL_BIO_push(CYASSL_BIO* top, CYASSL_BIO* append) { CYASSL_ENTER("BIO_push"); top->next = append; @@ -2721,7 +2723,7 @@ int CyaSSL_set_compression(SSL* ssl) } - int BIO_flush(BIO* bio) + int CyaSSL_BIO_flush(CYASSL_BIO* bio) { /* for CyaSSL no flushing needed */ CYASSL_ENTER("BIO_flush"); @@ -2735,43 +2737,44 @@ int CyaSSL_set_compression(SSL* ssl) #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) - void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX* ctx, void* userdata) + void CyaSSL_CTX_set_default_passwd_cb_userdata(CYASSL_CTX* ctx, + void* userdata) { CYASSL_ENTER("SSL_CTX_set_default_passwd_cb_userdata"); ctx->userdata = userdata; } - void SSL_CTX_set_default_passwd_cb(SSL_CTX* ctx, pem_password_cb cb) + void CyaSSL_CTX_set_default_passwd_cb(CYASSL_CTX* ctx, pem_password_cb cb) { CYASSL_ENTER("SSL_CTX_set_default_passwd_cb"); ctx->passwd_cb = cb; } - int CRYPTO_num_locks(void) + int CyaSSL_num_locks(void) { return 0; } - void CRYPTO_set_locking_callback(void (*f)(int, int, const char*, int)) + void CyaSSL_set_locking_callback(void (*f)(int, int, const char*, int)) { (void)f; } - void CRYPTO_set_id_callback(unsigned long (*f)(void)) + void CyaSSL_set_id_callback(unsigned long (*f)(void)) { (void)f; } - unsigned long ERR_get_error(void) + unsigned long CyaSSL_ERR_get_error(void) { /* TODO: */ return 0; } - int EVP_BytesToKey(const EVP_CIPHER* type, const EVP_MD* md, - const byte* salt, const byte* data, int sz, int count, - byte* key, byte* iv) + int CyaSSL_EVP_BytesToKey(const CYASSL_EVP_CIPHER* type, + const CYASSL_EVP_MD* md, const byte* salt, + const byte* data, int sz, int count, byte* key, byte* iv) { int keyLen = 0; int ivLen = 0; @@ -2861,13 +2864,13 @@ int CyaSSL_set_compression(SSL* ssl) #ifdef OPENSSL_EXTRA - unsigned long SSLeay(void) + unsigned long CyaSSLeay(void) { return SSLEAY_VERSION_NUMBER; } - const char* SSLeay_version(int type) + const char* CyaSSLeay_version(int type) { static const char* version = "SSLeay CyaSSL compatibility"; (void)type; @@ -2875,7 +2878,7 @@ int CyaSSL_set_compression(SSL* ssl) } - void MD5_Init(MD5_CTX* md5) + void CyaSSL_MD5_Init(CYASSL_MD5_CTX* md5) { typedef char md5_test[sizeof(MD5_CTX) >= sizeof(Md5) ? 1 : -1]; (void)sizeof(md5_test); @@ -2885,21 +2888,22 @@ int CyaSSL_set_compression(SSL* ssl) } - void MD5_Update(MD5_CTX* md5, const void* input, unsigned long sz) + void CyaSSL_MD5_Update(CYASSL_MD5_CTX* md5, const void* input, + unsigned long sz) { - CYASSL_ENTER("MD5_Update"); + CYASSL_ENTER("CyaSSL_MD5_Update"); Md5Update((Md5*)md5, (const byte*)input, sz); } - void MD5_Final(byte* input, MD5_CTX* md5) + void CyaSSL_MD5_Final(byte* input, CYASSL_MD5_CTX* md5) { CYASSL_ENTER("MD5_Final"); Md5Final((Md5*)md5, input); } - void SHA_Init(SHA_CTX* sha) + void CyaSSL_SHA_Init(CYASSL_SHA_CTX* sha) { typedef char sha_test[sizeof(SHA_CTX) >= sizeof(Sha) ? 1 : -1]; (void)sizeof(sha_test); @@ -2909,42 +2913,44 @@ int CyaSSL_set_compression(SSL* ssl) } - void SHA_Update(SHA_CTX* sha, const void* input, unsigned long sz) + void CyaSSL_SHA_Update(CYASSL_SHA_CTX* sha, const void* input, + unsigned long sz) { CYASSL_ENTER("SHA_Update"); ShaUpdate((Sha*)sha, (const byte*)input, sz); } - void SHA_Final(byte* input, SHA_CTX* sha) + void CyaSSL_SHA_Final(byte* input, CYASSL_SHA_CTX* sha) { CYASSL_ENTER("SHA_Final"); ShaFinal((Sha*)sha, input); } - void SHA1_Init(SHA_CTX* sha) + void CyaSSL_SHA1_Init(CYASSL_SHA_CTX* sha) { CYASSL_ENTER("SHA1_Init"); SHA_Init(sha); } - void SHA1_Update(SHA_CTX* sha, const void* input, unsigned long sz) + void CyaSSL_SHA1_Update(CYASSL_SHA_CTX* sha, const void* input, + unsigned long sz) { CYASSL_ENTER("SHA1_Update"); SHA_Update(sha, input, sz); } - void SHA1_Final(byte* input, SHA_CTX* sha) + void CyaSSL_SHA1_Final(byte* input, CYASSL_SHA_CTX* sha) { CYASSL_ENTER("SHA1_Final"); SHA_Final(input, sha); } - const EVP_MD* EVP_md5(void) + const CYASSL_EVP_MD* CyaSSL_EVP_md5(void) { static const char* type = "MD5"; CYASSL_ENTER("EVP_md5"); @@ -2952,7 +2958,7 @@ int CyaSSL_set_compression(SSL* ssl) } - const EVP_MD* EVP_sha1(void) + const CYASSL_EVP_MD* CyaSSL_EVP_sha1(void) { static const char* type = "SHA"; CYASSL_ENTER("EVP_sha1"); @@ -2960,14 +2966,14 @@ int CyaSSL_set_compression(SSL* ssl) } - void EVP_MD_CTX_init(EVP_MD_CTX* ctx) + void CyaSSL_EVP_MD_CTX_init(CYASSL_EVP_MD_CTX* ctx) { (void)ctx; /* do nothing */ } - int EVP_MD_CTX_cleanup(EVP_MD_CTX* ctx) + int CyaSSL_EVP_MD_CTX_cleanup(CYASSL_EVP_MD_CTX* ctx) { CYASSL_ENTER("EVP_MD_CTX_cleanup"); (void)ctx; @@ -2975,16 +2981,16 @@ int CyaSSL_set_compression(SSL* ssl) } - int EVP_DigestInit(EVP_MD_CTX* ctx, const