add SSL set version, different from ctx version

cyassl/internal.h

@@ -475,9 +475,6 @@ struct CYASSL_BIO {
 struct CYASSL_METHOD {
     ProtocolVersion version;
     byte            side;         /* connection side, server or client */
-    byte            verifyPeer;   /* request or send certificate       */
-    byte            verifyNone;   /* whether to verify certificate     */
-    byte            failNoCert;   /* fail if no certificate            */
     byte            downgrade;    /* whether to downgrade version, default no */
 };
 

cyassl/ssl.h

@@ -769,10 +769,15 @@ CYASSL_API void CyaSSL_SetIOWriteCtx(CYASSL* ssl, void *ctx);
 
 /* CA cache callbacks */
 enum {
+    CYASSL_SSLV3    = 0,
+    CYASSL_TLSV1    = 1,
+    CYASSL_TLSV1_1  = 2,
+    CYASSL_TLSV1_2  = 3,
     CYASSL_USER_CA  = 1,          /* user added as trusted */
     CYASSL_CHAIN_CA = 2           /* added to cache from trusted chain */
 };
 
+CYASSL_API int CyaSSL_SetVersion(CYASSL* ssl, int version);
 CYASSL_API int CyaSSL_KeyPemToDer(const unsigned char*, int sz, unsigned char*,
                                   int, const char*);
 

src/internal.c

@@ -315,9 +315,6 @@ void InitSSL_Method(CYASSL_METHOD* method, ProtocolVersion pv)
 {
     method->version    = pv;
     method->side       = CLIENT_END;
-    method->verifyPeer = 0;
-    method->verifyNone = 0;
-    method->failNoCert = 0;
     method->downgrade  = 0;
 }
 
@@ -913,11 +910,11 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx)
     if (ssl->options.side == SERVER_END) 
         InitSuites(&ssl->suites, ssl->version,ssl->options.haveDH, havePSK,
                    ssl->options.haveNTRU, ssl->options.haveECDSA,
-                   ssl->options.haveStaticECC, ssl->ctx->method->side);
+                   ssl->options.haveStaticECC, ssl->options.side);
     else 
         InitSuites(&ssl->suites, ssl->version, TRUE, havePSK,
                    ssl->options.haveNTRU, ssl->options.haveECDSA,
-                   ssl->options.haveStaticECC, ssl->ctx->method->side);
+                   ssl->options.haveStaticECC, ssl->options.side);
 
 
 #ifdef SESSION_CERTS
@@ -5850,7 +5847,7 @@ int SetCipherList(Suites* s, const char* list)
 
             InitSuites(&ssl->suites, ssl->version, ssl->options.haveDH, havePSK,
                        ssl->options.haveNTRU, ssl->options.haveECDSA,
-                       ssl->options.haveStaticECC, ssl->ctx->method->side);
+                       ssl->options.haveStaticECC, ssl->options.side);
         }
 
         /* suite size */
@@ -5981,7 +5978,7 @@ int SetCipherList(Suites* s, const char* list)
 #endif
             InitSuites(&ssl->suites, ssl->version, ssl->options.haveDH, havePSK,
                        ssl->options.haveNTRU, ssl->options.haveECDSA,
-                       ssl->options.haveStaticECC, ssl->ctx->method->side);
+                       ssl->options.haveStaticECC, ssl->options.side);
         }
         /* random */
         XMEMCPY(ssl->arrays.clientRandom, input + i, RAN_LEN);

src/ssl.c

@@ -228,7 +228,7 @@ int CyaSSL_SetTmpDH(CYASSL* ssl, const unsigned char* p, int pSz,
     #endif
     InitSuites(&ssl->suites, ssl->version, ssl->options.haveDH,
                havePSK, ssl->options.haveNTRU, ssl->options.haveECDSA,
-               ssl->options.haveStaticECC, ssl->ctx->method->side);
+               ssl->options.haveStaticECC, ssl->options.side);
 
     CYASSL_LEAVE("CyaSSL_SetTmpDH", 0);
     return 0;
@@ -473,6 +473,51 @@ int CyaSSL_set_group_messages(CYASSL* ssl)
 }
 
 
+int CyaSSL_SetVersion(CYASSL* ssl, int version)
+{
+    byte havePSK = 0;
+
+    CYASSL_ENTER("CyaSSL_SetVersion");
+
+    if (ssl == NULL) {
+        CYASSL_MSG("Bad function argument");
+        return BAD_FUNC_ARG;
+    }
+
+    switch (version) {
+        case CYASSL_SSLV3:
+            ssl->version = MakeSSLv3();
+            break;
+
+        case CYASSL_TLSV1:
+            ssl->version = MakeTLSv1();
+            break;
+
+        case CYASSL_TLSV1_1:
+            ssl->version = MakeTLSv1_1();
+            break;
+
+        case CYASSL_TLSV1_2:
+            ssl->version = MakeTLSv1_2();
+            break;
+
+        default:
+            CYASSL_MSG("Bad function argument");
+            return BAD_FUNC_ARG;
+    }
+
+    #ifndef NO_PSK
+        havePSK = ssl->options.havePSK;
+    #endif
+
+    InitSuites(&ssl->suites, ssl->version, ssl->options.haveDH, havePSK,
+                ssl->options.haveNTRU, ssl->options.haveECDSA,
+                ssl->options.haveStaticECC, ssl->options.side);
+
+    return SSL_SUCCESS;
+}
+
+
 /* does CA already exist on signer list */
 int AlreadySigner(CYASSL_CERT_MANAGER* cm, byte* hash)
 {
@@ -2064,7 +2109,7 @@ int CyaSSL_set_cipher_list(CYASSL* ssl, const char* list)
 
         InitSuites(&ssl->suites, ssl->version, ssl->options.haveDH, havePSK,
                    ssl->options.haveNTRU, ssl->options.haveECDSA,
-                   ssl->options.haveStaticECC, ssl->ctx->method->side);
+                   ssl->options.haveStaticECC, ssl->options.side);
 
         return SSL_SUCCESS;
     }
@@ -3088,7 +3133,7 @@ int CyaSSL_set_compression(CYASSL* ssl)
 
         InitSuites(&ssl->suites, ssl->version,TRUE,TRUE, ssl->options.haveNTRU,
                    ssl->options.haveECDSA, ssl->options.haveStaticECC,
-                   ssl->ctx->method->side);
+                   ssl->options.side);
     }
 
 
@@ -3109,7 +3154,7 @@ int CyaSSL_set_compression(CYASSL* ssl)
 
         InitSuites(&ssl->suites, ssl->version, ssl->options.haveDH, TRUE,
                    ssl->options.haveNTRU, ssl->options.haveECDSA,
-                   ssl->options.haveStaticECC, ssl->ctx->method->side);
+                   ssl->options.haveStaticECC, ssl->options.side);
     }
 
 
@@ -3343,7 +3388,7 @@ int CyaSSL_set_compression(CYASSL* ssl)
 #endif
         InitSuites(&ssl->suites, ssl->version, ssl->options.haveDH, havePSK,
                    ssl->options.haveNTRU, ssl->options.haveECDSA,
-                   ssl->options.haveStaticECC, ssl->ctx->method->side);
+                   ssl->options.haveStaticECC, ssl->options.side);
     }