EVP_MD* type) + int CyaSSL_EVP_DigestInit(CYASSL_EVP_MD_CTX* ctx, const CYASSL_EVP_MD* type) { CYASSL_ENTER("EVP_DigestInit"); if (XSTRNCMP(type, "MD5", 3) == 0) { ctx->macType = MD5; - MD5_Init((MD5_CTX*)&ctx->hash); + CyaSSL_MD5_Init((MD5_CTX*)&ctx->hash); } else if (XSTRNCMP(type, "SHA", 3) == 0) { ctx->macType = SHA; - SHA_Init((SHA_CTX*)&ctx->hash); + CyaSSL_SHA_Init((SHA_CTX*)&ctx->hash); } else return BAD_FUNC_ARG; @@ -2993,13 +2999,14 @@ int CyaSSL_set_compression(SSL* ssl) } - int EVP_DigestUpdate(EVP_MD_CTX* ctx, const void* data, unsigned long sz) + int CyaSSL_EVP_DigestUpdate(CYASSL_EVP_MD_CTX* ctx, const void* data, + unsigned long sz) { CYASSL_ENTER("EVP_DigestUpdate"); if (ctx->macType == MD5) - MD5_Update((MD5_CTX*)&ctx->hash, data, (unsigned long)sz); + CyaSSL_MD5_Update((MD5_CTX*)&ctx->hash, data, (unsigned long)sz); else if (ctx->macType == SHA) - SHA_Update((SHA_CTX*)&ctx->hash, data, (unsigned long)sz); + CyaSSL_SHA_Update((SHA_CTX*)&ctx->hash, data, (unsigned long)sz); else return BAD_FUNC_ARG; @@ -3007,15 +3014,16 @@ int CyaSSL_set_compression(SSL* ssl) } - int EVP_DigestFinal(EVP_MD_CTX* ctx, unsigned char* md, unsigned int* s) + int CyaSSL_EVP_DigestFinal(CYASSL_EVP_MD_CTX* ctx, unsigned char* md, + unsigned int* s) { CYASSL_ENTER("EVP_DigestFinal"); if (ctx->macType == MD5) { - MD5_Final(md, (MD5_CTX*)&ctx->hash); + CyaSSL_MD5_Final(md, (MD5_CTX*)&ctx->hash); if (s) *s = MD5_DIGEST_SIZE; } else if (ctx->macType == SHA) { - SHA_Final(md, (SHA_CTX*)&ctx->hash); + CyaSSL_SHA_Final(md, (SHA_CTX*)&ctx->hash); if (s) *s = SHA_DIGEST_SIZE; } else @@ -3025,15 +3033,17 @@ int CyaSSL_set_compression(SSL* ssl) } - int EVP_DigestFinal_ex(EVP_MD_CTX* ctx, unsigned char* md, unsigned int* s) + int CyaSSL_EVP_DigestFinal_ex(CYASSL_EVP_MD_CTX* ctx, unsigned char* md, + unsigned int* s) { CYASSL_ENTER("EVP_DigestFinal_ex"); return EVP_DigestFinal(ctx, md, s); } - unsigned char* HMAC(const EVP_MD* evp_md, const void* key, int key_len, - const unsigned char* d, int n, unsigned char* md, unsigned int* md_len) + unsigned char* CyaSSL_HMAC(const CYASSL_EVP_MD* evp_md, const void* key, + int key_len, const unsigned char* d, int n, + unsigned char* md, unsigned int* md_len) { Hmac hmac; @@ -3057,19 +3067,19 @@ int CyaSSL_set_compression(SSL* ssl) return md; } - void ERR_clear_error(void) + void CyaSSL_ERR_clear_error(void) { /* TODO: */ } - int RAND_status(void) + int CyaSSL_RAND_status(void) { return 1; /* CTaoCrypt provides enough seed internally */ } - int RAND_bytes(unsigned char* buf, int num) + int CyaSSL_RAND_bytes(unsigned char* buf, int num) { RNG rng; @@ -3083,7 +3093,8 @@ int CyaSSL_set_compression(SSL* ssl) } - int DES_key_sched(const_DES_cblock* key, DES_key_schedule* schedule) + int CyaSSL_DES_key_sched(CYASSL_const_DES_cblock* key, + CYASSL_DES_key_schedule* schedule) { CYASSL_ENTER("DES_key_sched"); XMEMCPY(schedule, key, sizeof(const_DES_cblock)); @@ -3091,8 +3102,9 @@ int CyaSSL_set_compression(SSL* ssl) } - void DES_cbc_encrypt(const unsigned char* input, unsigned char* output, - long length, DES_key_schedule* schedule, DES_cblock* ivec, + void CyaSSL_DES_cbc_encrypt(const unsigned char* input, + unsigned char* output, long length, + CYASSL_DES_key_schedule* schedule, CYASSL_DES_cblock* ivec, int enc) { Des myDes; @@ -3107,8 +3119,9 @@ int CyaSSL_set_compression(SSL* ssl) /* correctly sets ivec for next call */ - void DES_ncbc_encrypt(const unsigned char* input, unsigned char* output, - long length, DES_key_schedule* schedule, DES_cblock* ivec, + void CyaSSL_DES_ncbc_encrypt(const unsigned char* input, + unsigned char* output, long length, + CYASSL_DES_key_schedule* schedule, CYASSL_DES_cblock* ivec, int enc) { Des myDes; @@ -3124,32 +3137,32 @@ int CyaSSL_set_compression(SSL* ssl) } - void ERR_free_strings(void) + void CyaSSL_ERR_free_strings(void) { /* handled internally */ } - void ERR_remove_state(unsigned long state) + void CyaSSL_ERR_remove_state(unsigned long state) { /* TODO: GetErrors().Remove(); */ (void)state; } - void EVP_cleanup(void) + void CyaSSL_EVP_cleanup(void) { /* nothing to do here */ } - void CRYPTO_cleanup_all_ex_data(void) + void CyaSSL_cleanup_all_ex_data(void) { /* nothing to do here */ } - long SSL_CTX_set_mode(SSL_CTX* ctx, long mode) + long CyaSSL_CTX_set_mode(CYASSL_CTX* ctx, long mode) { /* SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER is CyaSSL default mode */ @@ -3161,7 +3174,7 @@ int CyaSSL_set_compression(SSL* ssl) } - long SSL_CTX_get_mode(SSL_CTX* ctx) + long CyaSSL_CTX_get_mode(CYASSL_CTX* ctx) { /* TODO: */ (void)ctx; @@ -3169,7 +3182,7 @@ int CyaSSL_set_compression(SSL* ssl) } - void SSL_CTX_set_default_read_ahead(SSL_CTX* ctx, int m) + void CyaSSL_CTX_set_default_read_ahead(CYASSL_CTX* ctx, int m) { /* TODO: maybe? */ (void)ctx; @@ -3177,7 +3190,7 @@ int CyaSSL_set_compression(SSL* ssl) } - int SSL_CTX_set_session_id_context(SSL_CTX* ctx, + int CyaSSL_CTX_set_session_id_context(CYASSL_CTX* ctx, const unsigned char* sid_ctx, unsigned int sid_ctx_len) { @@ -3189,14 +3202,14 @@ int CyaSSL_set_compression(SSL* ssl) } - long SSL_CTX_sess_get_cache_size(SSL_CTX* ctx) + long CyaSSL_CTX_sess_get_cache_size(CYASSL_CTX* ctx) { /* TODO: maybe? */ (void)ctx; return (~0); } - unsigned long ERR_get_error_line_data(const char** file, int* line, + unsigned long CyaSSL_ERR_get_error_line_data(const char** file, int* line, const char** data, int *flags) { /* Not implemented */ @@ -3208,7 +3221,7 @@ int CyaSSL_set_compression(SSL* ssl) } - X509* SSL_get_peer_certificate(SSL* ssl) + CYASSL_X509* CyaSSL_get_peer_certificate(CYASSL* ssl) { CYASSL_ENTER("SSL_get_peer_certificate"); if (ssl->peerCert.issuer.sz) @@ -3219,7 +3232,7 @@ int CyaSSL_set_compression(SSL* ssl) - int SSL_set_ex_data(SSL* ssl, int idx, void* data) + int CyaSSL_set_ex_data(CYASSL* ssl, int idx, void* data) { (void)ssl; (void)idx; @@ -3228,14 +3241,14 @@ int CyaSSL_set_compression(SSL* ssl) } - int SSL_get_shutdown(const SSL* ssl) + int CyaSSL_get_shutdown(const CYASSL* ssl) { (void)ssl; return 0; } - int SSL_set_session_id_context(SSL* ssl, const unsigned char* id, + int CyaSSL_set_session_id_context(CYASSL* ssl, const unsigned char* id, unsigned int len) { (void)ssl; @@ -3245,26 +3258,26 @@ int CyaSSL_set_compression(SSL* ssl) } - void SSL_set_connect_state(SSL* ssl) + void CyaSSL_set_connect_state(CYASSL* ssl) { (void)ssl; /* client by default */ } - int SSL_session_reused(SSL* ssl) + int CyaSSL_session_reused(CYASSL* ssl) { return ssl->options.resuming; } - void SSL_SESSION_free(SSL_SESSION* session) + void CYASSL_SESSION_free(CYASSL_SESSION* session) { (void)session; } - const char* SSL_get_version(SSL* ssl) + const char* CyaSSL_get_version(CYASSL* ssl) { CYASSL_ENTER("SSL_get_version"); if (ssl->version.major == SSLv3_MAJOR) { @@ -3287,14 +3300,14 @@ int CyaSSL_set_compression(SSL* ssl) } - SSL_CIPHER* SSL_get_current_cipher(SSL* ssl) + CYASSL_CIPHER* CyaSSL_get_current_cipher(CYASSL* ssl) { CYASSL_ENTER("SSL_get_current_cipher"); return &ssl->cipher; } - const char* SSL_CIPHER_get_name(const SSL_CIPHER* cipher) + const char* CyaSSL_CIPHER_get_name(const CYASSL_CIPHER* cipher) { CYASSL_ENTER("SSL_CIPHER_get_name"); if (cipher) { @@ -3375,7 +3388,7 @@ int CyaSSL_set_compression(SSL* ssl) } - char* SSL_CIPHER_description(SSL_CIPHER* cipher, char* in, int len) + char* CyaSSL_CIPHER_description(CYASSL_CIPHER* cipher, char* in, int len) { (void)cipher; (void)in; @@ -3384,26 +3397,29 @@ int CyaSSL_set_compression(SSL* ssl) } - SSL_SESSION* SSL_get1_session(SSL* ssl) /* what's ref count */ + CYASSL_SESSION* CyaSSL_get1_session(CYASSL* ssl) /* what's ref count */ { (void)ssl; return 0; } - void X509_free(X509* buf) + void CyaSSL_X509_free(CYASSL_X509* buf) { (void)buf; } + /* was do nothing */ + /* void OPENSSL_free(void* buf) { (void)buf; } + */ - int OCSP_parse_url(char* url, char** host, char** port, char** path, + int CyaSSL_OCSP_parse_url(char* url, char** host, char** port, char** path, int* ssl) { (void)url; @@ -3415,13 +3431,13 @@ int CyaSSL_set_compression(SSL* ssl) } - SSL_METHOD* SSLv2_client_method(void) + CYASSL_METHOD* CyaSSLv2_client_method(void) { return 0; } - SSL_METHOD* SSLv2_server_method(void) + CYASSL_METHOD* CyaSSLv2_server_method(void) { return 0; } @@ -3429,7 +3445,7 @@ int CyaSSL_set_compression(SSL* ssl) #ifndef NO_MD4 - void MD4_Init(MD4_CTX* md4) + void CyaSSL_MD4_Init(CYASSL_MD4_CTX* md4) { /* make sure we have a big enough buffer */ typedef char ok[sizeof(md4->buffer) >= sizeof(Md4) ? 1 : -1]; @@ -3440,14 +3456,15 @@ int CyaSSL_set_compression(SSL* ssl) } - void MD4_Update(MD4_CTX* md4, const void* data, unsigned long len) + void CyaSSL_MD4_Update(CYASSL_MD4_CTX* md4, const void* data, + unsigned long len) { CYASSL_ENTER("MD4_Update"); Md4Update((Md4*)md4, (const byte*)data, (word32)len); } - void MD4_Final(unsigned char* digest, MD4_CTX* md4) + void CyaSSL_MD4_Final(unsigned char* digest, CYASSL_MD4_CTX* md4) { CYASSL_ENTER("MD4_Final"); Md4Final((Md4*)md4, digest); @@ -3456,14 +3473,14 @@ int CyaSSL_set_compression(SSL* ssl) #endif /* NO_MD4 */ - BIO* BIO_pop(BIO* top) + CYASSL_BIO* CyaSSL_BIO_pop(CYASSL_BIO* top) { (void)top; return 0; } - int BIO_pending(BIO* bio) + int CyaSSL_BIO_pending(CYASSL_BIO* bio) { (void)bio; return 0; @@ -3471,19 +3488,19 @@ int CyaSSL_set_compression(SSL* ssl) - BIO_METHOD* BIO_s_mem(void) + CYASSL_BIO_METHOD* CyaSSL_BIO_s_mem(void) { return 0; } - BIO_METHOD* BIO_f_base64(void) + CYASSL_BIO_METHOD* CyaSSL_BIO_f_base64(void) { return 0; } - void BIO_set_flags(BIO* bio, int flags) + void CyaSSL_BIO_set_flags(CYASSL_BIO* bio, int flags) { (void)bio; (void)flags; @@ -3491,13 +3508,13 @@ int CyaSSL_set_compression(SSL* ssl) - void RAND_screen(void) + void CyaSSL_RAND_screen(void) { } - const char* RAND_file_name(char* fname, unsigned long len) + const char* CyaSSL_RAND_file_name(char* fname, unsigned long len) { (void)fname; (void)len; @@ -3505,14 +3522,14 @@ int CyaSSL_set_compression(SSL* ssl) } - int RAND_write_file(const char* fname) + int CyaSSL_RAND_write_file(const char* fname) { (void)fname; return 0; } - int RAND_load_file(const char* fname, long len) + int CyaSSL_RAND_load_file(const char* fname, long len) { (void)fname; /* CTaoCrypt provides enough entropy internally or will report error */ @@ -3523,7 +3540,7 @@ int CyaSSL_set_compression(SSL* ssl) } - int RAND_egd(const char* path) + int CyaSSL_RAND_egd(const char* path) { (void)path; return 0; @@ -3531,19 +3548,19 @@ int CyaSSL_set_compression(SSL* ssl) - COMP_METHOD* COMP_zlib(void) + CYASSL_COMP_METHOD* CyaSSL_COMP_zlib(void) { return 0; } - COMP_METHOD* COMP_rle(void) + CYASSL_COMP_METHOD* CyaSSL_COMP_rle(void) { return 0; } - int SSL_COMP_add_compression_method(int method, void* data) + int CyaSSL_COMP_add_compression_method(int method, void* data) { (void)method; (void)data; @@ -3552,7 +3569,7 @@ int CyaSSL_set_compression(SSL* ssl) - int SSL_get_ex_new_index(long idx, void* data, void* cb1, void* cb2, + int CyaSSL_get_ex_new_index(long idx, void* data, void* cb1, void* cb2, void* cb3) { (void)idx; @@ -3564,29 +3581,29 @@ int CyaSSL_set_compression(SSL* ssl) } - void CRYPTO_set_dynlock_create_callback(CRYPTO_dynlock_value* (*f)( + void CyaSSL_set_dynlock_create_callback(CYASSL_dynlock_value* (*f)( const char*, int)) { (void)f; } - void CRYPTO_set_dynlock_lock_callback(void (*f)(int, CRYPTO_dynlock_value*, - const char*, int)) + void CyaSSL_set_dynlock_lock_callback( + void (*f)(int, CYASSL_dynlock_value*, const char*, int)) { (void)f; } - void CRYPTO_set_dynlock_destroy_callback(void (*f)(CRYPTO_dynlock_value*, - const char*, int)) + void CyaSSL_set_dynlock_destroy_callback( + void (*f)(CYASSL_dynlock_value*, const char*, int)) { (void)f; } - const char* X509_verify_cert_error_string(long err) + const char* CyaSSL_X509_verify_cert_error_string(long err) { (void)err; return 0; @@ -3594,7 +3611,8 @@ int CyaSSL_set_compression(SSL* ssl) - int X509_LOOKUP_add_dir(X509_LOOKUP* lookup, const char* dir, long len) + int CyaSSL_X509_LOOKUP_add_dir(CYASSL_X509_LOOKUP* lookup, const char* dir, + long len) { (void)lookup; (void)dir; @@ -3603,7 +3621,8 @@ int CyaSSL_set_compression(SSL* ssl) } - int X509_LOOKUP_load_file(X509_LOOKUP* lookup, const char* file, long len) + int CyaSSL_X509_LOOKUP_load_file(CYASSL_X509_LOOKUP* lookup, + const char* file, long len) { (void)lookup; (void)file; @@ -3612,20 +3631,21 @@ int CyaSSL_set_compression(SSL* ssl) } - X509_LOOKUP_METHOD* X509_LOOKUP_hash_dir(void) + CYASSL_X509_LOOKUP_METHOD* CyaSSL_X509_LOOKUP_hash_dir(void) { return 0; } - X509_LOOKUP_METHOD* X509_LOOKUP_file(void) + CYASSL_X509_LOOKUP_METHOD* CyaSSL_X509_LOOKUP_file(void) { return 0; } - X509_LOOKUP* X509_STORE_add_lookup(X509_STORE* store, X509_LOOKUP_METHOD* m) + CYASSL_X509_LOOKUP* CyaSSL_X509_STORE_add_lookup(CYASSL_X509_STORE* store, + CYASSL_X509_LOOKUP_METHOD* m) { (void)store; (void)m; @@ -3633,14 +3653,14 @@ int CyaSSL_set_compression(SSL* ssl) } - X509_STORE* X509_STORE_new(void) + CYASSL_X509_STORE* CyaSSL_X509_STORE_new(void) { return 0; } - int X509_STORE_get_by_subject(X509_STORE_CTX* ctx, int idx, X509_NAME* name, - X509_OBJECT* obj) + int CyaSSL_X509_STORE_get_by_subject(CYASSL_X509_STORE_CTX* ctx, int idx, + CYASSL_X509_NAME* name, CYASSL_X509_OBJECT* obj) { (void)ctx; (void)idx; @@ -3650,8 +3670,8 @@ int CyaSSL_set_compression(SSL* ssl) } - int X509_STORE_CTX_init(X509_STORE_CTX* ctx, X509_STORE* store, X509* x509, - STACK_OF(X509)* sk) + int CyaSSL_X509_STORE_CTX_init(CYASSL_X509_STORE_CTX* ctx, + CYASSL_X509_STORE* store, CYASSL_X509* x509, STACK_OF(CYASSL_X509)* sk) { (void)ctx; (void)store; @@ -3661,21 +3681,21 @@ int CyaSSL_set_compression(SSL* ssl) } - void X509_STORE_CTX_cleanup(X509_STORE_CTX* ctx) + void CyaSSL_X509_STORE_CTX_cleanup(CYASSL_X509_STORE_CTX* ctx) { (void)ctx; } - ASN1_TIME* X509_CRL_get_lastUpdate(X509_CRL* crl) + CYASSL_ASN1_TIME* CyaSSL_X509_CRL_get_lastUpdate(CYASSL_X509_CRL* crl) { (void)crl; return 0; } - ASN1_TIME* X509_CRL_get_nextUpdate(X509_CRL* crl) + CYASSL_ASN1_TIME* CyaSSL_X509_CRL_get_nextUpdate(CYASSL_X509_CRL* crl) { (void)crl; return 0; @@ -3683,14 +3703,14 @@ int CyaSSL_set_compression(SSL* ssl) - EVP_PKEY* X509_get_pubkey(X509* x509) + CYASSL_EVP_PKEY* CyaSSL_X509_get_pubkey(CYASSL_X509* x509) { (void)x509; return 0; } - int X509_CRL_verify(X509_CRL* crl, EVP_PKEY* key) + int CyaSSL_X509_CRL_verify(CYASSL_X509_CRL* crl, CYASSL_EVP_PKEY* key) { (void)crl; (void)key; @@ -3698,33 +3718,33 @@ int CyaSSL_set_compression(SSL* ssl) } - void X509_STORE_CTX_set_error(X509_STORE_CTX* ctx, int err) + void CyaSSL_X509_STORE_CTX_set_error(CYASSL_X509_STORE_CTX* ctx, int err) { (void)ctx; (void)err; } - void X509_OBJECT_free_contents(X509_OBJECT* obj) + void CyaSSL_X509_OBJECT_free_contents(CYASSL_X509_OBJECT* obj) { (void)obj; } - void EVP_PKEY_free(EVP_PKEY* key) + void CyaSSL_EVP_PKEY_free(CYASSL_EVP_PKEY* key) { (void)key; } - int X509_cmp_current_time(const ASN1_TIME* asnTime) + int CyaSSL_X509_cmp_current_time(const CYASSL_ASN1_TIME* asnTime) { (void)asnTime; return 0; } - int sk_X509_REVOKED_num(X509_REVOKED* revoked) + int CyaSSL_sk_X509_REVOKED_num(CYASSL_X509_REVOKED* revoked) { (void)revoked; return 0; @@ -3732,14 +3752,15 @@ int CyaSSL_set_compression(SSL* ssl) - X509_REVOKED* X509_CRL_get_REVOKED(X509_CRL* crl) + CYASSL_X509_REVOKED* CyaSSL_X509_CRL_get_REVOKED(CYASSL_X509_CRL* crl) { (void)crl; return 0; } - X509_REVOKED* sk_X509_REVOKED_value(X509_REVOKED* revoked, int value) + CYASSL_X509_REVOKED* CyaSSL_sk_X509_REVOKED_value( + CYASSL_X509_REVOKED* revoked, int value) { (void)revoked; (void)value; @@ -3748,7 +3769,7 @@ int CyaSSL_set_compression(SSL* ssl) - ASN1_INTEGER* X509_get_serialNumber(X509* x509) + CYASSL_ASN1_INTEGER* CyaSSL_X509_get_serialNumber(CYASSL_X509* x509) { (void)x509; return 0; @@ -3756,7 +3777,7 @@ int CyaSSL_set_compression(SSL* ssl) - int ASN1_TIME_print(BIO* bio, const ASN1_TIME* asnTime) + int CyaSSL_ASN1_TIME_print(CYASSL_BIO* bio, const CYASSL_ASN1_TIME* asnTime) { (void)bio; (void)asnTime; @@ -3765,7 +3786,8 @@ int CyaSSL_set_compression(SSL* ssl) - int ASN1_INTEGER_cmp(const ASN1_INTEGER* a, const ASN1_INTEGER* b) + int CyaSSL_ASN1_INTEGER_cmp(const CYASSL_ASN1_INTEGER* a, + const CYASSL_ASN1_INTEGER* b) { (void)a; (void)b; @@ -3773,7 +3795,7 @@ int CyaSSL_set_compression(SSL* ssl) } - long ASN1_INTEGER_get(const ASN1_INTEGER* i) + long CyaSSL_ASN1_INTEGER_get(const CYASSL_ASN1_INTEGER* i) { (void)i; return 0; @@ -3781,7 +3803,7 @@ int CyaSSL_set_compression(SSL* ssl) - void* X509_STORE_CTX_get_ex_data(X509_STORE_CTX* ctx, int idx) + void* CyaSSL_X509_STORE_CTX_get_ex_data(CYASSL_X509_STORE_CTX* ctx, int idx) { (void)ctx; (void)idx; @@ -3789,13 +3811,13 @@ int CyaSSL_set_compression(SSL* ssl) } - int SSL_get_ex_data_X509_STORE_CTX_idx(void) + int CyaSSL_get_ex_data_X509_STORE_CTX_idx(void) { return 0; } - void* SSL_get_ex_data(const SSL* ssl, int idx) + void* CyaSSL_get_ex_data(const CYASSL* ssl, int idx) { (void)ssl; (void)idx; @@ -3803,7 +3825,7 @@ int CyaSSL_set_compression(SSL* ssl) } - long SSL_CTX_set_timeout(SSL_CTX* ctx, long to) + long CyaSSL_CTX_set_timeout(CYASSL_CTX* ctx, long to) { (void)ctx; (void)to; @@ -3811,41 +3833,41 @@ int CyaSSL_set_compression(SSL* ssl) } - void SSL_CTX_set_info_callback(SSL_CTX* ctx, void (*f)(void)) + void CyaSSL_CTX_set_info_callback(CYASSL_CTX* ctx, void (*f)(void)) { (void)ctx; (void)f; } - unsigned long ERR_peek_error(void) + unsigned long CyaSSL_ERR_peek_error(void) { return 0; } - int ERR_GET_REASON(int err) + int CyaSSL_ERR_GET_REASON(int err) { (void)err; return 0; } - char* SSL_alert_type_string_long(int alertID) + char* CyaSSL_alert_type_string_long(int alertID) { (void)alertID; return 0; } - char* SSL_alert_desc_string_long(int alertID) + char* CyaSSL_alert_desc_string_long(int alertID) { (void)alertID; return 0; } - char* SSL_state_string_long(SSL* ssl) + char* CyaSSL_state_string_long(CYASSL* ssl) { (void)ssl; return 0; @@ -3853,13 +3875,13 @@ int CyaSSL_set_compression(SSL* ssl) - void RSA_free(RSA* rsa) + void CyaSSL_RSA_free(CYASSL_RSA* rsa) { (void)rsa; } - int PEM_def_callback(char* name, int num, int w, void* key) + int CyaSSL_PEM_def_callback(char* name, int num, int w, void* key) { (void)name; (void)num; @@ -3869,105 +3891,106 @@ int CyaSSL_set_compression(SSL* ssl) } - long SSL_CTX_sess_accept(SSL_CTX* ctx) + long CyaSSL_CTX_sess_accept(CYASSL_CTX* ctx) { (void)ctx; return 0; } - long SSL_CTX_sess_connect(SSL_CTX* ctx) + long CyaSSL_CTX_sess_connect(CYASSL_CTX* ctx) { (void)ctx; return 0; } - long SSL_CTX_sess_accept_good(SSL_CTX* ctx) + long CyaSSL_CTX_sess_accept_good(CYASSL_CTX* ctx) { (void)ctx; return 0; } - long SSL_CTX_sess_connect_good(SSL_CTX* ctx) + long CyaSSL_CTX_sess_connect_good(CYASSL_CTX* ctx) { (void)ctx; return 0; } - long SSL_CTX_sess_accept_renegotiate(SSL_CTX* ctx) + long CyaSSL_CTX_sess_accept_renegotiate(CYASSL_CTX* ctx) { (void)ctx; return 0; } - long SSL_CTX_sess_connect_renegotiate(SSL_CTX* ctx) + long CyaSSL_CTX_sess_connect_renegotiate(CYASSL_CTX* ctx) { (void)ctx; return 0; } - long SSL_CTX_sess_hits(SSL_CTX* ctx) + long CyaSSL_CTX_sess_hits(CYASSL_CTX* ctx) { (void)ctx; return 0; } - long SSL_CTX_sess_cb_hits(SSL_CTX* ctx) + long CyaSSL_CTX_sess_cb_hits(CYASSL_CTX* ctx) { (void)ctx; return 0; } - long SSL_CTX_sess_cache_full(SSL_CTX* ctx) + long CyaSSL_CTX_sess_cache_full(CYASSL_CTX* ctx) { (void)ctx; return 0; } - long SSL_CTX_sess_misses(SSL_CTX* ctx) + long CyaSSL_CTX_sess_misses(CYASSL_CTX* ctx) { (void)ctx; return 0; } - long SSL_CTX_sess_timeouts(SSL_CTX* ctx) + long CyaSSL_CTX_sess_timeouts(CYASSL_CTX* ctx) { (void)ctx; return 0; } - long SSL_CTX_sess_number(SSL_CTX* ctx) + long CyaSSL_CTX_sess_number(CYASSL_CTX* ctx) { (void)ctx; return 0; } - void DES_set_key_unchecked(const_DES_cblock* myDes, DES_key_schedule* key) + void CyaSSL_DES_set_key_unchecked(CYASSL_const_DES_cblock* myDes, + CYASSL_DES_key_schedule* key) { (void)myDes; (void)key; } - void DES_set_odd_parity(DES_cblock* myDes) + void CyaSSL_DES_set_odd_parity(CYASSL_DES_cblock* myDes) { (void)myDes; } - void DES_ecb_encrypt(DES_cblock* desa, DES_cblock* desb, - DES_key_schedule* key, int len) + void CyaSSL_DES_ecb_encrypt(CYASSL_DES_cblock* desa, + CYASSL_DES_cblock* desb, CYASSL_DES_key_schedule* key, int len) { (void)desa; (void)desb; @@ -3975,7 +3998,7 @@ int CyaSSL_set_compression(SSL* ssl) (void)len; } - int BIO_printf(BIO* bio, const char* format, ...) + int CyaSSL_BIO_printf(CYASSL_BIO* bio, const char* format, ...) { (void)bio; (void)format; @@ -3983,7 +4006,7 @@ int CyaSSL_set_compression(SSL* ssl) } - int ASN1_UTCTIME_print(BIO* bio, const ASN1_UTCTIME* a) + int CyaSSL_ASN1_UTCTIME_print(CYASSL_BIO* bio, const CYASSL_ASN1_UTCTIME* a) { (void)bio; (void)a; @@ -3991,14 +4014,14 @@ int CyaSSL_set_compression(SSL* ssl) } - int sk_num(X509_REVOKED* rev) + int CyaSSL_sk_num(CYASSL_X509_REVOKED* rev) { (void)rev; return 0; } - void* sk_value(X509_REVOKED* rev, int i) + void* CyaSSL_sk_value(CYASSL_X509_REVOKED* rev, int i) { (void)rev; (void)i; @@ -4007,7 +4030,7 @@ int CyaSSL_set_compression(SSL* ssl) /* stunnel 4.28 needs */ - void* SSL_CTX_get_ex_data(const SSL_CTX* ctx, int d) + void* CyaSSL_CTX_get_ex_data(const CYASSL_CTX* ctx, int d) { (void)ctx; (void)d; @@ -4015,7 +4038,7 @@ int CyaSSL_set_compression(SSL* ssl) } - int SSL_CTX_set_ex_data(SSL_CTX* ctx, int d, void* p) + int CyaSSL_CTX_set_ex_data(CYASSL_CTX* ctx, int d, void* p) { (void)ctx; (void)d; @@ -4024,39 +4047,40 @@ int CyaSSL_set_compression(SSL* ssl) } - void SSL_CTX_sess_set_get_cb(SSL_CTX* ctx, SSL_SESSION*(*f)(SSL*, - unsigned char*, int, int*)) + void CyaSSL_CTX_sess_set_get_cb(CYASSL_CTX* ctx, + CYASSL_SESSION*(*f)(CYASSL*, unsigned char*, int, int*)) { (void)ctx; (void)f; } - void SSL_CTX_sess_set_new_cb(SSL_CTX* ctx, int (*f)(SSL*, SSL_SESSION*)) + void CyaSSL_CTX_sess_set_new_cb(CYASSL_CTX* ctx, + int (*f)(CYASSL*, CYASSL_SESSION*)) { (void)ctx; (void)f; } - void SSL_CTX_sess_set_remove_cb(SSL_CTX* ctx, void (*f)(SSL_CTX*, - SSL_SESSION*)) + void CyaSSL_CTX_sess_set_remove_cb(CYASSL_CTX* ctx, void (*f)(CYASSL_CTX*, + CYASSL_SESSION*)) { (void)ctx; (void)f; } - int i2d_SSL_SESSION(SSL_SESSION* sess, unsigned char** p) + int CyaSSL_i2d_SSL_SESSION(CYASSL_SESSION* sess, unsigned char** p) { (void)sess; (void)p; - return sizeof(SSL_SESSION); + return sizeof(CYASSL_SESSION); } - SSL_SESSION* d2i_SSL_SESSION(SSL_SESSION** sess, const unsigned char** p, - long i) + CYASSL_SESSION* CyaSSL_d2i_SSL_SESSION(CYASSL_SESSION** sess, + const unsigned char** p, long i) { (void)p; (void)i; @@ -4066,21 +4090,22 @@ int CyaSSL_set_compression(SSL* ssl) } - long SSL_SESSION_get_timeout(const SSL_SESSION* sess) + long CyaSSL_SESSION_get_timeout(const CYASSL_SESSION* sess) { - CYASSL_ENTER("SSL_SESSION_get_timeout"); + CYASSL_ENTER("CyaSSL_SESSION_get_timeout"); return sess->timeout; } - long SSL_SESSION_get_time(const SSL_SESSION* sess) + long CyaSSL_SESSION_get_time(const CYASSL_SESSION* sess) { - CYASSL_ENTER("SSL_SESSION_get_time"); + CYASSL_ENTER("CyaSSL_SESSION_get_time"); return sess->bornOn; } - int SSL_CTX_get_ex_new_index(long idx, void* arg, void* a, void* b, void* c) + int CyaSSL_CTX_get_ex_new_index(long idx, void* arg, void* a, void* b, + void* c) { (void)idx; (void)arg; @@ -4093,7 +4118,7 @@ int CyaSSL_set_compression(SSL* ssl) /* write X509 serial number in unsigned binary to buffer buffer needs to be at least EXTERNAL_SERIAL_SIZE (32) for all cases return 0 on success */ - int CyaSSL_X509_get_serial_number(X509* x509, byte* in, int* inOutSz) + int CyaSSL_X509_get_serial_number(CYASSL_X509* x509, byte* in, int* inOutSz) { CYASSL_ENTER("CyaSSL_X509_get_serial_number"); if (x509 == NULL || in == NULL || *inOutSz < x509->serialSz) @@ -4112,7 +4137,7 @@ int CyaSSL_set_compression(SSL* ssl) /* Get peer's certificate chain */ -X509_CHAIN* CyaSSL_get_peer_chain(SSL* ssl) +CYASSL_X509_CHAIN* CyaSSL_get_peer_chain(CYASSL* ssl) { CYASSL_ENTER("CyaSSL_get_peer_chain"); if (ssl) @@ -4123,7 +4148,7 @@ X509_CHAIN* CyaSSL_get_peer_chain(SSL* ssl) /* Get peer's certificate chain total count */ -int CyaSSL_get_chain_count(X509_CHAIN* chain) +int CyaSSL_get_chain_count(CYASSL_X509_CHAIN* chain) { CYASSL_ENTER("CyaSSL_get_chain_count"); if (chain) @@ -4134,7 +4159,7 @@ int CyaSSL_get_chain_count(X509_CHAIN* chain) /* Get peer's ASN.1 DER ceritifcate at index (idx) length in bytes */ -int CyaSSL_get_chain_length(X509_CHAIN* chain, int idx) +int CyaSSL_get_chain_length(CYASSL_X509_CHAIN* chain, int idx) { CYASSL_ENTER("CyaSSL_get_chain_length"); if (chain) @@ -4145,7 +4170,7 @@ int CyaSSL_get_chain_length(X509_CHAIN* chain, int idx) /* Get peer's ASN.1 DER ceritifcate at index (idx) */ -byte* CyaSSL_get_chain_cert(X509_CHAIN* chain, int idx) +byte* CyaSSL_get_chain_cert(CYASSL_X509_CHAIN* chain, int idx) { CYASSL_ENTER("CyaSSL_get_chain_cert"); if (chain) @@ -4157,7 +4182,7 @@ byte* CyaSSL_get_chain_cert(X509_CHAIN* chain, int idx) /* Get peer's PEM ceritifcate at index (idx), output to buffer if inLen big enough else return error (-1), output length is in *outLen */ -int CyaSSL_get_chain_cert_pem(X509_CHAIN* chain, int idx, +int CyaSSL_get_chain_cert_pem(CYASSL_X509_CHAIN* chain, int idx, unsigned char* buffer, int inLen, int* outLen) { const char header[] = "-----BEGIN CERTIFICATE-----\n"; @@ -4198,7 +4223,7 @@ int CyaSSL_get_chain_cert_pem(X509_CHAIN* chain, int idx, /* get session ID */ -const byte* CyaSSL_get_sessionID(const SSL_SESSION* session) +const byte* CyaSSL_get_sessionID(const CYASSL_SESSION* session) { CYASSL_ENTER("CyaSSL_get_sessionID"); return session->sessionID; @@ -4206,7 +4231,7 @@ const byte* CyaSSL_get_sessionID(const SSL_SESSION* session) /* connect enough to get peer cert chain, no validation */ -int CyaSSL_connect_cert(SSL* ssl) +int CyaSSL_connect_cert(CYASSL* ssl) { int ret; byte oldVerify; @@ -4218,7 +4243,7 @@ int CyaSSL_connect_cert(SSL* ssl) ssl->options.verifyNone = 1; ssl->options.certOnly = 1; - ret = SSL_connect(ssl); + ret = CyaSSL_connect(ssl); ssl->options.verifyNone = oldVerify; ssl->options.certOnly = 0; diff --git a/src/tls.c b/src/tls.c index ca8ee692d..7c40dfe51 100644 --- a/src/tls.c +++ b/src/tls.c @@ -23,7 +23,7 @@ #include #endif -#include +#include #include #include #include @@ -126,7 +126,7 @@ static void PRF(byte* digest, word32 digLen, const byte* secret, word32 secLen, } -void BuildTlsFinished(SSL* ssl, Hashes* hashes, const byte* sender) +void BuildTlsFinished(CYASSL* ssl, Hashes* hashes, const byte* sender) { const byte* side; byte handshake_hash[FINISHED_SZ]; @@ -185,7 +185,7 @@ static const byte master_label[MASTER_LABEL_SZ + 1] = "master secret"; static const byte key_label [KEY_LABEL_SZ + 1] = "key expansion"; -int DeriveTlsKeys(SSL* ssl) +int DeriveTlsKeys(CYASSL* ssl) { int length = 2 * ssl->specs.hash_size + 2 * ssl->specs.key_size + @@ -203,7 +203,7 @@ int DeriveTlsKeys(SSL* ssl) } -int MakeTlsMasterSecret(SSL* ssl) +int MakeTlsMasterSecret(CYASSL* ssl) { byte seed[SEED_LEN]; @@ -249,7 +249,7 @@ static INLINE void c32toa(word32 u32, byte* c) } -static INLINE word32 GetSEQIncrement(SSL* ssl, int verify) +static INLINE word32 GetSEQIncrement(CYASSL* ssl, int verify) { #ifdef CYASSL_DTLS if (ssl->options.dtls) { @@ -268,7 +268,7 @@ static INLINE word32 GetSEQIncrement(SSL* ssl, int verify) #ifdef CYASSL_DTLS -static INLINE word32 GetEpoch(SSL* ssl, int verify) +static INLINE word32 GetEpoch(CYASSL* ssl, int verify) { if (verify) return ssl->keys.dtls_peer_epoch; @@ -279,7 +279,7 @@ static INLINE word32 GetEpoch(SSL* ssl, int verify) #endif /* CYASSL_DTLS */ -static INLINE const byte* GetMacSecret(SSL* ssl, int verify) +static INLINE const byte* GetMacSecret(CYASSL* ssl, int verify) { if ( (ssl->options.side == CLIENT_END && !verify) || (ssl->options.side == SERVER_END && verify) ) @@ -292,7 +292,7 @@ static INLINE const byte* GetMacSecret(SSL* ssl, int verify) /* TLS type HMAC */ -void TLS_hmac(SSL* ssl, byte* digest, const byte* in, word32 sz, +void TLS_hmac(CYASSL* ssl, byte* digest, const byte* in, word32 sz, int content, int verify) { Hmac hmac; @@ -329,20 +329,22 @@ void TLS_hmac(SSL* ssl, byte* digest, const byte* in, word32 sz, #ifndef NO_CYASSL_CLIENT - SSL_METHOD* TLSv1_client_method(void) + CYASSL_METHOD* CyaTLSv1_client_method(void) { - SSL_METHOD* method = (SSL_METHOD*) XMALLOC(sizeof(SSL_METHOD), 0, - DYNAMIC_TYPE_METHOD); + CYASSL_METHOD* method = + (CYASSL_METHOD*) XMALLOC(sizeof(CYASSL_METHOD), 0, + DYNAMIC_TYPE_METHOD); if (method) InitSSL_Method(method, MakeTLSv1()); return method; } - SSL_METHOD* TLSv1_1_client_method(void) + CYASSL_METHOD* CyaTLSv1_1_client_method(void) { - SSL_METHOD* method = (SSL_METHOD*) XMALLOC(sizeof(SSL_METHOD), 0, - DYNAMIC_TYPE_METHOD); + CYASSL_METHOD* method = + (CYASSL_METHOD*) XMALLOC(sizeof(CYASSL_METHOD), 0, + DYNAMIC_TYPE_METHOD); if (method) InitSSL_Method(method, MakeTLSv1_1()); return method; @@ -351,10 +353,11 @@ void TLS_hmac(SSL* ssl, byte* digest, const byte* in, word32 sz, #ifndef NO_SHA256 /* can't use without SHA256 */ - SSL_METHOD* TLSv1_2_client_method(void) + CYASSL_METHOD* CyaTLSv1_2_client_method(void) { - SSL_METHOD* method = (SSL_METHOD*) XMALLOC(sizeof(SSL_METHOD), 0, - DYNAMIC_TYPE_METHOD); + CYASSL_METHOD* method = + (CYASSL_METHOD*) XMALLOC(sizeof(CYASSL_METHOD), 0, + DYNAMIC_TYPE_METHOD); if (method) InitSSL_Method(method, MakeTLSv1_2()); return method; @@ -363,10 +366,11 @@ void TLS_hmac(SSL* ssl, byte* digest, const byte* in, word32 sz, #endif - SSL_METHOD* SSLv23_client_method(void) + CYASSL_METHOD* CyaSSLv23_client_method(void) { - SSL_METHOD* method = (SSL_METHOD*) XMALLOC(sizeof(SSL_METHOD), 0, - DYNAMIC_TYPE_METHOD); + CYASSL_METHOD* method = + (CYASSL_METHOD*) XMALLOC(sizeof(CYASSL_METHOD), 0, + DYNAMIC_TYPE_METHOD); if (method) { #ifndef NO_SHA256 /* 1.2 requires SHA256 */ InitSSL_Method(method, MakeTLSv1_2()); @@ -385,10 +389,11 @@ void TLS_hmac(SSL* ssl, byte* digest, const byte* in, word32 sz, #ifndef NO_CYASSL_SERVER - SSL_METHOD* TLSv1_server_method(void) + CYASSL_METHOD* CyaTLSv1_server_method(void) { - SSL_METHOD* method = (SSL_METHOD*) XMALLOC(sizeof(SSL_METHOD), 0, - DYNAMIC_TYPE_METHOD); + CYASSL_METHOD* method = + (CYASSL_METHOD*) XMALLOC(sizeof(CYASSL_METHOD), 0, + DYNAMIC_TYPE_METHOD); if (method) { InitSSL_Method(method, MakeTLSv1()); method->side = SERVER_END; @@ -397,10 +402,11 @@ void TLS_hmac(SSL* ssl, byte* digest, const byte* in, word32 sz, } - SSL_METHOD* TLSv1_1_server_method(void) + CYASSL_METHOD* CyaTLSv1_1_server_method(void) { - SSL_METHOD* method = (SSL_METHOD*) XMALLOC(sizeof(SSL_METHOD), 0, - DYNAMIC_TYPE_METHOD); + CYASSL_METHOD* method = + (CYASSL_METHOD*) XMALLOC(sizeof(CYASSL_METHOD), 0, + DYNAMIC_TYPE_METHOD); if (method) { InitSSL_Method(method, MakeTLSv1_1()); method->side = SERVER_END; @@ -411,10 +417,11 @@ void TLS_hmac(SSL* ssl, byte* digest, const byte* in, word32 sz, #ifndef NO_SHA256 /* can't use without SHA256 */ - SSL_METHOD* TLSv1_2_server_method(void) + CYASSL_METHOD* CyaTLSv1_2_server_method(void) { - SSL_METHOD* method = (SSL_METHOD*) XMALLOC(sizeof(SSL_METHOD), 0, - DYNAMIC_TYPE_METHOD); + CYASSL_METHOD* method = + (CYASSL_METHOD*) XMALLOC(sizeof(CYASSL_METHOD), 0, + DYNAMIC_TYPE_METHOD); if (method) { InitSSL_Method(method, MakeTLSv1_2()); method->side = SERVER_END; @@ -425,10 +432,11 @@ void TLS_hmac(SSL* ssl, byte* digest, const byte* in, word32 sz, #endif - SSL_METHOD *SSLv23_server_method(void) + CYASSL_METHOD* CyaSSLv23_server_method(void) { - SSL_METHOD* method = (SSL_METHOD*) XMALLOC(sizeof(SSL_METHOD), 0, - DYNAMIC_TYPE_METHOD); + CYASSL_METHOD* method = + (CYASSL_METHOD*) XMALLOC(sizeof(CYASSL_METHOD), 0, + DYNAMIC_TYPE_METHOD); if (method) { #ifndef NO_SHA256 /* 1.2 requires SHA256 */ InitSSL_Method(method, MakeTLSv1_2()); @@ -448,19 +456,19 @@ void TLS_hmac(SSL* ssl, byte* digest, const byte* in, word32 sz, #else /* NO_TLS */ /* catch CyaSSL programming errors */ -void BuildTlsFinished(SSL* ssl, Hashes* hashes, const byte* sender) +void BuildTlsFinished(CYASSL* ssl, Hashes* hashes, const byte* sender) { } -int DeriveTlsKeys(SSL* ssl) +int DeriveTlsKeys(CYASSL* ssl) { return NOT_COMPILED_IN; } -int MakeTlsMasterSecret(SSL* ssl) +int MakeTlsMasterSecret(CYASSL* ssl) { return NOT_COMPILED_IN; }